Date
Nov. 20, 2024, 6:35 a.m.
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 28.757043] ================================================================== [ 28.757833] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 28.758438] Free of addr ffff8881025fee80 by task kunit_try_catch/199 [ 28.759272] [ 28.759440] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.760444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.760889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.761604] Call Trace: [ 28.764357] <TASK> [ 28.765002] dump_stack_lvl+0x73/0xb0 [ 28.766365] print_report+0xd1/0x640 [ 28.767386] ? __virt_addr_valid+0x1db/0x2d0 [ 28.768888] ? kfree_sensitive+0x2e/0x90 [ 28.770191] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.771534] ? kfree_sensitive+0x2e/0x90 [ 28.773654] kasan_report_invalid_free+0xc0/0xf0 [ 28.775135] ? kfree_sensitive+0x2e/0x90 [ 28.776308] ? kfree_sensitive+0x2e/0x90 [ 28.776960] check_slab_allocation+0x101/0x130 [ 28.777399] __kasan_slab_pre_free+0x28/0x40 [ 28.777921] kfree+0xf1/0x3f0 [ 28.778334] ? kfree_sensitive+0x2e/0x90 [ 28.778763] kfree_sensitive+0x2e/0x90 [ 28.779244] kmalloc_double_kzfree+0x19d/0x360 [ 28.779640] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 28.780355] ? __schedule+0xc3e/0x2790 [ 28.780790] ? __pfx_read_tsc+0x10/0x10 [ 28.781318] ? ktime_get_ts64+0x84/0x230 [ 28.781880] kunit_try_run_case+0x1b3/0x490 [ 28.782708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.783303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.783857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.784443] ? __kthread_parkme+0x82/0x160 [ 28.784937] ? preempt_count_sub+0x50/0x80 [ 28.785291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.785869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.786630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.787398] kthread+0x257/0x310 [ 28.787777] ? __pfx_kthread+0x10/0x10 [ 28.788458] ret_from_fork+0x41/0x80 [ 28.788917] ? __pfx_kthread+0x10/0x10 [ 28.789448] ret_from_fork_asm+0x1a/0x30 [ 28.789899] </TASK> [ 28.790306] [ 28.790513] Allocated by task 199: [ 28.790968] kasan_save_stack+0x3d/0x60 [ 28.791276] kasan_save_track+0x18/0x40 [ 28.791898] kasan_save_alloc_info+0x3b/0x50 [ 28.792501] __kasan_kmalloc+0xb7/0xc0 [ 28.792820] __kmalloc_cache_noprof+0x184/0x410 [ 28.793344] kmalloc_double_kzfree+0xaa/0x360 [ 28.794263] kunit_try_run_case+0x1b3/0x490 [ 28.794714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.795255] kthread+0x257/0x310 [ 28.795705] ret_from_fork+0x41/0x80 [ 28.796075] ret_from_fork_asm+0x1a/0x30 [ 28.796728] [ 28.796958] Freed by task 199: [ 28.797380] kasan_save_stack+0x3d/0x60 [ 28.797782] kasan_save_track+0x18/0x40 [ 28.798201] kasan_save_free_info+0x3f/0x60 [ 28.798523] __kasan_slab_free+0x56/0x70 [ 28.799021] kfree+0x123/0x3f0 [ 28.799806] kfree_sensitive+0x67/0x90 [ 28.800377] kmalloc_double_kzfree+0x12c/0x360 [ 28.800967] kunit_try_run_case+0x1b3/0x490 [ 28.802068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.802603] kthread+0x257/0x310 [ 28.802977] ret_from_fork+0x41/0x80 [ 28.803468] ret_from_fork_asm+0x1a/0x30 [ 28.803907] [ 28.804406] The buggy address belongs to the object at ffff8881025fee80 [ 28.804406] which belongs to the cache kmalloc-16 of size 16 [ 28.805446] The buggy address is located 0 bytes inside of [ 28.805446] 16-byte region [ffff8881025fee80, ffff8881025fee90) [ 28.806512] [ 28.806803] The buggy address belongs to the physical page: [ 28.807270] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 28.808220] flags: 0x200000000000000(node=0|zone=2) [ 28.808656] page_type: f5(slab) [ 28.809023] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.810016] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.810726] page dumped because: kasan: bad access detected [ 28.811410] [ 28.811640] Memory state around the buggy address: [ 28.812147] ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 28.812806] ffff8881025fee00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.813372] >ffff8881025fee80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.814182] ^ [ 28.814494] ffff8881025fef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.815573] ffff8881025fef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.816480] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 28.705418] ================================================================== [ 28.707367] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 28.708129] Read of size 1 at addr ffff8881025fee80 by task kunit_try_catch/199 [ 28.708798] [ 28.709166] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.710374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.710920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.711913] Call Trace: [ 28.712402] <TASK> [ 28.712757] dump_stack_lvl+0x73/0xb0 [ 28.713417] print_report+0xd1/0x640 [ 28.713988] ? __virt_addr_valid+0x1db/0x2d0 [ 28.714466] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.715152] kasan_report+0x102/0x140 [ 28.715841] ? kmalloc_double_kzfree+0x19d/0x360 [ 28.716491] ? kmalloc_double_kzfree+0x19d/0x360 [ 28.717192] ? kmalloc_double_kzfree+0x19d/0x360 [ 28.717575] __kasan_check_byte+0x3d/0x50 [ 28.718050] kfree_sensitive+0x22/0x90 [ 28.718489] kmalloc_double_kzfree+0x19d/0x360 [ 28.719024] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 28.719803] ? __schedule+0xc3e/0x2790 [ 28.720379] ? __pfx_read_tsc+0x10/0x10 [ 28.720864] ? ktime_get_ts64+0x84/0x230 [ 28.721419] kunit_try_run_case+0x1b3/0x490 [ 28.721865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.722443] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.722945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.723443] ? __kthread_parkme+0x82/0x160 [ 28.724011] ? preempt_count_sub+0x50/0x80 [ 28.724501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.725013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.725885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.726532] kthread+0x257/0x310 [ 28.726984] ? __pfx_kthread+0x10/0x10 [ 28.727386] ret_from_fork+0x41/0x80 [ 28.727906] ? __pfx_kthread+0x10/0x10 [ 28.728497] ret_from_fork_asm+0x1a/0x30 [ 28.729053] </TASK> [ 28.729417] [ 28.729682] Allocated by task 199: [ 28.730070] kasan_save_stack+0x3d/0x60 [ 28.730739] kasan_save_track+0x18/0x40 [ 28.731325] kasan_save_alloc_info+0x3b/0x50 [ 28.731771] __kasan_kmalloc+0xb7/0xc0 [ 28.732109] __kmalloc_cache_noprof+0x184/0x410 [ 28.732582] kmalloc_double_kzfree+0xaa/0x360 [ 28.733082] kunit_try_run_case+0x1b3/0x490 [ 28.733574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.734228] kthread+0x257/0x310 [ 28.734724] ret_from_fork+0x41/0x80 [ 28.735711] ret_from_fork_asm+0x1a/0x30 [ 28.736578] [ 28.736791] Freed by task 199: [ 28.737161] kasan_save_stack+0x3d/0x60 [ 28.738238] kasan_save_track+0x18/0x40 [ 28.738757] kasan_save_free_info+0x3f/0x60 [ 28.739137] __kasan_slab_free+0x56/0x70 [ 28.739872] kfree+0x123/0x3f0 [ 28.740217] kfree_sensitive+0x67/0x90 [ 28.740717] kmalloc_double_kzfree+0x12c/0x360 [ 28.741133] kunit_try_run_case+0x1b3/0x490 [ 28.741617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.742178] kthread+0x257/0x310 [ 28.742555] ret_from_fork+0x41/0x80 [ 28.743344] ret_from_fork_asm+0x1a/0x30 [ 28.743808] [ 28.744006] The buggy address belongs to the object at ffff8881025fee80 [ 28.744006] which belongs to the cache kmalloc-16 of size 16 [ 28.745304] The buggy address is located 0 bytes inside of [ 28.745304] freed 16-byte region [ffff8881025fee80, ffff8881025fee90) [ 28.746462] [ 28.746618] The buggy address belongs to the physical page: [ 28.747630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 28.748415] flags: 0x200000000000000(node=0|zone=2) [ 28.748848] page_type: f5(slab) [ 28.749253] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.749900] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.750551] page dumped because: kasan: bad access detected [ 28.751020] [ 28.751358] Memory state around the buggy address: [ 28.751819] ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 28.752490] ffff8881025fee00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.752945] >ffff8881025fee80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.753674] ^ [ 28.754493] ffff8881025fef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.754961] ffff8881025fef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.755826] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 28.580027] ================================================================== [ 28.581086] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 28.581905] Write of size 33 at addr ffff8881029dfe00 by task kunit_try_catch/193 [ 28.582595] [ 28.582873] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.583616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.584112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.584600] Call Trace: [ 28.585002] <TASK> [ 28.585360] dump_stack_lvl+0x73/0xb0 [ 28.585960] print_report+0xd1/0x640 [ 28.586263] ? __virt_addr_valid+0x1db/0x2d0 [ 28.586778] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.587500] kasan_report+0x102/0x140 [ 28.588010] ? kmalloc_uaf_memset+0x1a4/0x360 [ 28.588338] ? kmalloc_uaf_memset+0x1a4/0x360 [ 28.589086] kasan_check_range+0x10c/0x1c0 [ 28.589494] __asan_memset+0x27/0x50 [ 28.590173] kmalloc_uaf_memset+0x1a4/0x360 [ 28.590564] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 28.591162] ? __schedule+0xc3e/0x2790 [ 28.591455] ? __pfx_read_tsc+0x10/0x10 [ 28.591995] ? ktime_get_ts64+0x84/0x230 [ 28.592612] kunit_try_run_case+0x1b3/0x490 [ 28.593239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.593816] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.594296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.594921] ? __kthread_parkme+0x82/0x160 [ 28.595216] ? preempt_count_sub+0x50/0x80 [ 28.595622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.596309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.597093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.597680] kthread+0x257/0x310 [ 28.598015] ? __pfx_kthread+0x10/0x10 [ 28.598313] ret_from_fork+0x41/0x80 [ 28.598934] ? __pfx_kthread+0x10/0x10 [ 28.599777] ret_from_fork_asm+0x1a/0x30 [ 28.600130] </TASK> [ 28.600320] [ 28.600544] Allocated by task 193: [ 28.601286] kasan_save_stack+0x3d/0x60 [ 28.601659] kasan_save_track+0x18/0x40 [ 28.602075] kasan_save_alloc_info+0x3b/0x50 [ 28.602772] __kasan_kmalloc+0xb7/0xc0 [ 28.603192] __kmalloc_cache_noprof+0x184/0x410 [ 28.603493] kmalloc_uaf_memset+0xaa/0x360 [ 28.603986] kunit_try_run_case+0x1b3/0x490 [ 28.604524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.605207] kthread+0x257/0x310 [ 28.605526] ret_from_fork+0x41/0x80 [ 28.606765] ret_from_fork_asm+0x1a/0x30 [ 28.607092] [ 28.607374] Freed by task 193: [ 28.608198] kasan_save_stack+0x3d/0x60 [ 28.608892] kasan_save_track+0x18/0x40 [ 28.609381] kasan_save_free_info+0x3f/0x60 [ 28.609864] __kasan_slab_free+0x56/0x70 [ 28.610567] kfree+0x123/0x3f0 [ 28.611207] kmalloc_uaf_memset+0x12c/0x360 [ 28.611750] kunit_try_run_case+0x1b3/0x490 [ 28.612201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.612955] kthread+0x257/0x310 [ 28.613276] ret_from_fork+0x41/0x80 [ 28.613966] ret_from_fork_asm+0x1a/0x30 [ 28.614446] [ 28.614734] The buggy address belongs to the object at ffff8881029dfe00 [ 28.614734] which belongs to the cache kmalloc-64 of size 64 [ 28.616047] The buggy address is located 0 bytes inside of [ 28.616047] freed 64-byte region [ffff8881029dfe00, ffff8881029dfe40) [ 28.617195] [ 28.617448] The buggy address belongs to the physical page: [ 28.618038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 28.618841] flags: 0x200000000000000(node=0|zone=2) [ 28.619209] page_type: f5(slab) [ 28.619774] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.620744] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.621472] page dumped because: kasan: bad access detected [ 28.622105] [ 28.622482] Memory state around the buggy address: [ 28.623076] ffff8881029dfd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.623796] ffff8881029dfd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.624554] >ffff8881029dfe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.625323] ^ [ 28.625783] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.626458] ffff8881029dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.627129] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 181.118636] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 68.057606] ================================================================== [ 68.058274] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 68.058274] [ 68.059055] Use-after-free read at 0x(____ptrval____) (in kfence-#172): [ 68.059448] test_krealloc+0x6fd/0xbe0 [ 68.059978] kunit_try_run_case+0x1b3/0x490 [ 68.060445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 68.061067] kthread+0x257/0x310 [ 68.061335] ret_from_fork+0x41/0x80 [ 68.061612] ret_from_fork_asm+0x1a/0x30 [ 68.062294] [ 68.062548] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 68.062548] [ 68.063707] allocated by task 344 on cpu 1 at 68.056529s (0.007174s ago): [ 68.064279] test_alloc+0x35f/0x10d0 [ 68.064588] test_krealloc+0xae/0xbe0 [ 68.065184] kunit_try_run_case+0x1b3/0x490 [ 68.065817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 68.066255] kthread+0x257/0x310 [ 68.066904] ret_from_fork+0x41/0x80 [ 68.067477] ret_from_fork_asm+0x1a/0x30 [ 68.067881] [ 68.068235] freed by task 344 on cpu 1 at 68.056932s (0.011299s ago): [ 68.069044] krealloc_noprof+0x108/0x340 [ 68.069644] test_krealloc+0x227/0xbe0 [ 68.070205] kunit_try_run_case+0x1b3/0x490 [ 68.070789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 68.071344] kthread+0x257/0x310 [ 68.071875] ret_from_fork+0x41/0x80 [ 68.072283] ret_from_fork_asm+0x1a/0x30 [ 68.072802] [ 68.073086] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 68.074193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 68.074818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 68.075551] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 67.967451] ================================================================== [ 67.968110] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 67.968110] [ 67.969206] Use-after-free read at 0x(____ptrval____) (in kfence-#171): [ 67.969864] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 67.970324] kunit_try_run_case+0x1b3/0x490 [ 67.970707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.971498] kthread+0x257/0x310 [ 67.971972] ret_from_fork+0x41/0x80 [ 67.972385] ret_from_fork_asm+0x1a/0x30 [ 67.972808] [ 67.973050] kfence-#171: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 67.973050] [ 67.973839] allocated by task 342 on cpu 0 at 67.954404s (0.019431s ago): [ 67.974427] test_alloc+0x2a7/0x10d0 [ 67.975331] test_memcache_typesafe_by_rcu+0x170/0x670 [ 67.975908] kunit_try_run_case+0x1b3/0x490 [ 67.976424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.977130] kthread+0x257/0x310 [ 67.977510] ret_from_fork+0x41/0x80 [ 67.978125] ret_from_fork_asm+0x1a/0x30 [ 67.978514] [ 67.978795] freed by task 342 on cpu 0 at 67.954562s (0.024229s ago): [ 67.979346] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 67.979998] kunit_try_run_case+0x1b3/0x490 [ 67.980514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.981115] kthread+0x257/0x310 [ 67.981472] ret_from_fork+0x41/0x80 [ 67.982070] ret_from_fork_asm+0x1a/0x30 [ 67.982512] [ 67.982884] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 67.983891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.984290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.985311] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 43.945649] ================================================================== [ 43.946589] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 43.946589] [ 43.947974] Invalid read at 0x(____ptrval____): [ 43.948463] test_invalid_access+0xf1/0x210 [ 43.948980] kunit_try_run_case+0x1b3/0x490 [ 43.949439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.949952] kthread+0x257/0x310 [ 43.950693] ret_from_fork+0x41/0x80 [ 43.951605] ret_from_fork_asm+0x1a/0x30 [ 43.952387] [ 43.952611] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 43.954440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 43.954623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 43.955482] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 28.465781] ================================================================== [ 28.466933] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 28.467835] Read of size 64 at addr ffff888101ac7484 by task kunit_try_catch/189 [ 28.469408] [ 28.469605] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.471618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.472302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.473271] Call Trace: [ 28.473861] <TASK> [ 28.474211] dump_stack_lvl+0x73/0xb0 [ 28.474529] print_report+0xd1/0x640 [ 28.475127] ? __virt_addr_valid+0x1db/0x2d0 [ 28.475629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.476359] kasan_report+0x102/0x140 [ 28.476658] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 28.477450] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 28.478374] kasan_check_range+0x10c/0x1c0 [ 28.479092] __asan_memmove+0x27/0x70 [ 28.479944] kmalloc_memmove_invalid_size+0x170/0x330 [ 28.480863] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 28.481923] ? __schedule+0xc3e/0x2790 [ 28.482700] ? __pfx_read_tsc+0x10/0x10 [ 28.482917] ? ktime_get_ts64+0x84/0x230 [ 28.483110] kunit_try_run_case+0x1b3/0x490 [ 28.483308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.483516] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.483766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.484099] ? __kthread_parkme+0x82/0x160 [ 28.484444] ? preempt_count_sub+0x50/0x80 [ 28.485373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.486099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.486882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.487567] kthread+0x257/0x310 [ 28.489007] ? __pfx_kthread+0x10/0x10 [ 28.490874] ret_from_fork+0x41/0x80 [ 28.491778] ? __pfx_kthread+0x10/0x10 [ 28.493680] ret_from_fork_asm+0x1a/0x30 [ 28.494137] </TASK> [ 28.494462] [ 28.495055] Allocated by task 189: [ 28.495523] kasan_save_stack+0x3d/0x60 [ 28.495830] kasan_save_track+0x18/0x40 [ 28.496325] kasan_save_alloc_info+0x3b/0x50 [ 28.496913] __kasan_kmalloc+0xb7/0xc0 [ 28.497370] __kmalloc_cache_noprof+0x184/0x410 [ 28.497935] kmalloc_memmove_invalid_size+0xad/0x330 [ 28.499219] kunit_try_run_case+0x1b3/0x490 [ 28.499498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.499837] kthread+0x257/0x310 [ 28.500056] ret_from_fork+0x41/0x80 [ 28.500291] ret_from_fork_asm+0x1a/0x30 [ 28.500536] [ 28.500665] The buggy address belongs to the object at ffff888101ac7480 [ 28.500665] which belongs to the cache kmalloc-64 of size 64 [ 28.502506] The buggy address is located 4 bytes inside of [ 28.502506] allocated 64-byte region [ffff888101ac7480, ffff888101ac74c0) [ 28.504004] [ 28.504326] The buggy address belongs to the physical page: [ 28.504621] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac7 [ 28.505063] flags: 0x200000000000000(node=0|zone=2) [ 28.505763] page_type: f5(slab) [ 28.506016] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.506498] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.507110] page dumped because: kasan: bad access detected [ 28.507411] [ 28.507546] Memory state around the buggy address: [ 28.508292] ffff888101ac7380: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 28.508723] ffff888101ac7400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.509223] >ffff888101ac7480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 28.509657] ^ [ 28.509979] ffff888101ac7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.510459] ffff888101ac7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.511072] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 28.409732] ================================================================== [ 28.410735] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 28.411398] Read of size 18446744073709551614 at addr ffff8881029dfd04 by task kunit_try_catch/187 [ 28.413829] [ 28.414398] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.415908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.416957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.418200] Call Trace: [ 28.418797] <TASK> [ 28.419446] dump_stack_lvl+0x73/0xb0 [ 28.419964] print_report+0xd1/0x640 [ 28.420664] ? __virt_addr_valid+0x1db/0x2d0 [ 28.421542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.422436] kasan_report+0x102/0x140 [ 28.423002] ? kmalloc_memmove_negative_size+0x172/0x330 [ 28.424009] ? kmalloc_memmove_negative_size+0x172/0x330 [ 28.424764] kasan_check_range+0x10c/0x1c0 [ 28.425080] __asan_memmove+0x27/0x70 [ 28.426150] kmalloc_memmove_negative_size+0x172/0x330 [ 28.427028] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 28.428127] ? __schedule+0xc3e/0x2790 [ 28.428998] ? __pfx_read_tsc+0x10/0x10 [ 28.429443] ? ktime_get_ts64+0x84/0x230 [ 28.429908] kunit_try_run_case+0x1b3/0x490 [ 28.430914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.431508] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.432063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.432502] ? __kthread_parkme+0x82/0x160 [ 28.432983] ? preempt_count_sub+0x50/0x80 [ 28.433920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.434420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.435357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.435936] kthread+0x257/0x310 [ 28.436667] ? __pfx_kthread+0x10/0x10 [ 28.437084] ret_from_fork+0x41/0x80 [ 28.437543] ? __pfx_kthread+0x10/0x10 [ 28.437972] ret_from_fork_asm+0x1a/0x30 [ 28.438774] </TASK> [ 28.439140] [ 28.439487] Allocated by task 187: [ 28.439936] kasan_save_stack+0x3d/0x60 [ 28.440374] kasan_save_track+0x18/0x40 [ 28.440820] kasan_save_alloc_info+0x3b/0x50 [ 28.441457] __kasan_kmalloc+0xb7/0xc0 [ 28.442117] __kmalloc_cache_noprof+0x184/0x410 [ 28.442444] kmalloc_memmove_negative_size+0xad/0x330 [ 28.443638] kunit_try_run_case+0x1b3/0x490 [ 28.444327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.445053] kthread+0x257/0x310 [ 28.445499] ret_from_fork+0x41/0x80 [ 28.445919] ret_from_fork_asm+0x1a/0x30 [ 28.446377] [ 28.446940] The buggy address belongs to the object at ffff8881029dfd00 [ 28.446940] which belongs to the cache kmalloc-64 of size 64 [ 28.447977] The buggy address is located 4 bytes inside of [ 28.447977] 64-byte region [ffff8881029dfd00, ffff8881029dfd40) [ 28.449403] [ 28.449672] The buggy address belongs to the physical page: [ 28.450132] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 28.451054] flags: 0x200000000000000(node=0|zone=2) [ 28.451369] page_type: f5(slab) [ 28.451845] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.453015] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.454151] page dumped because: kasan: bad access detected [ 28.454858] [ 28.455012] Memory state around the buggy address: [ 28.455542] ffff8881029dfc00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 28.456527] ffff8881029dfc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.457488] >ffff8881029dfd00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 28.458445] ^ [ 28.458919] ffff8881029dfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.459591] ffff8881029dfe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.460637] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 43.720756] ================================================================== [ 43.721509] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 43.721509] [ 43.722232] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#167): [ 43.724019] test_kmalloc_aligned_oob_write+0x251/0x340 [ 43.724525] kunit_try_run_case+0x1b3/0x490 [ 43.725162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.725846] kthread+0x257/0x310 [ 43.726291] ret_from_fork+0x41/0x80 [ 43.726877] ret_from_fork_asm+0x1a/0x30 [ 43.727419] [ 43.727679] kfence-#167: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 43.727679] [ 43.728711] allocated by task 332 on cpu 0 at 43.720453s (0.008254s ago): [ 43.729527] test_alloc+0x35f/0x10d0 [ 43.730193] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 43.730603] kunit_try_run_case+0x1b3/0x490 [ 43.731225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.731907] kthread+0x257/0x310 [ 43.732231] ret_from_fork+0x41/0x80 [ 43.732689] ret_from_fork_asm+0x1a/0x30 [ 43.733244] [ 43.733450] freed by task 332 on cpu 0 at 43.720594s (0.012852s ago): [ 43.734085] test_kmalloc_aligned_oob_write+0x251/0x340 [ 43.734815] kunit_try_run_case+0x1b3/0x490 [ 43.735196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.735847] kthread+0x257/0x310 [ 43.736127] ret_from_fork+0x41/0x80 [ 43.736690] ret_from_fork_asm+0x1a/0x30 [ 43.737040] [ 43.737321] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 43.738150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 43.738453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 43.739579] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 43.616757] ================================================================== [ 43.617337] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 43.617337] [ 43.618266] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#166): [ 43.618915] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 43.619391] kunit_try_run_case+0x1b3/0x490 [ 43.619928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.620410] kthread+0x257/0x310 [ 43.620830] ret_from_fork+0x41/0x80 [ 43.621262] ret_from_fork_asm+0x1a/0x30 [ 43.621613] [ 43.621819] kfence-#166: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 43.621819] [ 43.622877] allocated by task 330 on cpu 0 at 43.616452s (0.006421s ago): [ 43.623303] test_alloc+0x35f/0x10d0 [ 43.623786] test_kmalloc_aligned_oob_read+0x106/0x570 [ 43.624393] kunit_try_run_case+0x1b3/0x490 [ 43.624752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.625355] kthread+0x257/0x310 [ 43.625668] ret_from_fork+0x41/0x80 [ 43.625971] ret_from_fork_asm+0x1a/0x30 [ 43.626490] [ 43.626777] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 43.627793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 43.628097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 43.628917] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 38.624761] ================================================================== [ 38.625465] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 38.625465] [ 38.626344] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#118): [ 38.627742] test_corruption+0x132/0x3e0 [ 38.628163] kunit_try_run_case+0x1b3/0x490 [ 38.628648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.629032] kthread+0x257/0x310 [ 38.629634] ret_from_fork+0x41/0x80 [ 38.630214] ret_from_fork_asm+0x1a/0x30 [ 38.630593] [ 38.630798] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.630798] [ 38.631845] allocated by task 320 on cpu 1 at 38.624563s (0.007278s ago): [ 38.632453] test_alloc+0x2a7/0x10d0 [ 38.633164] test_corruption+0xe7/0x3e0 [ 38.633596] kunit_try_run_case+0x1b3/0x490 [ 38.633997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.634367] kthread+0x257/0x310 [ 38.635014] ret_from_fork+0x41/0x80 [ 38.635585] ret_from_fork_asm+0x1a/0x30 [ 38.636117] [ 38.636353] freed by task 320 on cpu 1 at 38.624634s (0.011715s ago): [ 38.637002] test_corruption+0x132/0x3e0 [ 38.637286] kunit_try_run_case+0x1b3/0x490 [ 38.637582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.638408] kthread+0x257/0x310 [ 38.639162] ret_from_fork+0x41/0x80 [ 38.639590] ret_from_fork_asm+0x1a/0x30 [ 38.640086] [ 38.640294] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 38.641395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.641970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.642637] ================================================================== [ 38.416893] ================================================================== [ 38.417487] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 38.417487] [ 38.418222] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#116): [ 38.419123] test_corruption+0x2e1/0x3e0 [ 38.419554] kunit_try_run_case+0x1b3/0x490 [ 38.419898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.420498] kthread+0x257/0x310 [ 38.420911] ret_from_fork+0x41/0x80 [ 38.421270] ret_from_fork_asm+0x1a/0x30 [ 38.421641] [ 38.421905] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 38.421905] [ 38.422509] allocated by task 318 on cpu 0 at 38.416555s (0.005951s ago): [ 38.423211] test_alloc+0x35f/0x10d0 [ 38.423592] test_corruption+0x1cc/0x3e0 [ 38.424055] kunit_try_run_case+0x1b3/0x490 [ 38.424423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.425127] kthread+0x257/0x310 [ 38.425379] ret_from_fork+0x41/0x80 [ 38.425869] ret_from_fork_asm+0x1a/0x30 [ 38.426438] [ 38.426598] freed by task 318 on cpu 0 at 38.416671s (0.009923s ago): [ 38.427306] test_corruption+0x2e1/0x3e0 [ 38.427887] kunit_try_run_case+0x1b3/0x490 [ 38.428217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.428566] kthread+0x257/0x310 [ 38.429296] ret_from_fork+0x41/0x80 [ 38.429706] ret_from_fork_asm+0x1a/0x30 [ 38.430184] [ 38.430414] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 38.431426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.431864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.432492] ================================================================== [ 38.936672] ================================================================== [ 38.937432] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 38.937432] [ 38.938179] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#121): [ 38.939115] test_corruption+0x217/0x3e0 [ 38.939653] kunit_try_run_case+0x1b3/0x490 [ 38.940224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.940680] kthread+0x257/0x310 [ 38.941251] ret_from_fork+0x41/0x80 [ 38.941847] ret_from_fork_asm+0x1a/0x30 [ 38.942306] [ 38.942489] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.942489] [ 38.943408] allocated by task 320 on cpu 1 at 38.936505s (0.006899s ago): [ 38.944277] test_alloc+0x2a7/0x10d0 [ 38.944816] test_corruption+0x1cc/0x3e0 [ 38.945107] kunit_try_run_case+0x1b3/0x490 [ 38.945672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.946224] kthread+0x257/0x310 [ 38.946614] ret_from_fork+0x41/0x80 [ 38.946914] ret_from_fork_asm+0x1a/0x30 [ 38.947451] [ 38.947755] freed by task 320 on cpu 1 at 38.936567s (0.011183s ago): [ 38.948548] test_corruption+0x217/0x3e0 [ 38.949149] kunit_try_run_case+0x1b3/0x490 [ 38.949582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.950243] kthread+0x257/0x310 [ 38.950581] ret_from_fork+0x41/0x80 [ 38.950880] ret_from_fork_asm+0x1a/0x30 [ 38.951161] [ 38.951342] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 38.952594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.953162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.953773] ================================================================== [ 38.312649] ================================================================== [ 38.313334] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 38.313334] [ 38.314118] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#115): [ 38.315435] test_corruption+0x2d4/0x3e0 [ 38.316181] kunit_try_run_case+0x1b3/0x490 [ 38.316653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.317303] kthread+0x257/0x310 [ 38.317576] ret_from_fork+0x41/0x80 [ 38.318217] ret_from_fork_asm+0x1a/0x30 [ 38.318628] [ 38.318823] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 38.318823] [ 38.319615] allocated by task 318 on cpu 0 at 38.312451s (0.007160s ago): [ 38.320385] test_alloc+0x35f/0x10d0 [ 38.320773] test_corruption+0xe7/0x3e0 [ 38.321133] kunit_try_run_case+0x1b3/0x490 [ 38.321521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.322060] kthread+0x257/0x310 [ 38.322466] ret_from_fork+0x41/0x80 [ 38.322793] ret_from_fork_asm+0x1a/0x30 [ 38.323212] [ 38.323417] freed by task 318 on cpu 0 at 38.312556s (0.010857s ago): [ 38.324031] test_corruption+0x2d4/0x3e0 [ 38.324315] kunit_try_run_case+0x1b3/0x490 [ 38.324611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.325221] kthread+0x257/0x310 [ 38.325873] ret_from_fork+0x41/0x80 [ 38.326247] ret_from_fork_asm+0x1a/0x30 [ 38.326640] [ 38.326853] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 38.327547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.328058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.329124] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 38.104662] ================================================================== [ 38.105456] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 38.105456] [ 38.106304] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 38.107510] test_invalid_addr_free+0xfc/0x260 [ 38.108051] kunit_try_run_case+0x1b3/0x490 [ 38.108517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.109026] kthread+0x257/0x310 [ 38.109515] ret_from_fork+0x41/0x80 [ 38.109973] ret_from_fork_asm+0x1a/0x30 [ 38.110285] [ 38.110525] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.110525] [ 38.111365] allocated by task 316 on cpu 0 at 38.104536s (0.006824s ago): [ 38.112119] test_alloc+0x2a7/0x10d0 [ 38.112540] test_invalid_addr_free+0xdc/0x260 [ 38.113097] kunit_try_run_case+0x1b3/0x490 [ 38.113530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.114131] kthread+0x257/0x310 [ 38.114541] ret_from_fork+0x41/0x80 [ 38.115076] ret_from_fork_asm+0x1a/0x30 [ 38.115444] [ 38.115827] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 38.116739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.117065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.118065] ================================================================== [ 38.000591] ================================================================== [ 38.001265] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 38.001265] [ 38.001895] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 38.002428] test_invalid_addr_free+0x1e3/0x260 [ 38.002961] kunit_try_run_case+0x1b3/0x490 [ 38.003449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.003971] kthread+0x257/0x310 [ 38.004356] ret_from_fork+0x41/0x80 [ 38.004850] ret_from_fork_asm+0x1a/0x30 [ 38.005180] [ 38.005342] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 38.005342] [ 38.006327] allocated by task 314 on cpu 1 at 38.000452s (0.005872s ago): [ 38.007101] test_alloc+0x35f/0x10d0 [ 38.007370] test_invalid_addr_free+0xdc/0x260 [ 38.007895] kunit_try_run_case+0x1b3/0x490 [ 38.008504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.009038] kthread+0x257/0x310 [ 38.009426] ret_from_fork+0x41/0x80 [ 38.009867] ret_from_fork_asm+0x1a/0x30 [ 38.010284] [ 38.010474] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 38.011409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.011686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.012605] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 37.896792] ================================================================== [ 37.897368] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 37.897368] [ 37.897852] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 37.898811] test_double_free+0x113/0x260 [ 37.899173] kunit_try_run_case+0x1b3/0x490 [ 37.900185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.900633] kthread+0x257/0x310 [ 37.901131] ret_from_fork+0x41/0x80 [ 37.901503] ret_from_fork_asm+0x1a/0x30 [ 37.902313] [ 37.902507] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.902507] [ 37.903866] allocated by task 312 on cpu 0 at 37.896496s (0.007367s ago): [ 37.904740] test_alloc+0x2a7/0x10d0 [ 37.905052] test_double_free+0xdc/0x260 [ 37.905546] kunit_try_run_case+0x1b3/0x490 [ 37.906126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.906675] kthread+0x257/0x310 [ 37.907019] ret_from_fork+0x41/0x80 [ 37.907449] ret_from_fork_asm+0x1a/0x30 [ 37.907957] [ 37.908220] freed by task 312 on cpu 0 at 37.896556s (0.011659s ago): [ 37.908920] test_double_free+0xfb/0x260 [ 37.909457] kunit_try_run_case+0x1b3/0x490 [ 37.909979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.910598] kthread+0x257/0x310 [ 37.911045] ret_from_fork+0x41/0x80 [ 37.911369] ret_from_fork_asm+0x1a/0x30 [ 37.911932] [ 37.912256] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 37.913094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.913495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.914565] ================================================================== [ 37.792730] ================================================================== [ 37.793413] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 37.793413] [ 37.794084] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 37.794839] test_double_free+0x1d5/0x260 [ 37.795586] kunit_try_run_case+0x1b3/0x490 [ 37.796416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.797149] kthread+0x257/0x310 [ 37.797563] ret_from_fork+0x41/0x80 [ 37.798154] ret_from_fork_asm+0x1a/0x30 [ 37.798663] [ 37.799007] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.799007] [ 37.799976] allocated by task 310 on cpu 1 at 37.792473s (0.007498s ago): [ 37.800784] test_alloc+0x35f/0x10d0 [ 37.801328] test_double_free+0xdc/0x260 [ 37.801878] kunit_try_run_case+0x1b3/0x490 [ 37.802405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.802967] kthread+0x257/0x310 [ 37.803308] ret_from_fork+0x41/0x80 [ 37.803770] ret_from_fork_asm+0x1a/0x30 [ 37.804077] [ 37.804370] freed by task 310 on cpu 1 at 37.792548s (0.011817s ago): [ 37.804951] test_double_free+0x1e2/0x260 [ 37.805942] kunit_try_run_case+0x1b3/0x490 [ 37.806212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.806511] kthread+0x257/0x310 [ 37.806917] ret_from_fork+0x41/0x80 [ 37.807159] ret_from_fork_asm+0x1a/0x30 [ 37.807403] [ 37.807568] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 37.808216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.808494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.809681] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 37.480637] ================================================================== [ 37.481314] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 37.481314] [ 37.482111] Use-after-free read at 0x(____ptrval____) (in kfence-#107): [ 37.482919] test_use_after_free_read+0x12a/0x270 [ 37.483678] kunit_try_run_case+0x1b3/0x490 [ 37.484418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.485280] kthread+0x257/0x310 [ 37.485730] ret_from_fork+0x41/0x80 [ 37.486149] ret_from_fork_asm+0x1a/0x30 [ 37.486456] [ 37.486837] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.486837] [ 37.487678] allocated by task 304 on cpu 0 at 37.480487s (0.007187s ago): [ 37.488361] test_alloc+0x2a7/0x10d0 [ 37.488825] test_use_after_free_read+0xdd/0x270 [ 37.489168] kunit_try_run_case+0x1b3/0x490 [ 37.489815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.490256] kthread+0x257/0x310 [ 37.490848] ret_from_fork+0x41/0x80 [ 37.491140] ret_from_fork_asm+0x1a/0x30 [ 37.491770] [ 37.491930] freed by task 304 on cpu 0 at 37.480548s (0.011379s ago): [ 37.492761] test_use_after_free_read+0xfc/0x270 [ 37.493208] kunit_try_run_case+0x1b3/0x490 [ 37.493812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.494258] kthread+0x257/0x310 [ 37.494807] ret_from_fork+0x41/0x80 [ 37.495276] ret_from_fork_asm+0x1a/0x30 [ 37.495784] [ 37.495998] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 37.496954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.497452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.498225] ================================================================== [ 37.376777] ================================================================== [ 37.377222] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 37.377222] [ 37.377623] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 37.378674] test_use_after_free_read+0x12a/0x270 [ 37.379669] kunit_try_run_case+0x1b3/0x490 [ 37.380247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.380758] kthread+0x257/0x310 [ 37.381137] ret_from_fork+0x41/0x80 [ 37.381520] ret_from_fork_asm+0x1a/0x30 [ 37.381989] [ 37.382198] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.382198] [ 37.383128] allocated by task 302 on cpu 0 at 37.376463s (0.006661s ago): [ 37.383780] test_alloc+0x35f/0x10d0 [ 37.384202] test_use_after_free_read+0xdd/0x270 [ 37.384740] kunit_try_run_case+0x1b3/0x490 [ 37.385084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.385660] kthread+0x257/0x310 [ 37.386013] ret_from_fork+0x41/0x80 [ 37.386442] ret_from_fork_asm+0x1a/0x30 [ 37.386995] [ 37.387183] freed by task 302 on cpu 0 at 37.376542s (0.010637s ago): [ 37.387595] test_use_after_free_read+0x1e9/0x270 [ 37.388228] kunit_try_run_case+0x1b3/0x490 [ 37.388818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.389224] kthread+0x257/0x310 [ 37.389514] ret_from_fork+0x41/0x80 [ 37.390052] ret_from_fork_asm+0x1a/0x30 [ 37.390491] [ 37.390764] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 37.391580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.392083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.392855] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 37.273410] ================================================================== [ 37.273869] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 37.273869] [ 37.274526] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#105): [ 37.275139] test_out_of_bounds_write+0x10e/0x260 [ 37.275425] kunit_try_run_case+0x1b3/0x490 [ 37.275691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.276091] kthread+0x257/0x310 [ 37.276493] ret_from_fork+0x41/0x80 [ 37.276785] ret_from_fork_asm+0x1a/0x30 [ 37.277293] [ 37.277638] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.277638] [ 37.278254] allocated by task 300 on cpu 0 at 37.273341s (0.004909s ago): [ 37.278639] test_alloc+0x2a7/0x10d0 [ 37.279016] test_out_of_bounds_write+0xd5/0x260 [ 37.279550] kunit_try_run_case+0x1b3/0x490 [ 37.280088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.280460] kthread+0x257/0x310 [ 37.280684] ret_from_fork+0x41/0x80 [ 37.280969] ret_from_fork_asm+0x1a/0x30 [ 37.281219] [ 37.281387] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 37.282285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.282764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.283350] ================================================================== [ 37.168586] ================================================================== [ 37.169351] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 37.169351] [ 37.170327] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#104): [ 37.171292] test_out_of_bounds_write+0x10e/0x260 [ 37.172405] kunit_try_run_case+0x1b3/0x490 [ 37.173202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.173861] kthread+0x257/0x310 [ 37.174195] ret_from_fork+0x41/0x80 [ 37.174567] ret_from_fork_asm+0x1a/0x30 [ 37.175320] [ 37.175518] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.175518] [ 37.176516] allocated by task 298 on cpu 1 at 37.168465s (0.008047s ago): [ 37.177697] test_alloc+0x35f/0x10d0 [ 37.178112] test_out_of_bounds_write+0xd5/0x260 [ 37.178554] kunit_try_run_case+0x1b3/0x490 [ 37.179373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.180041] kthread+0x257/0x310 [ 37.180351] ret_from_fork+0x41/0x80 [ 37.180747] ret_from_fork_asm+0x1a/0x30 [ 37.181166] [ 37.181394] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 37.182705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.183467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.184663] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 36.753594] ================================================================== [ 36.755069] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 36.755069] [ 36.756222] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#100): [ 36.757480] test_out_of_bounds_read+0x217/0x4e0 [ 36.758248] kunit_try_run_case+0x1b3/0x490 [ 36.758694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.759536] kthread+0x257/0x310 [ 36.760024] ret_from_fork+0x41/0x80 [ 36.760417] ret_from_fork_asm+0x1a/0x30 [ 36.761774] [ 36.762069] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.762069] [ 36.762766] allocated by task 296 on cpu 1 at 36.753543s (0.009219s ago): [ 36.763869] test_alloc+0x2a7/0x10d0 [ 36.764265] test_out_of_bounds_read+0x1e3/0x4e0 [ 36.765307] kunit_try_run_case+0x1b3/0x490 [ 36.765987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.766442] kthread+0x257/0x310 [ 36.766769] ret_from_fork+0x41/0x80 [ 36.767525] ret_from_fork_asm+0x1a/0x30 [ 36.768074] [ 36.768290] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.769581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.770135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.771219] ================================================================== [ 36.440734] ================================================================== [ 36.441345] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 36.441345] [ 36.442469] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#97): [ 36.443165] test_out_of_bounds_read+0x217/0x4e0 [ 36.443731] kunit_try_run_case+0x1b3/0x490 [ 36.444214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.445002] kthread+0x257/0x310 [ 36.445284] ret_from_fork+0x41/0x80 [ 36.445816] ret_from_fork_asm+0x1a/0x30 [ 36.446430] [ 36.446585] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 36.446585] [ 36.448350] allocated by task 294 on cpu 0 at 36.440466s (0.007881s ago): [ 36.450311] test_alloc+0x35f/0x10d0 [ 36.450913] test_out_of_bounds_read+0x1e3/0x4e0 [ 36.452175] kunit_try_run_case+0x1b3/0x490 [ 36.452474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.453334] kthread+0x257/0x310 [ 36.453652] ret_from_fork+0x41/0x80 [ 36.453944] ret_from_fork_asm+0x1a/0x30 [ 36.454444] [ 36.454783] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.456593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.457301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.458494] ================================================================== [ 36.648484] ================================================================== [ 36.649218] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 36.649218] [ 36.650939] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#99): [ 36.652100] test_out_of_bounds_read+0x127/0x4e0 [ 36.652610] kunit_try_run_case+0x1b3/0x490 [ 36.653479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.654071] kthread+0x257/0x310 [ 36.654509] ret_from_fork+0x41/0x80 [ 36.654977] ret_from_fork_asm+0x1a/0x30 [ 36.655386] [ 36.655607] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.655607] [ 36.657035] allocated by task 296 on cpu 1 at 36.648421s (0.008611s ago): [ 36.657368] test_alloc+0x2a7/0x10d0 [ 36.657546] test_out_of_bounds_read+0xee/0x4e0 [ 36.658084] kunit_try_run_case+0x1b3/0x490 [ 36.659240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.659840] kthread+0x257/0x310 [ 36.660274] ret_from_fork+0x41/0x80 [ 36.661059] ret_from_fork_asm+0x1a/0x30 [ 36.661442] [ 36.661682] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.662501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.662984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.663784] ================================================================== [ 36.337835] ================================================================== [ 36.338542] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 36.338542] [ 36.339349] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#96): [ 36.339791] test_out_of_bounds_read+0x127/0x4e0 [ 36.340646] kunit_try_run_case+0x1b3/0x490 [ 36.341482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.342662] kthread+0x257/0x310 [ 36.343044] ret_from_fork+0x41/0x80 [ 36.343422] ret_from_fork_asm+0x1a/0x30 [ 36.343859] [ 36.344049] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 36.344049] [ 36.344995] allocated by task 294 on cpu 0 at 36.336429s (0.008561s ago): [ 36.346271] test_alloc+0x35f/0x10d0 [ 36.346725] test_out_of_bounds_read+0xee/0x4e0 [ 36.347256] kunit_try_run_case+0x1b3/0x490 [ 36.347852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.348386] kthread+0x257/0x310 [ 36.348850] ret_from_fork+0x41/0x80 [ 36.349368] ret_from_fork_asm+0x1a/0x30 [ 36.349963] [ 36.350264] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.351248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.351868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.352723] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 26.864310] ================================================================== [ 26.867070] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x289/0x530 [ 26.867070] [ 26.867952] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#52): [ 26.870078] kmalloc_track_caller_oob_right+0x289/0x530 [ 26.870944] kunit_try_run_case+0x1b3/0x490 [ 26.871459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.872011] kthread+0x257/0x310 [ 26.872370] ret_from_fork+0x41/0x80 [ 26.873864] ret_from_fork_asm+0x1a/0x30 [ 26.874163] [ 26.874568] kfence-#52: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 26.874568] [ 26.875458] allocated by task 149 on cpu 0 at 26.861544s (0.013802s ago): [ 26.876809] kmalloc_track_caller_oob_right+0x19b/0x530 [ 26.877966] kunit_try_run_case+0x1b3/0x490 [ 26.878481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.879473] kthread+0x257/0x310 [ 26.879830] ret_from_fork+0x41/0x80 [ 26.880014] ret_from_fork_asm+0x1a/0x30 [ 26.881144] [ 26.881993] freed by task 149 on cpu 0 at 26.863578s (0.018270s ago): [ 26.883861] kmalloc_track_caller_oob_right+0x289/0x530 [ 26.885326] kunit_try_run_case+0x1b3/0x490 [ 26.885586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.887255] kthread+0x257/0x310 [ 26.888449] ret_from_fork+0x41/0x80 [ 26.889148] ret_from_fork_asm+0x1a/0x30 [ 26.889462] [ 26.890711] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.892278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.892938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.893994] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 36.128250] ================================================================== [ 36.129317] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 36.130120] Write of size 1 at addr ffff888101adc778 by task kunit_try_catch/292 [ 36.130843] [ 36.131080] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.132034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.132402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.133160] Call Trace: [ 36.133520] <TASK> [ 36.133918] dump_stack_lvl+0x73/0xb0 [ 36.134233] print_report+0xd1/0x640 [ 36.134811] ? __virt_addr_valid+0x1db/0x2d0 [ 36.135306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.135916] kasan_report+0x102/0x140 [ 36.136204] ? strncpy_from_user+0x1a7/0x1e0 [ 36.136617] ? strncpy_from_user+0x1a7/0x1e0 [ 36.137276] __asan_report_store1_noabort+0x1b/0x30 [ 36.137934] strncpy_from_user+0x1a7/0x1e0 [ 36.138345] copy_user_test_oob+0x761/0x10f0 [ 36.139025] ? __pfx_copy_user_test_oob+0x10/0x10 [ 36.139502] ? finish_task_switch.isra.0+0x153/0x700 [ 36.140107] ? __switch_to+0x5d9/0xf60 [ 36.140653] ? __schedule+0xc3e/0x2790 [ 36.141316] ? __pfx_read_tsc+0x10/0x10 [ 36.141604] ? ktime_get_ts64+0x84/0x230 [ 36.142222] kunit_try_run_case+0x1b3/0x490 [ 36.142946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.143387] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 36.143917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 36.144499] ? __kthread_parkme+0x82/0x160 [ 36.145056] ? preempt_count_sub+0x50/0x80 [ 36.145536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.146196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.146837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.147541] kthread+0x257/0x310 [ 36.147992] ? __pfx_kthread+0x10/0x10 [ 36.148341] ret_from_fork+0x41/0x80 [ 36.148891] ? __pfx_kthread+0x10/0x10 [ 36.149310] ret_from_fork_asm+0x1a/0x30 [ 36.149732] </TASK> [ 36.150071] [ 36.150333] Allocated by task 292: [ 36.150626] kasan_save_stack+0x3d/0x60 [ 36.151154] kasan_save_track+0x18/0x40 [ 36.151587] kasan_save_alloc_info+0x3b/0x50 [ 36.152085] __kasan_kmalloc+0xb7/0xc0 [ 36.152448] __kmalloc_noprof+0x1c4/0x500 [ 36.152940] kunit_kmalloc_array+0x25/0x60 [ 36.153271] copy_user_test_oob+0xac/0x10f0 [ 36.153575] kunit_try_run_case+0x1b3/0x490 [ 36.153892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.154666] kthread+0x257/0x310 [ 36.155263] ret_from_fork+0x41/0x80 [ 36.155811] ret_from_fork_asm+0x1a/0x30 [ 36.156357] [ 36.156578] The buggy address belongs to the object at ffff888101adc700 [ 36.156578] which belongs to the cache kmalloc-128 of size 128 [ 36.158823] The buggy address is located 0 bytes to the right of [ 36.158823] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 36.161419] [ 36.161852] The buggy address belongs to the physical page: [ 36.162471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 36.163393] flags: 0x200000000000000(node=0|zone=2) [ 36.163691] page_type: f5(slab) [ 36.164191] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 36.164933] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.165551] page dumped because: kasan: bad access detected [ 36.166102] [ 36.166465] Memory state around the buggy address: [ 36.166944] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.168194] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.169449] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 36.170155] ^ [ 36.170824] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.171296] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.172133] ================================================================== [ 36.078765] ================================================================== [ 36.079592] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 36.080822] Write of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 36.081464] [ 36.081730] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.082769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.083286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.084113] Call Trace: [ 36.084449] <TASK> [ 36.084792] dump_stack_lvl+0x73/0xb0 [ 36.085182] print_report+0xd1/0x640 [ 36.085815] ? __virt_addr_valid+0x1db/0x2d0 [ 36.086203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.086916] kasan_report+0x102/0x140 [ 36.087278] ? strncpy_from_user+0x2e/0x1e0 [ 36.087780] ? strncpy_from_user+0x2e/0x1e0 [ 36.088289] kasan_check_range+0x10c/0x1c0 [ 36.088840] __kasan_check_write+0x18/0x20 [ 36.089363] strncpy_from_user+0x2e/0x1e0 [ 36.089912] ? __kasan_check_read+0x15/0x20 [ 36.090429] copy_user_test_oob+0x761/0x10f0 [ 36.090995] ? __pfx_copy_user_test_oob+0x10/0x10 [ 36.091513] ? finish_task_switch.isra.0+0x153/0x700 [ 36.092150] ? __switch_to+0x5d9/0xf60 [ 36.092669] ? __schedule+0xc3e/0x2790 [ 36.093216] ? __pfx_read_tsc+0x10/0x10 [ 36.093745] ? ktime_get_ts64+0x84/0x230 [ 36.094305] kunit_try_run_case+0x1b3/0x490 [ 36.094844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.095334] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 36.096190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 36.096786] ? __kthread_parkme+0x82/0x160 [ 36.097102] ? preempt_count_sub+0x50/0x80 [ 36.097607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.098498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.099231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.099722] kthread+0x257/0x310 [ 36.100186] ? __pfx_kthread+0x10/0x10 [ 36.100826] ret_from_fork+0x41/0x80 [ 36.101277] ? __pfx_kthread+0x10/0x10 [ 36.102121] ret_from_fork_asm+0x1a/0x30 [ 36.102805] </TASK> [ 36.103272] [ 36.103729] Allocated by task 292: [ 36.104138] kasan_save_stack+0x3d/0x60 [ 36.104908] kasan_save_track+0x18/0x40 [ 36.105313] kasan_save_alloc_info+0x3b/0x50 [ 36.105973] __kasan_kmalloc+0xb7/0xc0 [ 36.106606] __kmalloc_noprof+0x1c4/0x500 [ 36.107336] kunit_kmalloc_array+0x25/0x60 [ 36.107830] copy_user_test_oob+0xac/0x10f0 [ 36.108224] kunit_try_run_case+0x1b3/0x490 [ 36.109039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.109567] kthread+0x257/0x310 [ 36.110089] ret_from_fork+0x41/0x80 [ 36.110835] ret_from_fork_asm+0x1a/0x30 [ 36.111462] [ 36.111617] The buggy address belongs to the object at ffff888101adc700 [ 36.111617] which belongs to the cache kmalloc-128 of size 128 [ 36.113649] The buggy address is located 0 bytes inside of [ 36.113649] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 36.114952] [ 36.115400] The buggy address belongs to the physical page: [ 36.116208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 36.117017] flags: 0x200000000000000(node=0|zone=2) [ 36.117525] page_type: f5(slab) [ 36.118008] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 36.118793] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.119690] page dumped because: kasan: bad access detected [ 36.120460] [ 36.120632] Memory state around the buggy address: [ 36.121321] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.122167] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.123017] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 36.123602] ^ [ 36.124274] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.124555] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.125775] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 35.991465] ================================================================== [ 35.991998] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 35.992683] Write of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 35.994211] [ 35.994529] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.995900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.996505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.997578] Call Trace: [ 35.997939] <TASK> [ 35.998149] dump_stack_lvl+0x73/0xb0 [ 35.998857] print_report+0xd1/0x640 [ 35.999426] ? __virt_addr_valid+0x1db/0x2d0 [ 35.999984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.000857] kasan_report+0x102/0x140 [ 36.001556] ? copy_user_test_oob+0x558/0x10f0 [ 36.002063] ? copy_user_test_oob+0x558/0x10f0 [ 36.003014] kasan_check_range+0x10c/0x1c0 [ 36.003749] __kasan_check_write+0x18/0x20 [ 36.004212] copy_user_test_oob+0x558/0x10f0 [ 36.004580] ? __pfx_copy_user_test_oob+0x10/0x10 [ 36.005233] ? finish_task_switch.isra.0+0x153/0x700 [ 36.005923] ? __switch_to+0x5d9/0xf60 [ 36.006380] ? __schedule+0xc3e/0x2790 [ 36.006769] ? __pfx_read_tsc+0x10/0x10 [ 36.007262] ? ktime_get_ts64+0x84/0x230 [ 36.007657] kunit_try_run_case+0x1b3/0x490 [ 36.008233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.008903] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 36.009516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 36.009991] ? __kthread_parkme+0x82/0x160 [ 36.010681] ? preempt_count_sub+0x50/0x80 [ 36.011150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.011654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.012233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.012961] kthread+0x257/0x310 [ 36.013275] ? __pfx_kthread+0x10/0x10 [ 36.013784] ret_from_fork+0x41/0x80 [ 36.014208] ? __pfx_kthread+0x10/0x10 [ 36.014695] ret_from_fork_asm+0x1a/0x30 [ 36.015320] </TASK> [ 36.015524] [ 36.015868] Allocated by task 292: [ 36.016361] kasan_save_stack+0x3d/0x60 [ 36.017004] kasan_save_track+0x18/0x40 [ 36.017382] kasan_save_alloc_info+0x3b/0x50 [ 36.017997] __kasan_kmalloc+0xb7/0xc0 [ 36.018648] __kmalloc_noprof+0x1c4/0x500 [ 36.019147] kunit_kmalloc_array+0x25/0x60 [ 36.019477] copy_user_test_oob+0xac/0x10f0 [ 36.019852] kunit_try_run_case+0x1b3/0x490 [ 36.020617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.021174] kthread+0x257/0x310 [ 36.021429] ret_from_fork+0x41/0x80 [ 36.022122] ret_from_fork_asm+0x1a/0x30 [ 36.022734] [ 36.022995] The buggy address belongs to the object at ffff888101adc700 [ 36.022995] which belongs to the cache kmalloc-128 of size 128 [ 36.024183] The buggy address is located 0 bytes inside of [ 36.024183] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 36.025371] [ 36.025558] The buggy address belongs to the physical page: [ 36.026145] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 36.026906] flags: 0x200000000000000(node=0|zone=2) [ 36.027223] page_type: f5(slab) [ 36.027647] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 36.028294] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.029381] page dumped because: kasan: bad access detected [ 36.030021] [ 36.030216] Memory state around the buggy address: [ 36.030516] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.031475] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.032175] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 36.032819] ^ [ 36.033523] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.034227] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.034775] ================================================================== [ 35.895357] ================================================================== [ 35.896041] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 35.896479] Write of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 35.897222] [ 35.897510] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.898847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.899376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.900343] Call Trace: [ 35.900543] <TASK> [ 35.900965] dump_stack_lvl+0x73/0xb0 [ 35.901422] print_report+0xd1/0x640 [ 35.902282] ? __virt_addr_valid+0x1db/0x2d0 [ 35.902838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.903435] kasan_report+0x102/0x140 [ 35.904078] ? copy_user_test_oob+0x3fe/0x10f0 [ 35.904650] ? copy_user_test_oob+0x3fe/0x10f0 [ 35.905266] kasan_check_range+0x10c/0x1c0 [ 35.905774] __kasan_check_write+0x18/0x20 [ 35.906303] copy_user_test_oob+0x3fe/0x10f0 [ 35.906994] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.907424] ? finish_task_switch.isra.0+0x153/0x700 [ 35.907985] ? __switch_to+0x5d9/0xf60 [ 35.908494] ? __schedule+0xc3e/0x2790 [ 35.908923] ? __pfx_read_tsc+0x10/0x10 [ 35.909304] ? ktime_get_ts64+0x84/0x230 [ 35.909859] kunit_try_run_case+0x1b3/0x490 [ 35.910393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.910986] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.911771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.912254] ? __kthread_parkme+0x82/0x160 [ 35.912764] ? preempt_count_sub+0x50/0x80 [ 35.913211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.913830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.914542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.915091] kthread+0x257/0x310 [ 35.915446] ? __pfx_kthread+0x10/0x10 [ 35.916095] ret_from_fork+0x41/0x80 [ 35.916451] ? __pfx_kthread+0x10/0x10 [ 35.917022] ret_from_fork_asm+0x1a/0x30 [ 35.917438] </TASK> [ 35.917671] [ 35.917942] Allocated by task 292: [ 35.918422] kasan_save_stack+0x3d/0x60 [ 35.918914] kasan_save_track+0x18/0x40 [ 35.919291] kasan_save_alloc_info+0x3b/0x50 [ 35.919946] __kasan_kmalloc+0xb7/0xc0 [ 35.920398] __kmalloc_noprof+0x1c4/0x500 [ 35.920945] kunit_kmalloc_array+0x25/0x60 [ 35.921421] copy_user_test_oob+0xac/0x10f0 [ 35.921943] kunit_try_run_case+0x1b3/0x490 [ 35.922435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.923143] kthread+0x257/0x310 [ 35.923667] ret_from_fork+0x41/0x80 [ 35.924104] ret_from_fork_asm+0x1a/0x30 [ 35.924389] [ 35.924789] The buggy address belongs to the object at ffff888101adc700 [ 35.924789] which belongs to the cache kmalloc-128 of size 128 [ 35.925900] The buggy address is located 0 bytes inside of [ 35.925900] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 35.926977] [ 35.927165] The buggy address belongs to the physical page: [ 35.927835] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 35.928314] flags: 0x200000000000000(node=0|zone=2) [ 35.929056] page_type: f5(slab) [ 35.929524] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.930293] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 35.931070] page dumped because: kasan: bad access detected [ 35.931547] [ 35.931860] Memory state around the buggy address: [ 35.932357] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.932910] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.933798] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.934350] ^ [ 35.935194] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.935912] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.936568] ================================================================== [ 36.035913] ================================================================== [ 36.036537] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 36.037435] Read of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 36.038079] [ 36.038254] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 36.039203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.039818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.040600] Call Trace: [ 36.041013] <TASK> [ 36.041341] dump_stack_lvl+0x73/0xb0 [ 36.041935] print_report+0xd1/0x640 [ 36.042379] ? __virt_addr_valid+0x1db/0x2d0 [ 36.042831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 36.043412] kasan_report+0x102/0x140 [ 36.043969] ? copy_user_test_oob+0x605/0x10f0 [ 36.044756] ? copy_user_test_oob+0x605/0x10f0 [ 36.045352] kasan_check_range+0x10c/0x1c0 [ 36.045967] __kasan_check_read+0x15/0x20 [ 36.046435] copy_user_test_oob+0x605/0x10f0 [ 36.046883] ? __pfx_copy_user_test_oob+0x10/0x10 [ 36.047550] ? finish_task_switch.isra.0+0x153/0x700 [ 36.048046] ? __switch_to+0x5d9/0xf60 [ 36.048555] ? __schedule+0xc3e/0x2790 [ 36.048954] ? __pfx_read_tsc+0x10/0x10 [ 36.049483] ? ktime_get_ts64+0x84/0x230 [ 36.049965] kunit_try_run_case+0x1b3/0x490 [ 36.050756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.051145] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 36.051792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 36.052414] ? __kthread_parkme+0x82/0x160 [ 36.052733] ? preempt_count_sub+0x50/0x80 [ 36.053258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 36.054041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 36.054619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.055485] kthread+0x257/0x310 [ 36.055996] ? __pfx_kthread+0x10/0x10 [ 36.056306] ret_from_fork+0x41/0x80 [ 36.056586] ? __pfx_kthread+0x10/0x10 [ 36.057148] ret_from_fork_asm+0x1a/0x30 [ 36.057781] </TASK> [ 36.058085] [ 36.058243] Allocated by task 292: [ 36.058583] kasan_save_stack+0x3d/0x60 [ 36.059136] kasan_save_track+0x18/0x40 [ 36.059646] kasan_save_alloc_info+0x3b/0x50 [ 36.060071] __kasan_kmalloc+0xb7/0xc0 [ 36.060408] __kmalloc_noprof+0x1c4/0x500 [ 36.060903] kunit_kmalloc_array+0x25/0x60 [ 36.061202] copy_user_test_oob+0xac/0x10f0 [ 36.061745] kunit_try_run_case+0x1b3/0x490 [ 36.062459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.063058] kthread+0x257/0x310 [ 36.063464] ret_from_fork+0x41/0x80 [ 36.063976] ret_from_fork_asm+0x1a/0x30 [ 36.064423] [ 36.064582] The buggy address belongs to the object at ffff888101adc700 [ 36.064582] which belongs to the cache kmalloc-128 of size 128 [ 36.066776] The buggy address is located 0 bytes inside of [ 36.066776] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 36.067920] [ 36.068184] The buggy address belongs to the physical page: [ 36.068685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 36.069431] flags: 0x200000000000000(node=0|zone=2) [ 36.070113] page_type: f5(slab) [ 36.070425] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 36.071218] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.071976] page dumped because: kasan: bad access detected [ 36.072582] [ 36.072904] Memory state around the buggy address: [ 36.073323] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.074091] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.074886] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 36.075466] ^ [ 36.076111] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.076666] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.077421] ================================================================== [ 35.937687] ================================================================== [ 35.938571] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 35.939299] Read of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 35.939958] [ 35.940222] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.941192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.941817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.942527] Call Trace: [ 35.942917] <TASK> [ 35.943192] dump_stack_lvl+0x73/0xb0 [ 35.943752] print_report+0xd1/0x640 [ 35.944146] ? __virt_addr_valid+0x1db/0x2d0 [ 35.944736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.945274] kasan_report+0x102/0x140 [ 35.945736] ? copy_user_test_oob+0x4ab/0x10f0 [ 35.946361] ? copy_user_test_oob+0x4ab/0x10f0 [ 35.947040] kasan_check_range+0x10c/0x1c0 [ 35.948017] __kasan_check_read+0x15/0x20 [ 35.950524] copy_user_test_oob+0x4ab/0x10f0 [ 35.951421] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.952050] ? finish_task_switch.isra.0+0x153/0x700 [ 35.953375] ? __switch_to+0x5d9/0xf60 [ 35.954142] ? __schedule+0xc3e/0x2790 [ 35.954405] ? __pfx_read_tsc+0x10/0x10 [ 35.954678] ? ktime_get_ts64+0x84/0x230 [ 35.954968] kunit_try_run_case+0x1b3/0x490 [ 35.955245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.957846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.959206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.960461] ? __kthread_parkme+0x82/0x160 [ 35.961613] ? preempt_count_sub+0x50/0x80 [ 35.962162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.962608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.963361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.964055] kthread+0x257/0x310 [ 35.964255] ? __pfx_kthread+0x10/0x10 [ 35.964446] ret_from_fork+0x41/0x80 [ 35.964625] ? __pfx_kthread+0x10/0x10 [ 35.964975] ret_from_fork_asm+0x1a/0x30 [ 35.965543] </TASK> [ 35.966390] [ 35.966759] Allocated by task 292: [ 35.967121] kasan_save_stack+0x3d/0x60 [ 35.967547] kasan_save_track+0x18/0x40 [ 35.968496] kasan_save_alloc_info+0x3b/0x50 [ 35.969246] __kasan_kmalloc+0xb7/0xc0 [ 35.969505] __kmalloc_noprof+0x1c4/0x500 [ 35.970153] kunit_kmalloc_array+0x25/0x60 [ 35.970607] copy_user_test_oob+0xac/0x10f0 [ 35.971304] kunit_try_run_case+0x1b3/0x490 [ 35.972017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.973205] kthread+0x257/0x310 [ 35.973555] ret_from_fork+0x41/0x80 [ 35.974284] ret_from_fork_asm+0x1a/0x30 [ 35.974911] [ 35.975173] The buggy address belongs to the object at ffff888101adc700 [ 35.975173] which belongs to the cache kmalloc-128 of size 128 [ 35.976235] The buggy address is located 0 bytes inside of [ 35.976235] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 35.978095] [ 35.978475] The buggy address belongs to the physical page: [ 35.978827] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 35.979929] flags: 0x200000000000000(node=0|zone=2) [ 35.980234] page_type: f5(slab) [ 35.981117] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.982320] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 35.983519] page dumped because: kasan: bad access detected [ 35.983892] [ 35.984128] Memory state around the buggy address: [ 35.985149] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.986135] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.986671] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.987934] ^ [ 35.988482] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.989288] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.990143] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 35.843027] ================================================================== [ 35.844094] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 35.844736] Read of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 35.845157] [ 35.845415] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.846378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.846672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.847348] Call Trace: [ 35.847686] <TASK> [ 35.848073] dump_stack_lvl+0x73/0xb0 [ 35.848914] print_report+0xd1/0x640 [ 35.849230] ? __virt_addr_valid+0x1db/0x2d0 [ 35.849964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.850433] kasan_report+0x102/0x140 [ 35.850751] ? _copy_to_user+0x4a/0x70 [ 35.851050] ? _copy_to_user+0x4a/0x70 [ 35.851593] kasan_check_range+0x10c/0x1c0 [ 35.852135] __kasan_check_read+0x15/0x20 [ 35.852520] _copy_to_user+0x4a/0x70 [ 35.853361] copy_user_test_oob+0x365/0x10f0 [ 35.853975] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.854984] ? finish_task_switch.isra.0+0x153/0x700 [ 35.855874] ? __switch_to+0x5d9/0xf60 [ 35.856347] ? __schedule+0xc3e/0x2790 [ 35.856905] ? __pfx_read_tsc+0x10/0x10 [ 35.857325] ? ktime_get_ts64+0x84/0x230 [ 35.857811] kunit_try_run_case+0x1b3/0x490 [ 35.858287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.859003] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.859478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.860185] ? __kthread_parkme+0x82/0x160 [ 35.860686] ? preempt_count_sub+0x50/0x80 [ 35.861258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.862008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.862733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.863303] kthread+0x257/0x310 [ 35.863884] ? __pfx_kthread+0x10/0x10 [ 35.864363] ret_from_fork+0x41/0x80 [ 35.865005] ? __pfx_kthread+0x10/0x10 [ 35.865441] ret_from_fork_asm+0x1a/0x30 [ 35.866009] </TASK> [ 35.866401] [ 35.866690] Allocated by task 292: [ 35.867148] kasan_save_stack+0x3d/0x60 [ 35.867499] kasan_save_track+0x18/0x40 [ 35.868069] kasan_save_alloc_info+0x3b/0x50 [ 35.868469] __kasan_kmalloc+0xb7/0xc0 [ 35.869137] __kmalloc_noprof+0x1c4/0x500 [ 35.869503] kunit_kmalloc_array+0x25/0x60 [ 35.870238] copy_user_test_oob+0xac/0x10f0 [ 35.870691] kunit_try_run_case+0x1b3/0x490 [ 35.871206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.872060] kthread+0x257/0x310 [ 35.872490] ret_from_fork+0x41/0x80 [ 35.873056] ret_from_fork_asm+0x1a/0x30 [ 35.873575] [ 35.873854] The buggy address belongs to the object at ffff888101adc700 [ 35.873854] which belongs to the cache kmalloc-128 of size 128 [ 35.875128] The buggy address is located 0 bytes inside of [ 35.875128] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 35.876437] [ 35.876676] The buggy address belongs to the physical page: [ 35.877239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 35.878155] flags: 0x200000000000000(node=0|zone=2) [ 35.878669] page_type: f5(slab) [ 35.879009] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.880091] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 35.880760] page dumped because: kasan: bad access detected [ 35.881533] [ 35.881760] Memory state around the buggy address: [ 35.882478] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.883733] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.884519] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.885362] ^ [ 35.886193] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.886844] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.887757] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 35.790631] ================================================================== [ 35.791936] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 35.792566] Write of size 121 at addr ffff888101adc700 by task kunit_try_catch/292 [ 35.793406] [ 35.793694] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.794796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.795313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.796345] Call Trace: [ 35.796657] <TASK> [ 35.797050] dump_stack_lvl+0x73/0xb0 [ 35.797682] print_report+0xd1/0x640 [ 35.798102] ? __virt_addr_valid+0x1db/0x2d0 [ 35.798810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.799289] kasan_report+0x102/0x140 [ 35.799675] ? _copy_from_user+0x33/0xa0 [ 35.800605] ? _copy_from_user+0x33/0xa0 [ 35.801004] kasan_check_range+0x10c/0x1c0 [ 35.801363] __kasan_check_write+0x18/0x20 [ 35.801977] _copy_from_user+0x33/0xa0 [ 35.802430] copy_user_test_oob+0x2bf/0x10f0 [ 35.803149] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.803501] ? finish_task_switch.isra.0+0x153/0x700 [ 35.804363] ? __switch_to+0x5d9/0xf60 [ 35.804873] ? __schedule+0xc3e/0x2790 [ 35.805317] ? __pfx_read_tsc+0x10/0x10 [ 35.805811] ? ktime_get_ts64+0x84/0x230 [ 35.806291] kunit_try_run_case+0x1b3/0x490 [ 35.807056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.807475] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.808363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.808872] ? __kthread_parkme+0x82/0x160 [ 35.809396] ? preempt_count_sub+0x50/0x80 [ 35.810178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.811065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.811572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.812432] kthread+0x257/0x310 [ 35.812932] ? __pfx_kthread+0x10/0x10 [ 35.813283] ret_from_fork+0x41/0x80 [ 35.813677] ? __pfx_kthread+0x10/0x10 [ 35.814971] ret_from_fork_asm+0x1a/0x30 [ 35.815371] </TASK> [ 35.815866] [ 35.816050] Allocated by task 292: [ 35.816837] kasan_save_stack+0x3d/0x60 [ 35.817119] kasan_save_track+0x18/0x40 [ 35.818370] kasan_save_alloc_info+0x3b/0x50 [ 35.818798] __kasan_kmalloc+0xb7/0xc0 [ 35.818985] __kmalloc_noprof+0x1c4/0x500 [ 35.819172] kunit_kmalloc_array+0x25/0x60 [ 35.819360] copy_user_test_oob+0xac/0x10f0 [ 35.819553] kunit_try_run_case+0x1b3/0x490 [ 35.819917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.820264] kthread+0x257/0x310 [ 35.821407] ret_from_fork+0x41/0x80 [ 35.822064] ret_from_fork_asm+0x1a/0x30 [ 35.822721] [ 35.823202] The buggy address belongs to the object at ffff888101adc700 [ 35.823202] which belongs to the cache kmalloc-128 of size 128 [ 35.824590] The buggy address is located 0 bytes inside of [ 35.824590] allocated 120-byte region [ffff888101adc700, ffff888101adc778) [ 35.825858] [ 35.826246] The buggy address belongs to the physical page: [ 35.826659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 35.827407] flags: 0x200000000000000(node=0|zone=2) [ 35.827919] page_type: f5(slab) [ 35.828862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.829624] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 35.830655] page dumped because: kasan: bad access detected [ 35.831491] [ 35.831661] Memory state around the buggy address: [ 35.832494] ffff888101adc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.833676] ffff888101adc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.834416] >ffff888101adc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.835141] ^ [ 35.835701] ffff888101adc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.836694] ffff888101adc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.837430] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 35.715386] ================================================================== [ 35.716352] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 35.717276] Write of size 8 at addr ffff888101adc478 by task kunit_try_catch/288 [ 35.718298] [ 35.718794] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.720442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.720915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.721769] Call Trace: [ 35.722184] <TASK> [ 35.722514] dump_stack_lvl+0x73/0xb0 [ 35.723049] print_report+0xd1/0x640 [ 35.723696] ? __virt_addr_valid+0x1db/0x2d0 [ 35.724187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.725016] kasan_report+0x102/0x140 [ 35.725576] ? copy_to_kernel_nofault+0x99/0x260 [ 35.726339] ? copy_to_kernel_nofault+0x99/0x260 [ 35.727002] kasan_check_range+0x10c/0x1c0 [ 35.727626] __kasan_check_write+0x18/0x20 [ 35.728451] copy_to_kernel_nofault+0x99/0x260 [ 35.729362] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 35.730083] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 35.731418] ? finish_task_switch.isra.0+0x153/0x700 [ 35.732476] ? __schedule+0xc3e/0x2790 [ 35.732907] ? trace_hardirqs_on+0x37/0xe0 [ 35.733333] ? __pfx_read_tsc+0x10/0x10 [ 35.734219] ? ktime_get_ts64+0x84/0x230 [ 35.735065] kunit_try_run_case+0x1b3/0x490 [ 35.735656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.736901] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.737396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.738553] ? __kthread_parkme+0x82/0x160 [ 35.739122] ? preempt_count_sub+0x50/0x80 [ 35.739587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.740614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.741360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.742134] kthread+0x257/0x310 [ 35.742558] ? __pfx_kthread+0x10/0x10 [ 35.743485] ret_from_fork+0x41/0x80 [ 35.744187] ? __pfx_kthread+0x10/0x10 [ 35.744824] ret_from_fork_asm+0x1a/0x30 [ 35.745280] </TASK> [ 35.745521] [ 35.745762] Allocated by task 288: [ 35.746019] kasan_save_stack+0x3d/0x60 [ 35.746462] kasan_save_track+0x18/0x40 [ 35.747460] kasan_save_alloc_info+0x3b/0x50 [ 35.747837] __kasan_kmalloc+0xb7/0xc0 [ 35.748896] __kmalloc_cache_noprof+0x184/0x410 [ 35.749274] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 35.750427] kunit_try_run_case+0x1b3/0x490 [ 35.750668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.751507] kthread+0x257/0x310 [ 35.751951] ret_from_fork+0x41/0x80 [ 35.752325] ret_from_fork_asm+0x1a/0x30 [ 35.752833] [ 35.752993] The buggy address belongs to the object at ffff888101adc400 [ 35.752993] which belongs to the cache kmalloc-128 of size 128 [ 35.754600] The buggy address is located 0 bytes to the right of [ 35.754600] allocated 120-byte region [ffff888101adc400, ffff888101adc478) [ 35.756396] [ 35.756552] The buggy address belongs to the physical page: [ 35.757463] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 35.758389] flags: 0x200000000000000(node=0|zone=2) [ 35.759158] page_type: f5(slab) [ 35.759803] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.760583] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 35.761606] page dumped because: kasan: bad access detected [ 35.762097] [ 35.762408] Memory state around the buggy address: [ 35.762932] ffff888101adc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.763890] ffff888101adc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.764679] >ffff888101adc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.765468] ^ [ 35.766014] ffff888101adc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.766613] ffff888101adc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.767847] ================================================================== [ 35.652556] ================================================================== [ 35.655008] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 35.655809] Read of size 8 at addr ffff888101adc478 by task kunit_try_catch/288 [ 35.657211] [ 35.657594] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.659013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.659590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.660759] Call Trace: [ 35.661418] <TASK> [ 35.661668] dump_stack_lvl+0x73/0xb0 [ 35.662078] print_report+0xd1/0x640 [ 35.663301] ? __virt_addr_valid+0x1db/0x2d0 [ 35.664060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.664845] kasan_report+0x102/0x140 [ 35.665636] ? copy_to_kernel_nofault+0x225/0x260 [ 35.666362] ? copy_to_kernel_nofault+0x225/0x260 [ 35.667409] __asan_report_load8_noabort+0x18/0x20 [ 35.668644] copy_to_kernel_nofault+0x225/0x260 [ 35.669105] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 35.670122] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 35.670947] ? finish_task_switch.isra.0+0x153/0x700 [ 35.671663] ? __schedule+0xc3e/0x2790 [ 35.672408] ? trace_hardirqs_on+0x37/0xe0 [ 35.673040] ? __pfx_read_tsc+0x10/0x10 [ 35.673418] ? ktime_get_ts64+0x84/0x230 [ 35.674431] kunit_try_run_case+0x1b3/0x490 [ 35.675061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.675902] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.676628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.677695] ? __kthread_parkme+0x82/0x160 [ 35.678153] ? preempt_count_sub+0x50/0x80 [ 35.678435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.680983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.681352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.681673] kthread+0x257/0x310 [ 35.682556] ? __pfx_kthread+0x10/0x10 [ 35.683271] ret_from_fork+0x41/0x80 [ 35.684054] ? __pfx_kthread+0x10/0x10 [ 35.684848] ret_from_fork_asm+0x1a/0x30 [ 35.685798] </TASK> [ 35.686285] [ 35.686552] Allocated by task 288: [ 35.687375] kasan_save_stack+0x3d/0x60 [ 35.688004] kasan_save_track+0x18/0x40 [ 35.688632] kasan_save_alloc_info+0x3b/0x50 [ 35.689814] __kasan_kmalloc+0xb7/0xc0 [ 35.690081] __kmalloc_cache_noprof+0x184/0x410 [ 35.690975] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 35.691372] kunit_try_run_case+0x1b3/0x490 [ 35.691789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.692802] kthread+0x257/0x310 [ 35.693439] ret_from_fork+0x41/0x80 [ 35.694008] ret_from_fork_asm+0x1a/0x30 [ 35.694600] [ 35.695062] The buggy address belongs to the object at ffff888101adc400 [ 35.695062] which belongs to the cache kmalloc-128 of size 128 [ 35.696050] The buggy address is located 0 bytes to the right of [ 35.696050] allocated 120-byte region [ffff888101adc400, ffff888101adc478) [ 35.696741] [ 35.696895] The buggy address belongs to the physical page: [ 35.698034] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adc [ 35.700480] flags: 0x200000000000000(node=0|zone=2) [ 35.701128] page_type: f5(slab) [ 35.701561] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.702862] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 35.703904] page dumped because: kasan: bad access detected [ 35.704516] [ 35.704920] Memory state around the buggy address: [ 35.705570] ffff888101adc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.706960] ffff888101adc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.708454] >ffff888101adc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.709592] ^ [ 35.710981] ffff888101adc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.711813] ffff888101adc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.712861] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 32.720732] ================================================================== [ 32.722731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 32.723966] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.725097] [ 32.725535] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.727433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.727985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.729660] Call Trace: [ 32.729879] <TASK> [ 32.730186] dump_stack_lvl+0x73/0xb0 [ 32.730603] print_report+0xd1/0x640 [ 32.731563] ? __virt_addr_valid+0x1db/0x2d0 [ 32.732043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.732511] kasan_report+0x102/0x140 [ 32.733366] ? kasan_atomics_helper+0x3e0/0x5450 [ 32.733994] ? kasan_atomics_helper+0x3e0/0x5450 [ 32.734782] kasan_check_range+0x10c/0x1c0 [ 32.735543] __kasan_check_read+0x15/0x20 [ 32.736003] kasan_atomics_helper+0x3e0/0x5450 [ 32.737527] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.738076] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.738910] ? kasan_save_alloc_info+0x3b/0x50 [ 32.739618] ? kasan_atomics+0x153/0x310 [ 32.740185] kasan_atomics+0x1dd/0x310 [ 32.740597] ? __pfx_kasan_atomics+0x10/0x10 [ 32.741541] ? __pfx_read_tsc+0x10/0x10 [ 32.742476] ? ktime_get_ts64+0x84/0x230 [ 32.743087] kunit_try_run_case+0x1b3/0x490 [ 32.744025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.744730] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.745455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.745998] ? __kthread_parkme+0x82/0x160 [ 32.746994] ? preempt_count_sub+0x50/0x80 [ 32.747879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.748344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.749469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.750079] kthread+0x257/0x310 [ 32.751846] ? __pfx_kthread+0x10/0x10 [ 32.752098] ret_from_fork+0x41/0x80 [ 32.752334] ? __pfx_kthread+0x10/0x10 [ 32.752573] ret_from_fork_asm+0x1a/0x30 [ 32.752899] </TASK> [ 32.753063] [ 32.753191] Allocated by task 272: [ 32.753398] kasan_save_stack+0x3d/0x60 [ 32.753644] kasan_save_track+0x18/0x40 [ 32.756009] kasan_save_alloc_info+0x3b/0x50 [ 32.757904] __kasan_kmalloc+0xb7/0xc0 [ 32.759141] __kmalloc_cache_noprof+0x184/0x410 [ 32.760417] kasan_atomics+0x96/0x310 [ 32.761930] kunit_try_run_case+0x1b3/0x490 [ 32.763359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.765005] kthread+0x257/0x310 [ 32.765715] ret_from_fork+0x41/0x80 [ 32.766596] ret_from_fork_asm+0x1a/0x30 [ 32.767036] [ 32.767296] The buggy address belongs to the object at ffff8881029f9480 [ 32.767296] which belongs to the cache kmalloc-64 of size 64 [ 32.769110] The buggy address is located 0 bytes to the right of [ 32.769110] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.770582] [ 32.770991] The buggy address belongs to the physical page: [ 32.771587] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.772238] flags: 0x200000000000000(node=0|zone=2) [ 32.772601] page_type: f5(slab) [ 32.773331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.773997] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.774998] page dumped because: kasan: bad access detected [ 32.775818] [ 32.775960] Memory state around the buggy address: [ 32.777000] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.778340] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.779513] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.780874] ^ [ 32.781886] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.782676] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.783470] ================================================================== [ 32.839315] ================================================================== [ 32.840099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 32.841306] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.842739] [ 32.842951] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.844328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.844629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.845850] Call Trace: [ 32.846250] <TASK> [ 32.846476] dump_stack_lvl+0x73/0xb0 [ 32.846888] print_report+0xd1/0x640 [ 32.847739] ? __virt_addr_valid+0x1db/0x2d0 [ 32.848372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.849205] kasan_report+0x102/0x140 [ 32.849576] ? kasan_atomics_helper+0x4a1/0x5450 [ 32.850287] ? kasan_atomics_helper+0x4a1/0x5450 [ 32.851198] kasan_check_range+0x10c/0x1c0 [ 32.851598] __kasan_check_write+0x18/0x20 [ 32.852455] kasan_atomics_helper+0x4a1/0x5450 [ 32.853306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.854496] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.855001] ? kasan_save_alloc_info+0x3b/0x50 [ 32.855560] ? kasan_atomics+0x153/0x310 [ 32.856191] kasan_atomics+0x1dd/0x310 [ 32.856526] ? __pfx_kasan_atomics+0x10/0x10 [ 32.857084] ? __pfx_read_tsc+0x10/0x10 [ 32.857425] ? ktime_get_ts64+0x84/0x230 [ 32.857880] kunit_try_run_case+0x1b3/0x490 [ 32.858465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.859023] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.859483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.860032] ? __kthread_parkme+0x82/0x160 [ 32.860527] ? preempt_count_sub+0x50/0x80 [ 32.861110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.861582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.862268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.863053] kthread+0x257/0x310 [ 32.863454] ? __pfx_kthread+0x10/0x10 [ 32.864052] ret_from_fork+0x41/0x80 [ 32.864340] ? __pfx_kthread+0x10/0x10 [ 32.864917] ret_from_fork_asm+0x1a/0x30 [ 32.865388] </TASK> [ 32.865790] [ 32.866314] Allocated by task 272: [ 32.866585] kasan_save_stack+0x3d/0x60 [ 32.867202] kasan_save_track+0x18/0x40 [ 32.867783] kasan_save_alloc_info+0x3b/0x50 [ 32.868156] __kasan_kmalloc+0xb7/0xc0 [ 32.868743] __kmalloc_cache_noprof+0x184/0x410 [ 32.869258] kasan_atomics+0x96/0x310 [ 32.869579] kunit_try_run_case+0x1b3/0x490 [ 32.870243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.870995] kthread+0x257/0x310 [ 32.871298] ret_from_fork+0x41/0x80 [ 32.871898] ret_from_fork_asm+0x1a/0x30 [ 32.872317] [ 32.872572] The buggy address belongs to the object at ffff8881029f9480 [ 32.872572] which belongs to the cache kmalloc-64 of size 64 [ 32.873777] The buggy address is located 0 bytes to the right of [ 32.873777] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.874931] [ 32.875238] The buggy address belongs to the physical page: [ 32.875827] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.876488] flags: 0x200000000000000(node=0|zone=2) [ 32.877125] page_type: f5(slab) [ 32.877420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.878463] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.879360] page dumped because: kasan: bad access detected [ 32.880001] [ 32.880225] Memory state around the buggy address: [ 32.880656] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.881276] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.882132] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.882802] ^ [ 32.883384] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.884119] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.884849] ================================================================== [ 35.168921] ================================================================== [ 35.169793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 35.170243] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.170981] [ 35.171188] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.173789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.174087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.174669] Call Trace: [ 35.175041] <TASK> [ 35.175316] dump_stack_lvl+0x73/0xb0 [ 35.175661] print_report+0xd1/0x640 [ 35.176112] ? __virt_addr_valid+0x1db/0x2d0 [ 35.176848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.177356] kasan_report+0x102/0x140 [ 35.177825] ? kasan_atomics_helper+0x1f44/0x5450 [ 35.178403] ? kasan_atomics_helper+0x1f44/0x5450 [ 35.178999] kasan_check_range+0x10c/0x1c0 [ 35.179499] __kasan_check_write+0x18/0x20 [ 35.180001] kasan_atomics_helper+0x1f44/0x5450 [ 35.180499] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.181114] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.181567] ? kasan_save_alloc_info+0x3b/0x50 [ 35.182097] ? kasan_atomics+0x153/0x310 [ 35.182758] kasan_atomics+0x1dd/0x310 [ 35.183120] ? __pfx_kasan_atomics+0x10/0x10 [ 35.183776] ? __pfx_read_tsc+0x10/0x10 [ 35.184092] ? ktime_get_ts64+0x84/0x230 [ 35.184670] kunit_try_run_case+0x1b3/0x490 [ 35.185165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.185685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.186348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.186892] ? __kthread_parkme+0x82/0x160 [ 35.187347] ? preempt_count_sub+0x50/0x80 [ 35.187941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.188354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.189129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.189696] kthread+0x257/0x310 [ 35.190211] ? __pfx_kthread+0x10/0x10 [ 35.190784] ret_from_fork+0x41/0x80 [ 35.191077] ? __pfx_kthread+0x10/0x10 [ 35.191645] ret_from_fork_asm+0x1a/0x30 [ 35.192111] </TASK> [ 35.192470] [ 35.192746] Allocated by task 272: [ 35.193164] kasan_save_stack+0x3d/0x60 [ 35.193726] kasan_save_track+0x18/0x40 [ 35.194079] kasan_save_alloc_info+0x3b/0x50 [ 35.194547] __kasan_kmalloc+0xb7/0xc0 [ 35.195082] __kmalloc_cache_noprof+0x184/0x410 [ 35.195555] kasan_atomics+0x96/0x310 [ 35.196100] kunit_try_run_case+0x1b3/0x490 [ 35.196716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.197232] kthread+0x257/0x310 [ 35.197730] ret_from_fork+0x41/0x80 [ 35.198085] ret_from_fork_asm+0x1a/0x30 [ 35.198490] [ 35.198860] The buggy address belongs to the object at ffff8881029f9480 [ 35.198860] which belongs to the cache kmalloc-64 of size 64 [ 35.199851] The buggy address is located 0 bytes to the right of [ 35.199851] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.201110] [ 35.201364] The buggy address belongs to the physical page: [ 35.201997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.202679] flags: 0x200000000000000(node=0|zone=2) [ 35.203036] page_type: f5(slab) [ 35.203450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.204129] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.204931] page dumped because: kasan: bad access detected [ 35.205533] [ 35.205894] Memory state around the buggy address: [ 35.206480] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.207280] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.208041] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.208755] ^ [ 35.209121] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.210511] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.211054] ================================================================== [ 32.564794] ================================================================== [ 32.565633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 32.566343] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.567292] [ 32.567896] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.568480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.569388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.570116] Call Trace: [ 32.570318] <TASK> [ 32.571041] dump_stack_lvl+0x73/0xb0 [ 32.571618] print_report+0xd1/0x640 [ 32.572312] ? __virt_addr_valid+0x1db/0x2d0 [ 32.572734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.573242] kasan_report+0x102/0x140 [ 32.573625] ? kasan_atomics_helper+0x4ba4/0x5450 [ 32.574891] ? kasan_atomics_helper+0x4ba4/0x5450 [ 32.575543] __asan_report_store4_noabort+0x1b/0x30 [ 32.575964] kasan_atomics_helper+0x4ba4/0x5450 [ 32.576542] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.577162] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.577878] ? kasan_save_alloc_info+0x3b/0x50 [ 32.578306] ? kasan_atomics+0x153/0x310 [ 32.578783] kasan_atomics+0x1dd/0x310 [ 32.579333] ? __pfx_kasan_atomics+0x10/0x10 [ 32.580156] ? __pfx_read_tsc+0x10/0x10 [ 32.580681] ? ktime_get_ts64+0x84/0x230 [ 32.581863] kunit_try_run_case+0x1b3/0x490 [ 32.582587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.583398] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.584384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.585358] ? __kthread_parkme+0x82/0x160 [ 32.585862] ? preempt_count_sub+0x50/0x80 [ 32.586302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.586804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.587524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.588043] kthread+0x257/0x310 [ 32.588516] ? __pfx_kthread+0x10/0x10 [ 32.589051] ret_from_fork+0x41/0x80 [ 32.589401] ? __pfx_kthread+0x10/0x10 [ 32.589857] ret_from_fork_asm+0x1a/0x30 [ 32.590450] </TASK> [ 32.590937] [ 32.591094] Allocated by task 272: [ 32.591780] kasan_save_stack+0x3d/0x60 [ 32.592063] kasan_save_track+0x18/0x40 [ 32.592482] kasan_save_alloc_info+0x3b/0x50 [ 32.593239] __kasan_kmalloc+0xb7/0xc0 [ 32.593622] __kmalloc_cache_noprof+0x184/0x410 [ 32.594101] kasan_atomics+0x96/0x310 [ 32.594858] kunit_try_run_case+0x1b3/0x490 [ 32.595246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.595985] kthread+0x257/0x310 [ 32.596741] ret_from_fork+0x41/0x80 [ 32.597230] ret_from_fork_asm+0x1a/0x30 [ 32.597532] [ 32.597764] The buggy address belongs to the object at ffff8881029f9480 [ 32.597764] which belongs to the cache kmalloc-64 of size 64 [ 32.598679] The buggy address is located 0 bytes to the right of [ 32.598679] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.600287] [ 32.600466] The buggy address belongs to the physical page: [ 32.601150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.601859] flags: 0x200000000000000(node=0|zone=2) [ 32.602182] page_type: f5(slab) [ 32.602852] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.603505] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.604523] page dumped because: kasan: bad access detected [ 32.605079] [ 32.605503] Memory state around the buggy address: [ 32.605830] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.606536] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.607526] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.608407] ^ [ 32.608811] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.609591] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.610304] ================================================================== [ 35.446851] ================================================================== [ 35.447881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 35.448485] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.449144] [ 35.449382] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.450317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.450796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.451527] Call Trace: [ 35.452485] <TASK> [ 35.452804] dump_stack_lvl+0x73/0xb0 [ 35.453083] print_report+0xd1/0x640 [ 35.453401] ? __virt_addr_valid+0x1db/0x2d0 [ 35.453901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.454489] kasan_report+0x102/0x140 [ 35.454990] ? kasan_atomics_helper+0x218b/0x5450 [ 35.455515] ? kasan_atomics_helper+0x218b/0x5450 [ 35.456061] kasan_check_range+0x10c/0x1c0 [ 35.456442] __kasan_check_write+0x18/0x20 [ 35.457298] kasan_atomics_helper+0x218b/0x5450 [ 35.457913] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.458430] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.458871] ? kasan_save_alloc_info+0x3b/0x50 [ 35.459250] ? kasan_atomics+0x153/0x310 [ 35.459767] kasan_atomics+0x1dd/0x310 [ 35.460143] ? __pfx_kasan_atomics+0x10/0x10 [ 35.460678] ? __pfx_read_tsc+0x10/0x10 [ 35.461074] ? ktime_get_ts64+0x84/0x230 [ 35.461450] kunit_try_run_case+0x1b3/0x490 [ 35.461913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.462254] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.462871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.463478] ? __kthread_parkme+0x82/0x160 [ 35.463952] ? preempt_count_sub+0x50/0x80 [ 35.464352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.464853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.465509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.466473] kthread+0x257/0x310 [ 35.467124] ? __pfx_kthread+0x10/0x10 [ 35.467787] ret_from_fork+0x41/0x80 [ 35.468181] ? __pfx_kthread+0x10/0x10 [ 35.468489] ret_from_fork_asm+0x1a/0x30 [ 35.469136] </TASK> [ 35.469342] [ 35.469589] Allocated by task 272: [ 35.470474] kasan_save_stack+0x3d/0x60 [ 35.470945] kasan_save_track+0x18/0x40 [ 35.471334] kasan_save_alloc_info+0x3b/0x50 [ 35.471762] __kasan_kmalloc+0xb7/0xc0 [ 35.472558] __kmalloc_cache_noprof+0x184/0x410 [ 35.473312] kasan_atomics+0x96/0x310 [ 35.473996] kunit_try_run_case+0x1b3/0x490 [ 35.474593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.475252] kthread+0x257/0x310 [ 35.475584] ret_from_fork+0x41/0x80 [ 35.476175] ret_from_fork_asm+0x1a/0x30 [ 35.476590] [ 35.476972] The buggy address belongs to the object at ffff8881029f9480 [ 35.476972] which belongs to the cache kmalloc-64 of size 64 [ 35.477804] The buggy address is located 0 bytes to the right of [ 35.477804] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.479744] [ 35.479912] The buggy address belongs to the physical page: [ 35.480620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.481820] flags: 0x200000000000000(node=0|zone=2) [ 35.482438] page_type: f5(slab) [ 35.482932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.483660] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.484604] page dumped because: kasan: bad access detected [ 35.485169] [ 35.485418] Memory state around the buggy address: [ 35.486235] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.487043] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.488211] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.488846] ^ [ 35.489249] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.489859] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.490653] ================================================================== [ 33.558591] ================================================================== [ 33.559529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 33.560043] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.560552] [ 33.562632] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.563745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.564266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.565220] Call Trace: [ 33.565555] <TASK> [ 33.565929] dump_stack_lvl+0x73/0xb0 [ 33.566429] print_report+0xd1/0x640 [ 33.566943] ? __virt_addr_valid+0x1db/0x2d0 [ 33.567443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.568077] kasan_report+0x102/0x140 [ 33.568533] ? kasan_atomics_helper+0xd48/0x5450 [ 33.569116] ? kasan_atomics_helper+0xd48/0x5450 [ 33.569728] kasan_check_range+0x10c/0x1c0 [ 33.570130] __kasan_check_write+0x18/0x20 [ 33.570667] kasan_atomics_helper+0xd48/0x5450 [ 33.571148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.571813] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.572234] ? kasan_save_alloc_info+0x3b/0x50 [ 33.572754] ? kasan_atomics+0x153/0x310 [ 33.573151] kasan_atomics+0x1dd/0x310 [ 33.573614] ? __pfx_kasan_atomics+0x10/0x10 [ 33.574173] ? __pfx_read_tsc+0x10/0x10 [ 33.574744] ? ktime_get_ts64+0x84/0x230 [ 33.575233] kunit_try_run_case+0x1b3/0x490 [ 33.576463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.577286] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.577808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.578168] ? __kthread_parkme+0x82/0x160 [ 33.578762] ? preempt_count_sub+0x50/0x80 [ 33.579140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.579582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.580314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.581429] kthread+0x257/0x310 [ 33.581869] ? __pfx_kthread+0x10/0x10 [ 33.582524] ret_from_fork+0x41/0x80 [ 33.583007] ? __pfx_kthread+0x10/0x10 [ 33.583418] ret_from_fork_asm+0x1a/0x30 [ 33.584541] </TASK> [ 33.584757] [ 33.584944] Allocated by task 272: [ 33.585887] kasan_save_stack+0x3d/0x60 [ 33.586548] kasan_save_track+0x18/0x40 [ 33.586932] kasan_save_alloc_info+0x3b/0x50 [ 33.587360] __kasan_kmalloc+0xb7/0xc0 [ 33.588304] __kmalloc_cache_noprof+0x184/0x410 [ 33.588724] kasan_atomics+0x96/0x310 [ 33.589278] kunit_try_run_case+0x1b3/0x490 [ 33.590129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.590613] kthread+0x257/0x310 [ 33.591256] ret_from_fork+0x41/0x80 [ 33.591442] ret_from_fork_asm+0x1a/0x30 [ 33.591632] [ 33.591804] The buggy address belongs to the object at ffff8881029f9480 [ 33.591804] which belongs to the cache kmalloc-64 of size 64 [ 33.593379] The buggy address is located 0 bytes to the right of [ 33.593379] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.594590] [ 33.594893] The buggy address belongs to the physical page: [ 33.595411] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.596460] flags: 0x200000000000000(node=0|zone=2) [ 33.597098] page_type: f5(slab) [ 33.597730] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.598365] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.599211] page dumped because: kasan: bad access detected [ 33.600263] [ 33.600715] Memory state around the buggy address: [ 33.601048] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.601639] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.602425] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.603028] ^ [ 33.603457] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.604053] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.604896] ================================================================== [ 34.008183] ================================================================== [ 34.009346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 34.010083] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.011571] [ 34.011878] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.013240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.013923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.014636] Call Trace: [ 34.015360] <TASK> [ 34.015875] dump_stack_lvl+0x73/0xb0 [ 34.016492] print_report+0xd1/0x640 [ 34.017012] ? __virt_addr_valid+0x1db/0x2d0 [ 34.017776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.018323] kasan_report+0x102/0x140 [ 34.019068] ? kasan_atomics_helper+0x1218/0x5450 [ 34.019737] ? kasan_atomics_helper+0x1218/0x5450 [ 34.020424] kasan_check_range+0x10c/0x1c0 [ 34.021091] __kasan_check_write+0x18/0x20 [ 34.021567] kasan_atomics_helper+0x1218/0x5450 [ 34.022361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.023281] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.024135] ? kasan_save_alloc_info+0x3b/0x50 [ 34.024739] ? kasan_atomics+0x153/0x310 [ 34.025262] kasan_atomics+0x1dd/0x310 [ 34.026356] ? __pfx_kasan_atomics+0x10/0x10 [ 34.026766] ? __pfx_read_tsc+0x10/0x10 [ 34.027384] ? ktime_get_ts64+0x84/0x230 [ 34.027972] kunit_try_run_case+0x1b3/0x490 [ 34.028407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.029257] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.029738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.030463] ? __kthread_parkme+0x82/0x160 [ 34.031079] ? preempt_count_sub+0x50/0x80 [ 34.031564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.032142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.033279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.033747] kthread+0x257/0x310 [ 34.034353] ? __pfx_kthread+0x10/0x10 [ 34.035083] ret_from_fork+0x41/0x80 [ 34.035491] ? __pfx_kthread+0x10/0x10 [ 34.035901] ret_from_fork_asm+0x1a/0x30 [ 34.036333] </TASK> [ 34.036527] [ 34.036808] Allocated by task 272: [ 34.037235] kasan_save_stack+0x3d/0x60 [ 34.037629] kasan_save_track+0x18/0x40 [ 34.038551] kasan_save_alloc_info+0x3b/0x50 [ 34.038999] __kasan_kmalloc+0xb7/0xc0 [ 34.039395] __kmalloc_cache_noprof+0x184/0x410 [ 34.040042] kasan_atomics+0x96/0x310 [ 34.040392] kunit_try_run_case+0x1b3/0x490 [ 34.040998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.041583] kthread+0x257/0x310 [ 34.041994] ret_from_fork+0x41/0x80 [ 34.042466] ret_from_fork_asm+0x1a/0x30 [ 34.042987] [ 34.043245] The buggy address belongs to the object at ffff8881029f9480 [ 34.043245] which belongs to the cache kmalloc-64 of size 64 [ 34.044347] The buggy address is located 0 bytes to the right of [ 34.044347] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.045524] [ 34.045895] The buggy address belongs to the physical page: [ 34.046364] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.047233] flags: 0x200000000000000(node=0|zone=2) [ 34.047765] page_type: f5(slab) [ 34.048239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.048913] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.049747] page dumped because: kasan: bad access detected [ 34.050318] [ 34.050549] Memory state around the buggy address: [ 34.051083] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.051941] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.052474] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.053300] ^ [ 34.053732] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.054535] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.055245] ================================================================== [ 32.518648] ================================================================== [ 32.519618] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 32.520233] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.520935] [ 32.521108] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.522689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.523520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.524590] Call Trace: [ 32.525055] <TASK> [ 32.526047] dump_stack_lvl+0x73/0xb0 [ 32.526506] print_report+0xd1/0x640 [ 32.527191] ? __virt_addr_valid+0x1db/0x2d0 [ 32.528060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.529015] kasan_report+0x102/0x140 [ 32.529466] ? kasan_atomics_helper+0x4bbe/0x5450 [ 32.529975] ? kasan_atomics_helper+0x4bbe/0x5450 [ 32.530490] __asan_report_load4_noabort+0x18/0x20 [ 32.531028] kasan_atomics_helper+0x4bbe/0x5450 [ 32.531544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.532241] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.532810] ? kasan_save_alloc_info+0x3b/0x50 [ 32.533240] ? kasan_atomics+0x153/0x310 [ 32.533676] kasan_atomics+0x1dd/0x310 [ 32.534305] ? __pfx_kasan_atomics+0x10/0x10 [ 32.534928] ? __pfx_read_tsc+0x10/0x10 [ 32.535327] ? ktime_get_ts64+0x84/0x230 [ 32.535674] kunit_try_run_case+0x1b3/0x490 [ 32.536202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.536815] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.537444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.538091] ? __kthread_parkme+0x82/0x160 [ 32.538494] ? preempt_count_sub+0x50/0x80 [ 32.538822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.539869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.540641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.541263] kthread+0x257/0x310 [ 32.541853] ? __pfx_kthread+0x10/0x10 [ 32.542312] ret_from_fork+0x41/0x80 [ 32.542762] ? __pfx_kthread+0x10/0x10 [ 32.543260] ret_from_fork_asm+0x1a/0x30 [ 32.543592] </TASK> [ 32.544288] [ 32.544500] Allocated by task 272: [ 32.544856] kasan_save_stack+0x3d/0x60 [ 32.545338] kasan_save_track+0x18/0x40 [ 32.545821] kasan_save_alloc_info+0x3b/0x50 [ 32.546531] __kasan_kmalloc+0xb7/0xc0 [ 32.546833] __kmalloc_cache_noprof+0x184/0x410 [ 32.547414] kasan_atomics+0x96/0x310 [ 32.547926] kunit_try_run_case+0x1b3/0x490 [ 32.548564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.548953] kthread+0x257/0x310 [ 32.549200] ret_from_fork+0x41/0x80 [ 32.549783] ret_from_fork_asm+0x1a/0x30 [ 32.550477] [ 32.550771] The buggy address belongs to the object at ffff8881029f9480 [ 32.550771] which belongs to the cache kmalloc-64 of size 64 [ 32.551756] The buggy address is located 0 bytes to the right of [ 32.551756] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.553174] [ 32.553553] The buggy address belongs to the physical page: [ 32.554098] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.555074] flags: 0x200000000000000(node=0|zone=2) [ 32.555419] page_type: f5(slab) [ 32.555673] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.556529] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.557137] page dumped because: kasan: bad access detected [ 32.557838] [ 32.558064] Memory state around the buggy address: [ 32.558377] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.559470] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.560420] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.561099] ^ [ 32.561424] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.562238] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.563057] ================================================================== [ 34.147248] ================================================================== [ 34.148076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 34.148689] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.149169] [ 34.149431] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.150437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.150774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.151685] Call Trace: [ 34.151917] <TASK> [ 34.152107] dump_stack_lvl+0x73/0xb0 [ 34.152587] print_report+0xd1/0x640 [ 34.153114] ? __virt_addr_valid+0x1db/0x2d0 [ 34.153688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.154227] kasan_report+0x102/0x140 [ 34.154727] ? kasan_atomics_helper+0x49d0/0x5450 [ 34.155058] ? kasan_atomics_helper+0x49d0/0x5450 [ 34.155745] __asan_report_load4_noabort+0x18/0x20 [ 34.156237] kasan_atomics_helper+0x49d0/0x5450 [ 34.156740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.157309] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.157893] ? kasan_save_alloc_info+0x3b/0x50 [ 34.158260] ? kasan_atomics+0x153/0x310 [ 34.158592] kasan_atomics+0x1dd/0x310 [ 34.159163] ? __pfx_kasan_atomics+0x10/0x10 [ 34.159675] ? __pfx_read_tsc+0x10/0x10 [ 34.160175] ? ktime_get_ts64+0x84/0x230 [ 34.160589] kunit_try_run_case+0x1b3/0x490 [ 34.160979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.161574] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.162188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.162660] ? __kthread_parkme+0x82/0x160 [ 34.162985] ? preempt_count_sub+0x50/0x80 [ 34.163444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.163891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.164354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.165065] kthread+0x257/0x310 [ 34.165379] ? __pfx_kthread+0x10/0x10 [ 