Date
June 17, 2025, 3:39 p.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
Automatically assigned
[ 33.351115] ================================================================== [ 33.351717] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xd0/0x1e0 [ 33.352230] Write of size 1 at addr ffff8881026ddf00 by task kunit_try_catch/148 [ 33.353241] [ 33.353437] CPU: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.354169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.354794] Call Trace: [ 33.355149] <TASK> [ 33.355436] dump_stack_lvl+0x4e/0x90 [ 33.355885] print_report+0xd2/0x650 [ 33.356303] ? __virt_addr_valid+0x156/0x1e0 [ 33.356621] ? kmalloc_large_oob_right+0xd0/0x1e0 [ 33.357103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.357646] ? kmalloc_large_oob_right+0xd0/0x1e0 [ 33.358259] kasan_report+0x147/0x180 [ 33.358583] ? kmalloc_large_oob_right+0xd0/0x1e0 [ 33.359103] __asan_store1+0x69/0x70 [ 33.359514] kmalloc_large_oob_right+0xd0/0x1e0 [ 33.359996] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 33.360338] ? __schedule+0x715/0x11a0 [ 33.360586] ? ktime_get_ts64+0x118/0x140 [ 33.361133] kunit_try_run_case+0x120/0x290 [ 33.361602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.362425] ? __kasan_check_write+0x18/0x20 [ 33.362707] ? trace_preempt_on+0x20/0xa0 [ 33.362984] ? __kthread_parkme+0x4f/0xd0 [ 33.363248] ? preempt_count_sub+0x50/0x80 [ 33.363509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.364090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.364677] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.365304] kthread+0x19e/0x1e0 [ 33.365694] ? __pfx_kthread+0x10/0x10 [ 33.366274] ret_from_fork+0x41/0x70 [ 33.366729] ? __pfx_kthread+0x10/0x10 [ 33.367182] ret_from_fork_asm+0x1b/0x30 [ 33.367642] </TASK> [ 33.367886] [ 33.368023] Allocated by task 148: [ 33.368223] kasan_save_stack+0x44/0x70 [ 33.368476] kasan_set_track+0x29/0x40 [ 33.368707] kasan_save_alloc_info+0x22/0x30 [ 33.369462] __kasan_kmalloc+0xb7/0xc0 [ 33.369755] kmalloc_trace+0x4c/0xb0 [ 33.370250] kmalloc_large_oob_right+0x9d/0x1e0 [ 33.370932] kunit_try_run_case+0x120/0x290 [ 33.371460] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.371850] kthread+0x19e/0x1e0 [ 33.372235] ret_from_fork+0x41/0x70 [ 33.372470] ret_from_fork_asm+0x1b/0x30 [ 33.372910] [ 33.373168] The buggy address belongs to the object at ffff8881026dc000 [ 33.373168] which belongs to the cache kmalloc-8k of size 8192 [ 33.374368] The buggy address is located 0 bytes to the right of [ 33.374368] allocated 7936-byte region [ffff8881026dc000, ffff8881026ddf00) [ 33.375458] [ 33.375602] The buggy address belongs to the physical page: [ 33.376056] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d8 [ 33.376583] head:(____ptrval____) order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.377223] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.378042] page_type: 0xffffffff() [ 33.378524] raw: 0200000000000840 ffff888100042280 dead000000000122 0000000000000000 [ 33.379076] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 33.379470] page dumped because: kasan: bad access detected [ 33.380003] [ 33.380247] Memory state around the buggy address: [ 33.380711] ffff8881026dde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.381248] ffff8881026dde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.381778] >ffff8881026ddf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.382528] ^ [ 33.382935] ffff8881026ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.383324] ffff8881026de000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.383689] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
Automatically assigned
[ 38.649141] ================================================================== [ 38.649684] BUG: KFENCE: memory corruption in test_corruption+0x10c/0x280 [ 38.649684] [ 38.650290] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#102): [ 38.651169] test_corruption+0x10c/0x280 [ 38.651582] kunit_try_run_case+0x120/0x290 [ 38.651984] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.652374] kthread+0x19e/0x1e0 [ 38.652620] ret_from_fork+0x41/0x70 [ 38.652999] ret_from_fork_asm+0x1b/0x30 [ 38.653289] [ 38.653443] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.653443] [ 38.653996] allocated by task 269 on cpu 0 at 38.648907s: [ 38.654370] test_alloc+0x1f9/0x8e0 [ 38.654604] test_corruption+0xdb/0x280 [ 38.654967] kunit_try_run_case+0x120/0x290 [ 38.655259] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.655583] kthread+0x19e/0x1e0 [ 38.655823] ret_from_fork+0x41/0x70 [ 38.656120] ret_from_fork_asm+0x1b/0x30 [ 38.656392] [ 38.656502] freed by task 269 on cpu 0 at 38.648997s: [ 38.656936] test_corruption+0x10c/0x280 [ 38.657214] kunit_try_run_case+0x120/0x290 [ 38.657487] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.657831] kthread+0x19e/0x1e0 [ 38.658062] ret_from_fork+0x41/0x70 [ 38.658340] ret_from_fork_asm+0x1b/0x30 [ 38.658613] [ 38.658749] CPU: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.659275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.659780] ================================================================== [ 38.753232] ================================================================== [ 38.753721] BUG: KFENCE: memory corruption in test_corruption+0x160/0x280 [ 38.753721] [ 38.754356] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#103): [ 38.754882] test_corruption+0x160/0x280 [ 38.755253] kunit_try_run_case+0x120/0x290 [ 38.755541] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.756057] kthread+0x19e/0x1e0 [ 38.756318] ret_from_fork+0x41/0x70 [ 38.756606] ret_from_fork_asm+0x1b/0x30 [ 38.756901] [ 38.757038] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.757038] [ 38.757984] allocated by task 269 on cpu 0 at 38.753002s: [ 38.758382] test_alloc+0x1f9/0x8e0 [ 38.758633] test_corruption+0x133/0x280 [ 38.758962] kunit_try_run_case+0x120/0x290 [ 38.759325] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.759638] kthread+0x19e/0x1e0 [ 38.760056] ret_from_fork+0x41/0x70 [ 38.760272] ret_from_fork_asm+0x1b/0x30 [ 38.760544] [ 38.760651] freed by task 269 on cpu 0 at 38.753088s: [ 38.761057] test_corruption+0x160/0x280 [ 38.761316] kunit_try_run_case+0x120/0x290 [ 38.761578] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.761832] kthread+0x19e/0x1e0 [ 38.762151] ret_from_fork+0x41/0x70 [ 38.762428] ret_from_fork_asm+0x1b/0x30 [ 38.762694] [ 38.762806] CPU: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.763484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.764022] ================================================================== [ 38.337205] ================================================================== [ 38.337730] BUG: KFENCE: memory corruption in test_corruption+0x1c0/0x280 [ 38.337730] [ 38.338403] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#99): [ 38.339433] test_corruption+0x1c0/0x280 [ 38.339764] kunit_try_run_case+0x120/0x290 [ 38.340091] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.340450] kthread+0x19e/0x1e0 [ 38.340682] ret_from_fork+0x41/0x70 [ 38.340981] ret_from_fork_asm+0x1b/0x30 [ 38.341237] [ 38.341397] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 38.341397] [ 38.342030] allocated by task 267 on cpu 0 at 38.336845s: [ 38.342412] test_alloc+0x2ad/0x8e0 [ 38.342674] test_corruption+0xdb/0x280 [ 38.342972] kunit_try_run_case+0x120/0x290 [ 38.343268] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.343597] kthread+0x19e/0x1e0 [ 38.343950] ret_from_fork+0x41/0x70 [ 38.344182] ret_from_fork_asm+0x1b/0x30 [ 38.344436] [ 38.344581] freed by task 267 on cpu 0 at 38.336977s: [ 38.344959] test_corruption+0x1c0/0x280 [ 38.345250] kunit_try_run_case+0x120/0x290 [ 38.345533] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.345871] kthread+0x19e/0x1e0 [ 38.346126] ret_from_fork+0x41/0x70 [ 38.346389] ret_from_fork_asm+0x1b/0x30 [ 38.346637] [ 38.346779] CPU: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.347291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.347744] ================================================================== [ 38.441412] ================================================================== [ 38.441947] BUG: KFENCE: memory corruption in test_corruption+0x20f/0x280 [ 38.441947] [ 38.442503] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#100): [ 38.442997] test_corruption+0x20f/0x280 [ 38.443393] kunit_try_run_case+0x120/0x290 [ 38.443707] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.444110] kthread+0x19e/0x1e0 [ 38.444354] ret_from_fork+0x41/0x70 [ 38.444610] ret_from_fork_asm+0x1b/0x30 [ 38.444992] [ 38.445115] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 38.445115] [ 38.445695] allocated by task 267 on cpu 0 at 38.441049s: [ 38.446039] test_alloc+0x2ad/0x8e0 [ 38.446335] test_corruption+0x133/0x280 [ 38.446611] kunit_try_run_case+0x120/0x290 [ 38.447042] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.447541] kthread+0x19e/0x1e0 [ 38.447836] ret_from_fork+0x41/0x70 [ 38.448213] ret_from_fork_asm+0x1b/0x30 [ 38.448466] [ 38.448568] freed by task 267 on cpu 0 at 38.441165s: [ 38.448975] test_corruption+0x20f/0x280 [ 38.449341] kunit_try_run_case+0x120/0x290 [ 38.449606] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.450029] kthread+0x19e/0x1e0 [ 38.450324] ret_from_fork+0x41/0x70 [ 38.450624] ret_from_fork_asm+0x1b/0x30 [ 38.451030] [ 38.451180] CPU: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.451727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.452282] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
Automatically assigned
[ 36.425844] ================================================================== [ 36.426568] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x166/0x2a0 [ 36.427327] Read of size 8 at addr ffff888102796b40 by task kunit_try_catch/230 [ 36.427692] [ 36.427847] CPU: 1 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.429645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.430263] Call Trace: [ 36.430591] <TASK> [ 36.430996] dump_stack_lvl+0x4e/0x90 [ 36.431515] print_report+0xd2/0x650 [ 36.431811] ? __virt_addr_valid+0x156/0x1e0 [ 36.432106] ? workqueue_uaf+0x166/0x2a0 [ 36.432665] ? kasan_complete_mode_report_info+0x64/0x200 [ 36.433195] ? workqueue_uaf+0x166/0x2a0 [ 36.434079] kasan_report+0x147/0x180 [ 36.434334] ? workqueue_uaf+0x166/0x2a0 [ 36.434740] __asan_load8+0x82/0xb0 [ 36.435053] workqueue_uaf+0x166/0x2a0 [ 36.435311] ? __pfx_workqueue_uaf+0x10/0x10 [ 36.435703] ? __schedule+0x715/0x11a0 [ 36.436018] ? ktime_get_ts64+0x118/0x140 [ 36.436317] kunit_try_run_case+0x120/0x290 [ 36.436702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.437096] ? __kasan_check_write+0x18/0x20 [ 36.437486] ? trace_preempt_on+0x20/0xa0 [ 36.437853] ? __kthread_parkme+0x4f/0xd0 [ 36.438171] ? preempt_count_sub+0x50/0x80 [ 36.438632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.438995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.439436] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.439831] kthread+0x19e/0x1e0 [ 36.440078] ? __pfx_kthread+0x10/0x10 [ 36.440374] ret_from_fork+0x41/0x70 [ 36.440731] ? __pfx_kthread+0x10/0x10 [ 36.441001] ret_from_fork_asm+0x1b/0x30 [ 36.441310] </TASK> [ 36.441549] [ 36.441690] Allocated by task 230: [ 36.441894] kasan_save_stack+0x44/0x70 [ 36.442187] kasan_set_track+0x29/0x40 [ 36.442525] kasan_save_alloc_info+0x22/0x30 [ 36.442941] __kasan_kmalloc+0xb7/0xc0 [ 36.443159] kmalloc_trace+0x4c/0xb0 [ 36.443403] workqueue_uaf+0xdb/0x2a0 [ 36.443634] kunit_try_run_case+0x120/0x290 [ 36.444149] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.444559] kthread+0x19e/0x1e0 [ 36.444795] ret_from_fork+0x41/0x70 [ 36.445113] ret_from_fork_asm+0x1b/0x30 [ 36.445440] [ 36.445563] Freed by task 23: [ 36.445792] kasan_save_stack+0x44/0x70 [ 36.446037] kasan_set_track+0x29/0x40 [ 36.446285] kasan_save_free_info+0x2f/0x50 [ 36.446728] ____kasan_slab_free+0x172/0x1d0 [ 36.447097] __kasan_slab_free+0x16/0x20 [ 36.447384] __kmem_cache_free+0x190/0x310 [ 36.447700] kfree+0x7c/0x120 [ 36.447940] workqueue_uaf_work+0x12/0x20 [ 36.448204] process_one_work+0x2fb/0x640 [ 36.448748] worker_thread+0x502/0x780 [ 36.449015] kthread+0x19e/0x1e0 [ 36.449252] ret_from_fork+0x41/0x70 [ 36.449569] ret_from_fork_asm+0x1b/0x30 [ 36.449975] [ 36.450098] Last potentially related work creation: [ 36.450333] kasan_save_stack+0x44/0x70 [ 36.450648] __kasan_record_aux_stack+0xb3/0xd0 [ 36.450919] kasan_record_aux_stack_noalloc+0xf/0x20 [ 36.451427] __queue_work.part.0+0x269/0x730 [ 36.451705] __queue_work+0x44/0xc0 [ 36.451937] queue_work_on+0x91/0xa0 [ 36.452199] workqueue_uaf+0x147/0x2a0 [ 36.452504] kunit_try_run_case+0x120/0x290 [ 36.452761] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.453141] kthread+0x19e/0x1e0 [ 36.453521] ret_from_fork+0x41/0x70 [ 36.453751] ret_from_fork_asm+0x1b/0x30 [ 36.454049] [ 36.454180] The buggy address belongs to the object at ffff888102796b40 [ 36.454180] which belongs to the cache kmalloc-32 of size 32 [ 36.454890] The buggy address is located 0 bytes inside of [ 36.454890] freed 32-byte region [ffff888102796b40, ffff888102796b60) [ 36.455712] [ 36.455853] The buggy address belongs to the physical page: [ 36.456193] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 36.456822] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.457215] page_type: 0xffffffff() [ 36.457513] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 36.457975] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 36.458550] page dumped because: kasan: bad access detected [ 36.458923] [ 36.459052] Memory state around the buggy address: [ 36.459294] ffff888102796a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 36.459686] ffff888102796a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 36.460197] >ffff888102796b00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 36.460668] ^ [ 36.461034] ffff888102796b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.461417] ffff888102796c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.461921] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
Automatically assigned
[ 35.069152] ================================================================== [ 35.070079] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x146/0x3b0 [ 35.070580] Read of size 1 at addr ffff888102897a78 by task kunit_try_catch/206 [ 35.071175] [ 35.071332] CPU: 1 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.071847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.072432] Call Trace: [ 35.072620] <TASK> [ 35.072798] dump_stack_lvl+0x4e/0x90 [ 35.073131] print_report+0xd2/0x650 [ 35.074131] ? __virt_addr_valid+0x156/0x1e0 [ 35.074490] ? ksize_unpoisons_memory+0x146/0x3b0 [ 35.074873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.075243] ? ksize_unpoisons_memory+0x146/0x3b0 [ 35.075579] kasan_report+0x147/0x180 [ 35.075889] ? ksize_unpoisons_memory+0x146/0x3b0 [ 35.076235] __asan_load1+0x66/0x70 [ 35.076519] ksize_unpoisons_memory+0x146/0x3b0 [ 35.076895] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 35.077243] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 35.078023] ? __schedule+0x715/0x11a0 [ 35.078333] ? ktime_get_ts64+0x118/0x140 [ 35.078648] kunit_try_run_case+0x120/0x290 [ 35.079048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.079398] ? __kasan_check_write+0x18/0x20 [ 35.079696] ? trace_preempt_on+0x20/0xa0 [ 35.080164] ? __kthread_parkme+0x4f/0xd0 [ 35.080573] ? preempt_count_sub+0x50/0x80 [ 35.080974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.081279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.082206] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.082521] kthread+0x19e/0x1e0 [ 35.082732] ? __pfx_kthread+0x10/0x10 [ 35.083013] ret_from_fork+0x41/0x70 [ 35.083230] ? __pfx_kthread+0x10/0x10 [ 35.083444] ret_from_fork_asm+0x1b/0x30 [ 35.083764] </TASK> [ 35.083955] [ 35.084084] Allocated by task 206: [ 35.084326] kasan_save_stack+0x44/0x70 [ 35.084643] kasan_set_track+0x29/0x40 [ 35.084926] kasan_save_alloc_info+0x22/0x30 [ 35.085239] __kasan_kmalloc+0xb7/0xc0 [ 35.085592] kmalloc_trace+0x4c/0xb0 [ 35.085833] ksize_unpoisons_memory+0xb0/0x3b0 [ 35.086481] kunit_try_run_case+0x120/0x290 [ 35.087029] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.087428] kthread+0x19e/0x1e0 [ 35.087676] ret_from_fork+0x41/0x70 [ 35.088208] ret_from_fork_asm+0x1b/0x30 [ 35.088495] [ 35.088639] The buggy address belongs to the object at ffff888102897a00 [ 35.088639] which belongs to the cache kmalloc-128 of size 128 [ 35.089795] The buggy address is located 5 bytes to the right of [ 35.089795] allocated 115-byte region [ffff888102897a00, ffff888102897a73) [ 35.090512] [ 35.090642] The buggy address belongs to the physical page: [ 35.091021] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102897 [ 35.091525] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.091890] page_type: 0xffffffff() [ 35.092123] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.092531] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 35.092955] page dumped because: kasan: bad access detected [ 35.093254] [ 35.094023] Memory state around the buggy address: [ 35.094464] ffff888102897900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.095235] ffff888102897980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.096219] >ffff888102897a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 35.097293] ^ [ 35.098113] ffff888102897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.099011] ffff888102897b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.099410] ================================================================== [ 35.101251] ================================================================== [ 35.101793] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x183/0x3b0 [ 35.102382] Read of size 1 at addr ffff888102897a7f by task kunit_try_catch/206 [ 35.103384] [ 35.103557] CPU: 1 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.104239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.105177] Call Trace: [ 35.105576] <TASK> [ 35.105946] dump_stack_lvl+0x4e/0x90 [ 35.106248] print_report+0xd2/0x650 [ 35.106602] ? __virt_addr_valid+0x156/0x1e0 [ 35.107098] ? ksize_unpoisons_memory+0x183/0x3b0 [ 35.107607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.108077] ? ksize_unpoisons_memory+0x183/0x3b0 [ 35.108594] kasan_report+0x147/0x180 [ 35.109055] ? ksize_unpoisons_memory+0x183/0x3b0 [ 35.109906] __asan_load1+0x66/0x70 [ 35.110285] ksize_unpoisons_memory+0x183/0x3b0 [ 35.110708] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 35.111273] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 35.111941] ? __schedule+0x715/0x11a0 [ 35.112387] ? ktime_get_ts64+0x118/0x140 [ 35.112886] kunit_try_run_case+0x120/0x290 [ 35.113748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.114123] ? __kasan_check_write+0x18/0x20 [ 35.114354] ? trace_preempt_on+0x20/0xa0 [ 35.114568] ? __kthread_parkme+0x4f/0xd0 [ 35.114796] ? preempt_count_sub+0x50/0x80 [ 35.115449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.115791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.116140] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.116493] kthread+0x19e/0x1e0 [ 35.116736] ? __pfx_kthread+0x10/0x10 [ 35.116999] ret_from_fork+0x41/0x70 [ 35.117257] ? __pfx_kthread+0x10/0x10 [ 35.117915] ret_from_fork_asm+0x1b/0x30 [ 35.118205] </TASK> [ 35.118415] [ 35.118556] Allocated by task 206: [ 35.118736] kasan_save_stack+0x44/0x70 [ 35.119098] kasan_set_track+0x29/0x40 [ 35.119337] kasan_save_alloc_info+0x22/0x30 [ 35.119574] __kasan_kmalloc+0xb7/0xc0 [ 35.119830] kmalloc_trace+0x4c/0xb0 [ 35.120051] ksize_unpoisons_memory+0xb0/0x3b0 [ 35.120335] kunit_try_run_case+0x120/0x290 [ 35.120572] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.120975] kthread+0x19e/0x1e0 [ 35.121182] ret_from_fork+0x41/0x70 [ 35.121422] ret_from_fork_asm+0x1b/0x30 [ 35.122183] [ 35.122298] The buggy address belongs to the object at ffff888102897a00 [ 35.122298] which belongs to the cache kmalloc-128 of size 128 [ 35.123030] The buggy address is located 12 bytes to the right of [ 35.123030] allocated 115-byte region [ffff888102897a00, ffff888102897a73) [ 35.123688] [ 35.123826] The buggy address belongs to the physical page: [ 35.124101] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102897 [ 35.124594] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.124953] page_type: 0xffffffff() [ 35.125170] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.126066] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 35.126487] page dumped because: kasan: bad access detected [ 35.126797] [ 35.126938] Memory state around the buggy address: [ 35.127219] ffff888102897900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.127625] ffff888102897980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.128055] >ffff888102897a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 35.128416] ^ [ 35.128897] ffff888102897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.129281] ffff888102897b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.130270] ================================================================== [ 35.043463] ================================================================== [ 35.044191] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x10d/0x3b0 [ 35.044717] Read of size 1 at addr ffff888102897a73 by task kunit_try_catch/206 [ 35.045315] [ 35.045460] CPU: 1 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.045996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.046838] Call Trace: [ 35.047042] <TASK> [ 35.047220] dump_stack_lvl+0x4e/0x90 [ 35.047576] print_report+0xd2/0x650 [ 35.047903] ? __virt_addr_valid+0x156/0x1e0 [ 35.048253] ? ksize_unpoisons_memory+0x10d/0x3b0 [ 35.048598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.049101] ? ksize_unpoisons_memory+0x10d/0x3b0 [ 35.049448] kasan_report+0x147/0x180 [ 35.049691] ? ksize_unpoisons_memory+0x10d/0x3b0 [ 35.050017] __asan_load1+0x66/0x70 [ 35.050315] ksize_unpoisons_memory+0x10d/0x3b0 [ 35.050634] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 35.051047] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 35.051406] ? __schedule+0x715/0x11a0 [ 35.051687] ? ktime_get_ts64+0x118/0x140 [ 35.051990] kunit_try_run_case+0x120/0x290 [ 35.052313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.052649] ? __kasan_check_write+0x18/0x20 [ 35.052998] ? trace_preempt_on+0x20/0xa0 [ 35.053220] ? __kthread_parkme+0x4f/0xd0 [ 35.053557] ? preempt_count_sub+0x50/0x80 [ 35.053845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.054224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.054661] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.055043] kthread+0x19e/0x1e0 [ 35.055394] ? __pfx_kthread+0x10/0x10 [ 35.055776] ret_from_fork+0x41/0x70 [ 35.056040] ? __pfx_kthread+0x10/0x10 [ 35.056314] ret_from_fork_asm+0x1b/0x30 [ 35.056663] </TASK> [ 35.056901] [ 35.057038] Allocated by task 206: [ 35.057276] kasan_save_stack+0x44/0x70 [ 35.057615] kasan_set_track+0x29/0x40 [ 35.057913] kasan_save_alloc_info+0x22/0x30 [ 35.058212] __kasan_kmalloc+0xb7/0xc0 [ 35.058459] kmalloc_trace+0x4c/0xb0 [ 35.058680] ksize_unpoisons_memory+0xb0/0x3b0 [ 35.058983] kunit_try_run_case+0x120/0x290 [ 35.059337] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.059661] kthread+0x19e/0x1e0 [ 35.059914] ret_from_fork+0x41/0x70 [ 35.060129] ret_from_fork_asm+0x1b/0x30 [ 35.060371] [ 35.060498] The buggy address belongs to the object at ffff888102897a00 [ 35.060498] which belongs to the cache kmalloc-128 of size 128 [ 35.061254] The buggy address is located 0 bytes to the right of [ 35.061254] allocated 115-byte region [ffff888102897a00, ffff888102897a73) [ 35.061971] [ 35.062102] The buggy address belongs to the physical page: [ 35.062512] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102897 [ 35.063138] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.063504] page_type: 0xffffffff() [ 35.063776] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.064258] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 35.064687] page dumped because: kasan: bad access detected [ 35.065149] [ 35.065259] Memory state around the buggy address: [ 35.065571] ffff888102897900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.066081] ffff888102897980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.066495] >ffff888102897a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 35.066982] ^ [ 35.067369] ffff888102897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.067800] ffff888102897b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.068223] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
Automatically assigned
[ 34.137390] ================================================================== [ 34.138675] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xea/0x1f0 [ 34.139988] Read of size 64 at addr ffff888102791e84 by task kunit_try_catch/176 [ 34.140876] [ 34.141008] CPU: 1 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.141523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.142872] Call Trace: [ 34.143413] <TASK> [ 34.143897] dump_stack_lvl+0x4e/0x90 [ 34.144546] print_report+0xd2/0x650 [ 34.145140] ? __virt_addr_valid+0x156/0x1e0 [ 34.145926] ? kmalloc_memmove_invalid_size+0xea/0x1f0 [ 34.146678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.147510] ? kmalloc_memmove_invalid_size+0xea/0x1f0 [ 34.147984] kasan_report+0x147/0x180 [ 34.148564] ? kmalloc_memmove_invalid_size+0xea/0x1f0 [ 34.149252] kasan_check_range+0x10c/0x1c0 [ 34.149931] __asan_memmove+0x27/0x70 [ 34.150152] kmalloc_memmove_invalid_size+0xea/0x1f0 [ 34.150675] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 34.151336] ? __schedule+0x715/0x11a0 [ 34.151945] ? ktime_get_ts64+0x118/0x140 [ 34.152482] kunit_try_run_case+0x120/0x290 [ 34.153345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.154072] ? __kasan_check_write+0x18/0x20 [ 34.154546] ? trace_preempt_on+0x20/0xa0 [ 34.155184] ? __kthread_parkme+0x4f/0xd0 [ 34.155531] ? preempt_count_sub+0x50/0x80 [ 34.155790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.156533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.157507] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.158139] kthread+0x19e/0x1e0 [ 34.158605] ? __pfx_kthread+0x10/0x10 [ 34.158905] ret_from_fork+0x41/0x70 [ 34.159101] ? __pfx_kthread+0x10/0x10 [ 34.159310] ret_from_fork_asm+0x1b/0x30 [ 34.159857] </TASK> [ 34.160141] [ 34.160414] Allocated by task 176: [ 34.160822] kasan_save_stack+0x44/0x70 [ 34.161306] kasan_set_track+0x29/0x40 [ 34.161895] kasan_save_alloc_info+0x22/0x30 [ 34.162425] __kasan_kmalloc+0xb7/0xc0 [ 34.163007] kmalloc_trace+0x4c/0xb0 [ 34.163762] kmalloc_memmove_invalid_size+0x9f/0x1f0 [ 34.164451] kunit_try_run_case+0x120/0x290 [ 34.165039] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.165464] kthread+0x19e/0x1e0 [ 34.165961] ret_from_fork+0x41/0x70 [ 34.166317] ret_from_fork_asm+0x1b/0x30 [ 34.166896] [ 34.167136] The buggy address belongs to the object at ffff888102791e80 [ 34.167136] which belongs to the cache kmalloc-64 of size 64 [ 34.168250] The buggy address is located 4 bytes inside of [ 34.168250] allocated 64-byte region [ffff888102791e80, ffff888102791ec0) [ 34.169779] [ 34.169997] The buggy address belongs to the physical page: [ 34.170900] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102791 [ 34.171705] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.171993] page_type: 0xffffffff() [ 34.172197] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 34.173236] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 34.174276] page dumped because: kasan: bad access detected [ 34.174995] [ 34.175325] Memory state around the buggy address: [ 34.175991] ffff888102791d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.176914] ffff888102791e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.177839] >ffff888102791e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 34.178801] ^ [ 34.179733] ffff888102791f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.180377] ffff888102791f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.181012] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
Automatically assigned
[ 34.092532] ================================================================== [ 34.093778] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xeb/0x1f0 [ 34.094755] Read of size 18446744073709551614 at addr ffff888102864084 by task kunit_try_catch/174 [ 34.096017] [ 34.096161] CPU: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.097074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.098141] Call Trace: [ 34.098449] <TASK> [ 34.098877] dump_stack_lvl+0x4e/0x90 [ 34.099330] print_report+0xd2/0x650 [ 34.099871] ? __virt_addr_valid+0x156/0x1e0 [ 34.100353] ? kmalloc_memmove_negative_size+0xeb/0x1f0 [ 34.100721] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.101031] ? kmalloc_memmove_negative_size+0xeb/0x1f0 [ 34.101308] kasan_report+0x147/0x180 [ 34.101824] ? kmalloc_memmove_negative_size+0xeb/0x1f0 [ 34.102456] kasan_check_range+0x10c/0x1c0 [ 34.103477] __asan_memmove+0x27/0x70 [ 34.103968] kmalloc_memmove_negative_size+0xeb/0x1f0 [ 34.104604] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 34.105261] ? __schedule+0x715/0x11a0 [ 34.105776] ? ktime_get_ts64+0x118/0x140 [ 34.106332] kunit_try_run_case+0x120/0x290 [ 34.106929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.107557] ? __kasan_check_write+0x18/0x20 [ 34.108590] ? trace_preempt_on+0x20/0xa0 [ 34.108876] ? __kthread_parkme+0x4f/0xd0 [ 34.109105] ? preempt_count_sub+0x50/0x80 [ 34.109333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.110225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.111290] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.112089] kthread+0x19e/0x1e0 [ 34.112748] ? __pfx_kthread+0x10/0x10 [ 34.113395] ret_from_fork+0x41/0x70 [ 34.113964] ? __pfx_kthread+0x10/0x10 [ 34.114647] ret_from_fork_asm+0x1b/0x30 [ 34.115245] </TASK> [ 34.115541] [ 34.115906] Allocated by task 174: [ 34.116470] kasan_save_stack+0x44/0x70 [ 34.117078] kasan_set_track+0x29/0x40 [ 34.117295] kasan_save_alloc_info+0x22/0x30 [ 34.118185] __kasan_kmalloc+0xb7/0xc0 [ 34.118822] kmalloc_trace+0x4c/0xb0 [ 34.119309] kmalloc_memmove_negative_size+0x9f/0x1f0 [ 34.119986] kunit_try_run_case+0x120/0x290 [ 34.120227] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.120647] kthread+0x19e/0x1e0 [ 34.121087] ret_from_fork+0x41/0x70 [ 34.121480] ret_from_fork_asm+0x1b/0x30 [ 34.121996] [ 34.122213] The buggy address belongs to the object at ffff888102864080 [ 34.122213] which belongs to the cache kmalloc-64 of size 64 [ 34.123598] The buggy address is located 4 bytes inside of [ 34.123598] 64-byte region [ffff888102864080, ffff8881028640c0) [ 34.124164] [ 34.124273] The buggy address belongs to the physical page: [ 34.124536] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102864 [ 34.125114] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.125833] page_type: 0xffffffff() [ 34.126213] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 34.126759] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 34.127311] page dumped because: kasan: bad access detected [ 34.127762] [ 34.128004] Memory state around the buggy address: [ 34.128386] ffff888102863f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.128716] ffff888102864000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.129577] >ffff888102864080: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 34.130342] ^ [ 34.130753] ffff888102864100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.131617] ffff888102864180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.132216] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
Automatically assigned
[ 34.049502] ================================================================== [ 34.050258] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xdd/0x1e0 [ 34.051887] Write of size 16 at addr ffff888102862869 by task kunit_try_catch/172 [ 34.053053] [ 34.053423] CPU: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.054545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.055569] Call Trace: [ 34.056074] <TASK> [ 34.056450] dump_stack_lvl+0x4e/0x90 [ 34.057053] print_report+0xd2/0x650 [ 34.057283] ? __virt_addr_valid+0x156/0x1e0 [ 34.058131] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 34.058828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.059678] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 34.060408] kasan_report+0x147/0x180 [ 34.060845] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 34.061134] kasan_check_range+0x10c/0x1c0 [ 34.061578] __asan_memset+0x27/0x50 [ 34.062196] kmalloc_oob_memset_16+0xdd/0x1e0 [ 34.062968] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 34.063771] ? __schedule+0x715/0x11a0 [ 34.064482] ? ktime_get_ts64+0x118/0x140 [ 34.065089] kunit_try_run_case+0x120/0x290 [ 34.065789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.066533] ? __kasan_check_write+0x18/0x20 [ 34.067142] ? trace_preempt_on+0x20/0xa0 [ 34.067653] ? __kthread_parkme+0x4f/0xd0 [ 34.068333] ? preempt_count_sub+0x50/0x80 [ 34.069018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.069713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.070287] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.070642] kthread+0x19e/0x1e0 [ 34.071057] ? __pfx_kthread+0x10/0x10 [ 34.071528] ret_from_fork+0x41/0x70 [ 34.071947] ? __pfx_kthread+0x10/0x10 [ 34.072404] ret_from_fork_asm+0x1b/0x30 [ 34.072896] </TASK> [ 34.073148] [ 34.073336] Allocated by task 172: [ 34.073743] kasan_save_stack+0x44/0x70 [ 34.074165] kasan_set_track+0x29/0x40 [ 34.074607] kasan_save_alloc_info+0x22/0x30 [ 34.074981] __kasan_kmalloc+0xb7/0xc0 [ 34.075428] kmalloc_trace+0x4c/0xb0 [ 34.075753] kmalloc_oob_memset_16+0x9f/0x1e0 [ 34.075992] kunit_try_run_case+0x120/0x290 [ 34.076217] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.076663] kthread+0x19e/0x1e0 [ 34.077144] ret_from_fork+0x41/0x70 [ 34.077597] ret_from_fork_asm+0x1b/0x30 [ 34.078090] [ 34.078332] The buggy address belongs to the object at ffff888102862800 [ 34.078332] which belongs to the cache kmalloc-128 of size 128 [ 34.079397] The buggy address is located 105 bytes inside of [ 34.079397] allocated 120-byte region [ffff888102862800, ffff888102862878) [ 34.080510] [ 34.080708] The buggy address belongs to the physical page: [ 34.081132] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102862 [ 34.081540] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.081857] page_type: 0xffffffff() [ 34.082264] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.083143] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 34.083661] page dumped because: kasan: bad access detected [ 34.084284] [ 34.084473] Memory state around the buggy address: [ 34.084839] ffff888102862700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 34.085600] ffff888102862780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.086071] >ffff888102862800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 34.086539] ^ [ 34.086878] ffff888102862880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.087193] ffff888102862900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.087787] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
Automatically assigned
[ 34.002585] ================================================================== [ 34.003195] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xdd/0x1e0 [ 34.003550] Write of size 8 at addr ffff888102797571 by task kunit_try_catch/170 [ 34.003912] [ 34.004161] CPU: 1 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.006016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.007351] Call Trace: [ 34.007834] <TASK> [ 34.008364] dump_stack_lvl+0x4e/0x90 [ 34.009100] print_report+0xd2/0x650 [ 34.009748] ? __virt_addr_valid+0x156/0x1e0 [ 34.010444] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 34.011152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.012031] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 34.012795] kasan_report+0x147/0x180 [ 34.013398] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 34.013980] kasan_check_range+0x10c/0x1c0 [ 34.014284] __asan_memset+0x27/0x50 [ 34.014699] kmalloc_oob_memset_8+0xdd/0x1e0 [ 34.015017] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 34.015320] ? __schedule+0x715/0x11a0 [ 34.015558] ? ktime_get_ts64+0x118/0x140 [ 34.015821] kunit_try_run_case+0x120/0x290 [ 34.016586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.016967] ? __kasan_check_write+0x18/0x20 [ 34.017228] ? trace_preempt_on+0x20/0xa0 [ 34.017768] ? __kthread_parkme+0x4f/0xd0 [ 34.018206] ? preempt_count_sub+0x50/0x80 [ 34.018517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.019070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.019660] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.020158] kthread+0x19e/0x1e0 [ 34.020438] ? __pfx_kthread+0x10/0x10 [ 34.020906] ret_from_fork+0x41/0x70 [ 34.021283] ? __pfx_kthread+0x10/0x10 [ 34.021692] ret_from_fork_asm+0x1b/0x30 [ 34.022162] </TASK> [ 34.022497] [ 34.022628] Allocated by task 170: [ 34.023219] kasan_save_stack+0x44/0x70 [ 34.023560] kasan_set_track+0x29/0x40 [ 34.023825] kasan_save_alloc_info+0x22/0x30 [ 34.024394] __kasan_kmalloc+0xb7/0xc0 [ 34.024904] kmalloc_trace+0x4c/0xb0 [ 34.025113] kmalloc_oob_memset_8+0x9f/0x1e0 [ 34.025337] kunit_try_run_case+0x120/0x290 [ 34.026177] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.027016] kthread+0x19e/0x1e0 [ 34.027583] ret_from_fork+0x41/0x70 [ 34.028238] ret_from_fork_asm+0x1b/0x30 [ 34.028926] [ 34.029290] The buggy address belongs to the object at ffff888102797500 [ 34.029290] which belongs to the cache kmalloc-128 of size 128 [ 34.030599] The buggy address is located 113 bytes inside of [ 34.030599] allocated 120-byte region [ffff888102797500, ffff888102797578) [ 34.032168] [ 34.032526] The buggy address belongs to the physical page: [ 34.033220] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102797 [ 34.034115] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.034444] page_type: 0xffffffff() [ 34.035153] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.036160] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 34.037177] page dumped because: kasan: bad access detected [ 34.037888] [ 34.038128] Memory state around the buggy address: [ 34.038506] ffff888102797400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 34.039564] ffff888102797480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.040457] >ffff888102797500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 34.041015] ^ [ 34.041939] ffff888102797580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.042826] ffff888102797600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.043586] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
Automatically assigned
[ 33.970937] ================================================================== [ 33.971565] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xdd/0x1e0 [ 33.972376] Write of size 4 at addr ffff888102862475 by task kunit_try_catch/168 [ 33.972789] [ 33.972973] CPU: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.973426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.973941] Call Trace: [ 33.974101] <TASK> [ 33.974281] dump_stack_lvl+0x4e/0x90 [ 33.974528] print_report+0xd2/0x650 [ 33.975333] ? __virt_addr_valid+0x156/0x1e0 [ 33.975678] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 33.976027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.976409] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 33.976686] kasan_report+0x147/0x180 [ 33.976968] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 33.977287] kasan_check_range+0x10c/0x1c0 [ 33.977530] __asan_memset+0x27/0x50 [ 33.977819] kmalloc_oob_memset_4+0xdd/0x1e0 [ 33.978104] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 33.978919] ? __schedule+0x715/0x11a0 [ 33.979217] ? ktime_get_ts64+0x118/0x140 [ 33.979498] kunit_try_run_case+0x120/0x290 [ 33.979809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.980188] ? __kasan_check_write+0x18/0x20 [ 33.980468] ? trace_preempt_on+0x20/0xa0 [ 33.980720] ? __kthread_parkme+0x4f/0xd0 [ 33.981075] ? preempt_count_sub+0x50/0x80 [ 33.981357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.981640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.982030] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.982689] kthread+0x19e/0x1e0 [ 33.983026] ? __pfx_kthread+0x10/0x10 [ 33.983300] ret_from_fork+0x41/0x70 [ 33.983532] ? __pfx_kthread+0x10/0x10 [ 33.983780] ret_from_fork_asm+0x1b/0x30 [ 33.984206] </TASK> [ 33.984344] [ 33.984472] Allocated by task 168: [ 33.984693] kasan_save_stack+0x44/0x70 [ 33.984975] kasan_set_track+0x29/0x40 [ 33.985234] kasan_save_alloc_info+0x22/0x30 [ 33.985492] __kasan_kmalloc+0xb7/0xc0 [ 33.985734] kmalloc_trace+0x4c/0xb0 [ 33.986024] kmalloc_oob_memset_4+0x9f/0x1e0 [ 33.986330] kunit_try_run_case+0x120/0x290 [ 33.986578] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.987428] kthread+0x19e/0x1e0 [ 33.987639] ret_from_fork+0x41/0x70 [ 33.988099] ret_from_fork_asm+0x1b/0x30 [ 33.988365] [ 33.988481] The buggy address belongs to the object at ffff888102862400 [ 33.988481] which belongs to the cache kmalloc-128 of size 128 [ 33.989150] The buggy address is located 117 bytes inside of [ 33.989150] allocated 120-byte region [ffff888102862400, ffff888102862478) [ 33.989877] [ 33.990001] The buggy address belongs to the physical page: [ 33.990332] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102862 [ 33.991290] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.991607] page_type: 0xffffffff() [ 33.991928] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.992369] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.992779] page dumped because: kasan: bad access detected [ 33.993074] [ 33.993174] Memory state around the buggy address: [ 33.993471] ffff888102862300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.993916] ffff888102862380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.994344] >ffff888102862400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.995226] ^ [ 33.995609] ffff888102862480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.996067] ffff888102862500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.996457] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
