Date
June 17, 2025, 3:39 p.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
Automatically assigned
[ 95.585819] ================================================================== [ 95.587227] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x108/0x7b8 [ 95.588058] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.590587] [ 95.590902] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.591666] Hardware name: linux,dummy-virt (DT) [ 95.592175] Call trace: [ 95.592506] dump_backtrace+0x9c/0x128 [ 95.593006] show_stack+0x20/0x38 [ 95.593838] dump_stack_lvl+0x60/0xb0 [ 95.594310] print_report+0xf8/0x5e8 [ 95.595000] kasan_report+0xdc/0x128 [ 95.595526] __asan_load8+0x9c/0xc0 [ 95.597063] kasan_bitops_test_and_modify.constprop.0+0x108/0x7b8 [ 95.597937] kasan_bitops_generic+0xc0/0x148 [ 95.598568] kunit_try_run_case+0x114/0x298 [ 95.599179] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.599853] kthread+0x18c/0x1a8 [ 95.600462] ret_from_fork+0x10/0x20 [ 95.601035] [ 95.601380] Allocated by task 207: [ 95.601909] kasan_save_stack+0x3c/0x68 [ 95.602478] kasan_set_track+0x2c/0x40 [ 95.603066] kasan_save_alloc_info+0x24/0x38 [ 95.603669] __kasan_kmalloc+0xd4/0xd8 [ 95.604079] kmalloc_trace+0x68/0x130 [ 95.604525] kasan_bitops_generic+0x98/0x148 [ 95.605277] kunit_try_run_case+0x114/0x298 [ 95.605723] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.606345] kthread+0x18c/0x1a8 [ 95.606812] ret_from_fork+0x10/0x20 [ 95.607310] [ 95.607553] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.607553] which belongs to the cache kmalloc-16 of size 16 [ 95.608651] The buggy address is located 8 bytes inside of [ 95.608651] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.609668] [ 95.609926] The buggy address belongs to the physical page: [ 95.610428] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.611454] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.612056] page_type: 0xffffffff() [ 95.612493] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.613366] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.614043] page dumped because: kasan: bad access detected [ 95.614544] [ 95.614759] Memory state around the buggy address: [ 95.615238] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.615924] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.616609] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.617228] ^ [ 95.617754] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.618422] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.619058] ================================================================== [ 95.738311] ================================================================== [ 95.739104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x200/0x7b8 [ 95.739981] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.740704] [ 95.740978] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.741809] Hardware name: linux,dummy-virt (DT) [ 95.742271] Call trace: [ 95.742593] dump_backtrace+0x9c/0x128 [ 95.743059] show_stack+0x20/0x38 [ 95.743504] dump_stack_lvl+0x60/0xb0 [ 95.743968] print_report+0xf8/0x5e8 [ 95.744430] kasan_report+0xdc/0x128 [ 95.744922] __asan_load8+0x9c/0xc0 [ 95.745381] kasan_bitops_test_and_modify.constprop.0+0x200/0x7b8 [ 95.746100] kasan_bitops_generic+0xc0/0x148 [ 95.746579] kunit_try_run_case+0x114/0x298 [ 95.748282] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.748881] kthread+0x18c/0x1a8 [ 95.749366] ret_from_fork+0x10/0x20 [ 95.749792] [ 95.750018] Allocated by task 207: [ 95.750333] kasan_save_stack+0x3c/0x68 [ 95.750859] kasan_set_track+0x2c/0x40 [ 95.751293] kasan_save_alloc_info+0x24/0x38 [ 95.751758] __kasan_kmalloc+0xd4/0xd8 [ 95.752240] kmalloc_trace+0x68/0x130 [ 95.752706] kasan_bitops_generic+0x98/0x148 [ 95.753191] kunit_try_run_case+0x114/0x298 [ 95.753688] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.754249] kthread+0x18c/0x1a8 [ 95.754616] ret_from_fork+0x10/0x20 [ 95.755049] [ 95.755254] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.755254] which belongs to the cache kmalloc-16 of size 16 [ 95.756227] The buggy address is located 8 bytes inside of [ 95.756227] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.757129] [ 95.757384] The buggy address belongs to the physical page: [ 95.757872] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.758641] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.759266] page_type: 0xffffffff() [ 95.759709] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.760436] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.761100] page dumped because: kasan: bad access detected [ 95.761603] [ 95.761819] Memory state around the buggy address: [ 95.762267] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.762922] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.763408] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.764088] ^ [ 95.764751] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.765481] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.766119] ================================================================== [ 95.522077] ================================================================== [ 95.522712] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd0/0x7b8 [ 95.523644] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.524506] [ 95.524838] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.525572] Hardware name: linux,dummy-virt (DT) [ 95.526165] Call trace: [ 95.526490] dump_backtrace+0x9c/0x128 [ 95.527044] show_stack+0x20/0x38 [ 95.527738] dump_stack_lvl+0x60/0xb0 [ 95.528377] print_report+0xf8/0x5e8 [ 95.528895] kasan_report+0xdc/0x128 [ 95.529401] __asan_load8+0x9c/0xc0 [ 95.529898] kasan_bitops_test_and_modify.constprop.0+0xd0/0x7b8 [ 95.530598] kasan_bitops_generic+0xc0/0x148 [ 95.531354] kunit_try_run_case+0x114/0x298 [ 95.531907] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.532591] kthread+0x18c/0x1a8 [ 95.533050] ret_from_fork+0x10/0x20 [ 95.533478] [ 95.533722] Allocated by task 207: [ 95.534103] kasan_save_stack+0x3c/0x68 [ 95.534584] kasan_set_track+0x2c/0x40 [ 95.535092] kasan_save_alloc_info+0x24/0x38 [ 95.535581] __kasan_kmalloc+0xd4/0xd8 [ 95.536086] kmalloc_trace+0x68/0x130 [ 95.536784] kasan_bitops_generic+0x98/0x148 [ 95.537246] kunit_try_run_case+0x114/0x298 [ 95.537814] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.538326] kthread+0x18c/0x1a8 [ 95.538766] ret_from_fork+0x10/0x20 [ 95.541196] [ 95.541502] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.541502] which belongs to the cache kmalloc-16 of size 16 [ 95.542730] The buggy address is located 8 bytes inside of [ 95.542730] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.543712] [ 95.544022] The buggy address belongs to the physical page: [ 95.544560] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.545581] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.546338] page_type: 0xffffffff() [ 95.546808] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.547444] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.548539] page dumped because: kasan: bad access detected [ 95.549083] [ 95.549337] Memory state around the buggy address: [ 95.549944] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.550569] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.551336] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.552003] ^ [ 95.552600] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.553312] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.554014] ================================================================== [ 95.680700] ================================================================== [ 95.681439] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a4/0x7b8 [ 95.682357] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.683196] [ 95.683426] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.684190] Hardware name: linux,dummy-virt (DT) [ 95.684694] Call trace: [ 95.685022] dump_backtrace+0x9c/0x128 [ 95.685542] show_stack+0x20/0x38 [ 95.685990] dump_stack_lvl+0x60/0xb0 [ 95.686481] print_report+0xf8/0x5e8 [ 95.686961] kasan_report+0xdc/0x128 [ 95.687430] kasan_check_range+0xe8/0x190 [ 95.687958] __kasan_check_write+0x20/0x30 [ 95.688446] kasan_bitops_test_and_modify.constprop.0+0x1a4/0x7b8 [ 95.689058] kasan_bitops_generic+0xc0/0x148 [ 95.689657] kunit_try_run_case+0x114/0x298 [ 95.690282] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.690807] kthread+0x18c/0x1a8 [ 95.691211] ret_from_fork+0x10/0x20 [ 95.691698] [ 95.691956] Allocated by task 207: [ 95.692418] kasan_save_stack+0x3c/0x68 [ 95.692974] kasan_set_track+0x2c/0x40 [ 95.693430] kasan_save_alloc_info+0x24/0x38 [ 95.693973] __kasan_kmalloc+0xd4/0xd8 [ 95.694452] kmalloc_trace+0x68/0x130 [ 95.694907] kasan_bitops_generic+0x98/0x148 [ 95.695407] kunit_try_run_case+0x114/0x298 [ 95.695972] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.696654] kthread+0x18c/0x1a8 [ 95.697063] ret_from_fork+0x10/0x20 [ 95.697496] [ 95.697748] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.697748] which belongs to the cache kmalloc-16 of size 16 [ 95.698762] The buggy address is located 8 bytes inside of [ 95.698762] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.699781] [ 95.700066] The buggy address belongs to the physical page: [ 95.700651] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.701506] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.702151] page_type: 0xffffffff() [ 95.702578] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.703359] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.704107] page dumped because: kasan: bad access detected [ 95.704646] [ 95.704872] Memory state around the buggy address: [ 95.705369] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.706099] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.706563] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.707012] ^ [ 95.707680] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.708445] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.709150] ================================================================== [ 95.710337] ================================================================== [ 95.710945] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d4/0x7b8 [ 95.711764] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.712363] [ 95.712650] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.713418] Hardware name: linux,dummy-virt (DT) [ 95.713857] Call trace: [ 95.714164] dump_backtrace+0x9c/0x128 [ 95.714611] show_stack+0x20/0x38 [ 95.715007] dump_stack_lvl+0x60/0xb0 [ 95.715458] print_report+0xf8/0x5e8 [ 95.715935] kasan_report+0xdc/0x128 [ 95.716397] __asan_load8+0x9c/0xc0 [ 95.716885] kasan_bitops_test_and_modify.constprop.0+0x1d4/0x7b8 [ 95.717577] kasan_bitops_generic+0xc0/0x148 [ 95.718059] kunit_try_run_case+0x114/0x298 [ 95.718565] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.719018] kthread+0x18c/0x1a8 [ 95.719323] ret_from_fork+0x10/0x20 [ 95.719862] [ 95.720139] Allocated by task 207: [ 95.720538] kasan_save_stack+0x3c/0x68 [ 95.721009] kasan_set_track+0x2c/0x40 [ 95.721444] kasan_save_alloc_info+0x24/0x38 [ 95.721906] __kasan_kmalloc+0xd4/0xd8 [ 95.722359] kmalloc_trace+0x68/0x130 [ 95.722778] kasan_bitops_generic+0x98/0x148 [ 95.723275] kunit_try_run_case+0x114/0x298 [ 95.723817] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.724492] kthread+0x18c/0x1a8 [ 95.724911] ret_from_fork+0x10/0x20 [ 95.725369] [ 95.725595] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.725595] which belongs to the cache kmalloc-16 of size 16 [ 95.726628] The buggy address is located 8 bytes inside of [ 95.726628] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.727554] [ 95.727833] The buggy address belongs to the physical page: [ 95.728269] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.729267] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.729910] page_type: 0xffffffff() [ 95.730340] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.730888] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.731541] page dumped because: kasan: bad access detected [ 95.732154] [ 95.732444] Memory state around the buggy address: [ 95.732981] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.733715] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.734403] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.735068] ^ [ 95.735559] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.736389] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.737124] ================================================================== [ 95.620992] ================================================================== [ 95.621774] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x144/0x7b8 [ 95.622398] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.622912] [ 95.623209] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.624428] Hardware name: linux,dummy-virt (DT) [ 95.624903] Call trace: [ 95.625266] dump_backtrace+0x9c/0x128 [ 95.625767] show_stack+0x20/0x38 [ 95.626179] dump_stack_lvl+0x60/0xb0 [ 95.626624] print_report+0xf8/0x5e8 [ 95.627025] kasan_report+0xdc/0x128 [ 95.627458] kasan_check_range+0xe8/0x190 [ 95.627993] __kasan_check_write+0x20/0x30 [ 95.628479] kasan_bitops_test_and_modify.constprop.0+0x144/0x7b8 [ 95.629153] kasan_bitops_generic+0xc0/0x148 [ 95.629569] kunit_try_run_case+0x114/0x298 [ 95.630065] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.630698] kthread+0x18c/0x1a8 [ 95.631077] ret_from_fork+0x10/0x20 [ 95.631512] [ 95.631760] Allocated by task 207: [ 95.632169] kasan_save_stack+0x3c/0x68 [ 95.632688] kasan_set_track+0x2c/0x40 [ 95.633184] kasan_save_alloc_info+0x24/0x38 [ 95.633681] __kasan_kmalloc+0xd4/0xd8 [ 95.634193] kmalloc_trace+0x68/0x130 [ 95.634661] kasan_bitops_generic+0x98/0x148 [ 95.635108] kunit_try_run_case+0x114/0x298 [ 95.635776] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.636470] kthread+0x18c/0x1a8 [ 95.636961] ret_from_fork+0x10/0x20 [ 95.637443] [ 95.637695] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.637695] which belongs to the cache kmalloc-16 of size 16 [ 95.638730] The buggy address is located 8 bytes inside of [ 95.638730] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.639703] [ 95.639952] The buggy address belongs to the physical page: [ 95.640555] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.641436] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.642121] page_type: 0xffffffff() [ 95.642620] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.643534] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.644182] page dumped because: kasan: bad access detected [ 95.645309] [ 95.645561] Memory state around the buggy address: [ 95.645913] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.646384] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.647071] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.647727] ^ [ 95.648325] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.649038] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.649645] ================================================================== [ 95.767345] ================================================================== [ 95.768016] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x230/0x7b8 [ 95.768971] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.769790] [ 95.770033] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.770704] Hardware name: linux,dummy-virt (DT) [ 95.771472] Call trace: [ 95.771803] dump_backtrace+0x9c/0x128 [ 95.772293] show_stack+0x20/0x38 [ 95.772780] dump_stack_lvl+0x60/0xb0 [ 95.773300] print_report+0xf8/0x5e8 [ 95.773779] kasan_report+0xdc/0x128 [ 95.774265] kasan_check_range+0xe8/0x190 [ 95.774826] __kasan_check_write+0x20/0x30 [ 95.775321] kasan_bitops_test_and_modify.constprop.0+0x230/0x7b8 [ 95.775879] kasan_bitops_generic+0xc0/0x148 [ 95.777061] kunit_try_run_case+0x114/0x298 [ 95.777926] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.778879] kthread+0x18c/0x1a8 [ 95.779584] ret_from_fork+0x10/0x20 [ 95.780349] [ 95.780729] Allocated by task 207: [ 95.781401] kasan_save_stack+0x3c/0x68 [ 95.782185] kasan_set_track+0x2c/0x40 [ 95.782979] kasan_save_alloc_info+0x24/0x38 [ 95.783776] __kasan_kmalloc+0xd4/0xd8 [ 95.784651] kmalloc_trace+0x68/0x130 [ 95.785431] kasan_bitops_generic+0x98/0x148 [ 95.786281] kunit_try_run_case+0x114/0x298 [ 95.787135] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.788223] kthread+0x18c/0x1a8 [ 95.788959] ret_from_fork+0x10/0x20 [ 95.789753] [ 95.790101] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.790101] which belongs to the cache kmalloc-16 of size 16 [ 95.791856] The buggy address is located 8 bytes inside of [ 95.791856] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.793603] [ 95.794049] The buggy address belongs to the physical page: [ 95.794945] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.796284] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.797417] page_type: 0xffffffff() [ 95.798164] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.799266] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.800435] page dumped because: kasan: bad access detected [ 95.801328] [ 95.801753] Memory state around the buggy address: [ 95.802551] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.803564] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.804667] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.805710] ^ [ 95.806656] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.807710] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.808824] ================================================================== [ 95.651189] ================================================================== [ 95.651962] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x174/0x7b8 [ 95.652840] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.653547] [ 95.653830] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.654647] Hardware name: linux,dummy-virt (DT) [ 95.655206] Call trace: [ 95.655480] dump_backtrace+0x9c/0x128 [ 95.656029] show_stack+0x20/0x38 [ 95.656527] dump_stack_lvl+0x60/0xb0 [ 95.656940] print_report+0xf8/0x5e8 [ 95.657400] kasan_report+0xdc/0x128 [ 95.657973] __asan_load8+0x9c/0xc0 [ 95.658451] kasan_bitops_test_and_modify.constprop.0+0x174/0x7b8 [ 95.659115] kasan_bitops_generic+0xc0/0x148 [ 95.659610] kunit_try_run_case+0x114/0x298 [ 95.660170] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.660848] kthread+0x18c/0x1a8 [ 95.661305] ret_from_fork+0x10/0x20 [ 95.661772] [ 95.662026] Allocated by task 207: [ 95.662408] kasan_save_stack+0x3c/0x68 [ 95.662931] kasan_set_track+0x2c/0x40 [ 95.663450] kasan_save_alloc_info+0x24/0x38 [ 95.663947] __kasan_kmalloc+0xd4/0xd8 [ 95.664456] kmalloc_trace+0x68/0x130 [ 95.664908] kasan_bitops_generic+0x98/0x148 [ 95.665365] kunit_try_run_case+0x114/0x298 [ 95.665908] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.666565] kthread+0x18c/0x1a8 [ 95.666997] ret_from_fork+0x10/0x20 [ 95.667457] [ 95.667691] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.667691] which belongs to the cache kmalloc-16 of size 16 [ 95.668836] The buggy address is located 8 bytes inside of [ 95.668836] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.669858] [ 95.670106] The buggy address belongs to the physical page: [ 95.670647] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.671498] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.672178] page_type: 0xffffffff() [ 95.672682] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.673437] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.674125] page dumped because: kasan: bad access detected [ 95.674684] [ 95.674918] Memory state around the buggy address: [ 95.675416] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.676072] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.676726] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.677365] ^ [ 95.677944] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.678621] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.679258] ================================================================== [ 95.490341] ================================================================== [ 95.491242] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa4/0x7b8 [ 95.492193] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.493040] [ 95.493329] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.494151] Hardware name: linux,dummy-virt (DT) [ 95.494666] Call trace: [ 95.494959] dump_backtrace+0x9c/0x128 [ 95.495472] show_stack+0x20/0x38 [ 95.495916] dump_stack_lvl+0x60/0xb0 [ 95.496399] print_report+0xf8/0x5e8 [ 95.497984] kasan_report+0xdc/0x128 [ 95.498465] kasan_check_range+0xe8/0x190 [ 95.498891] __kasan_check_write+0x20/0x30 [ 95.499268] kasan_bitops_test_and_modify.constprop.0+0xa4/0x7b8 [ 95.499990] kasan_bitops_generic+0xc0/0x148 [ 95.500520] kunit_try_run_case+0x114/0x298 [ 95.501081] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.501569] kthread+0x18c/0x1a8 [ 95.501949] ret_from_fork+0x10/0x20 [ 95.502320] [ 95.502589] Allocated by task 207: [ 95.503283] kasan_save_stack+0x3c/0x68 [ 95.503773] kasan_set_track+0x2c/0x40 [ 95.504322] kasan_save_alloc_info+0x24/0x38 [ 95.504831] __kasan_kmalloc+0xd4/0xd8 [ 95.505488] kmalloc_trace+0x68/0x130 [ 95.506108] kasan_bitops_generic+0x98/0x148 [ 95.506712] kunit_try_run_case+0x114/0x298 [ 95.507221] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.507835] kthread+0x18c/0x1a8 [ 95.508257] ret_from_fork+0x10/0x20 [ 95.508758] [ 95.508989] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.508989] which belongs to the cache kmalloc-16 of size 16 [ 95.509895] The buggy address is located 8 bytes inside of [ 95.509895] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.510854] [ 95.511106] The buggy address belongs to the physical page: [ 95.511625] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.512665] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.513592] page_type: 0xffffffff() [ 95.514089] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.514830] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.515507] page dumped because: kasan: bad access detected [ 95.515952] [ 95.516243] Memory state around the buggy address: [ 95.516907] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.517597] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.518266] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.518986] ^ [ 95.519370] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.520650] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.521185] ================================================================== [ 95.555224] ================================================================== [ 95.555948] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x100/0x7b8 [ 95.556893] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.557816] [ 95.558037] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.558606] Hardware name: linux,dummy-virt (DT) [ 95.559159] Call trace: [ 95.559598] dump_backtrace+0x9c/0x128 [ 95.560194] show_stack+0x20/0x38 [ 95.560718] dump_stack_lvl+0x60/0xb0 [ 95.561243] print_report+0xf8/0x5e8 [ 95.561839] kasan_report+0xdc/0x128 [ 95.562382] kasan_check_range+0xe8/0x190 [ 95.563081] __kasan_check_write+0x20/0x30 [ 95.563545] kasan_bitops_test_and_modify.constprop.0+0x100/0x7b8 [ 95.564086] kasan_bitops_generic+0xc0/0x148 [ 95.564516] kunit_try_run_case+0x114/0x298 [ 95.565321] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.566015] kthread+0x18c/0x1a8 [ 95.566477] ret_from_fork+0x10/0x20 [ 95.566935] [ 95.567135] Allocated by task 207: [ 95.567471] kasan_save_stack+0x3c/0x68 [ 95.567963] kasan_set_track+0x2c/0x40 [ 95.568445] kasan_save_alloc_info+0x24/0x38 [ 95.568947] __kasan_kmalloc+0xd4/0xd8 [ 95.569442] kmalloc_trace+0x68/0x130 [ 95.569895] kasan_bitops_generic+0x98/0x148 [ 95.570374] kunit_try_run_case+0x114/0x298 [ 95.571174] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.571696] kthread+0x18c/0x1a8 [ 95.572279] ret_from_fork+0x10/0x20 [ 95.572729] [ 95.573019] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.573019] which belongs to the cache kmalloc-16 of size 16 [ 95.574095] The buggy address is located 8 bytes inside of [ 95.574095] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.575059] [ 95.575342] The buggy address belongs to the physical page: [ 95.575942] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.576826] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.577499] page_type: 0xffffffff() [ 95.577944] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.578900] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.579743] page dumped because: kasan: bad access detected [ 95.580186] [ 95.580697] Memory state around the buggy address: [ 95.581070] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.581674] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.582107] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.582606] ^ [ 95.583264] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.583897] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.584558] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
Automatically assigned
[ 121.983742] ================================================================== [ 121.984932] BUG: KFENCE: use-after-free read in test_krealloc+0x2b8/0x4e8 [ 121.984932] [ 121.985995] Use-after-free read at 0x0000000041058c96 (in kfence-#225): [ 121.987520] test_krealloc+0x2b8/0x4e8 [ 121.988493] kunit_try_run_case+0x114/0x298 [ 121.989357] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 121.990911] kthread+0x18c/0x1a8 [ 121.991523] ret_from_fork+0x10/0x20 [ 121.992630] [ 121.993103] kfence-#225: 0x0000000041058c96-0x00000000273975c4, size=32, cache=kmalloc-32 [ 121.993103] [ 121.994352] allocated by task 278 on cpu 0 at 121.981920s: [ 121.995586] test_alloc+0x228/0x3e8 [ 121.996358] test_krealloc+0xc0/0x4e8 [ 121.997071] kunit_try_run_case+0x114/0x298 [ 121.997923] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 121.998944] kthread+0x18c/0x1a8 [ 121.999894] ret_from_fork+0x10/0x20 [ 122.000350] [ 122.000557] freed by task 278 on cpu 0 at 121.982364s: [ 122.001080] krealloc+0xa8/0x1a0 [ 122.001377] test_krealloc+0x128/0x4e8 [ 122.002717] kunit_try_run_case+0x114/0x298 [ 122.003506] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 122.004508] kthread+0x18c/0x1a8 [ 122.005229] ret_from_fork+0x10/0x20 [ 122.006007] [ 122.006225] CPU: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 122.007109] Hardware name: linux,dummy-virt (DT) [ 122.008209] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
Automatically assigned
[ 121.891959] ================================================================== [ 121.892907] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x148/0x368 [ 121.892907] [ 121.894280] Use-after-free read at 0x000000004f07c4d8 (in kfence-#224): [ 121.895428] test_memcache_typesafe_by_rcu+0x148/0x368 [ 121.896666] kunit_try_run_case+0x114/0x298 [ 121.897558] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 121.898533] kthread+0x18c/0x1a8 [ 121.899218] ret_from_fork+0x10/0x20 [ 121.899999] [ 121.900437] kfence-#224: 0x000000004f07c4d8-0x000000004b80b59e, size=32, cache=test [ 121.900437] [ 121.901697] allocated by task 276 on cpu 1 at 121.876042s: [ 121.902818] test_alloc+0x1bc/0x3e8 [ 121.903466] test_memcache_typesafe_by_rcu+0xe8/0x368 [ 121.904437] kunit_try_run_case+0x114/0x298 [ 121.905345] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 121.906341] kthread+0x18c/0x1a8 [ 121.906998] ret_from_fork+0x10/0x20 [ 121.907653] [ 121.908117] freed by task 0 on cpu 1 at 121.891376s: [ 121.909897] rcu_guarded_free+0x34/0x50 [ 121.910540] rcu_core+0x448/0xf40 [ 121.911229] rcu_core_si+0x18/0x30 [ 121.911970] handle_softirqs+0x240/0x680 [ 121.912815] __do_softirq+0x1c/0x28 [ 121.913533] ____do_softirq+0x18/0x30 [ 121.914330] call_on_irq_stack+0x24/0x30 [ 121.915106] do_softirq_own_stack+0x24/0x38 [ 121.915938] irq_exit_rcu+0x110/0x160 [ 121.916779] el1_interrupt+0x38/0x58 [ 121.917554] el1h_64_irq_handler+0x18/0x28 [ 121.918373] el1h_64_irq+0x64/0x68 [ 121.919072] arch_local_irq_enable+0x4/0x8 [ 121.919905] do_idle+0x304/0x388 [ 121.920594] cpu_startup_entry+0x48/0x58 [ 121.921371] secondary_start_kernel+0x1e8/0x228 [ 121.922248] __secondary_switched+0xb8/0xc0 [ 121.923093] [ 121.923521] CPU: 1 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 121.924769] Hardware name: linux,dummy-virt (DT) [ 121.925691] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
Automatically assigned
[ 104.437637] ================================================================== [ 104.438909] BUG: KFENCE: invalid read in test_invalid_access+0xb4/0x158 [ 104.438909] [ 104.441211] Invalid read at 0x0000000085a90ba2: [ 104.442048] test_invalid_access+0xb4/0x158 [ 104.443633] kunit_try_run_case+0x114/0x298 [ 104.444601] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 104.445741] kthread+0x18c/0x1a8 [ 104.446480] ret_from_fork+0x10/0x20 [ 104.447731] [ 104.448243] CPU: 1 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 104.449346] Hardware name: linux,dummy-virt (DT) [ 104.450143] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
Automatically assigned
[ 104.196694] ================================================================== [ 104.197655] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x150/0x1d8 [ 104.197655] [ 104.199022] Corrupted memory at 0x00000000e2ebab1d [ ! . . . . . . ] (in kfence-#220): [ 104.201332] test_kmalloc_aligned_oob_write+0x150/0x1d8 [ 104.202344] kunit_try_run_case+0x114/0x298 [ 104.203631] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 104.204598] kthread+0x18c/0x1a8 [ 104.205038] ret_from_fork+0x10/0x20 [ 104.205399] [ 104.205746] kfence-#220: 0x00000000e4091a69-0x0000000065e9fa06, size=73, cache=kmalloc-96 [ 104.205746] [ 104.206812] allocated by task 266 on cpu 0 at 104.195910s: [ 104.207827] test_alloc+0x228/0x3e8 [ 104.208982] test_kmalloc_aligned_oob_write+0xb4/0x1d8 [ 104.210551] kunit_try_run_case+0x114/0x298 [ 104.212256] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 104.213977] kthread+0x18c/0x1a8 [ 104.214943] ret_from_fork+0x10/0x20 [ 104.216212] [ 104.216701] freed by task 266 on cpu 0 at 104.196233s: [ 104.217917] test_kmalloc_aligned_oob_write+0x150/0x1d8 [ 104.218723] kunit_try_run_case+0x114/0x298 [ 104.219517] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 104.220523] kthread+0x18c/0x1a8 [ 104.221036] ret_from_fork+0x10/0x20 [ 104.221387] [ 104.221819] CPU: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 104.223090] Hardware name: linux,dummy-virt (DT) [ 104.223819] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
Automatically assigned
[ 104.092572] ================================================================== [ 104.093444] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x118/0x270 [ 104.093444] [ 104.094594] Out-of-bounds read at 0x00000000a9e99974 (81B right of kfence-#219): [ 104.095625] test_kmalloc_aligned_oob_read+0x118/0x270 [ 104.096756] kunit_try_run_case+0x114/0x298 [ 104.097199] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 104.098010] kthread+0x18c/0x1a8 [ 104.098782] ret_from_fork+0x10/0x20 [ 104.099546] [ 104.099929] kfence-#219: 0x00000000b747b313-0x00000000be610134, size=73, cache=kmalloc-96 [ 104.099929] [ 104.100649] allocated by task 264 on cpu 1 at 104.092177s: [ 104.101889] test_alloc+0x228/0x3e8 [ 104.102550] test_kmalloc_aligned_oob_read+0xd4/0x270 [ 104.103484] kunit_try_run_case+0x114/0x298 [ 104.104373] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 104.105407] kthread+0x18c/0x1a8 [ 104.106118] ret_from_fork+0x10/0x20 [ 104.106855] [ 104.107262] CPU: 1 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 104.107984] Hardware name: linux,dummy-virt (DT) [ 104.108340] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