34.165827] ret_from_fork+0x41/0x80 [ 34.166281] ? __pfx_kthread+0x10/0x10 [ 34.166568] ret_from_fork_asm+0x1a/0x30 [ 34.167138] </TASK> [ 34.167412] [ 34.167738] Allocated by task 272: [ 34.168130] kasan_save_stack+0x3d/0x60 [ 34.168518] kasan_save_track+0x18/0x40 [ 34.169049] kasan_save_alloc_info+0x3b/0x50 [ 34.169380] __kasan_kmalloc+0xb7/0xc0 [ 34.169728] __kmalloc_cache_noprof+0x184/0x410 [ 34.170285] kasan_atomics+0x96/0x310 [ 34.170867] kunit_try_run_case+0x1b3/0x490 [ 34.171328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.172781] kthread+0x257/0x310 [ 34.173040] ret_from_fork+0x41/0x80 [ 34.173343] ret_from_fork_asm+0x1a/0x30 [ 34.174270] [ 34.174425] The buggy address belongs to the object at ffff8881029f9480 [ 34.174425] which belongs to the cache kmalloc-64 of size 64 [ 34.175472] The buggy address is located 0 bytes to the right of [ 34.175472] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.177284] [ 34.177538] The buggy address belongs to the physical page: [ 34.178357] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.179934] flags: 0x200000000000000(node=0|zone=2) [ 34.180920] page_type: f5(slab) [ 34.181528] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.182523] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.183473] page dumped because: kasan: bad access detected [ 34.183893] [ 34.184153] Memory state around the buggy address: [ 34.184569] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.185279] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.186316] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.186991] ^ [ 34.187599] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.188393] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.189096] ================================================================== [ 33.325479] ================================================================== [ 33.327310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 33.328128] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.328772] [ 33.328993] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.329812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.330201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.331040] Call Trace: [ 33.331252] <TASK> [ 33.331541] dump_stack_lvl+0x73/0xb0 [ 33.332093] print_report+0xd1/0x640 [ 33.332476] ? __virt_addr_valid+0x1db/0x2d0 [ 33.332936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.333353] kasan_report+0x102/0x140 [ 33.333890] ? kasan_atomics_helper+0xa2c/0x5450 [ 33.334449] ? kasan_atomics_helper+0xa2c/0x5450 [ 33.335026] kasan_check_range+0x10c/0x1c0 [ 33.335351] __kasan_check_write+0x18/0x20 [ 33.335934] kasan_atomics_helper+0xa2c/0x5450 [ 33.336350] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.336832] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.337155] ? kasan_save_alloc_info+0x3b/0x50 [ 33.337779] ? kasan_atomics+0x153/0x310 [ 33.338297] kasan_atomics+0x1dd/0x310 [ 33.338853] ? __pfx_kasan_atomics+0x10/0x10 [ 33.339331] ? __pfx_read_tsc+0x10/0x10 [ 33.339792] ? ktime_get_ts64+0x84/0x230 [ 33.340292] kunit_try_run_case+0x1b3/0x490 [ 33.340654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.341197] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.341770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.342337] ? __kthread_parkme+0x82/0x160 [ 33.342758] ? preempt_count_sub+0x50/0x80 [ 33.343230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.343818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.344214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.344925] kthread+0x257/0x310 [ 33.345354] ? __pfx_kthread+0x10/0x10 [ 33.345814] ret_from_fork+0x41/0x80 [ 33.346268] ? __pfx_kthread+0x10/0x10 [ 33.346742] ret_from_fork_asm+0x1a/0x30 [ 33.347245] </TASK> [ 33.347440] [ 33.347727] Allocated by task 272: [ 33.348138] kasan_save_stack+0x3d/0x60 [ 33.348655] kasan_save_track+0x18/0x40 [ 33.349062] kasan_save_alloc_info+0x3b/0x50 [ 33.349642] __kasan_kmalloc+0xb7/0xc0 [ 33.349963] __kmalloc_cache_noprof+0x184/0x410 [ 33.350487] kasan_atomics+0x96/0x310 [ 33.350890] kunit_try_run_case+0x1b3/0x490 [ 33.351310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.351845] kthread+0x257/0x310 [ 33.352201] ret_from_fork+0x41/0x80 [ 33.352678] ret_from_fork_asm+0x1a/0x30 [ 33.353125] [ 33.353321] The buggy address belongs to the object at ffff8881029f9480 [ 33.353321] which belongs to the cache kmalloc-64 of size 64 [ 33.354223] The buggy address is located 0 bytes to the right of [ 33.354223] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.355484] [ 33.356376] The buggy address belongs to the physical page: [ 33.356858] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.357458] flags: 0x200000000000000(node=0|zone=2) [ 33.358589] page_type: f5(slab) [ 33.359427] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.360089] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.360678] page dumped because: kasan: bad access detected [ 33.361117] [ 33.361366] Memory state around the buggy address: [ 33.361750] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.362492] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.363535] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.364486] ^ [ 33.364893] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.365420] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.366477] ================================================================== [ 33.081454] ================================================================== [ 33.082495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 33.083369] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.084199] [ 33.084454] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.085469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.086017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.086861] Call Trace: [ 33.087084] <TASK> [ 33.087278] dump_stack_lvl+0x73/0xb0 [ 33.087878] print_report+0xd1/0x640 [ 33.088335] ? __virt_addr_valid+0x1db/0x2d0 [ 33.088878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.089532] kasan_report+0x102/0x140 [ 33.089978] ? kasan_atomics_helper+0x730/0x5450 [ 33.090582] ? kasan_atomics_helper+0x730/0x5450 [ 33.091030] kasan_check_range+0x10c/0x1c0 [ 33.091565] __kasan_check_write+0x18/0x20 [ 33.092118] kasan_atomics_helper+0x730/0x5450 [ 33.092537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.093277] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.093815] ? kasan_save_alloc_info+0x3b/0x50 [ 33.094327] ? kasan_atomics+0x153/0x310 [ 33.094897] kasan_atomics+0x1dd/0x310 [ 33.095366] ? __pfx_kasan_atomics+0x10/0x10 [ 33.096023] ? __pfx_read_tsc+0x10/0x10 [ 33.096372] ? ktime_get_ts64+0x84/0x230 [ 33.096949] kunit_try_run_case+0x1b3/0x490 [ 33.097481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.098030] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.098679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.099318] ? __kthread_parkme+0x82/0x160 [ 33.099873] ? preempt_count_sub+0x50/0x80 [ 33.100339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.100961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.101570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.102278] kthread+0x257/0x310 [ 33.102681] ? __pfx_kthread+0x10/0x10 [ 33.103222] ret_from_fork+0x41/0x80 [ 33.103717] ? __pfx_kthread+0x10/0x10 [ 33.104205] ret_from_fork_asm+0x1a/0x30 [ 33.104819] </TASK> [ 33.105086] [ 33.105320] Allocated by task 272: [ 33.105650] kasan_save_stack+0x3d/0x60 [ 33.106963] kasan_save_track+0x18/0x40 [ 33.107304] kasan_save_alloc_info+0x3b/0x50 [ 33.107755] __kasan_kmalloc+0xb7/0xc0 [ 33.108157] __kmalloc_cache_noprof+0x184/0x410 [ 33.108562] kasan_atomics+0x96/0x310 [ 33.109023] kunit_try_run_case+0x1b3/0x490 [ 33.109430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.110645] kthread+0x257/0x310 [ 33.111097] ret_from_fork+0x41/0x80 [ 33.111908] ret_from_fork_asm+0x1a/0x30 [ 33.112176] [ 33.112455] The buggy address belongs to the object at ffff8881029f9480 [ 33.112455] which belongs to the cache kmalloc-64 of size 64 [ 33.114352] The buggy address is located 0 bytes to the right of [ 33.114352] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.116046] [ 33.116198] The buggy address belongs to the physical page: [ 33.117245] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.117831] flags: 0x200000000000000(node=0|zone=2) [ 33.118509] page_type: f5(slab) [ 33.118997] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.120113] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.120694] page dumped because: kasan: bad access detected [ 33.121402] [ 33.121722] Memory state around the buggy address: [ 33.122438] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.123293] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.124086] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.125068] ^ [ 33.125747] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.126439] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.127552] ================================================================== [ 33.182687] ================================================================== [ 33.183955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 33.184934] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.186177] [ 33.186383] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.187813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.188288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.189365] Call Trace: [ 33.189921] <TASK> [ 33.190219] dump_stack_lvl+0x73/0xb0 [ 33.191057] print_report+0xd1/0x640 [ 33.191457] ? __virt_addr_valid+0x1db/0x2d0 [ 33.192171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.192680] kasan_report+0x102/0x140 [ 33.193438] ? kasan_atomics_helper+0x861/0x5450 [ 33.194002] ? kasan_atomics_helper+0x861/0x5450 [ 33.194495] kasan_check_range+0x10c/0x1c0 [ 33.195404] __kasan_check_write+0x18/0x20 [ 33.196093] kasan_atomics_helper+0x861/0x5450 [ 33.196564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.197469] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.198158] ? kasan_save_alloc_info+0x3b/0x50 [ 33.198908] ? kasan_atomics+0x153/0x310 [ 33.199298] kasan_atomics+0x1dd/0x310 [ 33.199688] ? __pfx_kasan_atomics+0x10/0x10 [ 33.200518] ? __pfx_read_tsc+0x10/0x10 [ 33.201130] ? ktime_get_ts64+0x84/0x230 [ 33.201872] kunit_try_run_case+0x1b3/0x490 [ 33.202521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.203143] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.203832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.204443] ? __kthread_parkme+0x82/0x160 [ 33.205181] ? preempt_count_sub+0x50/0x80 [ 33.205851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.206519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.207110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.208025] kthread+0x257/0x310 [ 33.208594] ? __pfx_kthread+0x10/0x10 [ 33.209286] ret_from_fork+0x41/0x80 [ 33.210014] ? __pfx_kthread+0x10/0x10 [ 33.210430] ret_from_fork_asm+0x1a/0x30 [ 33.210922] </TASK> [ 33.211187] [ 33.211390] Allocated by task 272: [ 33.212427] kasan_save_stack+0x3d/0x60 [ 33.212817] kasan_save_track+0x18/0x40 [ 33.213514] kasan_save_alloc_info+0x3b/0x50 [ 33.213892] __kasan_kmalloc+0xb7/0xc0 [ 33.214694] __kmalloc_cache_noprof+0x184/0x410 [ 33.215201] kasan_atomics+0x96/0x310 [ 33.215890] kunit_try_run_case+0x1b3/0x490 [ 33.216575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.217429] kthread+0x257/0x310 [ 33.217737] ret_from_fork+0x41/0x80 [ 33.218437] ret_from_fork_asm+0x1a/0x30 [ 33.218951] [ 33.219193] The buggy address belongs to the object at ffff8881029f9480 [ 33.219193] which belongs to the cache kmalloc-64 of size 64 [ 33.220873] The buggy address is located 0 bytes to the right of [ 33.220873] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.222637] [ 33.223041] The buggy address belongs to the physical page: [ 33.223646] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.224738] flags: 0x200000000000000(node=0|zone=2) [ 33.225271] page_type: f5(slab) [ 33.226194] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.226879] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.227556] page dumped because: kasan: bad access detected [ 33.228439] [ 33.228742] Memory state around the buggy address: [ 33.229397] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.230402] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.231075] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.231928] ^ [ 33.232448] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.233399] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.234301] ================================================================== [ 33.235232] ================================================================== [ 33.237136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 33.237786] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.238846] [ 33.239124] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.240399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.240779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.241869] Call Trace: [ 33.242239] <TASK> [ 33.242451] dump_stack_lvl+0x73/0xb0 [ 33.242984] print_report+0xd1/0x640 [ 33.243454] ? __virt_addr_valid+0x1db/0x2d0 [ 33.244258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.244774] kasan_report+0x102/0x140 [ 33.245279] ? kasan_atomics_helper+0x8fa/0x5450 [ 33.246015] ? kasan_atomics_helper+0x8fa/0x5450 [ 33.246444] kasan_check_range+0x10c/0x1c0 [ 33.247194] __kasan_check_write+0x18/0x20 [ 33.247678] kasan_atomics_helper+0x8fa/0x5450 [ 33.248158] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.248783] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.249399] ? kasan_save_alloc_info+0x3b/0x50 [ 33.250091] ? kasan_atomics+0x153/0x310 [ 33.250590] kasan_atomics+0x1dd/0x310 [ 33.251097] ? __pfx_kasan_atomics+0x10/0x10 [ 33.251791] ? __pfx_read_tsc+0x10/0x10 [ 33.252205] ? ktime_get_ts64+0x84/0x230 [ 33.252671] kunit_try_run_case+0x1b3/0x490 [ 33.253092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.253665] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.254165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.254534] ? __kthread_parkme+0x82/0x160 [ 33.255057] ? preempt_count_sub+0x50/0x80 [ 33.255604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.256287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.256962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.257597] kthread+0x257/0x310 [ 33.258010] ? __pfx_kthread+0x10/0x10 [ 33.258438] ret_from_fork+0x41/0x80 [ 33.258933] ? __pfx_kthread+0x10/0x10 [ 33.259548] ret_from_fork_asm+0x1a/0x30 [ 33.260084] </TASK> [ 33.260342] [ 33.260592] Allocated by task 272: [ 33.261018] kasan_save_stack+0x3d/0x60 [ 33.261413] kasan_save_track+0x18/0x40 [ 33.261904] kasan_save_alloc_info+0x3b/0x50 [ 33.262621] __kasan_kmalloc+0xb7/0xc0 [ 33.263044] __kmalloc_cache_noprof+0x184/0x410 [ 33.263354] kasan_atomics+0x96/0x310 [ 33.263722] kunit_try_run_case+0x1b3/0x490 [ 33.264359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.264874] kthread+0x257/0x310 [ 33.265230] ret_from_fork+0x41/0x80 [ 33.265545] ret_from_fork_asm+0x1a/0x30 [ 33.266389] [ 33.266549] The buggy address belongs to the object at ffff8881029f9480 [ 33.266549] which belongs to the cache kmalloc-64 of size 64 [ 33.267331] The buggy address is located 0 bytes to the right of [ 33.267331] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.269563] [ 33.269942] The buggy address belongs to the physical page: [ 33.270352] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.271133] flags: 0x200000000000000(node=0|zone=2) [ 33.271590] page_type: f5(slab) [ 33.271929] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.272636] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.273222] page dumped because: kasan: bad access detected [ 33.273733] [ 33.273984] Memory state around the buggy address: [ 33.274318] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.275070] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.275569] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.276376] ^ [ 33.276831] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.277431] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.277958] ================================================================== [ 34.704921] ================================================================== [ 34.705984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 34.706731] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.707299] [ 34.707627] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.708833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.709246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.710311] Call Trace: [ 34.710645] <TASK> [ 34.710862] dump_stack_lvl+0x73/0xb0 [ 34.711425] print_report+0xd1/0x640 [ 34.712130] ? __virt_addr_valid+0x1db/0x2d0 [ 34.712526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.713061] kasan_report+0x102/0x140 [ 34.713494] ? kasan_atomics_helper+0x194b/0x5450 [ 34.713995] ? kasan_atomics_helper+0x194b/0x5450 [ 34.714726] kasan_check_range+0x10c/0x1c0 [ 34.715222] __kasan_check_write+0x18/0x20 [ 34.715644] kasan_atomics_helper+0x194b/0x5450 [ 34.716730] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.717312] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.717763] ? kasan_save_alloc_info+0x3b/0x50 [ 34.718245] ? kasan_atomics+0x153/0x310 [ 34.718820] kasan_atomics+0x1dd/0x310 [ 34.719132] ? __pfx_kasan_atomics+0x10/0x10 [ 34.719753] ? __pfx_read_tsc+0x10/0x10 [ 34.720075] ? ktime_get_ts64+0x84/0x230 [ 34.720522] kunit_try_run_case+0x1b3/0x490 [ 34.721136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.721669] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.722158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.722544] ? __kthread_parkme+0x82/0x160 [ 34.723077] ? preempt_count_sub+0x50/0x80 [ 34.723576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.724031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.724663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.725291] kthread+0x257/0x310 [ 34.725561] ? __pfx_kthread+0x10/0x10 [ 34.726023] ret_from_fork+0x41/0x80 [ 34.726516] ? __pfx_kthread+0x10/0x10 [ 34.727049] ret_from_fork_asm+0x1a/0x30 [ 34.727463] </TASK> [ 34.727754] [ 34.727916] Allocated by task 272: [ 34.728265] kasan_save_stack+0x3d/0x60 [ 34.728829] kasan_save_track+0x18/0x40 [ 34.729260] kasan_save_alloc_info+0x3b/0x50 [ 34.729725] __kasan_kmalloc+0xb7/0xc0 [ 34.730077] __kmalloc_cache_noprof+0x184/0x410 [ 34.730392] kasan_atomics+0x96/0x310 [ 34.730917] kunit_try_run_case+0x1b3/0x490 [ 34.731423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.732108] kthread+0x257/0x310 [ 34.732380] ret_from_fork+0x41/0x80 [ 34.732766] ret_from_fork_asm+0x1a/0x30 [ 34.733212] [ 34.733374] The buggy address belongs to the object at ffff8881029f9480 [ 34.733374] which belongs to the cache kmalloc-64 of size 64 [ 34.734535] The buggy address is located 0 bytes to the right of [ 34.734535] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.735587] [ 34.735898] The buggy address belongs to the physical page: [ 34.736400] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.737116] flags: 0x200000000000000(node=0|zone=2) [ 34.737649] page_type: f5(slab) [ 34.738021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.738576] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.739301] page dumped because: kasan: bad access detected [ 34.739756] [ 34.740017] Memory state around the buggy address: [ 34.740480] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.741113] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.741834] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.742286] ^ [ 34.742806] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.743594] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.744239] ================================================================== [ 35.491974] ================================================================== [ 35.493738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 35.495176] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.496155] [ 35.496999] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.498125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.498398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.500028] Call Trace: [ 35.500275] <TASK> [ 35.500462] dump_stack_lvl+0x73/0xb0 [ 35.501244] print_report+0xd1/0x640 [ 35.501939] ? __virt_addr_valid+0x1db/0x2d0 [ 35.502380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.503290] kasan_report+0x102/0x140 [ 35.503823] ? kasan_atomics_helper+0x4fa7/0x5450 [ 35.504058] ? kasan_atomics_helper+0x4fa7/0x5450 [ 35.504279] __asan_report_load8_noabort+0x18/0x20 [ 35.504491] kasan_atomics_helper+0x4fa7/0x5450 [ 35.504871] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.505606] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.506464] ? kasan_save_alloc_info+0x3b/0x50 [ 35.507003] ? kasan_atomics+0x153/0x310 [ 35.507526] kasan_atomics+0x1dd/0x310 [ 35.508062] ? __pfx_kasan_atomics+0x10/0x10 [ 35.508536] ? __pfx_read_tsc+0x10/0x10 [ 35.508996] ? ktime_get_ts64+0x84/0x230 [ 35.509411] kunit_try_run_case+0x1b3/0x490 [ 35.510032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.510444] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.510978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.511436] ? __kthread_parkme+0x82/0x160 [ 35.511839] ? preempt_count_sub+0x50/0x80 [ 35.512183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.512755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.513242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.513794] kthread+0x257/0x310 [ 35.514232] ? __pfx_kthread+0x10/0x10 [ 35.514523] ret_from_fork+0x41/0x80 [ 35.514881] ? __pfx_kthread+0x10/0x10 [ 35.515318] ret_from_fork_asm+0x1a/0x30 [ 35.515877] </TASK> [ 35.516177] [ 35.516375] Allocated by task 272: [ 35.516666] kasan_save_stack+0x3d/0x60 [ 35.516969] kasan_save_track+0x18/0x40 [ 35.517397] kasan_save_alloc_info+0x3b/0x50 [ 35.517985] __kasan_kmalloc+0xb7/0xc0 [ 35.518458] __kmalloc_cache_noprof+0x184/0x410 [ 35.518992] kasan_atomics+0x96/0x310 [ 35.519365] kunit_try_run_case+0x1b3/0x490 [ 35.519935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.520418] kthread+0x257/0x310 [ 35.520750] ret_from_fork+0x41/0x80 [ 35.521244] ret_from_fork_asm+0x1a/0x30 [ 35.521663] [ 35.521894] The buggy address belongs to the object at ffff8881029f9480 [ 35.521894] which belongs to the cache kmalloc-64 of size 64 [ 35.522845] The buggy address is located 0 bytes to the right of [ 35.522845] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.524106] [ 35.524294] The buggy address belongs to the physical page: [ 35.524898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.525346] flags: 0x200000000000000(node=0|zone=2) [ 35.525923] page_type: f5(slab) [ 35.526357] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.527135] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.527876] page dumped because: kasan: bad access detected [ 35.528384] [ 35.528584] Memory state around the buggy address: [ 35.529143] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.529763] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.530356] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.530874] ^ [ 35.531179] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.532048] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.532785] ================================================================== [ 34.515830] ================================================================== [ 34.516363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 34.517230] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.518121] [ 34.518404] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.519213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.519489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.520768] Call Trace: [ 34.521233] <TASK> [ 34.521687] dump_stack_lvl+0x73/0xb0 [ 34.522213] print_report+0xd1/0x640 [ 34.522576] ? __virt_addr_valid+0x1db/0x2d0 [ 34.523273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.524047] kasan_report+0x102/0x140 [ 34.524571] ? kasan_atomics_helper+0x16e8/0x5450 [ 34.525274] ? kasan_atomics_helper+0x16e8/0x5450 [ 34.525906] kasan_check_range+0x10c/0x1c0 [ 34.526429] __kasan_check_write+0x18/0x20 [ 34.527040] kasan_atomics_helper+0x16e8/0x5450 [ 34.527580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.528239] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.528869] ? kasan_save_alloc_info+0x3b/0x50 [ 34.529404] ? kasan_atomics+0x153/0x310 [ 34.529988] kasan_atomics+0x1dd/0x310 [ 34.530409] ? __pfx_kasan_atomics+0x10/0x10 [ 34.531118] ? __pfx_read_tsc+0x10/0x10 [ 34.531563] ? ktime_get_ts64+0x84/0x230 [ 34.532131] kunit_try_run_case+0x1b3/0x490 [ 34.532750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.533258] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.533905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.534448] ? __kthread_parkme+0x82/0x160 [ 34.535151] ? preempt_count_sub+0x50/0x80 [ 34.535745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.536268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.537157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.537867] kthread+0x257/0x310 [ 34.538386] ? __pfx_kthread+0x10/0x10 [ 34.538686] ret_from_fork+0x41/0x80 [ 34.539283] ? __pfx_kthread+0x10/0x10 [ 34.539899] ret_from_fork_asm+0x1a/0x30 [ 34.540347] </TASK> [ 34.540603] [ 34.540779] Allocated by task 272: [ 34.541217] kasan_save_stack+0x3d/0x60 [ 34.541584] kasan_save_track+0x18/0x40 [ 34.542135] kasan_save_alloc_info+0x3b/0x50 [ 34.542448] __kasan_kmalloc+0xb7/0xc0 [ 34.542747] __kmalloc_cache_noprof+0x184/0x410 [ 34.543391] kasan_atomics+0x96/0x310 [ 34.544143] kunit_try_run_case+0x1b3/0x490 [ 34.544761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.545131] kthread+0x257/0x310 [ 34.545385] ret_from_fork+0x41/0x80 [ 34.546163] ret_from_fork_asm+0x1a/0x30 [ 34.546836] [ 34.547061] The buggy address belongs to the object at ffff8881029f9480 [ 34.547061] which belongs to the cache kmalloc-64 of size 64 [ 34.548427] The buggy address is located 0 bytes to the right of [ 34.548427] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.549910] [ 34.550194] The buggy address belongs to the physical page: [ 34.550968] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.551975] flags: 0x200000000000000(node=0|zone=2) [ 34.552677] page_type: f5(slab) [ 34.553294] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.554237] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.555062] page dumped because: kasan: bad access detected [ 34.555798] [ 34.556129] Memory state around the buggy address: [ 34.556665] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.557395] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.558373] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.559033] ^ [ 34.559643] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.560426] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.561306] ================================================================== [ 34.745369] ================================================================== [ 34.746123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 34.746698] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.747468] [ 34.748751] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.749397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.749580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.750767] Call Trace: [ 34.751056] <TASK> [ 34.751315] dump_stack_lvl+0x73/0xb0 [ 34.752162] print_report+0xd1/0x640 [ 34.753342] ? __virt_addr_valid+0x1db/0x2d0 [ 34.754000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.754721] kasan_report+0x102/0x140 [ 34.755382] ? kasan_atomics_helper+0x19e4/0x5450 [ 34.756274] ? kasan_atomics_helper+0x19e4/0x5450 [ 34.756683] kasan_check_range+0x10c/0x1c0 [ 34.757340] __kasan_check_write+0x18/0x20 [ 34.758255] kasan_atomics_helper+0x19e4/0x5450 [ 34.759320] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.760152] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.761054] ? kasan_save_alloc_info+0x3b/0x50 [ 34.761511] ? kasan_atomics+0x153/0x310 [ 34.762243] kasan_atomics+0x1dd/0x310 [ 34.763026] ? __pfx_kasan_atomics+0x10/0x10 [ 34.763469] ? __pfx_read_tsc+0x10/0x10 [ 34.763924] ? ktime_get_ts64+0x84/0x230 [ 34.765952] kunit_try_run_case+0x1b3/0x490 [ 34.766587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.767120] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.767438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.768244] ? __kthread_parkme+0x82/0x160 [ 34.768614] ? preempt_count_sub+0x50/0x80 [ 34.769161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.769898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.770374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.770849] kthread+0x257/0x310 [ 34.771295] ? __pfx_kthread+0x10/0x10 [ 34.771735] ret_from_fork+0x41/0x80 [ 34.772115] ? __pfx_kthread+0x10/0x10 [ 34.772421] ret_from_fork_asm+0x1a/0x30 [ 34.773082] </TASK> [ 34.773310] [ 34.773559] Allocated by task 272: [ 34.774068] kasan_save_stack+0x3d/0x60 [ 34.774367] kasan_save_track+0x18/0x40 [ 34.774645] kasan_save_alloc_info+0x3b/0x50 [ 34.775346] __kasan_kmalloc+0xb7/0xc0 [ 34.776015] __kmalloc_cache_noprof+0x184/0x410 [ 34.776474] kasan_atomics+0x96/0x310 [ 34.776850] kunit_try_run_case+0x1b3/0x490 [ 34.777147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.777596] kthread+0x257/0x310 [ 34.778058] ret_from_fork+0x41/0x80 [ 34.778399] ret_from_fork_asm+0x1a/0x30 [ 34.778684] [ 34.778864] The buggy address belongs to the object at ffff8881029f9480 [ 34.778864] which belongs to the cache kmalloc-64 of size 64 [ 34.780129] The buggy address is located 0 bytes to the right of [ 34.780129] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.782736] [ 34.783129] The buggy address belongs to the physical page: [ 34.783686] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.784308] flags: 0x200000000000000(node=0|zone=2) [ 34.785071] page_type: f5(slab) [ 34.785419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.786238] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.787518] page dumped because: kasan: bad access detected [ 34.788661] [ 34.789005] Memory state around the buggy address: [ 34.789555] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.790466] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.791144] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.791420] ^ [ 34.791631] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.792316] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.792768] ================================================================== [ 33.031613] ================================================================== [ 33.032478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 33.033578] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.035218] [ 33.035412] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.036907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.037623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.038535] Call Trace: [ 33.039258] <TASK> [ 33.039543] dump_stack_lvl+0x73/0xb0 [ 33.040245] print_report+0xd1/0x640 [ 33.040845] ? __virt_addr_valid+0x1db/0x2d0 [ 33.041422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.042201] kasan_report+0x102/0x140 [ 33.043095] ? kasan_atomics_helper+0x698/0x5450 [ 33.043538] ? kasan_atomics_helper+0x698/0x5450 [ 33.044331] kasan_check_range+0x10c/0x1c0 [ 33.045094] __kasan_check_write+0x18/0x20 [ 33.045683] kasan_atomics_helper+0x698/0x5450 [ 33.046367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.046876] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.047673] ? kasan_save_alloc_info+0x3b/0x50 [ 33.048045] ? kasan_atomics+0x153/0x310 [ 33.048729] kasan_atomics+0x1dd/0x310 [ 33.049183] ? __pfx_kasan_atomics+0x10/0x10 [ 33.050038] ? __pfx_read_tsc+0x10/0x10 [ 33.050354] ? ktime_get_ts64+0x84/0x230 [ 33.051317] kunit_try_run_case+0x1b3/0x490 [ 33.052258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.052645] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.053326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.054085] ? __kthread_parkme+0x82/0x160 [ 33.054642] ? preempt_count_sub+0x50/0x80 [ 33.055296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.055998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.056852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.057494] kthread+0x257/0x310 [ 33.058066] ? __pfx_kthread+0x10/0x10 [ 33.058613] ret_from_fork+0x41/0x80 [ 33.059068] ? __pfx_kthread+0x10/0x10 [ 33.059455] ret_from_fork_asm+0x1a/0x30 [ 33.060284] </TASK> [ 33.060529] [ 33.060680] Allocated by task 272: [ 33.061498] kasan_save_stack+0x3d/0x60 [ 33.062199] kasan_save_track+0x18/0x40 [ 33.062794] kasan_save_alloc_info+0x3b/0x50 [ 33.063306] __kasan_kmalloc+0xb7/0xc0 [ 33.063665] __kmalloc_cache_noprof+0x184/0x410 [ 33.064117] kasan_atomics+0x96/0x310 [ 33.064491] kunit_try_run_case+0x1b3/0x490 [ 33.065477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.066162] kthread+0x257/0x310 [ 33.066790] ret_from_fork+0x41/0x80 [ 33.067357] ret_from_fork_asm+0x1a/0x30 [ 33.068137] [ 33.068323] The buggy address belongs to the object at ffff8881029f9480 [ 33.068323] which belongs to the cache kmalloc-64 of size 64 [ 33.069355] The buggy address is located 0 bytes to the right of [ 33.069355] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.070594] [ 33.070905] The buggy address belongs to the physical page: [ 33.071442] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.072274] flags: 0x200000000000000(node=0|zone=2) [ 33.072713] page_type: f5(slab) [ 33.073268] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.073931] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.074644] page dumped because: kasan: bad access detected [ 33.075103] [ 33.075261] Memory state around the buggy address: [ 33.075764] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.076803] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.077463] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.078169] ^ [ 33.078818] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.079449] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.080173] ================================================================== [ 32.668922] ================================================================== [ 32.670292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 32.671446] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.673045] [ 32.673214] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.675267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.675765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.677022] Call Trace: [ 32.677391] <TASK> [ 32.677872] dump_stack_lvl+0x73/0xb0 [ 32.678590] print_report+0xd1/0x640 [ 32.679526] ? __virt_addr_valid+0x1db/0x2d0 [ 32.680161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.681047] kasan_report+0x102/0x140 [ 32.681399] ? kasan_atomics_helper+0x4b70/0x5450 [ 32.681843] ? kasan_atomics_helper+0x4b70/0x5450 [ 32.682299] __asan_report_store4_noabort+0x1b/0x30 [ 32.683404] kasan_atomics_helper+0x4b70/0x5450 [ 32.683927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.684528] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.685147] ? kasan_save_alloc_info+0x3b/0x50 [ 32.685990] ? kasan_atomics+0x153/0x310 [ 32.686614] kasan_atomics+0x1dd/0x310 [ 32.687057] ? __pfx_kasan_atomics+0x10/0x10 [ 32.688324] ? __pfx_read_tsc+0x10/0x10 [ 32.688926] ? ktime_get_ts64+0x84/0x230 [ 32.689667] kunit_try_run_case+0x1b3/0x490 [ 32.690097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.690535] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.691455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.691929] ? __kthread_parkme+0x82/0x160 [ 32.692883] ? preempt_count_sub+0x50/0x80 [ 32.693840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.694243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.695095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.696055] kthread+0x257/0x310 [ 32.696772] ? __pfx_kthread+0x10/0x10 [ 32.697331] ret_from_fork+0x41/0x80 [ 32.698388] ? __pfx_kthread+0x10/0x10 [ 32.698797] ret_from_fork_asm+0x1a/0x30 [ 32.699219] </TASK> [ 32.699475] [ 32.699650] Allocated by task 272: [ 32.700751] kasan_save_stack+0x3d/0x60 [ 32.701350] kasan_save_track+0x18/0x40 [ 32.701971] kasan_save_alloc_info+0x3b/0x50 [ 32.702509] __kasan_kmalloc+0xb7/0xc0 [ 32.703151] __kmalloc_cache_noprof+0x184/0x410 [ 32.703571] kasan_atomics+0x96/0x310 [ 32.703954] kunit_try_run_case+0x1b3/0x490 [ 32.704348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.704955] kthread+0x257/0x310 [ 32.705204] ret_from_fork+0x41/0x80 [ 32.706205] ret_from_fork_asm+0x1a/0x30 [ 32.706885] [ 32.707038] The buggy address belongs to the object at ffff8881029f9480 [ 32.707038] which belongs to the cache kmalloc-64 of size 64 [ 32.708222] The buggy address is located 0 bytes to the right of [ 32.708222] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.709038] [ 32.709323] The buggy address belongs to the physical page: [ 32.710061] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.710845] flags: 0x200000000000000(node=0|zone=2) [ 32.711161] page_type: f5(slab) [ 32.711719] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.712646] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.713284] page dumped because: kasan: bad access detected [ 32.713633] [ 32.714171] Memory state around the buggy address: [ 32.715006] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.715945] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.716566] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.717730] ^ [ 32.718186] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.718938] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.719819] ================================================================== [ 33.736417] ================================================================== [ 33.737684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 33.738249] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.739306] [ 33.739547] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.740548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.741145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.742122] Call Trace: [ 33.742334] <TASK> [ 33.742755] dump_stack_lvl+0x73/0xb0 [ 33.743341] print_report+0xd1/0x640 [ 33.744052] ? __virt_addr_valid+0x1db/0x2d0 [ 33.744585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.745095] kasan_report+0x102/0x140 [ 33.745798] ? kasan_atomics_helper+0xfaa/0x5450 [ 33.746329] ? kasan_atomics_helper+0xfaa/0x5450 [ 33.747048] kasan_check_range+0x10c/0x1c0 [ 33.747801] __kasan_check_write+0x18/0x20 [ 33.748024] kasan_atomics_helper+0xfaa/0x5450 [ 33.748235] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.748454] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.748923] ? kasan_save_alloc_info+0x3b/0x50 [ 33.749931] ? kasan_atomics+0x153/0x310 [ 33.750794] kasan_atomics+0x1dd/0x310 [ 33.751452] ? __pfx_kasan_atomics+0x10/0x10 [ 33.752018] ? __pfx_read_tsc+0x10/0x10 [ 33.752419] ? ktime_get_ts64+0x84/0x230 [ 33.752861] kunit_try_run_case+0x1b3/0x490 [ 33.753776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.754447] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.755293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.755904] ? __kthread_parkme+0x82/0x160 [ 33.756454] ? preempt_count_sub+0x50/0x80 [ 33.757007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.757432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.758150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.758770] kthread+0x257/0x310 [ 33.759227] ? __pfx_kthread+0x10/0x10 [ 33.759658] ret_from_fork+0x41/0x80 [ 33.760001] ? __pfx_kthread+0x10/0x10 [ 33.760359] ret_from_fork_asm+0x1a/0x30 [ 33.760796] </TASK> [ 33.761115] [ 33.761327] Allocated by task 272: [ 33.761655] kasan_save_stack+0x3d/0x60 [ 33.762005] kasan_save_track+0x18/0x40 [ 33.762343] kasan_save_alloc_info+0x3b/0x50 [ 33.762927] __kasan_kmalloc+0xb7/0xc0 [ 33.763347] __kmalloc_cache_noprof+0x184/0x410 [ 33.763843] kasan_atomics+0x96/0x310 [ 33.764127] kunit_try_run_case+0x1b3/0x490 [ 33.764582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.765241] kthread+0x257/0x310 [ 33.765642] ret_from_fork+0x41/0x80 [ 33.766069] ret_from_fork_asm+0x1a/0x30 [ 33.766357] [ 33.766512] The buggy address belongs to the object at ffff8881029f9480 [ 33.766512] which belongs to the cache kmalloc-64 of size 64 [ 33.767897] The buggy address is located 0 bytes to the right of [ 33.767897] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.768782] [ 33.768942] The buggy address belongs to the physical page: [ 33.769525] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.770321] flags: 0x200000000000000(node=0|zone=2) [ 33.770845] page_type: f5(slab) [ 33.771126] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.771837] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.772369] page dumped because: kasan: bad access detected [ 33.772765] [ 33.773024] Memory state around the buggy address: [ 33.773581] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.774317] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.774823] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.775243] ^ [ 33.775843] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.776580] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.777401] ================================================================== [ 33.368141] ================================================================== [ 33.370323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 33.371140] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.372294] [ 33.372518] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.373857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.374382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.375387] Call Trace: [ 33.375663] <TASK> [ 33.375862] dump_stack_lvl+0x73/0xb0 [ 33.376565] print_report+0xd1/0x640 [ 33.377126] ? __virt_addr_valid+0x1db/0x2d0 [ 33.377583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.378809] kasan_report+0x102/0x140 [ 33.379411] ? kasan_atomics_helper+0xac8/0x5450 [ 33.380126] ? kasan_atomics_helper+0xac8/0x5450 [ 33.380819] kasan_check_range+0x10c/0x1c0 [ 33.381429] __kasan_check_write+0x18/0x20 [ 33.382547] kasan_atomics_helper+0xac8/0x5450 [ 33.383048] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.383553] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.384152] ? kasan_save_alloc_info+0x3b/0x50 [ 33.384607] ? kasan_atomics+0x153/0x310 [ 33.385580] kasan_atomics+0x1dd/0x310 [ 33.386297] ? __pfx_kasan_atomics+0x10/0x10 [ 33.386851] ? __pfx_read_tsc+0x10/0x10 [ 33.387265] ? ktime_get_ts64+0x84/0x230 [ 33.387799] kunit_try_run_case+0x1b3/0x490 [ 33.388255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.388984] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.389637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.390233] ? __kthread_parkme+0x82/0x160 [ 33.390993] ? preempt_count_sub+0x50/0x80 [ 33.391445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.392532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.393247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.393811] kthread+0x257/0x310 [ 33.394133] ? __pfx_kthread+0x10/0x10 [ 33.394618] ret_from_fork+0x41/0x80 [ 33.395092] ? __pfx_kthread+0x10/0x10 [ 33.395428] ret_from_fork_asm+0x1a/0x30 [ 33.396099] </TASK> [ 33.396329] [ 33.396603] Allocated by task 272: [ 33.397020] kasan_save_stack+0x3d/0x60 [ 33.397350] kasan_save_track+0x18/0x40 [ 33.397892] kasan_save_alloc_info+0x3b/0x50 [ 33.398265] __kasan_kmalloc+0xb7/0xc0 [ 33.398542] __kmalloc_cache_noprof+0x184/0x410 [ 33.399419] kasan_atomics+0x96/0x310 [ 33.400187] kunit_try_run_case+0x1b3/0x490 [ 33.400870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.401440] kthread+0x257/0x310 [ 33.402446] ret_from_fork+0x41/0x80 [ 33.403013] ret_from_fork_asm+0x1a/0x30 [ 33.403501] [ 33.403678] The buggy address belongs to the object at ffff8881029f9480 [ 33.403678] which belongs to the cache kmalloc-64 of size 64 [ 33.404815] The buggy address is located 0 bytes to the right of [ 33.404815] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.406024] [ 33.406196] The buggy address belongs to the physical page: [ 33.406910] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.407571] flags: 0x200000000000000(node=0|zone=2) [ 33.408069] page_type: f5(slab) [ 33.408490] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.409192] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.409799] page dumped because: kasan: bad access detected [ 33.410620] [ 33.410889] Memory state around the buggy address: [ 33.411474] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.412111] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.412989] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.413493] ^ [ 33.414229] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.414996] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.415650] ================================================================== [ 35.069492] ================================================================== [ 35.071175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 35.071990] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.073290] [ 35.073477] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.074699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.075313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.076419] Call Trace: [ 35.076781] <TASK> [ 35.077129] dump_stack_lvl+0x73/0xb0 [ 35.077416] print_report+0xd1/0x640 [ 35.077877] ? __virt_addr_valid+0x1db/0x2d0 [ 35.078568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.079281] kasan_report+0x102/0x140 [ 35.079751] ? kasan_atomics_helper+0x1e13/0x5450 [ 35.080296] ? kasan_atomics_helper+0x1e13/0x5450 [ 35.080885] kasan_check_range+0x10c/0x1c0 [ 35.081415] __kasan_check_write+0x18/0x20 [ 35.082087] kasan_atomics_helper+0x1e13/0x5450 [ 35.082495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.083160] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.083780] ? kasan_save_alloc_info+0x3b/0x50 [ 35.084166] ? kasan_atomics+0x153/0x310 [ 35.084738] kasan_atomics+0x1dd/0x310 [ 35.085124] ? __pfx_kasan_atomics+0x10/0x10 [ 35.085688] ? __pfx_read_tsc+0x10/0x10 [ 35.086237] ? ktime_get_ts64+0x84/0x230 [ 35.086770] kunit_try_run_case+0x1b3/0x490 [ 35.087305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.087805] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.088329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.088746] ? __kthread_parkme+0x82/0x160 [ 35.089212] ? preempt_count_sub+0x50/0x80 [ 35.089698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.090139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.090682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.091283] kthread+0x257/0x310 [ 35.091573] ? __pfx_kthread+0x10/0x10 [ 35.092134] ret_from_fork+0x41/0x80 [ 35.092562] ? __pfx_kthread+0x10/0x10 [ 35.093063] ret_from_fork_asm+0x1a/0x30 [ 35.093560] </TASK> [ 35.094001] [ 35.094258] Allocated by task 272: [ 35.094734] kasan_save_stack+0x3d/0x60 [ 35.095285] kasan_save_track+0x18/0x40 [ 35.095905] kasan_save_alloc_info+0x3b/0x50 [ 35.096256] __kasan_kmalloc+0xb7/0xc0 [ 35.096862] __kmalloc_cache_noprof+0x184/0x410 [ 35.097273] kasan_atomics+0x96/0x310 [ 35.097887] kunit_try_run_case+0x1b3/0x490 [ 35.098363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.098970] kthread+0x257/0x310 [ 35.099440] ret_from_fork+0x41/0x80 [ 35.099946] ret_from_fork_asm+0x1a/0x30 [ 35.100521] [ 35.100799] The buggy address belongs to the object at ffff8881029f9480 [ 35.100799] which belongs to the cache kmalloc-64 of size 64 [ 35.101964] The buggy address is located 0 bytes to the right of [ 35.101964] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.103202] [ 35.103496] The buggy address belongs to the physical page: [ 35.104088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.104816] flags: 0x200000000000000(node=0|zone=2) [ 35.105349] page_type: f5(slab) [ 35.105810] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.106525] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.107306] page dumped because: kasan: bad access detected [ 35.107771] [ 35.108081] Memory state around the buggy address: [ 35.108583] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.109302] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.110026] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.110975] ^ [ 35.111532] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.112375] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.113407] ================================================================== [ 34.278294] ================================================================== [ 34.279021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 34.279747] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.280453] [ 34.280776] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.281746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.282170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.282955] Call Trace: [ 34.283341] <TASK> [ 34.283715] dump_stack_lvl+0x73/0xb0 [ 34.284072] print_report+0xd1/0x640 [ 34.284524] ? __virt_addr_valid+0x1db/0x2d0 [ 34.285213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.285848] kasan_report+0x102/0x140 [ 34.286147] ? kasan_atomics_helper+0x1468/0x5450 [ 34.286871] ? kasan_atomics_helper+0x1468/0x5450 [ 34.287302] kasan_check_range+0x10c/0x1c0 [ 34.287952] __kasan_check_write+0x18/0x20 [ 34.288404] kasan_atomics_helper+0x1468/0x5450 [ 34.289021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.289447] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.289959] ? kasan_save_alloc_info+0x3b/0x50 [ 34.290296] ? kasan_atomics+0x153/0x310 [ 34.290869] kasan_atomics+0x1dd/0x310 [ 34.291454] ? __pfx_kasan_atomics+0x10/0x10 [ 34.291861] ? __pfx_read_tsc+0x10/0x10 [ 34.292388] ? ktime_get_ts64+0x84/0x230 [ 34.293000] kunit_try_run_case+0x1b3/0x490 [ 34.293476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.294038] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.294674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.295226] ? __kthread_parkme+0x82/0x160 [ 34.295694] ? preempt_count_sub+0x50/0x80 [ 34.296234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.296850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.297384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.298143] kthread+0x257/0x310 [ 34.298509] ? __pfx_kthread+0x10/0x10 [ 34.299033] ret_from_fork+0x41/0x80 [ 34.299880] ? __pfx_kthread+0x10/0x10 [ 34.300300] ret_from_fork_asm+0x1a/0x30 [ 34.301198] </TASK> [ 34.301619] [ 34.301886] Allocated by task 272: [ 34.302590] kasan_save_stack+0x3d/0x60 [ 34.302899] kasan_save_track+0x18/0x40 [ 34.303487] kasan_save_alloc_info+0x3b/0x50 [ 34.304448] __kasan_kmalloc+0xb7/0xc0 [ 34.305099] __kmalloc_cache_noprof+0x184/0x410 [ 34.305634] kasan_atomics+0x96/0x310 [ 34.306328] kunit_try_run_case+0x1b3/0x490 [ 34.307137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.307578] kthread+0x257/0x310 [ 34.308173] ret_from_fork+0x41/0x80 [ 34.308536] ret_from_fork_asm+0x1a/0x30 [ 34.309380] [ 34.309573] The buggy address belongs to the object at ffff8881029f9480 [ 34.309573] which belongs to the cache kmalloc-64 of size 64 [ 34.311320] The buggy address is located 0 bytes to the right of [ 34.311320] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.312688] [ 34.312891] The buggy address belongs to the physical page: [ 34.313541] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.315092] flags: 0x200000000000000(node=0|zone=2) [ 34.315506] page_type: f5(slab) [ 34.315946] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.317069] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.318011] page dumped because: kasan: bad access detected [ 34.318656] [ 34.318990] Memory state around the buggy address: [ 34.319779] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.320687] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.321442] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.322299] ^ [ 34.323086] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.324145] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.324745] ================================================================== [ 32.978832] ================================================================== [ 32.979933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 32.981091] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.981940] [ 32.982139] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.983526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.983968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.985136] Call Trace: [ 32.985346] <TASK> [ 32.985796] dump_stack_lvl+0x73/0xb0 [ 32.986434] print_report+0xd1/0x640 [ 32.987112] ? __virt_addr_valid+0x1db/0x2d0 [ 32.987610] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.988302] kasan_report+0x102/0x140 [ 32.988716] ? kasan_atomics_helper+0x5ff/0x5450 [ 32.989049] ? kasan_atomics_helper+0x5ff/0x5450 [ 32.989953] kasan_check_range+0x10c/0x1c0 [ 32.990647] __kasan_check_write+0x18/0x20 [ 32.991157] kasan_atomics_helper+0x5ff/0x5450 [ 32.991904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.992458] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.992967] ? kasan_save_alloc_info+0x3b/0x50 [ 32.993660] ? kasan_atomics+0x153/0x310 [ 32.994301] kasan_atomics+0x1dd/0x310 [ 32.994752] ? __pfx_kasan_atomics+0x10/0x10 [ 32.995433] ? __pfx_read_tsc+0x10/0x10 [ 32.996174] ? ktime_get_ts64+0x84/0x230 [ 32.997197] kunit_try_run_case+0x1b3/0x490 [ 32.997553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.998178] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.998591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.999112] ? __kthread_parkme+0x82/0x160 [ 32.999553] ? preempt_count_sub+0x50/0x80 [ 33.000118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.000609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.001652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.002298] kthread+0x257/0x310 [ 33.002759] ? __pfx_kthread+0x10/0x10 [ 33.003267] ret_from_fork+0x41/0x80 [ 33.003609] ? __pfx_kthread+0x10/0x10 [ 33.004057] ret_from_fork_asm+0x1a/0x30 [ 33.004551] </TASK> [ 33.005038] [ 33.005195] Allocated by task 272: [ 33.005667] kasan_save_stack+0x3d/0x60 [ 33.006016] kasan_save_track+0x18/0x40 [ 33.006626] kasan_save_alloc_info+0x3b/0x50 [ 33.007104] __kasan_kmalloc+0xb7/0xc0 [ 33.007406] __kmalloc_cache_noprof+0x184/0x410 [ 33.008213] kasan_atomics+0x96/0x310 [ 33.008568] kunit_try_run_case+0x1b3/0x490 [ 33.009152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.009689] kthread+0x257/0x310 [ 33.010087] ret_from_fork+0x41/0x80 [ 33.010446] ret_from_fork_asm+0x1a/0x30 [ 33.011036] [ 33.011387] The buggy address belongs to the object at ffff8881029f9480 [ 33.011387] which belongs to the cache kmalloc-64 of size 64 [ 33.012349] The buggy address is located 0 bytes to the right of [ 33.012349] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.013256] [ 33.013510] The buggy address belongs to the physical page: [ 33.014348] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.015182] flags: 0x200000000000000(node=0|zone=2) [ 33.017355] page_type: f5(slab) [ 33.017577] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.018003] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.018398] page dumped because: kasan: bad access detected [ 33.018691] [ 33.020560] Memory state around the buggy address: [ 33.022302] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.024080] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.025796] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.027507] ^ [ 33.028555] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.029354] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.030293] ================================================================== [ 33.912956] ================================================================== [ 33.913878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 33.914869] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.915542] [ 33.915857] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.916893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.917222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.918146] Call Trace: [ 33.918427] <TASK> [ 33.918717] dump_stack_lvl+0x73/0xb0 [ 33.919136] print_report+0xd1/0x640 [ 33.919454] ? __virt_addr_valid+0x1db/0x2d0 [ 33.920145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.920692] kasan_report+0x102/0x140 [ 33.921058] ? kasan_atomics_helper+0x1149/0x5450 [ 33.921472] ? kasan_atomics_helper+0x1149/0x5450 [ 33.921883] kasan_check_range+0x10c/0x1c0 [ 33.922325] __kasan_check_write+0x18/0x20 [ 33.922913] kasan_atomics_helper+0x1149/0x5450 [ 33.923511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.924172] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.924670] ? kasan_save_alloc_info+0x3b/0x50 [ 33.925205] ? kasan_atomics+0x153/0x310 [ 33.925590] kasan_atomics+0x1dd/0x310 [ 33.926019] ? __pfx_kasan_atomics+0x10/0x10 [ 33.926492] ? __pfx_read_tsc+0x10/0x10 [ 33.926997] ? ktime_get_ts64+0x84/0x230 [ 33.927418] kunit_try_run_case+0x1b3/0x490 [ 33.927938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.928268] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.928643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.929266] ? __kthread_parkme+0x82/0x160 [ 33.929851] ? preempt_count_sub+0x50/0x80 [ 33.930192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.930793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.931424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.931990] kthread+0x257/0x310 [ 33.932278] ? __pfx_kthread+0x10/0x10 [ 33.932564] ret_from_fork+0x41/0x80 [ 33.933108] ? __pfx_kthread+0x10/0x10 [ 33.933648] ret_from_fork_asm+0x1a/0x30 [ 33.934034] </TASK> [ 33.934240] [ 33.934433] Allocated by task 272: [ 33.934931] kasan_save_stack+0x3d/0x60 [ 33.935439] kasan_save_track+0x18/0x40 [ 33.935947] kasan_save_alloc_info+0x3b/0x50 [ 33.936338] __kasan_kmalloc+0xb7/0xc0 [ 33.936662] __kmalloc_cache_noprof+0x184/0x410 [ 33.937190] kasan_atomics+0x96/0x310 [ 33.937550] kunit_try_run_case+0x1b3/0x490 [ 33.938126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.938757] kthread+0x257/0x310 [ 33.939031] ret_from_fork+0x41/0x80 [ 33.939439] ret_from_fork_asm+0x1a/0x30 [ 33.939999] [ 33.940234] The buggy