Automatically assigned
[ 33.937193] ================================================================== [ 33.937847] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xdd/0x1e0 [ 33.938380] Write of size 2 at addr ffff888102862377 by task kunit_try_catch/166 [ 33.939106] [ 33.939293] CPU: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.940306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.941150] Call Trace: [ 33.941546] <TASK> [ 33.941764] dump_stack_lvl+0x4e/0x90 [ 33.942230] print_report+0xd2/0x650 [ 33.942677] ? __virt_addr_valid+0x156/0x1e0 [ 33.943172] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 33.943520] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.944059] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 33.944529] kasan_report+0x147/0x180 [ 33.944946] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 33.945335] kasan_check_range+0x10c/0x1c0 [ 33.945814] __asan_memset+0x27/0x50 [ 33.946203] kmalloc_oob_memset_2+0xdd/0x1e0 [ 33.946613] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 33.947091] ? __schedule+0x715/0x11a0 [ 33.947388] ? ktime_get_ts64+0x118/0x140 [ 33.947634] kunit_try_run_case+0x120/0x290 [ 33.948049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.948349] ? __kasan_check_write+0x18/0x20 [ 33.948824] ? trace_preempt_on+0x20/0xa0 [ 33.949114] ? __kthread_parkme+0x4f/0xd0 [ 33.949435] ? preempt_count_sub+0x50/0x80 [ 33.949743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.950105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.950718] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.951166] kthread+0x19e/0x1e0 [ 33.951433] ? __pfx_kthread+0x10/0x10 [ 33.951725] ret_from_fork+0x41/0x70 [ 33.952216] ? __pfx_kthread+0x10/0x10 [ 33.952460] ret_from_fork_asm+0x1b/0x30 [ 33.952769] </TASK> [ 33.952952] [ 33.953066] Allocated by task 166: [ 33.953275] kasan_save_stack+0x44/0x70 [ 33.953526] kasan_set_track+0x29/0x40 [ 33.953791] kasan_save_alloc_info+0x22/0x30 [ 33.954054] __kasan_kmalloc+0xb7/0xc0 [ 33.954397] kmalloc_trace+0x4c/0xb0 [ 33.954653] kmalloc_oob_memset_2+0x9f/0x1e0 [ 33.955033] kunit_try_run_case+0x120/0x290 [ 33.955308] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.955653] kthread+0x19e/0x1e0 [ 33.955886] ret_from_fork+0x41/0x70 [ 33.956180] ret_from_fork_asm+0x1b/0x30 [ 33.956389] [ 33.956579] The buggy address belongs to the object at ffff888102862300 [ 33.956579] which belongs to the cache kmalloc-128 of size 128 [ 33.957236] The buggy address is located 119 bytes inside of [ 33.957236] allocated 120-byte region [ffff888102862300, ffff888102862378) [ 33.958102] [ 33.958234] The buggy address belongs to the physical page: [ 33.958557] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102862 [ 33.959146] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.959486] page_type: 0xffffffff() [ 33.959733] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.960184] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.960564] page dumped because: kasan: bad access detected [ 33.961004] [ 33.961140] Memory state around the buggy address: [ 33.961448] ffff888102862200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.961799] ffff888102862280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.962254] >ffff888102862300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.962603] ^ [ 33.963189] ffff888102862380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.963625] ffff888102862400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.964035] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
Automatically assigned
[ 33.902840] ================================================================== [ 33.903501] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xda/0x1e0 [ 33.904263] Write of size 128 at addr ffff888102862200 by task kunit_try_catch/164 [ 33.904634] [ 33.904775] CPU: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.905291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.906234] Call Trace: [ 33.906594] <TASK> [ 33.906794] dump_stack_lvl+0x4e/0x90 [ 33.907269] print_report+0xd2/0x650 [ 33.907545] ? __virt_addr_valid+0x156/0x1e0 [ 33.908011] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 33.908330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.908891] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 33.909315] kasan_report+0x147/0x180 [ 33.909747] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 33.910103] kasan_check_range+0x10c/0x1c0 [ 33.910544] __asan_memset+0x27/0x50 [ 33.910955] kmalloc_oob_in_memset+0xda/0x1e0 [ 33.911260] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 33.911733] ? __schedule+0x715/0x11a0 [ 33.912115] ? ktime_get_ts64+0x118/0x140 [ 33.912504] kunit_try_run_case+0x120/0x290 [ 33.913001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.913311] ? __kasan_check_write+0x18/0x20 [ 33.913698] ? trace_preempt_on+0x20/0xa0 [ 33.914093] ? __kthread_parkme+0x4f/0xd0 [ 33.914386] ? preempt_count_sub+0x50/0x80 [ 33.914825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.915254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.915654] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.916152] kthread+0x19e/0x1e0 [ 33.916513] ? __pfx_kthread+0x10/0x10 [ 33.916938] ret_from_fork+0x41/0x70 [ 33.917306] ? __pfx_kthread+0x10/0x10 [ 33.917592] ret_from_fork_asm+0x1b/0x30 [ 33.918051] </TASK> [ 33.918329] [ 33.918444] Allocated by task 164: [ 33.918789] kasan_save_stack+0x44/0x70 [ 33.919083] kasan_set_track+0x29/0x40 [ 33.919323] kasan_save_alloc_info+0x22/0x30 [ 33.919575] __kasan_kmalloc+0xb7/0xc0 [ 33.919966] kmalloc_trace+0x4c/0xb0 [ 33.920479] kmalloc_oob_in_memset+0x9f/0x1e0 [ 33.920904] kunit_try_run_case+0x120/0x290 [ 33.921296] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.921719] kthread+0x19e/0x1e0 [ 33.922080] ret_from_fork+0x41/0x70 [ 33.922334] ret_from_fork_asm+0x1b/0x30 [ 33.922742] [ 33.922989] The buggy address belongs to the object at ffff888102862200 [ 33.922989] which belongs to the cache kmalloc-128 of size 128 [ 33.923752] The buggy address is located 0 bytes inside of [ 33.923752] allocated 120-byte region [ffff888102862200, ffff888102862278) [ 33.924550] [ 33.924836] The buggy address belongs to the physical page: [ 33.925261] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102862 [ 33.925976] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.926318] page_type: 0xffffffff() [ 33.926722] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.927266] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.927802] page dumped because: kasan: bad access detected [ 33.928134] [ 33.928455] Memory state around the buggy address: [ 33.928895] ffff888102862100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.929382] ffff888102862180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.929794] >ffff888102862200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.930344] ^ [ 33.930899] ffff888102862280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.931413] ffff888102862300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.931946] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
Automatically assigned
[ 33.865166] ================================================================== [ 33.866130] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x108/0x250 [ 33.866515] Read of size 16 at addr ffff88810214e6c0 by task kunit_try_catch/162 [ 33.867202] [ 33.867530] CPU: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.868105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.868720] Call Trace: [ 33.869057] <TASK> [ 33.869237] dump_stack_lvl+0x4e/0x90 [ 33.869517] print_report+0xd2/0x650 [ 33.870336] ? __virt_addr_valid+0x156/0x1e0 [ 33.870644] ? kmalloc_uaf_16+0x108/0x250 [ 33.870985] ? kasan_complete_mode_report_info+0x64/0x200 [ 33.871357] ? kmalloc_uaf_16+0x108/0x250 [ 33.871620] kasan_report+0x147/0x180 [ 33.871902] ? kmalloc_uaf_16+0x108/0x250 [ 33.872159] __asan_load16+0x69/0x90 [ 33.872458] kmalloc_uaf_16+0x108/0x250 [ 33.872732] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 33.873118] ? __schedule+0x715/0x11a0 [ 33.873394] ? ktime_get_ts64+0x118/0x140 [ 33.873852] kunit_try_run_case+0x120/0x290 [ 33.874719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.875107] ? __kasan_check_write+0x18/0x20 [ 33.875412] ? trace_preempt_on+0x20/0xa0 [ 33.875698] ? __kthread_parkme+0x4f/0xd0 [ 33.876036] ? preempt_count_sub+0x50/0x80 [ 33.876316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.876634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.877035] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.877381] kthread+0x19e/0x1e0 [ 33.877631] ? __pfx_kthread+0x10/0x10 [ 33.878008] ret_from_fork+0x41/0x70 [ 33.878281] ? __pfx_kthread+0x10/0x10 [ 33.878539] ret_from_fork_asm+0x1b/0x30 [ 33.879220] </TASK> [ 33.879412] [ 33.879530] Allocated by task 162: [ 33.879769] kasan_save_stack+0x44/0x70 [ 33.880076] kasan_set_track+0x29/0x40 [ 33.880340] kasan_save_alloc_info+0x22/0x30 [ 33.880630] __kasan_kmalloc+0xb7/0xc0 [ 33.880983] kmalloc_trace+0x4c/0xb0 [ 33.881200] kmalloc_uaf_16+0xc9/0x250 [ 33.881444] kunit_try_run_case+0x120/0x290 [ 33.881743] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.882082] kthread+0x19e/0x1e0 [ 33.882292] ret_from_fork+0x41/0x70 [ 33.882540] ret_from_fork_asm+0x1b/0x30 [ 33.883269] [ 33.883389] Freed by task 162: [ 33.883605] kasan_save_stack+0x44/0x70 [ 33.883856] kasan_set_track+0x29/0x40 [ 33.884130] kasan_save_free_info+0x2f/0x50 [ 33.884417] ____kasan_slab_free+0x172/0x1d0 [ 33.884689] __kasan_slab_free+0x16/0x20 [ 33.884977] __kmem_cache_free+0x190/0x310 [ 33.885227] kfree+0x7c/0x120 [ 33.885426] kmalloc_uaf_16+0xe9/0x250 [ 33.885700] kunit_try_run_case+0x120/0x290 [ 33.886087] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.886395] kthread+0x19e/0x1e0 [ 33.887007] ret_from_fork+0x41/0x70 [ 33.887239] ret_from_fork_asm+0x1b/0x30 [ 33.887530] [ 33.887658] The buggy address belongs to the object at ffff88810214e6c0 [ 33.887658] which belongs to the cache kmalloc-16 of size 16 [ 33.888332] The buggy address is located 0 bytes inside of [ 33.888332] freed 16-byte region [ffff88810214e6c0, ffff88810214e6d0) [ 33.889020] [ 33.889134] The buggy address belongs to the physical page: [ 33.889414] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10214e [ 33.889971] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.890282] page_type: 0xffffffff() [ 33.891043] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 33.891496] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 33.892091] page dumped because: kasan: bad access detected [ 33.892417] [ 33.892534] Memory state around the buggy address: [ 33.892812] ffff88810214e580: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 33.893219] ffff88810214e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 33.893595] >ffff88810214e680: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 33.894323] ^ [ 33.895354] ffff88810214e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.895940] ffff88810214e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.896436] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
Automatically assigned
[ 33.839367] ================================================================== [ 33.839989] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf3/0x250 [ 33.840487] Write of size 16 at addr ffff88810214e660 by task kunit_try_catch/160 [ 33.840949] [ 33.841091] CPU: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.841550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.842085] Call Trace: [ 33.842287] <TASK> [ 33.842447] dump_stack_lvl+0x4e/0x90 [ 33.842737] print_report+0xd2/0x650 [ 33.843037] ? __virt_addr_valid+0x156/0x1e0 [ 33.843377] ? kmalloc_oob_16+0xf3/0x250 [ 33.843616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.843947] ? kmalloc_oob_16+0xf3/0x250 [ 33.844253] kasan_report+0x147/0x180 [ 33.844505] ? kmalloc_oob_16+0xf3/0x250 [ 33.844812] __asan_store16+0x6c/0xa0 [ 33.845042] kmalloc_oob_16+0xf3/0x250 [ 33.845330] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 33.845581] ? __schedule+0x715/0x11a0 [ 33.845912] ? ktime_get_ts64+0x118/0x140 [ 33.846174] kunit_try_run_case+0x120/0x290 [ 33.846510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.846868] ? __kasan_check_write+0x18/0x20 [ 33.847105] ? trace_preempt_on+0x20/0xa0 [ 33.847413] ? __kthread_parkme+0x4f/0xd0 [ 33.847666] ? preempt_count_sub+0x50/0x80 [ 33.847950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.848248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.848611] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.849090] kthread+0x19e/0x1e0 [ 33.849315] ? __pfx_kthread+0x10/0x10 [ 33.849556] ret_from_fork+0x41/0x70 [ 33.849802] ? __pfx_kthread+0x10/0x10 [ 33.850075] ret_from_fork_asm+0x1b/0x30 [ 33.850363] </TASK> [ 33.850526] [ 33.850655] Allocated by task 160: [ 33.850893] kasan_save_stack+0x44/0x70 [ 33.851157] kasan_set_track+0x29/0x40 [ 33.851416] kasan_save_alloc_info+0x22/0x30 [ 33.851680] __kasan_kmalloc+0xb7/0xc0 [ 33.851934] kmalloc_trace+0x4c/0xb0 [ 33.852201] kmalloc_oob_16+0x8f/0x250 [ 33.852430] kunit_try_run_case+0x120/0x290 [ 33.852686] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.853014] kthread+0x19e/0x1e0 [ 33.853203] ret_from_fork+0x41/0x70 [ 33.853451] ret_from_fork_asm+0x1b/0x30 [ 33.853728] [ 33.853934] The buggy address belongs to the object at ffff88810214e660 [ 33.853934] which belongs to the cache kmalloc-16 of size 16 [ 33.854490] The buggy address is located 0 bytes inside of [ 33.854490] allocated 13-byte region [ffff88810214e660, ffff88810214e66d) [ 33.855238] [ 33.855365] The buggy address belongs to the physical page: [ 33.855619] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10214e [ 33.856220] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.856547] page_type: 0xffffffff() [ 33.856793] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 33.857252] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 33.857621] page dumped because: kasan: bad access detected [ 33.858070] [ 33.858184] Memory state around the buggy address: [ 33.858459] ffff88810214e500: 00 02 fc fc 00 03 fc fc 00 02 fc fc 00 05 fc fc [ 33.858869] ffff88810214e580: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 33.859245] >ffff88810214e600: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 33.859595] ^ [ 33.860006] ffff88810214e680: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.860377] ffff88810214e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.860749] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
Automatically assigned
[ 33.767917] ================================================================== [ 33.769240] BUG: KASAN: slab-use-after-free in krealloc_uaf+0xf1/0x2e0 [ 33.769752] Read of size 1 at addr ffff888100366800 by task kunit_try_catch/158 [ 33.770366] [ 33.770587] CPU: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.771115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.771763] Call Trace: [ 33.771938] <TASK> [ 33.772129] dump_stack_lvl+0x4e/0x90 [ 33.772618] print_report+0xd2/0x650 [ 33.773070] ? __virt_addr_valid+0x156/0x1e0 [ 33.773349] ? krealloc_uaf+0xf1/0x2e0 [ 33.773674] ? kasan_complete_mode_report_info+0x64/0x200 [ 33.774079] ? krealloc_uaf+0xf1/0x2e0 [ 33.774420] kasan_report+0x147/0x180 [ 33.774804] ? krealloc_uaf+0xf1/0x2e0 [ 33.775079] ? krealloc_uaf+0xf1/0x2e0 [ 33.775441] __kasan_check_byte+0x3d/0x50 [ 33.775712] krealloc+0x35/0x140 [ 33.776050] krealloc_uaf+0xf1/0x2e0 [ 33.776293] ? __pfx_krealloc_uaf+0x10/0x10 [ 33.776661] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.777171] ? __schedule+0x715/0x11a0 [ 33.777423] ? ktime_get_ts64+0x118/0x140 [ 33.778101] kunit_try_run_case+0x120/0x290 [ 33.778451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.778794] ? __kasan_check_write+0x18/0x20 [ 33.779107] ? trace_preempt_on+0x20/0xa0 [ 33.779370] ? __kthread_parkme+0x4f/0xd0 [ 33.779752] ? preempt_count_sub+0x50/0x80 [ 33.780039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.780445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.780815] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.781258] kthread+0x19e/0x1e0 [ 33.781621] ? __pfx_kthread+0x10/0x10 [ 33.781915] ret_from_fork+0x41/0x70 [ 33.782188] ? __pfx_kthread+0x10/0x10 [ 33.782586] ret_from_fork_asm+0x1b/0x30 [ 33.782931] </TASK> [ 33.783085] [ 33.783215] Allocated by task 158: [ 33.783403] kasan_save_stack+0x44/0x70 [ 33.783823] kasan_set_track+0x29/0x40 [ 33.784061] kasan_save_alloc_info+0x22/0x30 [ 33.784421] __kasan_kmalloc+0xb7/0xc0 [ 33.784661] kmalloc_trace+0x4c/0xb0 [ 33.785000] krealloc_uaf+0xb0/0x2e0 [ 33.785208] kunit_try_run_case+0x120/0x290 [ 33.785564] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.785858] kthread+0x19e/0x1e0 [ 33.786134] ret_from_fork+0x41/0x70 [ 33.786365] ret_from_fork_asm+0x1b/0x30 [ 33.786724] [ 33.786916] Freed by task 158: [ 33.787110] kasan_save_stack+0x44/0x70 [ 33.787420] kasan_set_track+0x29/0x40 [ 33.787668] kasan_save_free_info+0x2f/0x50 [ 33.788141] ____kasan_slab_free+0x172/0x1d0 [ 33.788398] __kasan_slab_free+0x16/0x20 [ 33.788750] __kmem_cache_free+0x190/0x310 [ 33.789021] kfree+0x7c/0x120 [ 33.789245] krealloc_uaf+0xd0/0x2e0 [ 33.789610] kunit_try_run_case+0x120/0x290 [ 33.789957] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.790270] kthread+0x19e/0x1e0 [ 33.790645] ret_from_fork+0x41/0x70 [ 33.790916] ret_from_fork_asm+0x1b/0x30 [ 33.791202] [ 33.791326] The buggy address belongs to the object at ffff888100366800 [ 33.791326] which belongs to the cache kmalloc-256 of size 256 [ 33.792127] The buggy address is located 0 bytes inside of [ 33.792127] freed 256-byte region [ffff888100366800, ffff888100366900) [ 33.792844] [ 33.792964] The buggy address belongs to the physical page: [ 33.793297] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.793803] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.794515] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.794955] page_type: 0xffffffff() [ 33.795211] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.795700] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.796191] page dumped because: kasan: bad access detected [ 33.796564] [ 33.796702] Memory state around the buggy address: [ 33.796998] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.797482] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.797855] >ffff888100366800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.798299] ^ [ 33.798542] ffff888100366880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.799018] ffff888100366900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.799575] ================================================================== [ 33.800449] ================================================================== [ 33.800814] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x131/0x2e0 [ 33.801281] Read of size 1 at addr ffff888100366800 by task kunit_try_catch/158 [ 33.802030] [ 33.802173] CPU: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.802691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.803613] Call Trace: [ 33.803789] <TASK> [ 33.804064] dump_stack_lvl+0x4e/0x90 [ 33.804328] print_report+0xd2/0x650 [ 33.804667] ? __virt_addr_valid+0x156/0x1e0 [ 33.804981] ? krealloc_uaf+0x131/0x2e0 [ 33.805235] ? kasan_complete_mode_report_info+0x64/0x200 [ 33.805687] ? krealloc_uaf+0x131/0x2e0 [ 33.805959] kasan_report+0x147/0x180 [ 33.806232] ? krealloc_uaf+0x131/0x2e0 [ 33.806921] __asan_load1+0x66/0x70 [ 33.807197] krealloc_uaf+0x131/0x2e0 [ 33.807498] ? __pfx_krealloc_uaf+0x10/0x10 [ 33.807776] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.808115] ? __schedule+0x715/0x11a0 [ 33.808356] ? ktime_get_ts64+0x118/0x140 [ 33.808612] kunit_try_run_case+0x120/0x290 [ 33.808953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.809240] ? __kasan_check_write+0x18/0x20 [ 33.809539] ? trace_preempt_on+0x20/0xa0 [ 33.809799] ? __kthread_parkme+0x4f/0xd0 [ 33.810071] ? preempt_count_sub+0x50/0x80 [ 33.810361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.810673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.811029] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.811573] kthread+0x19e/0x1e0 [ 33.811883] ? __pfx_kthread+0x10/0x10 [ 33.812179] ret_from_fork+0x41/0x70 [ 33.812403] ? __pfx_kthread+0x10/0x10 [ 33.812839] ret_from_fork_asm+0x1b/0x30 [ 33.813191] </TASK> [ 33.813421] [ 33.813539] Allocated by task 158: [ 33.813761] kasan_save_stack+0x44/0x70 [ 33.814044] kasan_set_track+0x29/0x40 [ 33.814306] kasan_save_alloc_info+0x22/0x30 [ 33.814630] __kasan_kmalloc+0xb7/0xc0 [ 33.814930] kmalloc_trace+0x4c/0xb0 [ 33.815195] krealloc_uaf+0xb0/0x2e0 [ 33.815502] kunit_try_run_case+0x120/0x290 [ 33.816154] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.816542] kthread+0x19e/0x1e0 [ 33.816736] ret_from_fork+0x41/0x70 [ 33.817061] ret_from_fork_asm+0x1b/0x30 [ 33.817411] [ 33.817553] Freed by task 158: [ 33.817756] kasan_save_stack+0x44/0x70 [ 33.817985] kasan_set_track+0x29/0x40 [ 33.818254] kasan_save_free_info+0x2f/0x50 [ 33.818706] ____kasan_slab_free+0x172/0x1d0 [ 33.819003] __kasan_slab_free+0x16/0x20 [ 33.819259] __kmem_cache_free+0x190/0x310 [ 33.819550] kfree+0x7c/0x120 [ 33.819834] krealloc_uaf+0xd0/0x2e0 [ 33.820108] kunit_try_run_case+0x120/0x290 [ 33.820738] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.821137] kthread+0x19e/0x1e0 [ 33.821435] ret_from_fork+0x41/0x70 [ 33.821684] ret_from_fork_asm+0x1b/0x30 [ 33.822045] [ 33.822160] The buggy address belongs to the object at ffff888100366800 [ 33.822160] which belongs to the cache kmalloc-256 of size 256 [ 33.822878] The buggy address is located 0 bytes inside of [ 33.822878] freed 256-byte region [ffff888100366800, ffff888100366900) [ 33.823713] [ 33.823874] The buggy address belongs to the physical page: [ 33.824198] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.824812] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.825381] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.826467] page_type: 0xffffffff() [ 33.826721] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.827191] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.827663] page dumped because: kasan: bad access detected [ 33.828023] [ 33.828143] Memory state around the buggy address: [ 33.828526] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.828922] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.829313] >ffff888100366800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.829793] ^ [ 33.830075] ffff888100366880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.830920] ffff888100366900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.831294] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
Automatically assigned
[ 33.446217] ================================================================== [ 33.447150] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x146/0x660 [ 33.448127] Write of size 1 at addr ffff8881003666c9 by task kunit_try_catch/152 [ 33.449392] [ 33.449556] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.450121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.450634] Call Trace: [ 33.450826] <TASK> [ 33.450992] dump_stack_lvl+0x4e/0x90 [ 33.451289] print_report+0xd2/0x650 [ 33.451539] ? __virt_addr_valid+0x156/0x1e0 [ 33.451843] ? krealloc_less_oob_helper+0x146/0x660 [ 33.452157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.452487] ? krealloc_less_oob_helper+0x146/0x660 [ 33.452788] kasan_report+0x147/0x180 [ 33.453077] ? krealloc_less_oob_helper+0x146/0x660 [ 33.453413] __asan_store1+0x69/0x70 [ 33.453628] krealloc_less_oob_helper+0x146/0x660 [ 33.454027] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.454395] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.454687] ? __schedule+0x715/0x11a0 [ 33.454971] ? ktime_get_ts64+0x118/0x140 [ 33.455259] krealloc_less_oob+0x1c/0x30 [ 33.455580] kunit_try_run_case+0x120/0x290 [ 33.456030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.456308] ? __kasan_check_write+0x18/0x20 [ 33.456614] ? trace_preempt_on+0x20/0xa0 [ 33.456851] ? __kthread_parkme+0x4f/0xd0 [ 33.457132] ? preempt_count_sub+0x50/0x80 [ 33.457418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.457914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.458306] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.458640] kthread+0x19e/0x1e0 [ 33.458918] ? __pfx_kthread+0x10/0x10 [ 33.459369] ret_from_fork+0x41/0x70 [ 33.459606] ? __pfx_kthread+0x10/0x10 [ 33.459846] ret_from_fork_asm+0x1b/0x30 [ 33.460163] </TASK> [ 33.460333] [ 33.460436] Allocated by task 152: [ 33.460646] kasan_save_stack+0x44/0x70 [ 33.460953] kasan_set_track+0x29/0x40 [ 33.461186] kasan_save_alloc_info+0x22/0x30 [ 33.461474] __kasan_krealloc+0x12f/0x180 [ 33.461769] krealloc+0xc1/0x140 [ 33.461961] krealloc_less_oob_helper+0xe5/0x660 [ 33.462264] krealloc_less_oob+0x1c/0x30 [ 33.462528] kunit_try_run_case+0x120/0x290 [ 33.462773] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.463140] kthread+0x19e/0x1e0 [ 33.463379] ret_from_fork+0x41/0x70 [ 33.463594] ret_from_fork_asm+0x1b/0x30 [ 33.463889] [ 33.464024] The buggy address belongs to the object at ffff888100366600 [ 33.464024] which belongs to the cache kmalloc-256 of size 256 [ 33.464662] The buggy address is located 0 bytes to the right of [ 33.464662] allocated 201-byte region [ffff888100366600, ffff8881003666c9) [ 33.465334] [ 33.465441] The buggy address belongs to the physical page: [ 33.465816] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.466294] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.466808] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.467188] page_type: 0xffffffff() [ 33.467472] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.467909] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.468275] page dumped because: kasan: bad access detected [ 33.468569] [ 33.468692] Memory state around the buggy address: [ 33.469000] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.469340] ffff888100366600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.469757] >ffff888100366680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 33.470202] ^ [ 33.470499] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.470953] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.471345] ================================================================== [ 33.555583] ================================================================== [ 33.556507] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x294/0x660 [ 33.557544] Write of size 1 at addr ffff8881003666eb by task kunit_try_catch/152 [ 33.558007] [ 33.558146] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.558720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.559290] Call Trace: [ 33.559576] <TASK> [ 33.560106] dump_stack_lvl+0x4e/0x90 [ 33.560506] print_report+0xd2/0x650 [ 33.560962] ? __virt_addr_valid+0x156/0x1e0 [ 33.561242] ? krealloc_less_oob_helper+0x294/0x660 [ 33.561578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.562099] ? krealloc_less_oob_helper+0x294/0x660 [ 33.562438] kasan_report+0x147/0x180 [ 33.562779] ? krealloc_less_oob_helper+0x294/0x660 [ 33.563158] __asan_store1+0x69/0x70 [ 33.563897] krealloc_less_oob_helper+0x294/0x660 [ 33.564262] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.564645] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.565007] ? __schedule+0x715/0x11a0 [ 33.565313] ? ktime_get_ts64+0x118/0x140 [ 33.565641] krealloc_less_oob+0x1c/0x30 [ 33.565927] kunit_try_run_case+0x120/0x290 [ 33.566270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.566626] ? __kasan_check_write+0x18/0x20 [ 33.566954] ? trace_preempt_on+0x20/0xa0 [ 33.567261] ? __kthread_parkme+0x4f/0xd0 [ 33.568038] ? preempt_count_sub+0x50/0x80 [ 33.568403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.568755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.569180] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.569539] kthread+0x19e/0x1e0 [ 33.569829] ? __pfx_kthread+0x10/0x10 [ 33.570125] ret_from_fork+0x41/0x70 [ 33.570408] ? __pfx_kthread+0x10/0x10 [ 33.570679] ret_from_fork_asm+0x1b/0x30 [ 33.571016] </TASK> [ 33.571190] [ 33.571319] Allocated by task 152: [ 33.572308] kasan_save_stack+0x44/0x70 [ 33.572558] kasan_set_track+0x29/0x40 [ 33.573039] kasan_save_alloc_info+0x22/0x30 [ 33.573478] __kasan_krealloc+0x12f/0x180 [ 33.573774] krealloc+0xc1/0x140 [ 33.573985] krealloc_less_oob_helper+0xe5/0x660 [ 33.574339] krealloc_less_oob+0x1c/0x30 [ 33.574660] kunit_try_run_case+0x120/0x290 [ 33.574936] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.575943] kthread+0x19e/0x1e0 [ 33.576226] ret_from_fork+0x41/0x70 [ 33.576505] ret_from_fork_asm+0x1b/0x30 [ 33.576757] [ 33.576895] The buggy address belongs to the object at ffff888100366600 [ 33.576895] which belongs to the cache kmalloc-256 of size 256 [ 33.577517] The buggy address is located 34 bytes to the right of [ 33.577517] allocated 201-byte region [ffff888100366600, ffff8881003666c9) [ 33.578262] [ 33.578395] The buggy address belongs to the physical page: [ 33.578704] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.579219] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.580122] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.580488] page_type: 0xffffffff() [ 33.580727] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.581195] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.581626] page dumped because: kasan: bad access detected [ 33.581944] [ 33.582082] Memory state around the buggy address: [ 33.582356] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.582744] ffff888100366600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.583177] >ffff888100366680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 33.583991] ^ [ 33.584345] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.584743] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.585225] ================================================================== [ 33.500563] ================================================================== [ 33.501537] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x21a/0x660 [ 33.502337] Write of size 1 at addr ffff8881003666da by task kunit_try_catch/152 [ 33.502838] [ 33.502971] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.503344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.503742] Call Trace: [ 33.504035] <TASK> [ 33.504291] dump_stack_lvl+0x4e/0x90 [ 33.504745] print_report+0xd2/0x650 [ 33.505155] ? __virt_addr_valid+0x156/0x1e0 [ 33.505618] ? krealloc_less_oob_helper+0x21a/0x660 [ 33.506177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.506745] ? krealloc_less_oob_helper+0x21a/0x660 [ 33.507328] kasan_report+0x147/0x180 [ 33.507761] ? krealloc_less_oob_helper+0x21a/0x660 [ 33.508299] __asan_store1+0x69/0x70 [ 33.508706] krealloc_less_oob_helper+0x21a/0x660 [ 33.509248] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.509818] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.510352] ? __schedule+0x715/0x11a0 [ 33.510765] ? ktime_get_ts64+0x118/0x140 [ 33.511250] krealloc_less_oob+0x1c/0x30 [ 33.511684] kunit_try_run_case+0x120/0x290 [ 33.512150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.512401] ? __kasan_check_write+0x18/0x20 [ 33.512626] ? trace_preempt_on+0x20/0xa0 [ 33.512880] ? __kthread_parkme+0x4f/0xd0 [ 33.513288] ? preempt_count_sub+0x50/0x80 [ 33.513585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.513910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.514319] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.514641] kthread+0x19e/0x1e0 [ 33.514906] ? __pfx_kthread+0x10/0x10 [ 33.515287] ret_from_fork+0x41/0x70 [ 33.515582] ? __pfx_kthread+0x10/0x10 [ 33.515979] ret_from_fork_asm+0x1b/0x30 [ 33.516312] </TASK> [ 33.516479] [ 33.516624] Allocated by task 152: [ 33.516915] kasan_save_stack+0x44/0x70 [ 33.517172] kasan_set_track+0x29/0x40 [ 33.517442] kasan_save_alloc_info+0x22/0x30 [ 33.517692] __kasan_krealloc+0x12f/0x180 [ 33.517978] krealloc+0xc1/0x140 [ 33.518246] krealloc_less_oob_helper+0xe5/0x660 [ 33.518557] krealloc_less_oob+0x1c/0x30 [ 33.518814] kunit_try_run_case+0x120/0x290 [ 33.519086] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.519421] kthread+0x19e/0x1e0 [ 33.519611] ret_from_fork+0x41/0x70 [ 33.520008] ret_from_fork_asm+0x1b/0x30 [ 33.520251] [ 33.520407] The buggy address belongs to the object at ffff888100366600 [ 33.520407] which belongs to the cache kmalloc-256 of size 256 [ 33.521088] The buggy address is located 17 bytes to the right of [ 33.521088] allocated 201-byte region [ffff888100366600, ffff8881003666c9) [ 33.521835] [ 33.521950] The buggy address belongs to the physical page: [ 33.522458] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.523028] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.523548] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.523995] page_type: 0xffffffff() [ 33.524272] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.524700] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.525247] page dumped because: kasan: bad access detected [ 33.525553] [ 33.525680] Memory state around the buggy address: [ 33.525985] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.526422] ffff888100366600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.526875] >ffff888100366680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 33.527255] ^ [ 33.527616] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.528090] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.528508] ================================================================== [ 33.647436] ================================================================== [ 33.648133] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x146/0x660 [ 33.648925] Write of size 1 at addr ffff88810222a0c9 by task kunit_try_catch/156 [ 33.649369] [ 33.649673] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.650203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.650654] Call Trace: [ 33.650996] <TASK> [ 33.651217] dump_stack_lvl+0x4e/0x90 [ 33.651990] print_report+0xd2/0x650 [ 33.652279] ? __virt_addr_valid+0x156/0x1e0 [ 33.652692] ? krealloc_less_oob_helper+0x146/0x660 [ 33.653134] ? kasan_addr_to_slab+0x11/0xb0 [ 33.653448] ? krealloc_less_oob_helper+0x146/0x660 [ 33.653930] kasan_report+0x147/0x180 [ 33.654202] ? krealloc_less_oob_helper+0x146/0x660 [ 33.654670] __asan_store1+0x69/0x70 [ 33.654993] krealloc_less_oob_helper+0x146/0x660 [ 33.655325] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.656119] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.656634] ? __schedule+0x715/0x11a0 [ 33.656934] ? ktime_get_ts64+0x118/0x140 [ 33.657285] krealloc_pagealloc_less_oob+0x1c/0x30 [ 33.657705] kunit_try_run_case+0x120/0x290 [ 33.658045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.658491] ? __kasan_check_write+0x18/0x20 [ 33.658870] ? trace_preempt_on+0x20/0xa0 [ 33.659145] ? __kthread_parkme+0x4f/0xd0 [ 33.659460] ? preempt_count_sub+0x50/0x80 [ 33.659937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.660373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.661212] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.661616] kthread+0x19e/0x1e0 [ 33.661919] ? __pfx_kthread+0x10/0x10 [ 33.662165] ret_from_fork+0x41/0x70 [ 33.662412] ? __pfx_kthread+0x10/0x10 [ 33.662678] ret_from_fork_asm+0x1b/0x30 [ 33.663341] </TASK> [ 33.663481] [ 33.663752] The buggy address belongs to the physical page: [ 33.664075] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102228 [ 33.664648] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.665485] flags: 0x200000000000040(head|node=0|zone=2) [ 33.665809] page_type: 0xffffffff() [ 33.666056] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.666425] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.667085] page dumped because: kasan: bad access detected [ 33.667383] [ 33.667595] Memory state around the buggy address: [ 33.667924] ffff888102229f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.668309] ffff88810222a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.669093] >ffff88810222a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.669522] ^ [ 33.670036] ffff88810222a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.670588] ffff88810222a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.671008] ================================================================== [ 33.740070] ================================================================== [ 33.740603] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x294/0x660 [ 33.741068] Write of size 1 at addr ffff88810222a0eb by task kunit_try_catch/156 [ 33.741543] [ 33.742152] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.742894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.743380] Call Trace: [ 33.743619] <TASK> [ 33.743822] dump_stack_lvl+0x4e/0x90 [ 33.744126] print_report+0xd2/0x650 [ 33.744370] ? __virt_addr_valid+0x156/0x1e0 [ 33.744710] ? krealloc_less_oob_helper+0x294/0x660 [ 33.745042] ? kasan_addr_to_slab+0x11/0xb0 [ 33.745341] ? krealloc_less_oob_helper+0x294/0x660 [ 33.745645] kasan_report+0x147/0x180 [ 33.746479] ? krealloc_less_oob_helper+0x294/0x660 [ 33.746893] __asan_store1+0x69/0x70 [ 33.747146] krealloc_less_oob_helper+0x294/0x660 [ 33.747549] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.747946] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.748275] ? __schedule+0x715/0x11a0 [ 33.748612] ? ktime_get_ts64+0x118/0x140 [ 33.748937] krealloc_pagealloc_less_oob+0x1c/0x30 [ 33.749265] kunit_try_run_case+0x120/0x290 [ 33.749982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.750299] ? __kasan_check_write+0x18/0x20 [ 33.750661] ? trace_preempt_on+0x20/0xa0 [ 33.750979] ? __kthread_parkme+0x4f/0xd0 [ 33.751233] ? preempt_count_sub+0x50/0x80 [ 33.751677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.752029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.752846] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.753216] kthread+0x19e/0x1e0 [ 33.753459] ? __pfx_kthread+0x10/0x10 [ 33.754069] ret_from_fork+0x41/0x70 [ 33.754308] ? __pfx_kthread+0x10/0x10 [ 33.754727] ret_from_fork_asm+0x1b/0x30 [ 33.755055] </TASK> [ 33.755241] [ 33.755443] The buggy address belongs to the physical page: [ 33.755758] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102228 [ 33.756296] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.756885] flags: 0x200000000000040(head|node=0|zone=2) [ 33.757203] page_type: 0xffffffff() [ 33.757417] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.758302] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.758824] page dumped because: kasan: bad access detected [ 33.759139] [ 33.759256] Memory state around the buggy address: [ 33.759616] ffff888102229f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.760037] ffff88810222a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.760423] >ffff88810222a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.760948] ^ [ 33.761361] ffff88810222a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.762260] ffff88810222a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.762792] ================================================================== [ 33.717418] ================================================================== [ 33.718089] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x258/0x660 [ 33.718675] Write of size 1 at addr ffff88810222a0ea by task kunit_try_catch/156 [ 33.719140] [ 33.719259] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.720176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.720658] Call Trace: [ 33.720886] <TASK> [ 33.721065] dump_stack_lvl+0x4e/0x90 [ 33.721353] print_report+0xd2/0x650 [ 33.721630] ? __virt_addr_valid+0x156/0x1e0 [ 33.722239] ? krealloc_less_oob_helper+0x258/0x660 [ 33.722721] ? kasan_addr_to_slab+0x11/0xb0 [ 33.723073] ? krealloc_less_oob_helper+0x258/0x660 [ 33.723388] kasan_report+0x147/0x180 [ 33.723746] ? krealloc_less_oob_helper+0x258/0x660 [ 33.724112] __asan_store1+0x69/0x70 [ 33.724464] krealloc_less_oob_helper+0x258/0x660 [ 33.724767] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.725152] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.725529] ? __schedule+0x715/0x11a0 [ 33.726164] ? ktime_get_ts64+0x118/0x140 [ 33.726540] krealloc_pagealloc_less_oob+0x1c/0x30 [ 33.726842] kunit_try_run_case+0x120/0x290 [ 33.727181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.727630] ? __kasan_check_write+0x18/0x20 [ 33.727948] ? trace_preempt_on+0x20/0xa0 [ 33.728258] ? __kthread_parkme+0x4f/0xd0 [ 33.728526] ? preempt_count_sub+0x50/0x80 [ 33.728984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.729272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.730030] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.730378] kthread+0x19e/0x1e0 [ 33.730728] ? __pfx_kthread+0x10/0x10 [ 33.731026] ret_from_fork+0x41/0x70 [ 33.731250] ? __pfx_kthread+0x10/0x10 [ 33.731528] ret_from_fork_asm+0x1b/0x30 [ 33.731932] </TASK> [ 33.732089] [ 33.732219] The buggy address belongs to the physical page: [ 33.732619] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102228 [ 33.733236] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.734061] flags: 0x200000000000040(head|node=0|zone=2) [ 33.734422] page_type: 0xffffffff() [ 