Automatically assigned
[ 98.472783] ================================================================== [ 98.473760] BUG: KFENCE: memory corruption in test_corruption+0x194/0x258 [ 98.473760] [ 98.475071] Corrupted memory at 0x000000004cbe4143 [ ! . . . . . . . . . . . . . . . ] (in kfence-#165): [ 98.478709] test_corruption+0x194/0x258 [ 98.479647] kunit_try_run_case+0x114/0x298 [ 98.480598] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.481655] kthread+0x18c/0x1a8 [ 98.482386] ret_from_fork+0x10/0x20 [ 98.483199] [ 98.483656] kfence-#165: 0x000000007b299070-0x000000001e0f2a02, size=32, cache=kmalloc-32 [ 98.483656] [ 98.484976] allocated by task 252 on cpu 1 at 98.472006s: [ 98.486202] test_alloc+0x228/0x3e8 [ 98.486858] test_corruption+0xc8/0x258 [ 98.487649] kunit_try_run_case+0x114/0x298 [ 98.488543] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.489559] kthread+0x18c/0x1a8 [ 98.490276] ret_from_fork+0x10/0x20 [ 98.491069] [ 98.491435] freed by task 252 on cpu 1 at 98.472290s: [ 98.492707] test_corruption+0x194/0x258 [ 98.493433] kunit_try_run_case+0x114/0x298 [ 98.494313] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.495314] kthread+0x18c/0x1a8 [ 98.496034] ret_from_fork+0x10/0x20 [ 98.496857] [ 98.497289] CPU: 1 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 98.498451] Hardware name: linux,dummy-virt (DT) [ 98.499193] ================================================================== [ 99.200952] ================================================================== [ 99.201843] BUG: KFENCE: memory corruption in test_corruption+0xf4/0x258 [ 99.201843] [ 99.202979] Corrupted memory at 0x00000000385bc22f [ ! . . . . . . . . . . . . . . . ] (in kfence-#172): [ 99.205890] test_corruption+0xf4/0x258 [ 99.206789] kunit_try_run_case+0x114/0x298 [ 99.207625] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 99.208727] kthread+0x18c/0x1a8 [ 99.209516] ret_from_fork+0x10/0x20 [ 99.210325] [ 99.210762] kfence-#172: 0x0000000095223adb-0x00000000dd7dc0f5, size=32, cache=test [ 99.210762] [ 99.212049] allocated by task 254 on cpu 1 at 99.200328s: [ 99.213232] test_alloc+0x1bc/0x3e8 [ 99.213958] test_corruption+0xc8/0x258 [ 99.214778] kunit_try_run_case+0x114/0x298 [ 99.215659] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 99.216650] kthread+0x18c/0x1a8 [ 99.217257] ret_from_fork+0x10/0x20 [ 99.218089] [ 99.218463] freed by task 254 on cpu 1 at 99.200582s: [ 99.219751] test_corruption+0xf4/0x258 [ 99.220458] kunit_try_run_case+0x114/0x298 [ 99.221306] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 99.222246] kthread+0x18c/0x1a8 [ 99.222883] ret_from_fork+0x10/0x20 [ 99.223535] [ 99.223992] CPU: 1 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 99.225205] Hardware name: linux,dummy-virt (DT) [ 99.225959] ================================================================== [ 98.576951] ================================================================== [ 98.577906] BUG: KFENCE: memory corruption in test_corruption+0x1e8/0x258 [ 98.577906] [ 98.578979] Corrupted memory at 0x000000007f1af580 [ ! ] (in kfence-#166): [ 98.580563] test_corruption+0x1e8/0x258 [ 98.581395] kunit_try_run_case+0x114/0x298 [ 98.582284] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.583254] kthread+0x18c/0x1a8 [ 98.583943] ret_from_fork+0x10/0x20 [ 98.584736] [ 98.585112] kfence-#166: 0x00000000c356e17d-0x000000007fd0c40e, size=32, cache=kmalloc-32 [ 98.585112] [ 98.586428] allocated by task 252 on cpu 1 at 98.576134s: [ 98.587559] test_alloc+0x228/0x3e8 [ 98.588232] test_corruption+0x114/0x258 [ 98.589096] kunit_try_run_case+0x114/0x298 [ 98.589938] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.590883] kthread+0x18c/0x1a8 [ 98.591573] ret_from_fork+0x10/0x20 [ 98.592319] [ 98.592753] freed by task 252 on cpu 1 at 98.576404s: [ 98.593986] test_corruption+0x1e8/0x258 [ 98.594600] kunit_try_run_case+0x114/0x298 [ 98.595433] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.596457] kthread+0x18c/0x1a8 [ 98.597175] ret_from_fork+0x10/0x20 [ 98.597911] [ 98.598338] CPU: 1 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 98.599546] Hardware name: linux,dummy-virt (DT) [ 98.600326] ================================================================== [ 99.513151] ================================================================== [ 99.514083] BUG: KFENCE: memory corruption in test_corruption+0x13c/0x258 [ 99.514083] [ 99.515158] Corrupted memory at 0x0000000079688a8f [ ! ] (in kfence-#175): [ 99.516915] test_corruption+0x13c/0x258 [ 99.517751] kunit_try_run_case+0x114/0x298 [ 99.518578] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 99.519531] kthread+0x18c/0x1a8 [ 99.520238] ret_from_fork+0x10/0x20 [ 99.521032] [ 99.521407] kfence-#175: 0x00000000246e8853-0x000000008f4e481f, size=32, cache=test [ 99.521407] [ 99.522555] allocated by task 254 on cpu 1 at 99.512462s: [ 99.524406] test_alloc+0x1bc/0x3e8 [ 99.525254] test_corruption+0x114/0x258 [ 99.525809] kunit_try_run_case+0x114/0x298 [ 99.526591] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 99.527522] kthread+0x18c/0x1a8 [ 99.528207] ret_from_fork+0x10/0x20 [ 99.528984] [ 99.529367] freed by task 254 on cpu 1 at 99.512711s: [ 99.530554] test_corruption+0x13c/0x258 [ 99.531232] kunit_try_run_case+0x114/0x298 [ 99.532079] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 99.533066] kthread+0x18c/0x1a8 [ 99.533752] ret_from_fork+0x10/0x20 [ 99.534496] [ 99.534880] CPU: 1 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 99.535947] Hardware name: linux,dummy-virt (DT) [ 99.536710] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
Automatically assigned
[ 98.264452] ================================================================== [ 98.265405] BUG: KFENCE: invalid free in test_invalid_addr_free+0x14c/0x1d0 [ 98.265405] [ 98.266643] Invalid free of 0x00000000413c5f5d (in kfence-#163): [ 98.267743] test_invalid_addr_free+0x14c/0x1d0 [ 98.268679] kunit_try_run_case+0x114/0x298 [ 98.269492] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.270596] kthread+0x18c/0x1a8 [ 98.271331] ret_from_fork+0x10/0x20 [ 98.272149] [ 98.272627] kfence-#163: 0x000000006f1908b6-0x000000008fddd211, size=32, cache=kmalloc-32 [ 98.272627] [ 98.273932] allocated by task 248 on cpu 1 at 98.263853s: [ 98.275188] test_alloc+0x228/0x3e8 [ 98.275871] test_invalid_addr_free+0xcc/0x1d0 [ 98.276809] kunit_try_run_case+0x114/0x298 [ 98.277618] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.278623] kthread+0x18c/0x1a8 [ 98.279358] ret_from_fork+0x10/0x20 [ 98.280163] [ 98.280695] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 98.281896] Hardware name: linux,dummy-virt (DT) [ 98.282712] ================================================================== [ 98.368502] ================================================================== [ 98.369464] BUG: KFENCE: invalid free in test_invalid_addr_free+0xe4/0x1d0 [ 98.369464] [ 98.370675] Invalid free of 0x00000000f4699d4e (in kfence-#164): [ 98.371623] test_invalid_addr_free+0xe4/0x1d0 [ 98.372617] kunit_try_run_case+0x114/0x298 [ 98.373514] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.374607] kthread+0x18c/0x1a8 [ 98.375314] ret_from_fork+0x10/0x20 [ 98.376103] [ 98.376566] kfence-#164: 0x00000000afa8605f-0x000000001c0a0e5d, size=32, cache=test [ 98.376566] [ 98.377787] allocated by task 250 on cpu 0 at 98.367943s: [ 98.378970] test_alloc+0x1bc/0x3e8 [ 98.379673] test_invalid_addr_free+0xcc/0x1d0 [ 98.380585] kunit_try_run_case+0x114/0x298 [ 98.381480] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.382491] kthread+0x18c/0x1a8 [ 98.383173] ret_from_fork+0x10/0x20 [ 98.383959] [ 98.384390] CPU: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 98.385640] Hardware name: linux,dummy-virt (DT) [ 98.386408] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
Automatically assigned
[ 98.160626] ================================================================== [ 98.161549] BUG: KFENCE: invalid free in test_double_free+0xf8/0x1d0 [ 98.161549] [ 98.162575] Invalid free of 0x000000001f2ec6b3 (in kfence-#162): [ 98.163632] test_double_free+0xf8/0x1d0 [ 98.164650] kunit_try_run_case+0x114/0x298 [ 98.165539] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.166531] kthread+0x18c/0x1a8 [ 98.167212] ret_from_fork+0x10/0x20 [ 98.167939] [ 98.168389] kfence-#162: 0x000000001f2ec6b3-0x00000000ddade902, size=32, cache=test [ 98.168389] [ 98.169546] allocated by task 246 on cpu 0 at 98.160011s: [ 98.170629] test_alloc+0x1bc/0x3e8 [ 98.171302] test_double_free+0xcc/0x1d0 [ 98.172154] kunit_try_run_case+0x114/0x298 [ 98.173049] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.174111] kthread+0x18c/0x1a8 [ 98.174827] ret_from_fork+0x10/0x20 [ 98.175594] [ 98.176062] freed by task 246 on cpu 0 at 98.160205s: [ 98.177289] test_double_free+0xe8/0x1d0 [ 98.177966] kunit_try_run_case+0x114/0x298 [ 98.178778] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.179765] kthread+0x18c/0x1a8 [ 98.180481] ret_from_fork+0x10/0x20 [ 98.181250] [ 98.181745] CPU: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 98.182936] Hardware name: linux,dummy-virt (DT) [ 98.183727] ================================================================== [ 98.056835] ================================================================== [ 98.057904] BUG: KFENCE: invalid free in test_double_free+0x15c/0x1d0 [ 98.057904] [ 98.059002] Invalid free of 0x0000000066894106 (in kfence-#161): [ 98.060046] test_double_free+0x15c/0x1d0 [ 98.061052] kunit_try_run_case+0x114/0x298 [ 98.061965] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.063014] kthread+0x18c/0x1a8 [ 98.063722] ret_from_fork+0x10/0x20 [ 98.064517] [ 98.064992] kfence-#161: 0x0000000066894106-0x00000000221ae6a9, size=32, cache=kmalloc-32 [ 98.064992] [ 98.066287] allocated by task 244 on cpu 0 at 98.056087s: [ 98.067604] test_alloc+0x228/0x3e8 [ 98.068281] test_double_free+0xcc/0x1d0 [ 98.069103] kunit_try_run_case+0x114/0x298 [ 98.069939] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.070906] kthread+0x18c/0x1a8 [ 98.071583] ret_from_fork+0x10/0x20 [ 98.072346] [ 98.072800] freed by task 244 on cpu 0 at 98.056317s: [ 98.073959] test_double_free+0x14c/0x1d0 [ 98.074567] kunit_try_run_case+0x114/0x298 [ 98.075368] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 98.076399] kthread+0x18c/0x1a8 [ 98.077117] ret_from_fork+0x10/0x20 [ 98.077876] [ 98.078321] CPU: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 98.079435] Hardware name: linux,dummy-virt (DT) [ 98.080242] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
Automatically assigned
[ 97.952557] ================================================================== [ 97.953561] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xf0/0x1c8 [ 97.953561] [ 97.954751] Use-after-free read at 0x0000000083e50798 (in kfence-#160): [ 97.955983] test_use_after_free_read+0xf0/0x1c8 [ 97.957034] kunit_try_run_case+0x114/0x298 [ 97.957932] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.958962] kthread+0x18c/0x1a8 [ 97.959703] ret_from_fork+0x10/0x20 [ 97.960472] [ 97.960891] kfence-#160: 0x0000000083e50798-0x000000005f9746bc, size=32, cache=test [ 97.960891] [ 97.962058] allocated by task 242 on cpu 0 at 97.952119s: [ 97.963169] test_alloc+0x1bc/0x3e8 [ 97.963985] test_use_after_free_read+0xc8/0x1c8 [ 97.964953] kunit_try_run_case+0x114/0x298 [ 97.965853] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.966840] kthread+0x18c/0x1a8 [ 97.967557] ret_from_fork+0x10/0x20 [ 97.968393] [ 97.968828] freed by task 242 on cpu 0 at 97.952304s: [ 97.970067] test_use_after_free_read+0xe8/0x1c8 [ 97.970836] kunit_try_run_case+0x114/0x298 [ 97.971698] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.972701] kthread+0x18c/0x1a8 [ 97.973399] ret_from_fork+0x10/0x20 [ 97.974200] [ 97.974620] CPU: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 97.975804] Hardware name: linux,dummy-virt (DT) [ 97.976522] ================================================================== [ 97.848662] ================================================================== [ 97.849680] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x150/0x1c8 [ 97.849680] [ 97.851134] Use-after-free read at 0x000000000ed7cafe (in kfence-#159): [ 97.852385] test_use_after_free_read+0x150/0x1c8 [ 97.853420] kunit_try_run_case+0x114/0x298 [ 97.854312] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.855297] kthread+0x18c/0x1a8 [ 97.856055] ret_from_fork+0x10/0x20 [ 97.856884] [ 97.857280] kfence-#159: 0x000000000ed7cafe-0x0000000063053230, size=32, cache=kmalloc-32 [ 97.857280] [ 97.858507] allocated by task 240 on cpu 0 at 97.847951s: [ 97.859757] test_alloc+0x228/0x3e8 [ 97.860390] test_use_after_free_read+0xc8/0x1c8 [ 97.861374] kunit_try_run_case+0x114/0x298 [ 97.862262] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.863229] kthread+0x18c/0x1a8 [ 97.863957] ret_from_fork+0x10/0x20 [ 97.864832] [ 97.865390] freed by task 240 on cpu 0 at 97.848232s: [ 97.866613] test_use_after_free_read+0x148/0x1c8 [ 97.867352] kunit_try_run_case+0x114/0x298 [ 97.868227] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.869263] kthread+0x18c/0x1a8 [ 97.869941] ret_from_fork+0x10/0x20 [ 97.870689] [ 97.871066] CPU: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 97.872301] Hardware name: linux,dummy-virt (DT) [ 97.873090] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
Automatically assigned
[ 97.640619] ================================================================== [ 97.641579] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd8/0x1b0 [ 97.641579] [ 97.642760] Out-of-bounds write at 0x000000003097a418 (1B left of kfence-#157): [ 97.643997] test_out_of_bounds_write+0xd8/0x1b0 [ 97.645166] kunit_try_run_case+0x114/0x298 [ 97.646026] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.647007] kthread+0x18c/0x1a8 [ 97.647738] ret_from_fork+0x10/0x20 [ 97.648557] [ 97.649019] kfence-#157: 0x000000002c170f12-0x0000000022420cbc, size=32, cache=kmalloc-32 [ 97.649019] [ 97.650304] allocated by task 236 on cpu 1 at 97.640233s: [ 97.651636] test_alloc+0x228/0x3e8 [ 97.652295] test_out_of_bounds_write+0xc0/0x1b0 [ 97.653242] kunit_try_run_case+0x114/0x298 [ 97.654095] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.655132] kthread+0x18c/0x1a8 [ 97.655846] ret_from_fork+0x10/0x20 [ 97.656609] [ 97.657096] CPU: 1 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 97.658223] Hardware name: linux,dummy-virt (DT) [ 97.658976] ================================================================== [ 97.744716] ================================================================== [ 97.745695] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd8/0x1b0 [ 97.745695] [ 97.746786] Out-of-bounds write at 0x000000003a434f3a (1B left of kfence-#158): [ 97.748155] test_out_of_bounds_write+0xd8/0x1b0 [ 97.749198] kunit_try_run_case+0x114/0x298 [ 97.750160] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.751228] kthread+0x18c/0x1a8 [ 97.751988] ret_from_fork+0x10/0x20 [ 97.752829] [ 97.753293] kfence-#158: 0x0000000054b2fa39-0x000000000970be42, size=32, cache=test [ 97.753293] [ 97.754473] allocated by task 238 on cpu 1 at 97.744500s: [ 97.755640] test_alloc+0x1bc/0x3e8 [ 97.756343] test_out_of_bounds_write+0xc0/0x1b0 [ 97.757361] kunit_try_run_case+0x114/0x298 [ 97.758195] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.759151] kthread+0x18c/0x1a8 [ 97.759853] ret_from_fork+0x10/0x20 [ 97.760613] [ 97.761067] CPU: 1 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 97.762307] Hardware name: linux,dummy-virt (DT) [ 97.762923] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
Automatically assigned
[ 96.496638] ================================================================== [ 96.497596] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x120/0x278 [ 96.497596] [ 96.498735] Out-of-bounds read at 0x0000000025d235f2 (32B right of kfence-#146): [ 96.499981] test_out_of_bounds_read+0x120/0x278 [ 96.501067] kunit_try_run_case+0x114/0x298 [ 96.501932] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.502890] kthread+0x18c/0x1a8 [ 96.503589] ret_from_fork+0x10/0x20 [ 96.504403] [ 96.504859] kfence-#146: 0x00000000c8c1d47c-0x00000000291015c4, size=32, cache=kmalloc-32 [ 96.504859] [ 96.506047] allocated by task 232 on cpu 1 at 96.496149s: [ 96.507230] test_alloc+0x228/0x3e8 [ 96.507880] test_out_of_bounds_read+0x110/0x278 [ 96.508772] kunit_try_run_case+0x114/0x298 [ 96.509562] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.510529] kthread+0x18c/0x1a8 [ 96.511204] ret_from_fork+0x10/0x20 [ 96.511930] [ 96.512359] CPU: 1 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 96.513569] Hardware name: linux,dummy-virt (DT) [ 96.514315] ================================================================== [ 96.399436] ================================================================== [ 96.400426] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xdc/0x278 [ 96.400426] [ 96.401750] Out-of-bounds read at 0x00000000f5a8874a (1B left of kfence-#145): [ 96.403178] test_out_of_bounds_read+0xdc/0x278 [ 96.404147] kunit_try_run_case+0x114/0x298 [ 96.404981] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.406311] kthread+0x18c/0x1a8 [ 96.406922] ret_from_fork+0x10/0x20 [ 96.407637] [ 96.408255] kfence-#145: 0x0000000056beb7fb-0x000000003ee48276, size=32, cache=kmalloc-32 [ 96.408255] [ 96.409773] allocated by task 232 on cpu 1 at 96.397793s: [ 96.411143] test_alloc+0x228/0x3e8 [ 96.411812] test_out_of_bounds_read+0xcc/0x278 [ 96.412788] kunit_try_run_case+0x114/0x298 [ 96.413643] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.414611] kthread+0x18c/0x1a8 [ 96.415331] ret_from_fork+0x10/0x20 [ 96.416207] [ 96.416686] CPU: 1 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 96.417877] Hardware name: linux,dummy-virt (DT) [ 96.418648] ================================================================== [ 96.600633] ================================================================== [ 96.601597] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xdc/0x278 [ 96.601597] [ 96.602758] Out-of-bounds read at 0x00000000638ff4af (1B left of kfence-#147): [ 96.604100] test_out_of_bounds_read+0xdc/0x278 [ 96.605105] kunit_try_run_case+0x114/0x298 [ 96.605999] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.606974] kthread+0x18c/0x1a8 [ 96.607688] ret_from_fork+0x10/0x20 [ 96.608535] [ 96.609018] kfence-#147: 0x00000000d8e6a865-0x0000000033ac5fe9, size=32, cache=test [ 96.609018] [ 96.610229] allocated by task 234 on cpu 1 at 96.600288s: [ 96.611466] test_alloc+0x1bc/0x3e8 [ 96.612093] test_out_of_bounds_read+0xcc/0x278 [ 96.613053] kunit_try_run_case+0x114/0x298 [ 96.613963] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.614927] kthread+0x18c/0x1a8 [ 96.615572] ret_from_fork+0x10/0x20 [ 96.616424] [ 96.616901] CPU: 1 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 96.617998] Hardware name: linux,dummy-virt (DT) [ 96.618757] ================================================================== [ 97.224559] ================================================================== [ 97.225531] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x120/0x278 [ 97.225531] [ 97.226969] Out-of-bounds read at 0x000000008896a852 (32B right of kfence-#153): [ 97.228396] test_out_of_bounds_read+0x120/0x278 [ 97.229325] kunit_try_run_case+0x114/0x298 [ 97.230197] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.231165] kthread+0x18c/0x1a8 [ 97.231838] ret_from_fork+0x10/0x20 [ 97.232618] [ 97.233072] kfence-#153: 0x0000000085e8605a-0x00000000979a5d8e, size=32, cache=test [ 97.233072] [ 97.234294] allocated by task 234 on cpu 1 at 97.224246s: [ 97.235488] test_alloc+0x1bc/0x3e8 [ 97.236206] test_out_of_bounds_read+0x110/0x278 [ 97.237156] kunit_try_run_case+0x114/0x298 [ 97.238036] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 97.239064] kthread+0x18c/0x1a8 [ 97.239783] ret_from_fork+0x10/0x20 [ 97.240599] [ 97.241116] CPU: 1 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 97.242292] Hardware name: linux,dummy-virt (DT) [ 97.243085] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
Automatically assigned
[ 93.808979] ================================================================== [ 93.809822] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa8/0x168 [ 93.810531] Read of size 1 at addr ffffd0f457ea9dcd by task kunit_try_catch/181 [ 93.811232] [ 93.811539] CPU: 1 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.812265] Hardware name: linux,dummy-virt (DT) [ 93.812700] Call trace: [ 93.812954] dump_backtrace+0x9c/0x128 [ 93.813520] show_stack+0x20/0x38 [ 93.813930] dump_stack_lvl+0x60/0xb0 [ 93.814374] print_report+0x328/0x5e8 [ 93.815738] kasan_report+0xdc/0x128 [ 93.816254] __asan_load1+0x60/0x70 [ 93.816733] kasan_global_oob_right+0xa8/0x168 [ 93.817242] kunit_try_run_case+0x114/0x298 [ 93.817732] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.818312] kthread+0x18c/0x1a8 [ 93.819002] ret_from_fork+0x10/0x20 [ 93.819520] [ 93.819849] The buggy address belongs to the variable: [ 93.820220] global_array+0xd/0x40 [ 93.820647] [ 93.820921] The buggy address belongs to the virtual mapping at [ 93.820921] [ffffd0f4565a0000, ffffd0f457f31000) created by: [ 93.820921] paging_init+0x26c/0x968 [ 93.822006] [ 93.822280] The buggy address belongs to the physical page: [ 93.823388] page:0000000069219729 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x456a9 [ 93.824487] flags: 0x3fffc0000004000(reserved|node=0|zone=0|lastcpupid=0xffff) [ 93.825255] page_type: 0xffffffff() [ 93.825784] raw: 03fffc0000004000 fffffc000015aa48 fffffc000015aa48 0000000000000000 [ 93.826534] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 93.827244] page dumped because: kasan: bad access detected [ 93.827843] [ 93.828043] Memory state around the buggy address: [ 93.828924] ffffd0f457ea9c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.829659] ffffd0f457ea9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.830235] >ffffd0f457ea9d80: 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 [ 93.831726] ^ [ 93.832427] ffffd0f457ea9e00: 02 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 93.833187] ffffd0f457ea9e80: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 93.833862] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob: Failure
Automatically assigned
[ 96.206180] ================================================================== [ 96.208810] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xc8/0x320 [ 96.210036] Read of size 1 at addr ffff8000800fd7f3 by task kunit_try_catch/220 [ 96.211467] [ 96.211982] CPU: 1 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 96.213511] Hardware name: linux,dummy-virt (DT) [ 96.214340] Call trace: [ 96.214978] dump_backtrace+0x9c/0x128 [ 96.215953] show_stack+0x20/0x38 [ 96.217246] dump_stack_lvl+0x60/0xb0 [ 96.218111] print_report+0x328/0x5e8 [ 96.219231] kasan_report+0xdc/0x128 [ 96.219810] __asan_load1+0x60/0x70 [ 96.220356] vmalloc_oob+0xc8/0x320 [ 96.220870] kunit_try_run_case+0x114/0x298 [ 96.222226] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.223299] kthread+0x18c/0x1a8 [ 96.223988] ret_from_fork+0x10/0x20 [ 96.224814] [ 96.225326] The buggy address belongs to the virtual mapping at [ 96.225326] [ffff8000800fd000, ffff8000800ff000) created by: [ 96.225326] vmalloc_oob+0x88/0x320 [ 96.227243] [ 96.227729] The buggy address belongs to the physical page: [ 96.228896] page:00000000d3755588 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10609b [ 96.230116] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 96.231321] page_type: 0xffffffff() [ 96.232314] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 96.233354] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 96.234086] page dumped because: kasan: bad access detected [ 96.235570] [ 96.236378] Memory state around the buggy address: [ 96.237377] ffff8000800fd680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.238544] ffff8000800fd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.239524] >ffff8000800fd780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 96.240475] ^ [ 96.241785] ffff8000800fd800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 96.242828] ffff8000800fd880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 96.244001] ================================================================== [ 96.247891] ================================================================== [ 96.249065] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xec/0x320 [ 96.250098] Read of size 1 at addr ffff8000800fd7f8 by task kunit_try_catch/220 [ 96.251616] [ 96.252166] CPU: 1 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 96.253576] Hardware name: linux,dummy-virt (DT) [ 96.254346] Call trace: [ 96.255137] dump_backtrace+0x9c/0x128 [ 96.255933] show_stack+0x20/0x38 [ 96.256593] dump_stack_lvl+0x60/0xb0 [ 96.257763] print_report+0x328/0x5e8 [ 96.258477] kasan_report+0xdc/0x128 [ 96.259150] __asan_load1+0x60/0x70 [ 96.260481] vmalloc_oob+0xec/0x320 [ 96.261329] kunit_try_run_case+0x114/0x298 [ 96.262289] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.263338] kthread+0x18c/0x1a8 [ 96.264028] ret_from_fork+0x10/0x20 [ 96.264826] [ 96.265290] The buggy address belongs to the virtual mapping at [ 96.265290] [ffff8000800fd000, ffff8000800ff000) created by: [ 96.265290] vmalloc_oob+0x88/0x320 [ 96.267581] [ 96.268447] The buggy address belongs to the physical page: [ 96.269456] page:00000000d3755588 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10609b [ 96.270739] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 96.271645] page_type: 0xffffffff() [ 96.272671] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 96.274015] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 96.275181] page dumped because: kasan: bad access detected [ 96.276624] [ 96.277107] Memory state around the buggy address: [ 96.278024] ffff8000800fd680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.279062] ffff8000800fd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.280113] >ffff8000800fd780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 96.281044] ^ [ 96.282301] ffff8000800fd800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 96.284038] ffff8000800fd880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 96.285115] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
Automatically assigned
[ 96.099049] ================================================================== [ 96.100877] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x14c/0x270 [ 96.102333] Read of size 8 at addr ffff0000c5ec1f00 by task kunit_try_catch/215 [ 96.103741] [ 96.104193] CPU: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 96.105733] Hardware name: linux,dummy-virt (DT) [ 96.107320] Call trace: [ 96.108324] dump_backtrace+0x9c/0x128 [ 96.110205] show_stack+0x20/0x38 [ 96.112200] dump_stack_lvl+0x60/0xb0 [ 96.113626] print_report+0xf8/0x5e8 [ 96.114683] kasan_report+0xdc/0x128 [ 96.116590] __asan_load8+0x9c/0xc0 [ 96.117504] workqueue_uaf+0x14c/0x270 [ 96.118329] kunit_try_run_case+0x114/0x298 [ 96.119204] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.120315] kthread+0x18c/0x1a8 [ 96.121104] ret_from_fork+0x10/0x20 [ 96.121937] [ 96.122336] Allocated by task 215: [ 96.123179] kasan_save_stack+0x3c/0x68 [ 96.124134] kasan_set_track+0x2c/0x40 [ 96.125032] kasan_save_alloc_info+0x24/0x38 [ 96.125919] __kasan_kmalloc+0xd4/0xd8 [ 96.126745] kmalloc_trace+0x68/0x130 [ 96.127584] workqueue_uaf+0xd0/0x270 [ 96.128309] kunit_try_run_case+0x114/0x298 [ 96.129130] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.130195] kthread+0x18c/0x1a8 [ 96.131148] ret_from_fork+0x10/0x20 [ 96.131928] [ 96.132343] Freed by task 24: [ 96.132904] kasan_save_stack+0x3c/0x68 [ 96.133710] kasan_set_track+0x2c/0x40 [ 96.134493] kasan_save_free_info+0x38/0x60 [ 96.135537] __kasan_slab_free+0x100/0x170 [ 96.136466] __kmem_cache_free+0x178/0x2c8 [ 96.137327] kfree+0x74/0x138 [ 96.137971] workqueue_uaf_work+0x18/0x30 [ 96.138960] process_one_work+0x2a8/0x6d0 [ 96.139735] worker_thread+0x528/0x6e8 [ 96.140996] kthread+0x18c/0x1a8 [ 96.141754] ret_from_fork+0x10/0x20 [ 96.142510] [ 96.143247] Last potentially related work creation: [ 96.144069] kasan_save_stack+0x3c/0x68 [ 96.144948] __kasan_record_aux_stack+0xb8/0xe8 [ 96.145841] kasan_record_aux_stack_noalloc+0x14/0x20 [ 96.146661] __queue_work+0x2d0/0x7f8 [ 96.147371] queue_work_on+0xb4/0xf0 [ 96.148346] workqueue_uaf+0x12c/0x270 [ 96.149122] kunit_try_run_case+0x114/0x298 [ 96.149961] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.151171] kthread+0x18c/0x1a8 [ 96.151934] ret_from_fork+0x10/0x20 [ 96.152737] [ 96.153057] The buggy address belongs to the object at ffff0000c5ec1f00 [ 96.153057] which belongs to the cache kmalloc-32 of size 32 [ 96.154621] The buggy address is located 0 bytes inside of [ 96.154621] freed 32-byte region [ffff0000c5ec1f00, ffff0000c5ec1f20) [ 96.156297] [ 96.156807] The buggy address belongs to the physical page: [ 96.157724] page:000000009bc72880 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ec1 [ 96.159070] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 96.160296] page_type: 0xffffffff() [ 96.161155] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 96.162480] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 96.163784] page dumped because: kasan: bad access detected [ 96.164773] [ 96.165228] Memory state around the buggy address: [ 96.166114] ffff0000c5ec1e00: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 96.167503] ffff0000c5ec1e80: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 96.168932] >ffff0000c5ec1f00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 96.169876] ^ [ 96.170684] ffff0000c5ec1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 96.171861] ffff0000c5ec2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 96.172897] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
Automatically assigned