address belongs to the object at ffff8881029f9480 [ 33.940234] which belongs to the cache kmalloc-64 of size 64 [ 33.941237] The buggy address is located 0 bytes to the right of [ 33.941237] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.942284] [ 33.942534] The buggy address belongs to the physical page: [ 33.942983] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.943797] flags: 0x200000000000000(node=0|zone=2) [ 33.944216] page_type: f5(slab) [ 33.944503] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.945262] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.945758] page dumped because: kasan: bad access detected [ 33.946402] [ 33.946730] Memory state around the buggy address: [ 33.947132] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.947659] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.948447] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.949250] ^ [ 33.950293] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.951871] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.953013] ================================================================== [ 33.468880] ================================================================== [ 33.470884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 33.471474] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.472341] [ 33.472517] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.474107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.474614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.475778] Call Trace: [ 33.476056] <TASK> [ 33.476316] dump_stack_lvl+0x73/0xb0 [ 33.476849] print_report+0xd1/0x640 [ 33.477525] ? __virt_addr_valid+0x1db/0x2d0 [ 33.478283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.478851] kasan_report+0x102/0x140 [ 33.479207] ? kasan_atomics_helper+0xc71/0x5450 [ 33.479578] ? kasan_atomics_helper+0xc71/0x5450 [ 33.479849] kasan_check_range+0x10c/0x1c0 [ 33.480054] __kasan_check_write+0x18/0x20 [ 33.480244] kasan_atomics_helper+0xc71/0x5450 [ 33.480450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.481345] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.482357] ? kasan_save_alloc_info+0x3b/0x50 [ 33.482936] ? kasan_atomics+0x153/0x310 [ 33.483483] kasan_atomics+0x1dd/0x310 [ 33.484212] ? __pfx_kasan_atomics+0x10/0x10 [ 33.484548] ? __pfx_read_tsc+0x10/0x10 [ 33.485064] ? ktime_get_ts64+0x84/0x230 [ 33.485682] kunit_try_run_case+0x1b3/0x490 [ 33.486501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.487048] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.487560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.488450] ? __kthread_parkme+0x82/0x160 [ 33.489362] ? preempt_count_sub+0x50/0x80 [ 33.490099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.490427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.491227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.491792] kthread+0x257/0x310 [ 33.492313] ? __pfx_kthread+0x10/0x10 [ 33.492969] ret_from_fork+0x41/0x80 [ 33.493379] ? __pfx_kthread+0x10/0x10 [ 33.494307] ret_from_fork_asm+0x1a/0x30 [ 33.495299] </TASK> [ 33.495495] [ 33.495687] Allocated by task 272: [ 33.496131] kasan_save_stack+0x3d/0x60 [ 33.496599] kasan_save_track+0x18/0x40 [ 33.497300] kasan_save_alloc_info+0x3b/0x50 [ 33.498060] __kasan_kmalloc+0xb7/0xc0 [ 33.498499] __kmalloc_cache_noprof+0x184/0x410 [ 33.499287] kasan_atomics+0x96/0x310 [ 33.499777] kunit_try_run_case+0x1b3/0x490 [ 33.500395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.501045] kthread+0x257/0x310 [ 33.501231] ret_from_fork+0x41/0x80 [ 33.501407] ret_from_fork_asm+0x1a/0x30 [ 33.501595] [ 33.501795] The buggy address belongs to the object at ffff8881029f9480 [ 33.501795] which belongs to the cache kmalloc-64 of size 64 [ 33.502896] The buggy address is located 0 bytes to the right of [ 33.502896] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.503655] [ 33.503929] The buggy address belongs to the physical page: [ 33.504662] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.505694] flags: 0x200000000000000(node=0|zone=2) [ 33.506072] page_type: f5(slab) [ 33.506325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.507251] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.508367] page dumped because: kasan: bad access detected [ 33.508824] [ 33.508984] Memory state around the buggy address: [ 33.509674] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.510605] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.511322] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.512171] ^ [ 33.512484] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.513330] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.514367] ================================================================== [ 34.877183] ================================================================== [ 34.878214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 34.878854] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.883155] [ 34.883318] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.883858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.884100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.884532] Call Trace: [ 34.886339] <TASK> [ 34.887105] dump_stack_lvl+0x73/0xb0 [ 34.888278] print_report+0xd1/0x640 [ 34.889428] ? __virt_addr_valid+0x1db/0x2d0 [ 34.891042] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.892631] kasan_report+0x102/0x140 [ 34.893242] ? kasan_atomics_helper+0x1c19/0x5450 [ 34.894110] ? kasan_atomics_helper+0x1c19/0x5450 [ 34.894912] kasan_check_range+0x10c/0x1c0 [ 34.895400] __kasan_check_write+0x18/0x20 [ 34.896092] kasan_atomics_helper+0x1c19/0x5450 [ 34.896912] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.897580] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.898097] ? kasan_save_alloc_info+0x3b/0x50 [ 34.898572] ? kasan_atomics+0x153/0x310 [ 34.898981] kasan_atomics+0x1dd/0x310 [ 34.900010] ? __pfx_kasan_atomics+0x10/0x10 [ 34.900291] ? __pfx_read_tsc+0x10/0x10 [ 34.900484] ? ktime_get_ts64+0x84/0x230 [ 34.901201] kunit_try_run_case+0x1b3/0x490 [ 34.902343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.903133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.903908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.904478] ? __kthread_parkme+0x82/0x160 [ 34.905294] ? preempt_count_sub+0x50/0x80 [ 34.905715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.906389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.907099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.907610] kthread+0x257/0x310 [ 34.908263] ? __pfx_kthread+0x10/0x10 [ 34.909145] ret_from_fork+0x41/0x80 [ 34.909492] ? __pfx_kthread+0x10/0x10 [ 34.909775] ret_from_fork_asm+0x1a/0x30 [ 34.910689] </TASK> [ 34.911011] [ 34.911254] Allocated by task 272: [ 34.911582] kasan_save_stack+0x3d/0x60 [ 34.912536] kasan_save_track+0x18/0x40 [ 34.912999] kasan_save_alloc_info+0x3b/0x50 [ 34.913406] __kasan_kmalloc+0xb7/0xc0 [ 34.914547] __kmalloc_cache_noprof+0x184/0x410 [ 34.915152] kasan_atomics+0x96/0x310 [ 34.915597] kunit_try_run_case+0x1b3/0x490 [ 34.916342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.917058] kthread+0x257/0x310 [ 34.917312] ret_from_fork+0x41/0x80 [ 34.918246] ret_from_fork_asm+0x1a/0x30 [ 34.918592] [ 34.918938] The buggy address belongs to the object at ffff8881029f9480 [ 34.918938] which belongs to the cache kmalloc-64 of size 64 [ 34.920222] The buggy address is located 0 bytes to the right of [ 34.920222] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.922015] [ 34.922463] The buggy address belongs to the physical page: [ 34.923348] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.924264] flags: 0x200000000000000(node=0|zone=2) [ 34.924869] page_type: f5(slab) [ 34.925531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.926308] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.926950] page dumped because: kasan: bad access detected [ 34.927430] [ 34.927639] Memory state around the buggy address: [ 34.928787] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.929678] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.930516] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.931386] ^ [ 34.932084] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.932973] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.933893] ================================================================== [ 34.421190] ================================================================== [ 34.421811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 34.422659] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.423138] [ 34.423408] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.424207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.424689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.425319] Call Trace: [ 34.425527] <TASK> [ 34.425887] dump_stack_lvl+0x73/0xb0 [ 34.426392] print_report+0xd1/0x640 [ 34.427079] ? __virt_addr_valid+0x1db/0x2d0 [ 34.427532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.428256] kasan_report+0x102/0x140 [ 34.428546] ? kasan_atomics_helper+0x15b7/0x5450 [ 34.429162] ? kasan_atomics_helper+0x15b7/0x5450 [ 34.429659] kasan_check_range+0x10c/0x1c0 [ 34.430066] __kasan_check_write+0x18/0x20 [ 34.430370] kasan_atomics_helper+0x15b7/0x5450 [ 34.430893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.431533] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.432209] ? kasan_save_alloc_info+0x3b/0x50 [ 34.432579] ? kasan_atomics+0x153/0x310 [ 34.433057] kasan_atomics+0x1dd/0x310 [ 34.433356] ? __pfx_kasan_atomics+0x10/0x10 [ 34.433920] ? __pfx_read_tsc+0x10/0x10 [ 34.434811] ? ktime_get_ts64+0x84/0x230 [ 34.435887] kunit_try_run_case+0x1b3/0x490 [ 34.436365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.436880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.437329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.438365] ? __kthread_parkme+0x82/0x160 [ 34.438806] ? preempt_count_sub+0x50/0x80 [ 34.439497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.440059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.441013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.441773] kthread+0x257/0x310 [ 34.442331] ? __pfx_kthread+0x10/0x10 [ 34.442952] ret_from_fork+0x41/0x80 [ 34.443352] ? __pfx_kthread+0x10/0x10 [ 34.444125] ret_from_fork_asm+0x1a/0x30 [ 34.444582] </TASK> [ 34.445253] [ 34.445396] Allocated by task 272: [ 34.445844] kasan_save_stack+0x3d/0x60 [ 34.446599] kasan_save_track+0x18/0x40 [ 34.447301] kasan_save_alloc_info+0x3b/0x50 [ 34.447988] __kasan_kmalloc+0xb7/0xc0 [ 34.448174] __kmalloc_cache_noprof+0x184/0x410 [ 34.448373] kasan_atomics+0x96/0x310 [ 34.448550] kunit_try_run_case+0x1b3/0x490 [ 34.449317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.450270] kthread+0x257/0x310 [ 34.450993] ret_from_fork+0x41/0x80 [ 34.451626] ret_from_fork_asm+0x1a/0x30 [ 34.452288] [ 34.452544] The buggy address belongs to the object at ffff8881029f9480 [ 34.452544] which belongs to the cache kmalloc-64 of size 64 [ 34.453576] The buggy address is located 0 bytes to the right of [ 34.453576] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.454919] [ 34.455151] The buggy address belongs to the physical page: [ 34.455972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.456519] flags: 0x200000000000000(node=0|zone=2) [ 34.457141] page_type: f5(slab) [ 34.457489] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.458182] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.459020] page dumped because: kasan: bad access detected [ 34.459403] [ 34.459694] Memory state around the buggy address: [ 34.460581] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.461690] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.462201] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.462985] ^ [ 34.463469] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.464342] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.465225] ================================================================== [ 34.610091] ================================================================== [ 34.610993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 34.611982] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.612726] [ 34.613194] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.614362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.614637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.616719] Call Trace: [ 34.617193] <TASK> [ 34.617387] dump_stack_lvl+0x73/0xb0 [ 34.617671] print_report+0xd1/0x640 [ 34.617949] ? __virt_addr_valid+0x1db/0x2d0 [ 34.618249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.618577] kasan_report+0x102/0x140 [ 34.621413] ? kasan_atomics_helper+0x1819/0x5450 [ 34.622493] ? kasan_atomics_helper+0x1819/0x5450 [ 34.623995] kasan_check_range+0x10c/0x1c0 [ 34.625291] __kasan_check_write+0x18/0x20 [ 34.626857] kasan_atomics_helper+0x1819/0x5450 [ 34.628016] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.628929] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.629166] ? kasan_save_alloc_info+0x3b/0x50 [ 34.629378] ? kasan_atomics+0x153/0x310 [ 34.629579] kasan_atomics+0x1dd/0x310 [ 34.630307] ? __pfx_kasan_atomics+0x10/0x10 [ 34.630948] ? __pfx_read_tsc+0x10/0x10 [ 34.631454] ? ktime_get_ts64+0x84/0x230 [ 34.632068] kunit_try_run_case+0x1b3/0x490 [ 34.632547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.633170] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.633519] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.634059] ? __kthread_parkme+0x82/0x160 [ 34.634730] ? preempt_count_sub+0x50/0x80 [ 34.635266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.635830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.636452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.637100] kthread+0x257/0x310 [ 34.637477] ? __pfx_kthread+0x10/0x10 [ 34.637893] ret_from_fork+0x41/0x80 [ 34.638437] ? __pfx_kthread+0x10/0x10 [ 34.639057] ret_from_fork_asm+0x1a/0x30 [ 34.639532] </TASK> [ 34.640006] [ 34.640288] Allocated by task 272: [ 34.640816] kasan_save_stack+0x3d/0x60 [ 34.641267] kasan_save_track+0x18/0x40 [ 34.641944] kasan_save_alloc_info+0x3b/0x50 [ 34.642460] __kasan_kmalloc+0xb7/0xc0 [ 34.643003] __kmalloc_cache_noprof+0x184/0x410 [ 34.643485] kasan_atomics+0x96/0x310 [ 34.644057] kunit_try_run_case+0x1b3/0x490 [ 34.644416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.645240] kthread+0x257/0x310 [ 34.645543] ret_from_fork+0x41/0x80 [ 34.646154] ret_from_fork_asm+0x1a/0x30 [ 34.646509] [ 34.646894] The buggy address belongs to the object at ffff8881029f9480 [ 34.646894] which belongs to the cache kmalloc-64 of size 64 [ 34.648041] The buggy address is located 0 bytes to the right of [ 34.648041] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.649334] [ 34.649582] The buggy address belongs to the physical page: [ 34.650317] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.651127] flags: 0x200000000000000(node=0|zone=2) [ 34.651581] page_type: f5(slab) [ 34.652010] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.652589] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.653405] page dumped because: kasan: bad access detected [ 34.654099] [ 34.654349] Memory state around the buggy address: [ 34.654986] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.655828] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.656547] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.657213] ^ [ 34.657823] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.658268] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.658935] ================================================================== [ 35.262019] ================================================================== [ 35.263587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 35.264226] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.265069] [ 35.265280] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.266250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.266523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.267615] Call Trace: [ 35.268000] <TASK> [ 35.268214] dump_stack_lvl+0x73/0xb0 [ 35.268507] print_report+0xd1/0x640 [ 35.268941] ? __virt_addr_valid+0x1db/0x2d0 [ 35.269489] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.270281] kasan_report+0x102/0x140 [ 35.270842] ? kasan_atomics_helper+0x2007/0x5450 [ 35.271351] ? kasan_atomics_helper+0x2007/0x5450 [ 35.272658] kasan_check_range+0x10c/0x1c0 [ 35.273319] __kasan_check_write+0x18/0x20 [ 35.274253] kasan_atomics_helper+0x2007/0x5450 [ 35.275000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.275663] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.276585] ? kasan_save_alloc_info+0x3b/0x50 [ 35.277288] ? kasan_atomics+0x153/0x310 [ 35.278073] kasan_atomics+0x1dd/0x310 [ 35.278499] ? __pfx_kasan_atomics+0x10/0x10 [ 35.279304] ? __pfx_read_tsc+0x10/0x10 [ 35.279881] ? ktime_get_ts64+0x84/0x230 [ 35.280328] kunit_try_run_case+0x1b3/0x490 [ 35.281327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.281760] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.282451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.283226] ? __kthread_parkme+0x82/0x160 [ 35.283643] ? preempt_count_sub+0x50/0x80 [ 35.284523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.285217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.285797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.286611] kthread+0x257/0x310 [ 35.287193] ? __pfx_kthread+0x10/0x10 [ 35.287789] ret_from_fork+0x41/0x80 [ 35.288526] ? __pfx_kthread+0x10/0x10 [ 35.289257] ret_from_fork_asm+0x1a/0x30 [ 35.289620] </TASK> [ 35.289831] [ 35.290477] Allocated by task 272: [ 35.290758] kasan_save_stack+0x3d/0x60 [ 35.291648] kasan_save_track+0x18/0x40 [ 35.292474] kasan_save_alloc_info+0x3b/0x50 [ 35.293280] __kasan_kmalloc+0xb7/0xc0 [ 35.293686] __kmalloc_cache_noprof+0x184/0x410 [ 35.294243] kasan_atomics+0x96/0x310 [ 35.294627] kunit_try_run_case+0x1b3/0x490 [ 35.295756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.296331] kthread+0x257/0x310 [ 35.297022] ret_from_fork+0x41/0x80 [ 35.297733] ret_from_fork_asm+0x1a/0x30 [ 35.298137] [ 35.298389] The buggy address belongs to the object at ffff8881029f9480 [ 35.298389] which belongs to the cache kmalloc-64 of size 64 [ 35.299796] The buggy address is located 0 bytes to the right of [ 35.299796] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.300746] [ 35.300916] The buggy address belongs to the physical page: [ 35.301438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.302579] flags: 0x200000000000000(node=0|zone=2) [ 35.302865] page_type: f5(slab) [ 35.303025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.303314] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.303596] page dumped because: kasan: bad access detected [ 35.304334] [ 35.304763] Memory state around the buggy address: [ 35.305272] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.306876] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.307623] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.308225] ^ [ 35.308644] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.309288] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.309807] ================================================================== [ 34.325568] ================================================================== [ 34.327393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 34.328112] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.329364] [ 34.329500] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.330418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.331551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.332529] Call Trace: [ 34.333271] <TASK> [ 34.333523] dump_stack_lvl+0x73/0xb0 [ 34.334263] print_report+0xd1/0x640 [ 34.335074] ? __virt_addr_valid+0x1db/0x2d0 [ 34.335727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.336395] kasan_report+0x102/0x140 [ 34.336759] ? kasan_atomics_helper+0x50d6/0x5450 [ 34.337240] ? kasan_atomics_helper+0x50d6/0x5450 [ 34.338172] __asan_report_store8_noabort+0x1b/0x30 [ 34.338946] kasan_atomics_helper+0x50d6/0x5450 [ 34.339563] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.340257] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.340886] ? kasan_save_alloc_info+0x3b/0x50 [ 34.341472] ? kasan_atomics+0x153/0x310 [ 34.341942] kasan_atomics+0x1dd/0x310 [ 34.342592] ? __pfx_kasan_atomics+0x10/0x10 [ 34.343306] ? __pfx_read_tsc+0x10/0x10 [ 34.343665] ? ktime_get_ts64+0x84/0x230 [ 34.344340] kunit_try_run_case+0x1b3/0x490 [ 34.345012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.345926] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.346236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.346534] ? __kthread_parkme+0x82/0x160 [ 34.346976] ? preempt_count_sub+0x50/0x80 [ 34.347378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.348322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.349140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.349459] kthread+0x257/0x310 [ 34.349931] ? __pfx_kthread+0x10/0x10 [ 34.352130] ret_from_fork+0x41/0x80 [ 34.352401] ? __pfx_kthread+0x10/0x10 [ 34.352649] ret_from_fork_asm+0x1a/0x30 [ 34.353094] </TASK> [ 34.353666] [ 34.353940] Allocated by task 272: [ 34.354197] kasan_save_stack+0x3d/0x60 [ 34.354461] kasan_save_track+0x18/0x40 [ 34.354768] kasan_save_alloc_info+0x3b/0x50 [ 34.355251] __kasan_kmalloc+0xb7/0xc0 [ 34.355528] __kmalloc_cache_noprof+0x184/0x410 [ 34.356397] kasan_atomics+0x96/0x310 [ 34.357941] kunit_try_run_case+0x1b3/0x490 [ 34.358927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.359247] kthread+0x257/0x310 [ 34.359465] ret_from_fork+0x41/0x80 [ 34.359831] ret_from_fork_asm+0x1a/0x30 [ 34.361384] [ 34.362006] The buggy address belongs to the object at ffff8881029f9480 [ 34.362006] which belongs to the cache kmalloc-64 of size 64 [ 34.364475] The buggy address is located 0 bytes to the right of [ 34.364475] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.365480] [ 34.365797] The buggy address belongs to the physical page: [ 34.366220] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.366950] flags: 0x200000000000000(node=0|zone=2) [ 34.367489] page_type: f5(slab) [ 34.368044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.368661] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.369514] page dumped because: kasan: bad access detected [ 34.370116] [ 34.370372] Memory state around the buggy address: [ 34.371119] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.371854] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.372397] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.373198] ^ [ 34.373800] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.374542] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.375301] ================================================================== [ 34.466742] ================================================================== [ 34.468347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 34.469910] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.470550] [ 34.470945] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.472162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.472526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.474236] Call Trace: [ 34.474534] <TASK> [ 34.475360] dump_stack_lvl+0x73/0xb0 [ 34.475763] print_report+0xd1/0x640 [ 34.476303] ? __virt_addr_valid+0x1db/0x2d0 [ 34.476913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.477377] kasan_report+0x102/0x140 [ 34.477761] ? kasan_atomics_helper+0x1650/0x5450 [ 34.478605] ? kasan_atomics_helper+0x1650/0x5450 [ 34.479245] kasan_check_range+0x10c/0x1c0 [ 34.479947] __kasan_check_write+0x18/0x20 [ 34.480332] kasan_atomics_helper+0x1650/0x5450 [ 34.480824] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.481293] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.481833] ? kasan_save_alloc_info+0x3b/0x50 [ 34.482203] ? kasan_atomics+0x153/0x310 [ 34.482875] kasan_atomics+0x1dd/0x310 [ 34.483499] ? __pfx_kasan_atomics+0x10/0x10 [ 34.484134] ? __pfx_read_tsc+0x10/0x10 [ 34.484797] ? ktime_get_ts64+0x84/0x230 [ 34.485354] kunit_try_run_case+0x1b3/0x490 [ 34.486089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.486717] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.487244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.487934] ? __kthread_parkme+0x82/0x160 [ 34.488460] ? preempt_count_sub+0x50/0x80 [ 34.488940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.489647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.490345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.490981] kthread+0x257/0x310 [ 34.491424] ? __pfx_kthread+0x10/0x10 [ 34.492098] ret_from_fork+0x41/0x80 [ 34.492728] ? __pfx_kthread+0x10/0x10 [ 34.493412] ret_from_fork_asm+0x1a/0x30 [ 34.494070] </TASK> [ 34.494550] [ 34.494923] Allocated by task 272: [ 34.495352] kasan_save_stack+0x3d/0x60 [ 34.496026] kasan_save_track+0x18/0x40 [ 34.496530] kasan_save_alloc_info+0x3b/0x50 [ 34.497119] __kasan_kmalloc+0xb7/0xc0 [ 34.497516] __kmalloc_cache_noprof+0x184/0x410 [ 34.498218] kasan_atomics+0x96/0x310 [ 34.498656] kunit_try_run_case+0x1b3/0x490 [ 34.499206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.499841] kthread+0x257/0x310 [ 34.500134] ret_from_fork+0x41/0x80 [ 34.500768] ret_from_fork_asm+0x1a/0x30 [ 34.501275] [ 34.501646] The buggy address belongs to the object at ffff8881029f9480 [ 34.501646] which belongs to the cache kmalloc-64 of size 64 [ 34.503014] The buggy address is located 0 bytes to the right of [ 34.503014] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.504265] [ 34.504529] The buggy address belongs to the physical page: [ 34.505258] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.506046] flags: 0x200000000000000(node=0|zone=2) [ 34.506681] page_type: f5(slab) [ 34.507106] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.507886] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.508560] page dumped because: kasan: bad access detected [ 34.509298] [ 34.509509] Memory state around the buggy address: [ 34.510185] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.511028] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.511829] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.512524] ^ [ 34.513099] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.513880] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.514668] ================================================================== [ 33.649507] ================================================================== [ 33.650252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 33.650901] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.651840] [ 33.652014] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.653321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.653758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.654659] Call Trace: [ 33.654893] <TASK> [ 33.655207] dump_stack_lvl+0x73/0xb0 [ 33.655722] print_report+0xd1/0x640 [ 33.656168] ? __virt_addr_valid+0x1db/0x2d0 [ 33.656604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.657107] kasan_report+0x102/0x140 [ 33.657394] ? kasan_atomics_helper+0xe79/0x5450 [ 33.657893] ? kasan_atomics_helper+0xe79/0x5450 [ 33.658579] kasan_check_range+0x10c/0x1c0 [ 33.659223] __kasan_check_write+0x18/0x20 [ 33.659870] kasan_atomics_helper+0xe79/0x5450 [ 33.660249] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.660921] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.661370] ? kasan_save_alloc_info+0x3b/0x50 [ 33.662062] ? kasan_atomics+0x153/0x310 [ 33.662458] kasan_atomics+0x1dd/0x310 [ 33.663017] ? __pfx_kasan_atomics+0x10/0x10 [ 33.663382] ? __pfx_read_tsc+0x10/0x10 [ 33.663854] ? ktime_get_ts64+0x84/0x230 [ 33.664440] kunit_try_run_case+0x1b3/0x490 [ 33.665023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.665491] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.666099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.666662] ? __kthread_parkme+0x82/0x160 [ 33.667168] ? preempt_count_sub+0x50/0x80 [ 33.667739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.668158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.668792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.669451] kthread+0x257/0x310 [ 33.670085] ? __pfx_kthread+0x10/0x10 [ 33.670443] ret_from_fork+0x41/0x80 [ 33.670925] ? __pfx_kthread+0x10/0x10 [ 33.671728] ret_from_fork_asm+0x1a/0x30 [ 33.672456] </TASK> [ 33.672749] [ 33.672977] Allocated by task 272: [ 33.673473] kasan_save_stack+0x3d/0x60 [ 33.674070] kasan_save_track+0x18/0x40 [ 33.674497] kasan_save_alloc_info+0x3b/0x50 [ 33.674969] __kasan_kmalloc+0xb7/0xc0 [ 33.675249] __kmalloc_cache_noprof+0x184/0x410 [ 33.675764] kasan_atomics+0x96/0x310 [ 33.676263] kunit_try_run_case+0x1b3/0x490 [ 33.676805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.677300] kthread+0x257/0x310 [ 33.677676] ret_from_fork+0x41/0x80 [ 33.678017] ret_from_fork_asm+0x1a/0x30 [ 33.678440] [ 33.678652] The buggy address belongs to the object at ffff8881029f9480 [ 33.678652] which belongs to the cache kmalloc-64 of size 64 [ 33.679649] The buggy address is located 0 bytes to the right of [ 33.679649] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.680595] [ 33.680901] The buggy address belongs to the physical page: [ 33.681393] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.681919] flags: 0x200000000000000(node=0|zone=2) [ 33.682252] page_type: f5(slab) [ 33.682672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.683546] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.684431] page dumped because: kasan: bad access detected [ 33.685062] [ 33.685220] Memory state around the buggy address: [ 33.685525] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.686301] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.686977] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.687546] ^ [ 33.687954] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.688574] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.689107] ================================================================== [ 33.818595] ================================================================== [ 33.821481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 33.822305] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.822690] [ 33.822870] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.824074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.824569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.826739] Call Trace: [ 33.826934] <TASK> [ 33.827111] dump_stack_lvl+0x73/0xb0 [ 33.827371] print_report+0xd1/0x640 [ 33.828207] ? __virt_addr_valid+0x1db/0x2d0 [ 33.829074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.830122] kasan_report+0x102/0x140 [ 33.830526] ? kasan_atomics_helper+0x107a/0x5450 [ 33.831370] ? kasan_atomics_helper+0x107a/0x5450 [ 33.831663] kasan_check_range+0x10c/0x1c0 [ 33.832409] __kasan_check_write+0x18/0x20 [ 33.833286] kasan_atomics_helper+0x107a/0x5450 [ 33.834021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.834594] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.835182] ? kasan_save_alloc_info+0x3b/0x50 [ 33.835641] ? kasan_atomics+0x153/0x310 [ 33.836210] kasan_atomics+0x1dd/0x310 [ 33.837002] ? __pfx_kasan_atomics+0x10/0x10 [ 33.837470] ? __pfx_read_tsc+0x10/0x10 [ 33.838267] ? ktime_get_ts64+0x84/0x230 [ 33.839229] kunit_try_run_case+0x1b3/0x490 [ 33.839661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.840175] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.840739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.841649] ? __kthread_parkme+0x82/0x160 [ 33.842117] ? preempt_count_sub+0x50/0x80 [ 33.842564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.843316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.844062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.844610] kthread+0x257/0x310 [ 33.845564] ? __pfx_kthread+0x10/0x10 [ 33.846123] ret_from_fork+0x41/0x80 [ 33.846895] ? __pfx_kthread+0x10/0x10 [ 33.847527] ret_from_fork_asm+0x1a/0x30 [ 33.848051] </TASK> [ 33.848314] [ 33.848520] Allocated by task 272: [ 33.849769] kasan_save_stack+0x3d/0x60 [ 33.850032] kasan_save_track+0x18/0x40 [ 33.850925] kasan_save_alloc_info+0x3b/0x50 [ 33.851565] __kasan_kmalloc+0xb7/0xc0 [ 33.852040] __kmalloc_cache_noprof+0x184/0x410 [ 33.852527] kasan_atomics+0x96/0x310 [ 33.853152] kunit_try_run_case+0x1b3/0x490 [ 33.853607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.854717] kthread+0x257/0x310 [ 33.855174] ret_from_fork+0x41/0x80 [ 33.855879] ret_from_fork_asm+0x1a/0x30 [ 33.856177] [ 33.856679] The buggy address belongs to the object at ffff8881029f9480 [ 33.856679] which belongs to the cache kmalloc-64 of size 64 [ 33.858483] The buggy address is located 0 bytes to the right of [ 33.858483] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.860305] [ 33.860525] The buggy address belongs to the physical page: [ 33.861051] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.862188] flags: 0x200000000000000(node=0|zone=2) [ 33.862771] page_type: f5(slab) [ 33.863184] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.864133] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.864758] page dumped because: kasan: bad access detected [ 33.865420] [ 33.865873] Memory state around the buggy address: [ 33.866257] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.867211] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.867940] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.868541] ^ [ 33.869408] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.870072] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.870756] ================================================================== [ 32.885823] ================================================================== [ 32.886326] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 32.887754] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.888548] [ 32.888868] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.889724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.890045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.890857] Call Trace: [ 32.891151] <TASK> [ 32.891401] dump_stack_lvl+0x73/0xb0 [ 32.891924] print_report+0xd1/0x640 [ 32.892331] ? __virt_addr_valid+0x1db/0x2d0 [ 32.892883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.893356] kasan_report+0x102/0x140 [ 32.893802] ? kasan_atomics_helper+0x4b3c/0x5450 [ 32.894318] ? kasan_atomics_helper+0x4b3c/0x5450 [ 32.894878] __asan_report_store4_noabort+0x1b/0x30 [ 32.895409] kasan_atomics_helper+0x4b3c/0x5450 [ 32.895934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.896416] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.896859] ? kasan_save_alloc_info+0x3b/0x50 [ 32.897429] ? kasan_atomics+0x153/0x310 [ 32.897872] kasan_atomics+0x1dd/0x310 [ 32.898377] ? __pfx_kasan_atomics+0x10/0x10 [ 32.898901] ? __pfx_read_tsc+0x10/0x10 [ 32.899296] ? ktime_get_ts64+0x84/0x230 [ 32.899669] kunit_try_run_case+0x1b3/0x490 [ 32.900167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.900534] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.901179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.901647] ? __kthread_parkme+0x82/0x160 [ 32.902071] ? preempt_count_sub+0x50/0x80 [ 32.902519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.902991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.903639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.904175] kthread+0x257/0x310 [ 32.904470] ? __pfx_kthread+0x10/0x10 [ 32.904899] ret_from_fork+0x41/0x80 [ 32.905310] ? __pfx_kthread+0x10/0x10 [ 32.905651] ret_from_fork_asm+0x1a/0x30 [ 32.906196] </TASK> [ 32.906491] [ 32.906778] Allocated by task 272: [ 32.907132] kasan_save_stack+0x3d/0x60 [ 32.907553] kasan_save_track+0x18/0x40 [ 32.908085] kasan_save_alloc_info+0x3b/0x50 [ 32.908412] __kasan_kmalloc+0xb7/0xc0 [ 32.908929] __kmalloc_cache_noprof+0x184/0x410 [ 32.909374] kasan_atomics+0x96/0x310 [ 32.909742] kunit_try_run_case+0x1b3/0x490 [ 32.910202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.910901] kthread+0x257/0x310 [ 32.911229] ret_from_fork+0x41/0x80 [ 32.911524] ret_from_fork_asm+0x1a/0x30 [ 32.912022] [ 32.912179] The buggy address belongs to the object at ffff8881029f9480 [ 32.912179] which belongs to the cache kmalloc-64 of size 64 [ 32.913470] The buggy address is located 0 bytes to the right of [ 32.913470] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.914427] [ 32.914745] The buggy address belongs to the physical page: [ 32.915175] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.915901] flags: 0x200000000000000(node=0|zone=2) [ 32.916228] page_type: f5(slab) [ 32.916477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.917318] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.918382] page dumped because: kasan: bad access detected [ 32.919418] [ 32.919522] Memory state around the buggy address: [ 32.920259] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.921516] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.922240] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.922516] ^ [ 32.922817] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.924216] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.925078] ================================================================== [ 34.235901] ================================================================== [ 34.236809] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 34.237510] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.238241] [ 34.238484] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.239569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.240041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.240822] Call Trace: [ 34.241157] <TASK> [ 34.241501] dump_stack_lvl+0x73/0xb0 [ 34.242030] print_report+0xd1/0x640 [ 34.242511] ? __virt_addr_valid+0x1db/0x2d0 [ 34.243082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.243652] kasan_report+0x102/0x140 [ 34.244110] ? kasan_atomics_helper+0x4eb0/0x5450 [ 34.244586] ? kasan_atomics_helper+0x4eb0/0x5450 [ 34.245149] __asan_report_load8_noabort+0x18/0x20 [ 34.245849] kasan_atomics_helper+0x4eb0/0x5450 [ 34.246346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.246989] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.247574] ? kasan_save_alloc_info+0x3b/0x50 [ 34.248132] ? kasan_atomics+0x153/0x310 [ 34.248549] kasan_atomics+0x1dd/0x310 [ 34.249140] ? __pfx_kasan_atomics+0x10/0x10 [ 34.249743] ? __pfx_read_tsc+0x10/0x10 [ 34.250147] ? ktime_get_ts64+0x84/0x230 [ 34.250751] kunit_try_run_case+0x1b3/0x490 [ 34.251307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.251937] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.252363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.253102] ? __kthread_parkme+0x82/0x160 [ 34.253455] ? preempt_count_sub+0x50/0x80 [ 34.254090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.254567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.255176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.255747] kthread+0x257/0x310 [ 34.256162] ? __pfx_kthread+0x10/0x10 [ 34.256601] ret_from_fork+0x41/0x80 [ 34.257091] ? __pfx_kthread+0x10/0x10 [ 34.257575] ret_from_fork_asm+0x1a/0x30 [ 34.258106] </TASK> [ 34.258452] [ 34.258808] Allocated by task 272: [ 34.259167] kasan_save_stack+0x3d/0x60 [ 34.259731] kasan_save_track+0x18/0x40 [ 34.260237] kasan_save_alloc_info+0x3b/0x50 [ 34.260801] __kasan_kmalloc+0xb7/0xc0 [ 34.261143] __kmalloc_cache_noprof+0x184/0x410 [ 34.261796] kasan_atomics+0x96/0x310 [ 34.262163] kunit_try_run_case+0x1b3/0x490 [ 34.262593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.263353] kthread+0x257/0x310 [ 34.263655] ret_from_fork+0x41/0x80 [ 34.264188] ret_from_fork_asm+0x1a/0x30 [ 34.264817] [ 34.265018] The buggy address belongs to the object at ffff8881029f9480 [ 34.265018] which belongs to the cache kmalloc-64 of size 64 [ 34.266127] The buggy address is located 0 bytes to the right of [ 34.266127] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.267310] [ 34.267593] The buggy address belongs to the physical page: [ 34.268341] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.269175] flags: 0x200000000000000(node=0|zone=2) [ 34.269732] page_type: f5(slab) [ 34.270095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.270859] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.271624] page dumped because: kasan: bad access detected [ 34.272114] [ 34.272363] Memory state around the buggy address: [ 34.272938] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.273571] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.274465] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.275147] ^ [ 34.275522] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.276394] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.277041] ================================================================== [ 33.129815] ================================================================== [ 33.131016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 33.131722] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.133203] [ 33.133540] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.134797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.135213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.136306] Call Trace: [ 33.136879] <TASK> [ 33.137100] dump_stack_lvl+0x73/0xb0 [ 33.137515] print_report+0xd1/0x640 [ 33.138339] ? __virt_addr_valid+0x1db/0x2d0 [ 33.139118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.139650] kasan_report+0x102/0x140 [ 33.140282] ? kasan_atomics_helper+0x7c8/0x5450 [ 33.140808] ? kasan_atomics_helper+0x7c8/0x5450 [ 33.141588] kasan_check_range+0x10c/0x1c0 [ 33.142250] __kasan_check_write+0x18/0x20 [ 33.142729] kasan_atomics_helper+0x7c8/0x5450 [ 33.143429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.144201] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.144667] ? kasan_save_alloc_info+0x3b/0x50 [ 33.145550] ? kasan_atomics+0x153/0x310 [ 33.146334] kasan_atomics+0x1dd/0x310 [ 33.146839] ? __pfx_kasan_atomics+0x10/0x10 [ 33.147586] ? __pfx_read_tsc+0x10/0x10 [ 33.148096] ? ktime_get_ts64+0x84/0x230 [ 33.149023] kunit_try_run_case+0x1b3/0x490 [ 33.149679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.150223] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.151180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.151665] ? __kthread_parkme+0x82/0x160 [ 33.152551] ? preempt_count_sub+0x50/0x80 [ 33.153437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.153920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.154501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.155292] kthread+0x257/0x310 [ 33.155929] ? __pfx_kthread+0x10/0x10 [ 33.156511] ret_from_fork+0x41/0x80 [ 33.157135] ? __pfx_kthread+0x10/0x10 [ 33.157524] ret_from_fork_asm+0x1a/0x30 [ 33.158309] </TASK> [ 33.158814] [ 33.159102] Allocated by task 272: [ 33.159460] kasan_save_stack+0x3d/0x60 [ 33.160089] kasan_save_track+0x18/0x40 [ 33.160888] kasan_save_alloc_info+0x3b/0x50 [ 33.161292] __kasan_kmalloc+0xb7/0xc0 [ 33.162190] __kmalloc_cache_noprof+0x184/0x410 [ 33.162584] kasan_atomics+0x96/0x310 [ 33.163268] kunit_try_run_case+0x1b3/0x490 [ 33.164122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.164610] kthread+0x257/0x310 [ 33.165138] ret_from_fork+0x41/0x80 [ 33.165556] ret_from_fork_asm+0x1a/0x30 [ 33.166356] [ 33.166606] The buggy address belongs to the object at ffff8881029f9480 [ 33.166606] which belongs to the cache kmalloc-64 of size 64 [ 33.168141] The buggy address is located 0 bytes to the right of [ 33.168141] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.169545] [ 33.170108] The buggy address belongs to the physical page: [ 33.170680] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.171462] flags: 0x200000000000000(node=0|zone=2) [ 33.172258] page_type: f5(slab) [ 33.172716] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.173618] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.174335] page dumped because: kasan: bad access detected [ 33.175365] [ 33.175629] Memory state around the buggy address: [ 33.176760] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.177358] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.178023] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.179188] ^ [ 33.179604] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.180445] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.181441] ================================================================== [ 33.689957] ================================================================== [ 33.690871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 33.691670] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.692467] [ 33.692786] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.693586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.693925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.694428] Call Trace: [ 33.694757] <TASK> [ 33.695032] dump_stack_lvl+0x73/0xb0 [ 33.695519] print_report+0xd1/0x640 [ 33.696053] ? __virt_addr_valid+0x1db/0x2d0 [ 33.696574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.697077] kasan_report+0x102/0x140 [ 33.697364] ? kasan_atomics_helper+0xf11/0x5450 [ 33.697821] ? kasan_atomics_helper+0xf11/0x5450 [ 33.698400] kasan_check_range+0x10c/0x1c0 [ 33.698975] __kasan_check_write+0x18/0x20 [ 33.699472] kasan_atomics_helper+0xf11/0x5450 [ 33.700097] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.700582] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.700994] ? kasan_save_alloc_info+0x3b/0x50 [ 33.701541] ? kasan_atomics+0x153/0x310 [ 33.702374] kasan_atomics+0x1dd/0x310 [ 33.703275] ? __pfx_kasan_atomics+0x10/0x10 [ 33.704225] ? __pfx_read_tsc+0x10/0x10 [ 33.705117] ? ktime_get_ts64+0x84/0x230 [ 33.705652] kunit_try_run_case+0x1b3/0x490 [ 33.706031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.706533] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.707025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.707692] ? __kthread_parkme+0x82/0x160 [ 33.708196] ? preempt_count_sub+0x50/0x80 [ 33.708967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.709656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.710295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.711126] kthread+0x257/0x310 [ 33.711882] ? __pfx_kthread+0x10/0x10 [ 33.712285] ret_from_fork+0x41/0x80 [ 33.712642] ? __pfx_kthread+0x10/0x10 [ 33.713433] ret_from_fork_asm+0x1a/0x30 [ 33.714091] </TASK> [ 33.714352] [ 33.714537] Allocated by task 272: [ 33.715767] kasan_save_stack+0x3d/0x60 [ 33.716154] kasan_save_track+0x18/0x40 [ 33.716521] kasan_save_alloc_info+0x3b/0x50 [ 33.717032] __kasan_kmalloc+0xb7/0xc0 [ 33.717427] __kmalloc_cache_noprof+0x184/0x410 [ 33.718077] kasan_atomics+0x96/0x310 [ 33.718464] kunit_try_run_case+0x1b3/0x490 [ 33.718914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.719879] kthread+0x257/0x310 [ 33.720164] ret_from_fork+0x41/0x80 [ 33.720752] ret_from_fork_asm+0x1a/0x30 [ 33.721263] [ 33.721634] The buggy address belongs to the object at ffff8881029f9480 [ 33.721634] which belongs to the cache kmalloc-64 of size 64 [ 33.722769] The buggy address is located 0 bytes to the right of [ 33.722769] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.724172] [ 33.724547] The buggy address belongs to the physical page: [ 33.725155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.726150] flags: 0x200000000000000(node=0|zone=2) [ 33.726832] page_type: f5(slab) [ 33.727104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.728035] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.728908] page dumped because: kasan: bad access detected [ 33.729448] [ 33.729878] Memory state around the buggy address: [ 33.730368] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.731243] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.731990] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.732694] ^ [ 33.733235] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.734236] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.735092] ================================================================== [ 33.280014] ================================================================== [ 33.282398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 33.282811] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.283191] [ 33.284827] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.286961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.288215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.290094] Call Trace: [ 33.290536] <TASK> [ 33.290732] dump_stack_lvl+0x73/0xb0 [ 33.291000] print_report+0xd1/0x640 [ 33.291252] ? __virt_addr_valid+0x1db/0x2d0 [ 33.291524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.293071] kasan_report+0x102/0x140 [ 33.293537] ? kasan_atomics_helper+0x993/0x5450 [ 33.294124] ? kasan_atomics_helper+0x993/0x5450 [ 33.294766] kasan_check_range+0x10c/0x1c0 [ 33.295206] __kasan_check_write+0x18/0x20 [ 33.295670] kasan_atomics_helper+0x993/0x5450 [ 33.296049] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.296446] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.297090] ? kasan_save_alloc_info+0x3b/0x50 [ 33.297728] ? kasan_atomics+0x153/0x310 [ 33.298097] kasan_atomics+0x1dd/0x310 [ 33.298478] ? __pfx_kasan_atomics+0x10/0x10 [ 33.299096] ? __pfx_read_tsc+0x10/0x10 [ 33.299546] ? ktime_get_ts64+0x84/0x230 [ 33.299976] kunit_try_run_case+0x1b3/0x490 [ 33.300291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.300906] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.301443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.302037] ? __kthread_parkme+0x82/0x160 [ 33.302365] ? preempt_count_sub+0x50/0x80 [ 33.302936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.303270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.304019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.304442] kthread+0x257/0x310 [ 33.304936] ? __pfx_kthread+0x10/0x10 [ 33.305402] ret_from_fork+0x41/0x80 [ 33.305843] ? __pfx_kthread+0x10/0x10 [ 33.306254] ret_from_fork_asm+0x1a/0x30 [ 33.306805] </TASK> [ 33.307039] [ 33.307196] Allocated by task 272: [ 33.307591] kasan_save_stack+0x3d/0x60 [ 33.308128] kasan_save_track+0x18/0x40 [ 33.308465] kasan_save_alloc_info+0x3b/0x50 [ 33.308952] __kasan_kmalloc+0xb7/0xc0 [ 33.309233] __kmalloc_cache_noprof+0x184/0x410 [ 33.309857] kasan_atomics+0x96/0x310 [ 33.310361] kunit_try_run_case+0x1b3/0x490 [ 33.310803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.311384] kthread+0x257/0x310 [ 33.311881] ret_from_fork+0x41/0x80 [ 33.312252] ret_from_fork_asm+0x1a/0x30 [ 33.312539] [ 33.312869] The buggy address belongs to the object at ffff8881029f9480 [ 33.312869] which belongs to the cache kmalloc-64 of size 64 [ 33.314127] The buggy address is located 0 bytes to the right of [ 33.314127] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.315247] [ 33.315456] The buggy address belongs to the physical page: [ 33.315865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.316792] flags: 0x200000000000000(node=0|zone=2) [ 33.317182] page_type: f5(slab) [ 33.317434] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.318315] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.319129] page dumped because: kasan: bad access detected [ 33.319489] [ 33.319792] Memory state around the buggy address: [ 33.320339] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.320931] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.321635] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.322289] ^ [ 33.322873] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.323501] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.324468] ================================================================== [ 32.612739] ================================================================== [ 32.613673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 32.614607] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.616268] [ 32.616457] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.617555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.618874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.619825] Call Trace: [ 32.620018] <TASK> [ 32.620594] dump_stack_lvl+0x73/0xb0 [ 32.621468] print_report+0xd1/0x640 [ 32.621894] ? __virt_addr_valid+0x1db/0x2d0 [ 32.622340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.623282] kasan_report+0x102/0x140 [ 32.624047] ? kasan_atomics_helper+0x4b8a/0x5450 [ 32.624567] ? kasan_atomics_helper+0x4b8a/0x5450 [ 32.625419] __asan_report_load4_noabort+0x18/0x20 [ 32.626345] kasan_atomics_helper+0x4b8a/0x5450 [ 32.626883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.627210] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.628532] ? kasan_save_alloc_info+0x3b/0x50 [ 32.628879] ? kasan_atomics+0x153/0x310 [ 32.629718] kasan_atomics+0x1dd/0x310 [ 32.630774] ? __pfx_kasan_atomics+0x10/0x10 [ 32.631348] ? __pfx_read_tsc+0x10/0x10 [ 32.631771] ? ktime_get_ts64+0x84/0x230 [ 32.632196] kunit_try_run_case+0x1b3/0x490 [ 32.632645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.633243] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.634421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.634764] ? __kthread_parkme+0x82/0x160 [ 32.635467] ? preempt_count_sub+0x50/0x80 [ 32.636393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.636618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.637109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.638502] kthread+0x257/0x310 [ 32.639043] ? __pfx_kthread+0x10/0x10 [ 32.639540] ret_from_fork+0x41/0x80 [ 32.639953] ? __pfx_kthread+0x10/0x10 [ 32.640742] ret_from_fork_asm+0x1a/0x30 [ 32.641240] </TASK> [ 32.641509] [ 32.641685] Allocated by task 272: [ 32.641949] kasan_save_stack+0x3d/0x60 [ 32.643231] kasan_save_track+0x18/0x40 [ 32.643571] kasan_save_alloc_info+0x3b/0x50 [ 32.644222] __kasan_kmalloc+0xb7/0xc0 [ 32.644835] __kmalloc_cache_noprof+0x184/0x410 [ 32.645800] kasan_atomics+0x96/0x310 [ 32.646198] kunit_try_run_case+0x1b3/0x490 [ 32.646634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.647728] kthread+0x257/0x310 [ 32.648049] ret_from_fork+0x41/0x80 [ 32.648885] ret_from_fork_asm+0x1a/0x30 [ 32.649654] [ 32.649887] The buggy address belongs to the object at ffff8881029f9480 [ 32.649887] which belongs to the cache kmalloc-64 of size 64 [ 32.651863] The buggy address is located 0 bytes to the right of [ 32.651863] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.653931] [ 32.654533] The buggy address belongs to the physical page: [ 32.655389] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.656164] flags: 0x200000000000000(node=0|zone=2) [ 32.656852] page_type: f5(slab) [ 32.657686] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.658647] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.659639] page dumped because: kasan: bad access detected [ 32.660516] [ 32.660745] Memory state around the buggy address: [ 32.661915] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.662569] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.663549] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.664297] ^ [ 32.665062] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.665921] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.667063] ================================================================== [ 33.605683] ================================================================== [ 33.606343] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 33.606837] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.607807] [ 33.608177] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.609096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.609526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.610249] Call Trace: [ 33.610518] <TASK> [ 33.610930] dump_stack_lvl+0x73/0xb0 [ 33.611431] print_report+0xd1/0x640 [ 33.611939] ? __virt_addr_valid+0x1db/0x2d0 [ 33.612371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.612976] kasan_report+0x102/0x140 [ 33.613432] ? kasan_atomics_helper+0xde1/0x5450 [ 33.614024] ? kasan_atomics_helper+0xde1/0x5450 [ 33.614541] kasan_check_range+0x10c/0x1c0 [ 33.614931] __kasan_check_write+0x18/0x20 [ 33.615233] kasan_atomics_helper+0xde1/0x5450 [ 33.615925] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.616542] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.617223] ? kasan_save_alloc_info+0x3b/0x50 [ 33.617957] ? kasan_atomics+0x153/0x310 [ 33.618553] kasan_atomics+0x1dd/0x310 [ 33.619114] ? __pfx_kasan_atomics+0x10/0x10 [ 33.619533] ? __pfx_read_tsc+0x10/0x10 [ 33.620080] ? ktime_get_ts64+0x84/0x230 [ 33.620758] kunit_try_run_case+0x1b3/0x490 [ 33.621181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.621857] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.622318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.623002] ? __kthread_parkme+0x82/0x160 [ 33.623731] ? preempt_count_sub+0x50/0x80 [ 33.624243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.624841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.625511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.626144] kthread+0x257/0x310 [ 33.626757] ? __pfx_kthread+0x10/0x10 [ 33.627167] ret_from_fork+0x41/0x80 [ 33.627787] ? __pfx_kthread+0x10/0x10 [ 33.628191] ret_from_fork_asm+0x1a/0x30 [ 33.628879] </TASK> [ 33.629151] [ 33.629514] Allocated by task 272: [ 33.629945] kasan_save_stack+0x3d/0x60 [ 33.630646] kasan_save_track+0x18/0x40 [ 33.630970] kasan_save_alloc_info+0x3b/0x50 [ 33.631540] __kasan_kmalloc+0xb7/0xc0 [ 33.631952] __kmalloc_cache_noprof+0x184/0x410 [ 33.632441] kasan_atomics+0x96/0x310 [ 33.632924] kunit_try_run_case+0x1b3/0x490 [ 33.633307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.633903] kthread+0x257/0x310 [ 33.634306] ret_from_fork+0x41/0x80 [ 33.634582] ret_from_fork_asm+0x1a/0x30 [ 33.634934] [ 33.635165] The buggy address belongs to the object at ffff8881029f9480 [ 33.635165] which belongs to the cache kmalloc-64 of size 64 [ 33.636681] The buggy address is located 0 bytes to the right of [ 33.636681] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.637945] [ 33.638116] The buggy address belongs to the physical page: [ 33.638457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.639436] flags: 0x200000000000000(node=0|zone=2) [ 33.640145] page_type: f5(slab) [ 33.640719] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.641490] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.641996] page dumped because: kasan: bad access detected [ 33.642879] [ 33.643191] Memory state around the buggy address: [ 