33.734763] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.735259] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.735731] page dumped because: kasan: bad access detected [ 33.736128] [ 33.736254] Memory state around the buggy address: [ 33.736689] ffff888102229f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.737148] ffff88810222a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.737524] >ffff88810222a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.738228] ^ [ 33.738684] ffff88810222a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.739094] ffff88810222a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.739526] ================================================================== [ 33.472251] ================================================================== [ 33.472702] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a6/0x660 [ 33.473265] Write of size 1 at addr ffff8881003666d0 by task kunit_try_catch/152 [ 33.473913] [ 33.474043] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.474514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.474923] Call Trace: [ 33.475117] <TASK> [ 33.475288] dump_stack_lvl+0x4e/0x90 [ 33.475596] print_report+0xd2/0x650 [ 33.475907] ? __virt_addr_valid+0x156/0x1e0 [ 33.476245] ? krealloc_less_oob_helper+0x1a6/0x660 [ 33.476506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.476858] ? krealloc_less_oob_helper+0x1a6/0x660 [ 33.477245] kasan_report+0x147/0x180 [ 33.477481] ? krealloc_less_oob_helper+0x1a6/0x660 [ 33.477888] __asan_store1+0x69/0x70 [ 33.478099] krealloc_less_oob_helper+0x1a6/0x660 [ 33.479832] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.480243] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.480585] ? __schedule+0x715/0x11a0 [ 33.480920] ? ktime_get_ts64+0x118/0x140 [ 33.481206] krealloc_less_oob+0x1c/0x30 [ 33.481560] kunit_try_run_case+0x120/0x290 [ 33.482370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.482715] ? __kasan_check_write+0x18/0x20 [ 33.483069] ? trace_preempt_on+0x20/0xa0 [ 33.483352] ? __kthread_parkme+0x4f/0xd0 [ 33.483661] ? preempt_count_sub+0x50/0x80 [ 33.483951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.484336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.484706] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.485105] kthread+0x19e/0x1e0 [ 33.485755] ? __pfx_kthread+0x10/0x10 [ 33.486043] ret_from_fork+0x41/0x70 [ 33.486282] ? __pfx_kthread+0x10/0x10 [ 33.486552] ret_from_fork_asm+0x1b/0x30 [ 33.486844] </TASK> [ 33.487002] [ 33.487123] Allocated by task 152: [ 33.487308] kasan_save_stack+0x44/0x70 [ 33.487585] kasan_set_track+0x29/0x40 [ 33.487869] kasan_save_alloc_info+0x22/0x30 [ 33.488191] __kasan_krealloc+0x12f/0x180 [ 33.488447] krealloc+0xc1/0x140 [ 33.488650] krealloc_less_oob_helper+0xe5/0x660 [ 33.489408] krealloc_less_oob+0x1c/0x30 [ 33.489904] kunit_try_run_case+0x120/0x290 [ 33.490175] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.490620] kthread+0x19e/0x1e0 [ 33.490883] ret_from_fork+0x41/0x70 [ 33.491123] ret_from_fork_asm+0x1b/0x30 [ 33.491345] [ 33.491454] The buggy address belongs to the object at ffff888100366600 [ 33.491454] which belongs to the cache kmalloc-256 of size 256 [ 33.492223] The buggy address is located 7 bytes to the right of [ 33.492223] allocated 201-byte region [ffff888100366600, ffff8881003666c9) [ 33.492913] [ 33.493031] The buggy address belongs to the physical page: [ 33.493374] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.493943] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.494366] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.494717] page_type: 0xffffffff() [ 33.494973] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.495403] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.495791] page dumped because: kasan: bad access detected [ 33.496104] [ 33.496230] Memory state around the buggy address: [ 33.496485] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.496895] ffff888100366600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.497351] >ffff888100366680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 33.497737] ^ [ 33.498067] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.498412] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.498898] ================================================================== [ 33.694385] ================================================================== [ 33.694768] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x21a/0x660 [ 33.695228] Write of size 1 at addr ffff88810222a0da by task kunit_try_catch/156 [ 33.695609] [ 33.695967] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.696462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.697326] Call Trace: [ 33.697615] <TASK> [ 33.697814] dump_stack_lvl+0x4e/0x90 [ 33.698093] print_report+0xd2/0x650 [ 33.698436] ? __virt_addr_valid+0x156/0x1e0 [ 33.698763] ? krealloc_less_oob_helper+0x21a/0x660 [ 33.699146] ? kasan_addr_to_slab+0x11/0xb0 [ 33.699527] ? krealloc_less_oob_helper+0x21a/0x660 [ 33.699852] kasan_report+0x147/0x180 [ 33.700411] ? krealloc_less_oob_helper+0x21a/0x660 [ 33.701076] __asan_store1+0x69/0x70 [ 33.701343] krealloc_less_oob_helper+0x21a/0x660 [ 33.701671] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.702152] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.702610] ? __schedule+0x715/0x11a0 [ 33.702897] ? ktime_get_ts64+0x118/0x140 [ 33.703169] krealloc_pagealloc_less_oob+0x1c/0x30 [ 33.703703] kunit_try_run_case+0x120/0x290 [ 33.704023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.704299] ? __kasan_check_write+0x18/0x20 [ 33.704614] ? trace_preempt_on+0x20/0xa0 [ 33.704873] ? __kthread_parkme+0x4f/0xd0 [ 33.705487] ? preempt_count_sub+0x50/0x80 [ 33.705916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.706216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.706622] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.707044] kthread+0x19e/0x1e0 [ 33.707315] ? __pfx_kthread+0x10/0x10 [ 33.707770] ret_from_fork+0x41/0x70 [ 33.708048] ? __pfx_kthread+0x10/0x10 [ 33.708286] ret_from_fork_asm+0x1b/0x30 [ 33.708956] </TASK> [ 33.709150] [ 33.709280] The buggy address belongs to the physical page: [ 33.709680] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102228 [ 33.710302] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.710844] flags: 0x200000000000040(head|node=0|zone=2) [ 33.711176] page_type: 0xffffffff() [ 33.711412] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.712063] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.712803] page dumped because: kasan: bad access detected [ 33.713113] [ 33.713256] Memory state around the buggy address: [ 33.713640] ffff888102229f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.714078] ffff88810222a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.714599] >ffff88810222a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.715029] ^ [ 33.715373] ffff88810222a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.715985] ffff88810222a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.716581] ================================================================== [ 33.529899] ================================================================== [ 33.530318] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x258/0x660 [ 33.530821] Write of size 1 at addr ffff8881003666ea by task kunit_try_catch/152 [ 33.531287] [ 33.531430] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.531989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.532705] Call Trace: [ 33.532928] <TASK> [ 33.533109] dump_stack_lvl+0x4e/0x90 [ 33.533408] print_report+0xd2/0x650 [ 33.533702] ? __virt_addr_valid+0x156/0x1e0 [ 33.534057] ? krealloc_less_oob_helper+0x258/0x660 [ 33.534334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.534751] ? krealloc_less_oob_helper+0x258/0x660 [ 33.535107] kasan_report+0x147/0x180 [ 33.535403] ? krealloc_less_oob_helper+0x258/0x660 [ 33.535797] __asan_store1+0x69/0x70 [ 33.536070] krealloc_less_oob_helper+0x258/0x660 [ 33.536398] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.536768] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.537112] ? __schedule+0x715/0x11a0 [ 33.537407] ? ktime_get_ts64+0x118/0x140 [ 33.537688] krealloc_less_oob+0x1c/0x30 [ 33.537972] kunit_try_run_case+0x120/0x290 [ 33.538308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.538638] ? __kasan_check_write+0x18/0x20 [ 33.539052] ? trace_preempt_on+0x20/0xa0 [ 33.539309] ? __kthread_parkme+0x4f/0xd0 [ 33.539641] ? preempt_count_sub+0x50/0x80 [ 33.539963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.540317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.540706] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.541068] kthread+0x19e/0x1e0 [ 33.541353] ? __pfx_kthread+0x10/0x10 [ 33.541627] ret_from_fork+0x41/0x70 [ 33.541933] ? __pfx_kthread+0x10/0x10 [ 33.542217] ret_from_fork_asm+0x1b/0x30 [ 33.542528] </TASK> [ 33.542664] [ 33.542821] Allocated by task 152: [ 33.543049] kasan_save_stack+0x44/0x70 [ 33.543369] kasan_set_track+0x29/0x40 [ 33.543610] kasan_save_alloc_info+0x22/0x30 [ 33.544019] __kasan_krealloc+0x12f/0x180 [ 33.544310] krealloc+0xc1/0x140 [ 33.544568] krealloc_less_oob_helper+0xe5/0x660 [ 33.544920] krealloc_less_oob+0x1c/0x30 [ 33.545202] kunit_try_run_case+0x120/0x290 [ 33.545483] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.545843] kthread+0x19e/0x1e0 [ 33.546106] ret_from_fork+0x41/0x70 [ 33.546413] ret_from_fork_asm+0x1b/0x30 [ 33.546653] [ 33.546829] The buggy address belongs to the object at ffff888100366600 [ 33.546829] which belongs to the cache kmalloc-256 of size 256 [ 33.547514] The buggy address is located 33 bytes to the right of [ 33.547514] allocated 201-byte region [ffff888100366600, ffff8881003666c9) [ 33.548270] [ 33.548421] The buggy address belongs to the physical page: [ 33.548745] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.549348] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.549824] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.550206] page_type: 0xffffffff() [ 33.550462] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.550936] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.551383] page dumped because: kasan: bad access detected [ 33.551687] [ 33.551808] Memory state around the buggy address: [ 33.552128] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.552583] ffff888100366600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.553041] >ffff888100366680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 33.553466] ^ [ 33.553905] ffff888100366700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.554286] ffff888100366780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.554745] ================================================================== [ 33.672245] ================================================================== [ 33.673027] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a6/0x660 [ 33.673613] Write of size 1 at addr ffff88810222a0d0 by task kunit_try_catch/156 [ 33.674069] [ 33.674185] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.674908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.675512] Call Trace: [ 33.675723] <TASK> [ 33.675890] dump_stack_lvl+0x4e/0x90 [ 33.676158] print_report+0xd2/0x650 [ 33.676741] ? __virt_addr_valid+0x156/0x1e0 [ 33.677173] ? krealloc_less_oob_helper+0x1a6/0x660 [ 33.677591] ? kasan_addr_to_slab+0x11/0xb0 [ 33.677912] ? krealloc_less_oob_helper+0x1a6/0x660 [ 33.678267] kasan_report+0x147/0x180 [ 33.678602] ? krealloc_less_oob_helper+0x1a6/0x660 [ 33.679101] __asan_store1+0x69/0x70 [ 33.679367] krealloc_less_oob_helper+0x1a6/0x660 [ 33.679713] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 33.680081] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.680414] ? __schedule+0x715/0x11a0 [ 33.680661] ? ktime_get_ts64+0x118/0x140 [ 33.681237] krealloc_pagealloc_less_oob+0x1c/0x30 [ 33.681690] kunit_try_run_case+0x120/0x290 [ 33.682015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.682460] ? __kasan_check_write+0x18/0x20 [ 33.682756] ? trace_preempt_on+0x20/0xa0 [ 33.683059] ? __kthread_parkme+0x4f/0xd0 [ 33.683315] ? preempt_count_sub+0x50/0x80 [ 33.683675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.684065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.684409] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.685021] kthread+0x19e/0x1e0 [ 33.685301] ? __pfx_kthread+0x10/0x10 [ 33.685657] ret_from_fork+0x41/0x70 [ 33.685952] ? __pfx_kthread+0x10/0x10 [ 33.686205] ret_from_fork_asm+0x1b/0x30 [ 33.686517] </TASK> [ 33.686724] [ 33.686991] The buggy address belongs to the physical page: [ 33.687335] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102228 [ 33.687904] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.688609] flags: 0x200000000000040(head|node=0|zone=2) [ 33.688983] page_type: 0xffffffff() [ 33.689219] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.689759] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.690170] page dumped because: kasan: bad access detected [ 33.690595] [ 33.690740] Memory state around the buggy address: [ 33.691024] ffff888102229f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.691428] ffff88810222a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.691919] >ffff88810222a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.692294] ^ [ 33.692973] ffff88810222a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.693451] ffff88810222a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.693883] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
Automatically assigned
[ 33.618360] ================================================================== [ 33.619114] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.619748] Write of size 1 at addr ffff8881020720f0 by task kunit_try_catch/154 [ 33.620211] [ 33.620356] CPU: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.620924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.621655] Call Trace: [ 33.621908] <TASK> [ 33.622110] dump_stack_lvl+0x4e/0x90 [ 33.622486] print_report+0xd2/0x650 [ 33.622841] ? __virt_addr_valid+0x156/0x1e0 [ 33.623204] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.624135] ? kasan_addr_to_slab+0x11/0xb0 [ 33.624584] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.624988] kasan_report+0x147/0x180 [ 33.625317] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.625743] __asan_store1+0x69/0x70 [ 33.626162] krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.626577] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 33.627127] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.627566] ? __schedule+0x715/0x11a0 [ 33.627955] ? ktime_get_ts64+0x118/0x140 [ 33.628282] krealloc_pagealloc_more_oob+0x1c/0x30 [ 33.628724] kunit_try_run_case+0x120/0x290 [ 33.629573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.629971] ? __kasan_check_write+0x18/0x20 [ 33.630257] ? trace_preempt_on+0x20/0xa0 [ 33.630638] ? __kthread_parkme+0x4f/0xd0 [ 33.631042] ? preempt_count_sub+0x50/0x80 [ 33.631321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.631750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.632150] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.632634] kthread+0x19e/0x1e0 [ 33.632926] ? __pfx_kthread+0x10/0x10 [ 33.633217] ret_from_fork+0x41/0x70 [ 33.633913] ? __pfx_kthread+0x10/0x10 [ 33.634173] ret_from_fork_asm+0x1b/0x30 [ 33.634452] </TASK> [ 33.634632] [ 33.634804] The buggy address belongs to the physical page: [ 33.635130] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102070 [ 33.635629] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.636132] flags: 0x200000000000040(head|node=0|zone=2) [ 33.636457] page_type: 0xffffffff() [ 33.636685] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.637129] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.637565] page dumped because: kasan: bad access detected [ 33.637988] [ 33.638139] Memory state around the buggy address: [ 33.638531] ffff888102071f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.639065] ffff888102072000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.639545] >ffff888102072080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 33.640005] ^ [ 33.640351] ffff888102072100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.640850] ffff888102072180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.641244] ================================================================== [ 33.414453] ================================================================== [ 33.414934] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.415528] Write of size 1 at addr ffff8881003664f0 by task kunit_try_catch/150 [ 33.416004] [ 33.416122] CPU: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.416837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.417587] Call Trace: [ 33.417763] <TASK> [ 33.418073] dump_stack_lvl+0x4e/0x90 [ 33.418344] print_report+0xd2/0x650 [ 33.418595] ? __virt_addr_valid+0x156/0x1e0 [ 33.418964] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.419232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.419634] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.420044] kasan_report+0x147/0x180 [ 33.420272] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.420675] __asan_store1+0x69/0x70 [ 33.421099] krealloc_more_oob_helper+0x1bb/0x3b0 [ 33.421435] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 33.421795] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.422080] ? __schedule+0x715/0x11a0 [ 33.422379] ? ktime_get_ts64+0x118/0x140 [ 33.422686] krealloc_more_oob+0x1c/0x30 [ 33.423000] kunit_try_run_case+0x120/0x290 [ 33.423249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.423590] ? __kasan_check_write+0x18/0x20 [ 33.423880] ? trace_preempt_on+0x20/0xa0 [ 33.424173] ? __kthread_parkme+0x4f/0xd0 [ 33.424475] ? preempt_count_sub+0x50/0x80 [ 33.424762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.425088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.425444] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.425775] kthread+0x19e/0x1e0 [ 33.426023] ? __pfx_kthread+0x10/0x10 [ 33.426257] ret_from_fork+0x41/0x70 [ 33.426520] ? __pfx_kthread+0x10/0x10 [ 33.426764] ret_from_fork_asm+0x1b/0x30 [ 33.427172] </TASK> [ 33.427425] [ 33.427535] Allocated by task 150: [ 33.427776] kasan_save_stack+0x44/0x70 [ 33.428031] kasan_set_track+0x29/0x40 [ 33.428282] kasan_save_alloc_info+0x22/0x30 [ 33.428516] __kasan_krealloc+0x12f/0x180 [ 33.428742] krealloc+0xc1/0x140 [ 33.429037] krealloc_more_oob_helper+0xe2/0x3b0 [ 33.429390] krealloc_more_oob+0x1c/0x30 [ 33.429639] kunit_try_run_case+0x120/0x290 [ 33.430022] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.430353] kthread+0x19e/0x1e0 [ 33.430568] ret_from_fork+0x41/0x70 [ 33.430918] ret_from_fork_asm+0x1b/0x30 [ 33.431147] [ 33.431254] The buggy address belongs to the object at ffff888100366400 [ 33.431254] which belongs to the cache kmalloc-256 of size 256 [ 33.432025] The buggy address is located 5 bytes to the right of [ 33.432025] allocated 235-byte region [ffff888100366400, ffff8881003664eb) [ 33.432696] [ 33.432838] The buggy address belongs to the physical page: [ 33.433164] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.433738] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.434198] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.434549] page_type: 0xffffffff() [ 33.434807] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.435239] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.435671] page dumped because: kasan: bad access detected [ 33.435951] [ 33.436075] Memory state around the buggy address: [ 33.436379] ffff888100366380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.436741] ffff888100366400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.437137] >ffff888100366480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 33.437564] ^ [ 33.438000] ffff888100366500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.438362] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.438761] ================================================================== [ 33.389319] ================================================================== [ 33.390317] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x179/0x3b0 [ 33.390762] Write of size 1 at addr ffff8881003664eb by task kunit_try_catch/150 [ 33.391244] [ 33.391394] CPU: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.391840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.392463] Call Trace: [ 33.392623] <TASK> [ 33.392809] dump_stack_lvl+0x4e/0x90 [ 33.393064] print_report+0xd2/0x650 [ 33.393342] ? __virt_addr_valid+0x156/0x1e0 [ 33.393628] ? krealloc_more_oob_helper+0x179/0x3b0 [ 33.393943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.394298] ? krealloc_more_oob_helper+0x179/0x3b0 [ 33.394612] kasan_report+0x147/0x180 [ 33.394925] ? krealloc_more_oob_helper+0x179/0x3b0 [ 33.395257] __asan_store1+0x69/0x70 [ 33.395517] krealloc_more_oob_helper+0x179/0x3b0 [ 33.395815] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 33.396215] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.396562] ? __schedule+0x715/0x11a0 [ 33.396784] ? ktime_get_ts64+0x118/0x140 [ 33.397099] krealloc_more_oob+0x1c/0x30 [ 33.397607] kunit_try_run_case+0x120/0x290 [ 33.397954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.398287] ? __kasan_check_write+0x18/0x20 [ 33.398562] ? trace_preempt_on+0x20/0xa0 [ 33.398936] ? __kthread_parkme+0x4f/0xd0 [ 33.399181] ? preempt_count_sub+0x50/0x80 [ 33.399494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.399768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.400205] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.400530] kthread+0x19e/0x1e0 [ 33.400765] ? __pfx_kthread+0x10/0x10 [ 33.401066] ret_from_fork+0x41/0x70 [ 33.401294] ? __pfx_kthread+0x10/0x10 [ 33.401571] ret_from_fork_asm+0x1b/0x30 [ 33.401825] </TASK> [ 33.402019] [ 33.402147] Allocated by task 150: [ 33.402328] kasan_save_stack+0x44/0x70 [ 33.402626] kasan_set_track+0x29/0x40 [ 33.402872] kasan_save_alloc_info+0x22/0x30 [ 33.403189] __kasan_krealloc+0x12f/0x180 [ 33.403488] krealloc+0xc1/0x140 [ 33.403732] krealloc_more_oob_helper+0xe2/0x3b0 [ 33.404039] krealloc_more_oob+0x1c/0x30 [ 33.404317] kunit_try_run_case+0x120/0x290 [ 33.404588] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.405017] kthread+0x19e/0x1e0 [ 33.405271] ret_from_fork+0x41/0x70 [ 33.405504] ret_from_fork_asm+0x1b/0x30 [ 33.405799] [ 33.405941] The buggy address belongs to the object at ffff888100366400 [ 33.405941] which belongs to the cache kmalloc-256 of size 256 [ 33.406563] The buggy address is located 0 bytes to the right of [ 33.406563] allocated 235-byte region [ffff888100366400, ffff8881003664eb) [ 33.407343] [ 33.407449] The buggy address belongs to the physical page: [ 33.407856] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100366 [ 33.408351] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.408845] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.409220] page_type: 0xffffffff() [ 33.409477] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 33.409937] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.410384] page dumped because: kasan: bad access detected [ 33.410665] [ 33.410856] Memory state around the buggy address: [ 33.411122] ffff888100366380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.411559] ffff888100366400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.411987] >ffff888100366480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 33.412415] ^ [ 33.412796] ffff888100366500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.413200] ffff888100366580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.413606] ================================================================== [ 33.590285] ================================================================== [ 33.591549] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x179/0x3b0 [ 33.592355] Write of size 1 at addr ffff8881020720eb by task kunit_try_catch/154 [ 33.593459] [ 33.593612] CPU: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.594259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.594823] Call Trace: [ 33.595009] <TASK> [ 33.595157] dump_stack_lvl+0x4e/0x90 [ 33.595831] print_report+0xd2/0x650 [ 33.596144] ? __virt_addr_valid+0x156/0x1e0 [ 33.596653] ? krealloc_more_oob_helper+0x179/0x3b0 [ 33.597102] ? kasan_addr_to_slab+0x11/0xb0 [ 33.597514] ? krealloc_more_oob_helper+0x179/0x3b0 [ 33.598031] kasan_report+0x147/0x180 [ 33.598441] ? krealloc_more_oob_helper+0x179/0x3b0 [ 33.598929] __asan_store1+0x69/0x70 [ 33.599322] krealloc_more_oob_helper+0x179/0x3b0 [ 33.599709] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 33.600050] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 33.600947] ? __schedule+0x715/0x11a0 [ 33.601221] ? ktime_get_ts64+0x118/0x140 [ 33.601609] krealloc_pagealloc_more_oob+0x1c/0x30 [ 33.602133] kunit_try_run_case+0x120/0x290 [ 33.602670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.603133] ? __kasan_check_write+0x18/0x20 [ 33.603556] ? trace_preempt_on+0x20/0xa0 [ 33.603983] ? __kthread_parkme+0x4f/0xd0 [ 33.604368] ? preempt_count_sub+0x50/0x80 [ 33.604741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.605103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.605741] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.606301] kthread+0x19e/0x1e0 [ 33.606728] ? __pfx_kthread+0x10/0x10 [ 33.607097] ret_from_fork+0x41/0x70 [ 33.607370] ? __pfx_kthread+0x10/0x10 [ 33.607807] ret_from_fork_asm+0x1b/0x30 [ 33.608249] </TASK> [ 33.608509] [ 33.608631] The buggy address belongs to the physical page: [ 33.609191] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102070 [ 33.609787] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.610248] flags: 0x200000000000040(head|node=0|zone=2) [ 33.610917] page_type: 0xffffffff() [ 33.611370] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.612007] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.612550] page dumped because: kasan: bad access detected [ 33.613082] [ 33.613302] Memory state around the buggy address: [ 33.613647] ffff888102071f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.614203] ffff888102072000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.614831] >ffff888102072080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 33.615476] ^ [ 33.615909] ffff888102072100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.616422] ffff888102072180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.617047] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
Automatically assigned
[ 38.233080] ================================================================== [ 38.233645] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x1d0 [ 38.233645] [ 38.234502] Invalid free of 0x(____ptrval____) (in kfence-#98): [ 38.234899] test_invalid_addr_free+0xec/0x1d0 [ 38.235212] kunit_try_run_case+0x120/0x290 [ 38.235474] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.235772] kthread+0x19e/0x1e0 [ 38.235978] ret_from_fork+0x41/0x70 [ 38.236201] ret_from_fork_asm+0x1b/0x30 [ 38.236513] [ 38.236748] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.236748] [ 38.237410] allocated by task 265 on cpu 1 at 38.232885s: [ 38.238245] test_alloc+0x1f9/0x8e0 [ 38.238521] test_invalid_addr_free+0xd0/0x1d0 [ 38.239070] kunit_try_run_case+0x120/0x290 [ 38.239464] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.239936] kthread+0x19e/0x1e0 [ 38.240182] ret_from_fork+0x41/0x70 [ 38.240562] ret_from_fork_asm+0x1b/0x30 [ 38.240971] [ 38.241145] CPU: 1 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.241806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.242411] ================================================================== [ 38.129133] ================================================================== [ 38.129689] BUG: KFENCE: invalid free in test_invalid_addr_free+0x157/0x1d0 [ 38.129689] [ 38.130231] Invalid free of 0x(____ptrval____) (in kfence-#97): [ 38.130551] test_invalid_addr_free+0x157/0x1d0 [ 38.130898] kunit_try_run_case+0x120/0x290 [ 38.131212] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.131492] kthread+0x19e/0x1e0 [ 38.131757] ret_from_fork+0x41/0x70 [ 38.132026] ret_from_fork_asm+0x1b/0x30 [ 38.132273] [ 38.132380] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 38.132380] [ 38.132971] allocated by task 263 on cpu 0 at 38.128907s: [ 38.133311] test_alloc+0x2ad/0x8e0 [ 38.133571] test_invalid_addr_free+0xd0/0x1d0 [ 38.133924] kunit_try_run_case+0x120/0x290 [ 38.134167] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.134522] kthread+0x19e/0x1e0 [ 38.134770] ret_from_fork+0x41/0x70 [ 38.135006] ret_from_fork_asm+0x1b/0x30 [ 38.135264] [ 38.135410] CPU: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.135902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.136380] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
Automatically assigned
[ 67.353480] ================================================================== [ 67.354034] BUG: KFENCE: use-after-free read in test_krealloc+0x2e9/0x530 [ 67.354034] [ 67.354558] Use-after-free read at 0x(____ptrval____) (in kfence-#147): [ 67.355138] test_krealloc+0x2e9/0x530 [ 67.355447] kunit_try_run_case+0x120/0x290 [ 67.355773] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 67.356116] kthread+0x19e/0x1e0 [ 67.356366] ret_from_fork+0x41/0x70 [ 67.356598] ret_from_fork_asm+0x1b/0x30 [ 67.356874] [ 67.356984] kfence-#147: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 67.356984] [ 67.357504] allocated by task 293 on cpu 0 at 67.352899s: [ 67.357877] test_alloc+0x2ad/0x8e0 [ 67.358102] test_krealloc+0xb1/0x530 [ 67.358306] kunit_try_run_case+0x120/0x290 [ 67.358604] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 67.359004] kthread+0x19e/0x1e0 [ 67.359210] ret_from_fork+0x41/0x70 [ 67.359484] ret_from_fork_asm+0x1b/0x30 [ 67.359706] [ 67.359829] freed by task 293 on cpu 0 at 67.353130s: [ 67.360295] krealloc+0x83/0x140 [ 67.360561] test_krealloc+0x137/0x530 [ 67.360849] kunit_try_run_case+0x120/0x290 [ 67.361111] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 67.361442] kthread+0x19e/0x1e0 [ 67.361673] ret_from_fork+0x41/0x70 [ 67.361922] ret_from_fork_asm+0x1b/0x30 [ 67.362180] [ 67.362324] CPU: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 67.362792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.363217] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
Automatically assigned
[ 67.254762] ================================================================== [ 67.255335] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x14f/0x370 [ 67.255335] [ 67.256276] Use-after-free read at 0x(____ptrval____) (in kfence-#146): [ 67.256657] test_memcache_typesafe_by_rcu+0x14f/0x370 [ 67.257020] kunit_try_run_case+0x120/0x290 [ 67.257301] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 67.257640] kthread+0x19e/0x1e0 [ 67.257953] ret_from_fork+0x41/0x70 [ 67.258415] ret_from_fork_asm+0x1b/0x30 [ 67.258694] [ 67.259292] kfence-#146: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 67.259292] [ 67.259756] allocated by task 291 on cpu 0 at 67.248908s: [ 67.260303] test_alloc+0x1f9/0x8e0 [ 67.260560] test_memcache_typesafe_by_rcu+0xec/0x370 [ 67.260905] kunit_try_run_case+0x120/0x290 [ 67.261290] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 67.261612] kthread+0x19e/0x1e0 [ 67.261987] ret_from_fork+0x41/0x70 [ 67.262235] ret_from_fork_asm+0x1b/0x30 [ 67.262517] [ 67.262634] freed by task 0 on cpu 0 at 67.254522s: [ 67.263202] rcu_guarded_free+0x2e/0x40 [ 67.263499] rcu_core+0x4be/0x1020 [ 67.263762] rcu_core_si+0x12/0x20 [ 67.264012] handle_softirqs+0x195/0x520 [ 67.264258] irq_exit_rcu+0x92/0xb0 [ 67.264486] sysvec_apic_timer_interrupt+0x80/0xa0 [ 67.264770] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 67.265084] pv_native_safe_halt+0xf/0x20 [ 67.265342] arch_cpu_idle+0xd/0x20 [ 67.265597] default_idle_call+0x42/0x70 [ 67.265813] do_idle+0x2ba/0x310 [ 67.266101] cpu_startup_entry+0x3c/0x40 [ 67.266336] rest_init+0xe9/0xf0 [ 67.266575] arch_call_rest_init+0x17/0x50 [ 67.266819] start_kernel+0x2e9/0x3c0 [ 67.267109] x86_64_start_reservations+0x1c/0x30 [ 67.267379] x86_64_start_kernel+0xcf/0xe0 [ 67.267662] secondary_startup_64_no_verify+0x178/0x17b [ 67.268013] [ 67.268166] CPU: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 67.268611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.269298] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
Automatically assigned
[ 43.027731] ================================================================== [ 43.028440] BUG: KFENCE: invalid read in test_invalid_access+0xba/0x150 [ 43.028440] [ 43.029570] Invalid read at 0x(____ptrval____): [ 43.030014] test_invalid_access+0xba/0x150 [ 43.030960] kunit_try_run_case+0x120/0x290 [ 43.031267] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 43.031619] kthread+0x19e/0x1e0 [ 43.032038] ret_from_fork+0x41/0x70 [ 43.032307] ret_from_fork_asm+0x1b/0x30 [ 43.032757] [ 43.032940] CPU: 1 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 43.033576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 43.034193] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
Automatically assigned
[ 42.809289] ================================================================== [ 42.809793] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x158/0x1f0 [ 42.809793] [ 42.810254] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . ] (in kfence-#142): [ 42.810917] test_kmalloc_aligned_oob_write+0x158/0x1f0 [ 42.811498] kunit_try_run_case+0x120/0x290 [ 42.811990] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 42.812581] kthread+0x19e/0x1e0 [ 42.813004] ret_from_fork+0x41/0x70 [ 42.813226] ret_from_fork_asm+0x1b/0x30 [ 42.813514] [ 42.813649] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 42.813649] [ 42.814203] allocated by task 281 on cpu 0 at 42.808946s: [ 42.814561] test_alloc+0x2ad/0x8e0 [ 42.814935] test_kmalloc_aligned_oob_write+0xc0/0x1f0 [ 42.815250] kunit_try_run_case+0x120/0x290 [ 42.815565] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 42.815935] kthread+0x19e/0x1e0 [ 42.816140] ret_from_fork+0x41/0x70 [ 42.816416] ret_from_fork_asm+0x1b/0x30 [ 42.816672] [ 42.816788] freed by task 281 on cpu 0 at 42.809076s: [ 42.817158] test_kmalloc_aligned_oob_write+0x158/0x1f0 [ 42.817529] kunit_try_run_case+0x120/0x290 [ 42.817830] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 42.818216] kthread+0x19e/0x1e0 [ 42.818439] ret_from_fork+0x41/0x70 [ 42.818715] ret_from_fork_asm+0x1b/0x30 [ 42.819080] [ 42.819208] CPU: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 42.819683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 42.820176] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
Automatically assigned
[ 42.393046] ================================================================== [ 42.393602] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x12a/0x250 [ 42.393602] [ 42.394382] Out-of-bounds read at 0x(____ptrval____) (81B right of kfence-#138): [ 42.395209] test_kmalloc_aligned_oob_read+0x12a/0x250 [ 42.395791] kunit_try_run_case+0x120/0x290 [ 42.396197] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 42.396504] kthread+0x19e/0x1e0 [ 42.396708] ret_from_fork+0x41/0x70 [ 42.397180] ret_from_fork_asm+0x1b/0x30 [ 42.397532] [ 42.397746] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 42.397746] [ 42.398369] allocated by task 279 on cpu 1 at 42.392881s: [ 42.398758] test_alloc+0x2ad/0x8e0 [ 42.399018] test_kmalloc_aligned_oob_read+0xda/0x250 [ 42.399346] kunit_try_run_case+0x120/0x290 [ 42.399611] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 42.400279] kthread+0x19e/0x1e0 [ 42.400622] ret_from_fork+0x41/0x70 [ 42.400974] ret_from_fork_asm+0x1b/0x30 [ 42.401322] [ 42.401537] CPU: 1 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 42.402115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 42.402711] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
Automatically assigned
[ 35.330982] ================================================================== [ 35.332258] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xe4/0x260 [ 35.332659] Free of addr ffff888102871001 by task kunit_try_catch/212 [ 35.333326] [ 35.333532] CPU: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.334525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.335316] Call Trace: [ 35.335543] <TASK> [ 35.335820] dump_stack_lvl+0x4e/0x90 [ 35.336328] print_report+0xd2/0x650 [ 35.336774] ? __virt_addr_valid+0x156/0x1e0 [ 35.337188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.337575] ? kmem_cache_invalid_free+0xe4/0x260 [ 35.338013] kasan_report_invalid_free+0xfd/0x120 [ 35.338612] ? kmem_cache_invalid_free+0xe4/0x260 [ 35.339366] ? kmem_cache_invalid_free+0xe4/0x260 [ 35.339968] ____kasan_slab_free+0x1c0/0x1d0 [ 35.340324] ? kmem_cache_invalid_free+0xe4/0x260 [ 35.340571] __kasan_slab_free+0x16/0x20 [ 35.340881] kmem_cache_free+0x1a7/0x4b0 [ 35.341351] kmem_cache_invalid_free+0xe4/0x260 [ 35.341897] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 35.342531] ? __schedule+0x715/0x11a0 [ 35.343066] ? ktime_get_ts64+0x118/0x140 [ 35.343675] kunit_try_run_case+0x120/0x290 [ 35.344247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.344842] ? __kasan_check_write+0x18/0x20 [ 35.345130] ? trace_preempt_on+0x20/0xa0 [ 35.345348] ? __kthread_parkme+0x4f/0xd0 [ 35.345564] ? preempt_count_sub+0x50/0x80 [ 35.345905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.346440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.347202] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.347968] kthread+0x19e/0x1e0 [ 35.348410] ? __pfx_kthread+0x10/0x10 [ 35.348890] ret_from_fork+0x41/0x70 [ 35.349358] ? __pfx_kthread+0x10/0x10 [ 35.349817] ret_from_fork_asm+0x1b/0x30 [ 35.350300] </TASK> [ 35.350570] [ 35.350785] Allocated by task 212: [ 35.351177] kasan_save_stack+0x44/0x70 [ 35.351641] kasan_set_track+0x29/0x40 [ 35.351852] kasan_save_alloc_info+0x22/0x30 [ 35.352121] __kasan_slab_alloc+0x91/0xa0 [ 35.352393] kmem_cache_alloc+0x186/0x3b0 [ 35.352876] kmem_cache_invalid_free+0xbd/0x260 [ 35.353399] kunit_try_run_case+0x120/0x290 [ 35.353627] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.354197] kthread+0x19e/0x1e0 [ 35.354610] ret_from_fork+0x41/0x70 [ 35.355041] ret_from_fork_asm+0x1b/0x30 [ 35.355535] [ 35.355733] The buggy address belongs to the object at ffff888102871000 [ 35.355733] which belongs to the cache test_cache of size 200 [ 35.357270] The buggy address is located 1 bytes inside of [ 35.357270] 200-byte region [ffff888102871000, ffff8881028710c8) [ 35.357766] [ 35.357965] The buggy address belongs to the physical page: [ 35.358520] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102871 [ 35.359501] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.360204] page_type: 0xffffffff() [ 35.360597] raw: 0200000000000800 ffff8881017ab640 dead000000000122 0000000000000000 [ 35.361454] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 35.362208] page dumped because: kasan: bad access detected [ 35.362451] [ 35.362549] Memory state around the buggy address: [ 35.362812] ffff888102870f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.363562] ffff888102870f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.364299] >ffff888102871000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.365271] ^ [ 35.365654] ffff888102871080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 35.366668] ffff888102871100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.367400] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
Automatically assigned
[ 35.270064] ================================================================== [ 35.271924] BUG: KASAN: double-free in kmem_cache_double_free+0xeb/0x250 [ 35.272371] Free of addr ffff88810286f000 by task kunit_try_catch/210 [ 35.273133] [ 35.273351] CPU: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.274220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.275222] Call Trace: [ 35.275624] <TASK> [ 35.275957] dump_stack_lvl+0x4e/0x90 [ 35.276511] print_report+0xd2/0x650 [ 35.277007] ? __virt_addr_valid+0x156/0x1e0 [ 35.277714] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.278219] ? kmem_cache_double_free+0xeb/0x250 [ 35.278757] kasan_report_invalid_free+0xfd/0x120 [ 35.279310] ? kmem_cache_double_free+0xeb/0x250 [ 35.279923] ? kmem_cache_double_free+0xeb/0x250 [ 35.280179] ____kasan_slab_free+0x19c/0x1d0 [ 35.280566] ? kmem_cache_double_free+0xeb/0x250 [ 35.281160] __kasan_slab_free+0x16/0x20 [ 35.281942] kmem_cache_free+0x1a7/0x4b0 [ 35.282483] kmem_cache_double_free+0xeb/0x250 [ 35.283006] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 35.283652] ? __schedule+0x715/0x11a0 [ 35.283978] ? ktime_get_ts64+0x118/0x140 [ 35.284226] kunit_try_run_case+0x120/0x290 [ 35.284700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.285233] ? __kasan_check_write+0x18/0x20 [ 35.286057] ? trace_preempt_on+0x20/0xa0 [ 35.286609] ? __kthread_parkme+0x4f/0xd0 [ 35.287108] ? preempt_count_sub+0x50/0x80 [ 35.287652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.288193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.288643] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.288950] kthread+0x19e/0x1e0 [ 35.289167] ? __pfx_kthread+0x10/0x10 [ 35.289779] ret_from_fork+0x41/0x70 [ 35.290263] ? __pfx_kthread+0x10/0x10 [ 35.290824] ret_from_fork_asm+0x1b/0x30 [ 35.291320] </TASK> [ 35.291674] [ 35.291920] Allocated by task 210: [ 35.292293] kasan_save_stack+0x44/0x70 [ 35.292828] kasan_set_track+0x29/0x40 [ 35.293274] kasan_save_alloc_info+0x22/0x30 [ 35.294167] __kasan_slab_alloc+0x91/0xa0 [ 35.294811] kmem_cache_alloc+0x186/0x3b0 [ 35.295292] kmem_cache_double_free+0xba/0x250 [ 35.295735] kunit_try_run_case+0x120/0x290 [ 35.295993] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.296264] kthread+0x19e/0x1e0 [ 35.296695] ret_from_fork+0x41/0x70 [ 35.297124] ret_from_fork_asm+0x1b/0x30 [ 35.297928] [ 35.298136] Freed by task 210: [ 35.298551] kasan_save_stack+0x44/0x70 [ 35.299074] kasan_set_track+0x29/0x40 [ 35.299590] kasan_save_free_info+0x2f/0x50 [ 35.300164] ____kasan_slab_free+0x172/0x1d0 [ 35.300548] __kasan_slab_free+0x16/0x20 [ 35.301042] kmem_cache_free+0x1a7/0x4b0 [ 35.301274] kmem_cache_double_free+0xd1/0x250 [ 35.302207] kunit_try_run_case+0x120/0x290 [ 35.302820] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.303288] kthread+0x19e/0x1e0 [ 35.303745] ret_from_fork+0x41/0x70 [ 35.304194] ret_from_fork_asm+0x1b/0x30 [ 35.304551] [ 35.304662] The buggy address belongs to the object at ffff88810286f000 [ 35.304662] which belongs to the cache test_cache of size 200 [ 35.306276] The buggy address is located 0 bytes inside of [ 35.306276] 200-byte region [ffff88810286f000, ffff88810286f0c8) [ 35.307255] [ 35.307381] The buggy address belongs to the physical page: [ 35.308071] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10286f [ 35.309111] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.309876] page_type: 0xffffffff() [ 35.310091] raw: 0200000000000800 ffff8881017ab500 dead000000000122 0000000000000000 [ 35.310610] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 35.311501] page dumped because: kasan: bad access detected [ 35.312103] [ 35.312297] Memory state around the buggy address: [ 35.312940] ffff88810286ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.314070] ffff88810286ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.314879] >ffff88810286f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.315198] ^ [ 35.315384] ffff88810286f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 35.316240] ffff88810286f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.317055] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