[ 95.999514] ================================================================== [ 96.001030] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x30/0x50 [ 96.002222] Read of size 4 at addr ffff0000c6091200 by task swapper/0/0 [ 96.003611] [ 96.004159] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.6.94-rc1 #1 [ 96.005403] Hardware name: linux,dummy-virt (DT) [ 96.006264] Call trace: [ 96.006910] dump_backtrace+0x9c/0x128 [ 96.007536] show_stack+0x20/0x38 [ 96.008377] dump_stack_lvl+0x60/0xb0 [ 96.009268] print_report+0xf8/0x5e8 [ 96.010087] kasan_report+0xdc/0x128 [ 96.010659] __asan_load4+0x9c/0xc0 [ 96.011037] rcu_uaf_reclaim+0x30/0x50 [ 96.011383] rcu_core+0x448/0xf40 [ 96.011755] rcu_core_si+0x18/0x30 [ 96.012145] handle_softirqs+0x240/0x680 [ 96.013486] __do_softirq+0x1c/0x28 [ 96.014364] ____do_softirq+0x18/0x30 [ 96.015236] call_on_irq_stack+0x24/0x30 [ 96.016232] do_softirq_own_stack+0x24/0x38 [ 96.017147] irq_exit_rcu+0x110/0x160 [ 96.017919] el1_interrupt+0x38/0x58 [ 96.018780] el1h_64_irq_handler+0x18/0x28 [ 96.019731] el1h_64_irq+0x64/0x68 [ 96.020521] arch_local_irq_enable+0x4/0x8 [ 96.021402] do_idle+0x304/0x388 [ 96.022121] cpu_startup_entry+0x48/0x58 [ 96.022985] rest_init+0x11c/0x128 [ 96.024059] arch_call_rest_init+0x1c/0x28 [ 96.024984] start_kernel+0x2d0/0x398 [ 96.025737] __primary_switched+0xc0/0xd0 [ 96.026498] [ 96.027014] Allocated by task 213: [ 96.027720] kasan_save_stack+0x3c/0x68 [ 96.028588] kasan_set_track+0x2c/0x40 [ 96.029293] kasan_save_alloc_info+0x24/0x38 [ 96.030155] __kasan_kmalloc+0xd4/0xd8 [ 96.030843] kmalloc_trace+0x68/0x130 [ 96.031465] rcu_uaf+0x9c/0x1e0 [ 96.032407] kunit_try_run_case+0x114/0x298 [ 96.032851] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.033300] kthread+0x18c/0x1a8 [ 96.033598] ret_from_fork+0x10/0x20 [ 96.033908] [ 96.034076] Freed by task 0: [ 96.034297] kasan_save_stack+0x3c/0x68 [ 96.035901] kasan_set_track+0x2c/0x40 [ 96.036754] kasan_save_free_info+0x38/0x60 [ 96.037611] __kasan_slab_free+0x100/0x170 [ 96.038429] __kmem_cache_free+0x178/0x2c8 [ 96.039393] kfree+0x74/0x138 [ 96.040129] rcu_uaf_reclaim+0x28/0x50 [ 96.040919] rcu_core+0x448/0xf40 [ 96.041620] rcu_core_si+0x18/0x30 [ 96.042376] handle_softirqs+0x240/0x680 [ 96.043342] __do_softirq+0x1c/0x28 [ 96.043904] [ 96.044449] Last potentially related work creation: [ 96.045363] kasan_save_stack+0x3c/0x68 [ 96.046131] __kasan_record_aux_stack+0xb8/0xe8 [ 96.047063] kasan_record_aux_stack_noalloc+0x14/0x20 [ 96.048127] __call_rcu_common.constprop.0+0x58/0x598 [ 96.049152] call_rcu+0x18/0x30 [ 96.049876] rcu_uaf+0xd4/0x1e0 [ 96.050611] kunit_try_run_case+0x114/0x298 [ 96.051589] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 96.052587] kthread+0x18c/0x1a8 [ 96.053393] ret_from_fork+0x10/0x20 [ 96.054193] [ 96.054915] The buggy address belongs to the object at ffff0000c6091200 [ 96.054915] which belongs to the cache kmalloc-32 of size 32 [ 96.056158] The buggy address is located 0 bytes inside of [ 96.056158] freed 32-byte region [ffff0000c6091200, ffff0000c6091220) [ 96.057635] [ 96.058021] The buggy address belongs to the physical page: [ 96.058961] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 96.060169] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 96.061167] page_type: 0xffffffff() [ 96.062188] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 96.063270] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 96.064240] page dumped because: kasan: bad access detected [ 96.064843] [ 96.065242] Memory state around the buggy address: [ 96.066125] ffff0000c6091100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 96.067447] ffff0000c6091180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 96.068575] >ffff0000c6091200: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 96.069564] ^ [ 96.070183] ffff0000c6091280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 96.071542] ffff0000c6091300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 96.072467] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree
[ 95.907992] ================================================================== [ 95.908941] BUG: KASAN: double-free in kfree+0x74/0x138 [ 95.909901] Free of addr ffff0000c5c52740 by task kunit_try_catch/211 [ 95.911028] [ 95.911611] CPU: 1 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.912968] Hardware name: linux,dummy-virt (DT) [ 95.913747] Call trace: [ 95.914311] dump_backtrace+0x9c/0x128 [ 95.915198] show_stack+0x20/0x38 [ 95.916322] dump_stack_lvl+0x60/0xb0 [ 95.917161] print_report+0xf8/0x5e8 [ 95.917935] kasan_report_invalid_free+0xc0/0xe8 [ 95.918814] __kasan_slab_free+0x134/0x170 [ 95.919694] __kmem_cache_free+0x178/0x2c8 [ 95.920716] kfree+0x74/0x138 [ 95.921441] kfree_sensitive+0x3c/0xb0 [ 95.922121] kmalloc_double_kzfree+0xc8/0x1d8 [ 95.923103] kunit_try_run_case+0x114/0x298 [ 95.924179] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.925052] kthread+0x18c/0x1a8 [ 95.925857] ret_from_fork+0x10/0x20 [ 95.926603] [ 95.927012] Allocated by task 211: [ 95.927628] kasan_save_stack+0x3c/0x68 [ 95.928509] kasan_set_track+0x2c/0x40 [ 95.929395] kasan_save_alloc_info+0x24/0x38 [ 95.930158] __kasan_kmalloc+0xd4/0xd8 [ 95.931100] kmalloc_trace+0x68/0x130 [ 95.931845] kmalloc_double_kzfree+0x9c/0x1d8 [ 95.932930] kunit_try_run_case+0x114/0x298 [ 95.933960] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.935280] kthread+0x18c/0x1a8 [ 95.936336] ret_from_fork+0x10/0x20 [ 95.937176] [ 95.937668] Freed by task 211: [ 95.938287] kasan_save_stack+0x3c/0x68 [ 95.939130] kasan_set_track+0x2c/0x40 [ 95.939997] kasan_save_free_info+0x38/0x60 [ 95.940949] __kasan_slab_free+0x100/0x170 [ 95.941644] __kmem_cache_free+0x178/0x2c8 [ 95.942334] kfree+0x74/0x138 [ 95.943098] kfree_sensitive+0x80/0xb0 [ 95.943844] kmalloc_double_kzfree+0xb8/0x1d8 [ 95.945014] kunit_try_run_case+0x114/0x298 [ 95.946070] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.947148] kthread+0x18c/0x1a8 [ 95.947746] ret_from_fork+0x10/0x20 [ 95.948579] [ 95.949038] The buggy address belongs to the object at ffff0000c5c52740 [ 95.949038] which belongs to the cache kmalloc-16 of size 16 [ 95.950553] The buggy address is located 0 bytes inside of [ 95.950553] 16-byte region [ffff0000c5c52740, ffff0000c5c52750) [ 95.952196] [ 95.952698] The buggy address belongs to the physical page: [ 95.953684] page:00000000fbf36b17 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c52 [ 95.955198] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.956459] page_type: 0xffffffff() [ 95.957222] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.958400] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.959347] page dumped because: kasan: bad access detected [ 95.960068] [ 95.960442] Memory state around the buggy address: [ 95.961311] ffff0000c5c52600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.962560] ffff0000c5c52680: 00 04 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 95.963849] >ffff0000c5c52700: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 95.965103] ^ [ 95.965985] ffff0000c5c52780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.967235] ffff0000c5c52800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.968372] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
Automatically assigned
[ 95.833771] ================================================================== [ 95.835695] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0xc8/0x1d8 [ 95.836992] Read of size 1 at addr ffff0000c5c52740 by task kunit_try_catch/211 [ 95.838239] [ 95.838778] CPU: 1 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.840232] Hardware name: linux,dummy-virt (DT) [ 95.841797] Call trace: [ 95.842529] dump_backtrace+0x9c/0x128 [ 95.843398] show_stack+0x20/0x38 [ 95.844058] dump_stack_lvl+0x60/0xb0 [ 95.846100] print_report+0xf8/0x5e8 [ 95.848506] kasan_report+0xdc/0x128 [ 95.849462] __kasan_check_byte+0x54/0x70 [ 95.851887] kfree_sensitive+0x30/0xb0 [ 95.853483] kmalloc_double_kzfree+0xc8/0x1d8 [ 95.854473] kunit_try_run_case+0x114/0x298 [ 95.855833] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.857132] kthread+0x18c/0x1a8 [ 95.857939] ret_from_fork+0x10/0x20 [ 95.859363] [ 95.859691] Allocated by task 211: [ 95.860499] kasan_save_stack+0x3c/0x68 [ 95.861350] kasan_set_track+0x2c/0x40 [ 95.862165] kasan_save_alloc_info+0x24/0x38 [ 95.863277] __kasan_kmalloc+0xd4/0xd8 [ 95.864109] kmalloc_trace+0x68/0x130 [ 95.864881] kmalloc_double_kzfree+0x9c/0x1d8 [ 95.865773] kunit_try_run_case+0x114/0x298 [ 95.866656] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.867697] kthread+0x18c/0x1a8 [ 95.868532] ret_from_fork+0x10/0x20 [ 95.869327] [ 95.869756] Freed by task 211: [ 95.870324] kasan_save_stack+0x3c/0x68 [ 95.871271] kasan_set_track+0x2c/0x40 [ 95.872537] kasan_save_free_info+0x38/0x60 [ 95.873595] __kasan_slab_free+0x100/0x170 [ 95.874367] __kmem_cache_free+0x178/0x2c8 [ 95.875364] kfree+0x74/0x138 [ 95.876193] kfree_sensitive+0x80/0xb0 [ 95.876881] kmalloc_double_kzfree+0xb8/0x1d8 [ 95.877924] kunit_try_run_case+0x114/0x298 [ 95.878888] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.880323] kthread+0x18c/0x1a8 [ 95.881105] ret_from_fork+0x10/0x20 [ 95.882210] [ 95.882710] The buggy address belongs to the object at ffff0000c5c52740 [ 95.882710] which belongs to the cache kmalloc-16 of size 16 [ 95.884753] The buggy address is located 0 bytes inside of [ 95.884753] freed 16-byte region [ffff0000c5c52740, ffff0000c5c52750) [ 95.886321] [ 95.887096] The buggy address belongs to the physical page: [ 95.887898] page:00000000fbf36b17 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c52 [ 95.889531] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.891080] page_type: 0xffffffff() [ 95.892372] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.893690] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.894677] page dumped because: kasan: bad access detected [ 95.896271] [ 95.896813] Memory state around the buggy address: [ 95.897592] ffff0000c5c52600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.898060] ffff0000c5c52680: 00 04 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 95.898717] >ffff0000c5c52700: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 95.900288] ^ [ 95.901457] ffff0000c5c52780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.902454] ffff0000c5c52800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.903520] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
Automatically assigned
[ 95.013215] ================================================================== [ 95.014617] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4/0x6d8 [ 95.015866] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.016918] [ 95.017383] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.018609] Hardware name: linux,dummy-virt (DT) [ 95.020120] Call trace: [ 95.020770] dump_backtrace+0x9c/0x128 [ 95.021628] show_stack+0x20/0x38 [ 95.022366] dump_stack_lvl+0x60/0xb0 [ 95.023181] print_report+0xf8/0x5e8 [ 95.023991] kasan_report+0xdc/0x128 [ 95.024805] kasan_check_range+0xe8/0x190 [ 95.025624] __kasan_check_write+0x20/0x30 [ 95.026379] kasan_bitops_modify.constprop.0+0xa4/0x6d8 [ 95.027312] kasan_bitops_generic+0xb4/0x148 [ 95.028183] kunit_try_run_case+0x114/0x298 [ 95.029807] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.031030] kthread+0x18c/0x1a8 [ 95.031752] ret_from_fork+0x10/0x20 [ 95.032482] [ 95.032797] Allocated by task 207: [ 95.033310] kasan_save_stack+0x3c/0x68 [ 95.034304] kasan_set_track+0x2c/0x40 [ 95.035648] kasan_save_alloc_info+0x24/0x38 [ 95.036425] __kasan_kmalloc+0xd4/0xd8 [ 95.037390] kmalloc_trace+0x68/0x130 [ 95.038144] kasan_bitops_generic+0x98/0x148 [ 95.039034] kunit_try_run_case+0x114/0x298 [ 95.039974] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.041016] kthread+0x18c/0x1a8 [ 95.041713] ret_from_fork+0x10/0x20 [ 95.042497] [ 95.042982] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.042982] which belongs to the cache kmalloc-16 of size 16 [ 95.044863] The buggy address is located 8 bytes inside of [ 95.044863] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.047070] [ 95.047783] The buggy address belongs to the physical page: [ 95.048718] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.049961] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.050971] page_type: 0xffffffff() [ 95.051788] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.053190] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.054803] page dumped because: kasan: bad access detected [ 95.055465] [ 95.056106] Memory state around the buggy address: [ 95.058384] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.059224] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.064521] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.065534] ^ [ 95.066499] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.068081] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.069730] ================================================================== [ 95.121926] ================================================================== [ 95.123280] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0x6d8 [ 95.124399] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.125812] [ 95.126353] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.127816] Hardware name: linux,dummy-virt (DT) [ 95.128555] Call trace: [ 95.129012] dump_backtrace+0x9c/0x128 [ 95.130495] show_stack+0x20/0x38 [ 95.131232] dump_stack_lvl+0x60/0xb0 [ 95.132090] print_report+0xf8/0x5e8 [ 95.132937] kasan_report+0xdc/0x128 [ 95.133770] kasan_check_range+0xe8/0x190 [ 95.134603] __kasan_check_write+0x20/0x30 [ 95.135317] kasan_bitops_modify.constprop.0+0x100/0x6d8 [ 95.136511] kasan_bitops_generic+0xb4/0x148 [ 95.137322] kunit_try_run_case+0x114/0x298 [ 95.138296] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.139262] kthread+0x18c/0x1a8 [ 95.139978] ret_from_fork+0x10/0x20 [ 95.140855] [ 95.141245] Allocated by task 207: [ 95.141881] kasan_save_stack+0x3c/0x68 [ 95.142676] kasan_set_track+0x2c/0x40 [ 95.143452] kasan_save_alloc_info+0x24/0x38 [ 95.144319] __kasan_kmalloc+0xd4/0xd8 [ 95.145071] kmalloc_trace+0x68/0x130 [ 95.146007] kasan_bitops_generic+0x98/0x148 [ 95.146513] kunit_try_run_case+0x114/0x298 [ 95.147023] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.148177] kthread+0x18c/0x1a8 [ 95.148909] ret_from_fork+0x10/0x20 [ 95.149646] [ 95.150045] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.150045] which belongs to the cache kmalloc-16 of size 16 [ 95.151576] The buggy address is located 8 bytes inside of [ 95.151576] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.152904] [ 95.153313] The buggy address belongs to the physical page: [ 95.154215] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.156086] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.157224] page_type: 0xffffffff() [ 95.158030] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.159115] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.160836] page dumped because: kasan: bad access detected [ 95.161870] [ 95.162119] Memory state around the buggy address: [ 95.163138] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.164069] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.165227] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.166248] ^ [ 95.167793] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.169149] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.170314] ================================================================== [ 95.427946] ================================================================== [ 95.428622] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0x6d8 [ 95.429386] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.430066] [ 95.430294] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.431168] Hardware name: linux,dummy-virt (DT) [ 95.431591] Call trace: [ 95.431890] dump_backtrace+0x9c/0x128 [ 95.432375] show_stack+0x20/0x38 [ 95.432849] dump_stack_lvl+0x60/0xb0 [ 95.433318] print_report+0xf8/0x5e8 [ 95.433783] kasan_report+0xdc/0x128 [ 95.434239] kasan_check_range+0xe8/0x190 [ 95.434791] __kasan_check_write+0x20/0x30 [ 95.435311] kasan_bitops_modify.constprop.0+0x1dc/0x6d8 [ 95.435957] kasan_bitops_generic+0xb4/0x148 [ 95.436497] kunit_try_run_case+0x114/0x298 [ 95.436988] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.437553] kthread+0x18c/0x1a8 [ 95.437936] ret_from_fork+0x10/0x20 [ 95.438374] [ 95.438558] Allocated by task 207: [ 95.438937] kasan_save_stack+0x3c/0x68 [ 95.439439] kasan_set_track+0x2c/0x40 [ 95.439929] kasan_save_alloc_info+0x24/0x38 [ 95.440521] __kasan_kmalloc+0xd4/0xd8 [ 95.440994] kmalloc_trace+0x68/0x130 [ 95.441483] kasan_bitops_generic+0x98/0x148 [ 95.441945] kunit_try_run_case+0x114/0x298 [ 95.442461] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.443101] kthread+0x18c/0x1a8 [ 95.443488] ret_from_fork+0x10/0x20 [ 95.443991] [ 95.444239] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.444239] which belongs to the cache kmalloc-16 of size 16 [ 95.444989] The buggy address is located 8 bytes inside of [ 95.444989] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.446080] [ 95.446324] The buggy address belongs to the physical page: [ 95.446810] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.447671] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.448308] page_type: 0xffffffff() [ 95.448772] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.449535] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.450211] page dumped because: kasan: bad access detected [ 95.450678] [ 95.450912] Memory state around the buggy address: [ 95.451428] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.452148] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.452845] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.453518] ^ [ 95.454027] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.454704] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.455321] ================================================================== [ 95.172911] ================================================================== [ 95.173825] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x130/0x6d8 [ 95.175372] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.176396] [ 95.177344] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.178658] Hardware name: linux,dummy-virt (DT) [ 95.179514] Call trace: [ 95.180021] dump_backtrace+0x9c/0x128 [ 95.180954] show_stack+0x20/0x38 [ 95.181744] dump_stack_lvl+0x60/0xb0 [ 95.182537] print_report+0xf8/0x5e8 [ 95.183467] kasan_report+0xdc/0x128 [ 95.184739] __asan_load8+0x9c/0xc0 [ 95.185872] kasan_bitops_modify.constprop.0+0x130/0x6d8 [ 95.186824] kasan_bitops_generic+0xb4/0x148 [ 95.187636] kunit_try_run_case+0x114/0x298 [ 95.188556] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.189626] kthread+0x18c/0x1a8 [ 95.190388] ret_from_fork+0x10/0x20 [ 95.191214] [ 95.191584] Allocated by task 207: [ 95.192720] kasan_save_stack+0x3c/0x68 [ 95.193750] kasan_set_track+0x2c/0x40 [ 95.194631] kasan_save_alloc_info+0x24/0x38 [ 95.195571] __kasan_kmalloc+0xd4/0xd8 [ 95.196464] kmalloc_trace+0x68/0x130 [ 95.197317] kasan_bitops_generic+0x98/0x148 [ 95.198093] kunit_try_run_case+0x114/0x298 [ 95.198755] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.200243] kthread+0x18c/0x1a8 [ 95.201661] ret_from_fork+0x10/0x20 [ 95.202555] [ 95.203041] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.203041] which belongs to the cache kmalloc-16 of size 16 [ 95.204785] The buggy address is located 8 bytes inside of [ 95.204785] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.206360] [ 95.207607] The buggy address belongs to the physical page: [ 95.208377] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.209712] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.210866] page_type: 0xffffffff() [ 95.211604] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.212864] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.213975] page dumped because: kasan: bad access detected [ 95.215627] [ 95.216040] Memory state around the buggy address: [ 95.216760] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.217911] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.218993] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.220078] ^ [ 95.221054] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.222142] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.222943] ================================================================== [ 95.072750] ================================================================== [ 95.073703] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xd0/0x6d8 [ 95.075502] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.076455] [ 95.076855] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.078368] Hardware name: linux,dummy-virt (DT) [ 95.079168] Call trace: [ 95.079691] dump_backtrace+0x9c/0x128 [ 95.080487] show_stack+0x20/0x38 [ 95.081235] dump_stack_lvl+0x60/0xb0 [ 95.082005] print_report+0xf8/0x5e8 [ 95.083643] kasan_report+0xdc/0x128 [ 95.084633] __asan_load8+0x9c/0xc0 [ 95.085454] kasan_bitops_modify.constprop.0+0xd0/0x6d8 [ 95.086445] kasan_bitops_generic+0xb4/0x148 [ 95.087346] kunit_try_run_case+0x114/0x298 [ 95.088253] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.089560] kthread+0x18c/0x1a8 [ 95.090288] ret_from_fork+0x10/0x20 [ 95.091280] [ 95.091586] Allocated by task 207: [ 95.092047] kasan_save_stack+0x3c/0x68 [ 95.092612] kasan_set_track+0x2c/0x40 [ 95.093139] kasan_save_alloc_info+0x24/0x38 [ 95.093737] __kasan_kmalloc+0xd4/0xd8 [ 95.095264] kmalloc_trace+0x68/0x130 [ 95.096127] kasan_bitops_generic+0x98/0x148 [ 95.096954] kunit_try_run_case+0x114/0x298 [ 95.097698] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.099058] kthread+0x18c/0x1a8 [ 95.099620] ret_from_fork+0x10/0x20 [ 95.100149] [ 95.100429] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.100429] which belongs to the cache kmalloc-16 of size 16 [ 95.102424] The buggy address is located 8 bytes inside of [ 95.102424] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.104184] [ 95.104577] The buggy address belongs to the physical page: [ 95.105311] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.106935] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.108215] page_type: 0xffffffff() [ 95.109063] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.110267] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.111563] page dumped because: kasan: bad access detected [ 95.112793] [ 95.113153] Memory state around the buggy address: [ 95.113562] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.114040] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.115164] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.116255] ^ [ 95.117290] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.118297] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.119236] ================================================================== [ 95.276928] ================================================================== [ 95.278233] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x194/0x6d8 [ 95.279711] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.281182] [ 95.281629] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.283172] Hardware name: linux,dummy-virt (DT) [ 95.284089] Call trace: [ 95.284729] dump_backtrace+0x9c/0x128 [ 95.285570] show_stack+0x20/0x38 [ 95.286346] dump_stack_lvl+0x60/0xb0 [ 95.287283] print_report+0xf8/0x5e8 [ 95.288209] kasan_report+0xdc/0x128 [ 95.289118] kasan_check_range+0xe8/0x190 [ 95.290003] __kasan_check_write+0x20/0x30 [ 95.290852] kasan_bitops_modify.constprop.0+0x194/0x6d8 [ 95.292018] kasan_bitops_generic+0xb4/0x148 [ 95.292997] kunit_try_run_case+0x114/0x298 [ 95.293934] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.294940] kthread+0x18c/0x1a8 [ 95.295838] ret_from_fork+0x10/0x20 [ 95.296805] [ 95.297243] Allocated by task 207: [ 95.297736] kasan_save_stack+0x3c/0x68 [ 95.298656] kasan_set_track+0x2c/0x40 [ 95.299776] kasan_save_alloc_info+0x24/0x38 [ 95.300870] __kasan_kmalloc+0xd4/0xd8 [ 95.301690] kmalloc_trace+0x68/0x130 [ 95.302483] kasan_bitops_generic+0x98/0x148 [ 95.303404] kunit_try_run_case+0x114/0x298 [ 95.304510] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.305582] kthread+0x18c/0x1a8 [ 95.306354] ret_from_fork+0x10/0x20 [ 95.307231] [ 95.307815] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.307815] which belongs to the cache kmalloc-16 of size 16 [ 95.309548] The buggy address is located 8 bytes inside of [ 95.309548] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.311274] [ 95.311833] The buggy address belongs to the physical page: [ 95.312792] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.314027] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.315054] page_type: 0xffffffff() [ 95.315660] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.319027] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.319984] page dumped because: kasan: bad access detected [ 95.321436] [ 95.322142] Memory state around the buggy address: [ 95.323663] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.326211] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.329362] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.330916] ^ [ 95.331822] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.332936] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.333914] ================================================================== [ 95.457068] ================================================================== [ 95.457593] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x20c/0x6d8 [ 95.458480] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.459190] [ 95.459455] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.460353] Hardware name: linux,dummy-virt (DT) [ 95.460795] Call trace: [ 95.461077] dump_backtrace+0x9c/0x128 [ 95.461562] show_stack+0x20/0x38 [ 95.462003] dump_stack_lvl+0x60/0xb0 [ 95.462407] print_report+0xf8/0x5e8 [ 95.462952] kasan_report+0xdc/0x128 [ 95.463397] __asan_load8+0x9c/0xc0 [ 95.463885] kasan_bitops_modify.constprop.0+0x20c/0x6d8 [ 95.464555] kasan_bitops_generic+0xb4/0x148 [ 95.464982] kunit_try_run_case+0x114/0x298 [ 95.466548] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.467264] kthread+0x18c/0x1a8 [ 95.467702] ret_from_fork+0x10/0x20 [ 95.468192] [ 95.468403] Allocated by task 207: [ 95.468774] kasan_save_stack+0x3c/0x68 [ 95.469305] kasan_set_track+0x2c/0x40 [ 95.469763] kasan_save_alloc_info+0x24/0x38 [ 95.470245] __kasan_kmalloc+0xd4/0xd8 [ 95.470702] kmalloc_trace+0x68/0x130 [ 95.471436] kasan_bitops_generic+0x98/0x148 [ 95.472375] kunit_try_run_case+0x114/0x298 [ 95.472934] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.473505] kthread+0x18c/0x1a8 [ 95.473874] ret_from_fork+0x10/0x20 [ 95.474308] [ 95.474563] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.474563] which belongs to the cache kmalloc-16 of size 16 [ 95.475504] The buggy address is located 8 bytes inside of [ 95.475504] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.476531] [ 95.476808] The buggy address belongs to the physical page: [ 95.477366] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.478221] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.479100] page_type: 0xffffffff() [ 95.479789] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.481237] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.481997] page dumped because: kasan: bad access detected [ 95.482598] [ 95.482840] Memory state around the buggy address: [ 95.483362] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.484110] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.484814] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.485535] ^ [ 95.486136] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.486838] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.488885] ================================================================== [ 95.337761] ================================================================== [ 95.338641] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0x6d8 [ 95.339739] Read of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.340706] [ 95.341419] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.342598] Hardware name: linux,dummy-virt (DT) [ 95.343237] Call trace: [ 95.343787] dump_backtrace+0x9c/0x128 [ 95.344588] show_stack+0x20/0x38 [ 95.345277] dump_stack_lvl+0x60/0xb0 [ 95.346938] print_report+0xf8/0x5e8 [ 95.347755] kasan_report+0xdc/0x128 [ 95.348588] __asan_load8+0x9c/0xc0 [ 95.349444] kasan_bitops_modify.constprop.0+0x19c/0x6d8 [ 95.350496] kasan_bitops_generic+0xb4/0x148 [ 95.351337] kunit_try_run_case+0x114/0x298 [ 95.352221] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.354041] kthread+0x18c/0x1a8 [ 95.354712] ret_from_fork+0x10/0x20 [ 95.355419] [ 95.355752] Allocated by task 207: [ 95.356297] kasan_save_stack+0x3c/0x68 [ 95.357139] kasan_set_track+0x2c/0x40 [ 95.357769] kasan_save_alloc_info+0x24/0x38 [ 95.358580] __kasan_kmalloc+0xd4/0xd8 [ 95.359363] kmalloc_trace+0x68/0x130 [ 95.360086] kasan_bitops_generic+0x98/0x148 [ 95.361582] kunit_try_run_case+0x114/0x298 [ 95.362636] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.363668] kthread+0x18c/0x1a8 [ 95.364238] ret_from_fork+0x10/0x20 [ 95.365093] [ 95.365498] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.365498] which belongs to the cache kmalloc-16 of size 16 [ 95.367135] The buggy address is located 8 bytes inside of [ 95.367135] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.368795] [ 95.369530] The buggy address belongs to the physical page: [ 95.370457] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.371842] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.372923] page_type: 0xffffffff() [ 95.373781] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.374938] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.376207] page dumped because: kasan: bad access detected [ 95.377140] [ 95.377854] Memory state around the buggy address: [ 95.378523] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.379406] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.380883] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.381868] ^ [ 95.382818] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.383701] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.384696] ================================================================== [ 95.224436] ================================================================== [ 95.225723] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x160/0x6d8 [ 95.227634] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.228721] [ 95.229132] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.230373] Hardware name: linux,dummy-virt (DT) [ 95.231050] Call trace: [ 95.231471] dump_backtrace+0x9c/0x128 [ 95.232374] show_stack+0x20/0x38 [ 95.233663] dump_stack_lvl+0x60/0xb0 [ 95.234459] print_report+0xf8/0x5e8 [ 95.235277] kasan_report+0xdc/0x128 [ 95.236122] kasan_check_range+0xe8/0x190 [ 95.237017] __kasan_check_write+0x20/0x30 [ 95.237833] kasan_bitops_modify.constprop.0+0x160/0x6d8 [ 95.238892] kasan_bitops_generic+0xb4/0x148 [ 95.239888] kunit_try_run_case+0x114/0x298 [ 95.241103] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.242111] kthread+0x18c/0x1a8 [ 95.242832] ret_from_fork+0x10/0x20 [ 95.243533] [ 95.243798] Allocated by task 207: [ 95.244213] kasan_save_stack+0x3c/0x68 [ 95.245098] kasan_set_track+0x2c/0x40 [ 95.246045] kasan_save_alloc_info+0x24/0x38 [ 95.246933] __kasan_kmalloc+0xd4/0xd8 [ 95.247749] kmalloc_trace+0x68/0x130 [ 95.248602] kasan_bitops_generic+0x98/0x148 [ 95.249640] kunit_try_run_case+0x114/0x298 [ 95.250595] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.251781] kthread+0x18c/0x1a8 [ 95.252639] ret_from_fork+0x10/0x20 [ 95.253548] [ 95.253988] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.253988] which belongs to the cache kmalloc-16 of size 16 [ 95.255597] The buggy address is located 8 bytes inside of [ 95.255597] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.257971] [ 95.258437] The buggy address belongs to the physical page: [ 95.259422] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.260770] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.261902] page_type: 0xffffffff() [ 95.262805] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.264038] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.265299] page dumped because: kasan: bad access detected [ 95.266086] [ 95.266567] Memory state around the buggy address: [ 95.267486] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.268601] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.269992] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.270962] ^ [ 95.271882] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.273062] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.274311] ================================================================== [ 95.387209] ================================================================== [ 95.389235] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1ac/0x6d8 [ 95.390473] Write of size 8 at addr ffff0000c5adb6c8 by task kunit_try_catch/207 [ 95.391401] [ 95.391967] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 95.393208] Hardware name: linux,dummy-virt (DT) [ 95.393990] Call trace: [ 95.394450] dump_backtrace+0x9c/0x128 [ 95.395227] show_stack+0x20/0x38 [ 95.395987] dump_stack_lvl+0x60/0xb0 [ 95.396796] print_report+0xf8/0x5e8 [ 95.397548] kasan_report+0xdc/0x128 [ 95.398292] kasan_check_range+0xe8/0x190 [ 95.399051] __kasan_check_write+0x20/0x30 [ 95.399968] kasan_bitops_modify.constprop.0+0x1ac/0x6d8 [ 95.401018] kasan_bitops_generic+0xb4/0x148 [ 95.401910] kunit_try_run_case+0x114/0x298 [ 95.402808] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.403833] kthread+0x18c/0x1a8 [ 95.404516] ret_from_fork+0x10/0x20 [ 95.405321] [ 95.405769] Allocated by task 207: [ 95.406373] kasan_save_stack+0x3c/0x68 [ 95.407148] kasan_set_track+0x2c/0x40 [ 95.407921] kasan_save_alloc_info+0x24/0x38 [ 95.408745] __kasan_kmalloc+0xd4/0xd8 [ 95.409547] kmalloc_trace+0x68/0x130 [ 95.410074] kasan_bitops_generic+0x98/0x148 [ 95.410553] kunit_try_run_case+0x114/0x298 [ 95.411173] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 95.411696] kthread+0x18c/0x1a8 [ 95.412151] ret_from_fork+0x10/0x20 [ 95.412624] [ 95.412919] The buggy address belongs to the object at ffff0000c5adb6c0 [ 95.412919] which belongs to the cache kmalloc-16 of size 16 [ 95.413643] The buggy address is located 8 bytes inside of [ 95.413643] allocated 9-byte region [ffff0000c5adb6c0, ffff0000c5adb6c9) [ 95.414632] [ 95.414883] The buggy address belongs to the physical page: [ 95.415542] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 95.416472] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 95.417228] page_type: 0xffffffff() [ 95.417666] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 95.418464] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 95.420051] page dumped because: kasan: bad access detected [ 95.420587] [ 95.420819] Memory state around the buggy address: [ 95.421314] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 95.422002] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 95.422663] >ffff0000c5adb680: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 95.423326] ^ [ 95.423930] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.424684] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 95.425367] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