33.643854] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.644471] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.645407] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.646185] ^ [ 33.646821] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.647494] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.648228] ================================================================== [ 34.056450] ================================================================== [ 34.057149] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 34.058152] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.058569] [ 34.058791] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.059959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.060282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.060859] Call Trace: [ 34.061131] <TASK> [ 34.061579] dump_stack_lvl+0x73/0xb0 [ 34.062436] print_report+0xd1/0x640 [ 34.063122] ? __virt_addr_valid+0x1db/0x2d0 [ 34.063900] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.064757] kasan_report+0x102/0x140 [ 34.065045] ? kasan_atomics_helper+0x49ea/0x5450 [ 34.065688] ? kasan_atomics_helper+0x49ea/0x5450 [ 34.066588] __asan_report_load4_noabort+0x18/0x20 [ 34.067312] kasan_atomics_helper+0x49ea/0x5450 [ 34.067685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.068333] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.068972] ? kasan_save_alloc_info+0x3b/0x50 [ 34.069399] ? kasan_atomics+0x153/0x310 [ 34.069793] kasan_atomics+0x1dd/0x310 [ 34.070359] ? __pfx_kasan_atomics+0x10/0x10 [ 34.071044] ? __pfx_read_tsc+0x10/0x10 [ 34.071553] ? ktime_get_ts64+0x84/0x230 [ 34.072002] kunit_try_run_case+0x1b3/0x490 [ 34.072539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.073017] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.073554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.074130] ? __kthread_parkme+0x82/0x160 [ 34.074595] ? preempt_count_sub+0x50/0x80 [ 34.075096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.075564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.076345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.076970] kthread+0x257/0x310 [ 34.077474] ? __pfx_kthread+0x10/0x10 [ 34.077906] ret_from_fork+0x41/0x80 [ 34.078321] ? __pfx_kthread+0x10/0x10 [ 34.079266] ret_from_fork_asm+0x1a/0x30 [ 34.079979] </TASK> [ 34.080151] [ 34.080291] Allocated by task 272: [ 34.080502] kasan_save_stack+0x3d/0x60 [ 34.080777] kasan_save_track+0x18/0x40 [ 34.081020] kasan_save_alloc_info+0x3b/0x50 [ 34.081279] __kasan_kmalloc+0xb7/0xc0 [ 34.081516] __kmalloc_cache_noprof+0x184/0x410 [ 34.083249] kasan_atomics+0x96/0x310 [ 34.085551] kunit_try_run_case+0x1b3/0x490 [ 34.086795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.087512] kthread+0x257/0x310 [ 34.088477] ret_from_fork+0x41/0x80 [ 34.089151] ret_from_fork_asm+0x1a/0x30 [ 34.089773] [ 34.089914] The buggy address belongs to the object at ffff8881029f9480 [ 34.089914] which belongs to the cache kmalloc-64 of size 64 [ 34.090509] The buggy address is located 0 bytes to the right of [ 34.090509] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.093236] [ 34.093422] The buggy address belongs to the physical page: [ 34.094880] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.095627] flags: 0x200000000000000(node=0|zone=2) [ 34.096747] page_type: f5(slab) [ 34.096995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.097664] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.098423] page dumped because: kasan: bad access detected [ 34.098821] [ 34.099176] Memory state around the buggy address: [ 34.099791] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.100688] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.101767] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.102228] ^ [ 34.102755] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.103382] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.104272] ================================================================== [ 35.211511] ================================================================== [ 35.213529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 35.214239] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.215165] [ 35.216181] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.217121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.217366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.218171] Call Trace: [ 35.218454] <TASK> [ 35.219050] dump_stack_lvl+0x73/0xb0 [ 35.219451] print_report+0xd1/0x640 [ 35.219895] ? __virt_addr_valid+0x1db/0x2d0 [ 35.220652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.221316] kasan_report+0x102/0x140 [ 35.221745] ? kasan_atomics_helper+0x4f73/0x5450 [ 35.222444] ? kasan_atomics_helper+0x4f73/0x5450 [ 35.223360] __asan_report_load8_noabort+0x18/0x20 [ 35.223839] kasan_atomics_helper+0x4f73/0x5450 [ 35.224257] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.224665] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.225489] ? kasan_save_alloc_info+0x3b/0x50 [ 35.226258] ? kasan_atomics+0x153/0x310 [ 35.226812] kasan_atomics+0x1dd/0x310 [ 35.227189] ? __pfx_kasan_atomics+0x10/0x10 [ 35.228480] ? __pfx_read_tsc+0x10/0x10 [ 35.228955] ? ktime_get_ts64+0x84/0x230 [ 35.229391] kunit_try_run_case+0x1b3/0x490 [ 35.229786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.230322] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.231469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.232578] ? __kthread_parkme+0x82/0x160 [ 35.233280] ? preempt_count_sub+0x50/0x80 [ 35.234178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.235206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.236065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.236565] kthread+0x257/0x310 [ 35.237087] ? __pfx_kthread+0x10/0x10 [ 35.237435] ret_from_fork+0x41/0x80 [ 35.238235] ? __pfx_kthread+0x10/0x10 [ 35.238496] ret_from_fork_asm+0x1a/0x30 [ 35.239349] </TASK> [ 35.239630] [ 35.239874] Allocated by task 272: [ 35.240140] kasan_save_stack+0x3d/0x60 [ 35.240615] kasan_save_track+0x18/0x40 [ 35.241024] kasan_save_alloc_info+0x3b/0x50 [ 35.242286] __kasan_kmalloc+0xb7/0xc0 [ 35.242649] __kmalloc_cache_noprof+0x184/0x410 [ 35.243487] kasan_atomics+0x96/0x310 [ 35.243802] kunit_try_run_case+0x1b3/0x490 [ 35.244539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.245161] kthread+0x257/0x310 [ 35.245328] ret_from_fork+0x41/0x80 [ 35.245504] ret_from_fork_asm+0x1a/0x30 [ 35.245775] [ 35.246241] The buggy address belongs to the object at ffff8881029f9480 [ 35.246241] which belongs to the cache kmalloc-64 of size 64 [ 35.248335] The buggy address is located 0 bytes to the right of [ 35.248335] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.250748] [ 35.251185] The buggy address belongs to the physical page: [ 35.251472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.251971] flags: 0x200000000000000(node=0|zone=2) [ 35.252524] page_type: f5(slab) [ 35.252797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.253658] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.254495] page dumped because: kasan: bad access detected [ 35.255322] [ 35.255618] Memory state around the buggy address: [ 35.256090] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.256913] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.257693] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.258658] ^ [ 35.259249] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.260061] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.260795] ================================================================== [ 33.515543] ================================================================== [ 33.516713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 33.517338] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.518037] [ 33.518611] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.519374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.519647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.520658] Call Trace: [ 33.521145] <TASK> [ 33.521491] dump_stack_lvl+0x73/0xb0 [ 33.521801] print_report+0xd1/0x640 [ 33.522100] ? __virt_addr_valid+0x1db/0x2d0 [ 33.522752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.523419] kasan_report+0x102/0x140 [ 33.524041] ? kasan_atomics_helper+0x4a86/0x5450 [ 33.524617] ? kasan_atomics_helper+0x4a86/0x5450 [ 33.525196] __asan_report_load4_noabort+0x18/0x20 [ 33.525683] kasan_atomics_helper+0x4a86/0x5450 [ 33.526126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.526463] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.527341] ? kasan_save_alloc_info+0x3b/0x50 [ 33.528088] ? kasan_atomics+0x153/0x310 [ 33.528623] kasan_atomics+0x1dd/0x310 [ 33.529108] ? __pfx_kasan_atomics+0x10/0x10 [ 33.529432] ? __pfx_read_tsc+0x10/0x10 [ 33.530160] ? ktime_get_ts64+0x84/0x230 [ 33.530670] kunit_try_run_case+0x1b3/0x490 [ 33.531099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.531642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.532401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.533071] ? __kthread_parkme+0x82/0x160 [ 33.533505] ? preempt_count_sub+0x50/0x80 [ 33.534120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.534450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.535241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.536014] kthread+0x257/0x310 [ 33.536510] ? __pfx_kthread+0x10/0x10 [ 33.537025] ret_from_fork+0x41/0x80 [ 33.537307] ? __pfx_kthread+0x10/0x10 [ 33.537945] ret_from_fork_asm+0x1a/0x30 [ 33.538578] </TASK> [ 33.538983] [ 33.539145] Allocated by task 272: [ 33.539774] kasan_save_stack+0x3d/0x60 [ 33.540368] kasan_save_track+0x18/0x40 [ 33.540826] kasan_save_alloc_info+0x3b/0x50 [ 33.541380] __kasan_kmalloc+0xb7/0xc0 [ 33.541907] __kmalloc_cache_noprof+0x184/0x410 [ 33.542533] kasan_atomics+0x96/0x310 [ 33.542947] kunit_try_run_case+0x1b3/0x490 [ 33.544170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.544916] kthread+0x257/0x310 [ 33.545136] ret_from_fork+0x41/0x80 [ 33.545370] ret_from_fork_asm+0x1a/0x30 [ 33.545639] [ 33.545811] The buggy address belongs to the object at ffff8881029f9480 [ 33.545811] which belongs to the cache kmalloc-64 of size 64 [ 33.546497] The buggy address is located 0 bytes to the right of [ 33.546497] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.547428] [ 33.547572] The buggy address belongs to the physical page: [ 33.547971] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.548374] flags: 0x200000000000000(node=0|zone=2) [ 33.548799] page_type: f5(slab) [ 33.549049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.549882] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.550474] page dumped because: kasan: bad access detected [ 33.550850] [ 33.550996] Memory state around the buggy address: [ 33.551287] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.553194] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.555511] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.555985] ^ [ 33.556263] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.556664] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.557197] ================================================================== [ 33.416443] ================================================================== [ 33.417768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 33.418548] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.419985] [ 33.420176] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.421240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.421758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.423196] Call Trace: [ 33.423847] <TASK> [ 33.424118] dump_stack_lvl+0x73/0xb0 [ 33.424541] print_report+0xd1/0x640 [ 33.425659] ? __virt_addr_valid+0x1db/0x2d0 [ 33.426124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.426860] kasan_report+0x102/0x140 [ 33.427417] ? kasan_atomics_helper+0xb6b/0x5450 [ 33.428300] ? kasan_atomics_helper+0xb6b/0x5450 [ 33.429003] kasan_check_range+0x10c/0x1c0 [ 33.429593] __kasan_check_write+0x18/0x20 [ 33.430203] kasan_atomics_helper+0xb6b/0x5450 [ 33.430954] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.431618] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.432292] ? kasan_save_alloc_info+0x3b/0x50 [ 33.432810] ? kasan_atomics+0x153/0x310 [ 33.433219] kasan_atomics+0x1dd/0x310 [ 33.433593] ? __pfx_kasan_atomics+0x10/0x10 [ 33.434542] ? __pfx_read_tsc+0x10/0x10 [ 33.435168] ? ktime_get_ts64+0x84/0x230 [ 33.435781] kunit_try_run_case+0x1b3/0x490 [ 33.436487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.437281] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.438179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.439253] ? __kthread_parkme+0x82/0x160 [ 33.439616] ? preempt_count_sub+0x50/0x80 [ 33.440180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.440965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.441733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.442284] kthread+0x257/0x310 [ 33.442642] ? __pfx_kthread+0x10/0x10 [ 33.443472] ret_from_fork+0x41/0x80 [ 33.444106] ? __pfx_kthread+0x10/0x10 [ 33.444800] ret_from_fork_asm+0x1a/0x30 [ 33.445395] </TASK> [ 33.445764] [ 33.445914] Allocated by task 272: [ 33.446280] kasan_save_stack+0x3d/0x60 [ 33.446695] kasan_save_track+0x18/0x40 [ 33.447653] kasan_save_alloc_info+0x3b/0x50 [ 33.448270] __kasan_kmalloc+0xb7/0xc0 [ 33.448949] __kmalloc_cache_noprof+0x184/0x410 [ 33.449413] kasan_atomics+0x96/0x310 [ 33.450492] kunit_try_run_case+0x1b3/0x490 [ 33.450990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.451509] kthread+0x257/0x310 [ 33.452374] ret_from_fork+0x41/0x80 [ 33.452730] ret_from_fork_asm+0x1a/0x30 [ 33.453526] [ 33.453728] The buggy address belongs to the object at ffff8881029f9480 [ 33.453728] which belongs to the cache kmalloc-64 of size 64 [ 33.454637] The buggy address is located 0 bytes to the right of [ 33.454637] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.456207] [ 33.456659] The buggy address belongs to the physical page: [ 33.457516] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.458236] flags: 0x200000000000000(node=0|zone=2) [ 33.459051] page_type: f5(slab) [ 33.459489] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.460752] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.461402] page dumped because: kasan: bad access detected [ 33.462410] [ 33.462595] Memory state around the buggy address: [ 33.462955] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.463812] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.464400] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.465599] ^ [ 33.466103] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.466830] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.467646] ================================================================== [ 32.784514] ================================================================== [ 32.785151] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 32.785884] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.786823] [ 32.787299] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.788345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.788844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.789944] Call Trace: [ 32.790356] <TASK> [ 32.790658] dump_stack_lvl+0x73/0xb0 [ 32.791096] print_report+0xd1/0x640 [ 32.791572] ? __virt_addr_valid+0x1db/0x2d0 [ 32.792551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.793118] kasan_report+0x102/0x140 [ 32.793401] ? kasan_atomics_helper+0x4b56/0x5450 [ 32.794136] ? kasan_atomics_helper+0x4b56/0x5450 [ 32.794935] __asan_report_load4_noabort+0x18/0x20 [ 32.795465] kasan_atomics_helper+0x4b56/0x5450 [ 32.795960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.796739] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.797282] ? kasan_save_alloc_info+0x3b/0x50 [ 32.797736] ? kasan_atomics+0x153/0x310 [ 32.798211] kasan_atomics+0x1dd/0x310 [ 32.798555] ? __pfx_kasan_atomics+0x10/0x10 [ 32.799656] ? __pfx_read_tsc+0x10/0x10 [ 32.801014] ? ktime_get_ts64+0x84/0x230 [ 32.801584] kunit_try_run_case+0x1b3/0x490 [ 32.802175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.803150] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.804113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.805275] ? __kthread_parkme+0x82/0x160 [ 32.805639] ? preempt_count_sub+0x50/0x80 [ 32.806136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.806874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.807917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.808856] kthread+0x257/0x310 [ 32.809216] ? __pfx_kthread+0x10/0x10 [ 32.810566] ret_from_fork+0x41/0x80 [ 32.810979] ? __pfx_kthread+0x10/0x10 [ 32.811461] ret_from_fork_asm+0x1a/0x30 [ 32.812127] </TASK> [ 32.812604] [ 32.812797] Allocated by task 272: [ 32.813836] kasan_save_stack+0x3d/0x60 [ 32.814239] kasan_save_track+0x18/0x40 [ 32.815025] kasan_save_alloc_info+0x3b/0x50 [ 32.815672] __kasan_kmalloc+0xb7/0xc0 [ 32.816105] __kmalloc_cache_noprof+0x184/0x410 [ 32.817033] kasan_atomics+0x96/0x310 [ 32.817509] kunit_try_run_case+0x1b3/0x490 [ 32.818258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.819070] kthread+0x257/0x310 [ 32.819685] ret_from_fork+0x41/0x80 [ 32.820077] ret_from_fork_asm+0x1a/0x30 [ 32.820534] [ 32.820784] The buggy address belongs to the object at ffff8881029f9480 [ 32.820784] which belongs to the cache kmalloc-64 of size 64 [ 32.822748] The buggy address is located 0 bytes to the right of [ 32.822748] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.824203] [ 32.824865] The buggy address belongs to the physical page: [ 32.825616] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.826577] flags: 0x200000000000000(node=0|zone=2) [ 32.827127] page_type: f5(slab) [ 32.827418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.828653] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.829674] page dumped because: kasan: bad access detected [ 32.830177] [ 32.830392] Memory state around the buggy address: [ 32.831346] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.832255] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.832940] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.833598] ^ [ 32.835033] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.836230] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.838109] ================================================================== [ 35.402274] ================================================================== [ 35.402821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 35.403474] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.404246] [ 35.404512] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.405513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.406106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.406930] Call Trace: [ 35.407272] <TASK> [ 35.407566] dump_stack_lvl+0x73/0xb0 [ 35.407962] print_report+0xd1/0x640 [ 35.408499] ? __virt_addr_valid+0x1db/0x2d0 [ 35.408897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.409576] kasan_report+0x102/0x140 [ 35.410020] ? kasan_atomics_helper+0x4fb4/0x5450 [ 35.410545] ? kasan_atomics_helper+0x4fb4/0x5450 [ 35.411676] __asan_report_load8_noabort+0x18/0x20 [ 35.413360] kasan_atomics_helper+0x4fb4/0x5450 [ 35.414616] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.415282] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.416592] ? kasan_save_alloc_info+0x3b/0x50 [ 35.416905] ? kasan_atomics+0x153/0x310 [ 35.417188] kasan_atomics+0x1dd/0x310 [ 35.417466] ? __pfx_kasan_atomics+0x10/0x10 [ 35.418640] ? __pfx_read_tsc+0x10/0x10 [ 35.419961] ? ktime_get_ts64+0x84/0x230 [ 35.420445] kunit_try_run_case+0x1b3/0x490 [ 35.421056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.421406] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.421831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.422277] ? __kthread_parkme+0x82/0x160 [ 35.424220] ? preempt_count_sub+0x50/0x80 [ 35.424534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.424948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.425445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.425928] kthread+0x257/0x310 [ 35.426184] ? __pfx_kthread+0x10/0x10 [ 35.426522] ret_from_fork+0x41/0x80 [ 35.426841] ? __pfx_kthread+0x10/0x10 [ 35.427097] ret_from_fork_asm+0x1a/0x30 [ 35.427395] </TASK> [ 35.427562] [ 35.427799] Allocated by task 272: [ 35.428148] kasan_save_stack+0x3d/0x60 [ 35.428656] kasan_save_track+0x18/0x40 [ 35.429147] kasan_save_alloc_info+0x3b/0x50 [ 35.429458] __kasan_kmalloc+0xb7/0xc0 [ 35.430005] __kmalloc_cache_noprof+0x184/0x410 [ 35.430453] kasan_atomics+0x96/0x310 [ 35.430922] kunit_try_run_case+0x1b3/0x490 [ 35.431242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.431896] kthread+0x257/0x310 [ 35.432298] ret_from_fork+0x41/0x80 [ 35.432676] ret_from_fork_asm+0x1a/0x30 [ 35.432999] [ 35.433161] The buggy address belongs to the object at ffff8881029f9480 [ 35.433161] which belongs to the cache kmalloc-64 of size 64 [ 35.434039] The buggy address is located 0 bytes to the right of [ 35.434039] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.435467] [ 35.435791] The buggy address belongs to the physical page: [ 35.436404] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.437017] flags: 0x200000000000000(node=0|zone=2) [ 35.437586] page_type: f5(slab) [ 35.437974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.438690] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.439282] page dumped because: kasan: bad access detected [ 35.439858] [ 35.440108] Memory state around the buggy address: [ 35.440467] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.441158] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.441807] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.442295] ^ [ 35.442743] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.443526] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.445208] ================================================================== [ 35.025114] ================================================================== [ 35.025920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 35.026625] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.027117] [ 35.027404] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.028525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.029122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.030163] Call Trace: [ 35.030513] <TASK> [ 35.030799] dump_stack_lvl+0x73/0xb0 [ 35.031359] print_report+0xd1/0x640 [ 35.031935] ? __virt_addr_valid+0x1db/0x2d0 [ 35.032260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.033099] kasan_report+0x102/0x140 [ 35.033506] ? kasan_atomics_helper+0x1d7b/0x5450 [ 35.034104] ? kasan_atomics_helper+0x1d7b/0x5450 [ 35.034448] kasan_check_range+0x10c/0x1c0 [ 35.035088] __kasan_check_write+0x18/0x20 [ 35.035675] kasan_atomics_helper+0x1d7b/0x5450 [ 35.036083] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.036501] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.037542] ? kasan_save_alloc_info+0x3b/0x50 [ 35.038075] ? kasan_atomics+0x153/0x310 [ 35.038747] kasan_atomics+0x1dd/0x310 [ 35.039049] ? __pfx_kasan_atomics+0x10/0x10 [ 35.039618] ? __pfx_read_tsc+0x10/0x10 [ 35.040152] ? ktime_get_ts64+0x84/0x230 [ 35.040724] kunit_try_run_case+0x1b3/0x490 [ 35.041105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.041606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.042284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.042739] ? __kthread_parkme+0x82/0x160 [ 35.043273] ? preempt_count_sub+0x50/0x80 [ 35.043655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.044296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.044984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.045516] kthread+0x257/0x310 [ 35.045967] ? __pfx_kthread+0x10/0x10 [ 35.046264] ret_from_fork+0x41/0x80 [ 35.046796] ? __pfx_kthread+0x10/0x10 [ 35.047253] ret_from_fork_asm+0x1a/0x30 [ 35.047905] </TASK> [ 35.048215] [ 35.048411] Allocated by task 272: [ 35.048919] kasan_save_stack+0x3d/0x60 [ 35.049326] kasan_save_track+0x18/0x40 [ 35.049607] kasan_save_alloc_info+0x3b/0x50 [ 35.050258] __kasan_kmalloc+0xb7/0xc0 [ 35.050765] __kmalloc_cache_noprof+0x184/0x410 [ 35.051079] kasan_atomics+0x96/0x310 [ 35.051568] kunit_try_run_case+0x1b3/0x490 [ 35.052021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.052371] kthread+0x257/0x310 [ 35.052965] ret_from_fork+0x41/0x80 [ 35.053525] ret_from_fork_asm+0x1a/0x30 [ 35.054032] [ 35.054238] The buggy address belongs to the object at ffff8881029f9480 [ 35.054238] which belongs to the cache kmalloc-64 of size 64 [ 35.055310] The buggy address is located 0 bytes to the right of [ 35.055310] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.056829] [ 35.057082] The buggy address belongs to the physical page: [ 35.057502] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.058296] flags: 0x200000000000000(node=0|zone=2) [ 35.058804] page_type: f5(slab) [ 35.059167] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.060061] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.060817] page dumped because: kasan: bad access detected [ 35.061253] [ 35.061355] Memory state around the buggy address: [ 35.061554] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.063265] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.064559] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.065885] ^ [ 35.066560] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.067621] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.068589] ================================================================== [ 35.310886] ================================================================== [ 35.311543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 35.312085] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.312798] [ 35.313074] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.314018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.314397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.315185] Call Trace: [ 35.315440] <TASK> [ 35.315795] dump_stack_lvl+0x73/0xb0 [ 35.316186] print_report+0xd1/0x640 [ 35.316576] ? __virt_addr_valid+0x1db/0x2d0 [ 35.316972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.317555] kasan_report+0x102/0x140 [ 35.318022] ? kasan_atomics_helper+0x4f9a/0x5450 [ 35.318648] ? kasan_atomics_helper+0x4f9a/0x5450 [ 35.319047] __asan_report_load8_noabort+0x18/0x20 [ 35.319526] kasan_atomics_helper+0x4f9a/0x5450 [ 35.320062] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.320728] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.321155] ? kasan_save_alloc_info+0x3b/0x50 [ 35.321595] ? kasan_atomics+0x153/0x310 [ 35.321972] kasan_atomics+0x1dd/0x310 [ 35.322460] ? __pfx_kasan_atomics+0x10/0x10 [ 35.322911] ? __pfx_read_tsc+0x10/0x10 [ 35.323308] ? ktime_get_ts64+0x84/0x230 [ 35.323781] kunit_try_run_case+0x1b3/0x490 [ 35.324244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.324812] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.325299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.325923] ? __kthread_parkme+0x82/0x160 [ 35.326383] ? preempt_count_sub+0x50/0x80 [ 35.326966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.327376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.327873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.328532] kthread+0x257/0x310 [ 35.328946] ? __pfx_kthread+0x10/0x10 [ 35.329388] ret_from_fork+0x41/0x80 [ 35.329884] ? __pfx_kthread+0x10/0x10 [ 35.330295] ret_from_fork_asm+0x1a/0x30 [ 35.330880] </TASK> [ 35.331108] [ 35.331358] Allocated by task 272: [ 35.331700] kasan_save_stack+0x3d/0x60 [ 35.332150] kasan_save_track+0x18/0x40 [ 35.332512] kasan_save_alloc_info+0x3b/0x50 [ 35.332995] __kasan_kmalloc+0xb7/0xc0 [ 35.333278] __kmalloc_cache_noprof+0x184/0x410 [ 35.333901] kasan_atomics+0x96/0x310 [ 35.335258] kunit_try_run_case+0x1b3/0x490 [ 35.335808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.336968] kthread+0x257/0x310 [ 35.337340] ret_from_fork+0x41/0x80 [ 35.338155] ret_from_fork_asm+0x1a/0x30 [ 35.338773] [ 35.339089] The buggy address belongs to the object at ffff8881029f9480 [ 35.339089] which belongs to the cache kmalloc-64 of size 64 [ 35.340677] The buggy address is located 0 bytes to the right of [ 35.340677] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.341887] [ 35.342043] The buggy address belongs to the physical page: [ 35.342679] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.343957] flags: 0x200000000000000(node=0|zone=2) [ 35.344508] page_type: f5(slab) [ 35.345129] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.345690] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.346425] page dumped because: kasan: bad access detected [ 35.347338] [ 35.347531] Memory state around the buggy address: [ 35.348276] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.349140] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.350350] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.351261] ^ [ 35.351753] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.352454] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.353196] ================================================================== [ 35.533966] ================================================================== [ 35.535288] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 35.535893] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.536553] [ 35.536791] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.537693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.538051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.538644] Call Trace: [ 35.538962] <TASK> [ 35.539271] dump_stack_lvl+0x73/0xb0 [ 35.539692] print_report+0xd1/0x640 [ 35.540092] ? __virt_addr_valid+0x1db/0x2d0 [ 35.540486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.541113] kasan_report+0x102/0x140 [ 35.541484] ? kasan_atomics_helper+0x224d/0x5450 [ 35.541940] ? kasan_atomics_helper+0x224d/0x5450 [ 35.542378] kasan_check_range+0x10c/0x1c0 [ 35.542854] __kasan_check_write+0x18/0x20 [ 35.543159] kasan_atomics_helper+0x224d/0x5450 [ 35.543590] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.544187] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.544543] ? kasan_save_alloc_info+0x3b/0x50 [ 35.545130] ? kasan_atomics+0x153/0x310 [ 35.545685] kasan_atomics+0x1dd/0x310 [ 35.546023] ? __pfx_kasan_atomics+0x10/0x10 [ 35.546353] ? __pfx_read_tsc+0x10/0x10 [ 35.546884] ? ktime_get_ts64+0x84/0x230 [ 35.547409] kunit_try_run_case+0x1b3/0x490 [ 35.548016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.548485] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.548954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.549414] ? __kthread_parkme+0x82/0x160 [ 35.549955] ? preempt_count_sub+0x50/0x80 [ 35.550326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.550777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.551470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.552041] kthread+0x257/0x310 [ 35.552328] ? __pfx_kthread+0x10/0x10 [ 35.552818] ret_from_fork+0x41/0x80 [ 35.553101] ? __pfx_kthread+0x10/0x10 [ 35.553565] ret_from_fork_asm+0x1a/0x30 [ 35.554162] </TASK> [ 35.554490] [ 35.554741] Allocated by task 272: [ 35.555167] kasan_save_stack+0x3d/0x60 [ 35.555456] kasan_save_track+0x18/0x40 [ 35.555895] kasan_save_alloc_info+0x3b/0x50 [ 35.556442] __kasan_kmalloc+0xb7/0xc0 [ 35.556859] __kmalloc_cache_noprof+0x184/0x410 [ 35.557229] kasan_atomics+0x96/0x310 [ 35.557801] kunit_try_run_case+0x1b3/0x490 [ 35.558213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.558599] kthread+0x257/0x310 [ 35.559089] ret_from_fork+0x41/0x80 [ 35.559535] ret_from_fork_asm+0x1a/0x30 [ 35.560081] [ 35.560283] The buggy address belongs to the object at ffff8881029f9480 [ 35.560283] which belongs to the cache kmalloc-64 of size 64 [ 35.561226] The buggy address is located 0 bytes to the right of [ 35.561226] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.562429] [ 35.562591] The buggy address belongs to the physical page: [ 35.563194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.564032] flags: 0x200000000000000(node=0|zone=2) [ 35.564475] page_type: f5(slab) [ 35.565266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.566138] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.566976] page dumped because: kasan: bad access detected [ 35.567543] [ 35.567906] Memory state around the buggy address: [ 35.568259] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.568994] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.569654] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.570523] ^ [ 35.571056] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.571882] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.572544] ================================================================== [ 33.954028] ================================================================== [ 33.955510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 33.956724] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.957457] [ 33.958260] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.959336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.960124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.961233] Call Trace: [ 33.961590] <TASK> [ 33.962242] dump_stack_lvl+0x73/0xb0 [ 33.962550] print_report+0xd1/0x640 [ 33.963295] ? __virt_addr_valid+0x1db/0x2d0 [ 33.964027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.964763] kasan_report+0x102/0x140 [ 33.965434] ? kasan_atomics_helper+0x4a04/0x5450 [ 33.965996] ? kasan_atomics_helper+0x4a04/0x5450 [ 33.966872] __asan_report_load4_noabort+0x18/0x20 [ 33.967546] kasan_atomics_helper+0x4a04/0x5450 [ 33.968105] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.968948] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.969606] ? kasan_save_alloc_info+0x3b/0x50 [ 33.970293] ? kasan_atomics+0x153/0x310 [ 33.970951] kasan_atomics+0x1dd/0x310 [ 33.971290] ? __pfx_kasan_atomics+0x10/0x10 [ 33.972156] ? __pfx_read_tsc+0x10/0x10 [ 33.972714] ? ktime_get_ts64+0x84/0x230 [ 33.973220] kunit_try_run_case+0x1b3/0x490 [ 33.974144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.974661] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.975183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.975646] ? __kthread_parkme+0x82/0x160 [ 33.976561] ? preempt_count_sub+0x50/0x80 [ 33.977323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.978027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.978844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.979566] kthread+0x257/0x310 [ 33.980108] ? __pfx_kthread+0x10/0x10 [ 33.980788] ret_from_fork+0x41/0x80 [ 33.981590] ? __pfx_kthread+0x10/0x10 [ 33.982243] ret_from_fork_asm+0x1a/0x30 [ 33.982828] </TASK> [ 33.983188] [ 33.983350] Allocated by task 272: [ 33.984329] kasan_save_stack+0x3d/0x60 [ 33.985138] kasan_save_track+0x18/0x40 [ 33.985790] kasan_save_alloc_info+0x3b/0x50 [ 33.986306] __kasan_kmalloc+0xb7/0xc0 [ 33.987131] __kmalloc_cache_noprof+0x184/0x410 [ 33.987557] kasan_atomics+0x96/0x310 [ 33.988269] kunit_try_run_case+0x1b3/0x490 [ 33.988962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.989494] kthread+0x257/0x310 [ 33.990359] ret_from_fork+0x41/0x80 [ 33.990763] ret_from_fork_asm+0x1a/0x30 [ 33.991501] [ 33.991846] The buggy address belongs to the object at ffff8881029f9480 [ 33.991846] which belongs to the cache kmalloc-64 of size 64 [ 33.993122] The buggy address is located 0 bytes to the right of [ 33.993122] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.994567] [ 33.995036] The buggy address belongs to the physical page: [ 33.995882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.996409] flags: 0x200000000000000(node=0|zone=2) [ 33.997075] page_type: f5(slab) [ 33.997973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.998933] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.999804] page dumped because: kasan: bad access detected [ 34.000346] [ 34.000934] Memory state around the buggy address: [ 34.001585] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.002427] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.003349] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.004415] ^ [ 34.004878] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.005547] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.006415] ================================================================== [ 35.354430] ================================================================== [ 35.355510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 35.356626] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.357986] [ 35.359006] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.360469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.360910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.361941] Call Trace: [ 35.362399] <TASK> [ 35.363159] dump_stack_lvl+0x73/0xb0 [ 35.363527] print_report+0xd1/0x640 [ 35.364023] ? __virt_addr_valid+0x1db/0x2d0 [ 35.364493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.365668] kasan_report+0x102/0x140 [ 35.366064] ? kasan_atomics_helper+0x20c9/0x5450 [ 35.366551] ? kasan_atomics_helper+0x20c9/0x5450 [ 35.367348] kasan_check_range+0x10c/0x1c0 [ 35.368067] __kasan_check_write+0x18/0x20 [ 35.368521] kasan_atomics_helper+0x20c9/0x5450 [ 35.369272] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.370080] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.370556] ? kasan_save_alloc_info+0x3b/0x50 [ 35.371689] ? kasan_atomics+0x153/0x310 [ 35.372146] kasan_atomics+0x1dd/0x310 [ 35.372527] ? __pfx_kasan_atomics+0x10/0x10 [ 35.373694] ? __pfx_read_tsc+0x10/0x10 [ 35.374077] ? ktime_get_ts64+0x84/0x230 [ 35.375039] kunit_try_run_case+0x1b3/0x490 [ 35.375484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.376278] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.377336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.377748] ? __kthread_parkme+0x82/0x160 [ 35.378210] ? preempt_count_sub+0x50/0x80 [ 35.379085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.379532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.380432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.381329] kthread+0x257/0x310 [ 35.381889] ? __pfx_kthread+0x10/0x10 [ 35.382432] ret_from_fork+0x41/0x80 [ 35.383114] ? __pfx_kthread+0x10/0x10 [ 35.383328] ret_from_fork_asm+0x1a/0x30 [ 35.383535] </TASK> [ 35.383789] [ 35.383956] Allocated by task 272: [ 35.384206] kasan_save_stack+0x3d/0x60 [ 35.384647] kasan_save_track+0x18/0x40 [ 35.384971] kasan_save_alloc_info+0x3b/0x50 [ 35.385280] __kasan_kmalloc+0xb7/0xc0 [ 35.385554] __kmalloc_cache_noprof+0x184/0x410 [ 35.386207] kasan_atomics+0x96/0x310 [ 35.386833] kunit_try_run_case+0x1b3/0x490 [ 35.387434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.387962] kthread+0x257/0x310 [ 35.388216] ret_from_fork+0x41/0x80 [ 35.388480] ret_from_fork_asm+0x1a/0x30 [ 35.388969] [ 35.389282] The buggy address belongs to the object at ffff8881029f9480 [ 35.389282] which belongs to the cache kmalloc-64 of size 64 [ 35.390289] The buggy address is located 0 bytes to the right of [ 35.390289] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.391421] [ 35.391758] The buggy address belongs to the physical page: [ 35.392311] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.393156] flags: 0x200000000000000(node=0|zone=2) [ 35.393798] page_type: f5(slab) [ 35.394158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.394955] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.395757] page dumped because: kasan: bad access detected [ 35.396252] [ 35.396457] Memory state around the buggy address: [ 35.396961] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.397590] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.398341] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.399092] ^ [ 35.399532] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.400267] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.400996] ================================================================== [ 33.871819] ================================================================== [ 33.872951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 33.873793] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.875357] [ 33.875576] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.876522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.877312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.878425] Call Trace: [ 33.878734] <TASK> [ 33.878959] dump_stack_lvl+0x73/0xb0 [ 33.879376] print_report+0xd1/0x640 [ 33.880204] ? __virt_addr_valid+0x1db/0x2d0 [ 33.880829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.881487] kasan_report+0x102/0x140 [ 33.882281] ? kasan_atomics_helper+0x4a1e/0x5450 [ 33.882936] ? kasan_atomics_helper+0x4a1e/0x5450 [ 33.883168] __asan_report_load4_noabort+0x18/0x20 [ 33.883381] kasan_atomics_helper+0x4a1e/0x5450 [ 33.883593] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.884531] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.885414] ? kasan_save_alloc_info+0x3b/0x50 [ 33.886285] ? kasan_atomics+0x153/0x310 [ 33.886820] kasan_atomics+0x1dd/0x310 [ 33.887110] ? __pfx_kasan_atomics+0x10/0x10 [ 33.887472] ? __pfx_read_tsc+0x10/0x10 [ 33.887929] ? ktime_get_ts64+0x84/0x230 [ 33.888254] kunit_try_run_case+0x1b3/0x490 [ 33.888851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.889181] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.889815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.890266] ? __kthread_parkme+0x82/0x160 [ 33.890759] ? preempt_count_sub+0x50/0x80 [ 33.891213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.891665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.892210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.892830] kthread+0x257/0x310 [ 33.893237] ? __pfx_kthread+0x10/0x10 [ 33.893581] ret_from_fork+0x41/0x80 [ 33.894152] ? __pfx_kthread+0x10/0x10 [ 33.894540] ret_from_fork_asm+0x1a/0x30 [ 33.895128] </TASK> [ 33.895394] [ 33.895665] Allocated by task 272: [ 33.895929] kasan_save_stack+0x3d/0x60 [ 33.896415] kasan_save_track+0x18/0x40 [ 33.896824] kasan_save_alloc_info+0x3b/0x50 [ 33.897351] __kasan_kmalloc+0xb7/0xc0 [ 33.897878] __kmalloc_cache_noprof+0x184/0x410 [ 33.898258] kasan_atomics+0x96/0x310 [ 33.898762] kunit_try_run_case+0x1b3/0x490 [ 33.899128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.899496] kthread+0x257/0x310 [ 33.899998] ret_from_fork+0x41/0x80 [ 33.900392] ret_from_fork_asm+0x1a/0x30 [ 33.900827] [ 33.901064] The buggy address belongs to the object at ffff8881029f9480 [ 33.901064] which belongs to the cache kmalloc-64 of size 64 [ 33.902178] The buggy address is located 0 bytes to the right of [ 33.902178] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.903186] [ 33.903428] The buggy address belongs to the physical page: [ 33.903971] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.904686] flags: 0x200000000000000(node=0|zone=2) [ 33.905169] page_type: f5(slab) [ 33.905529] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.906271] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.906945] page dumped because: kasan: bad access detected [ 33.907278] [ 33.907439] Memory state around the buggy address: [ 33.907907] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.908739] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.909274] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.909757] ^ [ 33.910138] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.910991] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.911822] ================================================================== [ 34.659888] ================================================================== [ 34.660473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 34.660919] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.662243] [ 34.662512] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.663632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.664148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.664992] Call Trace: [ 34.665276] <TASK> [ 34.665567] dump_stack_lvl+0x73/0xb0 [ 34.665961] print_report+0xd1/0x640 [ 34.666327] ? __virt_addr_valid+0x1db/0x2d0 [ 34.666895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.667346] kasan_report+0x102/0x140 [ 34.667848] ? kasan_atomics_helper+0x18b2/0x5450 [ 34.668289] ? kasan_atomics_helper+0x18b2/0x5450 [ 34.668727] kasan_check_range+0x10c/0x1c0 [ 34.669503] __kasan_check_write+0x18/0x20 [ 34.669907] kasan_atomics_helper+0x18b2/0x5450 [ 34.670343] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.671046] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.671947] ? kasan_save_alloc_info+0x3b/0x50 [ 34.672338] ? kasan_atomics+0x153/0x310 [ 34.673058] kasan_atomics+0x1dd/0x310 [ 34.673468] ? __pfx_kasan_atomics+0x10/0x10 [ 34.674746] ? __pfx_read_tsc+0x10/0x10 [ 34.675342] ? ktime_get_ts64+0x84/0x230 [ 34.675834] kunit_try_run_case+0x1b3/0x490 [ 34.676277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.676798] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.677300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.678022] ? __kthread_parkme+0x82/0x160 [ 34.678673] ? preempt_count_sub+0x50/0x80 [ 34.679640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.680339] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.681376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.682233] kthread+0x257/0x310 [ 34.682951] ? __pfx_kthread+0x10/0x10 [ 34.683386] ret_from_fork+0x41/0x80 [ 34.684298] ? __pfx_kthread+0x10/0x10 [ 34.684922] ret_from_fork_asm+0x1a/0x30 [ 34.685437] </TASK> [ 34.685715] [ 34.685994] Allocated by task 272: [ 34.686265] kasan_save_stack+0x3d/0x60 [ 34.686737] kasan_save_track+0x18/0x40 [ 34.687046] kasan_save_alloc_info+0x3b/0x50 [ 34.687661] __kasan_kmalloc+0xb7/0xc0 [ 34.687990] __kmalloc_cache_noprof+0x184/0x410 [ 34.688632] kasan_atomics+0x96/0x310 [ 34.689012] kunit_try_run_case+0x1b3/0x490 [ 34.689526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.690236] kthread+0x257/0x310 [ 34.690502] ret_from_fork+0x41/0x80 [ 34.691078] ret_from_fork_asm+0x1a/0x30 [ 34.691452] [ 34.691682] The buggy address belongs to the object at ffff8881029f9480 [ 34.691682] which belongs to the cache kmalloc-64 of size 64 [ 34.692996] The buggy address is located 0 bytes to the right of [ 34.692996] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.694146] [ 34.694403] The buggy address belongs to the physical page: [ 34.694763] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.695586] flags: 0x200000000000000(node=0|zone=2) [ 34.696474] page_type: f5(slab) [ 34.696785] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.697646] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.698300] page dumped because: kasan: bad access detected [ 34.698836] [ 34.699089] Memory state around the buggy address: [ 34.699515] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.700239] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.700922] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.701403] ^ [ 34.702158] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.702574] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.703448] ================================================================== [ 34.190569] ================================================================== [ 34.192182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 34.193020] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.193900] [ 34.194249] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.195435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.196261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.197302] Call Trace: [ 34.197512] <TASK> [ 34.197874] dump_stack_lvl+0x73/0xb0 [ 34.198625] print_report+0xd1/0x640 [ 34.198939] ? __virt_addr_valid+0x1db/0x2d0 [ 34.199743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.200690] kasan_report+0x102/0x140 [ 34.201362] ? kasan_atomics_helper+0x13b6/0x5450 [ 34.201719] ? kasan_atomics_helper+0x13b6/0x5450 [ 34.202614] kasan_check_range+0x10c/0x1c0 [ 34.203274] __kasan_check_read+0x15/0x20 [ 34.203990] kasan_atomics_helper+0x13b6/0x5450 [ 34.204569] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.205175] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.205933] ? kasan_save_alloc_info+0x3b/0x50 [ 34.206486] ? kasan_atomics+0x153/0x310 [ 34.207083] kasan_atomics+0x1dd/0x310 [ 34.207445] ? __pfx_kasan_atomics+0x10/0x10 [ 34.208127] ? __pfx_read_tsc+0x10/0x10 [ 34.208465] ? ktime_get_ts64+0x84/0x230 [ 34.209133] kunit_try_run_case+0x1b3/0x490 [ 34.209759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.210190] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.210551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.211256] ? __kthread_parkme+0x82/0x160 [ 34.211834] ? preempt_count_sub+0x50/0x80 [ 34.212238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.212920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.213349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.214137] kthread+0x257/0x310 [ 34.214515] ? __pfx_kthread+0x10/0x10 [ 34.215058] ret_from_fork+0x41/0x80 [ 34.215537] ? __pfx_kthread+0x10/0x10 [ 34.216079] ret_from_fork_asm+0x1a/0x30 [ 34.216467] </TASK> [ 34.216753] [ 34.217053] Allocated by task 272: [ 34.217579] kasan_save_stack+0x3d/0x60 [ 34.218030] kasan_save_track+0x18/0x40 [ 34.218383] kasan_save_alloc_info+0x3b/0x50 [ 34.218997] __kasan_kmalloc+0xb7/0xc0 [ 34.219444] __kmalloc_cache_noprof+0x184/0x410 [ 34.219900] kasan_atomics+0x96/0x310 [ 34.220514] kunit_try_run_case+0x1b3/0x490 [ 34.221101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.221695] kthread+0x257/0x310 [ 34.221986] ret_from_fork+0x41/0x80 [ 34.222380] ret_from_fork_asm+0x1a/0x30 [ 34.223041] [ 34.223282] The buggy address belongs to the object at ffff8881029f9480 [ 34.223282] which belongs to the cache kmalloc-64 of size 64 [ 34.224289] The buggy address is located 0 bytes to the right of [ 34.224289] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.225427] [ 34.225592] The buggy address belongs to the physical page: [ 34.226390] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.227095] flags: 0x200000000000000(node=0|zone=2) [ 34.227786] page_type: f5(slab) [ 34.228221] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.229044] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.229652] page dumped because: kasan: bad access detected [ 34.230316] [ 34.230484] Memory state around the buggy address: [ 34.231090] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.231926] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.232489] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.233169] ^ [ 34.233735] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.234266] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.235034] ================================================================== [ 34.935174] ================================================================== [ 34.935893] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 34.937684] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.938329] [ 34.938539] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.939682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.940822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.941571] Call Trace: [ 34.941972] <TASK> [ 34.942295] dump_stack_lvl+0x73/0xb0 [ 34.942860] print_report+0xd1/0x640 [ 34.943442] ? __virt_addr_valid+0x1db/0x2d0 [ 34.944130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.944772] kasan_report+0x102/0x140 [ 34.945372] ? kasan_atomics_helper+0x4f32/0x5450 [ 34.945960] ? kasan_atomics_helper+0x4f32/0x5450 [ 34.946384] __asan_report_load8_noabort+0x18/0x20 [ 34.947047] kasan_atomics_helper+0x4f32/0x5450 [ 34.947467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.948131] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.948506] ? kasan_save_alloc_info+0x3b/0x50 [ 34.949195] ? kasan_atomics+0x153/0x310 [ 34.949678] kasan_atomics+0x1dd/0x310 [ 34.950289] ? __pfx_kasan_atomics+0x10/0x10 [ 34.950859] ? __pfx_read_tsc+0x10/0x10 [ 34.951470] ? ktime_get_ts64+0x84/0x230 [ 34.951889] kunit_try_run_case+0x1b3/0x490 [ 34.952652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.953200] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.953844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.954209] ? __kthread_parkme+0x82/0x160 [ 34.954874] ? preempt_count_sub+0x50/0x80 [ 34.955351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.955891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.956301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.957293] kthread+0x257/0x310 [ 34.957630] ? __pfx_kthread+0x10/0x10 [ 34.958030] ret_from_fork+0x41/0x80 [ 34.958482] ? __pfx_kthread+0x10/0x10 [ 34.959040] ret_from_fork_asm+0x1a/0x30 [ 34.959514] </TASK> [ 34.959729] [ 34.960036] Allocated by task 272: [ 34.960523] kasan_save_stack+0x3d/0x60 [ 34.961187] kasan_save_track+0x18/0x40 [ 34.961643] kasan_save_alloc_info+0x3b/0x50 [ 34.961970] __kasan_kmalloc+0xb7/0xc0 [ 34.962491] __kmalloc_cache_noprof+0x184/0x410 [ 34.963211] kasan_atomics+0x96/0x310 [ 34.963550] kunit_try_run_case+0x1b3/0x490 [ 34.964119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.964872] kthread+0x257/0x310 [ 34.965175] ret_from_fork+0x41/0x80 [ 34.965570] ret_from_fork_asm+0x1a/0x30 [ 34.966037] [ 34.966350] The buggy address belongs to the object at ffff8881029f9480 [ 34.966350] which belongs to the cache kmalloc-64 of size 64 [ 34.967343] The buggy address is located 0 bytes to the right of [ 34.967343] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.968656] [ 34.968851] The buggy address belongs to the physical page: [ 34.969470] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.970335] flags: 0x200000000000000(node=0|zone=2) [ 34.970948] page_type: f5(slab) [ 34.971197] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.971644] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.972663] page dumped because: kasan: bad access detected [ 34.973170] [ 34.973346] Memory state around the buggy address: [ 34.973648] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.974308] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.975491] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.976244] ^ [ 34.976552] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.977737] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.978807] ================================================================== [ 35.115101] ================================================================== [ 35.116554] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 35.117554] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.118752] [ 35.118924] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.119866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.120503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.121481] Call Trace: [ 35.122108] <TASK> [ 35.122578] dump_stack_lvl+0x73/0xb0 [ 35.123299] print_report+0xd1/0x640 [ 35.123994] ? __virt_addr_valid+0x1db/0x2d0 [ 35.124441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.124990] kasan_report+0x102/0x140 [ 35.125385] ? kasan_atomics_helper+0x1eab/0x5450 [ 35.126314] ? kasan_atomics_helper+0x1eab/0x5450 [ 35.127390] kasan_check_range+0x10c/0x1c0 [ 35.128137] __kasan_check_write+0x18/0x20 [ 35.128510] kasan_atomics_helper+0x1eab/0x5450 [ 35.129267] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.130397] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.130836] ? kasan_save_alloc_info+0x3b/0x50 [ 35.131422] ? kasan_atomics+0x153/0x310 [ 35.132228] kasan_atomics+0x1dd/0x310 [ 35.132617] ? __pfx_kasan_atomics+0x10/0x10 [ 35.133470] ? __pfx_read_tsc+0x10/0x10 [ 35.134144] ? ktime_get_ts64+0x84/0x230 [ 35.134576] kunit_try_run_case+0x1b3/0x490 [ 35.135241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.136034] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.136640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.137340] ? __kthread_parkme+0x82/0x160 [ 35.137998] ? preempt_count_sub+0x50/0x80 [ 35.138526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.139409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.140276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.141036] kthread+0x257/0x310 [ 35.141399] ? __pfx_kthread+0x10/0x10 [ 35.141828] ret_from_fork+0x41/0x80 [ 35.142613] ? __pfx_kthread+0x10/0x10 [ 35.142938] ret_from_fork_asm+0x1a/0x30 [ 35.143474] </TASK> [ 35.144884] [ 35.145021] Allocated by task 272: [ 35.145228] kasan_save_stack+0x3d/0x60 [ 35.145472] kasan_save_track+0x18/0x40 [ 35.145738] kasan_save_alloc_info+0x3b/0x50 [ 35.146006] __kasan_kmalloc+0xb7/0xc0 [ 35.146249] __kmalloc_cache_noprof+0x184/0x410 [ 35.146452] kasan_atomics+0x96/0x310 [ 35.146629] kunit_try_run_case+0x1b3/0x490 [ 35.147911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.149201] kthread+0x257/0x310 [ 35.150263] ret_from_fork+0x41/0x80 [ 35.151174] ret_from_fork_asm+0x1a/0x30 [ 35.152264] [ 35.153335] The buggy address belongs to the object at ffff8881029f9480 [ 35.153335] which belongs to the cache kmalloc-64 of size 64 [ 35.154909] The buggy address is located 0 bytes to the right of [ 35.154909] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.156118] [ 35.156292] The buggy address belongs to the physical page: [ 35.157395] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.158266] flags: 0x200000000000000(node=0|zone=2) [ 35.158572] page_type: f5(slab) [ 35.158821] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.160247] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.161611] page dumped because: kasan: bad access detected [ 35.162162] [ 35.162459] Memory state around the buggy address: [ 35.162992] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.163864] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.164547] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.165442] ^ [ 35.165966] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.166561] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.167362] ================================================================== [ 35.573540] ================================================================== [ 35.574407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 35.575322] Read of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 35.576578] [ 35.577116] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 35.578123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.578305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.578649] Call Trace: [ 35.578872] <TASK> [ 35.579065] dump_stack_lvl+0x73/0xb0 [ 35.579571] print_report+0xd1/0x640 [ 