Automatically assigned
[ 35.222677] ================================================================== [ 35.223494] BUG: KASAN: slab-use-after-free in ksize_uaf+0x140/0x310 [ 35.224253] Read of size 1 at addr ffff888102897b78 by task kunit_try_catch/208 [ 35.224915] [ 35.225158] CPU: 1 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.225998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.226642] Call Trace: [ 35.226874] <TASK> [ 35.227132] dump_stack_lvl+0x4e/0x90 [ 35.227567] print_report+0xd2/0x650 [ 35.228057] ? __virt_addr_valid+0x156/0x1e0 [ 35.228619] ? ksize_uaf+0x140/0x310 [ 35.228929] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.229218] ? ksize_uaf+0x140/0x310 [ 35.229416] kasan_report+0x147/0x180 [ 35.229632] ? ksize_uaf+0x140/0x310 [ 35.229880] __asan_load1+0x66/0x70 [ 35.230303] ksize_uaf+0x140/0x310 [ 35.230787] ? __pfx_ksize_uaf+0x10/0x10 [ 35.231091] ? __schedule+0x715/0x11a0 [ 35.231294] ? ktime_get_ts64+0x118/0x140 [ 35.231516] kunit_try_run_case+0x120/0x290 [ 35.231774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.232034] ? __kasan_check_write+0x18/0x20 [ 35.232500] ? trace_preempt_on+0x20/0xa0 [ 35.233063] ? __kthread_parkme+0x4f/0xd0 [ 35.233584] ? preempt_count_sub+0x50/0x80 [ 35.233850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.234101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.234401] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.235055] kthread+0x19e/0x1e0 [ 35.235434] ? __pfx_kthread+0x10/0x10 [ 35.235776] ret_from_fork+0x41/0x70 [ 35.236267] ? __pfx_kthread+0x10/0x10 [ 35.236597] ret_from_fork_asm+0x1b/0x30 [ 35.237006] </TASK> [ 35.237259] [ 35.237522] Allocated by task 208: [ 35.237918] kasan_save_stack+0x44/0x70 [ 35.238417] kasan_set_track+0x29/0x40 [ 35.238710] kasan_save_alloc_info+0x22/0x30 [ 35.238957] __kasan_kmalloc+0xb7/0xc0 [ 35.239154] kmalloc_trace+0x4c/0xb0 [ 35.239356] ksize_uaf+0x9d/0x310 [ 35.240128] kunit_try_run_case+0x120/0x290 [ 35.240722] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.241319] kthread+0x19e/0x1e0 [ 35.241783] ret_from_fork+0x41/0x70 [ 35.242206] ret_from_fork_asm+0x1b/0x30 [ 35.242720] [ 35.242988] Freed by task 208: [ 35.243322] kasan_save_stack+0x44/0x70 [ 35.243904] kasan_set_track+0x29/0x40 [ 35.244330] kasan_save_free_info+0x2f/0x50 [ 35.245319] ____kasan_slab_free+0x172/0x1d0 [ 35.245886] __kasan_slab_free+0x16/0x20 [ 35.246097] __kmem_cache_free+0x190/0x310 [ 35.246304] kfree+0x7c/0x120 [ 35.246721] ksize_uaf+0xbd/0x310 [ 35.247120] kunit_try_run_case+0x120/0x290 [ 35.247641] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.248230] kthread+0x19e/0x1e0 [ 35.248671] ret_from_fork+0x41/0x70 [ 35.249228] ret_from_fork_asm+0x1b/0x30 [ 35.249743] [ 35.250395] The buggy address belongs to the object at ffff888102897b00 [ 35.250395] which belongs to the cache kmalloc-128 of size 128 [ 35.251527] The buggy address is located 120 bytes inside of [ 35.251527] freed 128-byte region [ffff888102897b00, ffff888102897b80) [ 35.252098] [ 35.252212] The buggy address belongs to the physical page: [ 35.252666] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102897 [ 35.253743] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.254311] page_type: 0xffffffff() [ 35.255132] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.256088] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 35.256769] page dumped because: kasan: bad access detected [ 35.257277] [ 35.257465] Memory state around the buggy address: [ 35.258003] ffff888102897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.258657] ffff888102897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.259154] >ffff888102897b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.260069] ^ [ 35.260881] ffff888102897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.261649] ffff888102897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.262231] ================================================================== [ 35.136334] ================================================================== [ 35.137528] BUG: KASAN: slab-use-after-free in ksize_uaf+0xd4/0x310 [ 35.138026] Read of size 1 at addr ffff888102897b00 by task kunit_try_catch/208 [ 35.138528] [ 35.138873] CPU: 1 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.139499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.140113] Call Trace: [ 35.140323] <TASK> [ 35.140653] dump_stack_lvl+0x4e/0x90 [ 35.141417] print_report+0xd2/0x650 [ 35.141721] ? __virt_addr_valid+0x156/0x1e0 [ 35.142034] ? ksize_uaf+0xd4/0x310 [ 35.142266] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.142672] ? ksize_uaf+0xd4/0x310 [ 35.142981] kasan_report+0x147/0x180 [ 35.143292] ? ksize_uaf+0xd4/0x310 [ 35.143790] ? ksize_uaf+0xd4/0x310 [ 35.144202] __kasan_check_byte+0x3d/0x50 [ 35.144574] ksize+0x20/0x60 [ 35.145056] ksize_uaf+0xd4/0x310 [ 35.145783] ? __pfx_ksize_uaf+0x10/0x10 [ 35.146115] ? __schedule+0x715/0x11a0 [ 35.146416] ? ktime_get_ts64+0x118/0x140 [ 35.146882] kunit_try_run_case+0x120/0x290 [ 35.147216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.147711] ? __kasan_check_write+0x18/0x20 [ 35.148069] ? trace_preempt_on+0x20/0xa0 [ 35.148379] ? __kthread_parkme+0x4f/0xd0 [ 35.148844] ? preempt_count_sub+0x50/0x80 [ 35.149190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.149643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.150079] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.150905] kthread+0x19e/0x1e0 [ 35.151175] ? __pfx_kthread+0x10/0x10 [ 35.151558] ret_from_fork+0x41/0x70 [ 35.151784] ? __pfx_kthread+0x10/0x10 [ 35.152234] ret_from_fork_asm+0x1b/0x30 [ 35.152648] </TASK> [ 35.152838] [ 35.152996] Allocated by task 208: [ 35.153257] kasan_save_stack+0x44/0x70 [ 35.153640] kasan_set_track+0x29/0x40 [ 35.154042] kasan_save_alloc_info+0x22/0x30 [ 35.154636] __kasan_kmalloc+0xb7/0xc0 [ 35.155154] kmalloc_trace+0x4c/0xb0 [ 35.155949] ksize_uaf+0x9d/0x310 [ 35.156155] kunit_try_run_case+0x120/0x290 [ 35.156487] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.157120] kthread+0x19e/0x1e0 [ 35.157617] ret_from_fork+0x41/0x70 [ 35.158143] ret_from_fork_asm+0x1b/0x30 [ 35.158694] [ 35.158972] Freed by task 208: [ 35.159345] kasan_save_stack+0x44/0x70 [ 35.159898] kasan_set_track+0x29/0x40 [ 35.160113] kasan_save_free_info+0x2f/0x50 [ 35.160362] ____kasan_slab_free+0x172/0x1d0 [ 35.161244] __kasan_slab_free+0x16/0x20 [ 35.161784] __kmem_cache_free+0x190/0x310 [ 35.162250] kfree+0x7c/0x120 [ 35.162660] ksize_uaf+0xbd/0x310 [ 35.163118] kunit_try_run_case+0x120/0x290 [ 35.163596] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.164101] kthread+0x19e/0x1e0 [ 35.164301] ret_from_fork+0x41/0x70 [ 35.164761] ret_from_fork_asm+0x1b/0x30 [ 35.165234] [ 35.165794] The buggy address belongs to the object at ffff888102897b00 [ 35.165794] which belongs to the cache kmalloc-128 of size 128 [ 35.167239] The buggy address is located 0 bytes inside of [ 35.167239] freed 128-byte region [ffff888102897b00, ffff888102897b80) [ 35.167958] [ 35.168162] The buggy address belongs to the physical page: [ 35.168887] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102897 [ 35.169915] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.170186] page_type: 0xffffffff() [ 35.170799] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.171740] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 35.172496] page dumped because: kasan: bad access detected [ 35.173148] [ 35.173340] Memory state around the buggy address: [ 35.173963] ffff888102897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.174578] ffff888102897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.175145] >ffff888102897b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.175983] ^ [ 35.176350] ffff888102897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.177262] ffff888102897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.178151] ================================================================== [ 35.179341] ================================================================== [ 35.180068] BUG: KASAN: slab-use-after-free in ksize_uaf+0x108/0x310 [ 35.180485] Read of size 1 at addr ffff888102897b00 by task kunit_try_catch/208 [ 35.181269] [ 35.181545] CPU: 1 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.182451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.183175] Call Trace: [ 35.183325] <TASK> [ 35.183660] dump_stack_lvl+0x4e/0x90 [ 35.184175] print_report+0xd2/0x650 [ 35.185035] ? __virt_addr_valid+0x156/0x1e0 [ 35.185546] ? ksize_uaf+0x108/0x310 [ 35.186113] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.186742] ? ksize_uaf+0x108/0x310 [ 35.187029] kasan_report+0x147/0x180 [ 35.187244] ? ksize_uaf+0x108/0x310 [ 35.187661] __asan_load1+0x66/0x70 [ 35.188168] ksize_uaf+0x108/0x310 [ 35.188700] ? __pfx_ksize_uaf+0x10/0x10 [ 35.189169] ? __schedule+0x715/0x11a0 [ 35.190037] ? ktime_get_ts64+0x118/0x140 [ 35.190585] kunit_try_run_case+0x120/0x290 [ 35.191089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.191346] ? __kasan_check_write+0x18/0x20 [ 35.191917] ? trace_preempt_on+0x20/0xa0 [ 35.192432] ? __kthread_parkme+0x4f/0xd0 [ 35.192777] ? preempt_count_sub+0x50/0x80 [ 35.193030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.193288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.194065] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.195105] kthread+0x19e/0x1e0 [ 35.195521] ? __pfx_kthread+0x10/0x10 [ 35.196072] ret_from_fork+0x41/0x70 [ 35.196577] ? __pfx_kthread+0x10/0x10 [ 35.197049] ret_from_fork_asm+0x1b/0x30 [ 35.197613] </TASK> [ 35.197917] [ 35.198110] Allocated by task 208: [ 35.198318] kasan_save_stack+0x44/0x70 [ 35.198840] kasan_set_track+0x29/0x40 [ 35.199284] kasan_save_alloc_info+0x22/0x30 [ 35.199925] __kasan_kmalloc+0xb7/0xc0 [ 35.200137] kmalloc_trace+0x4c/0xb0 [ 35.200328] ksize_uaf+0x9d/0x310 [ 35.200789] kunit_try_run_case+0x120/0x290 [ 35.201297] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.201987] kthread+0x19e/0x1e0 [ 35.202443] ret_from_fork+0x41/0x70 [ 35.202876] ret_from_fork_asm+0x1b/0x30 [ 35.203303] [ 35.203498] Freed by task 208: [ 35.203912] kasan_save_stack+0x44/0x70 [ 35.204328] kasan_set_track+0x29/0x40 [ 35.204983] kasan_save_free_info+0x2f/0x50 [ 35.205229] ____kasan_slab_free+0x172/0x1d0 [ 35.205693] __kasan_slab_free+0x16/0x20 [ 35.206148] __kmem_cache_free+0x190/0x310 [ 35.206644] kfree+0x7c/0x120 [ 35.207076] ksize_uaf+0xbd/0x310 [ 35.207524] kunit_try_run_case+0x120/0x290 [ 35.208084] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.208706] kthread+0x19e/0x1e0 [ 35.208928] ret_from_fork+0x41/0x70 [ 35.209121] ret_from_fork_asm+0x1b/0x30 [ 35.209329] [ 35.210127] The buggy address belongs to the object at ffff888102897b00 [ 35.210127] which belongs to the cache kmalloc-128 of size 128 [ 35.211610] The buggy address is located 0 bytes inside of [ 35.211610] freed 128-byte region [ffff888102897b00, ffff888102897b80) [ 35.212963] [ 35.213220] The buggy address belongs to the physical page: [ 35.213916] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102897 [ 35.214322] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.214980] page_type: 0xffffffff() [ 35.215375] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.216241] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 35.217130] page dumped because: kasan: bad access detected [ 35.217666] [ 35.217887] Memory state around the buggy address: [ 35.218307] ffff888102897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.218943] ffff888102897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.219248] >ffff888102897b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.219608] ^ [ 35.220046] ffff888102897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.220848] ffff888102897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.221680] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
Automatically assigned
[ 37.921272] ================================================================== [ 37.921811] BUG: KFENCE: invalid free in test_double_free+0x16a/0x1d0 [ 37.921811] [ 37.922397] Invalid free of 0x(____ptrval____) (in kfence-#95): [ 37.922744] test_double_free+0x16a/0x1d0 [ 37.923045] kunit_try_run_case+0x120/0x290 [ 37.923542] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.923988] kthread+0x19e/0x1e0 [ 37.924227] ret_from_fork+0x41/0x70 [ 37.924497] ret_from_fork_asm+0x1b/0x30 [ 37.924782] [ 37.924998] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.924998] [ 37.925501] allocated by task 259 on cpu 0 at 37.920896s: [ 37.925826] test_alloc+0x2ad/0x8e0 [ 37.926150] test_double_free+0xd0/0x1d0 [ 37.926441] kunit_try_run_case+0x120/0x290 [ 37.926724] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.927116] kthread+0x19e/0x1e0 [ 37.927347] ret_from_fork+0x41/0x70 [ 37.927585] ret_from_fork_asm+0x1b/0x30 [ 37.927883] [ 37.928013] freed by task 259 on cpu 0 at 37.921004s: [ 37.928391] test_double_free+0x156/0x1d0 [ 37.928674] kunit_try_run_case+0x120/0x290 [ 37.928940] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.929314] kthread+0x19e/0x1e0 [ 37.929535] ret_from_fork+0x41/0x70 [ 37.929781] ret_from_fork_asm+0x1b/0x30 [ 37.930071] [ 37.930189] CPU: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.930646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.931117] ================================================================== [ 38.025226] ================================================================== [ 38.025746] BUG: KFENCE: invalid free in test_double_free+0xff/0x1d0 [ 38.025746] [ 38.026298] Invalid free of 0x(____ptrval____) (in kfence-#96): [ 38.026615] test_double_free+0xff/0x1d0 [ 38.027075] kunit_try_run_case+0x120/0x290 [ 38.027373] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.027732] kthread+0x19e/0x1e0 [ 38.027984] ret_from_fork+0x41/0x70 [ 38.028263] ret_from_fork_asm+0x1b/0x30 [ 38.028562] [ 38.028699] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.028699] [ 38.029174] allocated by task 261 on cpu 0 at 38.024926s: [ 38.029680] test_alloc+0x1f9/0x8e0 [ 38.029956] test_double_free+0xd0/0x1d0 [ 38.030251] kunit_try_run_case+0x120/0x290 [ 38.030505] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.030924] kthread+0x19e/0x1e0 [ 38.031170] ret_from_fork+0x41/0x70 [ 38.031414] ret_from_fork_asm+0x1b/0x30 [ 38.031712] [ 38.031851] freed by task 261 on cpu 0 at 38.025030s: [ 38.032234] test_double_free+0xeb/0x1d0 [ 38.032517] kunit_try_run_case+0x120/0x290 [ 38.032838] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 38.033159] kthread+0x19e/0x1e0 [ 38.033431] ret_from_fork+0x41/0x70 [ 38.033649] ret_from_fork_asm+0x1b/0x30 [ 38.033928] [ 38.034094] CPU: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 38.034560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.035120] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
Automatically assigned
[ 37.817063] ================================================================== [ 37.817668] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xf7/0x1a0 [ 37.817668] [ 37.818402] Use-after-free read at 0x(____ptrval____) (in kfence-#94): [ 37.818774] test_use_after_free_read+0xf7/0x1a0 [ 37.819128] kunit_try_run_case+0x120/0x290 [ 37.819396] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.819792] kthread+0x19e/0x1e0 [ 37.820057] ret_from_fork+0x41/0x70 [ 37.820511] ret_from_fork_asm+0x1b/0x30 [ 37.820783] [ 37.820912] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.820912] [ 37.821475] allocated by task 257 on cpu 0 at 37.816883s: [ 37.821905] test_alloc+0x1f9/0x8e0 [ 37.822156] test_use_after_free_read+0xd0/0x1a0 [ 37.822484] kunit_try_run_case+0x120/0x290 [ 37.822814] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.823188] kthread+0x19e/0x1e0 [ 37.823431] ret_from_fork+0x41/0x70 [ 37.823665] ret_from_fork_asm+0x1b/0x30 [ 37.823971] [ 37.824122] freed by task 257 on cpu 0 at 37.816975s: [ 37.824549] test_use_after_free_read+0xeb/0x1a0 [ 37.824993] kunit_try_run_case+0x120/0x290 [ 37.825283] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.825651] kthread+0x19e/0x1e0 [ 37.826070] ret_from_fork+0x41/0x70 [ 37.826304] ret_from_fork_asm+0x1b/0x30 [ 37.826601] [ 37.826773] CPU: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.827359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.828027] ================================================================== [ 37.713145] ================================================================== [ 37.713824] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xf7/0x1a0 [ 37.713824] [ 37.714397] Use-after-free read at 0x(____ptrval____) (in kfence-#93): [ 37.714854] test_use_after_free_read+0xf7/0x1a0 [ 37.715228] kunit_try_run_case+0x120/0x290 [ 37.715528] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.715848] kthread+0x19e/0x1e0 [ 37.716079] ret_from_fork+0x41/0x70 [ 37.716419] ret_from_fork_asm+0x1b/0x30 [ 37.716696] [ 37.716844] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.716844] [ 37.717339] allocated by task 255 on cpu 0 at 37.712877s: [ 37.717668] test_alloc+0x2ad/0x8e0 [ 37.717932] test_use_after_free_read+0xd0/0x1a0 [ 37.718163] kunit_try_run_case+0x120/0x290 [ 37.718472] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.718854] kthread+0x19e/0x1e0 [ 37.719074] ret_from_fork+0x41/0x70 [ 37.719337] ret_from_fork_asm+0x1b/0x30 [ 37.719612] [ 37.719821] freed by task 255 on cpu 0 at 37.712980s: [ 37.720306] test_use_after_free_read+0x14b/0x1a0 [ 37.720604] kunit_try_run_case+0x120/0x290 [ 37.720936] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.721236] kthread+0x19e/0x1e0 [ 37.721488] ret_from_fork+0x41/0x70 [ 37.721703] ret_from_fork_asm+0x1b/0x30 [ 37.721994] [ 37.722148] CPU: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.722692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.723232] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
Automatically assigned
[ 37.505005] ================================================================== [ 37.505616] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd9/0x1a0 [ 37.505616] [ 37.506239] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#91): [ 37.506628] test_out_of_bounds_write+0xd9/0x1a0 [ 37.507028] kunit_try_run_case+0x120/0x290 [ 37.507362] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.507708] kthread+0x19e/0x1e0 [ 37.507969] ret_from_fork+0x41/0x70 [ 37.508227] ret_from_fork_asm+0x1b/0x30 [ 37.508480] [ 37.508606] kfence-#91: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.508606] [ 37.509184] allocated by task 251 on cpu 1 at 37.504877s: [ 37.509501] test_alloc+0x2ad/0x8e0 [ 37.509793] test_out_of_bounds_write+0xc9/0x1a0 [ 37.510135] kunit_try_run_case+0x120/0x290 [ 37.510442] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.510757] kthread+0x19e/0x1e0 [ 37.510964] ret_from_fork+0x41/0x70 [ 37.511210] ret_from_fork_asm+0x1b/0x30 [ 37.511444] [ 37.511589] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.512084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.512514] ================================================================== [ 37.608995] ================================================================== [ 37.609527] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd9/0x1a0 [ 37.609527] [ 37.610213] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#92): [ 37.610700] test_out_of_bounds_write+0xd9/0x1a0 [ 37.611020] kunit_try_run_case+0x120/0x290 [ 37.611365] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.611774] kthread+0x19e/0x1e0 [ 37.612083] ret_from_fork+0x41/0x70 [ 37.612301] ret_from_fork_asm+0x1b/0x30 [ 37.612603] [ 37.612731] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.612731] [ 37.613273] allocated by task 253 on cpu 1 at 37.608920s: [ 37.613661] test_alloc+0x1f9/0x8e0 [ 37.613944] test_out_of_bounds_write+0xc9/0x1a0 [ 37.614240] kunit_try_run_case+0x120/0x290 [ 37.614504] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.614956] kthread+0x19e/0x1e0 [ 37.615182] ret_from_fork+0x41/0x70 [ 37.615404] ret_from_fork_asm+0x1b/0x30 [ 37.615710] [ 37.615828] CPU: 1 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.616370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.616833] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
Automatically assigned
[ 36.673997] ================================================================== [ 36.674558] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xeb/0x290 [ 36.674558] [ 36.675217] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#83): [ 36.675875] test_out_of_bounds_read+0xeb/0x290 [ 36.676240] kunit_try_run_case+0x120/0x290 [ 36.676542] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.676919] kthread+0x19e/0x1e0 [ 36.677118] ret_from_fork+0x41/0x70 [ 36.677361] ret_from_fork_asm+0x1b/0x30 [ 36.677634] [ 36.677942] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 36.677942] [ 36.678568] allocated by task 247 on cpu 1 at 36.672904s: [ 36.679140] test_alloc+0x2ad/0x8e0 [ 36.679462] test_out_of_bounds_read+0xdb/0x290 [ 36.679747] kunit_try_run_case+0x120/0x290 [ 36.680022] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.680322] kthread+0x19e/0x1e0 [ 36.680607] ret_from_fork+0x41/0x70 [ 36.680876] ret_from_fork_asm+0x1b/0x30 [ 36.681200] [ 36.681365] CPU: 1 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.681828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.682303] ================================================================== [ 37.089018] ================================================================== [ 37.089629] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xeb/0x290 [ 37.089629] [ 37.090357] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#87): [ 37.090841] test_out_of_bounds_read+0xeb/0x290 [ 37.091351] kunit_try_run_case+0x120/0x290 [ 37.091704] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.092100] kthread+0x19e/0x1e0 [ 37.092346] ret_from_fork+0x41/0x70 [ 37.092595] ret_from_fork_asm+0x1b/0x30 [ 37.092848] [ 37.093058] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.093058] [ 37.093490] allocated by task 249 on cpu 0 at 37.088938s: [ 37.093975] test_alloc+0x1f9/0x8e0 [ 37.094272] test_out_of_bounds_read+0xdb/0x290 [ 37.094592] kunit_try_run_case+0x120/0x290 [ 37.094948] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.095216] kthread+0x19e/0x1e0 [ 37.095482] ret_from_fork+0x41/0x70 [ 37.095765] ret_from_fork_asm+0x1b/0x30 [ 37.096233] [ 37.096396] CPU: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.096797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.097357] ================================================================== [ 37.297041] ================================================================== [ 37.297620] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x151/0x290 [ 37.297620] [ 37.298365] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#89): [ 37.298814] test_out_of_bounds_read+0x151/0x290 [ 37.299270] kunit_try_run_case+0x120/0x290 [ 37.299556] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.300066] kthread+0x19e/0x1e0 [ 37.300353] ret_from_fork+0x41/0x70 [ 37.300582] ret_from_fork_asm+0x1b/0x30 [ 37.300999] [ 37.301129] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.301129] [ 37.301616] allocated by task 249 on cpu 0 at 37.296963s: [ 37.302025] test_alloc+0x1f9/0x8e0 [ 37.302302] test_out_of_bounds_read+0x138/0x290 [ 37.302625] kunit_try_run_case+0x120/0x290 [ 37.302964] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 37.303336] kthread+0x19e/0x1e0 [ 37.303567] ret_from_fork+0x41/0x70 [ 37.303850] ret_from_fork_asm+0x1b/0x30 [ 37.304147] [ 37.304314] CPU: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 37.304879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.305346] ================================================================== [ 36.777262] ================================================================== [ 36.777923] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x151/0x290 [ 36.777923] [ 36.778473] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#84): [ 36.779016] test_out_of_bounds_read+0x151/0x290 [ 36.779457] kunit_try_run_case+0x120/0x290 [ 36.780004] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.780317] kthread+0x19e/0x1e0 [ 36.780573] ret_from_fork+0x41/0x70 [ 36.780857] ret_from_fork_asm+0x1b/0x30 [ 36.781118] [ 36.781249] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 36.781249] [ 36.781771] allocated by task 247 on cpu 1 at 36.777049s: [ 36.782251] test_alloc+0x2ad/0x8e0 [ 36.782523] test_out_of_bounds_read+0x138/0x290 [ 36.782814] kunit_try_run_case+0x120/0x290 [ 36.783127] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.783426] kthread+0x19e/0x1e0 [ 36.783665] ret_from_fork+0x41/0x70 [ 36.783934] ret_from_fork_asm+0x1b/0x30 [ 36.784226] [ 36.784363] CPU: 1 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.784779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.785310] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
Automatically assigned
[ 36.374497] ================================================================== [ 36.375236] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x27/0x40 [ 36.375659] Read of size 4 at addr ffff888102796ac0 by task swapper/1/0 [ 36.376532] [ 36.376705] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B N 6.6.94-rc1 #1 [ 36.377121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.377632] Call Trace: [ 36.377901] <IRQ> [ 36.378067] dump_stack_lvl+0x4e/0x90 [ 36.378308] print_report+0xd2/0x650 [ 36.378569] ? __virt_addr_valid+0x156/0x1e0 [ 36.378835] ? rcu_uaf_reclaim+0x27/0x40 [ 36.379288] ? kasan_complete_mode_report_info+0x64/0x200 [ 36.379685] ? rcu_uaf_reclaim+0x27/0x40 [ 36.380076] kasan_report+0x147/0x180 [ 36.380323] ? rcu_uaf_reclaim+0x27/0x40 [ 36.380666] ? __pfx_rcu_uaf_reclaim+0x10/0x10 [ 36.381015] __asan_load4+0x85/0xb0 [ 36.381246] rcu_uaf_reclaim+0x27/0x40 [ 36.381644] rcu_core+0x4be/0x1020 [ 36.381920] ? rcu_core+0x3ef/0x1020 [ 36.382176] ? __pfx_rcu_core+0x10/0x10 [ 36.382622] ? __pfx_read_tsc+0x10/0x10 [ 36.382939] ? ktime_get+0x55/0xc0 [ 36.383200] ? handle_softirqs+0x12c/0x520 [ 36.383581] rcu_core_si+0x12/0x20 [ 36.383806] handle_softirqs+0x195/0x520 [ 36.384089] ? __pfx_handle_softirqs+0x10/0x10 [ 36.384393] irq_exit_rcu+0x92/0xb0 [ 36.384712] sysvec_apic_timer_interrupt+0x80/0xa0 [ 36.385033] </IRQ> [ 36.385220] <TASK> [ 36.385419] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 36.385932] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 36.386312] Code: 0b 90 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 2f 48 00 fb f4 <e9> fc 6f 01 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 36.387635] RSP: 0000:ffff88810082fdd8 EFLAGS: 00010216 [ 36.388125] RAX: ffff888157134340 RBX: ffff888100811f00 RCX: ffffffff92200b38 [ 36.388562] RDX: ffffed102ae26869 RSI: 0000000000000004 RDI: 00000000000758ac [ 36.389107] RBP: ffff88810082fde0 R08: 0000000000000001 R09: ffffed102ae26868 [ 36.389496] R10: ffff888157134343 R11: ffffffff904032bb R12: 0000000000000001 [ 36.390040] R13: ffffffff93e16f90 R14: 0000000000000000 R15: ffff888100811f00 [ 36.390534] ? ret_from_fork_asm+0x1b/0x30 [ 36.390917] ? ct_kernel_exit.constprop.0+0xa8/0xd0 [ 36.391256] ? default_idle+0xd/0x20 [ 36.391578] arch_cpu_idle+0xd/0x20 [ 36.391882] default_idle_call+0x42/0x70 [ 36.392145] do_idle+0x2ba/0x310 [ 36.392382] ? __pfx_do_idle+0x10/0x10 [ 36.392986] ? schedule_idle+0x3f/0x60 [ 36.393239] ? __schedule+0x715/0x11a0 [ 36.393644] cpu_startup_entry+0x3c/0x40 [ 36.393976] start_secondary+0x1ac/0x1d0 [ 36.394266] ? __pfx_start_secondary+0x10/0x10 [ 36.394623] secondary_startup_64_no_verify+0x178/0x17b [ 36.395045] </TASK> [ 36.395228] [ 36.395425] Allocated by task 228: [ 36.395659] kasan_save_stack+0x44/0x70 [ 36.395902] kasan_set_track+0x29/0x40 [ 36.396164] kasan_save_alloc_info+0x22/0x30 [ 36.396473] __kasan_kmalloc+0xb7/0xc0 [ 36.396794] kmalloc_trace+0x4c/0xb0 [ 36.397120] rcu_uaf+0x9b/0x1e0 [ 36.397499] kunit_try_run_case+0x120/0x290 [ 36.397812] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.398145] kthread+0x19e/0x1e0 [ 36.398478] ret_from_fork+0x41/0x70 [ 36.398703] ret_from_fork_asm+0x1b/0x30 [ 36.399040] [ 36.399170] Freed by task 0: [ 36.399360] kasan_save_stack+0x44/0x70 [ 36.399665] kasan_set_track+0x29/0x40 [ 36.399951] kasan_save_free_info+0x2f/0x50 [ 36.400188] ____kasan_slab_free+0x172/0x1d0 [ 36.400463] __kasan_slab_free+0x16/0x20 [ 36.400752] __kmem_cache_free+0x190/0x310 [ 36.401053] kfree+0x7c/0x120 [ 36.401258] rcu_uaf_reclaim+0x1f/0x40 [ 36.401605] rcu_core+0x4be/0x1020 [ 36.401901] rcu_core_si+0x12/0x20 [ 36.402120] handle_softirqs+0x195/0x520 [ 36.402374] irq_exit_rcu+0x92/0xb0 [ 36.402744] sysvec_apic_timer_interrupt+0x80/0xa0 [ 36.403123] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 36.403400] [ 36.403555] Last potentially related work creation: [ 36.404030] kasan_save_stack+0x44/0x70 [ 36.404312] __kasan_record_aux_stack+0xb3/0xd0 [ 36.404676] kasan_record_aux_stack_noalloc+0xf/0x20 [ 36.405003] __call_rcu_common.constprop.0+0x4c/0x5e0 [ 36.405373] call_rcu+0x12/0x20 [ 36.405562] rcu_uaf+0xdd/0x1e0 [ 36.405828] kunit_try_run_case+0x120/0x290 [ 36.406100] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.406424] kthread+0x19e/0x1e0 [ 36.406669] ret_from_fork+0x41/0x70 [ 36.406931] ret_from_fork_asm+0x1b/0x30 [ 36.407227] [ 36.407370] The buggy address belongs to the object at ffff888102796ac0 [ 36.407370] which belongs to the cache kmalloc-32 of size 32 [ 36.408058] The buggy address is located 0 bytes inside of [ 36.408058] freed 32-byte region [ffff888102796ac0, ffff888102796ae0) [ 36.408662] [ 36.408806] The buggy address belongs to the physical page: [ 36.409102] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102796 [ 36.409678] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.409987] page_type: 0xffffffff() [ 36.410254] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 36.410670] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 36.411034] page dumped because: kasan: bad access detected [ 36.411450] [ 36.411640] Memory state around the buggy address: [ 36.411892] ffff888102796980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 36.412324] ffff888102796a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 36.412919] >ffff888102796a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 36.413273] ^ [ 36.413750] ffff888102796b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.414159] ffff888102796b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.414570] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree
[ 36.325561] ================================================================== [ 36.326029] BUG: KASAN: double-free in kfree+0x7c/0x120 [ 36.327505] Free of addr ffff88810214e700 by task kunit_try_catch/226 [ 36.327913] [ 36.328182] CPU: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.328876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.329583] Call Trace: [ 36.329935] <TASK> [ 36.330107] dump_stack_lvl+0x4e/0x90 [ 36.330892] print_report+0xd2/0x650 [ 36.331170] ? __virt_addr_valid+0x156/0x1e0 [ 36.331622] ? kasan_complete_mode_report_info+0x64/0x200 [ 36.332241] ? kfree+0x7c/0x120 [ 36.332607] kasan_report_invalid_free+0xfd/0x120 [ 36.333244] ? kfree+0x7c/0x120 [ 36.333799] ? kfree+0x7c/0x120 [ 36.334047] ____kasan_slab_free+0x19c/0x1d0 [ 36.334708] ? kfree_sensitive+0x2e/0x90 [ 36.335123] __kasan_slab_free+0x16/0x20 [ 36.335750] __kmem_cache_free+0x190/0x310 [ 36.336059] kfree+0x7c/0x120 [ 36.336687] kfree_sensitive+0x2e/0x90 [ 36.336984] kmalloc_double_kzfree+0xd4/0x1d0 [ 36.337456] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 36.337772] ? __schedule+0x715/0x11a0 [ 36.338041] ? ktime_get_ts64+0x118/0x140 [ 36.338343] kunit_try_run_case+0x120/0x290 [ 36.338625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.339668] ? __kasan_check_write+0x18/0x20 [ 36.339975] ? trace_preempt_on+0x20/0xa0 [ 36.340269] ? __kthread_parkme+0x4f/0xd0 [ 36.340555] ? preempt_count_sub+0x50/0x80 [ 36.340838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.341187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.341651] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.342034] kthread+0x19e/0x1e0 [ 36.342269] ? __pfx_kthread+0x10/0x10 [ 36.342518] ret_from_fork+0x41/0x70 [ 36.342792] ? __pfx_kthread+0x10/0x10 [ 36.343606] ret_from_fork_asm+0x1b/0x30 [ 36.343962] </TASK> [ 36.344121] [ 36.344250] Allocated by task 226: [ 36.344511] kasan_save_stack+0x44/0x70 [ 36.344880] kasan_set_track+0x29/0x40 [ 36.345100] kasan_save_alloc_info+0x22/0x30 [ 36.345404] __kasan_kmalloc+0xb7/0xc0 [ 36.345774] kmalloc_trace+0x4c/0xb0 [ 36.346034] kmalloc_double_kzfree+0x9d/0x1d0 [ 36.346283] kunit_try_run_case+0x120/0x290 [ 36.346586] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.347255] kthread+0x19e/0x1e0 [ 36.347660] ret_from_fork+0x41/0x70 [ 36.347912] ret_from_fork_asm+0x1b/0x30 [ 36.348196] [ 36.348315] Freed by task 226: [ 36.348516] kasan_save_stack+0x44/0x70 [ 36.348803] kasan_set_track+0x29/0x40 [ 36.349038] kasan_save_free_info+0x2f/0x50 [ 36.349314] ____kasan_slab_free+0x172/0x1d0 [ 36.349600] __kasan_slab_free+0x16/0x20 [ 36.349904] __kmem_cache_free+0x190/0x310 [ 36.350244] kfree+0x7c/0x120 [ 36.350453] kfree_sensitive+0x67/0x90 [ 36.350731] kmalloc_double_kzfree+0xbd/0x1d0 [ 36.350981] kunit_try_run_case+0x120/0x290 [ 36.351282] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.351633] kthread+0x19e/0x1e0 [ 36.351957] ret_from_fork+0x41/0x70 [ 36.352178] ret_from_fork_asm+0x1b/0x30 [ 36.352421] [ 36.352539] The buggy address belongs to the object at ffff88810214e700 [ 36.352539] which belongs to the cache kmalloc-16 of size 16 [ 36.353195] The buggy address is located 0 bytes inside of [ 36.353195] 16-byte region [ffff88810214e700, ffff88810214e710) [ 36.353803] [ 36.353958] The buggy address belongs to the physical page: [ 36.354254] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10214e [ 36.354779] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.355066] page_type: 0xffffffff() [ 36.355320] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.356253] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.356828] page dumped because: kasan: bad access detected [ 36.357142] [ 36.357269] Memory state around the buggy address: [ 36.357681] ffff88810214e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 36.358120] ffff88810214e680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 36.358478] >ffff88810214e700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.359064] ^ [ 36.359308] ffff88810214e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.360083] ffff88810214e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.360468] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
Automatically assigned
[ 36.277562] ================================================================== [ 36.279638] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0xd4/0x1d0 [ 36.281484] Read of size 1 at addr ffff88810214e700 by task kunit_try_catch/226 [ 36.282972] [ 36.283419] CPU: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.284008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.284587] Call Trace: [ 36.285155] <TASK> [ 36.285599] dump_stack_lvl+0x4e/0x90 [ 36.286320] print_report+0xd2/0x650 [ 36.286902] ? __virt_addr_valid+0x156/0x1e0 [ 36.287342] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 36.287642] ? kasan_complete_mode_report_info+0x64/0x200 [ 36.287994] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 36.288278] kasan_report+0x147/0x180 [ 36.288515] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 36.288804] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 36.289949] __kasan_check_byte+0x3d/0x50 [ 36.290595] kfree_sensitive+0x22/0x90 [ 36.290981] kmalloc_double_kzfree+0xd4/0x1d0 [ 36.291638] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 36.291981] ? __schedule+0x715/0x11a0 [ 36.292414] ? ktime_get_ts64+0x118/0x140 [ 36.293016] kunit_try_run_case+0x120/0x290 [ 36.293318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.294182] ? __kasan_check_write+0x18/0x20 [ 36.294605] ? trace_preempt_on+0x20/0xa0 [ 36.295124] ? __kthread_parkme+0x4f/0xd0 [ 36.295605] ? preempt_count_sub+0x50/0x80 [ 36.296046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.296605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.297135] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.297968] kthread+0x19e/0x1e0 [ 36.298261] ? __pfx_kthread+0x10/0x10 [ 36.298796] ret_from_fork+0x41/0x70 [ 36.299192] ? __pfx_kthread+0x10/0x10 [ 36.299692] ret_from_fork_asm+0x1b/0x30 [ 36.300126] </TASK> [ 36.300537] [ 36.300669] Allocated by task 226: [ 36.301188] kasan_save_stack+0x44/0x70 [ 36.301876] kasan_set_track+0x29/0x40 [ 36.302336] kasan_save_alloc_info+0x22/0x30 [ 36.302645] __kasan_kmalloc+0xb7/0xc0 [ 36.303161] kmalloc_trace+0x4c/0xb0 [ 36.303630] kmalloc_double_kzfree+0x9d/0x1d0 [ 36.304075] kunit_try_run_case+0x120/0x290 [ 36.304632] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.305103] kthread+0x19e/0x1e0 [ 36.305512] ret_from_fork+0x41/0x70 [ 36.306270] ret_from_fork_asm+0x1b/0x30 [ 36.306639] [ 36.306787] Freed by task 226: [ 36.306998] kasan_save_stack+0x44/0x70 [ 36.307244] kasan_set_track+0x29/0x40 [ 36.307931] kasan_save_free_info+0x2f/0x50 [ 36.308340] ____kasan_slab_free+0x172/0x1d0 [ 36.308849] __kasan_slab_free+0x16/0x20 [ 36.309231] __kmem_cache_free+0x190/0x310 [ 36.309982] kfree+0x7c/0x120 [ 36.310312] kfree_sensitive+0x67/0x90 [ 36.310599] kmalloc_double_kzfree+0xbd/0x1d0 [ 36.311158] kunit_try_run_case+0x120/0x290 [ 36.311645] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.312142] kthread+0x19e/0x1e0 [ 36.312370] ret_from_fork+0x41/0x70 [ 36.312922] ret_from_fork_asm+0x1b/0x30 [ 36.313306] [ 36.313844] The buggy address belongs to the object at ffff88810214e700 [ 36.313844] which belongs to the cache kmalloc-16 of size 16 [ 36.314835] The buggy address is located 0 bytes inside of [ 36.314835] freed 16-byte region [ffff88810214e700, ffff88810214e710) [ 36.315668] [ 36.315939] The buggy address belongs to the physical page: [ 36.316393] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10214e [ 36.317134] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.318002] page_type: 0xffffffff() [ 36.318239] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.318985] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.319659] page dumped because: kasan: bad access detected [ 36.320114] [ 36.320505] Memory state around the buggy address: [ 36.320793] ffff88810214e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 36.321375] ffff88810214e680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 36.322237] >ffff88810214e700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.322819] ^ [ 36.323191] ffff88810214e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.323805] ffff88810214e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.324446] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
Automatically assigned