Automatically assigned
[ 94.296132] ================================================================== [ 94.297824] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xdc/0x230 [ 94.299002] Free of addr ffff0000c60ca001 by task kunit_try_catch/197 [ 94.300285] [ 94.300762] CPU: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.301822] Hardware name: linux,dummy-virt (DT) [ 94.302609] Call trace: [ 94.303304] dump_backtrace+0x9c/0x128 [ 94.304028] show_stack+0x20/0x38 [ 94.305687] dump_stack_lvl+0x60/0xb0 [ 94.306491] print_report+0xf8/0x5e8 [ 94.307234] kasan_report_invalid_free+0xc0/0xe8 [ 94.308158] __kasan_slab_free+0x164/0x170 [ 94.308999] kmem_cache_free+0x18c/0x3f8 [ 94.309791] kmem_cache_invalid_free+0xdc/0x230 [ 94.310633] kunit_try_run_case+0x114/0x298 [ 94.311475] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.312592] kthread+0x18c/0x1a8 [ 94.313357] ret_from_fork+0x10/0x20 [ 94.314168] [ 94.314600] Allocated by task 197: [ 94.315213] kasan_save_stack+0x3c/0x68 [ 94.316116] kasan_set_track+0x2c/0x40 [ 94.316943] kasan_save_alloc_info+0x24/0x38 [ 94.317733] __kasan_slab_alloc+0xa8/0xb0 [ 94.318546] kmem_cache_alloc+0x138/0x330 [ 94.319327] kmem_cache_invalid_free+0xb8/0x230 [ 94.320232] kunit_try_run_case+0x114/0x298 [ 94.321123] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.322076] kthread+0x18c/0x1a8 [ 94.322726] ret_from_fork+0x10/0x20 [ 94.323464] [ 94.323865] The buggy address belongs to the object at ffff0000c60ca000 [ 94.323865] which belongs to the cache test_cache of size 200 [ 94.325515] The buggy address is located 1 bytes inside of [ 94.325515] 200-byte region [ffff0000c60ca000, ffff0000c60ca0c8) [ 94.327057] [ 94.327435] The buggy address belongs to the physical page: [ 94.328321] page:000000007cb0971c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060ca [ 94.329636] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.330684] page_type: 0xffffffff() [ 94.331477] raw: 0bfffc0000000800 ffff0000c5437dc0 dead000000000122 0000000000000000 [ 94.332628] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 94.333646] page dumped because: kasan: bad access detected [ 94.334456] [ 94.334735] Memory state around the buggy address: [ 94.335556] ffff0000c60c9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.336564] ffff0000c60c9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.337827] >ffff0000c60ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 94.338760] ^ [ 94.339332] ffff0000c60ca080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 94.340522] ffff0000c60ca100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.341531] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
Automatically assigned
[ 94.932640] ================================================================== [ 94.933646] BUG: KASAN: slab-use-after-free in strnlen+0x3c/0x68 [ 94.934668] Read of size 1 at addr ffff0000c60910d0 by task kunit_try_catch/205 [ 94.937104] [ 94.937536] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.938784] Hardware name: linux,dummy-virt (DT) [ 94.939433] Call trace: [ 94.939993] dump_backtrace+0x9c/0x128 [ 94.940879] show_stack+0x20/0x38 [ 94.941820] dump_stack_lvl+0x60/0xb0 [ 94.942618] print_report+0xf8/0x5e8 [ 94.943672] kasan_report+0xdc/0x128 [ 94.944492] __asan_load1+0x60/0x70 [ 94.945271] strnlen+0x3c/0x68 [ 94.946119] kasan_strings+0x1a4/0x478 [ 94.947207] kunit_try_run_case+0x114/0x298 [ 94.948138] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.949250] kthread+0x18c/0x1a8 [ 94.949988] ret_from_fork+0x10/0x20 [ 94.950778] [ 94.951136] Allocated by task 205: [ 94.951954] kasan_save_stack+0x3c/0x68 [ 94.952796] kasan_set_track+0x2c/0x40 [ 94.953757] kasan_save_alloc_info+0x24/0x38 [ 94.954581] __kasan_kmalloc+0xd4/0xd8 [ 94.955401] kmalloc_trace+0x68/0x130 [ 94.956341] kasan_strings+0xa0/0x478 [ 94.957112] kunit_try_run_case+0x114/0x298 [ 94.958050] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.959183] kthread+0x18c/0x1a8 [ 94.960546] ret_from_fork+0x10/0x20 [ 94.961323] [ 94.961651] Freed by task 205: [ 94.962131] kasan_save_stack+0x3c/0x68 [ 94.962612] kasan_set_track+0x2c/0x40 [ 94.963678] kasan_save_free_info+0x38/0x60 [ 94.964542] __kasan_slab_free+0x100/0x170 [ 94.965460] __kmem_cache_free+0x178/0x2c8 [ 94.966300] kfree+0x74/0x138 [ 94.966983] kasan_strings+0xbc/0x478 [ 94.967758] kunit_try_run_case+0x114/0x298 [ 94.968812] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.969938] kthread+0x18c/0x1a8 [ 94.970603] ret_from_fork+0x10/0x20 [ 94.971481] [ 94.972167] The buggy address belongs to the object at ffff0000c60910c0 [ 94.972167] which belongs to the cache kmalloc-32 of size 32 [ 94.973381] The buggy address is located 16 bytes inside of [ 94.973381] freed 32-byte region [ffff0000c60910c0, ffff0000c60910e0) [ 94.975389] [ 94.975766] The buggy address belongs to the physical page: [ 94.976505] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 94.978189] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.979347] page_type: 0xffffffff() [ 94.980465] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.981779] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.982734] page dumped because: kasan: bad access detected [ 94.983827] [ 94.984286] Memory state around the buggy address: [ 94.985143] ffff0000c6090f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.986738] ffff0000c6091000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 94.988162] >ffff0000c6091080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 94.989575] ^ [ 94.990677] ffff0000c6091100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.991978] ffff0000c6091180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.993398] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
Automatically assigned
[ 94.874591] ================================================================== [ 94.875670] BUG: KASAN: slab-use-after-free in strlen+0x18/0x68 [ 94.876776] Read of size 1 at addr ffff0000c60910d0 by task kunit_try_catch/205 [ 94.877837] [ 94.878311] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.879479] Hardware name: linux,dummy-virt (DT) [ 94.880178] Call trace: [ 94.880612] dump_backtrace+0x9c/0x128 [ 94.881301] show_stack+0x20/0x38 [ 94.882093] dump_stack_lvl+0x60/0xb0 [ 94.883561] print_report+0xf8/0x5e8 [ 94.884597] kasan_report+0xdc/0x128 [ 94.885498] __asan_load1+0x60/0x70 [ 94.886300] strlen+0x18/0x68 [ 94.887059] kasan_strings+0x17c/0x478 [ 94.887813] kunit_try_run_case+0x114/0x298 [ 94.888927] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.890118] kthread+0x18c/0x1a8 [ 94.891134] ret_from_fork+0x10/0x20 [ 94.891660] [ 94.891851] Allocated by task 205: [ 94.892145] kasan_save_stack+0x3c/0x68 [ 94.892659] kasan_set_track+0x2c/0x40 [ 94.893931] kasan_save_alloc_info+0x24/0x38 [ 94.895060] __kasan_kmalloc+0xd4/0xd8 [ 94.895828] kmalloc_trace+0x68/0x130 [ 94.896622] kasan_strings+0xa0/0x478 [ 94.897464] kunit_try_run_case+0x114/0x298 [ 94.898259] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.899204] kthread+0x18c/0x1a8 [ 94.899975] ret_from_fork+0x10/0x20 [ 94.900754] [ 94.901156] Freed by task 205: [ 94.901701] kasan_save_stack+0x3c/0x68 [ 94.902457] kasan_set_track+0x2c/0x40 [ 94.903402] kasan_save_free_info+0x38/0x60 [ 94.904321] __kasan_slab_free+0x100/0x170 [ 94.905073] __kmem_cache_free+0x178/0x2c8 [ 94.905979] kfree+0x74/0x138 [ 94.906826] kasan_strings+0xbc/0x478 [ 94.907763] kunit_try_run_case+0x114/0x298 [ 94.908603] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.909598] kthread+0x18c/0x1a8 [ 94.910246] ret_from_fork+0x10/0x20 [ 94.910999] [ 94.911325] The buggy address belongs to the object at ffff0000c60910c0 [ 94.911325] which belongs to the cache kmalloc-32 of size 32 [ 94.913215] The buggy address is located 16 bytes inside of [ 94.913215] freed 32-byte region [ffff0000c60910c0, ffff0000c60910e0) [ 94.914659] [ 94.915069] The buggy address belongs to the physical page: [ 94.916111] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 94.917247] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.917903] page_type: 0xffffffff() [ 94.918312] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.919603] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.920786] page dumped because: kasan: bad access detected [ 94.921817] [ 94.922188] Memory state around the buggy address: [ 94.923600] ffff0000c6090f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.924614] ffff0000c6091000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 94.925705] >ffff0000c6091080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 94.926723] ^ [ 94.928546] ffff0000c6091100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.929621] ffff0000c6091180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.930710] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
Automatically assigned
[ 94.810506] ================================================================== [ 94.812116] BUG: KASAN: slab-use-after-free in kasan_strings+0x150/0x478 [ 94.812977] Read of size 1 at addr ffff0000c60910d0 by task kunit_try_catch/205 [ 94.813888] [ 94.814313] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.815769] Hardware name: linux,dummy-virt (DT) [ 94.816610] Call trace: [ 94.817209] dump_backtrace+0x9c/0x128 [ 94.818054] show_stack+0x20/0x38 [ 94.819302] dump_stack_lvl+0x60/0xb0 [ 94.820602] print_report+0xf8/0x5e8 [ 94.821583] kasan_report+0xdc/0x128 [ 94.822552] __asan_load1+0x60/0x70 [ 94.823583] kasan_strings+0x150/0x478 [ 94.824706] kunit_try_run_case+0x114/0x298 [ 94.825654] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.826693] kthread+0x18c/0x1a8 [ 94.827448] ret_from_fork+0x10/0x20 [ 94.828271] [ 94.828724] Allocated by task 205: [ 94.829317] kasan_save_stack+0x3c/0x68 [ 94.830316] kasan_set_track+0x2c/0x40 [ 94.831460] kasan_save_alloc_info+0x24/0x38 [ 94.832221] __kasan_kmalloc+0xd4/0xd8 [ 94.833342] kmalloc_trace+0x68/0x130 [ 94.834205] kasan_strings+0xa0/0x478 [ 94.835058] kunit_try_run_case+0x114/0x298 [ 94.836124] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.837265] kthread+0x18c/0x1a8 [ 94.837998] ret_from_fork+0x10/0x20 [ 94.838818] [ 94.839150] Freed by task 205: [ 94.839661] kasan_save_stack+0x3c/0x68 [ 94.840395] kasan_set_track+0x2c/0x40 [ 94.841756] kasan_save_free_info+0x38/0x60 [ 94.842585] __kasan_slab_free+0x100/0x170 [ 94.843853] __kmem_cache_free+0x178/0x2c8 [ 94.844892] kfree+0x74/0x138 [ 94.845683] kasan_strings+0xbc/0x478 [ 94.846497] kunit_try_run_case+0x114/0x298 [ 94.847785] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.849000] kthread+0x18c/0x1a8 [ 94.849805] ret_from_fork+0x10/0x20 [ 94.850623] [ 94.851064] The buggy address belongs to the object at ffff0000c60910c0 [ 94.851064] which belongs to the cache kmalloc-32 of size 32 [ 94.853025] The buggy address is located 16 bytes inside of [ 94.853025] freed 32-byte region [ffff0000c60910c0, ffff0000c60910e0) [ 94.854562] [ 94.855062] The buggy address belongs to the physical page: [ 94.855770] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 94.857376] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.858578] page_type: 0xffffffff() [ 94.859443] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.860872] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.861940] page dumped because: kasan: bad access detected [ 94.862809] [ 94.863171] Memory state around the buggy address: [ 94.863824] ffff0000c6090f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.865080] ffff0000c6091000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 94.866429] >ffff0000c6091080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 94.867910] ^ [ 94.868992] ffff0000c6091100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.870230] ffff0000c6091180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.871189] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
Automatically assigned
[ 94.738178] ================================================================== [ 94.739040] BUG: KASAN: slab-use-after-free in strcmp+0x2c/0x78 [ 94.740123] Read of size 1 at addr ffff0000c60910d0 by task kunit_try_catch/205 [ 94.741505] [ 94.741977] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.743277] Hardware name: linux,dummy-virt (DT) [ 94.744095] Call trace: [ 94.744862] dump_backtrace+0x9c/0x128 [ 94.745606] show_stack+0x20/0x38 [ 94.746329] dump_stack_lvl+0x60/0xb0 [ 94.748385] print_report+0xf8/0x5e8 [ 94.749236] kasan_report+0xdc/0x128 [ 94.750030] __asan_load1+0x60/0x70 [ 94.750848] strcmp+0x2c/0x78 [ 94.751964] kasan_strings+0x12c/0x478 [ 94.752683] kunit_try_run_case+0x114/0x298 [ 94.753588] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.754582] kthread+0x18c/0x1a8 [ 94.755276] ret_from_fork+0x10/0x20 [ 94.756135] [ 94.756525] Allocated by task 205: [ 94.757186] kasan_save_stack+0x3c/0x68 [ 94.758878] kasan_set_track+0x2c/0x40 [ 94.759724] kasan_save_alloc_info+0x24/0x38 [ 94.760571] __kasan_kmalloc+0xd4/0xd8 [ 94.761690] kmalloc_trace+0x68/0x130 [ 94.762431] kasan_strings+0xa0/0x478 [ 94.763167] kunit_try_run_case+0x114/0x298 [ 94.764102] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.765139] kthread+0x18c/0x1a8 [ 94.766427] ret_from_fork+0x10/0x20 [ 94.767586] [ 94.767960] Freed by task 205: [ 94.768639] kasan_save_stack+0x3c/0x68 [ 94.769544] kasan_set_track+0x2c/0x40 [ 94.770302] kasan_save_free_info+0x38/0x60 [ 94.771113] __kasan_slab_free+0x100/0x170 [ 94.771994] __kmem_cache_free+0x178/0x2c8 [ 94.773871] kfree+0x74/0x138 [ 94.774574] kasan_strings+0xbc/0x478 [ 94.775942] kunit_try_run_case+0x114/0x298 [ 94.776889] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.778026] kthread+0x18c/0x1a8 [ 94.778743] ret_from_fork+0x10/0x20 [ 94.779354] [ 94.780085] The buggy address belongs to the object at ffff0000c60910c0 [ 94.780085] which belongs to the cache kmalloc-32 of size 32 [ 94.781953] The buggy address is located 16 bytes inside of [ 94.781953] freed 32-byte region [ffff0000c60910c0, ffff0000c60910e0) [ 94.783810] [ 94.784243] The buggy address belongs to the physical page: [ 94.785103] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 94.786541] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.787657] page_type: 0xffffffff() [ 94.789239] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.790691] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.792778] page dumped because: kasan: bad access detected [ 94.794008] [ 94.794385] Memory state around the buggy address: [ 94.796795] ffff0000c6090f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.799272] ffff0000c6091000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 94.801191] >ffff0000c6091080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 94.803531] ^ [ 94.805388] ffff0000c6091100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.807057] ffff0000c6091180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.807987] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strrchr: Failure
Automatically assigned
[ 94.671885] ================================================================== [ 94.673014] BUG: KASAN: slab-use-after-free in strrchr+0x28/0x58 [ 94.674386] Read of size 1 at addr ffff0000c60910d0 by task kunit_try_catch/205 [ 94.676147] [ 94.676597] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.677725] Hardware name: linux,dummy-virt (DT) [ 94.678540] Call trace: [ 94.679051] dump_backtrace+0x9c/0x128 [ 94.679765] show_stack+0x20/0x38 [ 94.680808] dump_stack_lvl+0x60/0xb0 [ 94.681649] print_report+0xf8/0x5e8 [ 94.682447] kasan_report+0xdc/0x128 [ 94.683228] __asan_load1+0x60/0x70 [ 94.684338] strrchr+0x28/0x58 [ 94.685123] kasan_strings+0x104/0x478 [ 94.685953] kunit_try_run_case+0x114/0x298 [ 94.686820] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.688081] kthread+0x18c/0x1a8 [ 94.688725] ret_from_fork+0x10/0x20 [ 94.689639] [ 94.690095] Allocated by task 205: [ 94.690889] kasan_save_stack+0x3c/0x68 [ 94.692148] kasan_set_track+0x2c/0x40 [ 94.693006] kasan_save_alloc_info+0x24/0x38 [ 94.693887] __kasan_kmalloc+0xd4/0xd8 [ 94.694758] kmalloc_trace+0x68/0x130 [ 94.695601] kasan_strings+0xa0/0x478 [ 94.696537] kunit_try_run_case+0x114/0x298 [ 94.697668] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.698889] kthread+0x18c/0x1a8 [ 94.699656] ret_from_fork+0x10/0x20 [ 94.700561] [ 94.701026] Freed by task 205: [ 94.701988] kasan_save_stack+0x3c/0x68 [ 94.702962] kasan_set_track+0x2c/0x40 [ 94.703857] kasan_save_free_info+0x38/0x60 [ 94.704812] __kasan_slab_free+0x100/0x170 [ 94.705586] __kmem_cache_free+0x178/0x2c8 [ 94.706889] kfree+0x74/0x138 [ 94.707647] kasan_strings+0xbc/0x478 [ 94.708623] kunit_try_run_case+0x114/0x298 [ 94.709620] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.710678] kthread+0x18c/0x1a8 [ 94.711636] ret_from_fork+0x10/0x20 [ 94.712552] [ 94.713221] The buggy address belongs to the object at ffff0000c60910c0 [ 94.713221] which belongs to the cache kmalloc-32 of size 32 [ 94.715775] The buggy address is located 16 bytes inside of [ 94.715775] freed 32-byte region [ffff0000c60910c0, ffff0000c60910e0) [ 94.717515] [ 94.718118] The buggy address belongs to the physical page: [ 94.718931] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 94.721511] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.722629] page_type: 0xffffffff() [ 94.723396] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.724693] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.725790] page dumped because: kasan: bad access detected [ 94.726364] [ 94.727262] Memory state around the buggy address: [ 94.728187] ffff0000c6090f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.729959] ffff0000c6091000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 94.731011] >ffff0000c6091080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 94.732383] ^ [ 94.733394] ffff0000c6091100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.734544] ffff0000c6091180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.735731] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strchr: Failure
Automatically assigned
[ 94.606150] ================================================================== [ 94.608096] BUG: KASAN: slab-use-after-free in strchr+0x20/0x80 [ 94.609290] Read of size 1 at addr ffff0000c60910d0 by task kunit_try_catch/205 [ 94.610538] [ 94.611496] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.612709] Hardware name: linux,dummy-virt (DT) [ 94.613550] Call trace: [ 94.613957] dump_backtrace+0x9c/0x128 [ 94.614567] show_stack+0x20/0x38 [ 94.615164] dump_stack_lvl+0x60/0xb0 [ 94.616327] print_report+0xf8/0x5e8 [ 94.617280] kasan_report+0xdc/0x128 [ 94.618109] __asan_load1+0x60/0x70 [ 94.619085] strchr+0x20/0x80 [ 94.619949] kasan_strings+0xdc/0x478 [ 94.620796] kunit_try_run_case+0x114/0x298 [ 94.621651] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.622573] kthread+0x18c/0x1a8 [ 94.623372] ret_from_fork+0x10/0x20 [ 94.624714] [ 94.625217] Allocated by task 205: [ 94.625764] kasan_save_stack+0x3c/0x68 [ 94.627231] kasan_set_track+0x2c/0x40 [ 94.628043] kasan_save_alloc_info+0x24/0x38 [ 94.628785] __kasan_kmalloc+0xd4/0xd8 [ 94.629827] kmalloc_trace+0x68/0x130 [ 94.630443] kasan_strings+0xa0/0x478 [ 94.631972] kunit_try_run_case+0x114/0x298 [ 94.632932] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.633948] kthread+0x18c/0x1a8 [ 94.634601] ret_from_fork+0x10/0x20 [ 94.635221] [ 94.635645] Freed by task 205: [ 94.636309] kasan_save_stack+0x3c/0x68 [ 94.637194] kasan_set_track+0x2c/0x40 [ 94.638134] kasan_save_free_info+0x38/0x60 [ 94.638837] __kasan_slab_free+0x100/0x170 [ 94.639763] __kmem_cache_free+0x178/0x2c8 [ 94.641643] kfree+0x74/0x138 [ 94.642370] kasan_strings+0xbc/0x478 [ 94.643204] kunit_try_run_case+0x114/0x298 [ 94.644079] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.645199] kthread+0x18c/0x1a8 [ 94.645924] ret_from_fork+0x10/0x20 [ 94.646648] [ 94.647059] The buggy address belongs to the object at ffff0000c60910c0 [ 94.647059] which belongs to the cache kmalloc-32 of size 32 [ 94.648863] The buggy address is located 16 bytes inside of [ 94.648863] freed 32-byte region [ffff0000c60910c0, ffff0000c60910e0) [ 94.650804] [ 94.651210] The buggy address belongs to the physical page: [ 94.651944] page:0000000008bc5175 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106091 [ 94.653606] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.654855] page_type: 0xffffffff() [ 94.655746] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.657097] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.658163] page dumped because: kasan: bad access detected [ 94.659520] [ 94.659891] Memory state around the buggy address: [ 94.660795] ffff0000c6090f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.661987] ffff0000c6091000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 94.664031] >ffff0000c6091080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 94.665103] ^ [ 94.665961] ffff0000c6091100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.667785] ffff0000c6091180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.668702] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
Automatically assigned
[ 94.546405] ================================================================== [ 94.547854] BUG: KASAN: slab-out-of-bounds in memcmp+0x44/0xd0 [ 94.549036] Read of size 1 at addr ffff0000c5ec1cd8 by task kunit_try_catch/203 [ 94.550376] [ 94.550904] CPU: 1 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.552141] Hardware name: linux,dummy-virt (DT) [ 94.552963] Call trace: [ 94.553502] dump_backtrace+0x9c/0x128 [ 94.554256] show_stack+0x20/0x38 [ 94.555285] dump_stack_lvl+0x60/0xb0 [ 94.556021] print_report+0xf8/0x5e8 [ 94.556774] kasan_report+0xdc/0x128 [ 94.558027] __asan_load1+0x60/0x70 [ 94.558870] memcmp+0x44/0xd0 [ 94.559574] kasan_memcmp+0xf0/0x208 [ 94.560197] kunit_try_run_case+0x114/0x298 [ 94.561125] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.562159] kthread+0x18c/0x1a8 [ 94.562918] ret_from_fork+0x10/0x20 [ 94.563675] [ 94.564092] Allocated by task 203: [ 94.564753] kasan_save_stack+0x3c/0x68 [ 94.565585] kasan_set_track+0x2c/0x40 [ 94.566379] kasan_save_alloc_info+0x24/0x38 [ 94.567201] __kasan_kmalloc+0xd4/0xd8 [ 94.568007] kmalloc_trace+0x68/0x130 [ 94.568793] kasan_memcmp+0xac/0x208 [ 94.569527] kunit_try_run_case+0x114/0x298 [ 94.570355] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.571442] kthread+0x18c/0x1a8 [ 94.572177] ret_from_fork+0x10/0x20 [ 94.572987] [ 94.573377] The buggy address belongs to the object at ffff0000c5ec1cc0 [ 94.573377] which belongs to the cache kmalloc-32 of size 32 [ 94.574916] The buggy address is located 0 bytes to the right of [ 94.574916] allocated 24-byte region [ffff0000c5ec1cc0, ffff0000c5ec1cd8) [ 94.576654] [ 94.577085] The buggy address belongs to the physical page: [ 94.577993] page:000000009bc72880 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ec1 [ 94.579274] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.580361] page_type: 0xffffffff() [ 94.581117] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.582246] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.583344] page dumped because: kasan: bad access detected [ 94.584221] [ 94.584623] Memory state around the buggy address: [ 94.585336] ffff0000c5ec1b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 94.586398] ffff0000c5ec1c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 94.587475] >ffff0000c5ec1c80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 94.588600] ^ [ 94.589537] ffff0000c5ec1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.590567] ffff0000c5ec1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.591535] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memchr: Failure
Automatically assigned
[ 94.477528] ================================================================== [ 94.478801] BUG: KASAN: slab-out-of-bounds in memchr+0x28/0x78 [ 94.479759] Read of size 1 at addr ffff0000c5ec1c98 by task kunit_try_catch/201 [ 94.481003] [ 94.481488] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.482919] Hardware name: linux,dummy-virt (DT) [ 94.483836] Call trace: [ 94.484459] dump_backtrace+0x9c/0x128 [ 94.485379] show_stack+0x20/0x38 [ 94.486191] dump_stack_lvl+0x60/0xb0 [ 94.487079] print_report+0xf8/0x5e8 [ 94.487907] kasan_report+0xdc/0x128 [ 94.488862] __asan_load1+0x60/0x70 [ 94.489715] memchr+0x28/0x78 [ 94.490438] kasan_memchr+0xd4/0x1f0 [ 94.491309] kunit_try_run_case+0x114/0x298 [ 94.492272] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.492926] kthread+0x18c/0x1a8 [ 94.493247] ret_from_fork+0x10/0x20 [ 94.493932] [ 94.494338] Allocated by task 201: [ 94.495134] kasan_save_stack+0x3c/0x68 [ 94.496066] kasan_set_track+0x2c/0x40 [ 94.496856] kasan_save_alloc_info+0x24/0x38 [ 94.497727] __kasan_kmalloc+0xd4/0xd8 [ 94.498526] kmalloc_trace+0x68/0x130 [ 94.499252] kasan_memchr+0xa0/0x1f0 [ 94.500183] kunit_try_run_case+0x114/0x298 [ 94.501197] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.502085] kthread+0x18c/0x1a8 [ 94.502613] ret_from_fork+0x10/0x20 [ 94.503321] [ 94.503672] The buggy address belongs to the object at ffff0000c5ec1c80 [ 94.503672] which belongs to the cache kmalloc-32 of size 32 [ 94.505591] The buggy address is located 0 bytes to the right of [ 94.505591] allocated 24-byte region [ffff0000c5ec1c80, ffff0000c5ec1c98) [ 94.506784] [ 94.507246] The buggy address belongs to the physical page: [ 94.508212] page:000000009bc72880 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ec1 [ 94.509776] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.510824] page_type: 0xffffffff() [ 94.512344] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 94.513702] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 94.514571] page dumped because: kasan: bad access detected [ 94.515531] [ 94.516102] Memory state around the buggy address: [ 94.516814] ffff0000c5ec1b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 94.517996] ffff0000c5ec1c00: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 94.519036] >ffff0000c5ec1c80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.520364] ^ [ 94.521485] ffff0000c5ec1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.522518] ffff0000c5ec1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.523739] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
Automatically assigned
[ 94.381875] ================================================================== [ 94.383938] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0xd0/0x1b8 [ 94.385221] Read of size 1 at addr ffff0000c60b4000 by task kunit_try_catch/199 [ 94.386265] [ 94.386809] CPU: 1 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.388455] Hardware name: linux,dummy-virt (DT) [ 94.389329] Call trace: [ 94.389826] dump_backtrace+0x9c/0x128 [ 94.391251] show_stack+0x20/0x38 [ 94.392295] dump_stack_lvl+0x60/0xb0 [ 94.393066] print_report+0xf8/0x5e8 [ 94.394374] kasan_report+0xdc/0x128 [ 94.395749] __kasan_check_byte+0x54/0x70 [ 94.397018] kmem_cache_destroy+0x30/0x178 [ 94.397718] kmem_cache_double_destroy+0xd0/0x1b8 [ 94.398129] kunit_try_run_case+0x114/0x298 [ 94.399078] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.400112] kthread+0x18c/0x1a8 [ 94.401318] ret_from_fork+0x10/0x20 [ 94.402201] [ 94.402677] Allocated by task 199: [ 94.403668] kasan_save_stack+0x3c/0x68 [ 94.404606] kasan_set_track+0x2c/0x40 [ 94.405498] kasan_save_alloc_info+0x24/0x38 [ 94.406325] __kasan_slab_alloc+0xa8/0xb0 [ 94.407272] kmem_cache_alloc+0x138/0x330 [ 94.408275] kmem_cache_create_usercopy+0x170/0x260 [ 94.409386] kmem_cache_create+0x24/0x38 [ 94.410247] kmem_cache_double_destroy+0xa4/0x1b8 [ 94.411376] kunit_try_run_case+0x114/0x298 [ 94.412462] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.413670] kthread+0x18c/0x1a8 [ 94.414381] ret_from_fork+0x10/0x20 [ 94.415379] [ 94.415886] Freed by task 199: [ 94.416571] kasan_save_stack+0x3c/0x68 [ 94.417577] kasan_set_track+0x2c/0x40 [ 94.418397] kasan_save_free_info+0x38/0x60 [ 94.419419] __kasan_slab_free+0x100/0x170 [ 94.420448] kmem_cache_free+0x18c/0x3f8 [ 94.421474] slab_kmem_cache_release+0x38/0x50 [ 94.422406] kmem_cache_release+0x1c/0x30 [ 94.423434] kobject_put+0x104/0x2c0 [ 94.424271] sysfs_slab_release+0x30/0x48 [ 94.425281] kmem_cache_destroy+0xd8/0x178 [ 94.426170] kmem_cache_double_destroy+0xc0/0x1b8 [ 94.427469] kunit_try_run_case+0x114/0x298 [ 94.428487] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.429566] kthread+0x18c/0x1a8 [ 94.430298] ret_from_fork+0x10/0x20 [ 94.431134] [ 94.431817] The buggy address belongs to the object at ffff0000c60b4000 [ 94.431817] which belongs to the cache kmem_cache of size 208 [ 94.433724] The buggy address is located 0 bytes inside of [ 94.433724] freed 208-byte region [ffff0000c60b4000, ffff0000c60b40d0) [ 94.435574] [ 94.436111] The buggy address belongs to the physical page: [ 94.437214] page:00000000a8e1fee1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b4 [ 94.438587] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.439859] page_type: 0xffffffff() [ 94.440672] raw: 0bfffc0000000800 ffff0000c0001000 dead000000000122 0000000000000000 [ 94.441940] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000 [ 94.443250] page dumped because: kasan: bad access detected [ 94.444222] [ 94.444733] Memory state around the buggy address: [ 94.445680] ffff0000c60b3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 94.446965] ffff0000c60b3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 94.448139] >ffff0000c60b4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.449069] ^ [ 94.449813] ffff0000c60b4080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 94.451139] ffff0000c60b4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.452442] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