35.579976] ? __virt_addr_valid+0x1db/0x2d0 [ 35.580188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.580424] kasan_report+0x102/0x140 [ 35.580605] ? kasan_atomics_helper+0x5117/0x5450 [ 35.581758] ? kasan_atomics_helper+0x5117/0x5450 [ 35.582147] __asan_report_load8_noabort+0x18/0x20 [ 35.582511] kasan_atomics_helper+0x5117/0x5450 [ 35.583202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 35.584026] ? __kmalloc_cache_noprof+0x184/0x410 [ 35.584574] ? kasan_save_alloc_info+0x3b/0x50 [ 35.585332] ? kasan_atomics+0x153/0x310 [ 35.585950] kasan_atomics+0x1dd/0x310 [ 35.586500] ? __pfx_kasan_atomics+0x10/0x10 [ 35.587180] ? __pfx_read_tsc+0x10/0x10 [ 35.587741] ? ktime_get_ts64+0x84/0x230 [ 35.588239] kunit_try_run_case+0x1b3/0x490 [ 35.588670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.589141] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.589591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.590196] ? __kthread_parkme+0x82/0x160 [ 35.590502] ? preempt_count_sub+0x50/0x80 [ 35.591354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.592093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.592952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.593740] kthread+0x257/0x310 [ 35.594058] ? __pfx_kthread+0x10/0x10 [ 35.594684] ret_from_fork+0x41/0x80 [ 35.595221] ? __pfx_kthread+0x10/0x10 [ 35.595815] ret_from_fork_asm+0x1a/0x30 [ 35.596340] </TASK> [ 35.596568] [ 35.596950] Allocated by task 272: [ 35.597381] kasan_save_stack+0x3d/0x60 [ 35.597976] kasan_save_track+0x18/0x40 [ 35.598668] kasan_save_alloc_info+0x3b/0x50 [ 35.599341] __kasan_kmalloc+0xb7/0xc0 [ 35.599901] __kmalloc_cache_noprof+0x184/0x410 [ 35.600500] kasan_atomics+0x96/0x310 [ 35.600976] kunit_try_run_case+0x1b3/0x490 [ 35.601553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.602213] kthread+0x257/0x310 [ 35.602594] ret_from_fork+0x41/0x80 [ 35.603274] ret_from_fork_asm+0x1a/0x30 [ 35.603826] [ 35.604171] The buggy address belongs to the object at ffff8881029f9480 [ 35.604171] which belongs to the cache kmalloc-64 of size 64 [ 35.605355] The buggy address is located 0 bytes to the right of [ 35.605355] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.606526] [ 35.606845] The buggy address belongs to the physical page: [ 35.607646] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.608457] flags: 0x200000000000000(node=0|zone=2) [ 35.609127] page_type: f5(slab) [ 35.609389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.610228] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.611071] page dumped because: kasan: bad access detected [ 35.611668] [ 35.611938] Memory state around the buggy address: [ 35.612532] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.613289] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.614072] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.614834] ^ [ 35.615283] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.616080] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.616862] ================================================================== [ 32.926748] ================================================================== [ 32.927718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 32.928960] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 32.930408] [ 32.930637] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.931416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.932202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.932990] Call Trace: [ 32.933265] <TASK> [ 32.933500] dump_stack_lvl+0x73/0xb0 [ 32.934559] print_report+0xd1/0x640 [ 32.935190] ? __virt_addr_valid+0x1db/0x2d0 [ 32.936012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.936775] kasan_report+0x102/0x140 [ 32.937312] ? kasan_atomics_helper+0x566/0x5450 [ 32.938209] ? kasan_atomics_helper+0x566/0x5450 [ 32.938943] kasan_check_range+0x10c/0x1c0 [ 32.939422] __kasan_check_write+0x18/0x20 [ 32.940063] kasan_atomics_helper+0x566/0x5450 [ 32.940691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.941399] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.942075] ? kasan_save_alloc_info+0x3b/0x50 [ 32.942597] ? kasan_atomics+0x153/0x310 [ 32.943682] kasan_atomics+0x1dd/0x310 [ 32.944044] ? __pfx_kasan_atomics+0x10/0x10 [ 32.944838] ? __pfx_read_tsc+0x10/0x10 [ 32.945161] ? ktime_get_ts64+0x84/0x230 [ 32.945898] kunit_try_run_case+0x1b3/0x490 [ 32.946390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.947466] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.947916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.948426] ? __kthread_parkme+0x82/0x160 [ 32.949162] ? preempt_count_sub+0x50/0x80 [ 32.949799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.950323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.951223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.951776] kthread+0x257/0x310 [ 32.952141] ? __pfx_kthread+0x10/0x10 [ 32.952540] ret_from_fork+0x41/0x80 [ 32.953049] ? __pfx_kthread+0x10/0x10 [ 32.954162] ret_from_fork_asm+0x1a/0x30 [ 32.954586] </TASK> [ 32.954991] [ 32.955173] Allocated by task 272: [ 32.956121] kasan_save_stack+0x3d/0x60 [ 32.956534] kasan_save_track+0x18/0x40 [ 32.957226] kasan_save_alloc_info+0x3b/0x50 [ 32.958154] __kasan_kmalloc+0xb7/0xc0 [ 32.958724] __kmalloc_cache_noprof+0x184/0x410 [ 32.959643] kasan_atomics+0x96/0x310 [ 32.960125] kunit_try_run_case+0x1b3/0x490 [ 32.960627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.961433] kthread+0x257/0x310 [ 32.962349] ret_from_fork+0x41/0x80 [ 32.962644] ret_from_fork_asm+0x1a/0x30 [ 32.963357] [ 32.963547] The buggy address belongs to the object at ffff8881029f9480 [ 32.963547] which belongs to the cache kmalloc-64 of size 64 [ 32.964571] The buggy address is located 0 bytes to the right of [ 32.964571] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 32.966522] [ 32.966939] The buggy address belongs to the physical page: [ 32.967259] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 32.968386] flags: 0x200000000000000(node=0|zone=2) [ 32.968788] page_type: f5(slab) [ 32.969530] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.970388] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.971643] page dumped because: kasan: bad access detected [ 32.972103] [ 32.972314] Memory state around the buggy address: [ 32.973241] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.973519] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.973943] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.975083] ^ [ 32.975398] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.976320] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.977522] ================================================================== [ 33.778479] ================================================================== [ 33.779182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 33.780290] Read of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 33.780799] [ 33.781049] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 33.782113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.782513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.783234] Call Trace: [ 33.783580] <TASK> [ 33.783849] dump_stack_lvl+0x73/0xb0 [ 33.784258] print_report+0xd1/0x640 [ 33.784591] ? __virt_addr_valid+0x1db/0x2d0 [ 33.785041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.785406] kasan_report+0x102/0x140 [ 33.785962] ? kasan_atomics_helper+0x4a38/0x5450 [ 33.786552] ? kasan_atomics_helper+0x4a38/0x5450 [ 33.787754] __asan_report_load4_noabort+0x18/0x20 [ 33.788090] kasan_atomics_helper+0x4a38/0x5450 [ 33.788419] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.789059] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.789440] ? kasan_save_alloc_info+0x3b/0x50 [ 33.790032] ? kasan_atomics+0x153/0x310 [ 33.790490] kasan_atomics+0x1dd/0x310 [ 33.791022] ? __pfx_kasan_atomics+0x10/0x10 [ 33.791365] ? __pfx_read_tsc+0x10/0x10 [ 33.791922] ? ktime_get_ts64+0x84/0x230 [ 33.792252] kunit_try_run_case+0x1b3/0x490 [ 33.792849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.793254] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.793871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.794238] ? __kthread_parkme+0x82/0x160 [ 33.794799] ? preempt_count_sub+0x50/0x80 [ 33.795203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.795670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.796318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.796819] kthread+0x257/0x310 [ 33.797269] ? __pfx_kthread+0x10/0x10 [ 33.797737] ret_from_fork+0x41/0x80 [ 33.798213] ? __pfx_kthread+0x10/0x10 [ 33.798637] ret_from_fork_asm+0x1a/0x30 [ 33.799109] </TASK> [ 33.799386] [ 33.799561] Allocated by task 272: [ 33.799991] kasan_save_stack+0x3d/0x60 [ 33.800274] kasan_save_track+0x18/0x40 [ 33.800810] kasan_save_alloc_info+0x3b/0x50 [ 33.801318] __kasan_kmalloc+0xb7/0xc0 [ 33.801658] __kmalloc_cache_noprof+0x184/0x410 [ 33.802179] kasan_atomics+0x96/0x310 [ 33.802586] kunit_try_run_case+0x1b3/0x490 [ 33.803129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.803480] kthread+0x257/0x310 [ 33.803966] ret_from_fork+0x41/0x80 [ 33.804411] ret_from_fork_asm+0x1a/0x30 [ 33.804962] [ 33.805193] The buggy address belongs to the object at ffff8881029f9480 [ 33.805193] which belongs to the cache kmalloc-64 of size 64 [ 33.806231] The buggy address is located 0 bytes to the right of [ 33.806231] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 33.807269] [ 33.807443] The buggy address belongs to the physical page: [ 33.808024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 33.808817] flags: 0x200000000000000(node=0|zone=2) [ 33.809261] page_type: f5(slab) [ 33.809509] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.810431] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.811035] page dumped because: kasan: bad access detected [ 33.811674] [ 33.811882] Memory state around the buggy address: [ 33.812254] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.813434] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.815172] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.815529] ^ [ 33.815832] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.816196] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.816485] ================================================================== [ 34.979882] ================================================================== [ 34.981873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 34.982841] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.983756] [ 34.983983] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.985169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.985692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.986780] Call Trace: [ 34.987242] <TASK> [ 34.987689] dump_stack_lvl+0x73/0xb0 [ 34.988340] print_report+0xd1/0x640 [ 34.989416] ? __virt_addr_valid+0x1db/0x2d0 [ 34.990211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.990783] kasan_report+0x102/0x140 [ 34.991133] ? kasan_atomics_helper+0x1ce2/0x5450 [ 34.991528] ? kasan_atomics_helper+0x1ce2/0x5450 [ 34.992059] kasan_check_range+0x10c/0x1c0 [ 34.992560] __kasan_check_write+0x18/0x20 [ 34.993131] kasan_atomics_helper+0x1ce2/0x5450 [ 34.993785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.994276] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.994812] ? kasan_save_alloc_info+0x3b/0x50 [ 34.995428] ? kasan_atomics+0x153/0x310 [ 34.995990] kasan_atomics+0x1dd/0x310 [ 34.996380] ? __pfx_kasan_atomics+0x10/0x10 [ 34.996827] ? __pfx_read_tsc+0x10/0x10 [ 34.997226] ? ktime_get_ts64+0x84/0x230 [ 34.997629] kunit_try_run_case+0x1b3/0x490 [ 34.998237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.998686] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.999203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.999845] ? __kthread_parkme+0x82/0x160 [ 35.000361] ? preempt_count_sub+0x50/0x80 [ 35.000938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.001456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.002107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.002727] kthread+0x257/0x310 [ 35.003123] ? __pfx_kthread+0x10/0x10 [ 35.003562] ret_from_fork+0x41/0x80 [ 35.004146] ? __pfx_kthread+0x10/0x10 [ 35.004699] ret_from_fork_asm+0x1a/0x30 [ 35.005168] </TASK> [ 35.005382] [ 35.005767] Allocated by task 272: [ 35.006206] kasan_save_stack+0x3d/0x60 [ 35.006779] kasan_save_track+0x18/0x40 [ 35.007262] kasan_save_alloc_info+0x3b/0x50 [ 35.007772] __kasan_kmalloc+0xb7/0xc0 [ 35.008065] __kmalloc_cache_noprof+0x184/0x410 [ 35.008717] kasan_atomics+0x96/0x310 [ 35.009039] kunit_try_run_case+0x1b3/0x490 [ 35.009533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.010103] kthread+0x257/0x310 [ 35.010571] ret_from_fork+0x41/0x80 [ 35.011173] ret_from_fork_asm+0x1a/0x30 [ 35.011672] [ 35.011996] The buggy address belongs to the object at ffff8881029f9480 [ 35.011996] which belongs to the cache kmalloc-64 of size 64 [ 35.013054] The buggy address is located 0 bytes to the right of [ 35.013054] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 35.014280] [ 35.014438] The buggy address belongs to the physical page: [ 35.015130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 35.015783] flags: 0x200000000000000(node=0|zone=2) [ 35.016450] page_type: f5(slab) [ 35.016871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 35.017649] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.018442] page dumped because: kasan: bad access detected [ 35.019038] [ 35.019299] Memory state around the buggy address: [ 35.019737] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.020592] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.021365] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.021956] ^ [ 35.022588] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.023294] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.023982] ================================================================== [ 34.105725] ================================================================== [ 34.106664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 34.108197] Write of size 4 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.108991] [ 34.109193] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.110135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.110647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.111397] Call Trace: [ 34.111840] <TASK> [ 34.112169] dump_stack_lvl+0x73/0xb0 [ 34.112655] print_report+0xd1/0x640 [ 34.113010] ? __virt_addr_valid+0x1db/0x2d0 [ 34.113590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.114316] kasan_report+0x102/0x140 [ 34.114921] ? kasan_atomics_helper+0x12e7/0x5450 [ 34.115329] ? kasan_atomics_helper+0x12e7/0x5450 [ 34.115944] kasan_check_range+0x10c/0x1c0 [ 34.116303] __kasan_check_write+0x18/0x20 [ 34.116819] kasan_atomics_helper+0x12e7/0x5450 [ 34.117360] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.117940] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.118292] ? kasan_save_alloc_info+0x3b/0x50 [ 34.118972] ? kasan_atomics+0x153/0x310 [ 34.119438] kasan_atomics+0x1dd/0x310 [ 34.119992] ? __pfx_kasan_atomics+0x10/0x10 [ 34.120350] ? __pfx_read_tsc+0x10/0x10 [ 34.120954] ? ktime_get_ts64+0x84/0x230 [ 34.121460] kunit_try_run_case+0x1b3/0x490 [ 34.122027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.122453] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.123083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.123528] ? __kthread_parkme+0x82/0x160 [ 34.124138] ? preempt_count_sub+0x50/0x80 [ 34.124564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.125057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.125684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.126209] kthread+0x257/0x310 [ 34.126737] ? __pfx_kthread+0x10/0x10 [ 34.127163] ret_from_fork+0x41/0x80 [ 34.127536] ? __pfx_kthread+0x10/0x10 [ 34.128029] ret_from_fork_asm+0x1a/0x30 [ 34.128501] </TASK> [ 34.128897] [ 34.129087] Allocated by task 272: [ 34.129340] kasan_save_stack+0x3d/0x60 [ 34.129881] kasan_save_track+0x18/0x40 [ 34.130446] kasan_save_alloc_info+0x3b/0x50 [ 34.130938] __kasan_kmalloc+0xb7/0xc0 [ 34.131428] __kmalloc_cache_noprof+0x184/0x410 [ 34.132050] kasan_atomics+0x96/0x310 [ 34.132345] kunit_try_run_case+0x1b3/0x490 [ 34.132788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.133472] kthread+0x257/0x310 [ 34.133914] ret_from_fork+0x41/0x80 [ 34.134410] ret_from_fork_asm+0x1a/0x30 [ 34.134951] [ 34.135191] The buggy address belongs to the object at ffff8881029f9480 [ 34.135191] which belongs to the cache kmalloc-64 of size 64 [ 34.136339] The buggy address is located 0 bytes to the right of [ 34.136339] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.137509] [ 34.137818] The buggy address belongs to the physical page: [ 34.138419] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.139202] flags: 0x200000000000000(node=0|zone=2) [ 34.139896] page_type: f5(slab) [ 34.140172] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.140978] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.141803] page dumped because: kasan: bad access detected [ 34.142315] [ 34.142490] Memory state around the buggy address: [ 34.143016] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.143645] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.144197] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.144758] ^ [ 34.145066] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.145863] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.146478] ================================================================== [ 34.838526] ================================================================== [ 34.839082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 34.839686] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.840484] [ 34.841238] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.841949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.842489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.843398] Call Trace: [ 34.843611] <TASK> [ 34.844072] dump_stack_lvl+0x73/0xb0 [ 34.844537] print_report+0xd1/0x640 [ 34.845034] ? __virt_addr_valid+0x1db/0x2d0 [ 34.845578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.846074] kasan_report+0x102/0x140 [ 34.846462] ? kasan_atomics_helper+0x1b23/0x5450 [ 34.847007] ? kasan_atomics_helper+0x1b23/0x5450 [ 34.847479] kasan_check_range+0x10c/0x1c0 [ 34.847951] __kasan_check_write+0x18/0x20 [ 34.848304] kasan_atomics_helper+0x1b23/0x5450 [ 34.848905] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.849339] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.849849] ? kasan_save_alloc_info+0x3b/0x50 [ 34.850192] ? kasan_atomics+0x153/0x310 [ 34.850506] kasan_atomics+0x1dd/0x310 [ 34.851031] ? __pfx_kasan_atomics+0x10/0x10 [ 34.851591] ? __pfx_read_tsc+0x10/0x10 [ 34.852053] ? ktime_get_ts64+0x84/0x230 [ 34.852362] kunit_try_run_case+0x1b3/0x490 [ 34.852729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.853303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.854074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.854557] ? __kthread_parkme+0x82/0x160 [ 34.854950] ? preempt_count_sub+0x50/0x80 [ 34.855260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.855861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.856564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.857291] kthread+0x257/0x310 [ 34.857578] ? __pfx_kthread+0x10/0x10 [ 34.857887] ret_from_fork+0x41/0x80 [ 34.858385] ? __pfx_kthread+0x10/0x10 [ 34.858885] ret_from_fork_asm+0x1a/0x30 [ 34.859390] </TASK> [ 34.859670] [ 34.859873] Allocated by task 272: [ 34.860119] kasan_save_stack+0x3d/0x60 [ 34.860515] kasan_save_track+0x18/0x40 [ 34.861052] kasan_save_alloc_info+0x3b/0x50 [ 34.861566] __kasan_kmalloc+0xb7/0xc0 [ 34.862040] __kmalloc_cache_noprof+0x184/0x410 [ 34.862564] kasan_atomics+0x96/0x310 [ 34.862863] kunit_try_run_case+0x1b3/0x490 [ 34.863636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.864154] kthread+0x257/0x310 [ 34.864477] ret_from_fork+0x41/0x80 [ 34.864851] ret_from_fork_asm+0x1a/0x30 [ 34.865232] [ 34.865391] The buggy address belongs to the object at ffff8881029f9480 [ 34.865391] which belongs to the cache kmalloc-64 of size 64 [ 34.866045] The buggy address is located 0 bytes to the right of [ 34.866045] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.867687] [ 34.867888] The buggy address belongs to the physical page: [ 34.868220] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.868699] flags: 0x200000000000000(node=0|zone=2) [ 34.869270] page_type: f5(slab) [ 34.869719] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.870553] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.871278] page dumped because: kasan: bad access detected [ 34.871765] [ 34.871948] Memory state around the buggy address: [ 34.872256] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.872855] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.873551] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.874277] ^ [ 34.874992] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.875404] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.876001] ================================================================== [ 34.562471] ================================================================== [ 34.563271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 34.564165] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.565082] [ 34.565328] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.566489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.566924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.567914] Call Trace: [ 34.568137] <TASK> [ 34.568572] dump_stack_lvl+0x73/0xb0 [ 34.569167] print_report+0xd1/0x640 [ 34.569609] ? __virt_addr_valid+0x1db/0x2d0 [ 34.570361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.571127] kasan_report+0x102/0x140 [ 34.571574] ? kasan_atomics_helper+0x1780/0x5450 [ 34.572169] ? kasan_atomics_helper+0x1780/0x5450 [ 34.572927] kasan_check_range+0x10c/0x1c0 [ 34.573351] __kasan_check_write+0x18/0x20 [ 34.573969] kasan_atomics_helper+0x1780/0x5450 [ 34.574550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.575248] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.575899] ? kasan_save_alloc_info+0x3b/0x50 [ 34.576946] ? kasan_atomics+0x153/0x310 [ 34.577432] kasan_atomics+0x1dd/0x310 [ 34.578383] ? __pfx_kasan_atomics+0x10/0x10 [ 34.578793] ? __pfx_read_tsc+0x10/0x10 [ 34.579367] ? ktime_get_ts64+0x84/0x230 [ 34.580065] kunit_try_run_case+0x1b3/0x490 [ 34.580596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.581274] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.581871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.582438] ? __kthread_parkme+0x82/0x160 [ 34.582967] ? preempt_count_sub+0x50/0x80 [ 34.583619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.584061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.584773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.585373] kthread+0x257/0x310 [ 34.585820] ? __pfx_kthread+0x10/0x10 [ 34.586343] ret_from_fork+0x41/0x80 [ 34.586635] ? __pfx_kthread+0x10/0x10 [ 34.587305] ret_from_fork_asm+0x1a/0x30 [ 34.587919] </TASK> [ 34.588230] [ 34.588484] Allocated by task 272: [ 34.589083] kasan_save_stack+0x3d/0x60 [ 34.589524] kasan_save_track+0x18/0x40 [ 34.590175] kasan_save_alloc_info+0x3b/0x50 [ 34.590928] __kasan_kmalloc+0xb7/0xc0 [ 34.591434] __kmalloc_cache_noprof+0x184/0x410 [ 34.592159] kasan_atomics+0x96/0x310 [ 34.592606] kunit_try_run_case+0x1b3/0x490 [ 34.593087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.593969] kthread+0x257/0x310 [ 34.594327] ret_from_fork+0x41/0x80 [ 34.594961] ret_from_fork_asm+0x1a/0x30 [ 34.595439] [ 34.595742] The buggy address belongs to the object at ffff8881029f9480 [ 34.595742] which belongs to the cache kmalloc-64 of size 64 [ 34.597045] The buggy address is located 0 bytes to the right of [ 34.597045] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.598203] [ 34.598575] The buggy address belongs to the physical page: [ 34.599269] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.600148] flags: 0x200000000000000(node=0|zone=2) [ 34.600957] page_type: f5(slab) [ 34.601350] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.602475] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.603240] page dumped because: kasan: bad access detected [ 34.604013] [ 34.604227] Memory state around the buggy address: [ 34.604985] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.605687] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.606214] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.606875] ^ [ 34.607235] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.608114] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.608912] ================================================================== [ 34.377379] ================================================================== [ 34.378204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 34.378971] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.379991] [ 34.380231] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.381099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.381480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.382463] Call Trace: [ 34.382814] <TASK> [ 34.383126] dump_stack_lvl+0x73/0xb0 [ 34.383521] print_report+0xd1/0x640 [ 34.384024] ? __virt_addr_valid+0x1db/0x2d0 [ 34.384475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.385045] kasan_report+0x102/0x140 [ 34.385519] ? kasan_atomics_helper+0x151e/0x5450 [ 34.386096] ? kasan_atomics_helper+0x151e/0x5450 [ 34.386533] kasan_check_range+0x10c/0x1c0 [ 34.387204] __kasan_check_write+0x18/0x20 [ 34.387522] kasan_atomics_helper+0x151e/0x5450 [ 34.388190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.388756] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.389311] ? kasan_save_alloc_info+0x3b/0x50 [ 34.389890] ? kasan_atomics+0x153/0x310 [ 34.390415] kasan_atomics+0x1dd/0x310 [ 34.390933] ? __pfx_kasan_atomics+0x10/0x10 [ 34.391482] ? __pfx_read_tsc+0x10/0x10 [ 34.391997] ? ktime_get_ts64+0x84/0x230 [ 34.392521] kunit_try_run_case+0x1b3/0x490 [ 34.392995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.393589] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.394161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.394495] ? __kthread_parkme+0x82/0x160 [ 34.395021] ? preempt_count_sub+0x50/0x80 [ 34.395651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.396119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.396768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.397323] kthread+0x257/0x310 [ 34.397800] ? __pfx_kthread+0x10/0x10 [ 34.398234] ret_from_fork+0x41/0x80 [ 34.398751] ? __pfx_kthread+0x10/0x10 [ 34.399180] ret_from_fork_asm+0x1a/0x30 [ 34.399721] </TASK> [ 34.400100] [ 34.400326] Allocated by task 272: [ 34.400746] kasan_save_stack+0x3d/0x60 [ 34.401351] kasan_save_track+0x18/0x40 [ 34.401835] kasan_save_alloc_info+0x3b/0x50 [ 34.402181] __kasan_kmalloc+0xb7/0xc0 [ 34.402747] __kmalloc_cache_noprof+0x184/0x410 [ 34.403302] kasan_atomics+0x96/0x310 [ 34.403882] kunit_try_run_case+0x1b3/0x490 [ 34.404322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.405050] kthread+0x257/0x310 [ 34.405368] ret_from_fork+0x41/0x80 [ 34.405934] ret_from_fork_asm+0x1a/0x30 [ 34.406286] [ 34.406547] The buggy address belongs to the object at ffff8881029f9480 [ 34.406547] which belongs to the cache kmalloc-64 of size 64 [ 34.407949] The buggy address is located 0 bytes to the right of [ 34.407949] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.409695] [ 34.409982] The buggy address belongs to the physical page: [ 34.410423] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.411326] flags: 0x200000000000000(node=0|zone=2) [ 34.412141] page_type: f5(slab) [ 34.412386] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.413140] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.413816] page dumped because: kasan: bad access detected [ 34.414303] [ 34.414600] Memory state around the buggy address: [ 34.415058] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.415967] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.416814] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.417417] ^ [ 34.418260] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.419111] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.420181] ================================================================== [ 34.794020] ================================================================== [ 34.794931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 34.795578] Write of size 8 at addr ffff8881029f94b0 by task kunit_try_catch/272 [ 34.797865] [ 34.798203] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 34.799532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.799972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.801105] Call Trace: [ 34.801346] <TASK> [ 34.801533] dump_stack_lvl+0x73/0xb0 [ 34.802411] print_report+0xd1/0x640 [ 34.802867] ? __virt_addr_valid+0x1db/0x2d0 [ 34.803314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.803820] kasan_report+0x102/0x140 [ 34.804199] ? kasan_atomics_helper+0x1a80/0x5450 [ 34.804655] ? kasan_atomics_helper+0x1a80/0x5450 [ 34.805909] kasan_check_range+0x10c/0x1c0 [ 34.806503] __kasan_check_write+0x18/0x20 [ 34.807225] kasan_atomics_helper+0x1a80/0x5450 [ 34.807607] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.808407] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.809017] ? kasan_save_alloc_info+0x3b/0x50 [ 34.809742] ? kasan_atomics+0x153/0x310 [ 34.810391] kasan_atomics+0x1dd/0x310 [ 34.810955] ? __pfx_kasan_atomics+0x10/0x10 [ 34.811452] ? __pfx_read_tsc+0x10/0x10 [ 34.812213] ? ktime_get_ts64+0x84/0x230 [ 34.812967] kunit_try_run_case+0x1b3/0x490 [ 34.813610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.814307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.815112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.815608] ? __kthread_parkme+0x82/0x160 [ 34.816392] ? preempt_count_sub+0x50/0x80 [ 34.817186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.817769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.818337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.818745] kthread+0x257/0x310 [ 34.819017] ? __pfx_kthread+0x10/0x10 [ 34.819482] ret_from_fork+0x41/0x80 [ 34.819865] ? __pfx_kthread+0x10/0x10 [ 34.820311] ret_from_fork_asm+0x1a/0x30 [ 34.820858] </TASK> [ 34.821183] [ 34.821342] Allocated by task 272: [ 34.821761] kasan_save_stack+0x3d/0x60 [ 34.822089] kasan_save_track+0x18/0x40 [ 34.822541] kasan_save_alloc_info+0x3b/0x50 [ 34.823047] __kasan_kmalloc+0xb7/0xc0 [ 34.823436] __kmalloc_cache_noprof+0x184/0x410 [ 34.823840] kasan_atomics+0x96/0x310 [ 34.824297] kunit_try_run_case+0x1b3/0x490 [ 34.824772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.825345] kthread+0x257/0x310 [ 34.825871] ret_from_fork+0x41/0x80 [ 34.826204] ret_from_fork_asm+0x1a/0x30 [ 34.826592] [ 34.826890] The buggy address belongs to the object at ffff8881029f9480 [ 34.826890] which belongs to the cache kmalloc-64 of size 64 [ 34.827953] The buggy address is located 0 bytes to the right of [ 34.827953] allocated 48-byte region [ffff8881029f9480, ffff8881029f94b0) [ 34.829077] [ 34.829245] The buggy address belongs to the physical page: [ 34.829782] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 34.830671] flags: 0x200000000000000(node=0|zone=2) [ 34.831107] page_type: f5(slab) [ 34.831354] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.831992] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.832767] page dumped because: kasan: bad access detected [ 34.833267] [ 34.833473] Memory state around the buggy address: [ 34.833911] ffff8881029f9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.834489] ffff8881029f9400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.835109] >ffff8881029f9480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.835519] ^ [ 34.835974] ffff8881029f9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.836610] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.837078] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 32.413346] ================================================================== [ 32.414547] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 32.415413] Read of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.416248] [ 32.416430] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.417372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.417808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.418556] Call Trace: [ 32.418920] <TASK> [ 32.419123] dump_stack_lvl+0x73/0xb0 [ 32.419533] print_report+0xd1/0x640 [ 32.420573] ? __virt_addr_valid+0x1db/0x2d0 [ 32.421155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.421721] kasan_report+0x102/0x140 [ 32.422167] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 32.422691] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 32.424087] kasan_check_range+0x10c/0x1c0 [ 32.424506] __kasan_check_read+0x15/0x20 [ 32.424923] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 32.425457] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.426538] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.427191] ? trace_hardirqs_on+0x37/0xe0 [ 32.427828] ? kasan_bitops_generic+0x93/0x1c0 [ 32.428377] kasan_bitops_generic+0x122/0x1c0 [ 32.428938] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.429501] ? __pfx_read_tsc+0x10/0x10 [ 32.430085] ? ktime_get_ts64+0x84/0x230 [ 32.430455] kunit_try_run_case+0x1b3/0x490 [ 32.430947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.431416] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.431990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.432537] ? __kthread_parkme+0x82/0x160 [ 32.433068] ? preempt_count_sub+0x50/0x80 [ 32.433503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.433850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.434717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.435279] kthread+0x257/0x310 [ 32.435802] ? __pfx_kthread+0x10/0x10 [ 32.436267] ret_from_fork+0x41/0x80 [ 32.436684] ? __pfx_kthread+0x10/0x10 [ 32.437244] ret_from_fork_asm+0x1a/0x30 [ 32.437619] </TASK> [ 32.438016] [ 32.438290] Allocated by task 268: [ 32.438562] kasan_save_stack+0x3d/0x60 [ 32.439113] kasan_save_track+0x18/0x40 [ 32.439601] kasan_save_alloc_info+0x3b/0x50 [ 32.440315] __kasan_kmalloc+0xb7/0xc0 [ 32.440586] __kmalloc_cache_noprof+0x184/0x410 [ 32.441437] kasan_bitops_generic+0x93/0x1c0 [ 32.442035] kunit_try_run_case+0x1b3/0x490 [ 32.442670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.443183] kthread+0x257/0x310 [ 32.443569] ret_from_fork+0x41/0x80 [ 32.443958] ret_from_fork_asm+0x1a/0x30 [ 32.444539] [ 32.444917] The buggy address belongs to the object at ffff888101a98520 [ 32.444917] which belongs to the cache kmalloc-16 of size 16 [ 32.447063] The buggy address is located 8 bytes inside of [ 32.447063] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.448409] [ 32.448649] The buggy address belongs to the physical page: [ 32.449346] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.449980] flags: 0x200000000000000(node=0|zone=2) [ 32.450524] page_type: f5(slab) [ 32.450931] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.451825] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.452544] page dumped because: kasan: bad access detected [ 32.453134] [ 32.453383] Memory state around the buggy address: [ 32.454048] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.454654] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.455423] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.456302] ^ [ 32.456845] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.457576] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.458300] ================================================================== [ 32.232560] ================================================================== [ 32.234808] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 32.235805] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.236505] [ 32.236811] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.238376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.239249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.240597] Call Trace: [ 32.241122] <TASK> [ 32.241399] dump_stack_lvl+0x73/0xb0 [ 32.241839] print_report+0xd1/0x640 [ 32.242728] ? __virt_addr_valid+0x1db/0x2d0 [ 32.243350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.243916] kasan_report+0x102/0x140 [ 32.244108] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 32.244369] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 32.244657] kasan_check_range+0x10c/0x1c0 [ 32.245125] __kasan_check_write+0x18/0x20 [ 32.245579] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 32.246342] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.247152] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.247676] ? trace_hardirqs_on+0x37/0xe0 [ 32.248375] ? kasan_bitops_generic+0x93/0x1c0 [ 32.249235] kasan_bitops_generic+0x122/0x1c0 [ 32.249842] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.250454] ? __pfx_read_tsc+0x10/0x10 [ 32.250945] ? ktime_get_ts64+0x84/0x230 [ 32.251327] kunit_try_run_case+0x1b3/0x490 [ 32.252041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.252468] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.252966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.253470] ? __kthread_parkme+0x82/0x160 [ 32.254259] ? preempt_count_sub+0x50/0x80 [ 32.254761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.255255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.255848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.256374] kthread+0x257/0x310 [ 32.256926] ? __pfx_kthread+0x10/0x10 [ 32.257504] ret_from_fork+0x41/0x80 [ 32.257866] ? __pfx_kthread+0x10/0x10 [ 32.258480] ret_from_fork_asm+0x1a/0x30 [ 32.258927] </TASK> [ 32.259195] [ 32.259351] Allocated by task 268: [ 32.259909] kasan_save_stack+0x3d/0x60 [ 32.260176] kasan_save_track+0x18/0x40 [ 32.260468] kasan_save_alloc_info+0x3b/0x50 [ 32.260894] __kasan_kmalloc+0xb7/0xc0 [ 32.261247] __kmalloc_cache_noprof+0x184/0x410 [ 32.261688] kasan_bitops_generic+0x93/0x1c0 [ 32.262137] kunit_try_run_case+0x1b3/0x490 [ 32.262666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.263209] kthread+0x257/0x310 [ 32.263464] ret_from_fork+0x41/0x80 [ 32.263954] ret_from_fork_asm+0x1a/0x30 [ 32.264311] [ 32.264465] The buggy address belongs to the object at ffff888101a98520 [ 32.264465] which belongs to the cache kmalloc-16 of size 16 [ 32.265530] The buggy address is located 8 bytes inside of [ 32.265530] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.266496] [ 32.266812] The buggy address belongs to the physical page: [ 32.267335] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.267878] flags: 0x200000000000000(node=0|zone=2) [ 32.268419] page_type: f5(slab) [ 32.268868] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.269328] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.270075] page dumped because: kasan: bad access detected [ 32.270757] [ 32.270977] Memory state around the buggy address: [ 32.271278] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.272068] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.272560] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.273356] ^ [ 32.274734] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.275355] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.275929] ================================================================== [ 32.369010] ================================================================== [ 32.369837] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 32.370531] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.371213] [ 32.371465] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.372330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.372832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.375502] Call Trace: [ 32.376055] <TASK> [ 32.376363] dump_stack_lvl+0x73/0xb0 [ 32.377187] print_report+0xd1/0x640 [ 32.377533] ? __virt_addr_valid+0x1db/0x2d0 [ 32.378126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.378662] kasan_report+0x102/0x140 [ 32.378952] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 32.380256] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 32.380899] kasan_check_range+0x10c/0x1c0 [ 32.381372] __kasan_check_write+0x18/0x20 [ 32.382354] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 32.382817] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.383642] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.384104] ? trace_hardirqs_on+0x37/0xe0 [ 32.384519] ? kasan_bitops_generic+0x93/0x1c0 [ 32.385178] kasan_bitops_generic+0x122/0x1c0 [ 32.385770] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.386634] ? __pfx_read_tsc+0x10/0x10 [ 32.387123] ? ktime_get_ts64+0x84/0x230 [ 32.387570] kunit_try_run_case+0x1b3/0x490 [ 32.388263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.389053] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.389793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.390020] ? __kthread_parkme+0x82/0x160 [ 32.390218] ? preempt_count_sub+0x50/0x80 [ 32.390410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.390625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.391529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.392401] kthread+0x257/0x310 [ 32.393149] ? __pfx_kthread+0x10/0x10 [ 32.393672] ret_from_fork+0x41/0x80 [ 32.394259] ? __pfx_kthread+0x10/0x10 [ 32.394938] ret_from_fork_asm+0x1a/0x30 [ 32.395298] </TASK> [ 32.395925] [ 32.396162] Allocated by task 268: [ 32.396558] kasan_save_stack+0x3d/0x60 [ 32.396970] kasan_save_track+0x18/0x40 [ 32.397293] kasan_save_alloc_info+0x3b/0x50 [ 32.398126] __kasan_kmalloc+0xb7/0xc0 [ 32.398408] __kmalloc_cache_noprof+0x184/0x410 [ 32.398987] kasan_bitops_generic+0x93/0x1c0 [ 32.399336] kunit_try_run_case+0x1b3/0x490 [ 32.399853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.400259] kthread+0x257/0x310 [ 32.400755] ret_from_fork+0x41/0x80 [ 32.401126] ret_from_fork_asm+0x1a/0x30 [ 32.401538] [ 32.401843] The buggy address belongs to the object at ffff888101a98520 [ 32.401843] which belongs to the cache kmalloc-16 of size 16 [ 32.402666] The buggy address is located 8 bytes inside of [ 32.402666] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.403817] [ 32.404049] The buggy address belongs to the physical page: [ 32.404486] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.405197] flags: 0x200000000000000(node=0|zone=2) [ 32.405533] page_type: f5(slab) [ 32.406011] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.406654] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.407328] page dumped because: kasan: bad access detected [ 32.407880] [ 32.408099] Memory state around the buggy address: [ 32.408472] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.409134] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.409770] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.410320] ^ [ 32.410849] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.411467] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.412196] ================================================================== [ 32.068259] ================================================================== [ 32.069007] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 32.070659] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.072236] [ 32.072462] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.073395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.074676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.075863] Call Trace: [ 32.076470] <TASK> [ 32.076795] dump_stack_lvl+0x73/0xb0 [ 32.077803] print_report+0xd1/0x640 [ 32.078650] ? __virt_addr_valid+0x1db/0x2d0 [ 32.079072] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.080019] kasan_report+0x102/0x140 [ 32.080503] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 32.081503] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 32.082755] kasan_check_range+0x10c/0x1c0 [ 32.083313] __kasan_check_write+0x18/0x20 [ 32.083608] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 32.084895] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.085918] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.086412] ? trace_hardirqs_on+0x37/0xe0 [ 32.087159] ? kasan_bitops_generic+0x93/0x1c0 [ 32.088013] kasan_bitops_generic+0x122/0x1c0 [ 32.088461] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.089223] ? __pfx_read_tsc+0x10/0x10 [ 32.089512] ? ktime_get_ts64+0x84/0x230 [ 32.090446] kunit_try_run_case+0x1b3/0x490 [ 32.091183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.091905] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.092556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.093499] ? __kthread_parkme+0x82/0x160 [ 32.093932] ? preempt_count_sub+0x50/0x80 [ 32.094977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.095410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.096350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.096869] kthread+0x257/0x310 [ 32.097226] ? __pfx_kthread+0x10/0x10 [ 32.097587] ret_from_fork+0x41/0x80 [ 32.098736] ? __pfx_kthread+0x10/0x10 [ 32.099400] ret_from_fork_asm+0x1a/0x30 [ 32.100063] </TASK> [ 32.100446] [ 32.100978] Allocated by task 268: [ 32.101441] kasan_save_stack+0x3d/0x60 [ 32.101860] kasan_save_track+0x18/0x40 [ 32.102764] kasan_save_alloc_info+0x3b/0x50 [ 32.103216] __kasan_kmalloc+0xb7/0xc0 [ 32.103643] __kmalloc_cache_noprof+0x184/0x410 [ 32.104053] kasan_bitops_generic+0x93/0x1c0 [ 32.104507] kunit_try_run_case+0x1b3/0x490 [ 32.105271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.106026] kthread+0x257/0x310 [ 32.106835] ret_from_fork+0x41/0x80 [ 32.107414] ret_from_fork_asm+0x1a/0x30 [ 32.108011] [ 32.108272] The buggy address belongs to the object at ffff888101a98520 [ 32.108272] which belongs to the cache kmalloc-16 of size 16 [ 32.109825] The buggy address is located 8 bytes inside of [ 32.109825] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.111981] [ 32.112619] The buggy address belongs to the physical page: [ 32.113450] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.114509] flags: 0x200000000000000(node=0|zone=2) [ 32.115797] page_type: f5(slab) [ 32.116196] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.117296] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.118599] page dumped because: kasan: bad access detected [ 32.119320] [ 32.119519] Memory state around the buggy address: [ 32.120536] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.121349] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.122062] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.123252] ^ [ 32.123916] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.124985] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.125906] ================================================================== [ 32.277374] ================================================================== [ 32.278320] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 32.280023] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.281149] [ 32.281328] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.282268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.283571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.285606] Call Trace: [ 32.286064] <TASK> [ 32.286253] dump_stack_lvl+0x73/0xb0 [ 32.286792] print_report+0xd1/0x640 [ 32.287166] ? __virt_addr_valid+0x1db/0x2d0 [ 32.287603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.288479] kasan_report+0x102/0x140 [ 32.288962] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 32.289570] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 32.290215] kasan_check_range+0x10c/0x1c0 [ 32.290770] __kasan_check_write+0x18/0x20 [ 32.291162] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 32.292298] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.292975] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.293468] ? trace_hardirqs_on+0x37/0xe0 [ 32.294144] ? kasan_bitops_generic+0x93/0x1c0 [ 32.294905] kasan_bitops_generic+0x122/0x1c0 [ 32.295537] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.296320] ? __pfx_read_tsc+0x10/0x10 [ 32.296689] ? ktime_get_ts64+0x84/0x230 [ 32.297162] kunit_try_run_case+0x1b3/0x490 [ 32.297579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.298496] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.299212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.300050] ? __kthread_parkme+0x82/0x160 [ 32.300617] ? preempt_count_sub+0x50/0x80 [ 32.301588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.302060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.302635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.303479] kthread+0x257/0x310 [ 32.304124] ? __pfx_kthread+0x10/0x10 [ 32.304564] ret_from_fork+0x41/0x80 [ 32.305268] ? __pfx_kthread+0x10/0x10 [ 32.305590] ret_from_fork_asm+0x1a/0x30 [ 32.306175] </TASK> [ 32.306436] [ 32.307263] Allocated by task 268: [ 32.307571] kasan_save_stack+0x3d/0x60 [ 32.308214] kasan_save_track+0x18/0x40 [ 32.308626] kasan_save_alloc_info+0x3b/0x50 [ 32.309095] __kasan_kmalloc+0xb7/0xc0 [ 32.309490] __kmalloc_cache_noprof+0x184/0x410 [ 32.309970] kasan_bitops_generic+0x93/0x1c0 [ 32.310975] kunit_try_run_case+0x1b3/0x490 [ 32.311478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.312275] kthread+0x257/0x310 [ 32.312828] ret_from_fork+0x41/0x80 [ 32.313609] ret_from_fork_asm+0x1a/0x30 [ 32.314293] [ 32.314569] The buggy address belongs to the object at ffff888101a98520 [ 32.314569] which belongs to the cache kmalloc-16 of size 16 [ 32.315535] The buggy address is located 8 bytes inside of [ 32.315535] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.317265] [ 32.317595] The buggy address belongs to the physical page: [ 32.318354] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.319081] flags: 0x200000000000000(node=0|zone=2) [ 32.319608] page_type: f5(slab) [ 32.320687] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.321333] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.322394] page dumped because: kasan: bad access detected [ 32.323218] [ 32.323592] Memory state around the buggy address: [ 32.324185] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.325348] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.325948] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.326958] ^ [ 32.327554] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.328367] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.328716] ================================================================== [ 32.126751] ================================================================== [ 32.128036] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 32.129823] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.130750] [ 32.131457] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.132572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.133453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.135527] Call Trace: [ 32.135979] <TASK> [ 32.136109] dump_stack_lvl+0x73/0xb0 [ 32.136842] print_report+0xd1/0x640 [ 32.137472] ? __virt_addr_valid+0x1db/0x2d0 [ 32.138545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.139579] kasan_report+0x102/0x140 [ 32.140018] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 32.141032] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 32.141956] kasan_check_range+0x10c/0x1c0 [ 32.142651] __kasan_check_write+0x18/0x20 [ 32.143509] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 32.144119] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.145122] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.145855] ? trace_hardirqs_on+0x37/0xe0 [ 32.146718] ? kasan_bitops_generic+0x93/0x1c0 [ 32.147397] kasan_bitops_generic+0x122/0x1c0 [ 32.147866] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.148286] ? __pfx_read_tsc+0x10/0x10 [ 32.148659] ? ktime_get_ts64+0x84/0x230 [ 32.149061] kunit_try_run_case+0x1b3/0x490 [ 32.149486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.150567] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.151683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.152256] ? __kthread_parkme+0x82/0x160 [ 32.152922] ? preempt_count_sub+0x50/0x80 [ 32.153557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.154150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.155082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.156067] kthread+0x257/0x310 [ 32.156779] ? __pfx_kthread+0x10/0x10 [ 32.157147] ret_from_fork+0x41/0x80 [ 32.157537] ? __pfx_kthread+0x10/0x10 [ 32.157869] ret_from_fork_asm+0x1a/0x30 [ 32.158626] </TASK> [ 32.158957] [ 32.159144] Allocated by task 268: [ 32.159383] kasan_save_stack+0x3d/0x60 [ 32.160021] kasan_save_track+0x18/0x40 [ 32.160339] kasan_save_alloc_info+0x3b/0x50 [ 32.160814] __kasan_kmalloc+0xb7/0xc0 [ 32.161447] __kmalloc_cache_noprof+0x184/0x410 [ 32.161777] kasan_bitops_generic+0x93/0x1c0 [ 32.162506] kunit_try_run_case+0x1b3/0x490 [ 32.163442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.163959] kthread+0x257/0x310 [ 32.164199] ret_from_fork+0x41/0x80 [ 32.164664] ret_from_fork_asm+0x1a/0x30 [ 32.165324] [ 32.165499] The buggy address belongs to the object at ffff888101a98520 [ 32.165499] which belongs to the cache kmalloc-16 of size 16 [ 32.166749] The buggy address is located 8 bytes inside of [ 32.166749] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.168062] [ 32.168270] The buggy address belongs to the physical page: [ 32.168595] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.169609] flags: 0x200000000000000(node=0|zone=2) [ 32.170032] page_type: f5(slab) [ 32.170289] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.171364] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.172140] page dumped because: kasan: bad access detected [ 32.172901] [ 32.173055] Memory state around the buggy address: [ 32.173406] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.174536] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.175551] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.176015] ^ [ 32.176520] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.177212] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.178212] ================================================================== [ 32.178928] ================================================================== [ 32.179659] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 32.180458] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.181177] [ 32.181595] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.182546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.182839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.183819] Call Trace: [ 32.184159] <TASK> [ 32.184452] dump_stack_lvl+0x73/0xb0 [ 32.184907] print_report+0xd1/0x640 [ 32.185340] ? __virt_addr_valid+0x1db/0x2d0 [ 32.185653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.186412] kasan_report+0x102/0x140 [ 32.186891] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 32.187598] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 32.188526] kasan_check_range+0x10c/0x1c0 [ 32.188906] __kasan_check_write+0x18/0x20 [ 32.189456] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 32.189876] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.190879] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.191561] ? trace_hardirqs_on+0x37/0xe0 [ 32.192244] ? kasan_bitops_generic+0x93/0x1c0 [ 32.192689] kasan_bitops_generic+0x122/0x1c0 [ 32.193093] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.193496] ? __pfx_read_tsc+0x10/0x10 [ 32.194029] ? ktime_get_ts64+0x84/0x230 [ 32.194342] kunit_try_run_case+0x1b3/0x490 [ 32.194650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.195231] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.195729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.196265] ? __kthread_parkme+0x82/0x160 [ 32.196628] ? preempt_count_sub+0x50/0x80 [ 32.196954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.197509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.198435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.199034] kthread+0x257/0x310 [ 32.199313] ? __pfx_kthread+0x10/0x10 [ 32.199597] ret_from_fork+0x41/0x80 [ 32.200089] ? __pfx_kthread+0x10/0x10 [ 32.200930] ret_from_fork_asm+0x1a/0x30 [ 32.201794] </TASK> [ 32.202071] [ 32.202557] Allocated by task 268: [ 32.202821] kasan_save_stack+0x3d/0x60 [ 32.203096] kasan_save_track+0x18/0x40 [ 32.203600] kasan_save_alloc_info+0x3b/0x50 [ 32.204138] __kasan_kmalloc+0xb7/0xc0 [ 32.204928] __kmalloc_cache_noprof+0x184/0x410 [ 32.205398] kasan_bitops_generic+0x93/0x1c0 [ 32.205867] kunit_try_run_case+0x1b3/0x490 [ 32.206426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.207064] kthread+0x257/0x310 [ 32.207503] ret_from_fork+0x41/0x80 [ 32.207955] ret_from_fork_asm+0x1a/0x30 [ 32.208378] [ 32.208611] The buggy address belongs to the object at ffff888101a98520 [ 32.208611] which belongs to the cache kmalloc-16 of size 16 [ 32.209393] The buggy address is located 8 bytes inside of [ 32.209393] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.212448] [ 32.212602] The buggy address belongs to the physical page: [ 32.213843] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.214502] flags: 0x200000000000000(node=0|zone=2) [ 32.215433] page_type: f5(slab) [ 32.216543] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.217816] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.219436] page dumped because: kasan: bad access detected [ 32.220861] [ 32.221242] Memory state around the buggy address: [ 32.222444] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.224139] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.225511] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.227406] ^ [ 32.227686] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.230071] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.231128] ================================================================== [ 32.459775] ================================================================== [ 32.461250] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 32.462388] Read of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.462968] [ 32.463264] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.464357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.464889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.465595] Call Trace: [ 32.466319] <TASK> [ 32.466648] dump_stack_lvl+0x73/0xb0 [ 32.467164] print_report+0xd1/0x640 [ 