[ 36.033624] ================================================================== [ 36.034160] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 36.034728] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.035633] [ 36.035818] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.036306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.036849] Call Trace: [ 36.037109] <TASK> [ 36.037314] dump_stack_lvl+0x4e/0x90 [ 36.037574] print_report+0xd2/0x650 [ 36.037902] ? __virt_addr_valid+0x156/0x1e0 [ 36.038211] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 36.038986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.039344] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 36.039988] kasan_report+0x147/0x180 [ 36.040289] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 36.040742] kasan_check_range+0x10c/0x1c0 [ 36.041043] __kasan_check_write+0x18/0x20 [ 36.041297] kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 36.041651] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.042056] ? kasan_set_track+0x29/0x40 [ 36.042299] ? kasan_save_alloc_info+0x22/0x30 [ 36.042594] ? __kasan_kmalloc+0xb7/0xc0 [ 36.042829] kasan_bitops_generic+0xb4/0x130 [ 36.043125] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.043468] ? ktime_get_ts64+0x118/0x140 [ 36.044220] kunit_try_run_case+0x120/0x290 [ 36.044535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.044820] ? __kasan_check_write+0x18/0x20 [ 36.045137] ? trace_preempt_on+0x20/0xa0 [ 36.045397] ? __kthread_parkme+0x4f/0xd0 [ 36.045657] ? preempt_count_sub+0x50/0x80 [ 36.045961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.046253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.046595] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.046943] kthread+0x19e/0x1e0 [ 36.047235] ? __pfx_kthread+0x10/0x10 [ 36.047897] ret_from_fork+0x41/0x70 [ 36.048147] ? __pfx_kthread+0x10/0x10 [ 36.048441] ret_from_fork_asm+0x1b/0x30 [ 36.048709] </TASK> [ 36.048888] [ 36.049082] Allocated by task 222: [ 36.049307] kasan_save_stack+0x44/0x70 [ 36.049576] kasan_set_track+0x29/0x40 [ 36.049825] kasan_save_alloc_info+0x22/0x30 [ 36.050110] __kasan_kmalloc+0xb7/0xc0 [ 36.050344] kmalloc_trace+0x4c/0xb0 [ 36.050576] kasan_bitops_generic+0x8e/0x130 [ 36.050914] kunit_try_run_case+0x120/0x290 [ 36.051185] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.051480] kthread+0x19e/0x1e0 [ 36.052117] ret_from_fork+0x41/0x70 [ 36.052451] ret_from_fork_asm+0x1b/0x30 [ 36.052689] [ 36.052798] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.052798] which belongs to the cache kmalloc-16 of size 16 [ 36.053506] The buggy address is located 8 bytes inside of [ 36.053506] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.054226] [ 36.054333] The buggy address belongs to the physical page: [ 36.054614] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.055233] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.055602] page_type: 0xffffffff() [ 36.055921] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.056792] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.057239] page dumped because: kasan: bad access detected [ 36.057531] [ 36.057634] Memory state around the buggy address: [ 36.058032] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.058404] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.058813] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.059185] ^ [ 36.059468] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.059984] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.061013] ================================================================== [ 36.168189] ================================================================== [ 36.168546] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 36.169443] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.169983] [ 36.170103] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.170565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.171048] Call Trace: [ 36.171241] <TASK> [ 36.171415] dump_stack_lvl+0x4e/0x90 [ 36.171667] print_report+0xd2/0x650 [ 36.171950] ? __virt_addr_valid+0x156/0x1e0 [ 36.172290] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 36.172671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.172988] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 36.173578] kasan_report+0x147/0x180 [ 36.173788] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 36.174219] kasan_check_range+0x10c/0x1c0 [ 36.174494] __kasan_check_write+0x18/0x20 [ 36.174796] kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 36.175174] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.175582] ? kasan_set_track+0x29/0x40 [ 36.175844] ? kasan_save_alloc_info+0x22/0x30 [ 36.176166] ? __kasan_kmalloc+0xb7/0xc0 [ 36.176413] kasan_bitops_generic+0xb4/0x130 [ 36.176706] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.177057] ? ktime_get_ts64+0x118/0x140 [ 36.177307] kunit_try_run_case+0x120/0x290 [ 36.177607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.177890] ? __kasan_check_write+0x18/0x20 [ 36.178178] ? trace_preempt_on+0x20/0xa0 [ 36.178422] ? __kthread_parkme+0x4f/0xd0 [ 36.178693] ? preempt_count_sub+0x50/0x80 [ 36.178978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.179269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.179626] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.179995] kthread+0x19e/0x1e0 [ 36.180208] ? __pfx_kthread+0x10/0x10 [ 36.180475] ret_from_fork+0x41/0x70 [ 36.180709] ? __pfx_kthread+0x10/0x10 [ 36.181025] ret_from_fork_asm+0x1b/0x30 [ 36.181274] </TASK> [ 36.181418] [ 36.181545] Allocated by task 222: [ 36.181779] kasan_save_stack+0x44/0x70 [ 36.182064] kasan_set_track+0x29/0x40 [ 36.182345] kasan_save_alloc_info+0x22/0x30 [ 36.182567] __kasan_kmalloc+0xb7/0xc0 [ 36.182816] kmalloc_trace+0x4c/0xb0 [ 36.183157] kasan_bitops_generic+0x8e/0x130 [ 36.183396] kunit_try_run_case+0x120/0x290 [ 36.183668] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.184029] kthread+0x19e/0x1e0 [ 36.184436] ret_from_fork+0x41/0x70 [ 36.184659] ret_from_fork_asm+0x1b/0x30 [ 36.184938] [ 36.185063] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.185063] which belongs to the cache kmalloc-16 of size 16 [ 36.185677] The buggy address is located 8 bytes inside of [ 36.185677] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.186298] [ 36.186437] The buggy address belongs to the physical page: [ 36.186808] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.187302] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.187668] page_type: 0xffffffff() [ 36.187942] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.188365] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.188752] page dumped because: kasan: bad access detected [ 36.189097] [ 36.189208] Memory state around the buggy address: [ 36.189460] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.189904] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.190340] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.190692] ^ [ 36.191092] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.191482] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.191869] ================================================================== [ 36.144325] ================================================================== [ 36.144805] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 36.145269] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.145742] [ 36.145882] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.146384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.146903] Call Trace: [ 36.147083] <TASK> [ 36.147257] dump_stack_lvl+0x4e/0x90 [ 36.147496] print_report+0xd2/0x650 [ 36.147769] ? __virt_addr_valid+0x156/0x1e0 [ 36.148052] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 36.148412] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.148747] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 36.149116] kasan_report+0x147/0x180 [ 36.149381] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 36.149740] kasan_check_range+0x10c/0x1c0 [ 36.150056] __kasan_check_write+0x18/0x20 [ 36.150316] kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 36.150706] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.151148] ? kasan_set_track+0x29/0x40 [ 36.151392] ? kasan_save_alloc_info+0x22/0x30 [ 36.151673] ? __kasan_kmalloc+0xb7/0xc0 [ 36.151982] kasan_bitops_generic+0xb4/0x130 [ 36.152243] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.152553] ? ktime_get_ts64+0x118/0x140 [ 36.152885] kunit_try_run_case+0x120/0x290 [ 36.153146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.153421] ? __kasan_check_write+0x18/0x20 [ 36.153715] ? trace_preempt_on+0x20/0xa0 [ 36.153995] ? __kthread_parkme+0x4f/0xd0 [ 36.154234] ? preempt_count_sub+0x50/0x80 [ 36.154522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.154832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.155205] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.155536] kthread+0x19e/0x1e0 [ 36.155766] ? __pfx_kthread+0x10/0x10 [ 36.156054] ret_from_fork+0x41/0x70 [ 36.156328] ? __pfx_kthread+0x10/0x10 [ 36.156572] ret_from_fork_asm+0x1b/0x30 [ 36.156837] </TASK> [ 36.157005] [ 36.157103] Allocated by task 222: [ 36.157328] kasan_save_stack+0x44/0x70 [ 36.157585] kasan_set_track+0x29/0x40 [ 36.157894] kasan_save_alloc_info+0x22/0x30 [ 36.158150] __kasan_kmalloc+0xb7/0xc0 [ 36.158408] kmalloc_trace+0x4c/0xb0 [ 36.158651] kasan_bitops_generic+0x8e/0x130 [ 36.158916] kunit_try_run_case+0x120/0x290 [ 36.159211] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.159483] kthread+0x19e/0x1e0 [ 36.159738] ret_from_fork+0x41/0x70 [ 36.160011] ret_from_fork_asm+0x1b/0x30 [ 36.160251] [ 36.160351] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.160351] which belongs to the cache kmalloc-16 of size 16 [ 36.161011] The buggy address is located 8 bytes inside of [ 36.161011] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.161660] [ 36.161799] The buggy address belongs to the physical page: [ 36.162123] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.162544] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.162914] page_type: 0xffffffff() [ 36.163201] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.163587] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.164133] page dumped because: kasan: bad access detected [ 36.164430] [ 36.164550] Memory state around the buggy address: [ 36.164934] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.165368] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.165749] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.166126] ^ [ 36.166412] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.166829] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.167253] ================================================================== [ 36.088568] ================================================================== [ 36.089224] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 36.090003] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.090413] [ 36.090582] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.091134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.091606] Call Trace: [ 36.091811] <TASK> [ 36.092058] dump_stack_lvl+0x4e/0x90 [ 36.092365] print_report+0xd2/0x650 [ 36.092653] ? __virt_addr_valid+0x156/0x1e0 [ 36.092975] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 36.093375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.093774] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 36.094171] kasan_report+0x147/0x180 [ 36.094454] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 36.094967] kasan_check_range+0x10c/0x1c0 [ 36.095258] __kasan_check_write+0x18/0x20 [ 36.095539] kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 36.096024] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.096424] ? kasan_set_track+0x29/0x40 [ 36.096707] ? kasan_save_alloc_info+0x22/0x30 [ 36.097053] ? __kasan_kmalloc+0xb7/0xc0 [ 36.097332] kasan_bitops_generic+0xb4/0x130 [ 36.097601] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.098006] ? ktime_get_ts64+0x118/0x140 [ 36.098302] kunit_try_run_case+0x120/0x290 [ 36.098601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.099018] ? __kasan_check_write+0x18/0x20 [ 36.099286] ? trace_preempt_on+0x20/0xa0 [ 36.099562] ? __kthread_parkme+0x4f/0xd0 [ 36.099842] ? preempt_count_sub+0x50/0x80 [ 36.100128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.100459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.100847] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.101229] kthread+0x19e/0x1e0 [ 36.101470] ? __pfx_kthread+0x10/0x10 [ 36.101778] ret_from_fork+0x41/0x70 [ 36.102035] ? __pfx_kthread+0x10/0x10 [ 36.102325] ret_from_fork_asm+0x1b/0x30 [ 36.102621] </TASK> [ 36.102810] [ 36.102983] Allocated by task 222: [ 36.103159] kasan_save_stack+0x44/0x70 [ 36.103451] kasan_set_track+0x29/0x40 [ 36.103736] kasan_save_alloc_info+0x22/0x30 [ 36.104089] __kasan_kmalloc+0xb7/0xc0 [ 36.105046] kmalloc_trace+0x4c/0xb0 [ 36.105542] kasan_bitops_generic+0x8e/0x130 [ 36.105809] kunit_try_run_case+0x120/0x290 [ 36.106056] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.106320] kthread+0x19e/0x1e0 [ 36.106511] ret_from_fork+0x41/0x70 [ 36.106701] ret_from_fork_asm+0x1b/0x30 [ 36.107504] [ 36.107806] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.107806] which belongs to the cache kmalloc-16 of size 16 [ 36.108643] The buggy address is located 8 bytes inside of [ 36.108643] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.109178] [ 36.109289] The buggy address belongs to the physical page: [ 36.109550] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.110339] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.110950] page_type: 0xffffffff() [ 36.111352] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.112227] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.113122] page dumped because: kasan: bad access detected [ 36.113675] [ 36.113906] Memory state around the buggy address: [ 36.114395] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.115167] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.115919] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.116442] ^ [ 36.116695] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.117041] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.117345] ================================================================== [ 36.242622] ================================================================== [ 36.243200] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 36.243921] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.244315] [ 36.244468] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.244961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.245503] Call Trace: [ 36.245662] <TASK> [ 36.245843] dump_stack_lvl+0x4e/0x90 [ 36.246107] print_report+0xd2/0x650 [ 36.246372] ? __virt_addr_valid+0x156/0x1e0 [ 36.246648] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 36.247066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.247433] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 36.247838] kasan_report+0x147/0x180 [ 36.248062] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 36.248484] kasan_check_range+0x10c/0x1c0 [ 36.248795] __kasan_check_write+0x18/0x20 [ 36.249029] kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 36.249405] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.249794] ? kasan_set_track+0x29/0x40 [ 36.250139] ? kasan_save_alloc_info+0x22/0x30 [ 36.250465] ? __kasan_kmalloc+0xb7/0xc0 [ 36.250739] kasan_bitops_generic+0xb4/0x130 [ 36.251032] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.251361] ? ktime_get_ts64+0x118/0x140 [ 36.251612] kunit_try_run_case+0x120/0x290 [ 36.251890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.252236] ? __kasan_check_write+0x18/0x20 [ 36.252488] ? trace_preempt_on+0x20/0xa0 [ 36.252786] ? __kthread_parkme+0x4f/0xd0 [ 36.253039] ? preempt_count_sub+0x50/0x80 [ 36.253323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.253615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.253995] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.254324] kthread+0x19e/0x1e0 [ 36.254571] ? __pfx_kthread+0x10/0x10 [ 36.254869] ret_from_fork+0x41/0x70 [ 36.255065] ? __pfx_kthread+0x10/0x10 [ 36.255342] ret_from_fork_asm+0x1b/0x30 [ 36.255683] </TASK> [ 36.255897] [ 36.256015] Allocated by task 222: [ 36.256200] kasan_save_stack+0x44/0x70 [ 36.256483] kasan_set_track+0x29/0x40 [ 36.256701] kasan_save_alloc_info+0x22/0x30 [ 36.257003] __kasan_kmalloc+0xb7/0xc0 [ 36.257230] kmalloc_trace+0x4c/0xb0 [ 36.257463] kasan_bitops_generic+0x8e/0x130 [ 36.257685] kunit_try_run_case+0x120/0x290 [ 36.258118] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.258430] kthread+0x19e/0x1e0 [ 36.258650] ret_from_fork+0x41/0x70 [ 36.258952] ret_from_fork_asm+0x1b/0x30 [ 36.259226] [ 36.259345] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.259345] which belongs to the cache kmalloc-16 of size 16 [ 36.260073] The buggy address is located 8 bytes inside of [ 36.260073] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.260643] [ 36.260769] The buggy address belongs to the physical page: [ 36.261125] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.261640] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.262040] page_type: 0xffffffff() [ 36.262246] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.262684] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.263122] page dumped because: kasan: bad access detected [ 36.263422] [ 36.263541] Memory state around the buggy address: [ 36.263827] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.264211] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.264554] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.265030] ^ [ 36.265299] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.265715] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.266098] ================================================================== [ 36.192943] ================================================================== [ 36.193388] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 36.193980] Read of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.194407] [ 36.194550] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.195047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.195534] Call Trace: [ 36.195710] <TASK> [ 36.195896] dump_stack_lvl+0x4e/0x90 [ 36.196181] print_report+0xd2/0x650 [ 36.196415] ? __virt_addr_valid+0x156/0x1e0 [ 36.196670] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 36.197065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.197427] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 36.197796] kasan_report+0x147/0x180 [ 36.198073] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 36.198441] kasan_check_range+0x10c/0x1c0 [ 36.198699] __kasan_check_read+0x15/0x20 [ 36.199733] kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 36.200242] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.200645] ? kasan_set_track+0x29/0x40 [ 36.200959] ? kasan_save_alloc_info+0x22/0x30 [ 36.201238] ? __kasan_kmalloc+0xb7/0xc0 [ 36.201472] kasan_bitops_generic+0xb4/0x130 [ 36.201758] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.202147] ? ktime_get_ts64+0x118/0x140 [ 36.202418] kunit_try_run_case+0x120/0x290 [ 36.202689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.203016] ? __kasan_check_write+0x18/0x20 [ 36.203278] ? trace_preempt_on+0x20/0xa0 [ 36.203545] ? __kthread_parkme+0x4f/0xd0 [ 36.203882] ? preempt_count_sub+0x50/0x80 [ 36.204202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.204493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.204842] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.205150] kthread+0x19e/0x1e0 [ 36.205394] ? __pfx_kthread+0x10/0x10 [ 36.205650] ret_from_fork+0x41/0x70 [ 36.205940] ? __pfx_kthread+0x10/0x10 [ 36.206267] ret_from_fork_asm+0x1b/0x30 [ 36.206567] </TASK> [ 36.206712] [ 36.206849] Allocated by task 222: [ 36.207054] kasan_save_stack+0x44/0x70 [ 36.207298] kasan_set_track+0x29/0x40 [ 36.207543] kasan_save_alloc_info+0x22/0x30 [ 36.207870] __kasan_kmalloc+0xb7/0xc0 [ 36.208109] kmalloc_trace+0x4c/0xb0 [ 36.208364] kasan_bitops_generic+0x8e/0x130 [ 36.208662] kunit_try_run_case+0x120/0x290 [ 36.209594] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.209968] kthread+0x19e/0x1e0 [ 36.210212] ret_from_fork+0x41/0x70 [ 36.210430] ret_from_fork_asm+0x1b/0x30 [ 36.210669] [ 36.210804] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.210804] which belongs to the cache kmalloc-16 of size 16 [ 36.211637] The buggy address is located 8 bytes inside of [ 36.211637] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.212304] [ 36.212436] The buggy address belongs to the physical page: [ 36.212730] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.213230] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.213532] page_type: 0xffffffff() [ 36.213748] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.214243] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.214628] page dumped because: kasan: bad access detected [ 36.214938] [ 36.215055] Memory state around the buggy address: [ 36.215304] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.215702] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.216142] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.216532] ^ [ 36.216879] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.217258] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.217641] ================================================================== [ 36.218454] ================================================================== [ 36.218941] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 36.219412] Read of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.219926] [ 36.220048] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.220596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.221076] Call Trace: [ 36.221282] <TASK> [ 36.221424] dump_stack_lvl+0x4e/0x90 [ 36.221706] print_report+0xd2/0x650 [ 36.221980] ? __virt_addr_valid+0x156/0x1e0 [ 36.222256] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 36.222584] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.223098] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 36.223434] kasan_report+0x147/0x180 [ 36.223699] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 36.224134] __asan_load8+0x82/0xb0 [ 36.224385] kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 36.224753] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.225184] ? kasan_set_track+0x29/0x40 [ 36.225418] ? kasan_save_alloc_info+0x22/0x30 [ 36.225704] ? __kasan_kmalloc+0xb7/0xc0 [ 36.226023] kasan_bitops_generic+0xb4/0x130 [ 36.226339] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.226611] ? ktime_get_ts64+0x118/0x140 [ 36.226984] kunit_try_run_case+0x120/0x290 [ 36.227227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.227555] ? __kasan_check_write+0x18/0x20 [ 36.227828] ? trace_preempt_on+0x20/0xa0 [ 36.228133] ? __kthread_parkme+0x4f/0xd0 [ 36.228406] ? preempt_count_sub+0x50/0x80 [ 36.228723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.229038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.229421] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.229816] kthread+0x19e/0x1e0 [ 36.230047] ? __pfx_kthread+0x10/0x10 [ 36.230319] ret_from_fork+0x41/0x70 [ 36.230555] ? __pfx_kthread+0x10/0x10 [ 36.230829] ret_from_fork_asm+0x1b/0x30 [ 36.231147] </TASK> [ 36.231304] [ 36.231415] Allocated by task 222: [ 36.231605] kasan_save_stack+0x44/0x70 [ 36.231893] kasan_set_track+0x29/0x40 [ 36.232133] kasan_save_alloc_info+0x22/0x30 [ 36.232427] __kasan_kmalloc+0xb7/0xc0 [ 36.232652] kmalloc_trace+0x4c/0xb0 [ 36.232928] kasan_bitops_generic+0x8e/0x130 [ 36.233207] kunit_try_run_case+0x120/0x290 [ 36.233444] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.233925] kthread+0x19e/0x1e0 [ 36.234126] ret_from_fork+0x41/0x70 [ 36.234312] ret_from_fork_asm+0x1b/0x30 [ 36.234576] [ 36.234704] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.234704] which belongs to the cache kmalloc-16 of size 16 [ 36.235404] The buggy address is located 8 bytes inside of [ 36.235404] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.236115] [ 36.236240] The buggy address belongs to the physical page: [ 36.236546] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.237087] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.237422] page_type: 0xffffffff() [ 36.237658] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.238009] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.238517] page dumped because: kasan: bad access detected [ 36.238962] [ 36.239063] Memory state around the buggy address: [ 36.239283] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.239698] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.240113] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.240462] ^ [ 36.240842] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.241169] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.241630] ================================================================== [ 36.005925] ================================================================== [ 36.006310] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 36.007582] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.008298] [ 36.008445] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.008953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.009442] Call Trace: [ 36.009628] <TASK> [ 36.009821] dump_stack_lvl+0x4e/0x90 [ 36.010166] print_report+0xd2/0x650 [ 36.010888] ? __virt_addr_valid+0x156/0x1e0 [ 36.011195] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 36.011657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.012035] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 36.012432] kasan_report+0x147/0x180 [ 36.012671] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 36.013086] kasan_check_range+0x10c/0x1c0 [ 36.013354] __kasan_check_write+0x18/0x20 [ 36.013598] kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 36.014020] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.014870] ? kasan_set_track+0x29/0x40 [ 36.015136] ? kasan_save_alloc_info+0x22/0x30 [ 36.015413] ? __kasan_kmalloc+0xb7/0xc0 [ 36.015685] kasan_bitops_generic+0xb4/0x130 [ 36.015993] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.016297] ? ktime_get_ts64+0x118/0x140 [ 36.016561] kunit_try_run_case+0x120/0x290 [ 36.016855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.017205] ? __kasan_check_write+0x18/0x20 [ 36.017479] ? trace_preempt_on+0x20/0xa0 [ 36.017716] ? __kthread_parkme+0x4f/0xd0 [ 36.018024] ? preempt_count_sub+0x50/0x80 [ 36.018295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.019024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.019459] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.019819] kthread+0x19e/0x1e0 [ 36.020094] ? __pfx_kthread+0x10/0x10 [ 36.020387] ret_from_fork+0x41/0x70 [ 36.020629] ? __pfx_kthread+0x10/0x10 [ 36.020934] ret_from_fork_asm+0x1b/0x30 [ 36.021192] </TASK> [ 36.021355] [ 36.021481] Allocated by task 222: [ 36.021682] kasan_save_stack+0x44/0x70 [ 36.021913] kasan_set_track+0x29/0x40 [ 36.022195] kasan_save_alloc_info+0x22/0x30 [ 36.022879] __kasan_kmalloc+0xb7/0xc0 [ 36.023129] kmalloc_trace+0x4c/0xb0 [ 36.023381] kasan_bitops_generic+0x8e/0x130 [ 36.023679] kunit_try_run_case+0x120/0x290 [ 36.023942] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.024286] kthread+0x19e/0x1e0 [ 36.024497] ret_from_fork+0x41/0x70 [ 36.024724] ret_from_fork_asm+0x1b/0x30 [ 36.025006] [ 36.025130] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.025130] which belongs to the cache kmalloc-16 of size 16 [ 36.025756] The buggy address is located 8 bytes inside of [ 36.025756] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.026836] [ 36.027014] The buggy address belongs to the physical page: [ 36.027328] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.027897] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.028222] page_type: 0xffffffff() [ 36.028446] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.028912] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.029338] page dumped because: kasan: bad access detected [ 36.029636] [ 36.029764] Memory state around the buggy address: [ 36.030008] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.030915] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.031315] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.031735] ^ [ 36.032054] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.032432] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.032809] ================================================================== [ 36.061652] ================================================================== [ 36.062040] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 36.062632] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.063202] [ 36.063371] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.063779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.064309] Call Trace: [ 36.064491] <TASK> [ 36.064663] dump_stack_lvl+0x4e/0x90 [ 36.064962] print_report+0xd2/0x650 [ 36.065201] ? __virt_addr_valid+0x156/0x1e0 [ 36.065519] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 36.065929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.066841] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 36.067269] kasan_report+0x147/0x180 [ 36.067530] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 36.068020] kasan_check_range+0x10c/0x1c0 [ 36.068315] __kasan_check_write+0x18/0x20 [ 36.068585] kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 36.068993] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.069814] ? kasan_set_track+0x29/0x40 [ 36.070080] ? kasan_save_alloc_info+0x22/0x30 [ 36.070388] ? __kasan_kmalloc+0xb7/0xc0 [ 36.070649] kasan_bitops_generic+0xb4/0x130 [ 36.070984] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.071329] ? ktime_get_ts64+0x118/0x140 [ 36.071582] kunit_try_run_case+0x120/0x290 [ 36.071908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.072202] ? __kasan_check_write+0x18/0x20 [ 36.072484] ? trace_preempt_on+0x20/0xa0 [ 36.072760] ? __kthread_parkme+0x4f/0xd0 [ 36.073061] ? preempt_count_sub+0x50/0x80 [ 36.073292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.073988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.074333] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.074663] kthread+0x19e/0x1e0 [ 36.074939] ? __pfx_kthread+0x10/0x10 [ 36.075190] ret_from_fork+0x41/0x70 [ 36.075407] ? __pfx_kthread+0x10/0x10 [ 36.075684] ret_from_fork_asm+0x1b/0x30 [ 36.075976] </TASK> [ 36.076133] [ 36.076249] Allocated by task 222: [ 36.076419] kasan_save_stack+0x44/0x70 [ 36.076688] kasan_set_track+0x29/0x40 [ 36.076935] kasan_save_alloc_info+0x22/0x30 [ 36.077229] __kasan_kmalloc+0xb7/0xc0 [ 36.077902] kmalloc_trace+0x4c/0xb0 [ 36.078162] kasan_bitops_generic+0x8e/0x130 [ 36.078540] kunit_try_run_case+0x120/0x290 [ 36.078889] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.079204] kthread+0x19e/0x1e0 [ 36.079438] ret_from_fork+0x41/0x70 [ 36.079627] ret_from_fork_asm+0x1b/0x30 [ 36.079905] [ 36.080018] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.080018] which belongs to the cache kmalloc-16 of size 16 [ 36.080641] The buggy address is located 8 bytes inside of [ 36.080641] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.081283] [ 36.081933] The buggy address belongs to the physical page: [ 36.082255] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.082779] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.083128] page_type: 0xffffffff() [ 36.083364] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.083771] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.084241] page dumped because: kasan: bad access detected [ 36.084526] [ 36.084646] Memory state around the buggy address: [ 36.084918] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.085316] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.086104] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.086491] ^ [ 36.086854] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.087305] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.087702] ================================================================== [ 36.118228] ================================================================== [ 36.118621] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 36.119461] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 36.119937] [ 36.120085] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 36.120567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.121102] Call Trace: [ 36.121265] <TASK> [ 36.121429] dump_stack_lvl+0x4e/0x90 [ 36.121723] print_report+0xd2/0x650 [ 36.121965] ? __virt_addr_valid+0x156/0x1e0 [ 36.122291] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 36.122666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.123021] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 36.123444] kasan_report+0x147/0x180 [ 36.123695] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 36.124110] kasan_check_range+0x10c/0x1c0 [ 36.124408] __kasan_check_write+0x18/0x20 [ 36.124695] kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 36.125067] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 36.125481] ? kasan_set_track+0x29/0x40 [ 36.125727] ? kasan_save_alloc_info+0x22/0x30 [ 36.126029] ? __kasan_kmalloc+0xb7/0xc0 [ 36.126255] kasan_bitops_generic+0xb4/0x130 [ 36.126559] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 36.126915] ? ktime_get_ts64+0x118/0x140 [ 36.127184] kunit_try_run_case+0x120/0x290 [ 36.127446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.127744] ? __kasan_check_write+0x18/0x20 [ 36.128148] ? trace_preempt_on+0x20/0xa0 [ 36.128415] ? __kthread_parkme+0x4f/0xd0 [ 36.128764] ? preempt_count_sub+0x50/0x80 [ 36.129205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.129520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.129893] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.130219] kthread+0x19e/0x1e0 [ 36.130439] ? __pfx_kthread+0x10/0x10 [ 36.130677] ret_from_fork+0x41/0x70 [ 36.130927] ? __pfx_kthread+0x10/0x10 [ 36.131227] ret_from_fork_asm+0x1b/0x30 [ 36.131497] </TASK> [ 36.131668] [ 36.131813] Allocated by task 222: [ 36.131998] kasan_save_stack+0x44/0x70 [ 36.132305] kasan_set_track+0x29/0x40 [ 36.132590] kasan_save_alloc_info+0x22/0x30 [ 36.132916] __kasan_kmalloc+0xb7/0xc0 [ 36.133174] kmalloc_trace+0x4c/0xb0 [ 36.133450] kasan_bitops_generic+0x8e/0x130 [ 36.133702] kunit_try_run_case+0x120/0x290 [ 36.133973] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 36.134307] kthread+0x19e/0x1e0 [ 36.134558] ret_from_fork+0x41/0x70 [ 36.134751] ret_from_fork_asm+0x1b/0x30 [ 36.135019] [ 36.135230] The buggy address belongs to the object at ffff8881024a3ac0 [ 36.135230] which belongs to the cache kmalloc-16 of size 16 [ 36.135940] The buggy address is located 8 bytes inside of [ 36.135940] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 36.136586] [ 36.136728] The buggy address belongs to the physical page: [ 36.137070] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 36.137531] flags: 0x200000000000800(slab|node=0|zone=2) [ 36.138286] page_type: 0xffffffff() [ 36.138545] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 36.139088] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 36.139604] page dumped because: kasan: bad access detected [ 36.140009] [ 36.140234] Memory state around the buggy address: [ 36.140605] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.141137] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.141635] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.142150] ^ [ 36.142584] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.143079] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.143383] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
Automatically assigned
[ 35.744143] ================================================================== [ 35.745293] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 35.746355] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.747005] [ 35.747166] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.747944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.749185] Call Trace: [ 35.749643] <TASK> [ 35.750150] dump_stack_lvl+0x4e/0x90 [ 35.750754] print_report+0xd2/0x650 [ 35.751085] ? __virt_addr_valid+0x156/0x1e0 [ 35.751334] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 35.751979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.752708] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 35.753346] kasan_report+0x147/0x180 [ 35.753988] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 35.754734] kasan_check_range+0x10c/0x1c0 [ 35.755260] __kasan_check_write+0x18/0x20 [ 35.756130] kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 35.756599] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.757225] ? kasan_set_track+0x29/0x40 [ 35.757821] ? kasan_save_alloc_info+0x22/0x30 [ 35.758322] ? __kasan_kmalloc+0xb7/0xc0 [ 35.758816] kasan_bitops_generic+0xa9/0x130 [ 35.759084] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.759687] ? ktime_get_ts64+0x118/0x140 [ 35.760222] kunit_try_run_case+0x120/0x290 [ 35.760869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.761399] ? __kasan_check_write+0x18/0x20 [ 35.761961] ? trace_preempt_on+0x20/0xa0 [ 35.762493] ? __kthread_parkme+0x4f/0xd0 [ 35.763015] ? preempt_count_sub+0x50/0x80 [ 35.763518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.764276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.765061] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.765692] kthread+0x19e/0x1e0 [ 35.765917] ? __pfx_kthread+0x10/0x10 [ 35.766142] ret_from_fork+0x41/0x70 [ 35.766357] ? __pfx_kthread+0x10/0x10 [ 35.766894] ret_from_fork_asm+0x1b/0x30 [ 35.767371] </TASK> [ 35.767668] [ 35.768294] Allocated by task 222: [ 35.769004] kasan_save_stack+0x44/0x70 [ 35.769567] kasan_set_track+0x29/0x40 [ 35.770017] kasan_save_alloc_info+0x22/0x30 [ 35.770584] __kasan_kmalloc+0xb7/0xc0 [ 35.771093] kmalloc_trace+0x4c/0xb0 [ 35.771921] kasan_bitops_generic+0x8e/0x130 [ 35.772417] kunit_try_run_case+0x120/0x290 [ 35.772697] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.773461] kthread+0x19e/0x1e0 [ 35.773890] ret_from_fork+0x41/0x70 [ 35.774096] ret_from_fork_asm+0x1b/0x30 [ 35.774303] [ 35.774425] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.774425] which belongs to the cache kmalloc-16 of size 16 [ 35.775375] The buggy address is located 8 bytes inside of [ 35.775375] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.776478] [ 35.776719] The buggy address belongs to the physical page: [ 35.777057] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.777659] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.778004] page_type: 0xffffffff() [ 35.778236] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.778788] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.779258] page dumped because: kasan: bad access detected [ 35.779924] [ 35.780062] Memory state around the buggy address: [ 35.780314] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.780904] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.781258] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.781751] ^ [ 35.782059] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.782462] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.783025] ================================================================== [ 35.783820] ================================================================== [ 35.784250] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 35.785219] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.785926] [ 35.786072] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.786618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.787166] Call Trace: [ 35.787437] <TASK> [ 35.787626] dump_stack_lvl+0x4e/0x90 [ 35.787953] print_report+0xd2/0x650 [ 35.788196] ? __virt_addr_valid+0x156/0x1e0 [ 35.788885] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 35.789237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.789557] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 35.790093] kasan_report+0x147/0x180 [ 35.790370] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 35.790711] kasan_check_range+0x10c/0x1c0 [ 35.791117] __kasan_check_write+0x18/0x20 [ 35.791463] kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 35.791811] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.792165] ? kasan_set_track+0x29/0x40 [ 35.792432] ? kasan_save_alloc_info+0x22/0x30 [ 35.792719] ? __kasan_kmalloc+0xb7/0xc0 [ 35.793291] kasan_bitops_generic+0xa9/0x130 [ 35.793755] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.794101] ? ktime_get_ts64+0x118/0x140 [ 35.794463] kunit_try_run_case+0x120/0x290 [ 35.794767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.795120] ? __kasan_check_write+0x18/0x20 [ 35.795474] ? trace_preempt_on+0x20/0xa0 [ 35.795771] ? __kthread_parkme+0x4f/0xd0 [ 35.796028] ? preempt_count_sub+0x50/0x80 [ 35.796639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.796988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.797351] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.798006] kthread+0x19e/0x1e0 [ 35.798262] ? __pfx_kthread+0x10/0x10 [ 35.798518] ret_from_fork+0x41/0x70 [ 35.798965] ? __pfx_kthread+0x10/0x10 [ 35.799201] ret_from_fork_asm+0x1b/0x30 [ 35.799500] </TASK> [ 35.799818] [ 35.799962] Allocated by task 222: [ 35.800152] kasan_save_stack+0x44/0x70 [ 35.800425] kasan_set_track+0x29/0x40 [ 35.801191] kasan_save_alloc_info+0x22/0x30 [ 35.801505] __kasan_kmalloc+0xb7/0xc0 [ 35.801946] kmalloc_trace+0x4c/0xb0 [ 35.802189] kasan_bitops_generic+0x8e/0x130 [ 35.802521] kunit_try_run_case+0x120/0x290 [ 35.802833] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.803173] kthread+0x19e/0x1e0 [ 35.803504] ret_from_fork+0x41/0x70 [ 35.803732] ret_from_fork_asm+0x1b/0x30 [ 35.804081] [ 35.804186] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.804186] which belongs to the cache kmalloc-16 of size 16 [ 35.805235] The buggy address is located 8 bytes inside of [ 35.805235] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.806068] [ 35.806205] The buggy address belongs to the physical page: [ 35.806491] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.807119] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.807407] page_type: 0xffffffff() [ 35.807672] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.808188] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.808926] page dumped because: kasan: bad access detected [ 35.809232] [ 35.809358] Memory state around the buggy address: [ 35.809873] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.810256] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.810884] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.811255] ^ [ 35.811769] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.812166] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.812559] ================================================================== [ 35.871623] ================================================================== [ 35.872088] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 35.873588] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.874030] [ 35.874204] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.874683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.875177] Call Trace: [ 35.875359] <TASK> [ 35.875514] dump_stack_lvl+0x4e/0x90 [ 35.875855] print_report+0xd2/0x650 [ 35.876102] ? __virt_addr_valid+0x156/0x1e0 [ 35.876415] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 35.877016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.877425] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 35.877836] kasan_report+0x147/0x180 [ 35.878105] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 35.878486] kasan_check_range+0x10c/0x1c0 [ 35.878774] __kasan_check_write+0x18/0x20 [ 35.879060] kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 35.879393] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.879707] ? kasan_set_track+0x29/0x40 [ 35.880026] ? kasan_save_alloc_info+0x22/0x30 [ 35.880361] ? __kasan_kmalloc+0xb7/0xc0 [ 35.880671] kasan_bitops_generic+0xa9/0x130 [ 35.880993] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.881323] ? ktime_get_ts64+0x118/0x140 [ 35.881624] kunit_try_run_case+0x120/0x290 [ 35.881960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.882248] ? __kasan_check_write+0x18/0x20 [ 35.882545] ? trace_preempt_on+0x20/0xa0 [ 35.883813] ? __kthread_parkme+0x4f/0xd0 [ 35.884129] ? preempt_count_sub+0x50/0x80 [ 35.884431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.884750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.885141] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.885473] kthread+0x19e/0x1e0 [ 35.885685] ? __pfx_kthread+0x10/0x10 [ 35.885987] ret_from_fork+0x41/0x70 [ 35.886218] ? __pfx_kthread+0x10/0x10 [ 35.886484] ret_from_fork_asm+0x1b/0x30 [ 35.886770] </TASK> [ 35.886922] [ 35.887048] Allocated by task 222: [ 35.887251] kasan_save_stack+0x44/0x70 [ 35.887523] kasan_set_track+0x29/0x40 [ 35.888438] kasan_save_alloc_info+0x22/0x30 [ 35.888780] __kasan_kmalloc+0xb7/0xc0 [ 35.889043] kmalloc_trace+0x4c/0xb0 [ 35.889275] kasan_bitops_generic+0x8e/0x130 [ 35.889694] kunit_try_run_case+0x120/0x290 [ 35.889991] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.890314] kthread+0x19e/0x1e0 [ 35.890638] ret_from_fork+0x41/0x70 [ 35.890994] ret_from_fork_asm+0x1b/0x30 [ 35.891249] [ 35.891374] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.891374] which belongs to the cache kmalloc-16 of size 16 [ 35.892166] The buggy address is located 8 bytes inside of [ 35.892166] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.893486] [ 35.893608] The buggy address belongs to the physical page: [ 35.894091] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.894606] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.894936] page_type: 0xffffffff() [ 35.895201] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.895635] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.896052] page dumped because: kasan: bad access detected [ 35.897024] [ 35.897160] Memory state around the buggy address: [ 35.897405] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.897727] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.898352] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.898943] ^ [ 35.899309] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.899778] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.900200] ================================================================== [ 35.929731] ================================================================== [ 35.930147] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 35.930730] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.931306] [ 35.931578] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.932083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.933141] Call Trace: [ 35.933346] <TASK> [ 35.933504] dump_stack_lvl+0x4e/0x90 [ 35.933783] print_report+0xd2/0x650 [ 35.934085] ? __virt_addr_valid+0x156/0x1e0 [ 35.934372] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 35.934665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.935072] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 35.935368] kasan_report+0x147/0x180 [ 35.935633] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 35.935976] kasan_check_range+0x10c/0x1c0 [ 35.936285] __kasan_check_write+0x18/0x20 [ 35.936797] kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 35.937687] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.938190] ? kasan_set_track+0x29/0x40 [ 35.938566] ? kasan_save_alloc_info+0x22/0x30 [ 35.938988] ? __kasan_kmalloc+0xb7/0xc0 [ 35.939364] kasan_bitops_generic+0xa9/0x130 [ 35.939752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.940204] ? ktime_get_ts64+0x118/0x140 [ 35.940604] kunit_try_run_case+0x120/0x290 [ 35.941008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.941321] ? __kasan_check_write+0x18/0x20 [ 35.941609] ? trace_preempt_on+0x20/0xa0 [ 35.942575] ? __kthread_parkme+0x4f/0xd0 [ 35.942872] ? preempt_count_sub+0x50/0x80 [ 35.943743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.944513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.945483] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.946379] kthread+0x19e/0x1e0 [ 35.946600] ? __pfx_kthread+0x10/0x10 [ 35.946840] ret_from_fork+0x41/0x70 [ 35.947363] ? __pfx_kthread+0x10/0x10 [ 35.947898] ret_from_fork_asm+0x1b/0x30 [ 35.948412] </TASK> [ 35.948711] [ 35.948950] Allocated by task 222: [ 35.949361] kasan_save_stack+0x44/0x70 [ 35.949934] kasan_set_track+0x29/0x40 [ 35.950404] kasan_save_alloc_info+0x22/0x30 [ 35.950781] __kasan_kmalloc+0xb7/0xc0 [ 35.951341] kmalloc_trace+0x4c/0xb0 [ 35.951842] kasan_bitops_generic+0x8e/0x130 [ 35.952359] kunit_try_run_case+0x120/0x290 [ 35.952658] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.953212] kthread+0x19e/0x1e0 [ 35.953642] ret_from_fork+0x41/0x70 [ 35.954150] ret_from_fork_asm+0x1b/0x30 [ 35.954497] [ 35.954758] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.954758] which belongs to the cache kmalloc-16 of size 16 [ 35.955975] The buggy address is located 8 bytes inside of [ 35.955975] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.956669] [ 35.956793] The buggy address belongs to the physical page: [ 35.957050] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.957451] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.957709] page_type: 0xffffffff() [ 35.958117] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.958939] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.959799] page dumped because: kasan: bad access detected [ 35.960414] [ 35.960635] Memory state around the buggy address: [ 35.961125] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.962046] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.962895] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.963652] ^ [ 35.964233] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.965071] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.965853] ================================================================== [ 35.843488] ================================================================== [ 35.844291] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 35.845079] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.845478] [ 35.845667] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.846141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.846627] Call Trace: [ 35.846839] <TASK> [ 35.847020] dump_stack_lvl+0x4e/0x90 [ 35.847321] print_report+0xd2/0x650 [ 35.848072] ? __virt_addr_valid+0x156/0x1e0 [ 35.848387] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 35.848749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.849093] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 35.849429] kasan_report+0x147/0x180 [ 35.849690] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 35.850033] kasan_check_range+0x10c/0x1c0 [ 35.850333] __kasan_check_write+0x18/0x20 [ 35.850614] kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 35.850954] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.851749] ? kasan_set_track+0x29/0x40 [ 35.852048] ? kasan_save_alloc_info+0x22/0x30 [ 35.852332] ? __kasan_kmalloc+0xb7/0xc0 [ 35.852616] kasan_bitops_generic+0xa9/0x130 [ 35.853043] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.853380] ? ktime_get_ts64+0x118/0x140 [ 35.853642] kunit_try_run_case+0x120/0x290 [ 35.853950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.854227] ? __kasan_check_write+0x18/0x20 [ 35.854528] ? trace_preempt_on+0x20/0xa0 [ 35.854854] ? __kthread_parkme+0x4f/0xd0 [ 35.855169] ? preempt_count_sub+0x50/0x80 [ 35.855854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.856172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.856549] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.856946] kthread+0x19e/0x1e0 [ 35.857155] ? __pfx_kthread+0x10/0x10 [ 35.857447] ret_from_fork+0x41/0x70 [ 35.857732] ? __pfx_kthread+0x10/0x10 [ 35.857985] ret_from_fork_asm+0x1b/0x30 [ 35.858283] </TASK> [ 35.858450] [ 35.858574] Allocated by task 222: [ 35.858753] kasan_save_stack+0x44/0x70 [ 35.859110] kasan_set_track+0x29/0x40 [ 35.859344] kasan_save_alloc_info+0x22/0x30 [ 35.859678] __kasan_kmalloc+0xb7/0xc0 [ 35.859976] kmalloc_trace+0x4c/0xb0 [ 35.860196] kasan_bitops_generic+0x8e/0x130 [ 35.860483] kunit_try_run_case+0x120/0x290 [ 35.861410] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.861737] kthread+0x19e/0x1e0 [ 35.861996] ret_from_fork+0x41/0x70 [ 35.862209] ret_from_fork_asm+0x1b/0x30 [ 35.862453] [ 35.862581] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.862581] which belongs to the cache kmalloc-16 of size 16 [ 35.863358] The buggy address is located 8 bytes inside of [ 35.863358] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.864017] [ 35.864160] The buggy address belongs to the physical page: [ 35.864450] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.865612] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.865994] page_type: 0xffffffff() [ 35.866247] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.866659] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.867170] page dumped because: kasan: bad access detected [ 35.867467] [ 35.867590] Memory state around the buggy address: [ 35.867886] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.868338] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.869356] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.869761] ^ [ 35.870089] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.870479] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.870885] ================================================================== [ 35.901734] ================================================================== [ 35.902163] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 35.902800] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.903230] [ 35.903377] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.903939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.904465] Call Trace: [ 35.904675] <TASK> [ 35.904835] dump_stack_lvl+0x4e/0x90 [ 35.905696] print_report+0xd2/0x650 [ 35.906101] ? __virt_addr_valid+0x156/0x1e0 [ 35.906397] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 35.906742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.907135] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 35.907464] kasan_report+0x147/0x180 [ 35.907740] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 35.908060] kasan_check_range+0x10c/0x1c0 [ 35.908349] __kasan_check_write+0x18/0x20 [ 35.909091] kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 35.909431] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.909830] ? kasan_set_track+0x29/0x40 [ 35.910086] ? kasan_save_alloc_info+0x22/0x30 [ 35.910381] ? __kasan_kmalloc+0xb7/0xc0 [ 35.910660] kasan_bitops_generic+0xa9/0x130 [ 35.910963] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.911323] ? ktime_get_ts64+0x118/0x140 [ 35.911581] kunit_try_run_case+0x120/0x290 [ 35.911857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.912194] ? __kasan_check_write+0x18/0x20 [ 35.913068] ? trace_preempt_on+0x20/0xa0 [ 35.913330] ? __kthread_parkme+0x4f/0xd0 [ 35.913652] ? preempt_count_sub+0x50/0x80 [ 35.913930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.914225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.914577] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.914943] kthread+0x19e/0x1e0 [ 35.915202] ? __pfx_kthread+0x10/0x10 [ 35.915463] ret_from_fork+0x41/0x70 [ 35.915726] ? __pfx_kthread+0x10/0x10 [ 35.915956] ret_from_fork_asm+0x1b/0x30 [ 35.916265] </TASK> [ 35.917029] [ 35.917146] Allocated by task 222: [ 35.917373] kasan_save_stack+0x44/0x70 [ 35.917665] kasan_set_track+0x29/0x40 [ 35.917931] kasan_save_alloc_info+0x22/0x30 [ 35.918197] __kasan_kmalloc+0xb7/0xc0 [ 35.918453] kmalloc_trace+0x4c/0xb0 [ 35.918664] kasan_bitops_generic+0x8e/0x130 [ 35.918938] kunit_try_run_case+0x120/0x290 [ 35.919239] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.919577] kthread+0x19e/0x1e0 [ 35.919802] ret_from_fork+0x41/0x70 [ 35.920067] ret_from_fork_asm+0x1b/0x30 [ 35.920416] [ 35.921056] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.921056] which belongs to the cache kmalloc-16 of size 16 [ 35.921736] The buggy address is located 8 bytes inside of [ 35.921736] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.922381] [ 35.922514] The buggy address belongs to the physical page: [ 35.922872] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.923399] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.923704] page_type: 0xffffffff() [ 35.923958] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.924890] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.925304] page dumped because: kasan: bad access detected [ 35.925637] [ 35.925742] Memory state around the buggy address: [ 35.926075] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.926421] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.926929] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.927315] ^ [ 35.927614] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.928026] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.929080] ================================================================== [ 35.814272] ================================================================== [ 35.814935] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 35.815503] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.815950] [ 35.816079] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.816527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.817253] Call Trace: [ 35.817736] <TASK> [ 35.817952] dump_stack_lvl+0x4e/0x90 [ 35.818232] print_report+0xd2/0x650 [ 35.818749] ? __virt_addr_valid+0x156/0x1e0 [ 35.819048] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 35.819536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.819969] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 35.820303] kasan_report+0x147/0x180 [ 35.820535] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 35.820937] kasan_check_range+0x10c/0x1c0 [ 35.821200] __kasan_check_write+0x18/0x20 [ 35.821454] kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 35.821793] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.822155] ? kasan_set_track+0x29/0x40 [ 35.822387] ? kasan_save_alloc_info+0x22/0x30 [ 35.822692] ? __kasan_kmalloc+0xb7/0xc0 [ 35.823423] kasan_bitops_generic+0xa9/0x130 [ 35.823758] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.824082] ? ktime_get_ts64+0x118/0x140 [ 35.824451] kunit_try_run_case+0x120/0x290 [ 35.824764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.825085] ? __kasan_check_write+0x18/0x20 [ 35.825333] ? trace_preempt_on+0x20/0xa0 [ 35.825733] ? __kthread_parkme+0x4f/0xd0 [ 35.826066] ? preempt_count_sub+0x50/0x80 [ 35.826332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.827110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.827472] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.827972] kthread+0x19e/0x1e0 [ 35.828234] ? __pfx_kthread+0x10/0x10 [ 35.828489] ret_from_fork+0x41/0x70 [ 35.828841] ? __pfx_kthread+0x10/0x10 [ 35.829092] ret_from_fork_asm+0x1b/0x30 [ 35.829475] </TASK> [ 35.829643] [ 35.829747] Allocated by task 222: [ 35.830124] kasan_save_stack+0x44/0x70 [ 35.830837] kasan_set_track+0x29/0x40 [ 35.831113] kasan_save_alloc_info+0x22/0x30 [ 35.831589] __kasan_kmalloc+0xb7/0xc0 [ 35.831818] kmalloc_trace+0x4c/0xb0 [ 35.832079] kasan_bitops_generic+0x8e/0x130 [ 35.832347] kunit_try_run_case+0x120/0x290 [ 35.832713] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.833060] kthread+0x19e/0x1e0 [ 35.833296] ret_from_fork+0x41/0x70 [ 35.833581] ret_from_fork_asm+0x1b/0x30 [ 35.833972] [ 35.834089] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.834089] which belongs to the cache kmalloc-16 of size 16 [ 35.835145] The buggy address is located 8 bytes inside of [ 35.835145] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.836005] [ 35.836126] The buggy address belongs to the physical page: [ 35.836410] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.837054] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.837368] page_type: 0xffffffff() [ 35.837597] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.838044] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.838443] page dumped because: kasan: bad access detected [ 35.838754] [ 35.838891] Memory state around the buggy address: [ 35.839182] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 35.839569] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 35.839975] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.840325] ^ [ 35.840679] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.841100] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.841499] ================================================================== [ 35.966876] ================================================================== [ 35.967239] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 35.967631] Write of size 8 at addr ffff8881024a3ac8 by task kunit_try_catch/222 [ 35.968509] [ 35.968723] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.969540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.970572] Call Trace: [ 35.970912] <TASK> [ 35.971180] dump_stack_lvl+0x4e/0x90 [ 35.971928] print_report+0xd2/0x650 [ 35.972347] ? __virt_addr_valid+0x156/0x1e0 [ 35.972881] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 35.973537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.973971] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 35.974253] kasan_report+0x147/0x180 [ 35.974565] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 35.974946] kasan_check_range+0x10c/0x1c0 [ 35.975708] __kasan_check_write+0x18/0x20 [ 35.976334] kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 35.976755] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 35.977381] ? kasan_set_track+0x29/0x40 [ 35.977690] ? kasan_save_alloc_info+0x22/0x30 [ 35.977959] ? __kasan_kmalloc+0xb7/0xc0 [ 35.978181] kasan_bitops_generic+0xa9/0x130 [ 35.979088] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 35.979672] ? ktime_get_ts64+0x118/0x140 [ 35.980155] kunit_try_run_case+0x120/0x290 [ 35.980624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.981148] ? __kasan_check_write+0x18/0x20 [ 35.981604] ? trace_preempt_on+0x20/0xa0 [ 35.982095] ? __kthread_parkme+0x4f/0xd0 [ 35.982938] ? preempt_count_sub+0x50/0x80 [ 35.983312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.983569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.984105] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.984656] kthread+0x19e/0x1e0 [ 35.985090] ? __pfx_kthread+0x10/0x10 [ 35.985507] ret_from_fork+0x41/0x70 [ 35.985942] ? __pfx_kthread+0x10/0x10 [ 35.986694] ret_from_fork_asm+0x1b/0x30 [ 35.987201] </TASK> [ 35.987465] [ 35.987586] Allocated by task 222: [ 35.987800] kasan_save_stack+0x44/0x70 [ 35.988234] kasan_set_track+0x29/0x40 [ 35.988649] kasan_save_alloc_info+0x22/0x30 [ 35.989039] __kasan_kmalloc+0xb7/0xc0 [ 35.989236] kmalloc_trace+0x4c/0xb0 [ 35.989423] kasan_bitops_generic+0x8e/0x130 [ 35.989643] kunit_try_run_case+0x120/0x290 [ 35.990088] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.991129] kthread+0x19e/0x1e0 [ 35.991562] ret_from_fork+0x41/0x70 [ 35.991990] ret_from_fork_asm+0x1b/0x30 [ 35.992419] [ 35.992607] The buggy address belongs to the object at ffff8881024a3ac0 [ 35.992607] which belongs to the cache kmalloc-16 of size 16 [ 35.993835] The buggy address is located 8 bytes inside of [ 35.993835] allocated 9-byte region [ffff8881024a3ac0, ffff8881024a3ac9) [ 35.995322] [ 35.995439] The buggy address belongs to the physical page: [ 35.995685] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 35.996645] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.997334] page_type: 0xffffffff() [ 35.997723] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 35.998994] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 35.999640] page dumped because: kasan: bad access detected [ 35.999915] [ 36.000015] Memory state around the buggy address: [ 36.000236] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 36.001501] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 36.002294] >ffff8881024a3a80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 36.003397] ^ [ 36.003994] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.004688] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.005257] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
Automatically assigned
[ 35.693770] ================================================================== [ 35.694935] BUG: KASAN: slab-use-after-free in strnlen+0x31/0x50 [ 35.695405] Read of size 1 at addr ffff888102869450 by task kunit_try_catch/220 [ 35.696155] [ 35.696334] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.697129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.697818] Call Trace: [ 35.698038] <TASK> [ 35.698205] dump_stack_lvl+0x4e/0x90 [ 35.699120] print_report+0xd2/0x650 [ 35.699376] ? __virt_addr_valid+0x156/0x1e0 [ 35.699622] ? strnlen+0x31/0x50 [ 35.699817] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.700678] ? strnlen+0x31/0x50 [ 35.701294] kasan_report+0x147/0x180 [ 35.701906] ? strnlen+0x31/0x50 [ 35.702544] __asan_load1+0x66/0x70 [ 35.703170] strnlen+0x31/0x50 [ 35.703850] kasan_strings+0x21b/0x510 [ 35.704408] ? __pfx_kasan_strings+0x10/0x10 [ 35.705063] ? __schedule+0x715/0x11a0 [ 35.705308] ? ktime_get_ts64+0x118/0x140 [ 35.706072] kunit_try_run_case+0x120/0x290 [ 35.707021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.707698] ? __kasan_check_write+0x18/0x20 [ 35.708247] ? trace_preempt_on+0x20/0xa0 [ 35.708486] ? __kthread_parkme+0x4f/0xd0 [ 35.709378] ? preempt_count_sub+0x50/0x80 [ 35.710100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.710918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.711876] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.712396] kthread+0x19e/0x1e0 [ 35.712623] ? __pfx_kthread+0x10/0x10 [ 35.712845] ret_from_fork+0x41/0x70 [ 35.713069] ? __pfx_kthread+0x10/0x10 [ 35.713288] ret_from_fork_asm+0x1b/0x30 [ 35.713526] </TASK> [ 35.713656] [ 35.713758] Allocated by task 220: [ 35.714085] kasan_save_stack+0x44/0x70 [ 35.714397] kasan_set_track+0x29/0x40 [ 35.714755] kasan_save_alloc_info+0x22/0x30 [ 35.715261] __kasan_kmalloc+0xb7/0xc0 [ 35.715610] kmalloc_trace+0x4c/0xb0 [ 35.716066] kasan_strings+0x9f/0x510 [ 35.716412] kunit_try_run_case+0x120/0x290 [ 35.717691] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.718609] kthread+0x19e/0x1e0 [ 35.719504] ret_from_fork+0x41/0x70 [ 35.720192] ret_from_fork_asm+0x1b/0x30 [ 35.721482] [ 35.721936] Freed by task 220: [ 35.722276] kasan_save_stack+0x44/0x70 [ 35.723026] kasan_set_track+0x29/0x40 [ 35.723535] kasan_save_free_info+0x2f/0x50 [ 35.724110] ____kasan_slab_free+0x172/0x1d0 [ 35.724769] __kasan_slab_free+0x16/0x20 [ 35.725426] __kmem_cache_free+0x190/0x310 [ 35.726158] kfree+0x7c/0x120 [ 35.726594] kasan_strings+0xc3/0x510 [ 35.727136] kunit_try_run_case+0x120/0x290 [ 35.727946] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.728706] kthread+0x19e/0x1e0 [ 35.729269] ret_from_fork+0x41/0x70 [ 35.729533] ret_from_fork_asm+0x1b/0x30 [ 35.729831] [ 35.729979] The buggy address belongs to the object at ffff888102869440 [ 35.729979] which belongs to the cache kmalloc-32 of size 32 [ 35.730702] The buggy address is located 16 bytes inside of [ 35.730702] freed 32-byte region [ffff888102869440, ffff888102869460) [ 35.731889] [ 35.732016] The buggy address belongs to the physical page: [ 35.732499] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.733051] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.733518] page_type: 0xffffffff() [ 35.733750] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.734290] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.734817] page dumped because: kasan: bad access detected [ 35.735132] [ 35.735256] Memory state around the buggy address: [ 35.735607] ffff888102869300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.736076] ffff888102869380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.736938] >ffff888102869400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.737459] ^ [ 35.737763] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.738234] ffff888102869500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.738720] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
Automatically assigned
[ 35.656042] ================================================================== [ 35.656456] BUG: KASAN: slab-use-after-free in strlen+0x13/0x50 [ 35.656969] Read of size 1 at addr ffff888102869450 by task kunit_try_catch/220 [ 35.657773] [ 35.657917] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.658655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.659294] Call Trace: [ 35.659599] <TASK> [ 35.659771] dump_stack_lvl+0x4e/0x90 [ 35.660279] print_report+0xd2/0x650 [ 35.660687] ? __virt_addr_valid+0x156/0x1e0 [ 35.661109] ? strlen+0x13/0x50 [ 35.661523] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.662015] ? strlen+0x13/0x50 [ 35.662222] kasan_report+0x147/0x180 [ 35.662496] ? strlen+0x13/0x50 [ 35.663046] __asan_load1+0x66/0x70 [ 35.663660] strlen+0x13/0x50 [ 35.664017] kasan_strings+0x1dc/0x510 [ 35.664267] ? __pfx_kasan_strings+0x10/0x10 [ 35.664726] ? __schedule+0x715/0x11a0 [ 35.665188] ? ktime_get_ts64+0x118/0x140 [ 35.665668] kunit_try_run_case+0x120/0x290 [ 35.666093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.666517] ? __kasan_check_write+0x18/0x20 [ 35.667021] ? trace_preempt_on+0x20/0xa0 [ 35.667259] ? __kthread_parkme+0x4f/0xd0 [ 35.667645] ? preempt_count_sub+0x50/0x80 [ 35.667946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.668604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.669089] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.669615] kthread+0x19e/0x1e0 [ 35.670019] ? __pfx_kthread+0x10/0x10 [ 35.670402] ret_from_fork+0x41/0x70 [ 35.670789] ? __pfx_kthread+0x10/0x10 [ 35.671177] ret_from_fork_asm+0x1b/0x30 [ 35.671642] </TASK> [ 35.671882] [ 35.672013] Allocated by task 220: [ 35.672184] kasan_save_stack+0x44/0x70 [ 35.672712] kasan_set_track+0x29/0x40 [ 35.673129] kasan_save_alloc_info+0x22/0x30 [ 35.673554] __kasan_kmalloc+0xb7/0xc0 [ 35.673915] kmalloc_trace+0x4c/0xb0 [ 35.674145] kasan_strings+0x9f/0x510 [ 35.674380] kunit_try_run_case+0x120/0x290 [ 35.674668] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.675294] kthread+0x19e/0x1e0 [ 35.675672] ret_from_fork+0x41/0x70 [ 35.676145] ret_from_fork_asm+0x1b/0x30 [ 35.676501] [ 35.676816] Freed by task 220: [ 35.677114] kasan_save_stack+0x44/0x70 [ 35.677465] kasan_set_track+0x29/0x40 [ 35.677881] kasan_save_free_info+0x2f/0x50 [ 35.678261] ____kasan_slab_free+0x172/0x1d0 [ 35.678567] __kasan_slab_free+0x16/0x20 [ 35.679093] __kmem_cache_free+0x190/0x310 [ 35.679545] kfree+0x7c/0x120 [ 35.679871] kasan_strings+0xc3/0x510 [ 35.680167] kunit_try_run_case+0x120/0x290 [ 35.680461] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.681043] kthread+0x19e/0x1e0 [ 35.681436] ret_from_fork+0x41/0x70 [ 35.681799] ret_from_fork_asm+0x1b/0x30 [ 35.682185] [ 35.682330] The buggy address belongs to the object at ffff888102869440 [ 35.682330] which belongs to the cache kmalloc-32 of size 32 [ 35.683045] The buggy address is located 16 bytes inside of [ 35.683045] freed 32-byte region [ffff888102869440, ffff888102869460) [ 35.684124] [ 35.684473] The buggy address belongs to the physical page: [ 35.685064] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.685798] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.686297] page_type: 0xffffffff() [ 35.686732] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.687319] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.687929] page dumped because: kasan: bad access detected [ 35.688186] [ 35.688312] Memory state around the buggy address: [ 35.688812] ffff888102869300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.689327] ffff888102869380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.690143] >ffff888102869400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.690774] ^ [ 35.691607] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.692203] ffff888102869500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.692827] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
Automatically assigned
[ 35.618392] ================================================================== [ 35.619155] BUG: KASAN: slab-use-after-free in kasan_strings+0x19b/0x510 [ 35.619695] Read of size 1 at addr ffff888102869450 by task kunit_try_catch/220 [ 35.620258] [ 35.620837] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.621333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.621932] Call Trace: [ 35.622238] <TASK> [ 35.622547] dump_stack_lvl+0x4e/0x90 [ 35.622980] print_report+0xd2/0x650 [ 35.623388] ? __virt_addr_valid+0x156/0x1e0 [ 35.623761] ? kasan_strings+0x19b/0x510 [ 35.624057] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.624427] ? kasan_strings+0x19b/0x510 [ 35.625060] kasan_report+0x147/0x180 [ 35.625337] ? kasan_strings+0x19b/0x510 [ 35.625733] __asan_load1+0x66/0x70 [ 35.626139] kasan_strings+0x19b/0x510 [ 35.626671] ? __pfx_kasan_strings+0x10/0x10 [ 35.627114] ? __schedule+0x715/0x11a0 [ 35.627533] ? ktime_get_ts64+0x118/0x140 [ 35.627967] kunit_try_run_case+0x120/0x290 [ 35.628563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.628948] ? __kasan_check_write+0x18/0x20 [ 35.629183] ? trace_preempt_on+0x20/0xa0 [ 35.629752] ? __kthread_parkme+0x4f/0xd0 [ 35.630055] ? preempt_count_sub+0x50/0x80 [ 35.630503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.631037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.631422] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.631937] kthread+0x19e/0x1e0 [ 35.632319] ? __pfx_kthread+0x10/0x10 [ 35.632713] ret_from_fork+0x41/0x70 [ 35.633127] ? __pfx_kthread+0x10/0x10 [ 35.633581] ret_from_fork_asm+0x1b/0x30 [ 35.634039] </TASK> [ 35.634326] [ 35.634478] Allocated by task 220: [ 35.634692] kasan_save_stack+0x44/0x70 [ 35.635459] kasan_set_track+0x29/0x40 [ 35.635783] kasan_save_alloc_info+0x22/0x30 [ 35.636194] __kasan_kmalloc+0xb7/0xc0 [ 35.636597] kmalloc_trace+0x4c/0xb0 [ 35.637017] kasan_strings+0x9f/0x510 [ 35.637504] kunit_try_run_case+0x120/0x290 [ 35.637962] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.638442] kthread+0x19e/0x1e0 [ 35.638850] ret_from_fork+0x41/0x70 [ 35.639137] ret_from_fork_asm+0x1b/0x30 [ 35.639526] [ 35.640022] Freed by task 220: [ 35.640237] kasan_save_stack+0x44/0x70 [ 35.640777] kasan_set_track+0x29/0x40 [ 35.641050] kasan_save_free_info+0x2f/0x50 [ 35.641434] ____kasan_slab_free+0x172/0x1d0 [ 35.641841] __kasan_slab_free+0x16/0x20 [ 35.642105] __kmem_cache_free+0x190/0x310 [ 35.642346] kfree+0x7c/0x120 [ 35.642837] kasan_strings+0xc3/0x510 [ 35.643227] kunit_try_run_case+0x120/0x290 [ 35.643675] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.643962] kthread+0x19e/0x1e0 [ 35.644155] ret_from_fork+0x41/0x70 [ 35.644515] ret_from_fork_asm+0x1b/0x30 [ 35.645104] [ 35.645399] The buggy address belongs to the object at ffff888102869440 [ 35.645399] which belongs to the cache kmalloc-32 of size 32 [ 35.646170] The buggy address is located 16 bytes inside of [ 35.646170] freed 32-byte region [ffff888102869440, ffff888102869460) [ 35.647244] [ 35.647426] The buggy address belongs to the physical page: [ 35.647851] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.648607] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.649033] page_type: 0xffffffff() [ 35.649260] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.649908] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.650580] page dumped because: kasan: bad access detected [ 35.651093] [ 35.651336] Memory state around the buggy address: [ 35.651769] ffff888102869300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.652326] ffff888102869380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.652925] >ffff888102869400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.653462] ^ [ 35.653731] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.654214] ffff888102869500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.655066] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
Automatically assigned
[ 35.580140] ================================================================== [ 35.580627] BUG: KASAN: slab-use-after-free in strcmp+0x26/0x60 [ 35.581182] Read of size 1 at addr ffff888102869450 by task kunit_try_catch/220 [ 35.582036] [ 35.582419] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.582944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.583622] Call Trace: [ 35.583974] <TASK> [ 35.584262] dump_stack_lvl+0x4e/0x90 [ 35.584676] print_report+0xd2/0x650 [ 35.584910] ? __virt_addr_valid+0x156/0x1e0 [ 35.585470] ? strcmp+0x26/0x60 [ 35.585712] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.586200] ? strcmp+0x26/0x60 [ 35.586458] kasan_report+0x147/0x180 [ 35.587038] ? strcmp+0x26/0x60 [ 35.587411] __asan_load1+0x66/0x70 [ 35.587809] strcmp+0x26/0x60 [ 35.588185] kasan_strings+0x161/0x510 [ 35.588640] ? __pfx_kasan_strings+0x10/0x10 [ 35.589061] ? __schedule+0x715/0x11a0 [ 35.589308] ? ktime_get_ts64+0x118/0x140 [ 35.589596] kunit_try_run_case+0x120/0x290 [ 35.589840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.590550] ? __kasan_check_write+0x18/0x20 [ 35.591032] ? trace_preempt_on+0x20/0xa0 [ 35.591488] ? __kthread_parkme+0x4f/0xd0 [ 35.591968] ? preempt_count_sub+0x50/0x80 [ 35.592404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.592915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.593434] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.593945] kthread+0x19e/0x1e0 [ 35.594183] ? __pfx_kthread+0x10/0x10 [ 35.594607] ret_from_fork+0x41/0x70 [ 35.594823] ? __pfx_kthread+0x10/0x10 [ 35.595122] ret_from_fork_asm+0x1b/0x30 [ 35.595745] </TASK> [ 35.596054] [ 35.596292] Allocated by task 220: [ 35.596614] kasan_save_stack+0x44/0x70 [ 35.597021] kasan_set_track+0x29/0x40 [ 35.597406] kasan_save_alloc_info+0x22/0x30 [ 35.597853] __kasan_kmalloc+0xb7/0xc0 [ 35.598233] kmalloc_trace+0x4c/0xb0 [ 35.598628] kasan_strings+0x9f/0x510 [ 35.599014] kunit_try_run_case+0x120/0x290 [ 35.599456] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.599833] kthread+0x19e/0x1e0 [ 35.600112] ret_from_fork+0x41/0x70 [ 35.600606] ret_from_fork_asm+0x1b/0x30 [ 35.601083] [ 35.601324] Freed by task 220: [ 35.601557] kasan_save_stack+0x44/0x70 [ 35.602028] kasan_set_track+0x29/0x40 [ 35.602259] kasan_save_free_info+0x2f/0x50 [ 35.602508] ____kasan_slab_free+0x172/0x1d0 [ 35.603014] __kasan_slab_free+0x16/0x20 [ 35.603406] __kmem_cache_free+0x190/0x310 [ 35.603851] kfree+0x7c/0x120 [ 35.604199] kasan_strings+0xc3/0x510 [ 35.604596] kunit_try_run_case+0x120/0x290 [ 35.605039] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.605515] kthread+0x19e/0x1e0 [ 35.605906] ret_from_fork+0x41/0x70 [ 35.606282] ret_from_fork_asm+0x1b/0x30 [ 35.606666] [ 35.606935] The buggy address belongs to the object at ffff888102869440 [ 35.606935] which belongs to the cache kmalloc-32 of size 32 [ 35.607967] The buggy address is located 16 bytes inside of [ 35.607967] freed 32-byte region [ffff888102869440, ffff888102869460) [ 35.608945] [ 35.609270] The buggy address belongs to the physical page: [ 35.609657] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.610494] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.611001] page_type: 0xffffffff() [ 35.611390] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.612128] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.612727] page dumped because: kasan: bad access detected [ 35.613178] [ 35.613306] Memory state around the buggy address: [ 35.613799] ffff888102869300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.614373] ffff888102869380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.614928] >ffff888102869400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.615557] ^ [ 35.616239] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.616816] ffff888102869500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.617385] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strrchr: Failure
Automatically assigned
[ 35.540119] ================================================================== [ 35.540929] BUG: KASAN: slab-use-after-free in strrchr+0x1e/0x40 [ 35.541309] Read of size 1 at addr ffff888102869450 by task kunit_try_catch/220 [ 35.542236] [ 35.542409] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.543072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.543826] Call Trace: [ 35.544169] <TASK> [ 35.544341] dump_stack_lvl+0x4e/0x90 [ 35.544871] print_report+0xd2/0x650 [ 35.545291] ? __virt_addr_valid+0x156/0x1e0 [ 35.545703] ? strrchr+0x1e/0x40 [ 35.545953] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.546622] ? strrchr+0x1e/0x40 [ 35.547041] kasan_report+0x147/0x180 [ 35.547447] ? strrchr+0x1e/0x40 [ 35.547896] __asan_load1+0x66/0x70 [ 35.548316] strrchr+0x1e/0x40 [ 35.548691] kasan_strings+0x11f/0x510 [ 35.549154] ? __pfx_kasan_strings+0x10/0x10 [ 35.549654] ? __schedule+0x715/0x11a0 [ 35.550130] ? ktime_get_ts64+0x118/0x140 [ 35.550585] kunit_try_run_case+0x120/0x290 [ 35.550853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.551198] ? __kasan_check_write+0x18/0x20 [ 35.551997] ? trace_preempt_on+0x20/0xa0 [ 35.552280] ? __kthread_parkme+0x4f/0xd0 [ 35.552882] ? preempt_count_sub+0x50/0x80 [ 35.553322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.553854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.554238] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.554764] kthread+0x19e/0x1e0 [ 35.555183] ? __pfx_kthread+0x10/0x10 [ 35.555675] ret_from_fork+0x41/0x70 [ 35.556148] ? __pfx_kthread+0x10/0x10 [ 35.556589] ret_from_fork_asm+0x1b/0x30 [ 35.556977] </TASK> [ 35.557394] [ 35.557510] Allocated by task 220: [ 35.558009] kasan_save_stack+0x44/0x70 [ 35.558502] kasan_set_track+0x29/0x40 [ 35.558935] kasan_save_alloc_info+0x22/0x30 [ 35.559381] __kasan_kmalloc+0xb7/0xc0 [ 35.559833] kmalloc_trace+0x4c/0xb0 [ 35.560259] kasan_strings+0x9f/0x510 [ 35.560638] kunit_try_run_case+0x120/0x290 [ 35.560978] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.561353] kthread+0x19e/0x1e0 [ 35.561884] ret_from_fork+0x41/0x70 [ 35.562260] ret_from_fork_asm+0x1b/0x30 [ 35.562702] [ 35.563072] Freed by task 220: [ 35.563297] kasan_save_stack+0x44/0x70 [ 35.563725] kasan_set_track+0x29/0x40 [ 35.564102] kasan_save_free_info+0x2f/0x50 [ 35.564361] ____kasan_slab_free+0x172/0x1d0 [ 35.564605] __kasan_slab_free+0x16/0x20 [ 35.565105] __kmem_cache_free+0x190/0x310 [ 35.565615] kfree+0x7c/0x120 [ 35.565802] kasan_strings+0xc3/0x510 [ 35.566057] kunit_try_run_case+0x120/0x290 [ 35.566718] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.567199] kthread+0x19e/0x1e0 [ 35.567610] ret_from_fork+0x41/0x70 [ 35.568014] ret_from_fork_asm+0x1b/0x30 [ 35.568285] [ 35.568691] The buggy address belongs to the object at ffff888102869440 [ 35.568691] which belongs to the cache kmalloc-32 of size 32 [ 35.569553] The buggy address is located 16 bytes inside of [ 35.569553] freed 32-byte region [ffff888102869440, ffff888102869460) [ 35.570373] [ 35.570715] The buggy address belongs to the physical page: [ 35.571275] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.571975] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.572617] page_type: 0xffffffff() [ 35.573150] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.573696] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.574288] page dumped because: kasan: bad access detected [ 35.574730] [ 35.574857] Memory state around the buggy address: [ 35.575128] ffff888102869300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.575887] ffff888102869380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.576448] >ffff888102869400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.577056] ^ [ 35.577623] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.578184] ffff888102869500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.578780] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strchr: Failure
Automatically assigned