Automatically assigned
[ 94.196236] ================================================================== [ 94.197713] BUG: KASAN: double-free in kmem_cache_double_free+0xe8/0x240 [ 94.199070] Free of addr ffff0000c6102000 by task kunit_try_catch/195 [ 94.200457] [ 94.201050] CPU: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.202348] Hardware name: linux,dummy-virt (DT) [ 94.203281] Call trace: [ 94.203642] dump_backtrace+0x9c/0x128 [ 94.204843] show_stack+0x20/0x38 [ 94.205536] dump_stack_lvl+0x60/0xb0 [ 94.206397] print_report+0xf8/0x5e8 [ 94.207275] kasan_report_invalid_free+0xc0/0xe8 [ 94.208299] __kasan_slab_free+0x134/0x170 [ 94.209311] kmem_cache_free+0x18c/0x3f8 [ 94.210229] kmem_cache_double_free+0xe8/0x240 [ 94.211186] kunit_try_run_case+0x114/0x298 [ 94.212325] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.213470] kthread+0x18c/0x1a8 [ 94.214226] ret_from_fork+0x10/0x20 [ 94.215213] [ 94.215640] Allocated by task 195: [ 94.216270] kasan_save_stack+0x3c/0x68 [ 94.217164] kasan_set_track+0x2c/0x40 [ 94.218016] kasan_save_alloc_info+0x24/0x38 [ 94.218927] __kasan_slab_alloc+0xa8/0xb0 [ 94.219839] kmem_cache_alloc+0x138/0x330 [ 94.220888] kmem_cache_double_free+0xb8/0x240 [ 94.221852] kunit_try_run_case+0x114/0x298 [ 94.222805] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.224130] kthread+0x18c/0x1a8 [ 94.224943] ret_from_fork+0x10/0x20 [ 94.225831] [ 94.226295] Freed by task 195: [ 94.227294] kasan_save_stack+0x3c/0x68 [ 94.228275] kasan_set_track+0x2c/0x40 [ 94.229146] kasan_save_free_info+0x38/0x60 [ 94.230022] __kasan_slab_free+0x100/0x170 [ 94.230914] kmem_cache_free+0x18c/0x3f8 [ 94.231461] kmem_cache_double_free+0xd4/0x240 [ 94.232688] kunit_try_run_case+0x114/0x298 [ 94.233607] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.234672] kthread+0x18c/0x1a8 [ 94.235607] ret_from_fork+0x10/0x20 [ 94.236502] [ 94.236984] The buggy address belongs to the object at ffff0000c6102000 [ 94.236984] which belongs to the cache test_cache of size 200 [ 94.238478] The buggy address is located 0 bytes inside of [ 94.238478] 200-byte region [ffff0000c6102000, ffff0000c61020c8) [ 94.240180] [ 94.240572] The buggy address belongs to the physical page: [ 94.241273] page:0000000082e9616c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106102 [ 94.243018] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.244286] page_type: 0xffffffff() [ 94.245138] raw: 0bfffc0000000800 ffff0000c5437c80 dead000000000122 0000000000000000 [ 94.246354] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 94.247518] page dumped because: kasan: bad access detected [ 94.248324] [ 94.248806] Memory state around the buggy address: [ 94.249738] ffff0000c6101f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.251149] ffff0000c6101f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.252298] >ffff0000c6102000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.253440] ^ [ 94.254141] ffff0000c6102080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 94.255057] ffff0000c6102100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.255551] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
Automatically assigned
[ 94.143099] ================================================================== [ 94.144065] BUG: KASAN: slab-use-after-free in ksize_uaf+0x10c/0x2f0 [ 94.144880] Read of size 1 at addr ffff0000c60b6f78 by task kunit_try_catch/193 [ 94.145646] [ 94.145852] CPU: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.146823] Hardware name: linux,dummy-virt (DT) [ 94.147334] Call trace: [ 94.147867] dump_backtrace+0x9c/0x128 [ 94.148334] show_stack+0x20/0x38 [ 94.148756] dump_stack_lvl+0x60/0xb0 [ 94.149221] print_report+0xf8/0x5e8 [ 94.150026] kasan_report+0xdc/0x128 [ 94.150554] __asan_load1+0x60/0x70 [ 94.151106] ksize_uaf+0x10c/0x2f0 [ 94.151499] kunit_try_run_case+0x114/0x298 [ 94.152027] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.152750] kthread+0x18c/0x1a8 [ 94.153140] ret_from_fork+0x10/0x20 [ 94.153586] [ 94.153784] Allocated by task 193: [ 94.154142] kasan_save_stack+0x3c/0x68 [ 94.154658] kasan_set_track+0x2c/0x40 [ 94.155344] kasan_save_alloc_info+0x24/0x38 [ 94.155889] __kasan_kmalloc+0xd4/0xd8 [ 94.156294] kmalloc_trace+0x68/0x130 [ 94.156728] ksize_uaf+0x9c/0x2f0 [ 94.157082] kunit_try_run_case+0x114/0x298 [ 94.157630] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.158257] kthread+0x18c/0x1a8 [ 94.158677] ret_from_fork+0x10/0x20 [ 94.159183] [ 94.159591] Freed by task 193: [ 94.160056] kasan_save_stack+0x3c/0x68 [ 94.160476] kasan_set_track+0x2c/0x40 [ 94.160906] kasan_save_free_info+0x38/0x60 [ 94.161477] __kasan_slab_free+0x100/0x170 [ 94.161967] __kmem_cache_free+0x178/0x2c8 [ 94.162469] kfree+0x74/0x138 [ 94.163799] ksize_uaf+0xb8/0x2f0 [ 94.164422] kunit_try_run_case+0x114/0x298 [ 94.164981] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.165515] kthread+0x18c/0x1a8 [ 94.165903] ret_from_fork+0x10/0x20 [ 94.166394] [ 94.166623] The buggy address belongs to the object at ffff0000c60b6f00 [ 94.166623] which belongs to the cache kmalloc-128 of size 128 [ 94.167615] The buggy address is located 120 bytes inside of [ 94.167615] freed 128-byte region [ffff0000c60b6f00, ffff0000c60b6f80) [ 94.168992] [ 94.169223] The buggy address belongs to the physical page: [ 94.169815] page:00000000abb31ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b6 [ 94.170604] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.171308] page_type: 0xffffffff() [ 94.171793] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 94.172785] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 94.173545] page dumped because: kasan: bad access detected [ 94.174152] [ 94.174452] Memory state around the buggy address: [ 94.175297] ffff0000c60b6e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 94.176087] ffff0000c60b6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.176851] >ffff0000c60b6f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.177505] ^ [ 94.178203] ffff0000c60b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.179139] ffff0000c60b7000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 94.179745] ================================================================== [ 94.106315] ================================================================== [ 94.107174] BUG: KASAN: slab-use-after-free in ksize_uaf+0xe8/0x2f0 [ 94.108305] Read of size 1 at addr ffff0000c60b6f00 by task kunit_try_catch/193 [ 94.109291] [ 94.109553] CPU: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.110301] Hardware name: linux,dummy-virt (DT) [ 94.110805] Call trace: [ 94.111236] dump_backtrace+0x9c/0x128 [ 94.111788] show_stack+0x20/0x38 [ 94.112230] dump_stack_lvl+0x60/0xb0 [ 94.112689] print_report+0xf8/0x5e8 [ 94.113150] kasan_report+0xdc/0x128 [ 94.113537] __asan_load1+0x60/0x70 [ 94.114056] ksize_uaf+0xe8/0x2f0 [ 94.114555] kunit_try_run_case+0x114/0x298 [ 94.115009] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.115782] kthread+0x18c/0x1a8 [ 94.116243] ret_from_fork+0x10/0x20 [ 94.116740] [ 94.116971] Allocated by task 193: [ 94.117331] kasan_save_stack+0x3c/0x68 [ 94.117841] kasan_set_track+0x2c/0x40 [ 94.118331] kasan_save_alloc_info+0x24/0x38 [ 94.118833] __kasan_kmalloc+0xd4/0xd8 [ 94.119216] kmalloc_trace+0x68/0x130 [ 94.119599] ksize_uaf+0x9c/0x2f0 [ 94.120124] kunit_try_run_case+0x114/0x298 [ 94.120725] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.121351] kthread+0x18c/0x1a8 [ 94.121774] ret_from_fork+0x10/0x20 [ 94.122274] [ 94.122505] Freed by task 193: [ 94.123150] kasan_save_stack+0x3c/0x68 [ 94.123670] kasan_set_track+0x2c/0x40 [ 94.124250] kasan_save_free_info+0x38/0x60 [ 94.124778] __kasan_slab_free+0x100/0x170 [ 94.125334] __kmem_cache_free+0x178/0x2c8 [ 94.125838] kfree+0x74/0x138 [ 94.126201] ksize_uaf+0xb8/0x2f0 [ 94.126620] kunit_try_run_case+0x114/0x298 [ 94.127129] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.127633] kthread+0x18c/0x1a8 [ 94.127961] ret_from_fork+0x10/0x20 [ 94.128327] [ 94.128533] The buggy address belongs to the object at ffff0000c60b6f00 [ 94.128533] which belongs to the cache kmalloc-128 of size 128 [ 94.129232] The buggy address is located 0 bytes inside of [ 94.129232] freed 128-byte region [ffff0000c60b6f00, ffff0000c60b6f80) [ 94.130648] [ 94.130980] The buggy address belongs to the physical page: [ 94.131532] page:00000000abb31ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b6 [ 94.132553] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.133376] page_type: 0xffffffff() [ 94.134039] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 94.134838] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 94.135568] page dumped because: kasan: bad access detected [ 94.136250] [ 94.136627] Memory state around the buggy address: [ 94.137310] ffff0000c60b6e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 94.138040] ffff0000c60b6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.138684] >ffff0000c60b6f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.139650] ^ [ 94.140151] ffff0000c60b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.140923] ffff0000c60b7000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 94.141710] ================================================================== [ 94.068573] ================================================================== [ 94.069540] BUG: KASAN: slab-use-after-free in ksize_uaf+0xc8/0x2f0 [ 94.070267] Read of size 1 at addr ffff0000c60b6f00 by task kunit_try_catch/193 [ 94.071166] [ 94.071638] CPU: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.072638] Hardware name: linux,dummy-virt (DT) [ 94.073010] Call trace: [ 94.073401] dump_backtrace+0x9c/0x128 [ 94.073910] show_stack+0x20/0x38 [ 94.074420] dump_stack_lvl+0x60/0xb0 [ 94.074881] print_report+0xf8/0x5e8 [ 94.075296] kasan_report+0xdc/0x128 [ 94.075796] __kasan_check_byte+0x54/0x70 [ 94.076336] ksize+0x30/0x88 [ 94.076725] ksize_uaf+0xc8/0x2f0 [ 94.077175] kunit_try_run_case+0x114/0x298 [ 94.077694] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.078272] kthread+0x18c/0x1a8 [ 94.078649] ret_from_fork+0x10/0x20 [ 94.079059] [ 94.079282] Allocated by task 193: [ 94.079672] kasan_save_stack+0x3c/0x68 [ 94.080206] kasan_set_track+0x2c/0x40 [ 94.080663] kasan_save_alloc_info+0x24/0x38 [ 94.081177] __kasan_kmalloc+0xd4/0xd8 [ 94.081653] kmalloc_trace+0x68/0x130 [ 94.082065] ksize_uaf+0x9c/0x2f0 [ 94.082542] kunit_try_run_case+0x114/0x298 [ 94.083123] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.083806] kthread+0x18c/0x1a8 [ 94.084256] ret_from_fork+0x10/0x20 [ 94.084695] [ 94.084935] Freed by task 193: [ 94.085302] kasan_save_stack+0x3c/0x68 [ 94.085827] kasan_set_track+0x2c/0x40 [ 94.086318] kasan_save_free_info+0x38/0x60 [ 94.087209] __kasan_slab_free+0x100/0x170 [ 94.087716] __kmem_cache_free+0x178/0x2c8 [ 94.088172] kfree+0x74/0x138 [ 94.088537] ksize_uaf+0xb8/0x2f0 [ 94.088960] kunit_try_run_case+0x114/0x298 [ 94.090442] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.091172] kthread+0x18c/0x1a8 [ 94.091672] ret_from_fork+0x10/0x20 [ 94.092285] [ 94.092538] The buggy address belongs to the object at ffff0000c60b6f00 [ 94.092538] which belongs to the cache kmalloc-128 of size 128 [ 94.093610] The buggy address is located 0 bytes inside of [ 94.093610] freed 128-byte region [ffff0000c60b6f00, ffff0000c60b6f80) [ 94.094627] [ 94.094908] The buggy address belongs to the physical page: [ 94.095764] page:00000000abb31ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b6 [ 94.096454] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.097077] page_type: 0xffffffff() [ 94.097620] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 94.098136] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 94.098950] page dumped because: kasan: bad access detected [ 94.099465] [ 94.099743] Memory state around the buggy address: [ 94.100318] ffff0000c60b6e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 94.101116] ffff0000c60b6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.101752] >ffff0000c60b6f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.102474] ^ [ 94.102906] ffff0000c60b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.103628] ffff0000c60b7000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 94.104300] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
Automatically assigned
[ 94.028146] ================================================================== [ 94.028778] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x150/0x378 [ 94.029373] Read of size 1 at addr ffff0000c60b6d7f by task kunit_try_catch/191 [ 94.030089] [ 94.030289] CPU: 1 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 94.031258] Hardware name: linux,dummy-virt (DT) [ 94.031824] Call trace: [ 94.032194] dump_backtrace+0x9c/0x128 [ 94.032656] show_stack+0x20/0x38 [ 94.032988] dump_stack_lvl+0x60/0xb0 [ 94.033340] print_report+0xf8/0x5e8 [ 94.033899] kasan_report+0xdc/0x128 [ 94.034447] __asan_load1+0x60/0x70 [ 94.034999] ksize_unpoisons_memory+0x150/0x378 [ 94.035483] kunit_try_run_case+0x114/0x298 [ 94.036112] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.036777] kthread+0x18c/0x1a8 [ 94.037199] ret_from_fork+0x10/0x20 [ 94.037671] [ 94.037861] Allocated by task 191: [ 94.038237] kasan_save_stack+0x3c/0x68 [ 94.039029] kasan_set_track+0x2c/0x40 [ 94.039636] kasan_save_alloc_info+0x24/0x38 [ 94.040132] __kasan_kmalloc+0xd4/0xd8 [ 94.040599] kmalloc_trace+0x68/0x130 [ 94.041013] ksize_unpoisons_memory+0xb0/0x378 [ 94.041836] kunit_try_run_case+0x114/0x298 [ 94.042519] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.043338] kthread+0x18c/0x1a8 [ 94.043788] ret_from_fork+0x10/0x20 [ 94.044261] [ 94.044547] The buggy address belongs to the object at ffff0000c60b6d00 [ 94.044547] which belongs to the cache kmalloc-128 of size 128 [ 94.045627] The buggy address is located 12 bytes to the right of [ 94.045627] allocated 115-byte region [ffff0000c60b6d00, ffff0000c60b6d73) [ 94.046653] [ 94.046981] The buggy address belongs to the physical page: [ 94.047582] page:00000000abb31ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b6 [ 94.048725] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.049572] page_type: 0xffffffff() [ 94.050035] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 94.051000] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 94.052141] page dumped because: kasan: bad access detected [ 94.052701] [ 94.052945] Memory state around the buggy address: [ 94.053515] ffff0000c60b6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.054221] ffff0000c60b6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.055160] >ffff0000c60b6d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 94.055838] ^ [ 94.056820] ffff0000c60b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.057598] ffff0000c60b6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.058292] ================================================================== [ 93.961287] ================================================================== [ 93.962021] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x104/0x378 [ 93.963174] Read of size 1 at addr ffff0000c60b6d73 by task kunit_try_catch/191 [ 93.963913] [ 93.964158] CPU: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.964977] Hardware name: linux,dummy-virt (DT) [ 93.965459] Call trace: [ 93.965710] dump_backtrace+0x9c/0x128 [ 93.966167] show_stack+0x20/0x38 [ 93.966537] dump_stack_lvl+0x60/0xb0 [ 93.967571] print_report+0xf8/0x5e8 [ 93.968080] kasan_report+0xdc/0x128 [ 93.968553] __asan_load1+0x60/0x70 [ 93.969042] ksize_unpoisons_memory+0x104/0x378 [ 93.969616] kunit_try_run_case+0x114/0x298 [ 93.970123] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.970913] kthread+0x18c/0x1a8 [ 93.971248] ret_from_fork+0x10/0x20 [ 93.971624] [ 93.971863] Allocated by task 191: [ 93.972190] kasan_save_stack+0x3c/0x68 [ 93.972713] kasan_set_track+0x2c/0x40 [ 93.973201] kasan_save_alloc_info+0x24/0x38 [ 93.973666] __kasan_kmalloc+0xd4/0xd8 [ 93.974148] kmalloc_trace+0x68/0x130 [ 93.974629] ksize_unpoisons_memory+0xb0/0x378 [ 93.975135] kunit_try_run_case+0x114/0x298 [ 93.975604] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.976621] kthread+0x18c/0x1a8 [ 93.977050] ret_from_fork+0x10/0x20 [ 93.977504] [ 93.977769] The buggy address belongs to the object at ffff0000c60b6d00 [ 93.977769] which belongs to the cache kmalloc-128 of size 128 [ 93.978754] The buggy address is located 0 bytes to the right of [ 93.978754] allocated 115-byte region [ffff0000c60b6d00, ffff0000c60b6d73) [ 93.980045] [ 93.980262] The buggy address belongs to the physical page: [ 93.980903] page:00000000abb31ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b6 [ 93.981733] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 93.982378] page_type: 0xffffffff() [ 93.982810] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 93.983565] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 93.984185] page dumped because: kasan: bad access detected [ 93.984840] [ 93.985099] Memory state around the buggy address: [ 93.985688] ffff0000c60b6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 93.986385] ffff0000c60b6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.987192] >ffff0000c60b6d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 93.987757] ^ [ 93.988244] ffff0000c60b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.988843] ffff0000c60b6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.989586] ================================================================== [ 93.991929] ================================================================== [ 93.992696] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x128/0x378 [ 93.993503] Read of size 1 at addr ffff0000c60b6d78 by task kunit_try_catch/191 [ 93.994122] [ 93.994354] CPU: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.995348] Hardware name: linux,dummy-virt (DT) [ 93.995943] Call trace: [ 93.996255] dump_backtrace+0x9c/0x128 [ 93.996754] show_stack+0x20/0x38 [ 93.997289] dump_stack_lvl+0x60/0xb0 [ 93.997678] print_report+0xf8/0x5e8 [ 93.998050] kasan_report+0xdc/0x128 [ 93.998436] __asan_load1+0x60/0x70 [ 93.999431] ksize_unpoisons_memory+0x128/0x378 [ 94.000158] kunit_try_run_case+0x114/0x298 [ 94.000819] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.001633] kthread+0x18c/0x1a8 [ 94.002135] ret_from_fork+0x10/0x20 [ 94.002900] [ 94.003232] Allocated by task 191: [ 94.003591] kasan_save_stack+0x3c/0x68 [ 94.004029] kasan_set_track+0x2c/0x40 [ 94.004519] kasan_save_alloc_info+0x24/0x38 [ 94.005156] __kasan_kmalloc+0xd4/0xd8 [ 94.005669] kmalloc_trace+0x68/0x130 [ 94.006157] ksize_unpoisons_memory+0xb0/0x378 [ 94.006845] kunit_try_run_case+0x114/0x298 [ 94.007782] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 94.008331] kthread+0x18c/0x1a8 [ 94.008665] ret_from_fork+0x10/0x20 [ 94.009027] [ 94.009300] The buggy address belongs to the object at ffff0000c60b6d00 [ 94.009300] which belongs to the cache kmalloc-128 of size 128 [ 94.010665] The buggy address is located 5 bytes to the right of [ 94.010665] allocated 115-byte region [ffff0000c60b6d00, ffff0000c60b6d73) [ 94.012482] [ 94.012746] The buggy address belongs to the physical page: [ 94.013971] page:00000000abb31ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b6 [ 94.014658] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 94.016142] page_type: 0xffffffff() [ 94.017092] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 94.017857] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 94.018555] page dumped because: kasan: bad access detected [ 94.019117] [ 94.019323] Memory state around the buggy address: [ 94.020422] ffff0000c60b6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.021227] ffff0000c60b6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.021989] >ffff0000c60b6d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 94.022652] ^ [ 94.023374] ffff0000c60b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.025174] ffff0000c60b6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 94.025830] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
Automatically assigned
[ 93.926004] ================================================================== [ 93.926817] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x114/0x200 [ 93.928003] Read of size 1 at addr ffff800080897c0a by task kunit_try_catch/189 [ 93.928773] [ 93.929106] CPU: 1 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.929952] Hardware name: linux,dummy-virt (DT) [ 93.930396] Call trace: [ 93.930873] dump_backtrace+0x9c/0x128 [ 93.931397] show_stack+0x20/0x38 [ 93.931880] dump_stack_lvl+0x60/0xb0 [ 93.932382] print_report+0x328/0x5e8 [ 93.932862] kasan_report+0xdc/0x128 [ 93.933370] __asan_load1+0x60/0x70 [ 93.933825] kasan_alloca_oob_right+0x114/0x200 [ 93.934358] kunit_try_run_case+0x114/0x298 [ 93.935067] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.935769] kthread+0x18c/0x1a8 [ 93.936207] ret_from_fork+0x10/0x20 [ 93.936726] [ 93.937066] The buggy address belongs to stack of task kunit_try_catch/189 [ 93.937590] [ 93.937796] The buggy address belongs to the virtual mapping at [ 93.937796] [ffff800080890000, ffff800080899000) created by: [ 93.937796] kernel_clone+0x108/0x550 [ 93.939265] [ 93.939606] The buggy address belongs to the physical page: [ 93.940235] page:000000005a75b1e9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106088 [ 93.940960] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 93.941419] page_type: 0xffffffff() [ 93.941746] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 93.942228] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 93.943132] page dumped because: kasan: bad access detected [ 93.943732] [ 93.944013] Memory state around the buggy address: [ 93.944498] ffff800080897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.945218] ffff800080897b80: 00 00 00 00 00 00 00 00 00 00 00 00 ca ca ca ca [ 93.945919] >ffff800080897c00: 00 02 cb cb cb cb cb cb 00 00 f1 f1 f1 f1 01 f2 [ 93.946601] ^ [ 93.948273] ffff800080897c80: 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 93.948982] ffff800080897d00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 93.949676] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
Automatically assigned
[ 93.891140] ================================================================== [ 93.892002] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x108/0x1f0 [ 93.892936] Read of size 1 at addr ffff800080707c1f by task kunit_try_catch/187 [ 93.893602] [ 93.893890] CPU: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.894595] Hardware name: linux,dummy-virt (DT) [ 93.895233] Call trace: [ 93.895519] dump_backtrace+0x9c/0x128 [ 93.895914] show_stack+0x20/0x38 [ 93.896428] dump_stack_lvl+0x60/0xb0 [ 93.896945] print_report+0x328/0x5e8 [ 93.897431] kasan_report+0xdc/0x128 [ 93.897879] __asan_load1+0x60/0x70 [ 93.898374] kasan_alloca_oob_left+0x108/0x1f0 [ 93.899305] kunit_try_run_case+0x114/0x298 [ 93.899861] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.900613] kthread+0x18c/0x1a8 [ 93.901028] ret_from_fork+0x10/0x20 [ 93.901481] [ 93.901732] The buggy address belongs to stack of task kunit_try_catch/187 [ 93.902441] [ 93.902673] The buggy address belongs to the virtual mapping at [ 93.902673] [ffff800080700000, ffff800080709000) created by: [ 93.902673] kernel_clone+0x108/0x550 [ 93.904310] [ 93.904629] The buggy address belongs to the physical page: [ 93.905229] page:00000000fe80b638 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f89 [ 93.906085] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 93.906835] page_type: 0xffffffff() [ 93.907286] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 93.908049] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 93.909140] page dumped because: kasan: bad access detected [ 93.909702] [ 93.909919] Memory state around the buggy address: [ 93.910334] ffff800080707b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.911485] ffff800080707b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.912170] >ffff800080707c00: ca ca ca ca 00 02 cb cb cb cb cb cb f1 f1 f1 f1 [ 93.912867] ^ [ 93.913378] ffff800080707c80: 01 f2 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 [ 93.914098] ffff800080707d00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 93.915034] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
Automatically assigned
[ 93.854088] ================================================================== [ 93.855513] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xc4/0x188 [ 93.856163] Read of size 1 at addr ffff800080837cea by task kunit_try_catch/185 [ 93.856804] [ 93.857020] CPU: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.857979] Hardware name: linux,dummy-virt (DT) [ 93.858538] Call trace: [ 93.859034] dump_backtrace+0x9c/0x128 [ 93.859444] show_stack+0x20/0x38 [ 93.859956] dump_stack_lvl+0x60/0xb0 [ 93.860588] print_report+0x328/0x5e8 [ 93.861161] kasan_report+0xdc/0x128 [ 93.861665] __asan_load1+0x60/0x70 [ 93.862102] kasan_stack_oob+0xc4/0x188 [ 93.862586] kunit_try_run_case+0x114/0x298 [ 93.863118] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.864058] kthread+0x18c/0x1a8 [ 93.864391] ret_from_fork+0x10/0x20 [ 93.864957] [ 93.865313] The buggy address belongs to stack of task kunit_try_catch/185 [ 93.866013] and is located at offset 138 in frame: [ 93.866422] kasan_stack_oob+0x0/0x188 [ 93.867301] [ 93.867568] This frame has 4 objects: [ 93.868043] [48, 49) '__assertion' [ 93.868178] [64, 72) 'array' [ 93.868502] [96, 112) '__assertion' [ 93.868947] [128, 138) 'stack_array' [ 93.869386] [ 93.869856] The buggy address belongs to the virtual mapping at [ 93.869856] [ffff800080830000, ffff800080839000) created by: [ 93.869856] kernel_clone+0x108/0x550 [ 93.871355] [ 93.871571] The buggy address belongs to the physical page: [ 93.871951] page:000000000e3c1875 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060d7 [ 93.872648] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 93.873166] page_type: 0xffffffff() [ 93.873996] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 93.874739] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 93.875498] page dumped because: kasan: bad access detected [ 93.876303] [ 93.876524] Memory state around the buggy address: [ 93.877060] ffff800080837b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.877697] ffff800080837c00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 93.878335] >ffff800080837c80: f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 f3 [ 93.878918] ^ [ 93.879507] ffff800080837d00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 93.880227] ffff800080837d80: f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 93.881157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
Automatically assigned
[ 93.178105] ================================================================== [ 93.178906] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xd8/0x268 [ 93.179940] Read of size 1 at addr ffff0000c60bf0c8 by task kunit_try_catch/175 [ 93.180670] [ 93.180973] CPU: 1 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.181735] Hardware name: linux,dummy-virt (DT) [ 93.182203] Call trace: [ 93.182497] dump_backtrace+0x9c/0x128 [ 93.183211] show_stack+0x20/0x38 [ 93.183731] dump_stack_lvl+0x60/0xb0 [ 93.184374] print_report+0xf8/0x5e8 [ 93.184876] kasan_report+0xdc/0x128 [ 93.185390] __asan_load1+0x60/0x70 [ 93.185878] kmem_cache_oob+0xd8/0x268 [ 93.186316] kunit_try_run_case+0x114/0x298 [ 93.187223] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.187857] kthread+0x18c/0x1a8 [ 93.188245] ret_from_fork+0x10/0x20 [ 93.188641] [ 93.188917] Allocated by task 175: [ 93.189373] kasan_save_stack+0x3c/0x68 [ 93.189918] kasan_set_track+0x2c/0x40 [ 93.190396] kasan_save_alloc_info+0x24/0x38 [ 93.190995] __kasan_slab_alloc+0xa8/0xb0 [ 93.191479] kmem_cache_alloc+0x138/0x330 [ 93.192231] kmem_cache_oob+0xb8/0x268 [ 93.192671] kunit_try_run_case+0x114/0x298 [ 93.193139] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.193805] kthread+0x18c/0x1a8 [ 93.194247] ret_from_fork+0x10/0x20 [ 93.194866] [ 93.195358] The buggy address belongs to the object at ffff0000c60bf000 [ 93.195358] which belongs to the cache test_cache of size 200 [ 93.196535] The buggy address is located 0 bytes to the right of [ 93.196535] allocated 200-byte region [ffff0000c60bf000, ffff0000c60bf0c8) [ 93.197622] [ 93.197840] The buggy address belongs to the physical page: [ 93.198417] page:00000000f0e63329 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060bf [ 93.199529] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 93.200166] page_type: 0xffffffff() [ 93.200746] raw: 0bfffc0000000800 ffff0000c60c2000 dead000000000122 0000000000000000 [ 93.201495] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 93.202218] page dumped because: kasan: bad access detected [ 93.202848] [ 93.203144] Memory state around the buggy address: [ 93.203758] ffff0000c60bef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 93.204627] ffff0000c60bf000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 93.205374] >ffff0000c60bf080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 93.206111] ^ [ 93.206726] ffff0000c60bf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.207520] ffff0000c60bf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.208258] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
Automatically assigned