[ 35.498940] ================================================================== [ 35.499553] BUG: KASAN: slab-use-after-free in strchr+0x18/0x60 [ 35.500084] Read of size 1 at addr ffff888102869450 by task kunit_try_catch/220 [ 35.500586] [ 35.501255] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.502090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.502886] Call Trace: [ 35.503253] <TASK> [ 35.503582] dump_stack_lvl+0x4e/0x90 [ 35.503846] print_report+0xd2/0x650 [ 35.504389] ? __virt_addr_valid+0x156/0x1e0 [ 35.504707] ? strchr+0x18/0x60 [ 35.505162] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.505672] ? strchr+0x18/0x60 [ 35.506125] kasan_report+0x147/0x180 [ 35.506611] ? strchr+0x18/0x60 [ 35.507017] __asan_load1+0x66/0x70 [ 35.507265] strchr+0x18/0x60 [ 35.507717] kasan_strings+0xdf/0x510 [ 35.508123] ? __pfx_kasan_strings+0x10/0x10 [ 35.508678] ? __schedule+0x715/0x11a0 [ 35.509227] ? ktime_get_ts64+0x118/0x140 [ 35.509644] kunit_try_run_case+0x120/0x290 [ 35.510113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.510688] ? __kasan_check_write+0x18/0x20 [ 35.511014] ? trace_preempt_on+0x20/0xa0 [ 35.511471] ? __kthread_parkme+0x4f/0xd0 [ 35.512021] ? preempt_count_sub+0x50/0x80 [ 35.512527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.513005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.513600] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.513911] kthread+0x19e/0x1e0 [ 35.514438] ? __pfx_kthread+0x10/0x10 [ 35.514842] ret_from_fork+0x41/0x70 [ 35.515138] ? __pfx_kthread+0x10/0x10 [ 35.515629] ret_from_fork_asm+0x1b/0x30 [ 35.516222] </TASK> [ 35.516465] [ 35.516576] Allocated by task 220: [ 35.517041] kasan_save_stack+0x44/0x70 [ 35.517516] kasan_set_track+0x29/0x40 [ 35.517967] kasan_save_alloc_info+0x22/0x30 [ 35.518459] __kasan_kmalloc+0xb7/0xc0 [ 35.518703] kmalloc_trace+0x4c/0xb0 [ 35.519261] kasan_strings+0x9f/0x510 [ 35.519627] kunit_try_run_case+0x120/0x290 [ 35.520124] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.520683] kthread+0x19e/0x1e0 [ 35.521093] ret_from_fork+0x41/0x70 [ 35.521566] ret_from_fork_asm+0x1b/0x30 [ 35.521904] [ 35.522258] Freed by task 220: [ 35.522629] kasan_save_stack+0x44/0x70 [ 35.523051] kasan_set_track+0x29/0x40 [ 35.523362] kasan_save_free_info+0x2f/0x50 [ 35.523885] ____kasan_slab_free+0x172/0x1d0 [ 35.524315] __kasan_slab_free+0x16/0x20 [ 35.524728] __kmem_cache_free+0x190/0x310 [ 35.525115] kfree+0x7c/0x120 [ 35.525323] kasan_strings+0xc3/0x510 [ 35.525933] kunit_try_run_case+0x120/0x290 [ 35.526382] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.526921] kthread+0x19e/0x1e0 [ 35.527317] ret_from_fork+0x41/0x70 [ 35.527701] ret_from_fork_asm+0x1b/0x30 [ 35.528193] [ 35.528479] The buggy address belongs to the object at ffff888102869440 [ 35.528479] which belongs to the cache kmalloc-32 of size 32 [ 35.529462] The buggy address is located 16 bytes inside of [ 35.529462] freed 32-byte region [ffff888102869440, ffff888102869460) [ 35.530228] [ 35.530653] The buggy address belongs to the physical page: [ 35.531016] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.531839] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.532331] page_type: 0xffffffff() [ 35.532731] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.533305] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.533905] page dumped because: kasan: bad access detected [ 35.534486] [ 35.534764] Memory state around the buggy address: [ 35.535253] ffff888102869300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.535948] ffff888102869380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.536621] >ffff888102869400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 35.537184] ^ [ 35.537848] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.538554] ffff888102869500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.539031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
Automatically assigned
[ 35.461797] ================================================================== [ 35.462431] BUG: KASAN: slab-out-of-bounds in memcmp+0x3d/0xb0 [ 35.463112] Read of size 1 at addr ffff8881028693d8 by task kunit_try_catch/218 [ 35.463771] [ 35.463926] CPU: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.464858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.465608] Call Trace: [ 35.465889] <TASK> [ 35.466115] dump_stack_lvl+0x4e/0x90 [ 35.466637] print_report+0xd2/0x650 [ 35.466934] ? __virt_addr_valid+0x156/0x1e0 [ 35.467295] ? memcmp+0x3d/0xb0 [ 35.467980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.468377] ? memcmp+0x3d/0xb0 [ 35.468642] kasan_report+0x147/0x180 [ 35.469087] ? memcmp+0x3d/0xb0 [ 35.469579] __asan_load1+0x66/0x70 [ 35.469914] memcmp+0x3d/0xb0 [ 35.470174] kasan_memcmp+0x100/0x230 [ 35.470556] ? __pfx_kasan_memcmp+0x10/0x10 [ 35.470890] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 35.471283] ? ktime_get_ts64+0x118/0x140 [ 35.471682] kunit_try_run_case+0x120/0x290 [ 35.472046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.472779] ? __kasan_check_write+0x18/0x20 [ 35.473092] ? trace_preempt_on+0x20/0xa0 [ 35.473382] ? __kthread_parkme+0x4f/0xd0 [ 35.473808] ? preempt_count_sub+0x50/0x80 [ 35.474161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.474631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.475044] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.475522] kthread+0x19e/0x1e0 [ 35.475799] ? __pfx_kthread+0x10/0x10 [ 35.476133] ret_from_fork+0x41/0x70 [ 35.476346] ? __pfx_kthread+0x10/0x10 [ 35.476717] ret_from_fork_asm+0x1b/0x30 [ 35.477186] </TASK> [ 35.477422] [ 35.477937] Allocated by task 218: [ 35.478125] kasan_save_stack+0x44/0x70 [ 35.478491] kasan_set_track+0x29/0x40 [ 35.478756] kasan_save_alloc_info+0x22/0x30 [ 35.479162] __kasan_kmalloc+0xb7/0xc0 [ 35.479548] kmalloc_trace+0x4c/0xb0 [ 35.479888] kasan_memcmp+0xb0/0x230 [ 35.480160] kunit_try_run_case+0x120/0x290 [ 35.480453] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.481036] kthread+0x19e/0x1e0 [ 35.481257] ret_from_fork+0x41/0x70 [ 35.481622] ret_from_fork_asm+0x1b/0x30 [ 35.482017] [ 35.482159] The buggy address belongs to the object at ffff8881028693c0 [ 35.482159] which belongs to the cache kmalloc-32 of size 32 [ 35.483325] The buggy address is located 0 bytes to the right of [ 35.483325] allocated 24-byte region [ffff8881028693c0, ffff8881028693d8) [ 35.484201] [ 35.484341] The buggy address belongs to the physical page: [ 35.484937] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.485579] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.486020] page_type: 0xffffffff() [ 35.486294] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.486958] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.487556] page dumped because: kasan: bad access detected [ 35.488202] [ 35.488347] Memory state around the buggy address: [ 35.488747] ffff888102869280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.489314] ffff888102869300: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 35.489893] >ffff888102869380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 35.490331] ^ [ 35.490829] ffff888102869400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.491276] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.491755] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memchr: Failure
Automatically assigned
[ 35.426853] ================================================================== [ 35.427725] BUG: KASAN: slab-out-of-bounds in memchr+0x27/0x60 [ 35.428323] Read of size 1 at addr ffff888102869398 by task kunit_try_catch/216 [ 35.428682] [ 35.428925] CPU: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.429734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.430292] Call Trace: [ 35.430518] <TASK> [ 35.430902] dump_stack_lvl+0x4e/0x90 [ 35.431218] print_report+0xd2/0x650 [ 35.431685] ? __virt_addr_valid+0x156/0x1e0 [ 35.432052] ? memchr+0x27/0x60 [ 35.432342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.433043] ? memchr+0x27/0x60 [ 35.433334] kasan_report+0x147/0x180 [ 35.433701] ? memchr+0x27/0x60 [ 35.434009] __asan_load1+0x66/0x70 [ 35.434332] memchr+0x27/0x60 [ 35.434731] kasan_memchr+0xdd/0x1f0 [ 35.435065] ? __pfx_kasan_memchr+0x10/0x10 [ 35.435507] ? __schedule+0x715/0x11a0 [ 35.435792] ? ktime_get_ts64+0x118/0x140 [ 35.436124] kunit_try_run_case+0x120/0x290 [ 35.436558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.436920] ? __kasan_check_write+0x18/0x20 [ 35.437244] ? trace_preempt_on+0x20/0xa0 [ 35.437778] ? __kthread_parkme+0x4f/0xd0 [ 35.438062] ? preempt_count_sub+0x50/0x80 [ 35.438359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.438648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.439168] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.439655] kthread+0x19e/0x1e0 [ 35.440056] ? __pfx_kthread+0x10/0x10 [ 35.440382] ret_from_fork+0x41/0x70 [ 35.440729] ? __pfx_kthread+0x10/0x10 [ 35.441152] ret_from_fork_asm+0x1b/0x30 [ 35.441605] </TASK> [ 35.441825] [ 35.441965] Allocated by task 216: [ 35.442231] kasan_save_stack+0x44/0x70 [ 35.442590] kasan_set_track+0x29/0x40 [ 35.443065] kasan_save_alloc_info+0x22/0x30 [ 35.443537] __kasan_kmalloc+0xb7/0xc0 [ 35.443856] kmalloc_trace+0x4c/0xb0 [ 35.444149] kasan_memchr+0x9f/0x1f0 [ 35.444434] kunit_try_run_case+0x120/0x290 [ 35.444853] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.445258] kthread+0x19e/0x1e0 [ 35.445535] ret_from_fork+0x41/0x70 [ 35.446009] ret_from_fork_asm+0x1b/0x30 [ 35.446341] [ 35.446557] The buggy address belongs to the object at ffff888102869380 [ 35.446557] which belongs to the cache kmalloc-32 of size 32 [ 35.447430] The buggy address is located 0 bytes to the right of [ 35.447430] allocated 24-byte region [ffff888102869380, ffff888102869398) [ 35.448642] [ 35.448788] The buggy address belongs to the physical page: [ 35.449177] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102869 [ 35.449831] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.450290] page_type: 0xffffffff() [ 35.450728] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 35.451234] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 35.451882] page dumped because: kasan: bad access detected [ 35.452253] [ 35.452393] Memory state around the buggy address: [ 35.452929] ffff888102869280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 35.453464] ffff888102869300: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 35.453916] >ffff888102869380: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.454334] ^ [ 35.454794] ffff888102869400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.455230] ffff888102869480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.455697] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
Automatically assigned
[ 35.380011] ================================================================== [ 35.381264] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0xce/0x1d0 [ 35.381967] Read of size 1 at addr ffff888101b028c0 by task kunit_try_catch/214 [ 35.382947] [ 35.383073] CPU: 1 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.383453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.383836] Call Trace: [ 35.383995] <TASK> [ 35.384135] dump_stack_lvl+0x4e/0x90 [ 35.384414] print_report+0xd2/0x650 [ 35.384628] ? __virt_addr_valid+0x156/0x1e0 [ 35.385470] ? kmem_cache_double_destroy+0xce/0x1d0 [ 35.385825] ? kasan_complete_mode_report_info+0x64/0x200 [ 35.386188] ? kmem_cache_double_destroy+0xce/0x1d0 [ 35.386696] kasan_report+0x147/0x180 [ 35.387054] ? kmem_cache_double_destroy+0xce/0x1d0 [ 35.387497] ? kmem_cache_double_destroy+0xce/0x1d0 [ 35.388001] __kasan_check_byte+0x3d/0x50 [ 35.388328] kmem_cache_destroy+0x25/0x170 [ 35.388754] kmem_cache_double_destroy+0xce/0x1d0 [ 35.389134] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 35.389723] ? __schedule+0x715/0x11a0 [ 35.390083] ? ktime_get_ts64+0x118/0x140 [ 35.390755] kunit_try_run_case+0x120/0x290 [ 35.391124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.391616] ? __kasan_check_write+0x18/0x20 [ 35.391988] ? trace_preempt_on+0x20/0xa0 [ 35.392322] ? __kthread_parkme+0x4f/0xd0 [ 35.392760] ? preempt_count_sub+0x50/0x80 [ 35.393125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.393694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.394169] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.394933] kthread+0x19e/0x1e0 [ 35.395261] ? __pfx_kthread+0x10/0x10 [ 35.395688] ret_from_fork+0x41/0x70 [ 35.396055] ? __pfx_kthread+0x10/0x10 [ 35.396513] ret_from_fork_asm+0x1b/0x30 [ 35.396852] </TASK> [ 35.397083] [ 35.397256] Allocated by task 214: [ 35.397644] kasan_save_stack+0x44/0x70 [ 35.398002] kasan_set_track+0x29/0x40 [ 35.398313] kasan_save_alloc_info+0x22/0x30 [ 35.399037] __kasan_slab_alloc+0x91/0xa0 [ 35.399302] kmem_cache_alloc+0x186/0x3b0 [ 35.399743] kmem_cache_create_usercopy+0x13e/0x230 [ 35.400103] kmem_cache_create+0x1a/0x20 [ 35.400506] kmem_cache_double_destroy+0x97/0x1d0 [ 35.400885] kunit_try_run_case+0x120/0x290 [ 35.401252] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.401747] kthread+0x19e/0x1e0 [ 35.402054] ret_from_fork+0x41/0x70 [ 35.402353] ret_from_fork_asm+0x1b/0x30 [ 35.402939] [ 35.403064] Freed by task 214: [ 35.403285] kasan_save_stack+0x44/0x70 [ 35.403774] kasan_set_track+0x29/0x40 [ 35.404093] kasan_save_free_info+0x2f/0x50 [ 35.404502] ____kasan_slab_free+0x172/0x1d0 [ 35.404869] __kasan_slab_free+0x16/0x20 [ 35.405143] kmem_cache_free+0x1a7/0x4b0 [ 35.405583] slab_kmem_cache_release+0x2e/0x40 [ 35.405998] kmem_cache_release+0x16/0x20 [ 35.406283] kobject_put+0xf6/0x250 [ 35.406665] sysfs_slab_release+0x24/0x30 [ 35.406977] kmem_cache_destroy+0xd2/0x170 [ 35.407305] kmem_cache_double_destroy+0xb7/0x1d0 [ 35.407946] kunit_try_run_case+0x120/0x290 [ 35.408227] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.408601] kthread+0x19e/0x1e0 [ 35.409003] ret_from_fork+0x41/0x70 [ 35.409235] ret_from_fork_asm+0x1b/0x30 [ 35.409686] [ 35.409819] The buggy address belongs to the object at ffff888101b028c0 [ 35.409819] which belongs to the cache kmem_cache of size 208 [ 35.410720] The buggy address is located 0 bytes inside of [ 35.410720] freed 208-byte region [ffff888101b028c0, ffff888101b02990) [ 35.411451] [ 35.411769] The buggy address belongs to the physical page: [ 35.412282] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b02 [ 35.412975] flags: 0x200000000000800(slab|node=0|zone=2) [ 35.413472] page_type: 0xffffffff() [ 35.413829] raw: 0200000000000800 ffff888100041000 dead000000000122 0000000000000000 [ 35.414310] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000 [ 35.414844] page dumped because: kasan: bad access detected [ 35.415208] [ 35.415333] Memory state around the buggy address: [ 35.415851] ffff888101b02780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.416240] ffff888101b02800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 35.416878] >ffff888101b02880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 35.417330] ^ [ 35.417922] ffff888101b02900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.418510] ffff888101b02980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.419062] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
Automatically assigned
[ 35.016126] ================================================================== [ 35.016815] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x10a/0x200 [ 35.017331] Read of size 1 at addr ffff888102a87cca by task kunit_try_catch/204 [ 35.017771] [ 35.017917] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 35.018445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.019226] Call Trace: [ 35.019650] <TASK> [ 35.019871] dump_stack_lvl+0x4e/0x90 [ 35.020189] print_report+0xd2/0x650 [ 35.020469] ? __virt_addr_valid+0x156/0x1e0 [ 35.020820] ? kasan_alloca_oob_right+0x10a/0x200 [ 35.021193] ? kasan_addr_to_slab+0x11/0xb0 [ 35.021451] ? kasan_alloca_oob_right+0x10a/0x200 [ 35.021822] kasan_report+0x147/0x180 [ 35.022122] ? kasan_alloca_oob_right+0x10a/0x200 [ 35.022466] __asan_load1+0x66/0x70 [ 35.023146] kasan_alloca_oob_right+0x10a/0x200 [ 35.023490] ? set_user_nice+0x30e/0x420 [ 35.023789] ? __schedule+0x715/0x11a0 [ 35.024093] ? trace_hardirqs_on+0x37/0xd0 [ 35.024391] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 35.024735] ? __schedule+0x715/0x11a0 [ 35.025035] ? ktime_get_ts64+0x118/0x140 [ 35.025317] kunit_try_run_case+0x120/0x290 [ 35.025635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.026046] ? __kasan_check_write+0x18/0x20 [ 35.026340] ? trace_preempt_on+0x20/0xa0 [ 35.026643] ? __kthread_parkme+0x4f/0xd0 [ 35.027490] ? preempt_count_sub+0x50/0x80 [ 35.027774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.028117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.028523] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 35.028927] kthread+0x19e/0x1e0 [ 35.029198] ? __pfx_kthread+0x10/0x10 [ 35.029451] ret_from_fork+0x41/0x70 [ 35.029726] ? __pfx_kthread+0x10/0x10 [ 35.029999] ret_from_fork_asm+0x1b/0x30 [ 35.030334] </TASK> [ 35.030508] [ 35.030644] The buggy address belongs to stack of task kunit_try_catch/204 [ 35.031610] [ 35.031772] The buggy address belongs to the physical page: [ 35.032103] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a87 [ 35.032622] flags: 0x200000000000000(node=0|zone=2) [ 35.033015] page_type: 0xffffffff() [ 35.033256] raw: 0200000000000000 ffffea00040aa1c8 ffffea00040aa1c8 0000000000000000 [ 35.033718] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 35.034155] page dumped because: kasan: bad access detected [ 35.034521] [ 35.034658] Memory state around the buggy address: [ 35.035536] ffff888102a87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.036202] ffff888102a87c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.036676] >ffff888102a87c80: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 35.037115] ^ [ 35.037437] ffff888102a87d00: 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 [ 35.037887] ffff888102a87d80: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 f1 [ 35.038277] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
Automatically assigned
[ 34.985450] ================================================================== [ 34.986030] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x101/0x1f0 [ 34.987034] Read of size 1 at addr ffff888102a77cbf by task kunit_try_catch/202 [ 34.987585] [ 34.987740] CPU: 1 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.988307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.988941] Call Trace: [ 34.989109] <TASK> [ 34.989275] dump_stack_lvl+0x4e/0x90 [ 34.989514] print_report+0xd2/0x650 [ 34.989852] ? __virt_addr_valid+0x156/0x1e0 [ 34.990247] ? kasan_alloca_oob_left+0x101/0x1f0 [ 34.990625] ? kasan_addr_to_slab+0x11/0xb0 [ 34.990977] ? kasan_alloca_oob_left+0x101/0x1f0 [ 34.991367] kasan_report+0x147/0x180 [ 34.992010] ? kasan_alloca_oob_left+0x101/0x1f0 [ 34.992575] __asan_load1+0x66/0x70 [ 34.992910] kasan_alloca_oob_left+0x101/0x1f0 [ 34.993228] ? set_user_nice+0x30e/0x420 [ 34.993771] ? __schedule+0x715/0x11a0 [ 34.994068] ? trace_hardirqs_on+0x37/0xd0 [ 34.994559] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 34.995018] ? __schedule+0x715/0x11a0 [ 34.995445] ? ktime_get_ts64+0x118/0x140 [ 34.995872] kunit_try_run_case+0x120/0x290 [ 34.996180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.996666] ? __kasan_check_write+0x18/0x20 [ 34.997107] ? trace_preempt_on+0x20/0xa0 [ 34.997571] ? __kthread_parkme+0x4f/0xd0 [ 34.997898] ? preempt_count_sub+0x50/0x80 [ 34.998412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.998758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.999162] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.999773] kthread+0x19e/0x1e0 [ 35.000159] ? __pfx_kthread+0x10/0x10 [ 35.000560] ret_from_fork+0x41/0x70 [ 35.000979] ? __pfx_kthread+0x10/0x10 [ 35.001267] ret_from_fork_asm+0x1b/0x30 [ 35.001765] </TASK> [ 35.002020] [ 35.002135] The buggy address belongs to stack of task kunit_try_catch/202 [ 35.002680] [ 35.002812] The buggy address belongs to the physical page: [ 35.003099] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a77 [ 35.004011] flags: 0x200000000000000(node=0|zone=2) [ 35.004376] page_type: 0xffffffff() [ 35.004657] raw: 0200000000000000 ffffea00040a9dc8 ffffea00040a9dc8 0000000000000000 [ 35.005424] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 35.005973] page dumped because: kasan: bad access detected [ 35.006429] [ 35.006560] Memory state around the buggy address: [ 35.007054] ffff888102a77b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.007694] ffff888102a77c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.008238] >ffff888102a77c80: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 35.008808] ^ [ 35.009138] ffff888102a77d00: 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 [ 35.009814] ffff888102a77d80: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 f1 [ 35.010346] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
Automatically assigned
[ 34.948531] ================================================================== [ 34.949823] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xca/0x190 [ 34.950284] Read of size 1 at addr ffff888102aefd9a by task kunit_try_catch/200 [ 34.950906] [ 34.951165] CPU: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.951898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.952554] Call Trace: [ 34.952710] <TASK> [ 34.952853] dump_stack_lvl+0x4e/0x90 [ 34.953394] print_report+0xd2/0x650 [ 34.953885] ? __virt_addr_valid+0x156/0x1e0 [ 34.954210] ? kasan_stack_oob+0xca/0x190 [ 34.954653] ? kasan_addr_to_slab+0x11/0xb0 [ 34.955109] ? kasan_stack_oob+0xca/0x190 [ 34.955501] kasan_report+0x147/0x180 [ 34.955883] ? kasan_stack_oob+0xca/0x190 [ 34.956183] __asan_load1+0x66/0x70 [ 34.956953] kasan_stack_oob+0xca/0x190 [ 34.957353] ? __pfx_kasan_stack_oob+0x10/0x10 [ 34.957674] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 34.958261] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 34.958870] ? kmem_cache_bulk+0x18e/0x280 [ 34.959177] ? kunit_try_run_case+0x115/0x290 [ 34.959652] kunit_try_run_case+0x120/0x290 [ 34.959943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.960235] ? __kasan_check_write+0x18/0x20 [ 34.960493] ? trace_preempt_on+0x20/0xa0 [ 34.961578] ? __kthread_parkme+0x4f/0xd0 [ 34.961945] ? preempt_count_sub+0x50/0x80 [ 34.962559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.962930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.963537] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.964070] kthread+0x19e/0x1e0 [ 34.964528] ? __pfx_kthread+0x10/0x10 [ 34.965188] ret_from_fork+0x41/0x70 [ 34.965736] ? __pfx_kthread+0x10/0x10 [ 34.966033] ret_from_fork_asm+0x1b/0x30 [ 34.966702] </TASK> [ 34.966916] [ 34.967291] The buggy address belongs to stack of task kunit_try_catch/200 [ 34.967986] and is located at offset 138 in frame: [ 34.968283] kasan_stack_oob+0x0/0x190 [ 34.969361] [ 34.969536] This frame has 4 objects: [ 34.970061] [48, 49) '__assertion' [ 34.970110] [64, 72) 'array' [ 34.970577] [96, 112) '__assertion' [ 34.970949] [128, 138) 'stack_array' [ 34.971308] [ 34.971950] The buggy address belongs to the physical page: [ 34.972499] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aef [ 34.973547] flags: 0x200000000000000(node=0|zone=2) [ 34.974171] page_type: 0xffffffff() [ 34.974703] raw: 0200000000000000 ffffea00040abbc8 ffffea00040abbc8 0000000000000000 [ 34.975240] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 34.975887] page dumped because: kasan: bad access detected [ 34.976215] [ 34.976335] Memory state around the buggy address: [ 34.977234] ffff888102aefc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.977953] ffff888102aefd00: 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 [ 34.978342] >ffff888102aefd80: f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 00 f1 [ 34.978919] ^ [ 34.979196] ffff888102aefe00: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 34.979836] ffff888102aefe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.980324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
Automatically assigned
[ 34.919184] ================================================================== [ 34.919855] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa3/0x170 [ 34.920527] Read of size 1 at addr ffffffff945af76d by task kunit_try_catch/196 [ 34.920917] [ 34.921091] CPU: 1 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.921552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.922088] Call Trace: [ 34.922249] <TASK> [ 34.922513] dump_stack_lvl+0x4e/0x90 [ 34.922949] print_report+0xd2/0x650 [ 34.923408] ? __virt_addr_valid+0x156/0x1e0 [ 34.923711] ? kasan_global_oob_right+0xa3/0x170 [ 34.924070] ? kasan_addr_to_slab+0x11/0xb0 [ 34.924413] ? kasan_global_oob_right+0xa3/0x170 [ 34.924765] kasan_report+0x147/0x180 [ 34.925067] ? kasan_global_oob_right+0xa3/0x170 [ 34.925361] __asan_load1+0x66/0x70 [ 34.925590] kasan_global_oob_right+0xa3/0x170 [ 34.925894] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 34.926244] ? ktime_get_ts64+0x118/0x140 [ 34.926605] kunit_try_run_case+0x120/0x290 [ 34.926962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.927299] ? __kasan_check_write+0x18/0x20 [ 34.927626] ? trace_preempt_on+0x20/0xa0 [ 34.927959] ? __kthread_parkme+0x4f/0xd0 [ 34.928240] ? preempt_count_sub+0x50/0x80 [ 34.928557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.928939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.929327] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.929689] kthread+0x19e/0x1e0 [ 34.929979] ? __pfx_kthread+0x10/0x10 [ 34.930283] ret_from_fork+0x41/0x70 [ 34.930518] ? __pfx_kthread+0x10/0x10 [ 34.930784] ret_from_fork_asm+0x1b/0x30 [ 34.931170] </TASK> [ 34.931327] [ 34.931488] The buggy address belongs to the variable: [ 34.931817] global_array+0xd/0x40 [ 34.932079] [ 34.932230] The buggy address belongs to the physical page: [ 34.932564] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x160faf [ 34.933240] flags: 0x200000000004000(reserved|node=0|zone=2) [ 34.933624] page_type: 0xffffffff() [ 34.933911] raw: 0200000000004000 ffffea000583ebc8 ffffea000583ebc8 0000000000000000 [ 34.934340] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.934729] page dumped because: kasan: bad access detected [ 34.935186] [ 34.935299] Memory state around the buggy address: [ 34.935590] ffffffff945af600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.936093] ffffffff945af680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.936487] >ffffffff945af700: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 34.936942] ^ [ 34.937333] ffffffff945af780: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 34.937741] ffffffff945af800: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 34.938136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
Automatically assigned
[ 34.331752] ================================================================== [ 34.333065] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xdd/0x260 [ 34.333857] Read of size 1 at addr ffff8881028670c8 by task kunit_try_catch/190 [ 34.334693] [ 34.334926] CPU: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.335970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.337081] Call Trace: [ 34.337506] <TASK> [ 34.337781] dump_stack_lvl+0x4e/0x90 [ 34.338460] print_report+0xd2/0x650 [ 34.338762] ? __virt_addr_valid+0x156/0x1e0 [ 34.339430] ? kmem_cache_oob+0xdd/0x260 [ 34.339686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.340305] ? kmem_cache_oob+0xdd/0x260 [ 34.340755] kasan_report+0x147/0x180 [ 34.341136] ? kmem_cache_oob+0xdd/0x260 [ 34.341436] __asan_load1+0x66/0x70 [ 34.341880] kmem_cache_oob+0xdd/0x260 [ 34.342314] ? __pfx_kmem_cache_oob+0x10/0x10 [ 34.343261] ? __schedule+0x715/0x11a0 [ 34.343681] ? ktime_get_ts64+0x118/0x140 [ 34.343943] kunit_try_run_case+0x120/0x290 [ 34.344184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.344628] ? __kasan_check_write+0x18/0x20 [ 34.345197] ? trace_preempt_on+0x20/0xa0 [ 34.345734] ? __kthread_parkme+0x4f/0xd0 [ 34.346213] ? preempt_count_sub+0x50/0x80 [ 34.346759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.347884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.348657] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.349268] kthread+0x19e/0x1e0 [ 34.349743] ? __pfx_kthread+0x10/0x10 [ 34.350112] ret_from_fork+0x41/0x70 [ 34.350317] ? __pfx_kthread+0x10/0x10 [ 34.350819] ret_from_fork_asm+0x1b/0x30 [ 34.351310] </TASK> [ 34.351649] [ 34.351893] Allocated by task 190: [ 34.352269] kasan_save_stack+0x44/0x70 [ 34.352957] kasan_set_track+0x29/0x40 [ 34.353177] kasan_save_alloc_info+0x22/0x30 [ 34.353427] __kasan_slab_alloc+0x91/0xa0 [ 34.353946] kmem_cache_alloc+0x186/0x3b0 [ 34.354239] kmem_cache_oob+0xb6/0x260 [ 34.354584] kunit_try_run_case+0x120/0x290 [ 34.354888] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.355243] kthread+0x19e/0x1e0 [ 34.355548] ret_from_fork+0x41/0x70 [ 34.355773] ret_from_fork_asm+0x1b/0x30 [ 34.356071] [ 34.356202] The buggy address belongs to the object at ffff888102867000 [ 34.356202] which belongs to the cache test_cache of size 200 [ 34.356899] The buggy address is located 0 bytes to the right of [ 34.356899] allocated 200-byte region [ffff888102867000, ffff8881028670c8) [ 34.358074] [ 34.358217] The buggy address belongs to the physical page: [ 34.358707] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102867 [ 34.359283] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.359611] page_type: 0xffffffff() [ 34.359991] raw: 0200000000000800 ffff8881017ab280 dead000000000122 0000000000000000 [ 34.360400] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 34.360949] page dumped because: kasan: bad access detected [ 34.361302] [ 34.361504] Memory state around the buggy address: [ 34.361778] ffff888102866f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.362192] ffff888102867000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.363085] >ffff888102867080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 34.363605] ^ [ 34.363963] ffff888102867100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.364357] ffff888102867180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.364820] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
Automatically assigned
[ 34.273615] ================================================================== [ 34.274841] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x122/0x2b0 [ 34.275552] Read of size 1 at addr ffff8881028641a8 by task kunit_try_catch/182 [ 34.276212] [ 34.276428] CPU: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.277031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.277417] Call Trace: [ 34.277558] <TASK> [ 34.277699] dump_stack_lvl+0x4e/0x90 [ 34.278215] print_report+0xd2/0x650 [ 34.278676] ? __virt_addr_valid+0x156/0x1e0 [ 34.279230] ? kmalloc_uaf2+0x122/0x2b0 [ 34.279701] ? kasan_complete_mode_report_info+0x64/0x200 [ 34.280322] ? kmalloc_uaf2+0x122/0x2b0 [ 34.280787] kasan_report+0x147/0x180 [ 34.281225] ? kmalloc_uaf2+0x122/0x2b0 [ 34.281681] __asan_load1+0x66/0x70 [ 34.282125] kmalloc_uaf2+0x122/0x2b0 [ 34.282567] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 34.283065] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 34.283488] ? __schedule+0x715/0x11a0 [ 34.283732] ? ktime_get_ts64+0x118/0x140 [ 34.284222] kunit_try_run_case+0x120/0x290 [ 34.284730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.285264] ? __kasan_check_write+0x18/0x20 [ 34.285751] ? trace_preempt_on+0x20/0xa0 [ 34.286073] ? __kthread_parkme+0x4f/0xd0 [ 34.286295] ? preempt_count_sub+0x50/0x80 [ 34.286517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.286876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.287512] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.288120] kthread+0x19e/0x1e0 [ 34.288515] ? __pfx_kthread+0x10/0x10 [ 34.288981] ret_from_fork+0x41/0x70 [ 34.289403] ? __pfx_kthread+0x10/0x10 [ 34.289853] ret_from_fork_asm+0x1b/0x30 [ 34.290341] </TASK> [ 34.290615] [ 34.290857] Allocated by task 182: [ 34.291225] kasan_save_stack+0x44/0x70 [ 34.291444] kasan_set_track+0x29/0x40 [ 34.291641] kasan_save_alloc_info+0x22/0x30 [ 34.292143] __kasan_kmalloc+0xb7/0xc0 [ 34.292559] kmalloc_trace+0x4c/0xb0 [ 34.292985] kmalloc_uaf2+0xb0/0x2b0 [ 34.293405] kunit_try_run_case+0x120/0x290 [ 34.293911] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.294479] kthread+0x19e/0x1e0 [ 34.294891] ret_from_fork+0x41/0x70 [ 34.295204] ret_from_fork_asm+0x1b/0x30 [ 34.295418] [ 34.295519] Freed by task 182: [ 34.295674] kasan_save_stack+0x44/0x70 [ 34.296152] kasan_set_track+0x29/0x40 [ 34.296588] kasan_save_free_info+0x2f/0x50 [ 34.297073] ____kasan_slab_free+0x172/0x1d0 [ 34.297539] __kasan_slab_free+0x16/0x20 [ 34.298010] __kmem_cache_free+0x190/0x310 [ 34.298456] kfree+0x7c/0x120 [ 34.298836] kmalloc_uaf2+0xd0/0x2b0 [ 34.299179] kunit_try_run_case+0x120/0x290 [ 34.299406] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.299672] kthread+0x19e/0x1e0 [ 34.300165] ret_from_fork+0x41/0x70 [ 34.300614] ret_from_fork_asm+0x1b/0x30 [ 34.301123] [ 34.301343] The buggy address belongs to the object at ffff888102864180 [ 34.301343] which belongs to the cache kmalloc-64 of size 64 [ 34.302565] The buggy address is located 40 bytes inside of [ 34.302565] freed 64-byte region [ffff888102864180, ffff8881028641c0) [ 34.303839] [ 34.304048] The buggy address belongs to the physical page: [ 34.304571] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102864 [ 34.305274] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.305709] page_type: 0xffffffff() [ 34.306140] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 34.306485] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 34.306819] page dumped because: kasan: bad access detected [ 34.307483] [ 34.307906] Memory state around the buggy address: [ 34.308223] ffff888102864080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.308603] ffff888102864100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.309328] >ffff888102864180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.310170] ^ [ 34.310679] ffff888102864200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 34.311290] ffff888102864280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.311911] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
Automatically assigned
[ 34.230079] ================================================================== [ 34.230649] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0xdb/0x1d0 [ 34.231285] Write of size 33 at addr ffff888102864100 by task kunit_try_catch/180 [ 34.231628] [ 34.231921] CPU: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.232788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.233727] Call Trace: [ 34.234056] <TASK> [ 34.234357] dump_stack_lvl+0x4e/0x90 [ 34.234599] print_report+0xd2/0x650 [ 34.235054] ? __virt_addr_valid+0x156/0x1e0 [ 34.235582] ? kmalloc_uaf_memset+0xdb/0x1d0 [ 34.236119] ? kasan_complete_mode_report_info+0x64/0x200 [ 34.236514] ? kmalloc_uaf_memset+0xdb/0x1d0 [ 34.236832] kasan_report+0x147/0x180 [ 34.237302] ? kmalloc_uaf_memset+0xdb/0x1d0 [ 34.237846] kasan_check_range+0x10c/0x1c0 [ 34.238350] __asan_memset+0x27/0x50 [ 34.238819] kmalloc_uaf_memset+0xdb/0x1d0 [ 34.239181] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 34.239428] ? __schedule+0x715/0x11a0 [ 34.239634] ? ktime_get_ts64+0x118/0x140 [ 34.240180] kunit_try_run_case+0x120/0x290 [ 34.240692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.241261] ? __kasan_check_write+0x18/0x20 [ 34.241794] ? trace_preempt_on+0x20/0xa0 [ 34.242282] ? __kthread_parkme+0x4f/0xd0 [ 34.242792] ? preempt_count_sub+0x50/0x80 [ 34.243308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.243823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.244136] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.244406] kthread+0x19e/0x1e0 [ 34.244603] ? __pfx_kthread+0x10/0x10 [ 34.245086] ret_from_fork+0x41/0x70 [ 34.245540] ? __pfx_kthread+0x10/0x10 [ 34.246064] ret_from_fork_asm+0x1b/0x30 [ 34.246569] </TASK> [ 34.246904] [ 34.247098] Allocated by task 180: [ 34.247483] kasan_save_stack+0x44/0x70 [ 34.247993] kasan_set_track+0x29/0x40 [ 34.248427] kasan_save_alloc_info+0x22/0x30 [ 34.248953] __kasan_kmalloc+0xb7/0xc0 [ 34.249389] kmalloc_trace+0x4c/0xb0 [ 34.249837] kmalloc_uaf_memset+0x9d/0x1d0 [ 34.250309] kunit_try_run_case+0x120/0x290 [ 34.250740] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.251144] kthread+0x19e/0x1e0 [ 34.251343] ret_from_fork+0x41/0x70 [ 34.251536] ret_from_fork_asm+0x1b/0x30 [ 34.251779] [ 34.251989] Freed by task 180: [ 34.252321] kasan_save_stack+0x44/0x70 [ 34.252797] kasan_set_track+0x29/0x40 [ 34.253232] kasan_save_free_info+0x2f/0x50 [ 34.253697] ____kasan_slab_free+0x172/0x1d0 [ 34.254184] __kasan_slab_free+0x16/0x20 [ 34.254618] __kmem_cache_free+0x190/0x310 [ 34.255092] kfree+0x7c/0x120 [ 34.255445] kmalloc_uaf_memset+0xbd/0x1d0 [ 34.255927] kunit_try_run_case+0x120/0x290 [ 34.256404] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.256941] kthread+0x19e/0x1e0 [ 34.257132] ret_from_fork+0x41/0x70 [ 34.257319] ret_from_fork_asm+0x1b/0x30 [ 34.257526] [ 34.257627] The buggy address belongs to the object at ffff888102864100 [ 34.257627] which belongs to the cache kmalloc-64 of size 64 [ 34.258824] The buggy address is located 0 bytes inside of [ 34.258824] freed 64-byte region [ffff888102864100, ffff888102864140) [ 34.260134] [ 34.260349] The buggy address belongs to the physical page: [ 34.260933] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102864 [ 34.261856] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.262538] page_type: 0xffffffff() [ 34.262997] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 34.263568] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 34.264215] page dumped because: kasan: bad access detected [ 34.264772] [ 34.265010] Memory state around the buggy address: [ 34.265538] ffff888102864000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.266074] ffff888102864080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.266391] >ffff888102864100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.266696] ^ [ 34.267070] ffff888102864180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.267794] ffff888102864200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.268518] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
Automatically assigned
[ 34.186810] ================================================================== [ 34.187738] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0xd5/0x1d0 [ 34.188222] Read of size 1 at addr ffff88810214e6e8 by task kunit_try_catch/178 [ 34.188652] [ 34.189044] CPU: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 34.189984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.190726] Call Trace: [ 34.191095] <TASK> [ 34.191487] dump_stack_lvl+0x4e/0x90 [ 34.191816] print_report+0xd2/0x650 [ 34.192218] ? __virt_addr_valid+0x156/0x1e0 [ 34.192693] ? kmalloc_uaf+0xd5/0x1d0 [ 34.193080] ? kasan_complete_mode_report_info+0x64/0x200 [ 34.193983] ? kmalloc_uaf+0xd5/0x1d0 [ 34.194367] kasan_report+0x147/0x180 [ 34.194828] ? kmalloc_uaf+0xd5/0x1d0 [ 34.195232] __asan_load1+0x66/0x70 [ 34.195598] kmalloc_uaf+0xd5/0x1d0 [ 34.196100] ? __pfx_kmalloc_uaf+0x10/0x10 [ 34.196461] ? __schedule+0x715/0x11a0 [ 34.196814] ? ktime_get_ts64+0x118/0x140 [ 34.197128] kunit_try_run_case+0x120/0x290 [ 34.197647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.198073] ? __kasan_check_write+0x18/0x20 [ 34.198950] ? trace_preempt_on+0x20/0xa0 [ 34.199236] ? __kthread_parkme+0x4f/0xd0 [ 34.199835] ? preempt_count_sub+0x50/0x80 [ 34.200242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.200651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.201110] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.201636] kthread+0x19e/0x1e0 [ 34.202045] ? __pfx_kthread+0x10/0x10 [ 34.202491] ret_from_fork+0x41/0x70 [ 34.202928] ? __pfx_kthread+0x10/0x10 [ 34.203215] ret_from_fork_asm+0x1b/0x30 [ 34.203537] </TASK> [ 34.204189] [ 34.204316] Allocated by task 178: [ 34.204676] kasan_save_stack+0x44/0x70 [ 34.205038] kasan_set_track+0x29/0x40 [ 34.205274] kasan_save_alloc_info+0x22/0x30 [ 34.205941] __kasan_kmalloc+0xb7/0xc0 [ 34.206343] kmalloc_trace+0x4c/0xb0 [ 34.206671] kmalloc_uaf+0x9d/0x1d0 [ 34.206947] kunit_try_run_case+0x120/0x290 [ 34.207238] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.207816] kthread+0x19e/0x1e0 [ 34.208183] ret_from_fork+0x41/0x70 [ 34.208898] ret_from_fork_asm+0x1b/0x30 [ 34.209178] [ 34.209301] Freed by task 178: [ 34.209661] kasan_save_stack+0x44/0x70 [ 34.210118] kasan_set_track+0x29/0x40 [ 34.210360] kasan_save_free_info+0x2f/0x50 [ 34.210912] ____kasan_slab_free+0x172/0x1d0 [ 34.211178] __kasan_slab_free+0x16/0x20 [ 34.211748] __kmem_cache_free+0x190/0x310 [ 34.212044] kfree+0x7c/0x120 [ 34.212263] kmalloc_uaf+0xbd/0x1d0 [ 34.212606] kunit_try_run_case+0x120/0x290 [ 34.212930] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 34.213261] kthread+0x19e/0x1e0 [ 34.214126] ret_from_fork+0x41/0x70 [ 34.214363] ret_from_fork_asm+0x1b/0x30 [ 34.214902] [ 34.215044] The buggy address belongs to the object at ffff88810214e6e0 [ 34.215044] which belongs to the cache kmalloc-16 of size 16 [ 34.216066] The buggy address is located 8 bytes inside of [ 34.216066] freed 16-byte region [ffff88810214e6e0, ffff88810214e6f0) [ 34.216984] [ 34.217179] The buggy address belongs to the physical page: [ 34.217697] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10214e [ 34.218267] flags: 0x200000000000800(slab|node=0|zone=2) [ 34.219051] page_type: 0xffffffff() [ 34.219300] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 34.219957] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 34.220574] page dumped because: kasan: bad access detected [ 34.220993] [ 34.221204] Memory state around the buggy address: [ 34.221576] ffff88810214e580: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 34.222147] ffff88810214e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.222758] >ffff88810214e680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.223292] ^ [ 34.223812] ffff88810214e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.224227] ffff88810214e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.224607] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-pagealloc_uaf: Failure