[ 93.104754] ================================================================== [ 93.105518] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x108/0x290 [ 93.106286] Read of size 1 at addr ffff0000c5f06728 by task kunit_try_catch/167 [ 93.106947] [ 93.107170] CPU: 1 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.107956] Hardware name: linux,dummy-virt (DT) [ 93.108494] Call trace: [ 93.108768] dump_backtrace+0x9c/0x128 [ 93.109162] show_stack+0x20/0x38 [ 93.109674] dump_stack_lvl+0x60/0xb0 [ 93.110063] print_report+0xf8/0x5e8 [ 93.110599] kasan_report+0xdc/0x128 [ 93.111133] __asan_load1+0x60/0x70 [ 93.111624] kmalloc_uaf2+0x108/0x290 [ 93.112107] kunit_try_run_case+0x114/0x298 [ 93.112717] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.113227] kthread+0x18c/0x1a8 [ 93.113622] ret_from_fork+0x10/0x20 [ 93.114037] [ 93.114306] Allocated by task 167: [ 93.114780] kasan_save_stack+0x3c/0x68 [ 93.115330] kasan_set_track+0x2c/0x40 [ 93.115746] kasan_save_alloc_info+0x24/0x38 [ 93.116949] __kasan_kmalloc+0xd4/0xd8 [ 93.117404] kmalloc_trace+0x68/0x130 [ 93.117830] kmalloc_uaf2+0xb4/0x290 [ 93.118283] kunit_try_run_case+0x114/0x298 [ 93.118729] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.119363] kthread+0x18c/0x1a8 [ 93.119787] ret_from_fork+0x10/0x20 [ 93.120250] [ 93.120455] Freed by task 167: [ 93.120816] kasan_save_stack+0x3c/0x68 [ 93.121317] kasan_set_track+0x2c/0x40 [ 93.122204] kasan_save_free_info+0x38/0x60 [ 93.122661] __kasan_slab_free+0x100/0x170 [ 93.123143] __kmem_cache_free+0x178/0x2c8 [ 93.123648] kfree+0x74/0x138 [ 93.124034] kmalloc_uaf2+0xc8/0x290 [ 93.124547] kunit_try_run_case+0x114/0x298 [ 93.125079] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.125737] kthread+0x18c/0x1a8 [ 93.126140] ret_from_fork+0x10/0x20 [ 93.126664] [ 93.126887] The buggy address belongs to the object at ffff0000c5f06700 [ 93.126887] which belongs to the cache kmalloc-64 of size 64 [ 93.127868] The buggy address is located 40 bytes inside of [ 93.127868] freed 64-byte region [ffff0000c5f06700, ffff0000c5f06740) [ 93.128806] [ 93.129078] The buggy address belongs to the physical page: [ 93.129615] page:0000000083b08542 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f06 [ 93.130474] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 93.131149] page_type: 0xffffffff() [ 93.131589] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 93.132341] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 93.133010] page dumped because: kasan: bad access detected [ 93.133563] [ 93.133778] Memory state around the buggy address: [ 93.134278] ffff0000c5f06600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 93.134932] ffff0000c5f06680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 93.135619] >ffff0000c5f06700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 93.136275] ^ [ 93.136766] ffff0000c5f06780: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 93.137478] ffff0000c5f06800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.138108] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
Automatically assigned
[ 93.057694] ================================================================== [ 93.058457] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0xd0/0x1d8 [ 93.059297] Write of size 33 at addr ffff0000c5f06680 by task kunit_try_catch/165 [ 93.060184] [ 93.060549] CPU: 1 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.061537] Hardware name: linux,dummy-virt (DT) [ 93.062012] Call trace: [ 93.062239] dump_backtrace+0x9c/0x128 [ 93.062671] show_stack+0x20/0x38 [ 93.063258] dump_stack_lvl+0x60/0xb0 [ 93.063760] print_report+0xf8/0x5e8 [ 93.064274] kasan_report+0xdc/0x128 [ 93.064794] kasan_check_range+0xe8/0x190 [ 93.065324] __asan_memset+0x34/0x78 [ 93.065748] kmalloc_uaf_memset+0xd0/0x1d8 [ 93.066211] kunit_try_run_case+0x114/0x298 [ 93.066905] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.067390] kthread+0x18c/0x1a8 [ 93.067764] ret_from_fork+0x10/0x20 [ 93.068189] [ 93.068462] Allocated by task 165: [ 93.068852] kasan_save_stack+0x3c/0x68 [ 93.069421] kasan_set_track+0x2c/0x40 [ 93.069892] kasan_save_alloc_info+0x24/0x38 [ 93.070355] __kasan_kmalloc+0xd4/0xd8 [ 93.071122] kmalloc_trace+0x68/0x130 [ 93.071577] kmalloc_uaf_memset+0x9c/0x1d8 [ 93.072173] kunit_try_run_case+0x114/0x298 [ 93.072700] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.073338] kthread+0x18c/0x1a8 [ 93.073754] ret_from_fork+0x10/0x20 [ 93.074204] [ 93.074434] Freed by task 165: [ 93.074695] kasan_save_stack+0x3c/0x68 [ 93.075379] kasan_set_track+0x2c/0x40 [ 93.076011] kasan_save_free_info+0x38/0x60 [ 93.076799] __kasan_slab_free+0x100/0x170 [ 93.077395] __kmem_cache_free+0x178/0x2c8 [ 93.077896] kfree+0x74/0x138 [ 93.078299] kmalloc_uaf_memset+0xb8/0x1d8 [ 93.078854] kunit_try_run_case+0x114/0x298 [ 93.079561] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.080249] kthread+0x18c/0x1a8 [ 93.080660] ret_from_fork+0x10/0x20 [ 93.081150] [ 93.081360] The buggy address belongs to the object at ffff0000c5f06680 [ 93.081360] which belongs to the cache kmalloc-64 of size 64 [ 93.082345] The buggy address is located 0 bytes inside of [ 93.082345] freed 64-byte region [ffff0000c5f06680, ffff0000c5f066c0) [ 93.083569] [ 93.083854] The buggy address belongs to the physical page: [ 93.084403] page:0000000083b08542 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f06 [ 93.085292] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 93.085983] page_type: 0xffffffff() [ 93.086383] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 93.087122] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 93.087800] page dumped because: kasan: bad access detected [ 93.088371] [ 93.088826] Memory state around the buggy address: [ 93.089286] ffff0000c5f06580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 93.089938] ffff0000c5f06600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 93.090598] >ffff0000c5f06680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 93.091437] ^ [ 93.091781] ffff0000c5f06700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.092529] ffff0000c5f06780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.093162] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
Automatically assigned
[ 93.011680] ================================================================== [ 93.012595] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0xc8/0x1d0 [ 93.013430] Read of size 1 at addr ffff0000c5c52728 by task kunit_try_catch/163 [ 93.014026] [ 93.014316] CPU: 1 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 93.015293] Hardware name: linux,dummy-virt (DT) [ 93.015731] Call trace: [ 93.015998] dump_backtrace+0x9c/0x128 [ 93.016670] show_stack+0x20/0x38 [ 93.017148] dump_stack_lvl+0x60/0xb0 [ 93.017618] print_report+0xf8/0x5e8 [ 93.018075] kasan_report+0xdc/0x128 [ 93.018577] __asan_load1+0x60/0x70 [ 93.019043] kmalloc_uaf+0xc8/0x1d0 [ 93.019449] kunit_try_run_case+0x114/0x298 [ 93.019968] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.020697] kthread+0x18c/0x1a8 [ 93.021099] ret_from_fork+0x10/0x20 [ 93.021481] [ 93.021669] Allocated by task 163: [ 93.021987] kasan_save_stack+0x3c/0x68 [ 93.022588] kasan_set_track+0x2c/0x40 [ 93.023216] kasan_save_alloc_info+0x24/0x38 [ 93.023778] __kasan_kmalloc+0xd4/0xd8 [ 93.024342] kmalloc_trace+0x68/0x130 [ 93.024818] kmalloc_uaf+0x9c/0x1d0 [ 93.025254] kunit_try_run_case+0x114/0x298 [ 93.025792] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.026380] kthread+0x18c/0x1a8 [ 93.027055] ret_from_fork+0x10/0x20 [ 93.027599] [ 93.027857] Freed by task 163: [ 93.028266] kasan_save_stack+0x3c/0x68 [ 93.028803] kasan_set_track+0x2c/0x40 [ 93.029309] kasan_save_free_info+0x38/0x60 [ 93.029815] __kasan_slab_free+0x100/0x170 [ 93.030322] __kmem_cache_free+0x178/0x2c8 [ 93.031019] kfree+0x74/0x138 [ 93.031336] kmalloc_uaf+0xb8/0x1d0 [ 93.031691] kunit_try_run_case+0x114/0x298 [ 93.032117] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 93.032626] kthread+0x18c/0x1a8 [ 93.033132] ret_from_fork+0x10/0x20 [ 93.033671] [ 93.033905] The buggy address belongs to the object at ffff0000c5c52720 [ 93.033905] which belongs to the cache kmalloc-16 of size 16 [ 93.035116] The buggy address is located 8 bytes inside of [ 93.035116] freed 16-byte region [ffff0000c5c52720, ffff0000c5c52730) [ 93.035831] [ 93.036038] The buggy address belongs to the physical page: [ 93.037114] page:00000000fbf36b17 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c52 [ 93.037998] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 93.038639] page_type: 0xffffffff() [ 93.039200] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 93.039800] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 93.040660] page dumped because: kasan: bad access detected [ 93.041193] [ 93.041428] Memory state around the buggy address: [ 93.041924] ffff0000c5c52600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 93.042568] ffff0000c5c52680: 00 04 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 93.043289] >ffff0000c5c52700: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 93.044129] ^ [ 93.044636] ffff0000c5c52780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.045190] ffff0000c5c52800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.045990] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
Automatically assigned
[ 92.968852] ================================================================== [ 92.970045] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xe0/0x1f8 [ 92.971046] Read of size 64 at addr ffff0000c5f06584 by task kunit_try_catch/161 [ 92.971725] [ 92.971966] CPU: 1 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.972554] Hardware name: linux,dummy-virt (DT) [ 92.973068] Call trace: [ 92.973323] dump_backtrace+0x9c/0x128 [ 92.973708] show_stack+0x20/0x38 [ 92.974140] dump_stack_lvl+0x60/0xb0 [ 92.974531] print_report+0xf8/0x5e8 [ 92.974921] kasan_report+0xdc/0x128 [ 92.976065] kasan_check_range+0xe8/0x190 [ 92.976769] __asan_memmove+0x3c/0x98 [ 92.977236] kmalloc_memmove_invalid_size+0xe0/0x1f8 [ 92.978019] kunit_try_run_case+0x114/0x298 [ 92.978648] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.979779] kthread+0x18c/0x1a8 [ 92.980138] ret_from_fork+0x10/0x20 [ 92.980753] [ 92.981174] Allocated by task 161: [ 92.981699] kasan_save_stack+0x3c/0x68 [ 92.982274] kasan_set_track+0x2c/0x40 [ 92.983057] kasan_save_alloc_info+0x24/0x38 [ 92.983652] __kasan_kmalloc+0xd4/0xd8 [ 92.984862] kmalloc_trace+0x68/0x130 [ 92.985417] kmalloc_memmove_invalid_size+0xa0/0x1f8 [ 92.985948] kunit_try_run_case+0x114/0x298 [ 92.986466] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.987355] kthread+0x18c/0x1a8 [ 92.987804] ret_from_fork+0x10/0x20 [ 92.988290] [ 92.988532] The buggy address belongs to the object at ffff0000c5f06580 [ 92.988532] which belongs to the cache kmalloc-64 of size 64 [ 92.989511] The buggy address is located 4 bytes inside of [ 92.989511] allocated 64-byte region [ffff0000c5f06580, ffff0000c5f065c0) [ 92.990536] [ 92.990752] The buggy address belongs to the physical page: [ 92.991261] page:0000000083b08542 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f06 [ 92.992394] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.993245] page_type: 0xffffffff() [ 92.993660] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 92.994299] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 92.995014] page dumped because: kasan: bad access detected [ 92.995382] [ 92.995652] Memory state around the buggy address: [ 92.996219] ffff0000c5f06480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 92.996918] ffff0000c5f06500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 92.997570] >ffff0000c5f06580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 92.998178] ^ [ 92.998677] ffff0000c5f06600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.999547] ffff0000c5f06680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 93.000191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
Automatically assigned
[ 92.929823] ================================================================== [ 92.930575] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xe0/0x1f0 [ 92.931969] Read of size 18446744073709551614 at addr ffff0000c5f06504 by task kunit_try_catch/159 [ 92.932844] [ 92.933185] CPU: 1 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.934039] Hardware name: linux,dummy-virt (DT) [ 92.934524] Call trace: [ 92.934887] dump_backtrace+0x9c/0x128 [ 92.935246] show_stack+0x20/0x38 [ 92.935564] dump_stack_lvl+0x60/0xb0 [ 92.935965] print_report+0xf8/0x5e8 [ 92.936394] kasan_report+0xdc/0x128 [ 92.937100] kasan_check_range+0xe8/0x190 [ 92.937718] __asan_memmove+0x3c/0x98 [ 92.938225] kmalloc_memmove_negative_size+0xe0/0x1f0 [ 92.938984] kunit_try_run_case+0x114/0x298 [ 92.939610] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.940235] kthread+0x18c/0x1a8 [ 92.940678] ret_from_fork+0x10/0x20 [ 92.941141] [ 92.941349] Allocated by task 159: [ 92.941723] kasan_save_stack+0x3c/0x68 [ 92.942246] kasan_set_track+0x2c/0x40 [ 92.942696] kasan_save_alloc_info+0x24/0x38 [ 92.943453] __kasan_kmalloc+0xd4/0xd8 [ 92.943999] kmalloc_trace+0x68/0x130 [ 92.944360] kmalloc_memmove_negative_size+0xa0/0x1f0 [ 92.944968] kunit_try_run_case+0x114/0x298 [ 92.945515] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.946136] kthread+0x18c/0x1a8 [ 92.946543] ret_from_fork+0x10/0x20 [ 92.946936] [ 92.947310] The buggy address belongs to the object at ffff0000c5f06500 [ 92.947310] which belongs to the cache kmalloc-64 of size 64 [ 92.948337] The buggy address is located 4 bytes inside of [ 92.948337] 64-byte region [ffff0000c5f06500, ffff0000c5f06540) [ 92.949472] [ 92.949747] The buggy address belongs to the physical page: [ 92.950307] page:0000000083b08542 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f06 [ 92.951314] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.951794] page_type: 0xffffffff() [ 92.952341] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 92.953137] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 92.953836] page dumped because: kasan: bad access detected [ 92.954329] [ 92.954521] Memory state around the buggy address: [ 92.955278] ffff0000c5f06400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 92.955986] ffff0000c5f06480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 92.956664] >ffff0000c5f06500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 92.957346] ^ [ 92.957689] ffff0000c5f06580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.958329] ffff0000c5f06600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.959082] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
Automatically assigned
[ 92.889761] ================================================================== [ 92.890537] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xd8/0x1e8 [ 92.891343] Write of size 16 at addr ffff0000c5f8af69 by task kunit_try_catch/157 [ 92.892450] [ 92.892764] CPU: 1 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.893573] Hardware name: linux,dummy-virt (DT) [ 92.894016] Call trace: [ 92.894300] dump_backtrace+0x9c/0x128 [ 92.894830] show_stack+0x20/0x38 [ 92.895361] dump_stack_lvl+0x60/0xb0 [ 92.895781] print_report+0xf8/0x5e8 [ 92.896226] kasan_report+0xdc/0x128 [ 92.896664] kasan_check_range+0xe8/0x190 [ 92.897118] __asan_memset+0x34/0x78 [ 92.898355] kmalloc_oob_memset_16+0xd8/0x1e8 [ 92.899031] kunit_try_run_case+0x114/0x298 [ 92.899475] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.899966] kthread+0x18c/0x1a8 [ 92.900284] ret_from_fork+0x10/0x20 [ 92.900768] [ 92.900985] Allocated by task 157: [ 92.901328] kasan_save_stack+0x3c/0x68 [ 92.901804] kasan_set_track+0x2c/0x40 [ 92.902233] kasan_save_alloc_info+0x24/0x38 [ 92.902705] __kasan_kmalloc+0xd4/0xd8 [ 92.903132] kmalloc_trace+0x68/0x130 [ 92.903587] kmalloc_oob_memset_16+0xa0/0x1e8 [ 92.904252] kunit_try_run_case+0x114/0x298 [ 92.904726] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.905228] kthread+0x18c/0x1a8 [ 92.905576] ret_from_fork+0x10/0x20 [ 92.906022] [ 92.906221] The buggy address belongs to the object at ffff0000c5f8af00 [ 92.906221] which belongs to the cache kmalloc-128 of size 128 [ 92.907648] The buggy address is located 105 bytes inside of [ 92.907648] allocated 120-byte region [ffff0000c5f8af00, ffff0000c5f8af78) [ 92.908969] [ 92.909234] The buggy address belongs to the physical page: [ 92.909773] page:00000000678618b8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f8a [ 92.910661] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.911583] page_type: 0xffffffff() [ 92.912066] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 92.912869] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.913555] page dumped because: kasan: bad access detected [ 92.914087] [ 92.914318] Memory state around the buggy address: [ 92.914888] ffff0000c5f8ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.915776] ffff0000c5f8ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.916506] >ffff0000c5f8af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.917187] ^ [ 92.917871] ffff0000c5f8af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.918552] ffff0000c5f8b000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 92.919169] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
Automatically assigned
[ 92.850447] ================================================================== [ 92.851716] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xd8/0x1e8 [ 92.852450] Write of size 8 at addr ffff0000c5f8ae71 by task kunit_try_catch/155 [ 92.853237] [ 92.853491] CPU: 1 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.854139] Hardware name: linux,dummy-virt (DT) [ 92.854614] Call trace: [ 92.854912] dump_backtrace+0x9c/0x128 [ 92.855347] show_stack+0x20/0x38 [ 92.855803] dump_stack_lvl+0x60/0xb0 [ 92.856381] print_report+0xf8/0x5e8 [ 92.856771] kasan_report+0xdc/0x128 [ 92.857298] kasan_check_range+0xe8/0x190 [ 92.857781] __asan_memset+0x34/0x78 [ 92.858159] kmalloc_oob_memset_8+0xd8/0x1e8 [ 92.858524] kunit_try_run_case+0x114/0x298 [ 92.859170] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.859854] kthread+0x18c/0x1a8 [ 92.860266] ret_from_fork+0x10/0x20 [ 92.860714] [ 92.860937] Allocated by task 155: [ 92.861271] kasan_save_stack+0x3c/0x68 [ 92.861798] kasan_set_track+0x2c/0x40 [ 92.862264] kasan_save_alloc_info+0x24/0x38 [ 92.862923] __kasan_kmalloc+0xd4/0xd8 [ 92.863425] kmalloc_trace+0x68/0x130 [ 92.863870] kmalloc_oob_memset_8+0xa0/0x1e8 [ 92.864543] kunit_try_run_case+0x114/0x298 [ 92.865089] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.865781] kthread+0x18c/0x1a8 [ 92.866214] ret_from_fork+0x10/0x20 [ 92.866706] [ 92.866922] The buggy address belongs to the object at ffff0000c5f8ae00 [ 92.866922] which belongs to the cache kmalloc-128 of size 128 [ 92.868045] The buggy address is located 113 bytes inside of [ 92.868045] allocated 120-byte region [ffff0000c5f8ae00, ffff0000c5f8ae78) [ 92.869126] [ 92.869430] The buggy address belongs to the physical page: [ 92.869949] page:00000000678618b8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f8a [ 92.870890] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.871627] page_type: 0xffffffff() [ 92.872126] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 92.872842] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.873563] page dumped because: kasan: bad access detected [ 92.874104] [ 92.874348] Memory state around the buggy address: [ 92.874925] ffff0000c5f8ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 92.875427] ffff0000c5f8ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.876005] >ffff0000c5f8ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.876465] ^ [ 92.877093] ffff0000c5f8ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.877843] ffff0000c5f8af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.878457] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
Automatically assigned
[ 92.808395] ================================================================== [ 92.809185] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xd8/0x1e8 [ 92.809859] Write of size 4 at addr ffff0000c6077675 by task kunit_try_catch/153 [ 92.810491] [ 92.811555] CPU: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.812476] Hardware name: linux,dummy-virt (DT) [ 92.812925] Call trace: [ 92.813305] dump_backtrace+0x9c/0x128 [ 92.813807] show_stack+0x20/0x38 [ 92.814253] dump_stack_lvl+0x60/0xb0 [ 92.814759] print_report+0xf8/0x5e8 [ 92.815254] kasan_report+0xdc/0x128 [ 92.815790] kasan_check_range+0xe8/0x190 [ 92.816519] __asan_memset+0x34/0x78 [ 92.817043] kmalloc_oob_memset_4+0xd8/0x1e8 [ 92.817579] kunit_try_run_case+0x114/0x298 [ 92.818086] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.818811] kthread+0x18c/0x1a8 [ 92.819248] ret_from_fork+0x10/0x20 [ 92.819838] [ 92.820100] Allocated by task 153: [ 92.820384] kasan_save_stack+0x3c/0x68 [ 92.820810] kasan_set_track+0x2c/0x40 [ 92.821209] kasan_save_alloc_info+0x24/0x38 [ 92.821653] __kasan_kmalloc+0xd4/0xd8 [ 92.822233] kmalloc_trace+0x68/0x130 [ 92.822716] kmalloc_oob_memset_4+0xa0/0x1e8 [ 92.823365] kunit_try_run_case+0x114/0x298 [ 92.824059] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.824637] kthread+0x18c/0x1a8 [ 92.825034] ret_from_fork+0x10/0x20 [ 92.825711] [ 92.826040] The buggy address belongs to the object at ffff0000c6077600 [ 92.826040] which belongs to the cache kmalloc-128 of size 128 [ 92.827157] The buggy address is located 117 bytes inside of [ 92.827157] allocated 120-byte region [ffff0000c6077600, ffff0000c6077678) [ 92.828495] [ 92.828766] The buggy address belongs to the physical page: [ 92.829347] page:000000001b5b04a5 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106077 [ 92.830219] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.831298] page_type: 0xffffffff() [ 92.831651] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 92.832645] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.833386] page dumped because: kasan: bad access detected [ 92.833860] [ 92.834124] Memory state around the buggy address: [ 92.834628] ffff0000c6077500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 92.836360] ffff0000c6077580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.837022] >ffff0000c6077600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.837757] ^ [ 92.838391] ffff0000c6077680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.839099] ffff0000c6077700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.839795] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
Automatically assigned
[ 92.757520] ================================================================== [ 92.758840] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xd8/0x1f0 [ 92.761040] Write of size 2 at addr ffff0000c5f8ab77 by task kunit_try_catch/151 [ 92.762136] [ 92.762618] CPU: 1 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.763852] Hardware name: linux,dummy-virt (DT) [ 92.764890] Call trace: [ 92.765394] dump_backtrace+0x9c/0x128 [ 92.766276] show_stack+0x20/0x38 [ 92.767264] dump_stack_lvl+0x60/0xb0 [ 92.768111] print_report+0xf8/0x5e8 [ 92.768980] kasan_report+0xdc/0x128 [ 92.769825] kasan_check_range+0xe8/0x190 [ 92.770666] __asan_memset+0x34/0x78 [ 92.771853] kmalloc_oob_memset_2+0xd8/0x1f0 [ 92.772632] kunit_try_run_case+0x114/0x298 [ 92.773545] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.774502] kthread+0x18c/0x1a8 [ 92.775518] ret_from_fork+0x10/0x20 [ 92.776386] [ 92.776788] Allocated by task 151: [ 92.777446] kasan_save_stack+0x3c/0x68 [ 92.778340] kasan_set_track+0x2c/0x40 [ 92.779746] kasan_save_alloc_info+0x24/0x38 [ 92.780662] __kasan_kmalloc+0xd4/0xd8 [ 92.781505] kmalloc_trace+0x68/0x130 [ 92.782307] kmalloc_oob_memset_2+0xa0/0x1f0 [ 92.783223] kunit_try_run_case+0x114/0x298 [ 92.784207] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.784903] kthread+0x18c/0x1a8 [ 92.785463] ret_from_fork+0x10/0x20 [ 92.786035] [ 92.786279] The buggy address belongs to the object at ffff0000c5f8ab00 [ 92.786279] which belongs to the cache kmalloc-128 of size 128 [ 92.787332] The buggy address is located 119 bytes inside of [ 92.787332] allocated 120-byte region [ffff0000c5f8ab00, ffff0000c5f8ab78) [ 92.788095] [ 92.788300] The buggy address belongs to the physical page: [ 92.788850] page:00000000678618b8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f8a [ 92.789690] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.790276] page_type: 0xffffffff() [ 92.790759] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 92.791615] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.792338] page dumped because: kasan: bad access detected [ 92.792886] [ 92.793151] Memory state around the buggy address: [ 92.793641] ffff0000c5f8aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 92.794278] ffff0000c5f8aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.794912] >ffff0000c5f8ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.795562] ^ [ 92.796415] ffff0000c5f8ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.797118] ffff0000c5f8ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.797757] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
Automatically assigned
[ 92.689159] ================================================================== [ 92.690347] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xd4/0x1e8 [ 92.691504] Write of size 128 at addr ffff0000c6077300 by task kunit_try_catch/149 [ 92.692768] [ 92.693326] CPU: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.694525] Hardware name: linux,dummy-virt (DT) [ 92.696006] Call trace: [ 92.696600] dump_backtrace+0x9c/0x128 [ 92.697268] show_stack+0x20/0x38 [ 92.698342] dump_stack_lvl+0x60/0xb0 [ 92.699074] print_report+0xf8/0x5e8 [ 92.699806] kasan_report+0xdc/0x128 [ 92.700910] kasan_check_range+0xe8/0x190 [ 92.701541] __asan_memset+0x34/0x78 [ 92.702403] kmalloc_oob_in_memset+0xd4/0x1e8 [ 92.703405] kunit_try_run_case+0x114/0x298 [ 92.704292] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.705385] kthread+0x18c/0x1a8 [ 92.706217] ret_from_fork+0x10/0x20 [ 92.707072] [ 92.707456] Allocated by task 149: [ 92.707996] kasan_save_stack+0x3c/0x68 [ 92.709249] kasan_set_track+0x2c/0x40 [ 92.709968] kasan_save_alloc_info+0x24/0x38 [ 92.710876] __kasan_kmalloc+0xd4/0xd8 [ 92.712037] kmalloc_trace+0x68/0x130 [ 92.714077] kmalloc_oob_in_memset+0xa0/0x1e8 [ 92.716628] kunit_try_run_case+0x114/0x298 [ 92.717852] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.719309] kthread+0x18c/0x1a8 [ 92.720702] ret_from_fork+0x10/0x20 [ 92.722567] [ 92.722942] The buggy address belongs to the object at ffff0000c6077300 [ 92.722942] which belongs to the cache kmalloc-128 of size 128 [ 92.724552] The buggy address is located 0 bytes inside of [ 92.724552] allocated 120-byte region [ffff0000c6077300, ffff0000c6077378) [ 92.726184] [ 92.726590] The buggy address belongs to the physical page: [ 92.727572] page:000000001b5b04a5 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106077 [ 92.728644] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.729559] page_type: 0xffffffff() [ 92.729896] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 92.730374] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.732015] page dumped because: kasan: bad access detected [ 92.732958] [ 92.733369] Memory state around the buggy address: [ 92.734193] ffff0000c6077200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 92.736293] ffff0000c6077280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.737357] >ffff0000c6077300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.738380] ^ [ 92.739427] ffff0000c6077380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.740541] ffff0000c6077400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.742016] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
Automatically assigned
[ 92.613179] ================================================================== [ 92.614396] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x100/0x258 [ 92.615863] Read of size 16 at addr ffff0000c5c52700 by task kunit_try_catch/147 [ 92.616916] [ 92.617374] CPU: 1 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.618595] Hardware name: linux,dummy-virt (DT) [ 92.619346] Call trace: [ 92.620152] dump_backtrace+0x9c/0x128 [ 92.620970] show_stack+0x20/0x38 [ 92.621692] dump_stack_lvl+0x60/0xb0 [ 92.622440] print_report+0xf8/0x5e8 [ 92.623448] kasan_report+0xdc/0x128 [ 92.624260] __asan_load16+0xa4/0xa8 [ 92.625081] kmalloc_uaf_16+0x100/0x258 [ 92.625832] kunit_try_run_case+0x114/0x298 [ 92.626679] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.627974] kthread+0x18c/0x1a8 [ 92.628759] ret_from_fork+0x10/0x20 [ 92.629595] [ 92.629933] Allocated by task 147: [ 92.630536] kasan_save_stack+0x3c/0x68 [ 92.631331] kasan_set_track+0x2c/0x40 [ 92.632449] kasan_save_alloc_info+0x24/0x38 [ 92.633336] __kasan_kmalloc+0xd4/0xd8 [ 92.634093] kmalloc_trace+0x68/0x130 [ 92.636212] kmalloc_uaf_16+0xcc/0x258 [ 92.637116] kunit_try_run_case+0x114/0x298 [ 92.637950] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.638917] kthread+0x18c/0x1a8 [ 92.639630] ret_from_fork+0x10/0x20 [ 92.640808] [ 92.641143] Freed by task 147: [ 92.641687] kasan_save_stack+0x3c/0x68 [ 92.642550] kasan_set_track+0x2c/0x40 [ 92.643618] kasan_save_free_info+0x38/0x60 [ 92.644461] __kasan_slab_free+0x100/0x170 [ 92.645349] __kmem_cache_free+0x178/0x2c8 [ 92.646245] kfree+0x74/0x138 [ 92.647120] kmalloc_uaf_16+0xe8/0x258 [ 92.647929] kunit_try_run_case+0x114/0x298 [ 92.648893] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.649898] kthread+0x18c/0x1a8 [ 92.650520] ret_from_fork+0x10/0x20 [ 92.651495] [ 92.651907] The buggy address belongs to the object at ffff0000c5c52700 [ 92.651907] which belongs to the cache kmalloc-16 of size 16 [ 92.653511] The buggy address is located 0 bytes inside of [ 92.653511] freed 16-byte region [ffff0000c5c52700, ffff0000c5c52710) [ 92.656846] [ 92.657168] The buggy address belongs to the physical page: [ 92.658044] page:00000000fbf36b17 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c52 [ 92.659284] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.660801] page_type: 0xffffffff() [ 92.661514] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 92.662650] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 92.663892] page dumped because: kasan: bad access detected [ 92.664793] [ 92.665075] Memory state around the buggy address: [ 92.666012] ffff0000c5c52600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 92.667226] ffff0000c5c52680: 00 04 fc fc 00 05 fc fc fa fb fc fc 00 00 fc fc [ 92.668161] >ffff0000c5c52700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.669301] ^ [ 92.669949] ffff0000c5c52780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.671209] ffff0000c5c52800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.672381] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
Automatically assigned
[ 92.548774] ================================================================== [ 92.550052] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf8/0x268 [ 92.551033] Write of size 16 at addr ffff0000c5adb680 by task kunit_try_catch/145 [ 92.552205] [ 92.552969] CPU: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.554014] Hardware name: linux,dummy-virt (DT) [ 92.555329] Call trace: [ 92.555756] dump_backtrace+0x9c/0x128 [ 92.556529] show_stack+0x20/0x38 [ 92.557263] dump_stack_lvl+0x60/0xb0 [ 92.557942] print_report+0xf8/0x5e8 [ 92.558666] kasan_report+0xdc/0x128 [ 92.559545] __asan_store16+0xa4/0xa8 [ 92.560324] kmalloc_oob_16+0xf8/0x268 [ 92.561162] kunit_try_run_case+0x114/0x298 [ 92.561974] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.562940] kthread+0x18c/0x1a8 [ 92.563587] ret_from_fork+0x10/0x20 [ 92.564361] [ 92.564851] Allocated by task 145: [ 92.565516] kasan_save_stack+0x3c/0x68 [ 92.566352] kasan_set_track+0x2c/0x40 [ 92.567210] kasan_save_alloc_info+0x24/0x38 [ 92.567993] __kasan_kmalloc+0xd4/0xd8 [ 92.568854] kmalloc_trace+0x68/0x130 [ 92.569532] kmalloc_oob_16+0xa4/0x268 [ 92.570543] kunit_try_run_case+0x114/0x298 [ 92.571884] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.572981] kthread+0x18c/0x1a8 [ 92.573842] ret_from_fork+0x10/0x20 [ 92.574588] [ 92.575060] The buggy address belongs to the object at ffff0000c5adb680 [ 92.575060] which belongs to the cache kmalloc-16 of size 16 [ 92.577303] The buggy address is located 0 bytes inside of [ 92.577303] allocated 13-byte region [ffff0000c5adb680, ffff0000c5adb68d) [ 92.578880] [ 92.579240] The buggy address belongs to the physical page: [ 92.580056] page:00000000aabf8573 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105adb [ 92.581752] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 92.582992] page_type: 0xffffffff() [ 92.584131] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 92.585322] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 92.586293] page dumped because: kasan: bad access detected [ 92.587224] [ 92.587819] Memory state around the buggy address: [ 92.588596] ffff0000c5adb580: 00 01 fc fc 00 01 fc fc fa fb fc fc 00 01 fc fc [ 92.589890] ffff0000c5adb600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 92.590836] >ffff0000c5adb680: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 92.592115] ^ [ 92.593072] ffff0000c5adb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.594114] ffff0000c5adb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.595602] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
Automatically assigned
[ 92.412669] ================================================================== [ 92.414111] BUG: KASAN: slab-use-after-free in krealloc_uaf+0xe4/0x2c0 [ 92.415092] Read of size 1 at addr ffff0000c0b91a00 by task kunit_try_catch/143 [ 92.416343] [ 92.416820] CPU: 1 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.417935] Hardware name: linux,dummy-virt (DT) [ 92.418641] Call trace: [ 92.419046] dump_backtrace+0x9c/0x128 [ 92.419799] show_stack+0x20/0x38 [ 92.420573] dump_stack_lvl+0x60/0xb0 [ 92.421373] print_report+0xf8/0x5e8 [ 92.422195] kasan_report+0xdc/0x128 [ 92.422965] __kasan_check_byte+0x54/0x70 [ 92.423823] krealloc+0x48/0x1a0 [ 92.424590] krealloc_uaf+0xe4/0x2c0 [ 92.425351] kunit_try_run_case+0x114/0x298 [ 92.426163] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.427109] kthread+0x18c/0x1a8 [ 92.427779] ret_from_fork+0x10/0x20 [ 92.428544] [ 92.428937] Allocated by task 143: [ 92.429578] kasan_save_stack+0x3c/0x68 [ 92.430368] kasan_set_track+0x2c/0x40 [ 92.431122] kasan_save_alloc_info+0x24/0x38 [ 92.431890] __kasan_kmalloc+0xd4/0xd8 [ 92.432691] kmalloc_trace+0x68/0x130 [ 92.433460] krealloc_uaf+0xb0/0x2c0 [ 92.434221] kunit_try_run_case+0x114/0x298 [ 92.435056] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.436061] kthread+0x18c/0x1a8 [ 92.436786] ret_from_fork+0x10/0x20 [ 92.437506] [ 92.437927] Freed by task 143: [ 92.438519] kasan_save_stack+0x3c/0x68 [ 92.439263] kasan_set_track+0x2c/0x40 [ 92.440092] kasan_save_free_info+0x38/0x60 [ 92.440938] __kasan_slab_free+0x100/0x170 [ 92.441756] __kmem_cache_free+0x178/0x2c8 [ 92.442474] kfree+0x74/0x138 [ 92.443003] krealloc_uaf+0xcc/0x2c0 [ 92.443778] kunit_try_run_case+0x114/0x298 [ 92.445670] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.448298] kthread+0x18c/0x1a8 [ 92.448917] ret_from_fork+0x10/0x20 [ 92.449611] [ 92.449935] The buggy address belongs to the object at ffff0000c0b91a00 [ 92.449935] which belongs to the cache kmalloc-256 of size 256 [ 92.453541] The buggy address is located 0 bytes inside of [ 92.453541] freed 256-byte region [ffff0000c0b91a00, ffff0000c0b91b00) [ 92.455368] [ 92.456141] The buggy address belongs to the physical page: [ 92.457178] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 92.459125] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.460385] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 92.461597] page_type: 0xffffffff() [ 92.462434] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 92.463618] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.464777] page dumped because: kasan: bad access detected [ 92.465687] [ 92.466094] Memory state around the buggy address: [ 92.467033] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.468195] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.469334] >ffff0000c0b91a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.470384] ^ [ 92.471091] ffff0000c0b91a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.472282] ffff0000c0b91b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.473341] ================================================================== [ 92.477213] ================================================================== [ 92.478310] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x10c/0x2c0 [ 92.479418] Read of size 1 at addr ffff0000c0b91a00 by task kunit_try_catch/143 [ 92.480686] [ 92.481189] CPU: 1 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.482383] Hardware name: linux,dummy-virt (DT) [ 92.483168] Call trace: [ 92.483565] dump_backtrace+0x9c/0x128 [ 92.484223] show_stack+0x20/0x38 [ 92.484843] dump_stack_lvl+0x60/0xb0 [ 92.485674] print_report+0xf8/0x5e8 [ 92.486591] kasan_report+0xdc/0x128 [ 92.487324] __asan_load1+0x60/0x70 [ 92.488153] krealloc_uaf+0x10c/0x2c0 [ 92.488968] kunit_try_run_case+0x114/0x298 [ 92.489740] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.490756] kthread+0x18c/0x1a8 [ 92.491521] ret_from_fork+0x10/0x20 [ 92.492542] [ 92.492888] Allocated by task 143: [ 92.493362] kasan_save_stack+0x3c/0x68 [ 92.494705] kasan_set_track+0x2c/0x40 [ 92.495523] kasan_save_alloc_info+0x24/0x38 [ 92.496362] __kasan_kmalloc+0xd4/0xd8 [ 92.497219] kmalloc_trace+0x68/0x130 [ 92.497939] krealloc_uaf+0xb0/0x2c0 [ 92.498772] kunit_try_run_case+0x114/0x298 [ 92.500003] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.501175] kthread+0x18c/0x1a8 [ 92.502109] ret_from_fork+0x10/0x20 [ 92.502857] [ 92.503190] Freed by task 143: [ 92.503832] kasan_save_stack+0x3c/0x68 [ 92.504651] kasan_set_track+0x2c/0x40 [ 92.505461] kasan_save_free_info+0x38/0x60 [ 92.506239] __kasan_slab_free+0x100/0x170 [ 92.507146] __kmem_cache_free+0x178/0x2c8 [ 92.508186] kfree+0x74/0x138 [ 92.509216] krealloc_uaf+0xcc/0x2c0 [ 92.510046] kunit_try_run_case+0x114/0x298 [ 92.510882] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.511844] kthread+0x18c/0x1a8 [ 92.512547] ret_from_fork+0x10/0x20 [ 92.513320] [ 92.513677] The buggy address belongs to the object at ffff0000c0b91a00 [ 92.513677] which belongs to the cache kmalloc-256 of size 256 [ 92.515545] The buggy address is located 0 bytes inside of [ 92.515545] freed 256-byte region [ffff0000c0b91a00, ffff0000c0b91b00) [ 92.517116] [ 92.517553] The buggy address belongs to the physical page: [ 92.518367] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 92.520267] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.521433] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 92.522524] page_type: 0xffffffff() [ 92.523213] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 92.525219] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.526025] page dumped because: kasan: bad access detected [ 92.526575] [ 92.526975] Memory state around the buggy address: [ 92.527815] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.528894] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.529899] >ffff0000c0b91a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.531180] ^ [ 92.531728] ffff0000c0b91a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.532653] ffff0000c0b91b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.533795] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
Automatically assigned
[ 92.279792] ================================================================== [ 92.280920] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x18c/0x590 [ 92.282864] Write of size 1 at addr ffff0000c5fa60da by task kunit_try_catch/141 [ 92.284084] [ 92.284625] CPU: 1 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.285818] Hardware name: linux,dummy-virt (DT) [ 92.286591] Call trace: [ 92.287234] dump_backtrace+0x9c/0x128 [ 92.288249] show_stack+0x20/0x38 [ 92.289040] dump_stack_lvl+0x60/0xb0 [ 92.289935] print_report+0xf8/0x5e8 [ 92.290975] kasan_report+0xdc/0x128 [ 92.291810] __asan_store1+0x60/0x70 [ 92.292406] krealloc_less_oob_helper+0x18c/0x590 [ 92.293750] krealloc_pagealloc_less_oob+0x20/0x38 [ 92.294784] kunit_try_run_case+0x114/0x298 [ 92.296001] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.296971] kthread+0x18c/0x1a8 [ 92.297748] ret_from_fork+0x10/0x20 [ 92.298637] [ 92.299073] The buggy address belongs to the physical page: [ 92.299799] page:0000000027946532 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa4 [ 92.301637] head:0000000027946532 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.304168] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.305459] page_type: 0xffffffff() [ 92.306532] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.307894] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.309010] page dumped because: kasan: bad access detected [ 92.309799] [ 92.310422] Memory state around the buggy address: [ 92.311559] ffff0000c5fa5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.312865] ffff0000c5fa6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.314043] >ffff0000c5fa6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 92.315501] ^ [ 92.316880] ffff0000c5fa6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.318136] ffff0000c5fa6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.320368] ================================================================== [ 92.322607] ================================================================== [ 92.324015] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1b8/0x590 [ 92.325396] Write of size 1 at addr ffff0000c5fa60ea by task kunit_try_catch/141 [ 92.326934] [ 92.327768] CPU: 1 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.328904] Hardware name: linux,dummy-virt (DT) [ 92.330093] Call trace: [ 92.330538] dump_backtrace+0x9c/0x128 [ 92.331464] show_stack+0x20/0x38 [ 92.332139] dump_stack_lvl+0x60/0xb0 [ 92.333353] print_report+0xf8/0x5e8 [ 92.334127] kasan_report+0xdc/0x128 [ 92.335063] __asan_store1+0x60/0x70 [ 92.336235] krealloc_less_oob_helper+0x1b8/0x590 [ 92.337238] krealloc_pagealloc_less_oob+0x20/0x38 [ 92.338339] kunit_try_run_case+0x114/0x298 [ 92.339489] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.340847] kthread+0x18c/0x1a8 [ 92.341867] ret_from_fork+0x10/0x20 [ 92.343054] [ 92.343578] The buggy address belongs to the physical page: [ 92.344795] page:0000000027946532 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa4 [ 92.346266] head:0000000027946532 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.347796] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.348918] page_type: 0xffffffff() [ 92.349981] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.351215] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.352601] page dumped because: kasan: bad access detected [ 92.353558] [ 92.354062] Memory state around the buggy address: [ 92.355159] ffff0000c5fa5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.356503] ffff0000c5fa6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.357599] >ffff0000c5fa6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 92.358618] ^ [ 92.360866] ffff0000c5fa6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.362066] ffff0000c5fa6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.363433] ================================================================== [ 92.365823] ================================================================== [ 92.366550] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1e0/0x590 [ 92.367715] Write of size 1 at addr ffff0000c5fa60eb by task kunit_try_catch/141 [ 92.369029] [ 92.369542] CPU: 1 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.370756] Hardware name: linux,dummy-virt (DT) [ 92.371627] Call trace: [ 92.372033] dump_backtrace+0x9c/0x128 [ 92.372888] show_stack+0x20/0x38 [ 92.373600] dump_stack_lvl+0x60/0xb0 [ 92.374271] print_report+0xf8/0x5e8 [ 92.375239] kasan_report+0xdc/0x128 [ 92.375965] __asan_store1+0x60/0x70 [ 92.376921] krealloc_less_oob_helper+0x1e0/0x590 [ 92.378022] krealloc_pagealloc_less_oob+0x20/0x38 [ 92.379213] kunit_try_run_case+0x114/0x298 [ 92.380047] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.381045] kthread+0x18c/0x1a8 [ 92.381726] ret_from_fork+0x10/0x20 [ 92.382495] [ 92.382867] The buggy address belongs to the physical page: [ 92.383779] page:0000000027946532 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa4 [ 92.385062] head:0000000027946532 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.386230] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.387540] page_type: 0xffffffff() [ 92.388860] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.389773] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.390939] page dumped because: kasan: bad access detected [ 92.391772] [ 92.392201] Memory state around the buggy address: [ 92.392651] ffff0000c5fa5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.393266] ffff0000c5fa6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.394569] >ffff0000c5fa6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 92.395711] ^ [ 92.396740] ffff0000c5fa6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.397870] ffff0000c5fa6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.399103] ================================================================== [ 92.201271] ================================================================== [ 92.202748] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x110/0x590 [ 92.204146] Write of size 1 at addr ffff0000c5fa60c9 by task kunit_try_catch/141 [ 92.205442] [ 92.205945] CPU: 1 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.207338] Hardware name: linux,dummy-virt (DT) [ 92.208261] Call trace: [ 92.208856] dump_backtrace+0x9c/0x128 [ 92.209884] show_stack+0x20/0x38 [ 92.210703] dump_stack_lvl+0x60/0xb0 [ 92.211661] print_report+0xf8/0x5e8 [ 92.212106] kasan_report+0xdc/0x128 [ 92.212607] __asan_store1+0x60/0x70 [ 92.213636] krealloc_less_oob_helper+0x110/0x590 [ 92.214715] krealloc_pagealloc_less_oob+0x20/0x38 [ 92.215806] kunit_try_run_case+0x114/0x298 [ 92.216800] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.217907] kthread+0x18c/0x1a8 [ 92.218708] ret_from_fork+0x10/0x20 [ 92.219650] [ 92.220085] The buggy address belongs to the physical page: [ 92.221099] page:0000000027946532 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa4 [ 92.222492] head:0000000027946532 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.224134] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.225676] page_type: 0xffffffff() [ 92.226465] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.228446] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.229833] page dumped because: kasan: bad access detected [ 92.230873] [ 92.231540] Memory state around the buggy address: [ 92.232466] ffff0000c5fa5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.233572] ffff0000c5fa6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.234800] >ffff0000c5fa6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 92.236253] ^ [ 92.237396] ffff0000c5fa6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.238623] ffff0000c5fa6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.239981] ================================================================== [ 92.079992] ================================================================== [ 92.080649] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1e0/0x590 [ 92.081242] Write of size 1 at addr ffff0000c0b918eb by task kunit_try_catch/137 [ 92.081910] [ 92.082177] CPU: 1 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.082970] Hardware name: linux,dummy-virt (DT) [ 92.083316] Call trace: [ 92.083623] dump_backtrace+0x9c/0x128 [ 92.084381] show_stack+0x20/0x38 [ 92.084930] dump_stack_lvl+0x60/0xb0 [ 92.085390] print_report+0xf8/0x5e8 [ 92.085879] kasan_report+0xdc/0x128 [ 92.086343] __asan_store1+0x60/0x70 [ 92.087075] krealloc_less_oob_helper+0x1e0/0x590 [ 92.087697] krealloc_less_oob+0x20/0x38 [ 92.088173] kunit_try_run_case+0x114/0x298 [ 92.088696] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.089317] kthread+0x18c/0x1a8 [ 92.089735] ret_from_fork+0x10/0x20 [ 92.090171] [ 92.090385] Allocated by task 137: [ 92.090744] kasan_save_stack+0x3c/0x68 [ 92.091255] kasan_set_track+0x2c/0x40 [ 92.091836] kasan_save_alloc_info+0x24/0x38 [ 92.092395] __kasan_krealloc+0x10c/0x140 [ 92.092946] krealloc+0x10c/0x1a0 [ 92.093421] krealloc_less_oob_helper+0xd4/0x590 [ 92.094009] krealloc_less_oob+0x20/0x38 [ 92.094516] kunit_try_run_case+0x114/0x298 [ 92.095145] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.095791] kthread+0x18c/0x1a8 [ 92.096294] ret_from_fork+0x10/0x20 [ 92.096769] [ 92.097008] The buggy address belongs to the object at ffff0000c0b91800 [ 92.097008] which belongs to the cache kmalloc-256 of size 256 [ 92.097978] The buggy address is located 34 bytes to the right of [ 92.097978] allocated 201-byte region [ffff0000c0b91800, ffff0000c0b918c9) [ 92.099480] [ 92.099884] The buggy address belongs to the physical page: [ 92.100470] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 92.101386] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.101947] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 92.102461] page_type: 0xffffffff() [ 92.103129] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 92.104056] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.104731] page dumped because: kasan: bad access detected [ 92.105310] [ 92.105542] Memory state around the buggy address: [ 92.106081] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.106743] ffff0000c0b91800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.108234] >ffff0000c0b91880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 92.108708] ^ [ 92.109486] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.110391] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.111021] ================================================================== [ 92.016908] ================================================================== [ 92.017601] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x18c/0x590 [ 92.018357] Write of size 1 at addr ffff0000c0b918da by task kunit_try_catch/137 [ 92.018967] [ 92.019224] CPU: 1 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.019997] Hardware name: linux,dummy-virt (DT) [ 92.020446] Call trace: [ 92.020717] dump_backtrace+0x9c/0x128 [ 92.021174] show_stack+0x20/0x38 [ 92.021633] dump_stack_lvl+0x60/0xb0 [ 92.022107] print_report+0xf8/0x5e8 [ 92.022590] kasan_report+0xdc/0x128 [ 92.023008] __asan_store1+0x60/0x70 [ 92.023747] krealloc_less_oob_helper+0x18c/0x590 [ 92.024350] krealloc_less_oob+0x20/0x38 [ 92.025447] kunit_try_run_case+0x114/0x298 [ 92.025932] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.026563] kthread+0x18c/0x1a8 [ 92.026894] ret_from_fork+0x10/0x20 [ 92.027237] [ 92.027420] Allocated by task 137: [ 92.027678] kasan_save_stack+0x3c/0x68 [ 92.028083] kasan_set_track+0x2c/0x40 [ 92.028480] kasan_save_alloc_info+0x24/0x38 [ 92.028967] __kasan_krealloc+0x10c/0x140 [ 92.029489] krealloc+0x10c/0x1a0 [ 92.029942] krealloc_less_oob_helper+0xd4/0x590 [ 92.030540] krealloc_less_oob+0x20/0x38 [ 92.030994] kunit_try_run_case+0x114/0x298 [ 92.031515] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.032172] kthread+0x18c/0x1a8 [ 92.032670] ret_from_fork+0x10/0x20 [ 92.033145] [ 92.033364] The buggy address belongs to the object at ffff0000c0b91800 [ 92.033364] which belongs to the cache kmalloc-256 of size 256 [ 92.034490] The buggy address is located 17 bytes to the right of [ 92.034490] allocated 201-byte region [ffff0000c0b91800, ffff0000c0b918c9) [ 92.035373] [ 92.035688] The buggy address belongs to the physical page: [ 92.036467] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 92.037364] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.038059] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 92.038660] page_type: 0xffffffff() [ 92.039090] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 92.039733] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.040400] page dumped because: kasan: bad access detected [ 92.042031] [ 92.042292] Memory state around the buggy address: [ 92.042816] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.043507] ffff0000c0b91800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.044225] >ffff0000c0b91880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 92.044869] ^ [ 92.045489] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.046069] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.046760] ================================================================== [ 92.242590] ================================================================== [ 92.243514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x140/0x590 [ 92.245514] Write of size 1 at addr ffff0000c5fa60d0 by task kunit_try_catch/141 [ 92.247050] [ 92.247439] CPU: 1 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.248338] Hardware name: linux,dummy-virt (DT) [ 92.249281] Call trace: [ 92.249670] dump_backtrace+0x9c/0x128 [ 92.250184] show_stack+0x20/0x38 [ 92.251288] dump_stack_lvl+0x60/0xb0 [ 92.252243] print_report+0xf8/0x5e8 [ 92.253178] kasan_report+0xdc/0x128 [ 92.254032] __asan_store1+0x60/0x70 [ 92.254882] krealloc_less_oob_helper+0x140/0x590 [ 92.255943] krealloc_pagealloc_less_oob+0x20/0x38 [ 92.256956] kunit_try_run_case+0x114/0x298 [ 92.257840] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.259017] kthread+0x18c/0x1a8 [ 92.259380] ret_from_fork+0x10/0x20 [ 92.259819] [ 92.260035] The buggy address belongs to the physical page: [ 92.260427] page:0000000027946532 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa4 [ 92.261971] head:0000000027946532 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.263118] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.264079] page_type: 0xffffffff() [ 92.265131] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.266476] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.267715] page dumped because: kasan: bad access detected [ 92.268686] [ 92.269088] Memory state around the buggy address: [ 92.269953] ffff0000c5fa5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.271030] ffff0000c5fa6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.272191] >ffff0000c5fa6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 92.273339] ^ [ 92.274257] ffff0000c5fa6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.275248] ffff0000c5fa6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.276493] ================================================================== [ 91.942537] ================================================================== [ 91.943691] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x110/0x590 [ 91.945023] Write of size 1 at addr ffff0000c0b918c9 by task kunit_try_catch/137 [ 91.946131] [ 91.946561] CPU: 1 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.947766] Hardware name: linux,dummy-virt (DT) [ 91.948591] Call trace: [ 91.949121] dump_backtrace+0x9c/0x128 [ 91.949923] show_stack+0x20/0x38 [ 91.950566] dump_stack_lvl+0x60/0xb0 [ 91.951286] print_report+0xf8/0x5e8 [ 91.952046] kasan_report+0xdc/0x128 [ 91.952882] __asan_store1+0x60/0x70 [ 91.953647] krealloc_less_oob_helper+0x110/0x590 [ 91.954534] krealloc_less_oob+0x20/0x38 [ 91.955301] kunit_try_run_case+0x114/0x298 [ 91.956145] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.957179] kthread+0x18c/0x1a8 [ 91.957851] ret_from_fork+0x10/0x20 [ 91.958564] [ 91.958918] Allocated by task 137: [ 91.959550] kasan_save_stack+0x3c/0x68 [ 91.960360] kasan_set_track+0x2c/0x40 [ 91.961156] kasan_save_alloc_info+0x24/0x38 [ 91.961977] __kasan_krealloc+0x10c/0x140 [ 91.962756] krealloc+0x10c/0x1a0 [ 91.963407] krealloc_less_oob_helper+0xd4/0x590 [ 91.964312] krealloc_less_oob+0x20/0x38 [ 91.965516] kunit_try_run_case+0x114/0x298 [ 91.966107] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.966834] kthread+0x18c/0x1a8 [ 91.967239] ret_from_fork+0x10/0x20 [ 91.967692] [ 91.967932] The buggy address belongs to the object at ffff0000c0b91800 [ 91.967932] which belongs to the cache kmalloc-256 of size 256 [ 91.969116] The buggy address is located 0 bytes to the right of [ 91.969116] allocated 201-byte region [ffff0000c0b91800, ffff0000c0b918c9) [ 91.970209] [ 91.970468] The buggy address belongs to the physical page: [ 91.971021] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 91.971913] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.972716] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 91.973420] page_type: 0xffffffff() [ 91.973854] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 91.974508] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 91.975140] page dumped because: kasan: bad access detected [ 91.975661] [ 91.975859] Memory state around the buggy address: [ 91.976364] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.977089] ffff0000c0b91800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.977753] >ffff0000c0b91880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 91.978445] ^ [ 91.979098] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.980109] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.981472] ================================================================== [ 91.984642] ================================================================== [ 91.985186] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x140/0x590 [ 91.985890] Write of size 1 at addr ffff0000c0b918d0 by task kunit_try_catch/137 [ 91.986550] [ 91.986977] CPU: 1 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.987914] Hardware name: linux,dummy-virt (DT) [ 91.988580] Call trace: [ 91.988831] dump_backtrace+0x9c/0x128 [ 91.989338] show_stack+0x20/0x38 [ 91.989917] dump_stack_lvl+0x60/0xb0 [ 91.990366] print_report+0xf8/0x5e8 [ 91.991549] kasan_report+0xdc/0x128 [ 91.991998] __asan_store1+0x60/0x70 [ 91.992499] krealloc_less_oob_helper+0x140/0x590 [ 91.993222] krealloc_less_oob+0x20/0x38 [ 91.993675] kunit_try_run_case+0x114/0x298 [ 91.994159] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.994806] kthread+0x18c/0x1a8 [ 91.995227] ret_from_fork+0x10/0x20 [ 91.995692] [ 91.995905] Allocated by task 137: [ 91.996297] kasan_save_stack+0x3c/0x68 [ 91.996804] kasan_set_track+0x2c/0x40 [ 91.997253] kasan_save_alloc_info+0x24/0x38 [ 91.997713] __kasan_krealloc+0x10c/0x140 [ 91.998190] krealloc+0x10c/0x1a0 [ 91.998602] krealloc_less_oob_helper+0xd4/0x590 [ 91.999107] krealloc_less_oob+0x20/0x38 [ 91.999452] kunit_try_run_case+0x114/0x298 [ 91.999885] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.000560] kthread+0x18c/0x1a8 [ 92.000955] ret_from_fork+0x10/0x20 [ 92.001439] [ 92.001638] The buggy address belongs to the object at ffff0000c0b91800 [ 92.001638] which belongs to the cache kmalloc-256 of size 256 [ 92.002522] The buggy address is located 7 bytes to the right of [ 92.002522] allocated 201-byte region [ffff0000c0b91800, ffff0000c0b918c9) [ 92.003432] [ 92.003642] The buggy address belongs to the physical page: [ 92.004192] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 92.005073] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.005815] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 92.006467] page_type: 0xffffffff() [ 92.006873] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 92.007555] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.008236] page dumped because: kasan: bad access detected [ 92.008774] [ 92.008999] Memory state around the buggy address: [ 92.009442] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.010116] ffff0000c0b91800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.010833] >ffff0000c0b91880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 92.011407] ^ [ 92.011976] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.012733] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.013366] ================================================================== [ 92.048055] ================================================================== [ 92.048591] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1b8/0x590 [ 92.049717] Write of size 1 at addr ffff0000c0b918ea by task kunit_try_catch/137 [ 92.050502] [ 92.050805] CPU: 1 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.051778] Hardware name: linux,dummy-virt (DT) [ 92.052290] Call trace: [ 92.052622] dump_backtrace+0x9c/0x128 [ 92.053109] show_stack+0x20/0x38 [ 92.053647] dump_stack_lvl+0x60/0xb0 [ 92.054121] print_report+0xf8/0x5e8 [ 92.054595] kasan_report+0xdc/0x128 [ 92.055110] __asan_store1+0x60/0x70 [ 92.055592] krealloc_less_oob_helper+0x1b8/0x590 [ 92.056158] krealloc_less_oob+0x20/0x38 [ 92.056723] kunit_try_run_case+0x114/0x298 [ 92.057264] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.057914] kthread+0x18c/0x1a8 [ 92.058369] ret_from_fork+0x10/0x20 [ 92.058823] [ 92.059054] Allocated by task 137: [ 92.059438] kasan_save_stack+0x3c/0x68 [ 92.059954] kasan_set_track+0x2c/0x40 [ 92.060463] kasan_save_alloc_info+0x24/0x38 [ 92.060950] __kasan_krealloc+0x10c/0x140 [ 92.061351] krealloc+0x10c/0x1a0 [ 92.061730] krealloc_less_oob_helper+0xd4/0x590 [ 92.062317] krealloc_less_oob+0x20/0x38 [ 92.063480] kunit_try_run_case+0x114/0x298 [ 92.063961] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.064723] kthread+0x18c/0x1a8 [ 92.065200] ret_from_fork+0x10/0x20 [ 92.065765] [ 92.065964] The buggy address belongs to the object at ffff0000c0b91800 [ 92.065964] which belongs to the cache kmalloc-256 of size 256 [ 92.067031] The buggy address is located 33 bytes to the right of [ 92.067031] allocated 201-byte region [ffff0000c0b91800, ffff0000c0b918c9) [ 92.068210] [ 92.068494] The buggy address belongs to the physical page: [ 92.069069] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 92.069921] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.070657] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 92.071208] page_type: 0xffffffff() [ 92.071897] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 92.072806] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 92.073561] page dumped because: kasan: bad access detected [ 92.074150] [ 92.074462] Memory state around the buggy address: [ 92.075130] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.075791] ffff0000c0b91800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.076450] >ffff0000c0b91880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 92.077081] ^ [ 92.077816] ffff0000c0b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.078359] ffff0000c0b91980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.078919] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
Automatically assigned