Automatically assigned
[ 33.314836] ================================================================== [ 33.316835] BUG: KASAN: use-after-free in pagealloc_uaf+0xe9/0x1f0 [ 33.317476] Read of size 1 at addr ffff8881029f0000 by task kunit_try_catch/146 [ 33.318336] [ 33.318941] CPU: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.320277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.321323] Call Trace: [ 33.321580] <TASK> [ 33.321998] dump_stack_lvl+0x4e/0x90 [ 33.322251] print_report+0xd2/0x650 [ 33.323124] ? __virt_addr_valid+0x156/0x1e0 [ 33.323809] ? pagealloc_uaf+0xe9/0x1f0 [ 33.324410] ? kasan_addr_to_slab+0x11/0xb0 [ 33.325170] ? pagealloc_uaf+0xe9/0x1f0 [ 33.325545] kasan_report+0x147/0x180 [ 33.326075] ? pagealloc_uaf+0xe9/0x1f0 [ 33.326687] __asan_load1+0x66/0x70 [ 33.327379] pagealloc_uaf+0xe9/0x1f0 [ 33.328007] ? __pfx_pagealloc_uaf+0x10/0x10 [ 33.328551] ? __schedule+0x715/0x11a0 [ 33.329068] ? ktime_get_ts64+0x118/0x140 [ 33.329321] kunit_try_run_case+0x120/0x290 [ 33.329570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.330381] ? __kasan_check_write+0x18/0x20 [ 33.331189] ? trace_preempt_on+0x20/0xa0 [ 33.331819] ? __kthread_parkme+0x4f/0xd0 [ 33.332463] ? preempt_count_sub+0x50/0x80 [ 33.333135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.333891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.334823] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.335563] kthread+0x19e/0x1e0 [ 33.336136] ? __pfx_kthread+0x10/0x10 [ 33.336663] ret_from_fork+0x41/0x70 [ 33.337289] ? __pfx_kthread+0x10/0x10 [ 33.337782] ret_from_fork_asm+0x1b/0x30 [ 33.338550] </TASK> [ 33.338940] [ 33.339327] The buggy address belongs to the physical page: [ 33.339775] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f0 [ 33.340884] flags: 0x200000000000000(node=0|zone=2) [ 33.341151] page_type: 0xffffff7f(buddy) [ 33.341413] raw: 0200000000000000 ffff88817fffcb60 ffff88817fffcb60 0000000000000000 [ 33.341749] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000 [ 33.342170] page dumped because: kasan: bad access detected [ 33.342572] [ 33.342744] Memory state around the buggy address: [ 33.343330] ffff8881029eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.343743] ffff8881029eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.344147] >ffff8881029f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.344454] ^ [ 33.344686] ffff8881029f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.345140] ffff8881029f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.345654] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
Automatically assigned
[ 33.276372] ================================================================== [ 33.277400] BUG: KASAN: invalid-free in kfree+0xfb/0x120 [ 33.278260] Free of addr ffff888102070001 by task kunit_try_catch/142 [ 33.279113] [ 33.279365] CPU: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.280378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.281042] Call Trace: [ 33.281200] <TASK> [ 33.281347] dump_stack_lvl+0x4e/0x90 [ 33.281956] print_report+0xd2/0x650 [ 33.282482] ? __virt_addr_valid+0x156/0x1e0 [ 33.283037] ? kasan_addr_to_slab+0x11/0xb0 [ 33.283652] ? kfree+0xfb/0x120 [ 33.284215] kasan_report_invalid_free+0xfd/0x120 [ 33.284821] ? kfree+0xfb/0x120 [ 33.285166] ? kfree+0xfb/0x120 [ 33.285636] __kasan_kfree_large+0x86/0xd0 [ 33.286027] free_large_kmalloc+0x46/0xd0 [ 33.286255] kfree+0xfb/0x120 [ 33.286449] kmalloc_pagealloc_invalid_free+0xa9/0x1a0 [ 33.287291] ? __pfx_kmalloc_pagealloc_invalid_free+0x10/0x10 [ 33.287932] ? __schedule+0x715/0x11a0 [ 33.288154] ? ktime_get_ts64+0x118/0x140 [ 33.288398] kunit_try_run_case+0x120/0x290 [ 33.288650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.288922] ? __kasan_check_write+0x18/0x20 [ 33.289427] ? trace_preempt_on+0x20/0xa0 [ 33.290062] ? __kthread_parkme+0x4f/0xd0 [ 33.290880] ? preempt_count_sub+0x50/0x80 [ 33.291310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.291843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.292519] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.292913] kthread+0x19e/0x1e0 [ 33.293356] ? __pfx_kthread+0x10/0x10 [ 33.293849] ret_from_fork+0x41/0x70 [ 33.294272] ? __pfx_kthread+0x10/0x10 [ 33.294822] ret_from_fork_asm+0x1b/0x30 [ 33.295219] </TASK> [ 33.295540] [ 33.295704] The buggy address belongs to the physical page: [ 33.295979] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102070 [ 33.296466] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.297395] flags: 0x200000000000040(head|node=0|zone=2) [ 33.298080] page_type: 0xffffffff() [ 33.298476] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.299387] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.300339] page dumped because: kasan: bad access detected [ 33.300737] [ 33.300974] Memory state around the buggy address: [ 33.301499] ffff88810206ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.302135] ffff88810206ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.303006] >ffff888102070000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.303857] ^ [ 33.304041] ffff888102070080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.304357] ffff888102070100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.305385] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf: Failure
Automatically assigned
[ 33.239185] ================================================================== [ 33.241035] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 33.241896] Read of size 1 at addr ffff888102070000 by task kunit_try_catch/140 [ 33.242727] [ 33.242962] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.244048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.245085] Call Trace: [ 33.245385] <TASK> [ 33.245729] dump_stack_lvl+0x4e/0x90 [ 33.246208] print_report+0xd2/0x650 [ 33.246734] ? __virt_addr_valid+0x156/0x1e0 [ 33.247249] ? kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 33.247921] ? kasan_addr_to_slab+0x11/0xb0 [ 33.248558] ? kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 33.249156] kasan_report+0x147/0x180 [ 33.249692] ? kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 33.250224] __asan_load1+0x66/0x70 [ 33.250789] kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 33.251306] ? __pfx_kmalloc_pagealloc_uaf+0x10/0x10 [ 33.251979] ? __pfx_kmalloc_pagealloc_uaf+0x10/0x10 [ 33.252491] ? kunit_try_run_case+0x115/0x290 [ 33.253202] kunit_try_run_case+0x120/0x290 [ 33.253726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.254263] ? __kasan_check_write+0x18/0x20 [ 33.254774] ? trace_preempt_on+0x20/0xa0 [ 33.255137] ? __kthread_parkme+0x4f/0xd0 [ 33.255453] ? preempt_count_sub+0x50/0x80 [ 33.255985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.256509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.257256] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.257922] kthread+0x19e/0x1e0 [ 33.258147] ? __pfx_kthread+0x10/0x10 [ 33.258585] ret_from_fork+0x41/0x70 [ 33.259096] ? __pfx_kthread+0x10/0x10 [ 33.259679] ret_from_fork_asm+0x1b/0x30 [ 33.260173] </TASK> [ 33.260505] [ 33.260706] The buggy address belongs to the physical page: [ 33.261350] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102070 [ 33.262178] flags: 0x200000000000000(node=0|zone=2) [ 33.262688] page_type: 0xffffffff() [ 33.263167] raw: 0200000000000000 ffffea0004081d08 ffff88815703c8f8 0000000000000000 [ 33.264253] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 33.265073] page dumped because: kasan: bad access detected [ 33.265324] [ 33.265702] Memory state around the buggy address: [ 33.266238] ffff88810206ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.267047] ffff88810206ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.267360] >ffff888102070000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.267661] ^ [ 33.268100] ffff888102070080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.268912] ffff888102070100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.269830] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right: Failure
Automatically assigned
[ 33.203515] ================================================================== [ 33.204229] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 33.204634] Write of size 1 at addr ffff88810207200a by task kunit_try_catch/138 [ 33.206016] [ 33.206406] CPU: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.207535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.208615] Call Trace: [ 33.208997] <TASK> [ 33.209358] dump_stack_lvl+0x4e/0x90 [ 33.209921] print_report+0xd2/0x650 [ 33.210414] ? __virt_addr_valid+0x156/0x1e0 [ 33.210878] ? kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 33.211147] ? kasan_addr_to_slab+0x11/0xb0 [ 33.211368] ? kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 33.211619] kasan_report+0x147/0x180 [ 33.212142] ? kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 33.212770] __asan_store1+0x69/0x70 [ 33.213245] kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 33.213832] ? __pfx_kmalloc_pagealloc_oob_right+0x10/0x10 [ 33.214464] ? __schedule+0x715/0x11a0 [ 33.214951] ? ktime_get_ts64+0x118/0x140 [ 33.215437] kunit_try_run_case+0x120/0x290 [ 33.215988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.216519] ? __kasan_check_write+0x18/0x20 [ 33.217076] ? trace_preempt_on+0x20/0xa0 [ 33.217553] ? __kthread_parkme+0x4f/0xd0 [ 33.218063] ? preempt_count_sub+0x50/0x80 [ 33.218528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.218796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.219102] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.219369] kthread+0x19e/0x1e0 [ 33.219566] ? __pfx_kthread+0x10/0x10 [ 33.219901] ret_from_fork+0x41/0x70 [ 33.220329] ? __pfx_kthread+0x10/0x10 [ 33.220810] ret_from_fork_asm+0x1b/0x30 [ 33.221333] </TASK> [ 33.221632] [ 33.221948] The buggy address belongs to the physical page: [ 33.222703] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102070 [ 33.223652] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.224512] flags: 0x200000000000040(head|node=0|zone=2) [ 33.225219] page_type: 0xffffffff() [ 33.225707] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.226444] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.226852] page dumped because: kasan: bad access detected [ 33.227467] [ 33.227657] Memory state around the buggy address: [ 33.228256] ffff888102071f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.229052] ffff888102071f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.229652] >ffff888102072000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.230412] ^ [ 33.230672] ffff888102072080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.231482] ffff888102072100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.232039] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
Automatically assigned
[ 33.155269] ================================================================== [ 33.156549] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd4/0x1f0 [ 33.157487] Read of size 1 at addr ffff888102297000 by task kunit_try_catch/136 [ 33.158378] [ 33.158958] CPU: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.160102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.160960] Call Trace: [ 33.161136] <TASK> [ 33.161292] dump_stack_lvl+0x4e/0x90 [ 33.162158] print_report+0xd2/0x650 [ 33.162715] ? __virt_addr_valid+0x156/0x1e0 [ 33.163442] ? kmalloc_node_oob_right+0xd4/0x1f0 [ 33.164204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.165099] ? kmalloc_node_oob_right+0xd4/0x1f0 [ 33.165897] kasan_report+0x147/0x180 [ 33.166526] ? kmalloc_node_oob_right+0xd4/0x1f0 [ 33.167148] __asan_load1+0x66/0x70 [ 33.167793] kmalloc_node_oob_right+0xd4/0x1f0 [ 33.168219] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 33.168659] ? __schedule+0x715/0x11a0 [ 33.169317] ? ktime_get_ts64+0x118/0x140 [ 33.170024] kunit_try_run_case+0x120/0x290 [ 33.170711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.171503] ? __kasan_check_write+0x18/0x20 [ 33.172165] ? trace_preempt_on+0x20/0xa0 [ 33.172570] ? __kthread_parkme+0x4f/0xd0 [ 33.173416] ? preempt_count_sub+0x50/0x80 [ 33.173992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.174676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.175564] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.176033] kthread+0x19e/0x1e0 [ 33.176253] ? __pfx_kthread+0x10/0x10 [ 33.176515] ret_from_fork+0x41/0x70 [ 33.176812] ? __pfx_kthread+0x10/0x10 [ 33.177279] ret_from_fork_asm+0x1b/0x30 [ 33.177693] </TASK> [ 33.177983] [ 33.178175] Allocated by task 136: [ 33.178622] kasan_save_stack+0x44/0x70 [ 33.179038] kasan_set_track+0x29/0x40 [ 33.179265] kasan_save_alloc_info+0x22/0x30 [ 33.179798] __kasan_kmalloc+0xb7/0xc0 [ 33.180246] kmalloc_node_trace+0x49/0xb0 [ 33.180891] kmalloc_node_oob_right+0xa1/0x1f0 [ 33.181431] kunit_try_run_case+0x120/0x290 [ 33.182004] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.182549] kthread+0x19e/0x1e0 [ 33.182759] ret_from_fork+0x41/0x70 [ 33.182972] ret_from_fork_asm+0x1b/0x30 [ 33.183178] [ 33.183292] The buggy address belongs to the object at ffff888102296000 [ 33.183292] which belongs to the cache kmalloc-4k of size 4096 [ 33.184709] The buggy address is located 0 bytes to the right of [ 33.184709] allocated 4096-byte region [ffff888102296000, ffff888102297000) [ 33.186173] [ 33.186434] The buggy address belongs to the physical page: [ 33.187050] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102290 [ 33.188206] head:(____ptrval____) order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.189258] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 33.189779] page_type: 0xffffffff() [ 33.190206] raw: 0200000000000840 ffff888100042140 dead000000000122 0000000000000000 [ 33.190980] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 33.191312] page dumped because: kasan: bad access detected [ 33.192009] [ 33.192220] Memory state around the buggy address: [ 33.192753] ffff888102296f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.193668] ffff888102296f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.194471] >ffff888102297000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.195221] ^ [ 33.195617] ffff888102297080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.196533] ffff888102297100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.197191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
Automatically assigned
[ 33.118247] ================================================================== [ 33.119018] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xcf/0x1f0 [ 33.119441] Read of size 1 at addr ffff8881024a3a9f by task kunit_try_catch/134 [ 33.120054] [ 33.120242] CPU: 1 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.120905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.121601] Call Trace: [ 33.121913] <TASK> [ 33.122090] dump_stack_lvl+0x4e/0x90 [ 33.122629] print_report+0xd2/0x650 [ 33.122951] ? __virt_addr_valid+0x156/0x1e0 [ 33.123260] ? kmalloc_oob_left+0xcf/0x1f0 [ 33.123693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.124130] ? kmalloc_oob_left+0xcf/0x1f0 [ 33.124639] kasan_report+0x147/0x180 [ 33.125089] ? kmalloc_oob_left+0xcf/0x1f0 [ 33.125559] __asan_load1+0x66/0x70 [ 33.125905] kmalloc_oob_left+0xcf/0x1f0 [ 33.126159] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 33.126558] ? __schedule+0x715/0x11a0 [ 33.126937] ? ktime_get_ts64+0x118/0x140 [ 33.127282] kunit_try_run_case+0x120/0x290 [ 33.127694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.128102] ? __kasan_check_write+0x18/0x20 [ 33.128616] ? trace_preempt_on+0x20/0xa0 [ 33.128944] ? __kthread_parkme+0x4f/0xd0 [ 33.129250] ? preempt_count_sub+0x50/0x80 [ 33.129630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.130112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.130601] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.131024] kthread+0x19e/0x1e0 [ 33.131293] ? __pfx_kthread+0x10/0x10 [ 33.131696] ret_from_fork+0x41/0x70 [ 33.132094] ? __pfx_kthread+0x10/0x10 [ 33.132345] ret_from_fork_asm+0x1b/0x30 [ 33.132791] </TASK> [ 33.132979] [ 33.133087] Allocated by task 1: [ 33.133324] kasan_save_stack+0x44/0x70 [ 33.133816] kasan_set_track+0x29/0x40 [ 33.134063] kasan_save_alloc_info+0x22/0x30 [ 33.134337] __kasan_kmalloc+0xb7/0xc0 [ 33.134707] __kmalloc_node_track_caller+0x69/0x170 [ 33.135102] kvasprintf+0xc6/0x150 [ 33.135407] __kthread_create_on_node+0x128/0x260 [ 33.135881] kthread_create_on_node+0xac/0xe0 [ 33.136213] create_worker+0x196/0x3d0 [ 33.136705] alloc_unbound_pwq+0x4bf/0x4d0 [ 33.137029] apply_wqattrs_prepare+0x1b7/0x3c0 [ 33.137417] apply_workqueue_attrs_locked+0x66/0xa0 [ 33.137791] alloc_workqueue+0x788/0x940 [ 33.138141] latency_fsnotify_init+0x1b/0x50 [ 33.138490] do_one_initcall+0xd7/0x340 [ 33.138899] kernel_init_freeable+0x2ae/0x470 [ 33.139241] kernel_init+0x23/0x1e0 [ 33.139672] ret_from_fork+0x41/0x70 [ 33.140013] ret_from_fork_asm+0x1b/0x30 [ 33.140279] [ 33.140549] The buggy address belongs to the object at ffff8881024a3a80 [ 33.140549] which belongs to the cache kmalloc-16 of size 16 [ 33.141425] The buggy address is located 18 bytes to the right of [ 33.141425] allocated 13-byte region [ffff8881024a3a80, ffff8881024a3a8d) [ 33.142436] [ 33.142608] The buggy address belongs to the physical page: [ 33.142966] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024a3 [ 33.143741] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.144118] page_type: 0xffffffff() [ 33.144399] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 33.145121] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 33.145686] page dumped because: kasan: bad access detected [ 33.146074] [ 33.146193] Memory state around the buggy address: [ 33.146544] ffff8881024a3980: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 33.147109] ffff8881024a3a00: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 33.147652] >ffff8881024a3a80: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 33.148099] ^ [ 33.148475] ffff8881024a3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.148968] ffff8881024a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.149487] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
Automatically assigned
[ 33.036670] ================================================================== [ 33.037423] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xcf/0x330 [ 33.038219] Write of size 1 at addr ffff88810285ed73 by task kunit_try_catch/132 [ 33.038665] [ 33.039145] CPU: 0 PID: 132 Comm: kunit_try_catch Tainted: G N 6.6.94-rc1 #1 [ 33.039801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.040567] Call Trace: [ 33.040875] <TASK> [ 33.041221] dump_stack_lvl+0x4e/0x90 [ 33.041561] print_report+0xd2/0x650 [ 33.041907] ? __virt_addr_valid+0x156/0x1e0 [ 33.042266] ? kmalloc_oob_right+0xcf/0x330 [ 33.042579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.042993] ? kmalloc_oob_right+0xcf/0x330 [ 33.043320] kasan_report+0x147/0x180 [ 33.043609] ? kmalloc_oob_right+0xcf/0x330 [ 33.043977] __asan_store1+0x69/0x70 [ 33.044271] kmalloc_oob_right+0xcf/0x330 [ 33.044589] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 33.044980] ? __schedule+0x715/0x11a0 [ 33.045251] ? irqentry_exit+0x29/0x60 [ 33.045569] ? ktime_get_ts64+0x118/0x140 [ 33.045935] kunit_try_run_case+0x120/0x290 [ 33.046274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.046630] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 33.047109] ? kunit_generic_run_threadfn_adapter+0x1c/0x50 [ 33.047501] ? __kthread_parkme+0xaa/0xd0 [ 33.047820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.048174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.048545] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.049171] kthread+0x19e/0x1e0 [ 33.049467] ? __pfx_kthread+0x10/0x10 [ 33.049760] ret_from_fork+0x41/0x70 [ 33.050063] ? __pfx_kthread+0x10/0x10 [ 33.050373] ret_from_fork_asm+0x1b/0x30 [ 33.050792] </TASK> [ 33.051075] [ 33.051242] Allocated by task 132: [ 33.051550] kasan_save_stack+0x44/0x70 [ 33.051949] kasan_set_track+0x29/0x40 [ 33.052238] kasan_save_alloc_info+0x22/0x30 [ 33.052546] __kasan_kmalloc+0xb7/0xc0 [ 33.052825] kmalloc_trace+0x4c/0xb0 [ 33.053137] kmalloc_oob_right+0x9f/0x330 [ 33.053426] kunit_try_run_case+0x120/0x290 [ 33.053736] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.054097] kthread+0x19e/0x1e0 [ 33.054394] ret_from_fork+0x41/0x70 [ 33.054675] ret_from_fork_asm+0x1b/0x30 [ 33.055038] [ 33.055288] The buggy address belongs to the object at ffff88810285ed00 [ 33.055288] which belongs to the cache kmalloc-128 of size 128 [ 33.056134] The buggy address is located 0 bytes to the right of [ 33.056134] allocated 115-byte region [ffff88810285ed00, ffff88810285ed73) [ 33.056956] [ 33.057235] The buggy address belongs to the physical page: [ 33.057781] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10285e [ 33.058564] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.059204] page_type: 0xffffffff() [ 33.059747] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.060192] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.060722] page dumped because: kasan: bad access detected [ 33.061172] [ 33.061319] Memory state around the buggy address: [ 33.061866] ffff88810285ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.062315] ffff88810285ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.062796] >ffff88810285ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.063285] ^ [ 33.063752] ffff88810285ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.064189] ffff88810285ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.064667] ================================================================== [ 33.066548] ================================================================== [ 33.066977] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x108/0x330 [ 33.067432] Write of size 1 at addr ffff88810285ed78 by task kunit_try_catch/132 [ 33.067913] [ 33.068057] CPU: 0 PID: 132 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.068576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.069188] Call Trace: [ 33.069363] <TASK> [ 33.069565] dump_stack_lvl+0x4e/0x90 [ 33.069927] print_report+0xd2/0x650 [ 33.070215] ? __virt_addr_valid+0x156/0x1e0 [ 33.070513] ? kmalloc_oob_right+0x108/0x330 [ 33.070822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.071244] ? kmalloc_oob_right+0x108/0x330 [ 33.071544] kasan_report+0x147/0x180 [ 33.071886] ? kmalloc_oob_right+0x108/0x330 [ 33.072186] __asan_store1+0x69/0x70 [ 33.072446] kmalloc_oob_right+0x108/0x330 [ 33.072748] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 33.073083] ? __schedule+0x715/0x11a0 [ 33.073361] ? irqentry_exit+0x29/0x60 [ 33.073609] ? ktime_get_ts64+0x118/0x140 [ 33.073976] kunit_try_run_case+0x120/0x290 [ 33.074283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.074597] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 33.074997] ? kunit_generic_run_threadfn_adapter+0x1c/0x50 [ 33.075372] ? __kthread_parkme+0xaa/0xd0 [ 33.075664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.076033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.076384] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.076763] kthread+0x19e/0x1e0 [ 33.077026] ? __pfx_kthread+0x10/0x10 [ 33.077308] ret_from_fork+0x41/0x70 [ 33.077573] ? __pfx_kthread+0x10/0x10 [ 33.077904] ret_from_fork_asm+0x1b/0x30 [ 33.078191] </TASK> [ 33.078363] [ 33.078507] Allocated by task 132: [ 33.078732] kasan_save_stack+0x44/0x70 [ 33.079034] kasan_set_track+0x29/0x40 [ 33.079294] kasan_save_alloc_info+0x22/0x30 [ 33.079584] __kasan_kmalloc+0xb7/0xc0 [ 33.079879] kmalloc_trace+0x4c/0xb0 [ 33.080144] kmalloc_oob_right+0x9f/0x330 [ 33.080404] kunit_try_run_case+0x120/0x290 [ 33.080690] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.081038] kthread+0x19e/0x1e0 [ 33.081284] ret_from_fork+0x41/0x70 [ 33.081540] ret_from_fork_asm+0x1b/0x30 [ 33.081936] [ 33.082084] The buggy address belongs to the object at ffff88810285ed00 [ 33.082084] which belongs to the cache kmalloc-128 of size 128 [ 33.082746] The buggy address is located 5 bytes to the right of [ 33.082746] allocated 115-byte region [ffff88810285ed00, ffff88810285ed73) [ 33.083473] [ 33.083610] The buggy address belongs to the physical page: [ 33.083993] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10285e [ 33.084448] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.084822] page_type: 0xffffffff() [ 33.085207] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.085651] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.086179] page dumped because: kasan: bad access detected [ 33.086542] [ 33.086674] Memory state around the buggy address: [ 33.086969] ffff88810285ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.087377] ffff88810285ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.087796] >ffff88810285ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.088214] ^ [ 33.088586] ffff88810285ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.089091] ffff88810285ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.089483] ================================================================== [ 33.090373] ================================================================== [ 33.090873] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x144/0x330 [ 33.091347] Read of size 1 at addr ffff88810285ed80 by task kunit_try_catch/132 [ 33.091835] [ 33.091982] CPU: 0 PID: 132 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 33.092491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.093079] Call Trace: [ 33.093287] <TASK> [ 33.093462] dump_stack_lvl+0x4e/0x90 [ 33.093776] print_report+0xd2/0x650 [ 33.094076] ? __virt_addr_valid+0x156/0x1e0 [ 33.094388] ? kmalloc_oob_right+0x144/0x330 [ 33.094671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.095081] ? kmalloc_oob_right+0x144/0x330 [ 33.095393] kasan_report+0x147/0x180 [ 33.095691] ? kmalloc_oob_right+0x144/0x330 [ 33.095990] __asan_load1+0x66/0x70 [ 33.096242] kmalloc_oob_right+0x144/0x330 [ 33.096549] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 33.096978] ? __schedule+0x715/0x11a0 [ 33.097229] ? irqentry_exit+0x29/0x60 [ 33.097511] ? ktime_get_ts64+0x118/0x140 [ 33.097826] kunit_try_run_case+0x120/0x290 [ 33.098123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.098467] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 33.098834] ? kunit_generic_run_threadfn_adapter+0x1c/0x50 [ 33.099250] ? __kthread_parkme+0xaa/0xd0 [ 33.099515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.099853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.100275] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.100603] kthread+0x19e/0x1e0 [ 33.100905] ? __pfx_kthread+0x10/0x10 [ 33.101170] ret_from_fork+0x41/0x70 [ 33.101424] ? __pfx_kthread+0x10/0x10 [ 33.101698] ret_from_fork_asm+0x1b/0x30 [ 33.101999] </TASK> [ 33.102185] [ 33.102325] Allocated by task 132: [ 33.102535] kasan_save_stack+0x44/0x70 [ 33.102869] kasan_set_track+0x29/0x40 [ 33.103139] kasan_save_alloc_info+0x22/0x30 [ 33.103435] __kasan_kmalloc+0xb7/0xc0 [ 33.103673] kmalloc_trace+0x4c/0xb0 [ 33.103928] kmalloc_oob_right+0x9f/0x330 [ 33.104215] kunit_try_run_case+0x120/0x290 [ 33.104509] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 33.104828] kthread+0x19e/0x1e0 [ 33.105163] ret_from_fork+0x41/0x70 [ 33.105395] ret_from_fork_asm+0x1b/0x30 [ 33.105669] [ 33.105807] The buggy address belongs to the object at ffff88810285ed00 [ 33.105807] which belongs to the cache kmalloc-128 of size 128 [ 33.106612] The buggy address is located 13 bytes to the right of [ 33.106612] allocated 115-byte region [ffff88810285ed00, ffff88810285ed73) [ 33.107400] [ 33.107521] The buggy address belongs to the physical page: [ 33.107894] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10285e [ 33.108428] flags: 0x200000000000800(slab|node=0|zone=2) [ 33.108761] page_type: 0xffffffff() [ 33.109034] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.109470] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 33.109956] page dumped because: kasan: bad access detected [ 33.110262] [ 33.110369] Memory state around the buggy address: [ 33.110676] ffff88810285ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.111144] ffff88810285ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.111553] >ffff88810285ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.111999] ^ [ 33.112233] ffff88810285ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.112630] ffff88810285ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.113003] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-__drm_connector_init
------------[ cut here ]------------ [ 180.873191] WARNING: CPU: 0 PID: 914 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0x6df/0x7d0 [ 180.874748] Modules linked in: [ 180.875044] CPU: 0 PID: 914 Comm: kunit_try_catch Tainted: G B W N 6.6.94-rc1 #1 [ 180.875630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.876135] RIP: 0010:__drm_connector_init+0x6df/0x7d0 [ 180.876520] Code: e3 81 ff 45 23 74 24 68 41 83 e6 10 75 23 48 8d bb 00 05 00 00 e8 b1 e5 81 ff 48 c7 83 00 05 00 00 00 00 00 00 e9 05 fa ff ff <0f> 0b e9 d6 f9 ff ff 49 8d bc 24 40 04 00 00 e8 cd e4 81 ff 49 8b [ 180.877775] RSP: 0000:ffff888108fdfc60 EFLAGS: 00010246 [ 180.878098] RAX: 0000000000000000 RBX: ffff888109256010 RCX: ffffffff9125a15d [ 180.878471] RDX: dffffc0000000000 RSI: ffffffff9125a11f RDI: ffffffff9292b290 [ 180.879099] RBP: ffff888108fdfcd0 R08: 0000000000000000 R09: ffffffff929419a0 [ 180.879969] R10: 0000000000000003 R11: 0000000000000028 R12: ffff888109257000 [ 180.880527] R13: ffffffff929554c0 R14: ffffffff9292b240 R15: 0000000000000000 [ 180.880940] FS: 0000000000000000(0000) GS:ffff888157000000(0000) knlGS:0000000000000000 [ 180.881346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.881734] CR2: ffff888156928fe0 CR3: 000000015feae000 CR4: 00000000000006f0 [ 180.882153] DR0: ffffffff9459d940 DR1: ffffffff9459d941 DR2: ffffffff9459d942 [ 180.882543] DR3: ffffffff9459d943 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.883057] Call Trace: [ 180.883252] <TASK> [ 180.883760] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.884147] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.884918] drmm_connector_init+0xa6/0xf0 [ 180.885259] drm_client_modeset_test_init+0x177/0x310 [ 180.885719] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 180.886109] ? __schedule+0x715/0x11a0 [ 180.886380] kunit_try_run_case+0xf8/0x290 [ 180.886771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.887161] ? __kasan_check_write+0x18/0x20 [ 180.887495] ? trace_preempt_on+0x20/0xa0 [ 180.888172] ? __kthread_parkme+0x4f/0xd0 [ 180.888557] ? preempt_count_sub+0x50/0x80 [ 180.888871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.889191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.889686] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 180.890072] kthread+0x19e/0x1e0 [ 180.890336] ? __pfx_kthread+0x10/0x10 [ 180.890731] ret_from_fork+0x41/0x70 [ 180.891038] ? __pfx_kthread+0x10/0x10 [ 180.891293] ret_from_fork_asm+0x1b/0x30 [ 180.891833] </TASK> [ 180.892017] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 180.727317] WARNING: CPU: 1 PID: 908 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0x6df/0x7d0 [ 180.729134] Modules linked in: [ 180.729746] CPU: 1 PID: 908 Comm: kunit_try_catch Tainted: G B W N 6.6.94-rc1 #1 [ 180.730120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.730922] RIP: 0010:__drm_connector_init+0x6df/0x7d0 [ 180.731281] Code: e3 81 ff 45 23 74 24 68 41 83 e6 10 75 23 48 8d bb 00 05 00 00 e8 b1 e5 81 ff 48 c7 83 00 05 00 00 00 00 00 00 e9 05 fa ff ff <0f> 0b e9 d6 f9 ff ff 49 8d bc 24 40 04 00 00 e8 cd e4 81 ff 49 8b [ 180.732645] RSP: 0000:ffff88810925fc60 EFLAGS: 00010246 [ 180.732991] RAX: 0000000000000000 RBX: ffff888109247010 RCX: ffffffff9125a15d [ 180.733731] RDX: dffffc0000000000 RSI: ffffffff9125a11f RDI: ffffffff9292b290 [ 180.734101] RBP: ffff88810925fcd0 R08: 0000000000000000 R09: ffffffff929419a0 [ 180.734791] R10: 0000000000000003 R11: 0000000000000028 R12: ffff888109190000 [ 180.735185] R13: ffffffff929554c0 R14: ffffffff9292b240 R15: 0000000000000000 [ 180.735917] FS: 0000000000000000(0000) GS:ffff888157100000(0000) knlGS:0000000000000000 [ 180.736410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.736897] CR2: ffff88815680000a CR3: 000000015feae000 CR4: 00000000000006e0 [ 180.737463] DR0: ffffffff9459d940 DR1: ffffffff9459d941 DR2: ffffffff9459d943 [ 180.737976] DR3: ffffffff9459d945 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.738357] Call Trace: [ 180.738653] <TASK> [ 180.738883] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.739222] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.739666] drmm_connector_init+0xa6/0xf0 [ 180.740082] drm_client_modeset_test_init+0x177/0x310 [ 180.740438] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 180.740920] ? __schedule+0x715/0x11a0 [ 180.741192] kunit_try_run_case+0xf8/0x290 [ 180.741701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.742066] ? __kasan_check_write+0x18/0x20 [ 180.742438] ? trace_preempt_on+0x20/0xa0 [ 180.742737] ? __kthread_parkme+0x4f/0xd0 [ 180.743035] ? preempt_count_sub+0x50/0x80 [ 180.743329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.743764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.744163] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 180.744602] kthread+0x19e/0x1e0 [ 180.744935] ? __pfx_kthread+0x10/0x10 [ 180.745220] ret_from_fork+0x41/0x70 [ 180.745569] ? __pfx_kthread+0x10/0x10 [ 180.745904] ret_from_fork_asm+0x1b/0x30 [ 180.746198] </TASK> [ 180.746364] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 180.823993] WARNING: CPU: 0 PID: 912 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0x6df/0x7d0 [ 180.825305] Modules linked in: [ 180.825930] CPU: 0 PID: 912 Comm: kunit_try_catch Tainted: G B W N 6.6.94-rc1 #1 [ 180.827220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.828335] RIP: 0010:__drm_connector_init+0x6df/0x7d0 [ 180.829113] Code: e3 81 ff 45 23 74 24 68 41 83 e6 10 75 23 48 8d bb 00 05 00 00 e8 b1 e5 81 ff 48 c7 83 00 05 00 00 00 00 00 00 e9 05 fa ff ff <0f> 0b e9 d6 f9 ff ff 49 8d bc 24 40 04 00 00 e8 cd e4 81 ff 49 8b [ 180.831096] RSP: 0000:ffff8881091dfc60 EFLAGS: 00010246 [ 180.831664] RAX: 0000000000000000 RBX: ffff888109253010 RCX: ffffffff9125a15d [ 180.831997] RDX: dffffc0000000000 RSI: ffffffff9125a11f RDI: ffffffff9292b290 [ 180.832300] RBP: ffff8881091dfcd0 R08: 0000000000000000 R09: ffffffff929419a0 [ 180.833336] R10: 0000000000000003 R11: 0000000000000028 R12: ffff888109254000 [ 180.834271] R13: ffffffff929554c0 R14: ffffffff9292b240 R15: 0000000000000000 [ 180.835081] FS: 0000000000000000(0000) GS:ffff888157000000(0000) knlGS:0000000000000000 [ 180.835700] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.836503] CR2: ffff888156928fe0 CR3: 000000015feae000 CR4: 00000000000006f0 [ 180.837530] DR0: ffffffff9459d940 DR1: ffffffff9459d941 DR2: ffffffff9459d942 [ 180.838564] DR3: ffffffff9459d943 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.839163] Call Trace: [ 180.839322] <TASK> [ 180.839722] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.840452] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.841097] drmm_connector_init+0xa6/0xf0 [ 180.841988] drm_client_modeset_test_init+0x177/0x310 [ 180.842267] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 180.842753] ? __schedule+0x715/0x11a0 [ 180.843058] kunit_try_run_case+0xf8/0x290 [ 180.843467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.843864] ? __kasan_check_write+0x18/0x20 [ 180.844194] ? trace_preempt_on+0x20/0xa0 [ 180.844464] ? __kthread_parkme+0x4f/0xd0 [ 180.844852] ? preempt_count_sub+0x50/0x80 [ 180.845192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.846039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.846476] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 180.846817] kthread+0x19e/0x1e0 [ 180.847059] ? __pfx_kthread+0x10/0x10 [ 180.847312] ret_from_fork+0x41/0x70 [ 180.847661] ? __pfx_kthread+0x10/0x10 [ 180.847967] ret_from_fork_asm+0x1b/0x30 [ 180.848213] </TASK> [ 180.848467] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 180.770369] WARNING: CPU: 1 PID: 910 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0x6df/0x7d0 [ 180.771225] Modules linked in: [ 180.771638] CPU: 1 PID: 910 Comm: kunit_try_catch Tainted: G B W N 6.6.94-rc1 #1 [ 180.772082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.772726] RIP: 0010:__drm_connector_init+0x6df/0x7d0 [ 180.774718] Code: e3 81 ff 45 23 74 24 68 41 83 e6 10 75 23 48 8d bb 00 05 00 00 e8 b1 e5 81 ff 48 c7 83 00 05 00 00 00 00 00 00 e9 05 fa ff ff <0f> 0b e9 d6 f9 ff ff 49 8d bc 24 40 04 00 00 e8 cd e4 81 ff 49 8b [ 180.776683] RSP: 0000:ffff888109277c60 EFLAGS: 00010246 [ 180.777037] RAX: 0000000000000000 RBX: ffff888109192010 RCX: ffffffff9125a15d [ 180.777791] RDX: dffffc0000000000 RSI: ffffffff9125a11f RDI: ffffffff9292b290 [ 180.778274] RBP: ffff888109277cd0 R08: 0000000000000000 R09: ffffffff929419a0 [ 180.779073] R10: 0000000000000003 R11: 0000000000000028 R12: ffff888109193000 [ 180.779773] R13: ffffffff929554c0 R14: ffffffff9292b240 R15: 0000000000000000 [ 180.780198] FS: 0000000000000000(0000) GS:ffff888157100000(0000) knlGS:0000000000000000 [ 180.780983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.781419] CR2: ffff88815680000a CR3: 000000015feae000 CR4: 00000000000006e0 [ 180.782115] DR0: ffffffff9459d940 DR1: ffffffff9459d941 DR2: ffffffff9459d943 [ 180.782756] DR3: ffffffff9459d945 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.783697] Call Trace: [ 180.784193] <TASK> [ 180.784661] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.785212] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.785773] drmm_connector_init+0xa6/0xf0 [ 180.786456] drm_client_modeset_test_init+0x177/0x310 [ 180.787170] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 180.787779] ? __schedule+0x715/0x11a0 [ 180.788258] kunit_try_run_case+0xf8/0x290 [ 180.788676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.789143] ? __kasan_check_write+0x18/0x20 [ 180.789477] ? trace_preempt_on+0x20/0xa0 [ 180.790044] ? __kthread_parkme+0x4f/0xd0 [ 180.790653] ? preempt_count_sub+0x50/0x80 [ 180.791245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.791820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.792542] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 180.793321] kthread+0x19e/0x1e0 [ 180.793807] ? __pfx_kthread+0x10/0x10 [ 180.794049] ret_from_fork+0x41/0x70 [ 180.794248] ? __pfx_kthread+0x10/0x10 [ 180.794472] ret_from_fork_asm+0x1b/0x30 [ 180.795067] </TASK> [ 180.795309] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 180.662818] WARNING: CPU: 1 PID: 906 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0x6df/0x7d0 [ 180.663452] Modules linked in: [ 180.663829] CPU: 1 PID: 906 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 180.664288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.665145] RIP: 0010:__drm_connector_init+0x6df/0x7d0 [ 180.666695] Code: e3 81 ff 45 23 74 24 68 41 83 e6 10 75 23 48 8d bb 00 05 00 00 e8 b1 e5 81 ff 48 c7 83 00 05 00 00 00 00 00 00 e9 05 fa ff ff <0f> 0b e9 d6 f9 ff ff 49 8d bc 24 40 04 00 00 e8 cd e4 81 ff 49 8b [ 180.668668] RSP: 0000:ffff8881091f7c60 EFLAGS: 00010246 [ 180.669663] RAX: 0000000000000000 RBX: ffff888109244010 RCX: ffffffff9125a15d [ 180.670244] RDX: dffffc0000000000 RSI: ffffffff9125a11f RDI: ffffffff9292b290 [ 180.671254] RBP: ffff8881091f7cd0 R08: 0000000000000000 R09: ffffffff929419a0 [ 180.672207] R10: 0000000000000003 R11: ffffffff90a79702 R12: ffff888109245000 [ 180.673053] R13: ffffffff929554c0 R14: ffffffff9292b240 R15: 0000000000000000 [ 180.673679] FS: 0000000000000000(0000) GS:ffff888157100000(0000) knlGS:0000000000000000 [ 180.674098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.674802] CR2: ffff88815680000a CR3: 000000015feae000 CR4: 00000000000006e0 [ 180.675242] DR0: ffffffff9459d940 DR1: ffffffff9459d941 DR2: ffffffff9459d943 [ 180.675977] DR3: ffffffff9459d945 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.676835] Call Trace: [ 180.677218] <TASK> [ 180.677583] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.678278] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.678595] drmm_connector_init+0xa6/0xf0 [ 180.678975] drm_client_modeset_test_init+0x177/0x310 [ 180.679498] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 180.679883] ? __schedule+0x715/0x11a0 [ 180.680338] kunit_try_run_case+0xf8/0x290 [ 180.681331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.682033] ? __kasan_check_write+0x18/0x20 [ 180.682666] ? trace_preempt_on+0x20/0xa0 [ 180.682971] ? __kthread_parkme+0x4f/0xd0 [ 180.683189] ? preempt_count_sub+0x50/0x80 [ 180.683416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.684071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.684420] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 180.685149] kthread+0x19e/0x1e0 [ 180.685576] ? __pfx_kthread+0x10/0x10 [ 180.686175] ret_from_fork+0x41/0x70 [ 180.686696] ? __pfx_kthread+0x10/0x10 [ 180.687182] ret_from_fork_asm+0x1b/0x30 [ 180.687657] </TASK> [ 180.687973] ---[ end trace 0000000000000000 ]---
Failure - lava - job
(no logs available)
Failure - lava - boot-image-retry
(no logs available)
Failure - lava - auto-login-action
(no logs available)
Failure - lava - login-action
(no logs available)
Failure - boot - gcc-13-lkftconfig-kunit
(no logs available)