[ 91.824619] ================================================================== [ 91.825935] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x138/0x380 [ 91.827441] Write of size 1 at addr ffff0000c0b916eb by task kunit_try_catch/135 [ 91.828392] [ 91.828936] CPU: 1 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.830168] Hardware name: linux,dummy-virt (DT) [ 91.831007] Call trace: [ 91.831522] dump_backtrace+0x9c/0x128 [ 91.832453] show_stack+0x20/0x38 [ 91.833233] dump_stack_lvl+0x60/0xb0 [ 91.834064] print_report+0xf8/0x5e8 [ 91.834754] kasan_report+0xdc/0x128 [ 91.835590] __asan_store1+0x60/0x70 [ 91.836468] krealloc_more_oob_helper+0x138/0x380 [ 91.837446] krealloc_more_oob+0x20/0x38 [ 91.838237] kunit_try_run_case+0x114/0x298 [ 91.839161] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.840214] kthread+0x18c/0x1a8 [ 91.840961] ret_from_fork+0x10/0x20 [ 91.841768] [ 91.842188] Allocated by task 135: [ 91.842837] kasan_save_stack+0x3c/0x68 [ 91.843639] kasan_set_track+0x2c/0x40 [ 91.844490] kasan_save_alloc_info+0x24/0x38 [ 91.845306] __kasan_krealloc+0x10c/0x140 [ 91.846132] krealloc+0x10c/0x1a0 [ 91.846830] krealloc_more_oob_helper+0xd4/0x380 [ 91.847671] krealloc_more_oob+0x20/0x38 [ 91.848517] kunit_try_run_case+0x114/0x298 [ 91.849379] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.850250] kthread+0x18c/0x1a8 [ 91.850790] ret_from_fork+0x10/0x20 [ 91.851544] [ 91.851998] The buggy address belongs to the object at ffff0000c0b91600 [ 91.851998] which belongs to the cache kmalloc-256 of size 256 [ 91.853623] The buggy address is located 0 bytes to the right of [ 91.853623] allocated 235-byte region [ffff0000c0b91600, ffff0000c0b916eb) [ 91.855235] [ 91.855717] The buggy address belongs to the physical page: [ 91.856631] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 91.857911] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.859017] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 91.860161] page_type: 0xffffffff() [ 91.860981] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 91.862036] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 91.863033] page dumped because: kasan: bad access detected [ 91.863895] [ 91.864288] Memory state around the buggy address: [ 91.865164] ffff0000c0b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.866217] ffff0000c0b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.867254] >ffff0000c0b91680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 91.868253] ^ [ 91.869334] ffff0000c0b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.870358] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.871316] ================================================================== [ 91.874377] ================================================================== [ 91.875610] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x168/0x380 [ 91.877092] Write of size 1 at addr ffff0000c0b916f0 by task kunit_try_catch/135 [ 91.878293] [ 91.878777] CPU: 1 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.879944] Hardware name: linux,dummy-virt (DT) [ 91.880700] Call trace: [ 91.881262] dump_backtrace+0x9c/0x128 [ 91.882024] show_stack+0x20/0x38 [ 91.882691] dump_stack_lvl+0x60/0xb0 [ 91.883364] print_report+0xf8/0x5e8 [ 91.885179] kasan_report+0xdc/0x128 [ 91.886202] __asan_store1+0x60/0x70 [ 91.886999] krealloc_more_oob_helper+0x168/0x380 [ 91.887918] krealloc_more_oob+0x20/0x38 [ 91.888726] kunit_try_run_case+0x114/0x298 [ 91.889585] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.890572] kthread+0x18c/0x1a8 [ 91.891251] ret_from_fork+0x10/0x20 [ 91.891990] [ 91.892358] Allocated by task 135: [ 91.893048] kasan_save_stack+0x3c/0x68 [ 91.893850] kasan_set_track+0x2c/0x40 [ 91.894572] kasan_save_alloc_info+0x24/0x38 [ 91.895422] __kasan_krealloc+0x10c/0x140 [ 91.896286] krealloc+0x10c/0x1a0 [ 91.897020] krealloc_more_oob_helper+0xd4/0x380 [ 91.897847] krealloc_more_oob+0x20/0x38 [ 91.898578] kunit_try_run_case+0x114/0x298 [ 91.899369] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.900371] kthread+0x18c/0x1a8 [ 91.901049] ret_from_fork+0x10/0x20 [ 91.901805] [ 91.902149] The buggy address belongs to the object at ffff0000c0b91600 [ 91.902149] which belongs to the cache kmalloc-256 of size 256 [ 91.903727] The buggy address is located 5 bytes to the right of [ 91.903727] allocated 235-byte region [ffff0000c0b91600, ffff0000c0b916eb) [ 91.905398] [ 91.905807] The buggy address belongs to the physical page: [ 91.906692] page:00000000c3af2b0d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b90 [ 91.908032] head:00000000c3af2b0d order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.909280] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 91.910198] page_type: 0xffffffff() [ 91.910956] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 91.911892] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 91.912735] page dumped because: kasan: bad access detected [ 91.913386] [ 91.913762] Memory state around the buggy address: [ 91.914402] ffff0000c0b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.915619] ffff0000c0b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.916834] >ffff0000c0b91680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 91.917943] ^ [ 91.919034] ffff0000c0b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.921894] ffff0000c0b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.923091] ================================================================== [ 92.120882] ================================================================== [ 92.121666] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x138/0x380 [ 92.122330] Write of size 1 at addr ffff0000c601a0eb by task kunit_try_catch/139 [ 92.123292] [ 92.123521] CPU: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.124040] Hardware name: linux,dummy-virt (DT) [ 92.124433] Call trace: [ 92.124696] dump_backtrace+0x9c/0x128 [ 92.125113] show_stack+0x20/0x38 [ 92.125841] dump_stack_lvl+0x60/0xb0 [ 92.126403] print_report+0xf8/0x5e8 [ 92.126953] kasan_report+0xdc/0x128 [ 92.127304] __asan_store1+0x60/0x70 [ 92.128190] krealloc_more_oob_helper+0x138/0x380 [ 92.128833] krealloc_pagealloc_more_oob+0x20/0x38 [ 92.129341] kunit_try_run_case+0x114/0x298 [ 92.129866] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.131659] kthread+0x18c/0x1a8 [ 92.132061] ret_from_fork+0x10/0x20 [ 92.132424] [ 92.132655] The buggy address belongs to the physical page: [ 92.133271] page:00000000f1dbd5c8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106018 [ 92.134168] head:00000000f1dbd5c8 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.134939] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.135652] page_type: 0xffffffff() [ 92.136244] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.136879] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.137455] page dumped because: kasan: bad access detected [ 92.137910] [ 92.138115] Memory state around the buggy address: [ 92.138579] ffff0000c6019f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.139156] ffff0000c601a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.140281] >ffff0000c601a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 92.141007] ^ [ 92.142534] ffff0000c601a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.143240] ffff0000c601a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.144030] ================================================================== [ 92.145211] ================================================================== [ 92.145798] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x168/0x380 [ 92.146508] Write of size 1 at addr ffff0000c601a0f0 by task kunit_try_catch/139 [ 92.147055] [ 92.147359] CPU: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 92.148506] Hardware name: linux,dummy-virt (DT) [ 92.148858] Call trace: [ 92.149105] dump_backtrace+0x9c/0x128 [ 92.149722] show_stack+0x20/0x38 [ 92.150172] dump_stack_lvl+0x60/0xb0 [ 92.150845] print_report+0xf8/0x5e8 [ 92.151452] kasan_report+0xdc/0x128 [ 92.152014] __asan_store1+0x60/0x70 [ 92.152519] krealloc_more_oob_helper+0x168/0x380 [ 92.153001] krealloc_pagealloc_more_oob+0x20/0x38 [ 92.154269] kunit_try_run_case+0x114/0x298 [ 92.155971] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 92.157251] kthread+0x18c/0x1a8 [ 92.158016] ret_from_fork+0x10/0x20 [ 92.159189] [ 92.159643] The buggy address belongs to the physical page: [ 92.160665] page:00000000f1dbd5c8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106018 [ 92.162444] head:00000000f1dbd5c8 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 92.164235] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 92.165583] page_type: 0xffffffff() [ 92.166427] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 92.167729] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.169235] page dumped because: kasan: bad access detected [ 92.170273] [ 92.170750] Memory state around the buggy address: [ 92.171681] ffff0000c6019f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.173951] ffff0000c601a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 92.175274] >ffff0000c601a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 92.176752] ^ [ 92.177716] ffff0000c601a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.180958] ffff0000c601a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 92.181892] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
Automatically assigned
[ 91.758117] ================================================================== [ 91.759783] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xc8/0x1e0 [ 91.760874] Write of size 1 at addr ffff0000c1755f00 by task kunit_try_catch/133 [ 91.762496] [ 91.763199] CPU: 1 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.764173] Hardware name: linux,dummy-virt (DT) [ 91.765021] Call trace: [ 91.765495] dump_backtrace+0x9c/0x128 [ 91.766243] show_stack+0x20/0x38 [ 91.766956] dump_stack_lvl+0x60/0xb0 [ 91.767427] print_report+0xf8/0x5e8 [ 91.767973] kasan_report+0xdc/0x128 [ 91.769042] __asan_store1+0x60/0x70 [ 91.769805] kmalloc_large_oob_right+0xc8/0x1e0 [ 91.770635] kunit_try_run_case+0x114/0x298 [ 91.771576] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.772381] kthread+0x18c/0x1a8 [ 91.773181] ret_from_fork+0x10/0x20 [ 91.774014] [ 91.774390] Allocated by task 133: [ 91.775113] kasan_save_stack+0x3c/0x68 [ 91.776033] kasan_set_track+0x2c/0x40 [ 91.776871] kasan_save_alloc_info+0x24/0x38 [ 91.777642] __kasan_kmalloc+0xd4/0xd8 [ 91.778313] kmalloc_trace+0x68/0x130 [ 91.778941] kmalloc_large_oob_right+0x9c/0x1e0 [ 91.779772] kunit_try_run_case+0x114/0x298 [ 91.780930] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.781722] kthread+0x18c/0x1a8 [ 91.782483] ret_from_fork+0x10/0x20 [ 91.783580] [ 91.784017] The buggy address belongs to the object at ffff0000c1754000 [ 91.784017] which belongs to the cache kmalloc-8k of size 8192 [ 91.785693] The buggy address is located 0 bytes to the right of [ 91.785693] allocated 7936-byte region [ffff0000c1754000, ffff0000c1755f00) [ 91.787388] [ 91.787951] The buggy address belongs to the physical page: [ 91.788923] page:00000000eb75becb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101750 [ 91.790312] head:00000000eb75becb order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.791509] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 91.792811] page_type: 0xffffffff() [ 91.793663] raw: 0bfffc0000000840 ffff0000c0002280 dead000000000122 0000000000000000 [ 91.794813] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 91.796141] page dumped because: kasan: bad access detected [ 91.797155] [ 91.797496] Memory state around the buggy address: [ 91.798221] ffff0000c1755e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.799609] ffff0000c1755e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.800859] >ffff0000c1755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.801806] ^ [ 91.802352] ffff0000c1755f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.803872] ffff0000c1756000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.804964] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-pagealloc_uaf: Failure
Automatically assigned
[ 91.708263] ================================================================== [ 91.710082] BUG: KASAN: use-after-free in pagealloc_uaf+0xd4/0x1e8 [ 91.711362] Read of size 1 at addr ffff0000c6030000 by task kunit_try_catch/131 [ 91.712680] [ 91.713175] CPU: 1 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.714348] Hardware name: linux,dummy-virt (DT) [ 91.715379] Call trace: [ 91.715887] dump_backtrace+0x9c/0x128 [ 91.716635] show_stack+0x20/0x38 [ 91.717338] dump_stack_lvl+0x60/0xb0 [ 91.718100] print_report+0xf8/0x5e8 [ 91.719095] kasan_report+0xdc/0x128 [ 91.719856] __asan_load1+0x60/0x70 [ 91.720377] pagealloc_uaf+0xd4/0x1e8 [ 91.721109] kunit_try_run_case+0x114/0x298 [ 91.722086] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.723253] kthread+0x18c/0x1a8 [ 91.723969] ret_from_fork+0x10/0x20 [ 91.724808] [ 91.725255] The buggy address belongs to the physical page: [ 91.726160] page:000000002a5181b9 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106030 [ 91.727622] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 91.728756] page_type: 0xffffff7f(buddy) [ 91.729711] raw: 0bfffc0000000000 ffff0000ff5fc960 ffff0000ff5fc960 0000000000000000 [ 91.731463] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000 [ 91.732719] page dumped because: kasan: bad access detected [ 91.733684] [ 91.734064] Memory state around the buggy address: [ 91.735010] ffff0000c602ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.736433] ffff0000c602ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.737450] >ffff0000c6030000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.738598] ^ [ 91.739544] ffff0000c6030080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.740745] ffff0000c6030100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.741755] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
Automatically assigned
[ 91.634096] ================================================================== [ 91.635459] BUG: KASAN: invalid-free in kfree+0x12c/0x138 [ 91.636561] Free of addr ffff0000c5fb4001 by task kunit_try_catch/127 [ 91.637550] [ 91.637972] CPU: 0 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.639663] Hardware name: linux,dummy-virt (DT) [ 91.640519] Call trace: [ 91.641388] dump_backtrace+0x9c/0x128 [ 91.642092] show_stack+0x20/0x38 [ 91.642644] dump_stack_lvl+0x60/0xb0 [ 91.643562] print_report+0xf8/0x5e8 [ 91.644443] kasan_report_invalid_free+0xc0/0xe8 [ 91.645300] __kasan_kfree_large+0x54/0xa0 [ 91.646280] free_large_kmalloc+0x5c/0x100 [ 91.647168] kfree+0x12c/0x138 [ 91.647992] kmalloc_pagealloc_invalid_free+0xa8/0x1a8 [ 91.649164] kunit_try_run_case+0x114/0x298 [ 91.650151] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.653686] kthread+0x18c/0x1a8 [ 91.654261] ret_from_fork+0x10/0x20 [ 91.656665] [ 91.657887] The buggy address belongs to the physical page: [ 91.660993] page:000000004081e15d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fb4 [ 91.662362] head:000000004081e15d order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.663520] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 91.664792] page_type: 0xffffffff() [ 91.665711] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 91.666753] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 91.668042] page dumped because: kasan: bad access detected [ 91.669091] [ 91.669504] Memory state around the buggy address: [ 91.670296] ffff0000c5fb3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.671855] ffff0000c5fb3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.673190] >ffff0000c5fb4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.674223] ^ [ 91.674907] ffff0000c5fb4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.676680] ffff0000c5fb4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.677986] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf: Failure
Automatically assigned
[ 91.589113] ================================================================== [ 91.590516] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xac/0x1b0 [ 91.593020] Read of size 1 at addr ffff0000c5fa0000 by task kunit_try_catch/125 [ 91.594127] [ 91.594644] CPU: 1 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.596158] Hardware name: linux,dummy-virt (DT) [ 91.597074] Call trace: [ 91.597585] dump_backtrace+0x9c/0x128 [ 91.598350] show_stack+0x20/0x38 [ 91.599129] dump_stack_lvl+0x60/0xb0 [ 91.600063] print_report+0xf8/0x5e8 [ 91.600935] kasan_report+0xdc/0x128 [ 91.601762] __asan_load1+0x60/0x70 [ 91.602546] kmalloc_pagealloc_uaf+0xac/0x1b0 [ 91.603461] kunit_try_run_case+0x114/0x298 [ 91.604446] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.605506] kthread+0x18c/0x1a8 [ 91.606203] ret_from_fork+0x10/0x20 [ 91.607173] [ 91.607679] The buggy address belongs to the physical page: [ 91.608658] page:00000000fbc828a4 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa0 [ 91.609663] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 91.610137] page_type: 0xffffffff() [ 91.610494] raw: 0bfffc0000000000 fffffc000317e908 ffff0000daa2d4f8 0000000000000000 [ 91.611843] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 91.612794] page dumped because: kasan: bad access detected [ 91.613841] [ 91.614313] Memory state around the buggy address: [ 91.615199] ffff0000c5f9ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.616422] ffff0000c5f9ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.617338] >ffff0000c5fa0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.618397] ^ [ 91.619040] ffff0000c5fa0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.619642] ffff0000c5fa0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 91.620085] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right: Failure
Automatically assigned
[ 91.538644] ================================================================== [ 91.540293] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xac/0x1c0 [ 91.541447] Write of size 1 at addr ffff0000c5fa200a by task kunit_try_catch/123 [ 91.542530] [ 91.543026] CPU: 1 PID: 123 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.544587] Hardware name: linux,dummy-virt (DT) [ 91.545457] Call trace: [ 91.546033] dump_backtrace+0x9c/0x128 [ 91.546907] show_stack+0x20/0x38 [ 91.547706] dump_stack_lvl+0x60/0xb0 [ 91.548622] print_report+0xf8/0x5e8 [ 91.549489] kasan_report+0xdc/0x128 [ 91.550299] __asan_store1+0x60/0x70 [ 91.551135] kmalloc_pagealloc_oob_right+0xac/0x1c0 [ 91.552245] kunit_try_run_case+0x114/0x298 [ 91.553183] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.554201] kthread+0x18c/0x1a8 [ 91.555128] ret_from_fork+0x10/0x20 [ 91.555694] [ 91.556284] The buggy address belongs to the physical page: [ 91.557348] page:00000000fbc828a4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fa0 [ 91.558513] head:00000000fbc828a4 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.559596] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 91.560742] page_type: 0xffffffff() [ 91.561522] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 91.562498] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 91.563844] page dumped because: kasan: bad access detected [ 91.564973] [ 91.565445] Memory state around the buggy address: [ 91.566330] ffff0000c5fa1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.567446] ffff0000c5fa1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.568643] >ffff0000c5fa2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 91.569723] ^ [ 91.570488] ffff0000c5fa2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 91.571786] ffff0000c5fa2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 91.572927] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
Automatically assigned
[ 91.469451] ================================================================== [ 91.471228] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd0/0x1f0 [ 91.472342] Read of size 1 at addr ffff0000c5bff000 by task kunit_try_catch/121 [ 91.474082] [ 91.474895] CPU: 0 PID: 121 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.476666] Hardware name: linux,dummy-virt (DT) [ 91.477686] Call trace: [ 91.478289] dump_backtrace+0x9c/0x128 [ 91.479054] show_stack+0x20/0x38 [ 91.480037] dump_stack_lvl+0x60/0xb0 [ 91.480887] print_report+0xf8/0x5e8 [ 91.481658] kasan_report+0xdc/0x128 [ 91.482400] __asan_load1+0x60/0x70 [ 91.484151] kmalloc_node_oob_right+0xd0/0x1f0 [ 91.484967] kunit_try_run_case+0x114/0x298 [ 91.485437] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.486646] kthread+0x18c/0x1a8 [ 91.487421] ret_from_fork+0x10/0x20 [ 91.488243] [ 91.489189] Allocated by task 121: [ 91.489797] kasan_save_stack+0x3c/0x68 [ 91.490651] kasan_set_track+0x2c/0x40 [ 91.492538] kasan_save_alloc_info+0x24/0x38 [ 91.493466] __kasan_kmalloc+0xd4/0xd8 [ 91.494330] kmalloc_node_trace+0x64/0x130 [ 91.495454] kmalloc_node_oob_right+0xa4/0x1f0 [ 91.496402] kunit_try_run_case+0x114/0x298 [ 91.497520] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.498517] kthread+0x18c/0x1a8 [ 91.499885] ret_from_fork+0x10/0x20 [ 91.500843] [ 91.501296] The buggy address belongs to the object at ffff0000c5bfe000 [ 91.501296] which belongs to the cache kmalloc-4k of size 4096 [ 91.503460] The buggy address is located 0 bytes to the right of [ 91.503460] allocated 4096-byte region [ffff0000c5bfe000, ffff0000c5bff000) [ 91.505366] [ 91.506034] The buggy address belongs to the physical page: [ 91.507902] page:000000000b68bfab refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105bf8 [ 91.509491] head:000000000b68bfab order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 91.510629] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 91.511853] page_type: 0xffffffff() [ 91.512695] raw: 0bfffc0000000840 ffff0000c0002140 dead000000000122 0000000000000000 [ 91.513995] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 91.515255] page dumped because: kasan: bad access detected [ 91.516821] [ 91.517321] Memory state around the buggy address: [ 91.518143] ffff0000c5bfef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.519437] ffff0000c5bfef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 91.519973] >ffff0000c5bff000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.520445] ^ [ 91.521109] ffff0000c5bff080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.522531] ffff0000c5bff100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.523541] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
Automatically assigned
[ 91.400649] ================================================================== [ 91.401974] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xc8/0x1f0 [ 91.403178] Read of size 1 at addr ffff0000c5c526bf by task kunit_try_catch/119 [ 91.404314] [ 91.404860] CPU: 1 PID: 119 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.406223] Hardware name: linux,dummy-virt (DT) [ 91.407078] Call trace: [ 91.407517] dump_backtrace+0x9c/0x128 [ 91.407922] show_stack+0x20/0x38 [ 91.408261] dump_stack_lvl+0x60/0xb0 [ 91.408656] print_report+0xf8/0x5e8 [ 91.409040] kasan_report+0xdc/0x128 [ 91.409457] __asan_load1+0x60/0x70 [ 91.410403] kmalloc_oob_left+0xc8/0x1f0 [ 91.411940] kunit_try_run_case+0x114/0x298 [ 91.413568] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.414576] kthread+0x18c/0x1a8 [ 91.415567] ret_from_fork+0x10/0x20 [ 91.416438] [ 91.417074] Allocated by task 1: [ 91.417843] kasan_save_stack+0x3c/0x68 [ 91.418655] kasan_set_track+0x2c/0x40 [ 91.419608] kasan_save_alloc_info+0x24/0x38 [ 91.420532] __kasan_kmalloc+0xd4/0xd8 [ 91.421476] __kmalloc_node_track_caller+0x74/0x1d0 [ 91.423295] kvasprintf+0xe0/0x180 [ 91.424043] __kthread_create_on_node+0x11c/0x250 [ 91.425346] kthread_create_on_node+0xe4/0x130 [ 91.426377] create_worker+0x160/0x3b8 [ 91.427272] alloc_unbound_pwq+0x418/0x428 [ 91.428237] apply_wqattrs_prepare+0x1b8/0x3c8 [ 91.429025] apply_workqueue_attrs_locked+0x6c/0xc0 [ 91.429996] alloc_workqueue+0x6dc/0x880 [ 91.430838] latency_fsnotify_init+0x28/0x60 [ 91.432049] do_one_initcall+0xb0/0x3e8 [ 91.432885] kernel_init_freeable+0x2b4/0x550 [ 91.433774] kernel_init+0x2c/0x1f8 [ 91.434571] ret_from_fork+0x10/0x20 [ 91.435453] [ 91.435936] The buggy address belongs to the object at ffff0000c5c526a0 [ 91.435936] which belongs to the cache kmalloc-16 of size 16 [ 91.437741] The buggy address is located 18 bytes to the right of [ 91.437741] allocated 13-byte region [ffff0000c5c526a0, ffff0000c5c526ad) [ 91.440011] [ 91.440496] The buggy address belongs to the physical page: [ 91.441509] page:00000000fbf36b17 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c52 [ 91.443139] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 91.444780] page_type: 0xffffffff() [ 91.445258] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 91.445795] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 91.446259] page dumped because: kasan: bad access detected [ 91.447574] [ 91.447906] Memory state around the buggy address: [ 91.448462] ffff0000c5c52580: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 91.449221] ffff0000c5c52600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 91.450062] >ffff0000c5c52680: 00 04 fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 91.451499] ^ [ 91.452349] ffff0000c5c52700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.453167] ffff0000c5c52780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.453982] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
Automatically assigned
[ 91.232884] ================================================================== [ 91.234248] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xc8/0x308 [ 91.236527] Write of size 1 at addr ffff0000c5f2ab73 by task kunit_try_catch/117 [ 91.237567] [ 91.238354] CPU: 0 PID: 117 Comm: kunit_try_catch Tainted: G N 6.6.94-rc1 #1 [ 91.239568] Hardware name: linux,dummy-virt (DT) [ 91.240736] Call trace: [ 91.241182] dump_backtrace+0x9c/0x128 [ 91.242029] show_stack+0x20/0x38 [ 91.242713] dump_stack_lvl+0x60/0xb0 [ 91.243432] print_report+0xf8/0x5e8 [ 91.244252] kasan_report+0xdc/0x128 [ 91.245085] __asan_store1+0x60/0x70 [ 91.245961] kmalloc_oob_right+0xc8/0x308 [ 91.246766] kunit_try_run_case+0x114/0x298 [ 91.247672] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.248736] kthread+0x18c/0x1a8 [ 91.249484] ret_from_fork+0x10/0x20 [ 91.250483] [ 91.250897] Allocated by task 117: [ 91.251603] kasan_save_stack+0x3c/0x68 [ 91.252440] kasan_set_track+0x2c/0x40 [ 91.253256] kasan_save_alloc_info+0x24/0x38 [ 91.254066] __kasan_kmalloc+0xd4/0xd8 [ 91.254854] kmalloc_trace+0x68/0x130 [ 91.255536] kmalloc_oob_right+0xa0/0x308 [ 91.256466] kunit_try_run_case+0x114/0x298 [ 91.257344] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.258307] kthread+0x18c/0x1a8 [ 91.259729] ret_from_fork+0x10/0x20 [ 91.260549] [ 91.261015] The buggy address belongs to the object at ffff0000c5f2ab00 [ 91.261015] which belongs to the cache kmalloc-128 of size 128 [ 91.262932] The buggy address is located 0 bytes to the right of [ 91.262932] allocated 115-byte region [ffff0000c5f2ab00, ffff0000c5f2ab73) [ 91.264779] [ 91.265465] The buggy address belongs to the physical page: [ 91.266709] page:00000000b9a49c63 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f2a [ 91.268430] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 91.269725] page_type: 0xffffffff() [ 91.270957] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 91.272109] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 91.273445] page dumped because: kasan: bad access detected [ 91.274440] [ 91.274923] Memory state around the buggy address: [ 91.276116] ffff0000c5f2aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 91.277196] ffff0000c5f2aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.278300] >ffff0000c5f2ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 91.279379] ^ [ 91.280570] ffff0000c5f2ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.281748] ffff0000c5f2ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.282872] ================================================================== [ 91.332934] ================================================================== [ 91.334081] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x118/0x308 [ 91.335296] Read of size 1 at addr ffff0000c5f2ab80 by task kunit_try_catch/117 [ 91.336280] [ 91.336803] CPU: 1 PID: 117 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.338098] Hardware name: linux,dummy-virt (DT) [ 91.338878] Call trace: [ 91.339359] dump_backtrace+0x9c/0x128 [ 91.340207] show_stack+0x20/0x38 [ 91.341019] dump_stack_lvl+0x60/0xb0 [ 91.341784] print_report+0xf8/0x5e8 [ 91.342563] kasan_report+0xdc/0x128 [ 91.343364] __asan_load1+0x60/0x70 [ 91.344229] kmalloc_oob_right+0x118/0x308 [ 91.345133] kunit_try_run_case+0x114/0x298 [ 91.346035] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.347156] kthread+0x18c/0x1a8 [ 91.347927] ret_from_fork+0x10/0x20 [ 91.348769] [ 91.349235] Allocated by task 117: [ 91.349954] kasan_save_stack+0x3c/0x68 [ 91.350813] kasan_set_track+0x2c/0x40 [ 91.351542] kasan_save_alloc_info+0x24/0x38 [ 91.352340] __kasan_kmalloc+0xd4/0xd8 [ 91.353220] kmalloc_trace+0x68/0x130 [ 91.353991] kmalloc_oob_right+0xa0/0x308 [ 91.354812] kunit_try_run_case+0x114/0x298 [ 91.355673] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.356745] kthread+0x18c/0x1a8 [ 91.357460] ret_from_fork+0x10/0x20 [ 91.358236] [ 91.358633] The buggy address belongs to the object at ffff0000c5f2ab00 [ 91.358633] which belongs to the cache kmalloc-128 of size 128 [ 91.360226] The buggy address is located 13 bytes to the right of [ 91.360226] allocated 115-byte region [ffff0000c5f2ab00, ffff0000c5f2ab73) [ 91.361942] [ 91.362388] The buggy address belongs to the physical page: [ 91.363304] page:00000000b9a49c63 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f2a [ 91.364612] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 91.365746] page_type: 0xffffffff() [ 91.366531] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 91.367657] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 91.368829] page dumped because: kasan: bad access detected [ 91.369746] [ 91.370154] Memory state around the buggy address: [ 91.371014] ffff0000c5f2aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.372135] ffff0000c5f2ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 91.373309] >ffff0000c5f2ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.374300] ^ [ 91.374919] ffff0000c5f2ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.375942] ffff0000c5f2ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.376991] ================================================================== [ 91.288834] ================================================================== [ 91.289984] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xf0/0x308 [ 91.292115] Write of size 1 at addr ffff0000c5f2ab78 by task kunit_try_catch/117 [ 91.293131] [ 91.293373] CPU: 1 PID: 117 Comm: kunit_try_catch Tainted: G B N 6.6.94-rc1 #1 [ 91.293913] Hardware name: linux,dummy-virt (DT) [ 91.294228] Call trace: [ 91.294463] dump_backtrace+0x9c/0x128 [ 91.294845] show_stack+0x20/0x38 [ 91.295178] dump_stack_lvl+0x60/0xb0 [ 91.295715] print_report+0xf8/0x5e8 [ 91.296293] kasan_report+0xdc/0x128 [ 91.297312] __asan_store1+0x60/0x70 [ 91.298336] kmalloc_oob_right+0xf0/0x308 [ 91.299156] kunit_try_run_case+0x114/0x298 [ 91.299612] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.300119] kthread+0x18c/0x1a8 [ 91.300497] ret_from_fork+0x10/0x20 [ 91.301481] [ 91.301925] Allocated by task 117: [ 91.302646] kasan_save_stack+0x3c/0x68 [ 91.303534] kasan_set_track+0x2c/0x40 [ 91.304419] kasan_save_alloc_info+0x24/0x38 [ 91.305321] __kasan_kmalloc+0xd4/0xd8 [ 91.306206] kmalloc_trace+0x68/0x130 [ 91.306985] kmalloc_oob_right+0xa0/0x308 [ 91.307844] kunit_try_run_case+0x114/0x298 [ 91.308770] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 91.309847] kthread+0x18c/0x1a8 [ 91.310541] ret_from_fork+0x10/0x20 [ 91.311351] [ 91.311816] The buggy address belongs to the object at ffff0000c5f2ab00 [ 91.311816] which belongs to the cache kmalloc-128 of size 128 [ 91.313491] The buggy address is located 5 bytes to the right of [ 91.313491] allocated 115-byte region [ffff0000c5f2ab00, ffff0000c5f2ab73) [ 91.314881] [ 91.315424] The buggy address belongs to the physical page: [ 91.316351] page:00000000b9a49c63 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f2a [ 91.317720] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 91.318845] page_type: 0xffffffff() [ 91.319738] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 91.320940] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 91.322060] page dumped because: kasan: bad access detected [ 91.322996] [ 91.323481] Memory state around the buggy address: [ 91.324427] ffff0000c5f2aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 91.325539] ffff0000c5f2aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.326628] >ffff0000c5f2ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 91.327673] ^ [ 91.328839] ffff0000c5f2ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.329889] ffff0000c5f2ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.330923] ==================================================================