32.467476] ? __virt_addr_valid+0x1db/0x2d0 [ 32.467931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.468733] kasan_report+0x102/0x140 [ 32.469434] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 32.470288] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 32.470568] __asan_report_load8_noabort+0x18/0x20 [ 32.471390] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 32.472673] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.473397] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.473861] ? trace_hardirqs_on+0x37/0xe0 [ 32.474381] ? kasan_bitops_generic+0x93/0x1c0 [ 32.474772] kasan_bitops_generic+0x122/0x1c0 [ 32.475327] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.475749] ? __pfx_read_tsc+0x10/0x10 [ 32.476139] ? ktime_get_ts64+0x84/0x230 [ 32.476609] kunit_try_run_case+0x1b3/0x490 [ 32.477085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.477524] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.478214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.478910] ? __kthread_parkme+0x82/0x160 [ 32.479369] ? preempt_count_sub+0x50/0x80 [ 32.480021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.480642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.481316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.481835] kthread+0x257/0x310 [ 32.482105] ? __pfx_kthread+0x10/0x10 [ 32.482620] ret_from_fork+0x41/0x80 [ 32.483101] ? __pfx_kthread+0x10/0x10 [ 32.483613] ret_from_fork_asm+0x1a/0x30 [ 32.484062] </TASK> [ 32.485893] [ 32.486560] Allocated by task 268: [ 32.487901] kasan_save_stack+0x3d/0x60 [ 32.488160] kasan_save_track+0x18/0x40 [ 32.488549] kasan_save_alloc_info+0x3b/0x50 [ 32.488932] __kasan_kmalloc+0xb7/0xc0 [ 32.489925] __kmalloc_cache_noprof+0x184/0x410 [ 32.490232] kasan_bitops_generic+0x93/0x1c0 [ 32.491790] kunit_try_run_case+0x1b3/0x490 [ 32.492052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.492364] kthread+0x257/0x310 [ 32.493615] ret_from_fork+0x41/0x80 [ 32.494388] ret_from_fork_asm+0x1a/0x30 [ 32.495275] [ 32.495522] The buggy address belongs to the object at ffff888101a98520 [ 32.495522] which belongs to the cache kmalloc-16 of size 16 [ 32.497361] The buggy address is located 8 bytes inside of [ 32.497361] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.497980] [ 32.498126] The buggy address belongs to the physical page: [ 32.498409] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.500096] flags: 0x200000000000000(node=0|zone=2) [ 32.500944] page_type: f5(slab) [ 32.501345] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.501917] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.502730] page dumped because: kasan: bad access detected [ 32.503188] [ 32.503433] Memory state around the buggy address: [ 32.503851] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.504454] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.505144] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.505718] ^ [ 32.506125] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.506916] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.507424] ================================================================== [ 32.329888] ================================================================== [ 32.330938] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 32.332119] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.333349] [ 32.333561] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.334920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.335100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.335427] Call Trace: [ 32.335553] <TASK> [ 32.335750] dump_stack_lvl+0x73/0xb0 [ 32.336134] print_report+0xd1/0x640 [ 32.336406] ? __virt_addr_valid+0x1db/0x2d0 [ 32.336754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.337099] kasan_report+0x102/0x140 [ 32.337383] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 32.338264] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 32.339252] kasan_check_range+0x10c/0x1c0 [ 32.339878] __kasan_check_write+0x18/0x20 [ 32.340305] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 32.340888] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 32.341288] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.341640] ? trace_hardirqs_on+0x37/0xe0 [ 32.342090] ? kasan_bitops_generic+0x93/0x1c0 [ 32.342621] kasan_bitops_generic+0x122/0x1c0 [ 32.342999] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.343554] ? __pfx_read_tsc+0x10/0x10 [ 32.343951] ? ktime_get_ts64+0x84/0x230 [ 32.344446] kunit_try_run_case+0x1b3/0x490 [ 32.344926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.345304] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.345933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.346374] ? __kthread_parkme+0x82/0x160 [ 32.346897] ? preempt_count_sub+0x50/0x80 [ 32.347270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.347726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.348350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.348939] kthread+0x257/0x310 [ 32.349201] ? __pfx_kthread+0x10/0x10 [ 32.349758] ret_from_fork+0x41/0x80 [ 32.350203] ? __pfx_kthread+0x10/0x10 [ 32.350721] ret_from_fork_asm+0x1a/0x30 [ 32.351252] </TASK> [ 32.351499] [ 32.351727] Allocated by task 268: [ 32.352141] kasan_save_stack+0x3d/0x60 [ 32.352664] kasan_save_track+0x18/0x40 [ 32.352997] kasan_save_alloc_info+0x3b/0x50 [ 32.353294] __kasan_kmalloc+0xb7/0xc0 [ 32.353843] __kmalloc_cache_noprof+0x184/0x410 [ 32.354385] kasan_bitops_generic+0x93/0x1c0 [ 32.354936] kunit_try_run_case+0x1b3/0x490 [ 32.355311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.355846] kthread+0x257/0x310 [ 32.356200] ret_from_fork+0x41/0x80 [ 32.356588] ret_from_fork_asm+0x1a/0x30 [ 32.357127] [ 32.357303] The buggy address belongs to the object at ffff888101a98520 [ 32.357303] which belongs to the cache kmalloc-16 of size 16 [ 32.358246] The buggy address is located 8 bytes inside of [ 32.358246] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.359230] [ 32.359450] The buggy address belongs to the physical page: [ 32.359946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.360497] flags: 0x200000000000000(node=0|zone=2) [ 32.361150] page_type: f5(slab) [ 32.361564] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.362284] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.363071] page dumped because: kasan: bad access detected [ 32.363506] [ 32.363799] Memory state around the buggy address: [ 32.364099] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.364918] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.365472] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.366252] ^ [ 32.366723] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.367192] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.367918] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 31.813126] ================================================================== [ 31.814001] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.816159] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.817459] [ 31.817776] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.819085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.819591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.820545] Call Trace: [ 31.820998] <TASK> [ 31.821333] dump_stack_lvl+0x73/0xb0 [ 31.821799] print_report+0xd1/0x640 [ 31.823431] ? __virt_addr_valid+0x1db/0x2d0 [ 31.824325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.824966] kasan_report+0x102/0x140 [ 31.825860] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.826567] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.827139] kasan_check_range+0x10c/0x1c0 [ 31.827564] __kasan_check_write+0x18/0x20 [ 31.828368] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.829961] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.830501] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.831253] ? trace_hardirqs_on+0x37/0xe0 [ 31.832349] ? kasan_bitops_generic+0x93/0x1c0 [ 31.833089] kasan_bitops_generic+0x117/0x1c0 [ 31.833655] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.834671] ? __pfx_read_tsc+0x10/0x10 [ 31.835374] ? ktime_get_ts64+0x84/0x230 [ 31.836184] kunit_try_run_case+0x1b3/0x490 [ 31.836463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.837029] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.837467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.838533] ? __kthread_parkme+0x82/0x160 [ 31.839292] ? preempt_count_sub+0x50/0x80 [ 31.840136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.840885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.841470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.842110] kthread+0x257/0x310 [ 31.843038] ? __pfx_kthread+0x10/0x10 [ 31.844002] ret_from_fork+0x41/0x80 [ 31.844475] ? __pfx_kthread+0x10/0x10 [ 31.845049] ret_from_fork_asm+0x1a/0x30 [ 31.845729] </TASK> [ 31.846326] [ 31.846499] Allocated by task 268: [ 31.847148] kasan_save_stack+0x3d/0x60 [ 31.847840] kasan_save_track+0x18/0x40 [ 31.848357] kasan_save_alloc_info+0x3b/0x50 [ 31.849095] __kasan_kmalloc+0xb7/0xc0 [ 31.849640] __kmalloc_cache_noprof+0x184/0x410 [ 31.850118] kasan_bitops_generic+0x93/0x1c0 [ 31.850485] kunit_try_run_case+0x1b3/0x490 [ 31.851120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.851776] kthread+0x257/0x310 [ 31.852391] ret_from_fork+0x41/0x80 [ 31.853158] ret_from_fork_asm+0x1a/0x30 [ 31.853686] [ 31.853864] The buggy address belongs to the object at ffff888101a98520 [ 31.853864] which belongs to the cache kmalloc-16 of size 16 [ 31.855399] The buggy address is located 8 bytes inside of [ 31.855399] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 31.856267] [ 31.856661] The buggy address belongs to the physical page: [ 31.857508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 31.858125] flags: 0x200000000000000(node=0|zone=2) [ 31.858749] page_type: f5(slab) [ 31.859541] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.860513] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.861837] page dumped because: kasan: bad access detected [ 31.862443] [ 31.862633] Memory state around the buggy address: [ 31.863670] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 31.864464] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 31.865235] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.866411] ^ [ 31.866736] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.868058] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.868902] ================================================================== [ 32.018347] ================================================================== [ 32.019269] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 32.019997] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 32.022267] [ 32.022681] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 32.023937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.024373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.025131] Call Trace: [ 32.026075] <TASK> [ 32.026388] dump_stack_lvl+0x73/0xb0 [ 32.026770] print_report+0xd1/0x640 [ 32.027733] ? __virt_addr_valid+0x1db/0x2d0 [ 32.028503] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.029743] kasan_report+0x102/0x140 [ 32.030042] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 32.030668] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 32.031213] kasan_check_range+0x10c/0x1c0 [ 32.031937] __kasan_check_write+0x18/0x20 [ 32.032483] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 32.033430] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 32.034593] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.035093] ? trace_hardirqs_on+0x37/0xe0 [ 32.035652] ? kasan_bitops_generic+0x93/0x1c0 [ 32.036226] kasan_bitops_generic+0x117/0x1c0 [ 32.036760] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 32.037530] ? __pfx_read_tsc+0x10/0x10 [ 32.037934] ? ktime_get_ts64+0x84/0x230 [ 32.038779] kunit_try_run_case+0x1b3/0x490 [ 32.039111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.039832] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.040347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.040903] ? __kthread_parkme+0x82/0x160 [ 32.041635] ? preempt_count_sub+0x50/0x80 [ 32.042192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.043136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.043921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.044532] kthread+0x257/0x310 [ 32.044996] ? __pfx_kthread+0x10/0x10 [ 32.045333] ret_from_fork+0x41/0x80 [ 32.046068] ? __pfx_kthread+0x10/0x10 [ 32.046492] ret_from_fork_asm+0x1a/0x30 [ 32.047072] </TASK> [ 32.047722] [ 32.048091] Allocated by task 268: [ 32.048333] kasan_save_stack+0x3d/0x60 [ 32.048951] kasan_save_track+0x18/0x40 [ 32.049352] kasan_save_alloc_info+0x3b/0x50 [ 32.050165] __kasan_kmalloc+0xb7/0xc0 [ 32.050502] __kmalloc_cache_noprof+0x184/0x410 [ 32.050830] kasan_bitops_generic+0x93/0x1c0 [ 32.051448] kunit_try_run_case+0x1b3/0x490 [ 32.052104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.053370] kthread+0x257/0x310 [ 32.053785] ret_from_fork+0x41/0x80 [ 32.054123] ret_from_fork_asm+0x1a/0x30 [ 32.054600] [ 32.054779] The buggy address belongs to the object at ffff888101a98520 [ 32.054779] which belongs to the cache kmalloc-16 of size 16 [ 32.055938] The buggy address is located 8 bytes inside of [ 32.055938] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.057034] [ 32.057189] The buggy address belongs to the physical page: [ 32.057515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.058793] flags: 0x200000000000000(node=0|zone=2) [ 32.059415] page_type: f5(slab) [ 32.060020] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.060844] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.061279] page dumped because: kasan: bad access detected [ 32.061609] [ 32.062016] Memory state around the buggy address: [ 32.062883] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.063522] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.064076] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.064681] ^ [ 32.065400] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.066232] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.067212] ================================================================== [ 31.644669] ================================================================== [ 31.646266] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.647333] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.648934] [ 31.649134] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.651591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.652056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.653558] Call Trace: [ 31.653896] <TASK> [ 31.654134] dump_stack_lvl+0x73/0xb0 [ 31.655038] print_report+0xd1/0x640 [ 31.655858] ? __virt_addr_valid+0x1db/0x2d0 [ 31.656269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.657646] kasan_report+0x102/0x140 [ 31.658016] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.658908] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.659449] kasan_check_range+0x10c/0x1c0 [ 31.660733] __kasan_check_write+0x18/0x20 [ 31.661127] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.662013] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.662740] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.663170] ? trace_hardirqs_on+0x37/0xe0 [ 31.663552] ? kasan_bitops_generic+0x93/0x1c0 [ 31.664629] kasan_bitops_generic+0x117/0x1c0 [ 31.665572] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.666318] ? __pfx_read_tsc+0x10/0x10 [ 31.666669] ? ktime_get_ts64+0x84/0x230 [ 31.667387] kunit_try_run_case+0x1b3/0x490 [ 31.667976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.668896] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.669919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.670762] ? __kthread_parkme+0x82/0x160 [ 31.671194] ? preempt_count_sub+0x50/0x80 [ 31.671557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.672120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.673059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.673861] kthread+0x257/0x310 [ 31.674523] ? __pfx_kthread+0x10/0x10 [ 31.674983] ret_from_fork+0x41/0x80 [ 31.675253] ? __pfx_kthread+0x10/0x10 [ 31.675732] ret_from_fork_asm+0x1a/0x30 [ 31.676177] </TASK> [ 31.676420] [ 31.676614] Allocated by task 268: [ 31.677849] kasan_save_stack+0x3d/0x60 [ 31.678578] kasan_save_track+0x18/0x40 [ 31.679224] kasan_save_alloc_info+0x3b/0x50 [ 31.680119] __kasan_kmalloc+0xb7/0xc0 [ 31.680990] __kmalloc_cache_noprof+0x184/0x410 [ 31.682327] kasan_bitops_generic+0x93/0x1c0 [ 31.682626] kunit_try_run_case+0x1b3/0x490 [ 31.684894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.685239] kthread+0x257/0x310 [ 31.685459] ret_from_fork+0x41/0x80 [ 31.686542] ret_from_fork_asm+0x1a/0x30 [ 31.686828] [ 31.686963] The buggy address belongs to the object at ffff888101a98520 [ 31.686963] which belongs to the cache kmalloc-16 of size 16 [ 31.690888] The buggy address is located 8 bytes inside of [ 31.690888] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 31.693549] [ 31.693688] The buggy address belongs to the physical page: [ 31.695576] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 31.696668] flags: 0x200000000000000(node=0|zone=2) [ 31.698110] page_type: f5(slab) [ 31.698632] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.700084] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.700909] page dumped because: kasan: bad access detected [ 31.701452] [ 31.702113] Memory state around the buggy address: [ 31.702520] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 31.703771] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 31.704452] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.705107] ^ [ 31.705554] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.707122] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.708031] ================================================================== [ 31.970136] ================================================================== [ 31.970838] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.972436] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.973495] [ 31.973792] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.975006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.975733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.976413] Call Trace: [ 31.976903] <TASK> [ 31.977116] dump_stack_lvl+0x73/0xb0 [ 31.977476] print_report+0xd1/0x640 [ 31.978393] ? __virt_addr_valid+0x1db/0x2d0 [ 31.978862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.979409] kasan_report+0x102/0x140 [ 31.979967] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.980663] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.981554] kasan_check_range+0x10c/0x1c0 [ 31.982203] __kasan_check_write+0x18/0x20 [ 31.982660] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.983416] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.983899] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.984461] ? trace_hardirqs_on+0x37/0xe0 [ 31.985664] ? kasan_bitops_generic+0x93/0x1c0 [ 31.986297] kasan_bitops_generic+0x117/0x1c0 [ 31.987074] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.987939] ? __pfx_read_tsc+0x10/0x10 [ 31.988398] ? ktime_get_ts64+0x84/0x230 [ 31.989113] kunit_try_run_case+0x1b3/0x490 [ 31.989883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.990682] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.991347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.991995] ? __kthread_parkme+0x82/0x160 [ 31.992437] ? preempt_count_sub+0x50/0x80 [ 31.992840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.993298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.994389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.994981] kthread+0x257/0x310 [ 31.995431] ? __pfx_kthread+0x10/0x10 [ 31.995838] ret_from_fork+0x41/0x80 [ 31.996413] ? __pfx_kthread+0x10/0x10 [ 31.996835] ret_from_fork_asm+0x1a/0x30 [ 31.997632] </TASK> [ 31.998018] [ 31.998375] Allocated by task 268: [ 31.998825] kasan_save_stack+0x3d/0x60 [ 31.999250] kasan_save_track+0x18/0x40 [ 31.999787] kasan_save_alloc_info+0x3b/0x50 [ 32.000317] __kasan_kmalloc+0xb7/0xc0 [ 32.000827] __kmalloc_cache_noprof+0x184/0x410 [ 32.001301] kasan_bitops_generic+0x93/0x1c0 [ 32.001635] kunit_try_run_case+0x1b3/0x490 [ 32.002186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.002664] kthread+0x257/0x310 [ 32.003495] ret_from_fork+0x41/0x80 [ 32.003947] ret_from_fork_asm+0x1a/0x30 [ 32.004473] [ 32.004718] The buggy address belongs to the object at ffff888101a98520 [ 32.004718] which belongs to the cache kmalloc-16 of size 16 [ 32.005891] The buggy address is located 8 bytes inside of [ 32.005891] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 32.006753] [ 32.007013] The buggy address belongs to the physical page: [ 32.007562] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 32.008854] flags: 0x200000000000000(node=0|zone=2) [ 32.009536] page_type: f5(slab) [ 32.009884] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 32.010748] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.011752] page dumped because: kasan: bad access detected [ 32.012497] [ 32.012807] Memory state around the buggy address: [ 32.013220] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 32.013969] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 32.014729] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.015249] ^ [ 32.015758] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.016395] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.017414] ================================================================== [ 31.919655] ================================================================== [ 31.920443] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.921750] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.922616] [ 31.922917] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.924536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.925871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.926932] Call Trace: [ 31.927190] <TASK> [ 31.927441] dump_stack_lvl+0x73/0xb0 [ 31.927904] print_report+0xd1/0x640 [ 31.928187] ? __virt_addr_valid+0x1db/0x2d0 [ 31.928790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.929527] kasan_report+0x102/0x140 [ 31.930098] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.930792] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.931218] kasan_check_range+0x10c/0x1c0 [ 31.931642] __kasan_check_write+0x18/0x20 [ 31.932196] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.932884] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.933829] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.934225] ? trace_hardirqs_on+0x37/0xe0 [ 31.934835] ? kasan_bitops_generic+0x93/0x1c0 [ 31.935423] kasan_bitops_generic+0x117/0x1c0 [ 31.935760] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.936361] ? __pfx_read_tsc+0x10/0x10 [ 31.936845] ? ktime_get_ts64+0x84/0x230 [ 31.937450] kunit_try_run_case+0x1b3/0x490 [ 31.937913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.938306] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.938627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.939099] ? __kthread_parkme+0x82/0x160 [ 31.939690] ? preempt_count_sub+0x50/0x80 [ 31.940247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.940710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.941227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.941598] kthread+0x257/0x310 [ 31.942443] ? __pfx_kthread+0x10/0x10 [ 31.943008] ret_from_fork+0x41/0x80 [ 31.943284] ? __pfx_kthread+0x10/0x10 [ 31.943560] ret_from_fork_asm+0x1a/0x30 [ 31.944174] </TASK> [ 31.944538] [ 31.944788] Allocated by task 268: [ 31.945310] kasan_save_stack+0x3d/0x60 [ 31.946231] kasan_save_track+0x18/0x40 [ 31.946508] kasan_save_alloc_info+0x3b/0x50 [ 31.946951] __kasan_kmalloc+0xb7/0xc0 [ 31.947583] __kmalloc_cache_noprof+0x184/0x410 [ 31.948114] kasan_bitops_generic+0x93/0x1c0 [ 31.948390] kunit_try_run_case+0x1b3/0x490 [ 31.951195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.952286] kthread+0x257/0x310 [ 31.952504] ret_from_fork+0x41/0x80 [ 31.952782] ret_from_fork_asm+0x1a/0x30 [ 31.953023] [ 31.953154] The buggy address belongs to the object at ffff888101a98520 [ 31.953154] which belongs to the cache kmalloc-16 of size 16 [ 31.953991] The buggy address is located 8 bytes inside of [ 31.953991] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 31.954613] [ 31.954823] The buggy address belongs to the physical page: [ 31.955449] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 31.956445] flags: 0x200000000000000(node=0|zone=2) [ 31.959064] page_type: f5(slab) [ 31.959304] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.959683] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.960077] page dumped because: kasan: bad access detected [ 31.960308] [ 31.960404] Memory state around the buggy address: [ 31.960600] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 31.961887] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 31.963562] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.966419] ^ [ 31.967315] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.968650] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.969322] ================================================================== [ 31.869945] ================================================================== [ 31.870921] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.871572] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.872435] [ 31.872627] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.873561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.873901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.875111] Call Trace: [ 31.875654] <TASK> [ 31.875910] dump_stack_lvl+0x73/0xb0 [ 31.876191] print_report+0xd1/0x640 [ 31.876651] ? __virt_addr_valid+0x1db/0x2d0 [ 31.877292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.877929] kasan_report+0x102/0x140 [ 31.878340] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.879245] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.879674] kasan_check_range+0x10c/0x1c0 [ 31.880004] __kasan_check_write+0x18/0x20 [ 31.880934] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.881975] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.882676] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.883033] ? trace_hardirqs_on+0x37/0xe0 [ 31.883330] ? kasan_bitops_generic+0x93/0x1c0 [ 31.884024] kasan_bitops_generic+0x117/0x1c0 [ 31.884581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.885313] ? __pfx_read_tsc+0x10/0x10 [ 31.885600] ? ktime_get_ts64+0x84/0x230 [ 31.886540] kunit_try_run_case+0x1b3/0x490 [ 31.887252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.887737] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.888652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.889108] ? __kthread_parkme+0x82/0x160 [ 31.889619] ? preempt_count_sub+0x50/0x80 [ 31.890083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.890974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.891854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.892897] kthread+0x257/0x310 [ 31.893279] ? __pfx_kthread+0x10/0x10 [ 31.893966] ret_from_fork+0x41/0x80 [ 31.894813] ? __pfx_kthread+0x10/0x10 [ 31.895554] ret_from_fork_asm+0x1a/0x30 [ 31.896246] </TASK> [ 31.897023] [ 31.897295] Allocated by task 268: [ 31.897515] kasan_save_stack+0x3d/0x60 [ 31.898123] kasan_save_track+0x18/0x40 [ 31.898562] kasan_save_alloc_info+0x3b/0x50 [ 31.898998] __kasan_kmalloc+0xb7/0xc0 [ 31.899373] __kmalloc_cache_noprof+0x184/0x410 [ 31.900665] kasan_bitops_generic+0x93/0x1c0 [ 31.901458] kunit_try_run_case+0x1b3/0x490 [ 31.902169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.902741] kthread+0x257/0x310 [ 31.903501] ret_from_fork+0x41/0x80 [ 31.903898] ret_from_fork_asm+0x1a/0x30 [ 31.904936] [ 31.905229] The buggy address belongs to the object at ffff888101a98520 [ 31.905229] which belongs to the cache kmalloc-16 of size 16 [ 31.906254] The buggy address is located 8 bytes inside of [ 31.906254] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 31.907649] [ 31.907868] The buggy address belongs to the physical page: [ 31.908190] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 31.909379] flags: 0x200000000000000(node=0|zone=2) [ 31.909861] page_type: f5(slab) [ 31.910368] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.911030] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.912055] page dumped because: kasan: bad access detected [ 31.912742] [ 31.912959] Memory state around the buggy address: [ 31.913800] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 31.914324] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 31.915347] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.916045] ^ [ 31.916428] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.917594] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.918280] ================================================================== [ 31.709114] ================================================================== [ 31.710261] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.710990] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.711879] [ 31.712717] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.713833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.714241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.715361] Call Trace: [ 31.715981] <TASK> [ 31.716539] dump_stack_lvl+0x73/0xb0 [ 31.717919] print_report+0xd1/0x640 [ 31.718313] ? __virt_addr_valid+0x1db/0x2d0 [ 31.719151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.720031] kasan_report+0x102/0x140 [ 31.720746] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.721314] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.722589] kasan_check_range+0x10c/0x1c0 [ 31.723002] __kasan_check_write+0x18/0x20 [ 31.724088] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.724888] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.725769] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.726145] ? trace_hardirqs_on+0x37/0xe0 [ 31.727185] ? kasan_bitops_generic+0x93/0x1c0 [ 31.727655] kasan_bitops_generic+0x117/0x1c0 [ 31.728467] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.729123] ? __pfx_read_tsc+0x10/0x10 [ 31.729646] ? ktime_get_ts64+0x84/0x230 [ 31.730109] kunit_try_run_case+0x1b3/0x490 [ 31.731168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.731601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.732024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.732494] ? __kthread_parkme+0x82/0x160 [ 31.733402] ? preempt_count_sub+0x50/0x80 [ 31.734037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.734729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.735501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.736381] kthread+0x257/0x310 [ 31.736747] ? __pfx_kthread+0x10/0x10 [ 31.737328] ret_from_fork+0x41/0x80 [ 31.737877] ? __pfx_kthread+0x10/0x10 [ 31.738452] ret_from_fork_asm+0x1a/0x30 [ 31.739036] </TASK> [ 31.739357] [ 31.739662] Allocated by task 268: [ 31.740126] kasan_save_stack+0x3d/0x60 [ 31.740931] kasan_save_track+0x18/0x40 [ 31.741384] kasan_save_alloc_info+0x3b/0x50 [ 31.742078] __kasan_kmalloc+0xb7/0xc0 [ 31.742575] __kmalloc_cache_noprof+0x184/0x410 [ 31.743083] kasan_bitops_generic+0x93/0x1c0 [ 31.743759] kunit_try_run_case+0x1b3/0x490 [ 31.744622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.745092] kthread+0x257/0x310 [ 31.745656] ret_from_fork+0x41/0x80 [ 31.745999] ret_from_fork_asm+0x1a/0x30 [ 31.746498] [ 31.746830] The buggy address belongs to the object at ffff888101a98520 [ 31.746830] which belongs to the cache kmalloc-16 of size 16 [ 31.748059] The buggy address is located 8 bytes inside of [ 31.748059] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 31.748966] [ 31.749322] The buggy address belongs to the physical page: [ 31.750013] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 31.750616] flags: 0x200000000000000(node=0|zone=2) [ 31.751059] page_type: f5(slab) [ 31.751584] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.752783] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.753605] page dumped because: kasan: bad access detected [ 31.754346] [ 31.754791] Memory state around the buggy address: [ 31.755644] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 31.756323] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 31.757244] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.757957] ^ [ 31.758403] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.759423] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.760318] ================================================================== [ 31.761263] ================================================================== [ 31.763029] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.763971] Write of size 8 at addr ffff888101a98528 by task kunit_try_catch/268 [ 31.764986] [ 31.766066] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.767923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.768247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.769764] Call Trace: [ 31.770324] <TASK> [ 31.770581] dump_stack_lvl+0x73/0xb0 [ 31.770984] print_report+0xd1/0x640 [ 31.771442] ? __virt_addr_valid+0x1db/0x2d0 [ 31.772040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.772842] kasan_report+0x102/0x140 [ 31.773392] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.774029] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.774984] kasan_check_range+0x10c/0x1c0 [ 31.775477] __kasan_check_write+0x18/0x20 [ 31.776082] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.776603] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.777381] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.777964] ? trace_hardirqs_on+0x37/0xe0 [ 31.778614] ? kasan_bitops_generic+0x93/0x1c0 [ 31.779379] kasan_bitops_generic+0x117/0x1c0 [ 31.779988] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.780461] ? __pfx_read_tsc+0x10/0x10 [ 31.781317] ? ktime_get_ts64+0x84/0x230 [ 31.781833] kunit_try_run_case+0x1b3/0x490 [ 31.782254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.782935] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.783780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.784291] ? __kthread_parkme+0x82/0x160 [ 31.784972] ? preempt_count_sub+0x50/0x80 [ 31.785426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.786063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.786902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.787561] kthread+0x257/0x310 [ 31.787938] ? __pfx_kthread+0x10/0x10 [ 31.788654] ret_from_fork+0x41/0x80 [ 31.789208] ? __pfx_kthread+0x10/0x10 [ 31.789897] ret_from_fork_asm+0x1a/0x30 [ 31.790393] </TASK> [ 31.790723] [ 31.791042] Allocated by task 268: [ 31.791336] kasan_save_stack+0x3d/0x60 [ 31.791987] kasan_save_track+0x18/0x40 [ 31.792550] kasan_save_alloc_info+0x3b/0x50 [ 31.793174] __kasan_kmalloc+0xb7/0xc0 [ 31.793460] __kmalloc_cache_noprof+0x184/0x410 [ 31.793884] kasan_bitops_generic+0x93/0x1c0 [ 31.794474] kunit_try_run_case+0x1b3/0x490 [ 31.794972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.795566] kthread+0x257/0x310 [ 31.796088] ret_from_fork+0x41/0x80 [ 31.796742] ret_from_fork_asm+0x1a/0x30 [ 31.797232] [ 31.797621] The buggy address belongs to the object at ffff888101a98520 [ 31.797621] which belongs to the cache kmalloc-16 of size 16 [ 31.798663] The buggy address is located 8 bytes inside of [ 31.798663] allocated 9-byte region [ffff888101a98520, ffff888101a98529) [ 31.800051] [ 31.800206] The buggy address belongs to the physical page: [ 31.800794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a98 [ 31.802368] flags: 0x200000000000000(node=0|zone=2) [ 31.802941] page_type: f5(slab) [ 31.803663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.804626] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.805905] page dumped because: kasan: bad access detected [ 31.806551] [ 31.806821] Memory state around the buggy address: [ 31.807588] ffff888101a98400: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 31.808337] ffff888101a98480: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 31.809671] >ffff888101a98500: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.810251] ^ [ 31.810711] ffff888101a98580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.811338] ffff888101a98600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.812067] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 31.585412] ================================================================== [ 31.586452] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 31.587016] Read of size 1 at addr ffff8881029f3d50 by task kunit_try_catch/266 [ 31.587840] [ 31.588189] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.589054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.589713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.590906] Call Trace: [ 31.591299] <TASK> [ 31.591510] dump_stack_lvl+0x73/0xb0 [ 31.591985] print_report+0xd1/0x640 [ 31.592463] ? __virt_addr_valid+0x1db/0x2d0 [ 31.592891] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.593386] kasan_report+0x102/0x140 [ 31.593685] ? strnlen+0x73/0x80 [ 31.594395] ? strnlen+0x73/0x80 [ 31.594772] __asan_report_load1_noabort+0x18/0x20 [ 31.595446] strnlen+0x73/0x80 [ 31.595825] kasan_strings+0x4cc/0xb60 [ 31.596485] ? __pfx_kasan_strings+0x10/0x10 [ 31.597211] ? __schedule+0xc3e/0x2790 [ 31.597613] ? __pfx_read_tsc+0x10/0x10 [ 31.597963] ? ktime_get_ts64+0x84/0x230 [ 31.598598] kunit_try_run_case+0x1b3/0x490 [ 31.599247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.600368] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.601198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.601662] ? __kthread_parkme+0x82/0x160 [ 31.602069] ? preempt_count_sub+0x50/0x80 [ 31.602475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.603213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.604333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.605246] kthread+0x257/0x310 [ 31.605880] ? __pfx_kthread+0x10/0x10 [ 31.606330] ret_from_fork+0x41/0x80 [ 31.607118] ? __pfx_kthread+0x10/0x10 [ 31.608032] ret_from_fork_asm+0x1a/0x30 [ 31.608333] </TASK> [ 31.608720] [ 31.609537] Allocated by task 266: [ 31.610303] kasan_save_stack+0x3d/0x60 [ 31.610805] kasan_save_track+0x18/0x40 [ 31.611202] kasan_save_alloc_info+0x3b/0x50 [ 31.612057] __kasan_kmalloc+0xb7/0xc0 [ 31.612954] __kmalloc_cache_noprof+0x184/0x410 [ 31.613557] kasan_strings+0xb3/0xb60 [ 31.614625] kunit_try_run_case+0x1b3/0x490 [ 31.614956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.615726] kthread+0x257/0x310 [ 31.616509] ret_from_fork+0x41/0x80 [ 31.616878] ret_from_fork_asm+0x1a/0x30 [ 31.617450] [ 31.617714] Freed by task 266: [ 31.618109] kasan_save_stack+0x3d/0x60 [ 31.618499] kasan_save_track+0x18/0x40 [ 31.618983] kasan_save_free_info+0x3f/0x60 [ 31.619437] __kasan_slab_free+0x56/0x70 [ 31.620146] kfree+0x123/0x3f0 [ 31.620392] kasan_strings+0x13a/0xb60 [ 31.620669] kunit_try_run_case+0x1b3/0x490 [ 31.621333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.622310] kthread+0x257/0x310 [ 31.622883] ret_from_fork+0x41/0x80 [ 31.623275] ret_from_fork_asm+0x1a/0x30 [ 31.623638] [ 31.623818] The buggy address belongs to the object at ffff8881029f3d40 [ 31.623818] which belongs to the cache kmalloc-32 of size 32 [ 31.625298] The buggy address is located 16 bytes inside of [ 31.625298] freed 32-byte region [ffff8881029f3d40, ffff8881029f3d60) [ 31.626626] [ 31.626910] The buggy address belongs to the physical page: [ 31.627308] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.628314] flags: 0x200000000000000(node=0|zone=2) [ 31.628633] page_type: f5(slab) [ 31.629093] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.630196] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.630953] page dumped because: kasan: bad access detected [ 31.631573] [ 31.631752] Memory state around the buggy address: [ 31.632384] ffff8881029f3c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.633494] ffff8881029f3c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.633947] >ffff8881029f3d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.635143] ^ [ 31.636240] ffff8881029f3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.636886] ffff8881029f3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.638011] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 31.535026] ================================================================== [ 31.535907] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 31.536277] Read of size 1 at addr ffff8881029f3d50 by task kunit_try_catch/266 [ 31.537084] [ 31.537256] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.539426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.539960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.541405] Call Trace: [ 31.541883] <TASK> [ 31.542366] dump_stack_lvl+0x73/0xb0 [ 31.542872] print_report+0xd1/0x640 [ 31.543319] ? __virt_addr_valid+0x1db/0x2d0 [ 31.543880] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.544511] kasan_report+0x102/0x140 [ 31.544919] ? strlen+0x8f/0xb0 [ 31.545343] ? strlen+0x8f/0xb0 [ 31.545860] __asan_report_load1_noabort+0x18/0x20 [ 31.546560] strlen+0x8f/0xb0 [ 31.546900] kasan_strings+0x432/0xb60 [ 31.547582] ? __pfx_kasan_strings+0x10/0x10 [ 31.548022] ? __schedule+0xc3e/0x2790 [ 31.548618] ? __pfx_read_tsc+0x10/0x10 [ 31.549286] ? ktime_get_ts64+0x84/0x230 [ 31.549825] kunit_try_run_case+0x1b3/0x490 [ 31.550316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.550870] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.551440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.551997] ? __kthread_parkme+0x82/0x160 [ 31.552362] ? preempt_count_sub+0x50/0x80 [ 31.552814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.553353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.554368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.555044] kthread+0x257/0x310 [ 31.555444] ? __pfx_kthread+0x10/0x10 [ 31.555969] ret_from_fork+0x41/0x80 [ 31.556506] ? __pfx_kthread+0x10/0x10 [ 31.556962] ret_from_fork_asm+0x1a/0x30 [ 31.557586] </TASK> [ 31.557905] [ 31.558523] Allocated by task 266: [ 31.558961] kasan_save_stack+0x3d/0x60 [ 31.559505] kasan_save_track+0x18/0x40 [ 31.560056] kasan_save_alloc_info+0x3b/0x50 [ 31.560513] __kasan_kmalloc+0xb7/0xc0 [ 31.561005] __kmalloc_cache_noprof+0x184/0x410 [ 31.561707] kasan_strings+0xb3/0xb60 [ 31.562316] kunit_try_run_case+0x1b3/0x490 [ 31.562652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.563544] kthread+0x257/0x310 [ 31.563969] ret_from_fork+0x41/0x80 [ 31.564265] ret_from_fork_asm+0x1a/0x30 [ 31.564773] [ 31.565023] Freed by task 266: [ 31.565275] kasan_save_stack+0x3d/0x60 [ 31.565690] kasan_save_track+0x18/0x40 [ 31.566287] kasan_save_free_info+0x3f/0x60 [ 31.566634] __kasan_slab_free+0x56/0x70 [ 31.567225] kfree+0x123/0x3f0 [ 31.567659] kasan_strings+0x13a/0xb60 [ 31.568568] kunit_try_run_case+0x1b3/0x490 [ 31.569556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.570028] kthread+0x257/0x310 [ 31.570732] ret_from_fork+0x41/0x80 [ 31.571220] ret_from_fork_asm+0x1a/0x30 [ 31.571606] [ 31.571894] The buggy address belongs to the object at ffff8881029f3d40 [ 31.571894] which belongs to the cache kmalloc-32 of size 32 [ 31.573066] The buggy address is located 16 bytes inside of [ 31.573066] freed 32-byte region [ffff8881029f3d40, ffff8881029f3d60) [ 31.574306] [ 31.574502] The buggy address belongs to the physical page: [ 31.575011] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.575991] flags: 0x200000000000000(node=0|zone=2) [ 31.576589] page_type: f5(slab) [ 31.576926] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.577764] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.578389] page dumped because: kasan: bad access detected [ 31.578976] [ 31.579320] Memory state around the buggy address: [ 31.579791] ffff8881029f3c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.580911] ffff8881029f3c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.581720] >ffff8881029f3d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.582505] ^ [ 31.583222] ffff8881029f3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.583852] ffff8881029f3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.584546] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 31.481309] ================================================================== [ 31.481762] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 31.482511] Read of size 1 at addr ffff8881029f3d50 by task kunit_try_catch/266 [ 31.483770] [ 31.484405] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.486041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.486331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.487460] Call Trace: [ 31.488066] <TASK> [ 31.488283] dump_stack_lvl+0x73/0xb0 [ 31.489316] print_report+0xd1/0x640 [ 31.489591] ? __virt_addr_valid+0x1db/0x2d0 [ 31.490572] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.491685] kasan_report+0x102/0x140 [ 31.492074] ? kasan_strings+0xa0f/0xb60 [ 31.492871] ? kasan_strings+0xa0f/0xb60 [ 31.493820] __asan_report_load1_noabort+0x18/0x20 [ 31.494357] kasan_strings+0xa0f/0xb60 [ 31.495070] ? __pfx_kasan_strings+0x10/0x10 [ 31.495630] ? __schedule+0xc3e/0x2790 [ 31.496591] ? __pfx_read_tsc+0x10/0x10 [ 31.497572] ? ktime_get_ts64+0x84/0x230 [ 31.498076] kunit_try_run_case+0x1b3/0x490 [ 31.498909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.499594] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.500419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.501520] ? __kthread_parkme+0x82/0x160 [ 31.502146] ? preempt_count_sub+0x50/0x80 [ 31.502535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.503484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.504853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.505268] kthread+0x257/0x310 [ 31.506044] ? __pfx_kthread+0x10/0x10 [ 31.506664] ret_from_fork+0x41/0x80 [ 31.506978] ? __pfx_kthread+0x10/0x10 [ 31.508088] ret_from_fork_asm+0x1a/0x30 [ 31.508754] </TASK> [ 31.509074] [ 31.509522] Allocated by task 266: [ 31.509824] kasan_save_stack+0x3d/0x60 [ 31.510317] kasan_save_track+0x18/0x40 [ 31.510791] kasan_save_alloc_info+0x3b/0x50 [ 31.511267] __kasan_kmalloc+0xb7/0xc0 [ 31.511822] __kmalloc_cache_noprof+0x184/0x410 [ 31.512144] kasan_strings+0xb3/0xb60 [ 31.512479] kunit_try_run_case+0x1b3/0x490 [ 31.513338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.513859] kthread+0x257/0x310 [ 31.514214] ret_from_fork+0x41/0x80 [ 31.514782] ret_from_fork_asm+0x1a/0x30 [ 31.515114] [ 31.515307] Freed by task 266: [ 31.515768] kasan_save_stack+0x3d/0x60 [ 31.516681] kasan_save_track+0x18/0x40 [ 31.517012] kasan_save_free_info+0x3f/0x60 [ 31.517378] __kasan_slab_free+0x56/0x70 [ 31.518158] kfree+0x123/0x3f0 [ 31.518454] kasan_strings+0x13a/0xb60 [ 31.518911] kunit_try_run_case+0x1b3/0x490 [ 31.519211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.519917] kthread+0x257/0x310 [ 31.520342] ret_from_fork+0x41/0x80 [ 31.520956] ret_from_fork_asm+0x1a/0x30 [ 31.521335] [ 31.521513] The buggy address belongs to the object at ffff8881029f3d40 [ 31.521513] which belongs to the cache kmalloc-32 of size 32 [ 31.522447] The buggy address is located 16 bytes inside of [ 31.522447] freed 32-byte region [ffff8881029f3d40, ffff8881029f3d60) [ 31.523309] [ 31.523469] The buggy address belongs to the physical page: [ 31.524490] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.525811] flags: 0x200000000000000(node=0|zone=2) [ 31.526377] page_type: f5(slab) [ 31.526622] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.527446] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.528320] page dumped because: kasan: bad access detected [ 31.528678] [ 31.528858] Memory state around the buggy address: [ 31.529163] ffff8881029f3c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.529786] ffff8881029f3c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.531029] >ffff8881029f3d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.532064] ^ [ 31.532649] ffff8881029f3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.533082] ffff8881029f3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.533886] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 31.419893] ================================================================== [ 31.422675] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 31.423849] Read of size 1 at addr ffff8881029f3d50 by task kunit_try_catch/266 [ 31.424220] [ 31.424380] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.425746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.427345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.427945] Call Trace: [ 31.428383] <TASK> [ 31.429484] dump_stack_lvl+0x73/0xb0 [ 31.431223] print_report+0xd1/0x640 [ 31.432040] ? __virt_addr_valid+0x1db/0x2d0 [ 31.432559] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.433420] kasan_report+0x102/0x140 [ 31.434308] ? strcmp+0xb0/0xc0 [ 31.434908] ? strcmp+0xb0/0xc0 [ 31.435786] __asan_report_load1_noabort+0x18/0x20 [ 31.436357] strcmp+0xb0/0xc0 [ 31.436961] kasan_strings+0x2e9/0xb60 [ 31.437465] ? __pfx_kasan_strings+0x10/0x10 [ 31.438063] ? __schedule+0xc3e/0x2790 [ 31.438519] ? __pfx_read_tsc+0x10/0x10 [ 31.439062] ? ktime_get_ts64+0x84/0x230 [ 31.439472] kunit_try_run_case+0x1b3/0x490 [ 31.440418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.440904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.441395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.442528] ? __kthread_parkme+0x82/0x160 [ 31.443066] ? preempt_count_sub+0x50/0x80 [ 31.444087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.444966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.446099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.446781] kthread+0x257/0x310 [ 31.447292] ? __pfx_kthread+0x10/0x10 [ 31.447978] ret_from_fork+0x41/0x80 [ 31.448455] ? __pfx_kthread+0x10/0x10 [ 31.448977] ret_from_fork_asm+0x1a/0x30 [ 31.449557] </TASK> [ 31.449899] [ 31.450080] Allocated by task 266: [ 31.450497] kasan_save_stack+0x3d/0x60 [ 31.450898] kasan_save_track+0x18/0x40 [ 31.451280] kasan_save_alloc_info+0x3b/0x50 [ 31.452172] __kasan_kmalloc+0xb7/0xc0 [ 31.452521] __kmalloc_cache_noprof+0x184/0x410 [ 31.453055] kasan_strings+0xb3/0xb60 [ 31.453516] kunit_try_run_case+0x1b3/0x490 [ 31.454017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.454797] kthread+0x257/0x310 [ 31.455356] ret_from_fork+0x41/0x80 [ 31.455678] ret_from_fork_asm+0x1a/0x30 [ 31.456532] [ 31.456788] Freed by task 266: [ 31.457341] kasan_save_stack+0x3d/0x60 [ 31.457745] kasan_save_track+0x18/0x40 [ 31.458328] kasan_save_free_info+0x3f/0x60 [ 31.458760] __kasan_slab_free+0x56/0x70 [ 31.459405] kfree+0x123/0x3f0 [ 31.459723] kasan_strings+0x13a/0xb60 [ 31.460401] kunit_try_run_case+0x1b3/0x490 [ 31.461037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.461893] kthread+0x257/0x310 [ 31.462381] ret_from_fork+0x41/0x80 [ 31.462893] ret_from_fork_asm+0x1a/0x30 [ 31.463415] [ 31.463771] The buggy address belongs to the object at ffff8881029f3d40 [ 31.463771] which belongs to the cache kmalloc-32 of size 32 [ 31.464916] The buggy address is located 16 bytes inside of [ 31.464916] freed 32-byte region [ffff8881029f3d40, ffff8881029f3d60) [ 31.466297] [ 31.466532] The buggy address belongs to the physical page: [ 31.467026] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.468207] flags: 0x200000000000000(node=0|zone=2) [ 31.469103] page_type: f5(slab) [ 31.469502] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.470206] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.471187] page dumped because: kasan: bad access detected [ 31.472295] [ 31.472719] Memory state around the buggy address: [ 31.473625] ffff8881029f3c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.474760] ffff8881029f3c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.475469] >ffff8881029f3d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.476880] ^ [ 31.477237] ffff8881029f3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.478353] ffff8881029f3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.480031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 31.354685] ================================================================== [ 31.356255] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 31.357540] Read of size 1 at addr ffff8881029f3d50 by task kunit_try_catch/266 [ 31.358907] [ 31.359394] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.361590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.361865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.362212] Call Trace: [ 31.362433] <TASK> [ 31.363732] dump_stack_lvl+0x73/0xb0 [ 31.364172] print_report+0xd1/0x640 [ 31.365126] ? __virt_addr_valid+0x1db/0x2d0 [ 31.365829] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.366670] kasan_report+0x102/0x140 [ 31.367161] ? strrchr+0x64/0x70 [ 31.367967] ? strrchr+0x64/0x70 [ 31.368518] __asan_report_load1_noabort+0x18/0x20 [ 31.369093] strrchr+0x64/0x70 [ 31.370130] kasan_strings+0x24c/0xb60 [ 31.370929] ? __pfx_kasan_strings+0x10/0x10 [ 31.371461] ? __schedule+0xc3e/0x2790 [ 31.372437] ? __pfx_read_tsc+0x10/0x10 [ 31.373269] ? ktime_get_ts64+0x84/0x230 [ 31.373640] kunit_try_run_case+0x1b3/0x490 [ 31.374772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.375237] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.375948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.376814] ? __kthread_parkme+0x82/0x160 [ 31.377251] ? preempt_count_sub+0x50/0x80 [ 31.378197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.378619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.379800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.380507] kthread+0x257/0x310 [ 31.381127] ? __pfx_kthread+0x10/0x10 [ 31.381874] ret_from_fork+0x41/0x80 [ 31.382911] ? __pfx_kthread+0x10/0x10 [ 31.383571] ret_from_fork_asm+0x1a/0x30 [ 31.384425] </TASK> [ 31.384602] [ 31.384887] Allocated by task 266: [ 31.385765] kasan_save_stack+0x3d/0x60 [ 31.386746] kasan_save_track+0x18/0x40 [ 31.387132] kasan_save_alloc_info+0x3b/0x50 [ 31.387965] __kasan_kmalloc+0xb7/0xc0 [ 31.388470] __kmalloc_cache_noprof+0x184/0x410 [ 31.388921] kasan_strings+0xb3/0xb60 [ 31.389564] kunit_try_run_case+0x1b3/0x490 [ 31.390033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.390892] kthread+0x257/0x310 [ 31.391347] ret_from_fork+0x41/0x80 [ 31.391884] ret_from_fork_asm+0x1a/0x30 [ 31.392741] [ 31.393051] Freed by task 266: [ 31.393769] kasan_save_stack+0x3d/0x60 [ 31.394031] kasan_save_track+0x18/0x40 [ 31.394306] kasan_save_free_info+0x3f/0x60 [ 31.394582] __kasan_slab_free+0x56/0x70 [ 31.395232] kfree+0x123/0x3f0 [ 31.395825] kasan_strings+0x13a/0xb60 [ 31.396922] kunit_try_run_case+0x1b3/0x490 [ 31.397775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.398810] kthread+0x257/0x310 [ 31.399357] ret_from_fork+0x41/0x80 [ 31.400145] ret_from_fork_asm+0x1a/0x30 [ 31.401159] [ 31.401502] The buggy address belongs to the object at ffff8881029f3d40 [ 31.401502] which belongs to the cache kmalloc-32 of size 32 [ 31.403233] The buggy address is located 16 bytes inside of [ 31.403233] freed 32-byte region [ffff8881029f3d40, ffff8881029f3d60) [ 31.404282] [ 31.404742] The buggy address belongs to the physical page: [ 31.405363] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.406453] flags: 0x200000000000000(node=0|zone=2) [ 31.407191] page_type: f5(slab) [ 31.407819] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.408672] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.409599] page dumped because: kasan: bad access detected [ 31.410605] [ 31.410853] Memory state around the buggy address: [ 31.411612] ffff8881029f3c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.412534] ffff8881029f3c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.413312] >ffff8881029f3d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.414097] ^ [ 31.414851] ffff8881029f3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.417089] ffff8881029f3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.417443] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 31.295328] ================================================================== [ 31.296966] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 31.298021] Read of size 1 at addr ffff8881029f3d50 by task kunit_try_catch/266 [ 31.298553] [ 31.299274] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.300783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.301062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.302749] Call Trace: [ 31.303567] <TASK> [ 31.304051] dump_stack_lvl+0x73/0xb0 [ 31.304737] print_report+0xd1/0x640 [ 31.305326] ? __virt_addr_valid+0x1db/0x2d0 [ 31.305540] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.306737] kasan_report+0x102/0x140 [ 31.307390] ? strchr+0x9c/0xc0 [ 31.308059] ? strchr+0x9c/0xc0 [ 31.308443] __asan_report_load1_noabort+0x18/0x20 [ 31.310123] strchr+0x9c/0xc0 [ 31.310507] kasan_strings+0x1b1/0xb60 [ 31.310980] ? __pfx_kasan_strings+0x10/0x10 [ 31.311798] ? __schedule+0xc3e/0x2790 [ 31.312210] ? __pfx_read_tsc+0x10/0x10 [ 31.313431] ? ktime_get_ts64+0x84/0x230 [ 31.313833] kunit_try_run_case+0x1b3/0x490 [ 31.314934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.315622] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.316404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.317159] ? __kthread_parkme+0x82/0x160 [ 31.317870] ? preempt_count_sub+0x50/0x80 [ 31.318353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.319370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.320003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.320575] kthread+0x257/0x310 [ 31.321121] ? __pfx_kthread+0x10/0x10 [ 31.321903] ret_from_fork+0x41/0x80 [ 31.322336] ? __pfx_kthread+0x10/0x10 [ 31.322891] ret_from_fork_asm+0x1a/0x30 [ 31.323410] </TASK> [ 31.323862] [ 31.324055] Allocated by task 266: [ 31.324809] kasan_save_stack+0x3d/0x60 [ 31.325187] kasan_save_track+0x18/0x40 [ 31.325544] kasan_save_alloc_info+0x3b/0x50 [ 31.326396] __kasan_kmalloc+0xb7/0xc0 [ 31.326908] __kmalloc_cache_noprof+0x184/0x410 [ 31.327584] kasan_strings+0xb3/0xb60 [ 31.327921] kunit_try_run_case+0x1b3/0x490 [ 31.328223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.328977] kthread+0x257/0x310 [ 31.329553] ret_from_fork+0x41/0x80 [ 31.330294] ret_from_fork_asm+0x1a/0x30 [ 31.330877] [ 31.331106] Freed by task 266: [ 31.331638] kasan_save_stack+0x3d/0x60 [ 31.332183] kasan_save_track+0x18/0x40 [ 31.332716] kasan_save_free_info+0x3f/0x60 [ 31.333022] __kasan_slab_free+0x56/0x70 [ 31.333847] kfree+0x123/0x3f0 [ 31.334287] kasan_strings+0x13a/0xb60 [ 31.335073] kunit_try_run_case+0x1b3/0x490 [ 31.335610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.336038] kthread+0x257/0x310 [ 31.336291] ret_from_fork+0x41/0x80 [ 31.336562] ret_from_fork_asm+0x1a/0x30 [ 31.337236] [ 31.337491] The buggy address belongs to the object at ffff8881029f3d40 [ 31.337491] which belongs to the cache kmalloc-32 of size 32 [ 31.338767] The buggy address is located 16 bytes inside of [ 31.338767] freed 32-byte region [ffff8881029f3d40, ffff8881029f3d60) [ 31.340396] [ 31.340834] The buggy address belongs to the physical page: [ 31.341203] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.342548] flags: 0x200000000000000(node=0|zone=2) [ 31.343187] page_type: f5(slab) [ 31.343807] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.344908] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.345389] page dumped because: kasan: bad access detected [ 31.346195] [ 31.346459] Memory state around the buggy address: [ 31.347322] ffff8881029f3c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.347916] ffff8881029f3c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.349142] >ffff8881029f3d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.349958] ^ [ 31.351128] ffff8881029f3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.351588] ffff8881029f3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.352586] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 31.244079] ================================================================== [ 31.245110] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 31.245751] Read of size 1 at addr ffff8881029f3c18 by task kunit_try_catch/264 [ 31.246302] [ 31.246497] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.247640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.248253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.248968] Call Trace: [ 31.249662] <TASK> [ 31.249952] dump_stack_lvl+0x73/0xb0 [ 31.250529] print_report+0xd1/0x640 [ 31.250941] ? __virt_addr_valid+0x1db/0x2d0 [ 31.251490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.252013] kasan_report+0x102/0x140 [ 31.252488] ? memcmp+0x1b4/0x1d0 [ 31.252983] ? memcmp+0x1b4/0x1d0 [ 31.253506] __asan_report_load1_noabort+0x18/0x20 [ 31.254112] memcmp+0x1b4/0x1d0 [ 31.254523] kasan_memcmp+0x190/0x390 [ 31.255323] ? trace_hardirqs_on+0x37/0xe0 [ 31.255802] ? __pfx_kasan_memcmp+0x10/0x10 [ 31.256424] ? finish_task_switch.isra.0+0x153/0x700 [ 31.256983] ? __switch_to+0x5d9/0xf60 [ 31.257456] ? __pfx_read_tsc+0x10/0x10 [ 31.257940] ? ktime_get_ts64+0x84/0x230 [ 31.258468] kunit_try_run_case+0x1b3/0x490 [ 31.258851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.259396] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.260225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.260806] ? __kthread_parkme+0x82/0x160 [ 31.261427] ? preempt_count_sub+0x50/0x80 [ 31.261971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.262520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.263331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.263840] kthread+0x257/0x310 [ 31.264485] ? __pfx_kthread+0x10/0x10 [ 31.264974] ret_from_fork+0x41/0x80 [ 31.265513] ? __pfx_kthread+0x10/0x10 [ 31.265977] ret_from_fork_asm+0x1a/0x30 [ 31.266348] </TASK> [ 31.266623] [ 31.266831] Allocated by task 264: [ 31.267192] kasan_save_stack+0x3d/0x60 [ 31.267611] kasan_save_track+0x18/0x40 [ 31.268193] kasan_save_alloc_info+0x3b/0x50 [ 31.268766] __kasan_kmalloc+0xb7/0xc0 [ 31.269246] __kmalloc_cache_noprof+0x184/0x410 [ 31.269852] kasan_memcmp+0xb8/0x390 [ 31.270563] kunit_try_run_case+0x1b3/0x490 [ 31.270950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.271730] kthread+0x257/0x310 [ 31.272263] ret_from_fork+0x41/0x80 [ 31.272629] ret_from_fork_asm+0x1a/0x30 [ 31.273026] [ 31.273226] The buggy address belongs to the object at ffff8881029f3c00 [ 31.273226] which belongs to the cache kmalloc-32 of size 32 [ 31.274960] The buggy address is located 0 bytes to the right of [ 31.274960] allocated 24-byte region [ffff8881029f3c00, ffff8881029f3c18) [ 31.277349] [ 31.277505] The buggy address belongs to the physical page: [ 31.278199] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.279434] flags: 0x200000000000000(node=0|zone=2) [ 31.279829] page_type: f5(slab) [ 31.280323] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.281068] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.282239] page dumped because: kasan: bad access detected [ 31.283040] [ 31.283187] Memory state around the buggy address: [ 31.283982] ffff8881029f3b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.284549] ffff8881029f3b80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.285660] >ffff8881029f3c00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.286510] ^ [ 31.287075] ffff8881029f3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.288350] ffff8881029f3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.289011] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 31.186688] ================================================================== [ 31.188297] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 31.188761] Read of size 1 at addr ffff8881029f3b18 by task kunit_try_catch/262 [ 31.190860] [ 31.191353] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.193610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.194273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.195483] Call Trace: [ 31.195731] <TASK> [ 31.196708] dump_stack_lvl+0x73/0xb0 [ 31.197687] print_report+0xd1/0x640 [ 31.198828] ? __virt_addr_valid+0x1db/0x2d0 [ 31.199285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.200509] kasan_report+0x102/0x140 [ 31.200915] ? memchr+0x79/0x90 [ 31.201405] ? memchr+0x79/0x90 [ 31.202039] __asan_report_load1_noabort+0x18/0x20 [ 31.202771] memchr+0x79/0x90 [ 31.203118] kasan_memchr+0x163/0x320 [ 31.203568] ? __pfx_kasan_memchr+0x10/0x10 [ 31.204778] ? __schedule+0xc3e/0x2790 [ 31.205228] ? __pfx_read_tsc+0x10/0x10 [ 31.205864] ? ktime_get_ts64+0x84/0x230 [ 31.206474] kunit_try_run_case+0x1b3/0x490 [ 31.207290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.207824] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.208743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.209237] ? __kthread_parkme+0x82/0x160 [ 31.209632] ? preempt_count_sub+0x50/0x80 [ 31.210081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.210524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.211208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.211980] kthread+0x257/0x310 [ 31.212245] ? __pfx_kthread+0x10/0x10 [ 31.212654] ret_from_fork+0x41/0x80 [ 31.213319] ? __pfx_kthread+0x10/0x10 [ 31.214044] ret_from_fork_asm+0x1a/0x30 [ 31.214751] </TASK> [ 31.215072] [ 31.215463] Allocated by task 262: [ 31.215879] kasan_save_stack+0x3d/0x60 [ 31.216837] kasan_save_track+0x18/0x40 [ 31.217473] kasan_save_alloc_info+0x3b/0x50 [ 31.218196] __kasan_kmalloc+0xb7/0xc0 [ 31.218559] __kmalloc_cache_noprof+0x184/0x410 [ 31.219075] kasan_memchr+0xad/0x320 [ 31.219441] kunit_try_run_case+0x1b3/0x490 [ 31.220043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.221047] kthread+0x257/0x310 [ 31.221643] ret_from_fork+0x41/0x80 [ 31.222391] ret_from_fork_asm+0x1a/0x30 [ 31.222874] [ 31.223276] The buggy address belongs to the object at ffff8881029f3b00 [ 31.223276] which belongs to the cache kmalloc-32 of size 32 [ 31.224843] The buggy address is located 0 bytes to the right of [ 31.224843] allocated 24-byte region [ffff8881029f3b00, ffff8881029f3b18) [ 31.225975] [ 31.226115] The buggy address belongs to the physical page: [ 31.227212] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 31.228447] flags: 0x200000000000000(node=0|zone=2) [ 31.228925] page_type: f5(slab) [ 31.229365] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.230066] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 31.231415] page dumped because: kasan: bad access detected [ 31.232019] [ 31.232532] Memory state around the buggy address: [ 31.232904] ffff8881029f3a00: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.234048] ffff8881029f3a80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.234557] >ffff8881029f3b00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.235671] ^ [ 31.236601] ffff8881029f3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.237988] ffff8881029f3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.238821] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 28.290368] ================================================================== [ 28.291914] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 28.293007] Write of size 8 at addr ffff8881029e2f71 by task kunit_try_catch/183 [ 28.294158] [ 28.295040] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.296010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.297216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.298074] Call Trace: [ 28.298848] <TASK> [ 28.299256] dump_stack_lvl+0x73/0xb0 [ 28.299863] print_report+0xd1/0x640 [ 28.300683] ? __virt_addr_valid+0x1db/0x2d0 [ 28.301401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.302150] kasan_report+0x102/0x140 [ 28.302932] ? kmalloc_oob_memset_8+0x167/0x330 [ 28.303611] ? kmalloc_oob_memset_8+0x167/0x330 [ 28.304118] kasan_check_range+0x10c/0x1c0 [ 28.304556] __asan_memset+0x27/0x50 [ 28.305462] kmalloc_oob_memset_8+0x167/0x330 [ 28.306304] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 28.306835] ? __schedule+0xc3e/0x2790 [ 28.307445] ? __pfx_read_tsc+0x10/0x10 [ 28.307763] ? ktime_get_ts64+0x84/0x230 [ 28.308161] kunit_try_run_case+0x1b3/0x490 [ 28.308641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.309538] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.310046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.311083] ? __kthread_parkme+0x82/0x160 [ 28.311608] ? preempt_count_sub+0x50/0x80 [ 28.312359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.313058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.314086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.315442] kthread+0x257/0x310 [ 28.316447] ? __pfx_kthread+0x10/0x10 [ 28.317322] ret_from_fork+0x41/0x80 [ 28.318169] ? __pfx_kthread+0x10/0x10 [ 28.318840] ret_from_fork_asm+0x1a/0x30 [ 28.319206] </TASK> [ 28.319499] [ 28.319709] Allocated by task 183: [ 28.320065] kasan_save_stack+0x3d/0x60 [ 28.320409] kasan_save_track+0x18/0x40 [ 28.321233] kasan_save_alloc_info+0x3b/0x50 [ 28.321633] __kasan_kmalloc+0xb7/0xc0 [ 28.322195] __kmalloc_cache_noprof+0x184/0x410 [ 28.323397] kmalloc_oob_memset_8+0xad/0x330 [ 28.324757] kunit_try_run_case+0x1b3/0x490 [ 28.325828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.326388] kthread+0x257/0x310 [ 28.327094] ret_from_fork+0x41/0x80 [ 28.327916] ret_from_fork_asm+0x1a/0x30 [ 28.328332] [ 28.328529] The buggy address belongs to the object at ffff8881029e2f00 [ 28.328529] which belongs to the cache kmalloc-128 of size 128 [ 28.331347] The buggy address is located 113 bytes inside of [ 28.331347] allocated 120-byte region [ffff8881029e2f00, ffff8881029e2f78) [ 28.332650] [ 28.333026] The buggy address belongs to the physical page: [ 28.333584] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e2 [ 28.334954] flags: 0x200000000000000(node=0|zone=2) [ 28.335530] page_type: f5(slab) [ 28.335981] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.337786] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.338759] page dumped because: kasan: bad access detected [ 28.339329] [ 28.339527] Memory state around the buggy address: [ 28.340280] ffff8881029e2e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.342222] ffff8881029e2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.343384] >ffff8881029e2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.344249] ^ [ 28.345205] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.346384] ffff8881029e3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.347294] ================================================================== [ 28.353323] ================================================================== [ 28.354570] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 28.355816] Write of size 16 at addr ffff8881029e4169 by task kunit_try_catch/185 [ 28.356916] [ 28.357029] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.358437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.358631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.358993] Call Trace: [ 28.359229] <TASK> [ 28.359894] dump_stack_lvl+0x73/0xb0 [ 28.360500] print_report+0xd1/0x640 [ 28.361410] ? __virt_addr_valid+0x1db/0x2d0 [ 28.362296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.362962] kasan_report+0x102/0x140 [ 28.363854] ? kmalloc_oob_memset_16+0x167/0x330 [ 28.364843] ? kmalloc_oob_memset_16+0x167/0x330 [ 28.365475] kasan_check_range+0x10c/0x1c0 [ 28.366077] __asan_memset+0x27/0x50 [ 28.366857] kmalloc_oob_memset_16+0x167/0x330 [ 28.367589] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 28.368441] ? __schedule+0xc3e/0x2790 [ 28.368961] ? __pfx_read_tsc+0x10/0x10 [ 28.369518] ? ktime_get_ts64+0x84/0x230 [ 28.370347] kunit_try_run_case+0x1b3/0x490 [ 28.371362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.372092] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.372913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.373484] ? __kthread_parkme+0x82/0x160 [ 28.374522] ? preempt_count_sub+0x50/0x80 [ 28.375059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.375823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.376421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.376941] kthread+0x257/0x310 [ 28.377276] ? __pfx_kthread+0x10/0x10 [ 28.378420] ret_from_fork+0x41/0x80 [ 28.378985] ? __pfx_kthread+0x10/0x10 [ 28.379727] ret_from_fork_asm+0x1a/0x30 [ 28.380130] </TASK> [ 28.380388] [ 28.380537] Allocated by task 185: [ 28.380902] kasan_save_stack+0x3d/0x60 [ 28.381356] kasan_save_track+0x18/0x40 [ 28.381673] kasan_save_alloc_info+0x3b/0x50 [ 28.382797] __kasan_kmalloc+0xb7/0xc0 [ 28.383352] __kmalloc_cache_noprof+0x184/0x410 [ 28.383876] kmalloc_oob_memset_16+0xad/0x330 [ 28.384554] kunit_try_run_case+0x1b3/0x490 [ 28.385013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.385755] kthread+0x257/0x310 [ 28.386518] ret_from_fork+0x41/0x80 [ 28.387063] ret_from_fork_asm+0x1a/0x30 [ 28.387835] [ 28.388080] The buggy address belongs to the object at ffff8881029e4100 [ 28.388080] which belongs to the cache kmalloc-128 of size 128 [ 28.389437] The buggy address is located 105 bytes inside of [ 28.389437] allocated 120-byte region [ffff8881029e4100, ffff8881029e4178) [ 28.390990] [ 28.391416] The buggy address belongs to the physical page: [ 28.392019] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e4 [ 28.393013] flags: 0x200000000000000(node=0|zone=2) [ 28.393585] page_type: f5(slab) [ 28.394077] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.395096] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.396150] page dumped because: kasan: bad access detected [ 28.396419] [ 28.396515] Memory state around the buggy address: [ 28.397021] ffff8881029e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.398835] ffff8881029e4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.399603] >ffff8881029e4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.400288] ^ [ 28.401922] ffff8881029e4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.403200] ffff8881029e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.403837] ================================================================== [ 28.186728] ================================================================== [ 28.188059] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 28.188850] Write of size 2 at addr ffff888101ac5977 by task kunit_try_catch/179 [ 28.189634] [ 28.189911] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.190851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.191255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.192484] Call Trace: [ 28.193283] <TASK> [ 28.193598] dump_stack_lvl+0x73/0xb0 [ 28.194233] print_report+0xd1/0x640 [ 28.194649] ? __virt_addr_valid+0x1db/0x2d0 [ 28.195873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.196276] kasan_report+0x102/0x140 [ 28.196979] ? kmalloc_oob_memset_2+0x167/0x330 [ 28.197825] ? kmalloc_oob_memset_2+0x167/0x330 [ 28.198464] kasan_check_range+0x10c/0x1c0 [ 28.199033] __asan_memset+0x27/0x50 [ 28.199567] kmalloc_oob_memset_2+0x167/0x330 [ 28.200242] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 28.200808] ? __schedule+0xc3e/0x2790 [ 28.201249] ? __pfx_read_tsc+0x10/0x10 [ 28.201992] ? ktime_get_ts64+0x84/0x230 [ 28.202540] kunit_try_run_case+0x1b3/0x490 [ 28.203335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.203800] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.204419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.204986] ? __kthread_parkme+0x82/0x160 [ 28.205505] ? preempt_count_sub+0x50/0x80 [ 28.206086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.206591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.207411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.208298] kthread+0x257/0x310 [ 28.208674] ? __pfx_kthread+0x10/0x10 [ 28.209102] ret_from_fork+0x41/0x80 [ 28.209589] ? __pfx_kthread+0x10/0x10 [ 28.210290] ret_from_fork_asm+0x1a/0x30 [ 28.210720] </TASK> [ 28.211056] [ 28.211416] Allocated by task 179: [ 28.212108] kasan_save_stack+0x3d/0x60 [ 28.212406] kasan_save_track+0x18/0x40 [ 28.213186] kasan_save_alloc_info+0x3b/0x50 [ 28.213640] __kasan_kmalloc+0xb7/0xc0 [ 28.214637] __kmalloc_cache_noprof+0x184/0x410 [ 28.216078] kmalloc_oob_memset_2+0xad/0x330 [ 28.216342] kunit_try_run_case+0x1b3/0x490 [ 28.216594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.216910] kthread+0x257/0x310 [ 28.217123] ret_from_fork+0x41/0x80 [ 28.217355] ret_from_fork_asm+0x1a/0x30 [ 28.217777] [ 28.217932] The buggy address belongs to the object at ffff888101ac5900 [ 28.217932] which belongs to the cache kmalloc-128 of size 128 [ 28.219306] The buggy address is located 119 bytes inside of [ 28.219306] allocated 120-byte region [ffff888101ac5900, ffff888101ac5978) [ 28.219923] [ 28.220057] The buggy address belongs to the physical page: [ 28.220343] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac5 [ 28.220770] flags: 0x200000000000000(node=0|zone=2) [ 28.221378] page_type: f5(slab) [ 28.221624] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.222341] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.223164] page dumped because: kasan: bad access detected [ 28.223613] [ 28.223886] Memory state around the buggy address: [ 28.224151] ffff888101ac5800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.224500] ffff888101ac5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.225289] >ffff888101ac5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.225746] ^ [ 28.226433] ffff888101ac5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.226858] ffff888101ac5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.227252] ================================================================== [ 28.239536] ================================================================== [ 28.240490] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 28.241269] Write of size 4 at addr ffff8881029e2c75 by task kunit_try_catch/181 [ 28.242163] [ 28.242415] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.243810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.244096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.245108] Call Trace: [ 28.245637] <TASK> [ 28.246051] dump_stack_lvl+0x73/0xb0 [ 28.246623] print_report+0xd1/0x640 [ 28.247087] ? __virt_addr_valid+0x1db/0x2d0 [ 28.247661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.248288] kasan_report+0x102/0x140 [ 28.248750] ? kmalloc_oob_memset_4+0x167/0x330 [ 28.249606] ? kmalloc_oob_memset_4+0x167/0x330 [ 28.250309] kasan_check_range+0x10c/0x1c0 [ 28.250677] __asan_memset+0x27/0x50 [ 28.251302] kmalloc_oob_memset_4+0x167/0x330 [ 28.251747] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 28.252092] ? __schedule+0xc3e/0x2790 [ 28.252733] ? __pfx_read_tsc+0x10/0x10 [ 28.253635] ? ktime_get_ts64+0x84/0x230 [ 28.254093] kunit_try_run_case+0x1b3/0x490 [ 28.254661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.255362] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.255765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.256635] ? __kthread_parkme+0x82/0x160 [ 28.257524] ? preempt_count_sub+0x50/0x80 [ 28.257977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.258718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.259219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.260271] kthread+0x257/0x310 [ 28.260549] ? __pfx_kthread+0x10/0x10 [ 28.261251] ret_from_fork+0x41/0x80 [ 28.261973] ? __pfx_kthread+0x10/0x10 [ 28.262579] ret_from_fork_asm+0x1a/0x30 [ 28.263114] </TASK> [ 28.263511] [ 28.263946] Allocated by task 181: [ 28.264203] kasan_save_stack+0x3d/0x60 [ 28.265264] kasan_save_track+0x18/0x40 [ 28.265537] kasan_save_alloc_info+0x3b/0x50 [ 28.266433] __kasan_kmalloc+0xb7/0xc0 [ 28.266970] __kmalloc_cache_noprof+0x184/0x410 [ 28.267551] kmalloc_oob_memset_4+0xad/0x330 [ 28.268365] kunit_try_run_case+0x1b3/0x490 [ 28.268682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.269311] kthread+0x257/0x310 [ 28.269949] ret_from_fork+0x41/0x80 [ 28.270250] ret_from_fork_asm+0x1a/0x30 [ 28.271013] [ 28.271253] The buggy address belongs to the object at ffff8881029e2c00 [ 28.271253] which belongs to the cache kmalloc-128 of size 128 [ 28.272774] The buggy address is located 117 bytes inside of [ 28.272774] allocated 120-byte region [ffff8881029e2c00, ffff8881029e2c78) [ 28.273859] [ 28.274174] The buggy address belongs to the physical page: [ 28.275116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e2 [ 28.276021] flags: 0x200000000000000(node=0|zone=2) [ 28.276394] page_type: f5(slab) [ 28.276823] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.277829] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.278299] page dumped because: kasan: bad access detected [ 28.279175] [ 28.279422] Memory state around the buggy address: [ 28.280108] ffff8881029e2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.280615] ffff8881029e2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.281584] >ffff8881029e2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.282399] ^ [ 28.283527] ffff8881029e2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.284373] ffff8881029e2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.285292] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 28.140229] ================================================================== [ 28.141060] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 28.141664] Write of size 128 at addr ffff888101ac5800 by task kunit_try_catch/177 [ 28.142361] [ 28.142614] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.143625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.144253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.145076] Call Trace: [ 28.145519] <TASK> [ 28.145901] dump_stack_lvl+0x73/0xb0 [ 28.146439] print_report+0xd1/0x640 [ 28.146832] ? __virt_addr_valid+0x1db/0x2d0 [ 28.147475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.148056] kasan_report+0x102/0x140 [ 28.148629] ? kmalloc_oob_in_memset+0x160/0x320 [ 28.149353] ? kmalloc_oob_in_memset+0x160/0x320 [ 28.149863] kasan_check_range+0x10c/0x1c0 [ 28.150350] __asan_memset+0x27/0x50 [ 28.150857] kmalloc_oob_in_memset+0x160/0x320 [ 28.151420] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 28.152028] ? __schedule+0xc3e/0x2790 [ 28.152542] ? __pfx_read_tsc+0x10/0x10 [ 28.152948] ? ktime_get_ts64+0x84/0x230 [ 28.153450] kunit_try_run_case+0x1b3/0x490 [ 28.153892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.154334] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.154791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.155337] ? __kthread_parkme+0x82/0x160 [ 28.155815] ? preempt_count_sub+0x50/0x80 [ 28.156324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.156958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.157741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.158295] kthread+0x257/0x310 [ 28.158657] ? __pfx_kthread+0x10/0x10 [ 28.159360] ret_from_fork+0x41/0x80 [ 28.159856] ? __pfx_kthread+0x10/0x10 [ 28.160381] ret_from_fork_asm+0x1a/0x30 [ 28.160951] </TASK> [ 28.161357] [ 28.161593] Allocated by task 177: [ 28.162010] kasan_save_stack+0x3d/0x60 [ 28.162502] kasan_save_track+0x18/0x40 [ 28.163009] kasan_save_alloc_info+0x3b/0x50 [ 28.163549] __kasan_kmalloc+0xb7/0xc0 [ 28.164232] __kmalloc_cache_noprof+0x184/0x410 [ 28.164766] kmalloc_oob_in_memset+0xad/0x320 [ 28.165304] kunit_try_run_case+0x1b3/0x490 [ 28.165623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.166384] kthread+0x257/0x310 [ 28.166777] ret_from_fork+0x41/0x80 [ 28.167064] ret_from_fork_asm+0x1a/0x30 [ 28.167535] [ 28.167783] The buggy address belongs to the object at ffff888101ac5800 [ 28.167783] which belongs to the cache kmalloc-128 of size 128 [ 28.168609] The buggy address is located 0 bytes inside of [ 28.168609] allocated 120-byte region [ffff888101ac5800, ffff888101ac5878) [ 28.170008] [ 28.170380] The buggy address belongs to the physical page: [ 28.170802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac5 [ 28.171732] flags: 0x200000000000000(node=0|zone=2) [ 28.172563] page_type: f5(slab) [ 28.173347] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.173902] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.174564] page dumped because: kasan: bad access detected [ 28.175103] [ 28.175300] Memory state around the buggy address: [ 28.175918] ffff888101ac5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.176632] ffff888101ac5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.177740] >ffff888101ac5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.178626] ^ [ 28.179400] ffff888101ac5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.180324] ffff888101ac5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.181067] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 31.137830] ================================================================== [ 31.138785] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 31.140607] Read of size 1 at addr ffff888102c97caa by task kunit_try_catch/260 [ 31.141187] [ 31.141411] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.142308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.143665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.145956] Call Trace: [ 31.146160] <TASK> [ 31.146333] dump_stack_lvl+0x73/0xb0 [ 31.146608] print_report+0xd1/0x640 [ 31.147926] ? __virt_addr_valid+0x1db/0x2d0 [ 31.149204] ? kasan_addr_to_slab+0x11/0xa0 [ 31.150075] kasan_report+0x102/0x140 [ 31.150801] ? kasan_alloca_oob_right+0x328/0x390 [ 31.151241] ? kasan_alloca_oob_right+0x328/0x390 [ 31.151902] __asan_report_load1_noabort+0x18/0x20 [ 31.154164] kasan_alloca_oob_right+0x328/0x390 [ 31.154456] ? __pfx_trace_event_raw_event_ipi_raise+0x10/0x10 [ 31.154832] ? __schedule+0xc3e/0x2790 [ 31.155084] ? trace_hardirqs_on+0x37/0xe0 [ 31.155348] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 31.155652] ? __schedule+0xc3e/0x2790 [ 31.156220] ? __pfx_read_tsc+0x10/0x10 [ 31.156539] ? ktime_get_ts64+0x84/0x230 [ 31.157457] kunit_try_run_case+0x1b3/0x490 [ 31.158005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.158560] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.159037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.159332] ? __kthread_parkme+0x82/0x160 [ 31.159589] ? preempt_count_sub+0x50/0x80 [ 31.161103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.161717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.162078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.162394] kthread+0x257/0x310 [ 31.162624] ? __pfx_kthread+0x10/0x10 [ 31.163235] ret_from_fork+0x41/0x80 [ 31.163616] ? __pfx_kthread+0x10/0x10 [ 31.163893] ret_from_fork_asm+0x1a/0x30 [ 31.164439] </TASK> [ 31.164838] [ 31.165274] The buggy address belongs to stack of task kunit_try_catch/260 [ 31.166911] [ 31.167714] The buggy address belongs to the physical page: [ 31.169370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c97 [ 31.170158] flags: 0x200000000000000(node=0|zone=2) [ 31.171049] raw: 0200000000000000 ffffea00040b25c8 ffffea00040b25c8 0000000000000000 [ 31.172578] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 31.173144] page dumped because: kasan: bad access detected [ 31.173753] [ 31.174477] Memory state around the buggy address: [ 31.174834] ffff888102c97b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.176332] ffff888102c97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.177377] >ffff888102c97c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 31.177709] ^ [ 31.178153] ffff888102c97d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 31.179418] ffff888102c97d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 31.180217] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 31.095393] ================================================================== [ 31.096439] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 31.097007] Read of size 1 at addr ffff888102d27c9f by task kunit_try_catch/258 [ 31.097867] [ 31.098208] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.099098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.099999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.100643] Call Trace: [ 31.101278] <TASK> [ 31.101589] dump_stack_lvl+0x73/0xb0 [ 31.102646] print_report+0xd1/0x640 [ 31.103172] ? __virt_addr_valid+0x1db/0x2d0 [ 31.103638] ? kasan_addr_to_slab+0x11/0xa0 [ 31.104566] kasan_report+0x102/0x140 [ 31.105062] ? kasan_alloca_oob_left+0x31f/0x380 [ 31.105846] ? kasan_alloca_oob_left+0x31f/0x380 [ 31.106522] __asan_report_load1_noabort+0x18/0x20 [ 31.107026] kasan_alloca_oob_left+0x31f/0x380 [ 31.107768] ? __pfx_trace_event_raw_event_ipi_raise+0x10/0x10 [ 31.108483] ? __schedule+0xc3e/0x2790 [ 31.109091] ? trace_hardirqs_on+0x37/0xe0 [ 31.109545] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 31.110127] ? __schedule+0xc3e/0x2790 [ 31.110859] ? __pfx_read_tsc+0x10/0x10 [ 31.111166] ? ktime_get_ts64+0x84/0x230 [ 31.111915] kunit_try_run_case+0x1b3/0x490 [ 31.112255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.112958] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.113734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.114409] ? __kthread_parkme+0x82/0x160 [ 31.114993] ? preempt_count_sub+0x50/0x80 [ 31.115583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.115957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.116847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.117460] kthread+0x257/0x310 [ 31.117955] ? __pfx_kthread+0x10/0x10 [ 31.118478] ret_from_fork+0x41/0x80 [ 31.119065] ? __pfx_kthread+0x10/0x10 [ 31.119915] ret_from_fork_asm+0x1a/0x30 [ 31.120494] </TASK> [ 31.120746] [ 31.121262] The buggy address belongs to stack of task kunit_try_catch/258 [ 31.121824] [ 31.122115] The buggy address belongs to the physical page: [ 31.122665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d27 [ 31.123898] flags: 0x200000000000000(node=0|zone=2) [ 31.124448] raw: 0200000000000000 ffffea00040b49c8 ffffea00040b49c8 0000000000000000 [ 31.125041] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 31.125891] page dumped because: kasan: bad access detected [ 31.126385] [ 31.126879] Memory state around the buggy address: [ 31.127510] ffff888102d27b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.128116] ffff888102d27c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.129032] >ffff888102d27c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 31.129678] ^ [ 31.129980] ffff888102d27d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 31.131193] ffff888102d27d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 31.132343] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 31.037745] ================================================================== [ 31.039953] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 31.040795] Read of size 1 at addr ffff888102d57d72 by task kunit_try_catch/256 [ 31.042499] [ 31.042971] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 31.044038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.044555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.045378] Call Trace: [ 31.045953] <TASK> [ 31.046570] dump_stack_lvl+0x73/0xb0 [ 31.047826] print_report+0xd1/0x640 [ 31.048332] ? __virt_addr_valid+0x1db/0x2d0 [ 31.049072] ? kasan_addr_to_slab+0x11/0xa0 [ 31.049772] kasan_report+0x102/0x140 [ 31.050457] ? kasan_stack_oob+0x2ae/0x300 [ 31.051083] ? kasan_stack_oob+0x2ae/0x300 [ 31.052057] __asan_report_load1_noabort+0x18/0x20 [ 31.052827] kasan_stack_oob+0x2ae/0x300 [ 31.053250] ? __pfx_kasan_stack_oob+0x10/0x10 [ 31.053607] ? finish_task_switch.isra.0+0x153/0x700 [ 31.054192] ? __switch_to+0x5d9/0xf60 [ 31.054670] ? __schedule+0xc3e/0x2790 [ 31.055378] ? __pfx_read_tsc+0x10/0x10 [ 31.055972] ? ktime_get_ts64+0x84/0x230 [ 31.056813] kunit_try_run_case+0x1b3/0x490 [ 31.057891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.058643] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.059357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.059956] ? __kthread_parkme+0x82/0x160 [ 31.060636] ? preempt_count_sub+0x50/0x80 [ 31.061253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.062080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.063061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.064159] kthread+0x257/0x310 [ 31.064439] ? __pfx_kthread+0x10/0x10 [ 31.065264] ret_from_fork+0x41/0x80 [ 31.065563] ? __pfx_kthread+0x10/0x10 [ 31.066466] ret_from_fork_asm+0x1a/0x30 [ 31.067077] </TASK> [ 31.068035] [ 31.068263] The buggy address belongs to stack of task kunit_try_catch/256 [ 31.069589] and is located at offset 138 in frame: [ 31.070749] kasan_stack_oob+0x0/0x300 [ 31.072000] [ 31.072793] This frame has 4 objects: [ 31.073278] [48, 49) '__assertion' [ 31.073326] [64, 72) 'array' [ 31.074080] [96, 112) '__assertion' [ 31.074447] [128, 138) 'stack_array' [ 31.075547] [ 31.076646] The buggy address belongs to the physical page: [ 31.077346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d57 [ 31.078208] flags: 0x200000000000000(node=0|zone=2) [ 31.079085] raw: 0200000000000000 ffffea00040b55c8 ffffea00040b55c8 0000000000000000 [ 31.080843] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 31.081646] page dumped because: kasan: bad access detected [ 31.082474] [ 31.082649] Memory state around the buggy address: [ 31.083831] ffff888102d57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.084617] ffff888102d57c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 31.085257] >ffff888102d57d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 31.086376] ^ [ 31.087273] ffff888102d57d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 31.088339] ffff888102d57e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 31.089461] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 30.994721] ================================================================== [ 30.995724] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 30.996441] Read of size 1 at addr ffffffff9b5fbc2d by task kunit_try_catch/252 [ 30.997404] [ 30.997717] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.998637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.999037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.000126] Call Trace: [ 31.000568] <TASK> [ 31.000872] dump_stack_lvl+0x73/0xb0 [ 31.001364] print_report+0xd1/0x640 [ 31.002038] ? __virt_addr_valid+0x1db/0x2d0 [ 31.002535] ? kasan_addr_to_slab+0x11/0xa0 [ 31.003127] kasan_report+0x102/0x140 [ 31.003640] ? kasan_global_oob_right+0x288/0x2d0 [ 31.004345] ? kasan_global_oob_right+0x288/0x2d0 [ 31.004943] __asan_report_load1_noabort+0x18/0x20 [ 31.005517] kasan_global_oob_right+0x288/0x2d0 [ 31.006194] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 31.006743] ? __schedule+0xc3e/0x2790 [ 31.007189] ? __pfx_read_tsc+0x10/0x10 [ 31.007592] ? ktime_get_ts64+0x84/0x230 [ 31.008409] kunit_try_run_case+0x1b3/0x490 [ 31.008809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.009527] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.010117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.010968] ? __kthread_parkme+0x82/0x160 [ 31.011473] ? preempt_count_sub+0x50/0x80 [ 31.012241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.012637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.013215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.014132] kthread+0x257/0x310 [ 31.014802] ? __pfx_kthread+0x10/0x10 [ 31.015103] ret_from_fork+0x41/0x80 [ 31.015728] ? __pfx_kthread+0x10/0x10 [ 31.016044] ret_from_fork_asm+0x1a/0x30 [ 31.016733] </TASK> [ 31.016929] [ 31.017395] The buggy address belongs to the variable: [ 31.017875] global_array+0xd/0x40 [ 31.018480] [ 31.018860] The buggy address belongs to the physical page: [ 31.019617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52ffb [ 31.020213] flags: 0x100000000002000(reserved|node=0|zone=1) [ 31.020946] raw: 0100000000002000 ffffea00014bfec8 ffffea00014bfec8 0000000000000000 [ 31.021755] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 31.022650] page dumped because: kasan: bad access detected [ 31.023363] [ 31.023553] Memory state around the buggy address: [ 31.024257] ffffffff9b5fbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.024961] ffffffff9b5fbb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.025939] >ffffffff9b5fbc00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 31.026554] ^ [ 31.027216] ffffffff9b5fbc80: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 31.027677] ffffffff9b5fbd00: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 31.028575] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 30.944935] ================================================================== [ 30.946101] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.947037] Free of addr ffff888102ce8001 by task kunit_try_catch/250 [ 30.947523] [ 30.947947] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.949015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.949329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.950398] Call Trace: [ 30.950966] <TASK> [ 30.951442] dump_stack_lvl+0x73/0xb0 [ 30.951972] print_report+0xd1/0x640 [ 30.952411] ? __virt_addr_valid+0x1db/0x2d0 [ 30.952918] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.953502] ? kasan_addr_to_slab+0x11/0xa0 [ 30.954275] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.955018] kasan_report_invalid_free+0xc0/0xf0 [ 30.955536] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.956144] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.957225] __kasan_mempool_poison_object+0x102/0x1d0 [ 30.957800] mempool_free+0x2ec/0x380 [ 30.958195] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.958911] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 30.959537] ? finish_task_switch.isra.0+0x153/0x700 [ 30.960071] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 30.960923] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 30.961710] ? __switch_to+0x5d9/0xf60 [ 30.962305] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.962890] ? __pfx_mempool_kfree+0x10/0x10 [ 30.963403] ? __pfx_read_tsc+0x10/0x10 [ 30.963956] ? ktime_get_ts64+0x84/0x230 [ 30.964436] kunit_try_run_case+0x1b3/0x490 [ 30.965268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.965850] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.966481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.967029] ? __kthread_parkme+0x82/0x160 [ 30.967831] ? preempt_count_sub+0x50/0x80 [ 30.968465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.969120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.969923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.970365] kthread+0x257/0x310 [ 30.970904] ? __pfx_kthread+0x10/0x10 [ 30.971456] ret_from_fork+0x41/0x80 [ 30.972169] ? __pfx_kthread+0x10/0x10 [ 30.972521] ret_from_fork_asm+0x1a/0x30 [ 30.973126] </TASK> [ 30.973567] [ 30.973868] The buggy address belongs to the physical page: [ 30.974212] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce8 [ 30.974901] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.976435] flags: 0x200000000000040(head|node=0|zone=2) [ 30.976933] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.977893] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.978903] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.979906] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.980596] head: 0200000000000002 ffffea00040b3a01 ffffffffffffffff 0000000000000000 [ 30.981524] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.982259] page dumped because: kasan: bad access detected [ 30.982597] [ 30.982901] Memory state around the buggy address: [ 30.983794] ffff888102ce7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.984533] ffff888102ce7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.985501] >ffff888102ce8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.986303] ^ [ 30.986747] ffff888102ce8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.987361] ffff888102ce8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.988227] ================================================================== [ 30.890471] ================================================================== [ 30.891722] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.892585] Free of addr ffff8881029f5a01 by task kunit_try_catch/248 [ 30.894012] [ 30.894292] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.895504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.896046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.896956] Call Trace: [ 30.897361] <TASK> [ 30.897715] dump_stack_lvl+0x73/0xb0 [ 30.898430] print_report+0xd1/0x640 [ 30.898842] ? __virt_addr_valid+0x1db/0x2d0 [ 30.899465] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.900361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.901144] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.901614] kasan_report_invalid_free+0xc0/0xf0 [ 30.902370] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.903030] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.903774] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.904297] check_slab_allocation+0x11f/0x130 [ 30.904810] __kasan_mempool_poison_object+0x91/0x1d0 [ 30.905183] mempool_free+0x2ec/0x380 [ 30.905605] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.906382] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 30.907028] ? finish_task_switch.isra.0+0x153/0x700 [ 30.907570] mempool_kmalloc_invalid_free+0xb1/0x100 [ 30.908081] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 30.908622] ? __switch_to+0x5d9/0xf60 [ 30.909076] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.909607] ? __pfx_mempool_kfree+0x10/0x10 [ 30.910087] ? __pfx_read_tsc+0x10/0x10 [ 30.910529] ? ktime_get_ts64+0x84/0x230 [ 30.911040] kunit_try_run_case+0x1b3/0x490 [ 30.911529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.912091] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.913073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.913463] ? __kthread_parkme+0x82/0x160 [ 30.913800] ? preempt_count_sub+0x50/0x80 [ 30.914594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.915199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.915931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.916309] kthread+0x257/0x310 [ 30.916839] ? __pfx_kthread+0x10/0x10 [ 30.917514] ret_from_fork+0x41/0x80 [ 30.917845] ? __pfx_kthread+0x10/0x10 [ 30.918347] ret_from_fork_asm+0x1a/0x30 [ 30.918747] </TASK> [ 30.919152] [ 30.919396] Allocated by task 248: [ 30.919854] kasan_save_stack+0x3d/0x60 [ 30.920271] kasan_save_track+0x18/0x40 [ 30.920622] kasan_save_alloc_info+0x3b/0x50 [ 30.921233] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.921916] remove_element+0x11e/0x190 [ 30.922418] mempool_alloc_preallocated+0x4d/0x90 [ 30.923012] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 30.923733] mempool_kmalloc_invalid_free+0xb1/0x100 [ 30.924067] kunit_try_run_case+0x1b3/0x490 [ 30.924668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.925131] kthread+0x257/0x310 [ 30.925577] ret_from_fork+0x41/0x80 [ 30.926020] ret_from_fork_asm+0x1a/0x30 [ 30.926482] [ 30.926849] The buggy address belongs to the object at ffff8881029f5a00 [ 30.926849] which belongs to the cache kmalloc-128 of size 128 [ 30.927912] The buggy address is located 1 bytes inside of [ 30.927912] 128-byte region [ffff8881029f5a00, ffff8881029f5a80) [ 30.929011] [ 30.929169] The buggy address belongs to the physical page: [ 30.929920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f5 [ 30.930551] flags: 0x200000000000000(node=0|zone=2) [ 30.931142] page_type: f5(slab) [ 30.931540] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.932349] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.933261] page dumped because: kasan: bad access detected [ 30.933877] [ 30.934181] Memory state around the buggy address: [ 30.934727] ffff8881029f5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.935328] ffff8881029f5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.936048] >ffff8881029f5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.937130] ^ [ 30.937464] ffff8881029f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.938071] ffff8881029f5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.939031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 30.835929] ================================================================== [ 30.837570] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 30.838380] Free of addr ffff888102ce8000 by task kunit_try_catch/246 [ 30.839787] [ 30.840215] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.841432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.841909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.842930] Call Trace: [ 30.843065] <TASK> [ 30.843289] dump_stack_lvl+0x73/0xb0 [ 30.844375] print_report+0xd1/0x640 [ 30.845155] ? __virt_addr_valid+0x1db/0x2d0 [ 30.845551] ? mempool_double_free_helper+0x185/0x370 [ 30.846337] ? kasan_addr_to_slab+0x11/0xa0 [ 30.846946] ? mempool_double_free_helper+0x185/0x370 [ 30.847754] kasan_report_invalid_free+0xc0/0xf0 [ 30.848741] ? mempool_double_free_helper+0x185/0x370 [ 30.849224] ? mempool_double_free_helper+0x185/0x370 [ 30.849986] __kasan_mempool_poison_pages+0x115/0x130 [ 30.850804] mempool_free+0x290/0x380 [ 30.851225] mempool_double_free_helper+0x185/0x370 [ 30.852595] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 30.853126] ? finish_task_switch.isra.0+0x153/0x700 [ 30.853985] mempool_page_alloc_double_free+0xac/0x100 [ 30.854888] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 30.855556] ? __switch_to+0x5d9/0xf60 [ 30.856090] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 30.856846] ? __pfx_mempool_free_pages+0x10/0x10 [ 30.857410] ? __pfx_read_tsc+0x10/0x10 [ 30.858151] ? ktime_get_ts64+0x84/0x230 [ 30.858571] kunit_try_run_case+0x1b3/0x490 [ 30.859306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.859855] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.860624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.861172] ? __kthread_parkme+0x82/0x160 [ 30.861996] ? preempt_count_sub+0x50/0x80 [ 30.862656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.863249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.863988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.864928] kthread+0x257/0x310 [ 30.865233] ? __pfx_kthread+0x10/0x10 [ 30.865978] ret_from_fork+0x41/0x80 [ 30.866671] ? __pfx_kthread+0x10/0x10 [ 30.866990] ret_from_fork_asm+0x1a/0x30 [ 30.867531] </TASK> [ 30.867911] [ 30.868521] The buggy address belongs to the physical page: [ 30.868921] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce8 [ 30.869970] flags: 0x200000000000000(node=0|zone=2) [ 30.871062] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.872046] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.872712] page dumped because: kasan: bad access detected [ 30.873483] [ 30.873672] Memory state around the buggy address: [ 30.874591] ffff888102ce7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.875416] ffff888102ce7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.876210] >ffff888102ce8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.877010] ^ [ 30.877707] ffff888102ce8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.878071] ffff888102ce8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.878420] ================================================================== [ 30.792896] ================================================================== [ 30.794203] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 30.794931] Free of addr ffff888102cb0000 by task kunit_try_catch/244 [ 30.795537] [ 30.796717] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.797842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.798388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.799422] Call Trace: [ 30.799925] <TASK> [ 30.800132] dump_stack_lvl+0x73/0xb0 [ 30.800907] print_report+0xd1/0x640 [ 30.801441] ? __virt_addr_valid+0x1db/0x2d0 [ 30.802158] ? mempool_double_free_helper+0x185/0x370 [ 30.802776] ? kasan_addr_to_slab+0x11/0xa0 [ 30.803125] ? mempool_double_free_helper+0x185/0x370 [ 30.803572] kasan_report_invalid_free+0xc0/0xf0 [ 30.804160] ? mempool_double_free_helper+0x185/0x370 [ 30.804662] ? mempool_double_free_helper+0x185/0x370 [ 30.805248] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 30.805790] mempool_free+0x2ec/0x380 [ 30.806120] mempool_double_free_helper+0x185/0x370 [ 30.806707] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 30.807185] ? finish_task_switch.isra.0+0x153/0x700 [ 30.807615] mempool_kmalloc_large_double_free+0xb1/0x100 [ 30.808176] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 30.808594] ? __switch_to+0x5d9/0xf60 [ 30.809128] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.809525] ? __pfx_mempool_kfree+0x10/0x10 [ 30.810076] ? __pfx_read_tsc+0x10/0x10 [ 30.810384] ? ktime_get_ts64+0x84/0x230 [ 30.810893] kunit_try_run_case+0x1b3/0x490 [ 30.811366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.811846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.812350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.812833] ? __kthread_parkme+0x82/0x160 [ 30.813329] ? preempt_count_sub+0x50/0x80 [ 30.813892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.814255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.814970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.815502] kthread+0x257/0x310 [ 30.815847] ? __pfx_kthread+0x10/0x10 [ 30.816275] ret_from_fork+0x41/0x80 [ 30.816810] ? __pfx_kthread+0x10/0x10 [ 30.817130] ret_from_fork_asm+0x1a/0x30 [ 30.817542] </TASK> [ 30.817855] [ 30.818021] The buggy address belongs to the physical page: [ 30.818470] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb0 [ 30.819079] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.819788] flags: 0x200000000000040(head|node=0|zone=2) [ 30.820388] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.821113] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.821832] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.822455] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.823056] head: 0200000000000002 ffffea00040b2c01 ffffffffffffffff 0000000000000000 [ 30.823861] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.824403] page dumped because: kasan: bad access detected [ 30.824866] [ 30.825119] Memory state around the buggy address: [ 30.825656] ffff888102caff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.826291] ffff888102caff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.826920] >ffff888102cb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.827550] ^ [ 30.827915] ffff888102cb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.828563] ffff888102cb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.829334] ================================================================== [ 30.725801] ================================================================== [ 30.726744] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 30.727195] Free of addr ffff888101acff00 by task kunit_try_catch/242 [ 30.727930] [ 30.728490] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.730430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.730768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.731598] Call Trace: [ 30.732120] <TASK> [ 30.732320] dump_stack_lvl+0x73/0xb0 [ 30.732842] print_report+0xd1/0x640 [ 30.733247] ? __virt_addr_valid+0x1db/0x2d0 [ 30.733802] ? mempool_double_free_helper+0x185/0x370 [ 30.735040] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.735765] ? mempool_double_free_helper+0x185/0x370 [ 30.736452] kasan_report_invalid_free+0xc0/0xf0 [ 30.737008] ? mempool_double_free_helper+0x185/0x370 [ 30.737832] ? mempool_double_free_helper+0x185/0x370 [ 30.738991] ? mempool_double_free_helper+0x185/0x370 [ 30.740047] check_slab_allocation+0x101/0x130 [ 30.740787] __kasan_mempool_poison_object+0x91/0x1d0 [ 30.741475] mempool_free+0x2ec/0x380 [ 30.741843] mempool_double_free_helper+0x185/0x370 [ 30.742764] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 30.743304] mempool_kmalloc_double_free+0xb1/0x100 [ 30.743858] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 30.744638] ? __switch_to+0x5d9/0xf60 [ 30.745723] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.746426] ? __pfx_mempool_kfree+0x10/0x10 [ 30.747042] ? __pfx_read_tsc+0x10/0x10 [ 30.748509] ? ktime_get_ts64+0x84/0x230 [ 30.748902] kunit_try_run_case+0x1b3/0x490 [ 30.749606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.750322] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.751272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.751790] ? __kthread_parkme+0x82/0x160 [ 30.752231] ? preempt_count_sub+0x50/0x80 [ 30.753302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.753904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.754544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.755878] kthread+0x257/0x310 [ 30.756165] ? __pfx_kthread+0x10/0x10 [ 30.757250] ret_from_fork+0x41/0x80 [ 30.757823] ? __pfx_kthread+0x10/0x10 [ 30.758264] ret_from_fork_asm+0x1a/0x30 [ 30.758671] </TASK> [ 30.758972] [ 30.759121] Allocated by task 242: [ 30.759545] kasan_save_stack+0x3d/0x60 [ 30.760045] kasan_save_track+0x18/0x40 [ 30.760626] kasan_save_alloc_info+0x3b/0x50 [ 30.761383] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.762041] remove_element+0x11e/0x190 [ 30.762651] mempool_alloc_preallocated+0x4d/0x90 [ 30.763230] mempool_double_free_helper+0x8b/0x370 [ 30.763844] mempool_kmalloc_double_free+0xb1/0x100 [ 30.764402] kunit_try_run_case+0x1b3/0x490 [ 30.764898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.765451] kthread+0x257/0x310 [ 30.765888] ret_from_fork+0x41/0x80 [ 30.766524] ret_from_fork_asm+0x1a/0x30 [ 30.767054] [ 30.767360] Freed by task 242: [ 30.767603] kasan_save_stack+0x3d/0x60 [ 30.768191] kasan_save_track+0x18/0x40 [ 30.768542] kasan_save_free_info+0x3f/0x60 [ 30.768991] __kasan_mempool_poison_object+0x131/0x1d0 [ 30.769353] mempool_free+0x2ec/0x380 [ 30.769841] mempool_double_free_helper+0x10a/0x370 [ 30.770448] mempool_kmalloc_double_free+0xb1/0x100 [ 30.771009] kunit_try_run_case+0x1b3/0x490 [ 30.771648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.772053] kthread+0x257/0x310 [ 30.772908] ret_from_fork+0x41/0x80 [ 30.773498] ret_from_fork_asm+0x1a/0x30 [ 30.773913] [ 30.774284] The buggy address belongs to the object at ffff888101acff00 [ 30.774284] which belongs to the cache kmalloc-128 of size 128 [ 30.775212] The buggy address is located 0 bytes inside of [ 30.775212] 128-byte region [ffff888101acff00, ffff888101acff80) [ 30.776467] [ 30.776767] The buggy address belongs to the physical page: [ 30.777579] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101acf [ 30.778344] flags: 0x200000000000000(node=0|zone=2) [ 30.778726] page_type: f5(slab) [ 30.779143] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.779669] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 30.780755] page dumped because: kasan: bad access detected [ 30.781356] [ 30.781525] Memory state around the buggy address: [ 30.782200] ffff888101acfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.782759] ffff888101acfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.783395] >ffff888101acff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.784473] ^ [ 30.784823] ffff888101acff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.785526] ffff888101ad0000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 30.786353] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 30.557499] ================================================================== [ 30.558665] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.559684] Read of size 1 at addr ffff888102ce4000 by task kunit_try_catch/236 [ 30.560549] [ 30.560825] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.562389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.562849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.563626] Call Trace: [ 30.564062] <TASK> [ 30.564491] dump_stack_lvl+0x73/0xb0 [ 30.564990] print_report+0xd1/0x640 [ 30.565412] ? __virt_addr_valid+0x1db/0x2d0 [ 30.565985] ? kasan_addr_to_slab+0x11/0xa0 [ 30.566570] kasan_report+0x102/0x140 [ 30.567098] ? mempool_uaf_helper+0x394/0x400 [ 30.567527] ? mempool_uaf_helper+0x394/0x400 [ 30.568579] __asan_report_load1_noabort+0x18/0x20 [ 30.569046] mempool_uaf_helper+0x394/0x400 [ 30.569611] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.570668] ? irqentry_exit+0x2a/0x60 [ 30.571013] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 30.571953] mempool_kmalloc_large_uaf+0xb3/0x100 [ 30.572331] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 30.573144] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.573956] ? __pfx_mempool_kfree+0x10/0x10 [ 30.574326] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 30.575116] kunit_try_run_case+0x1b3/0x490 [ 30.575984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.576630] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.577179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.577649] ? __kthread_parkme+0x82/0x160 [ 30.578364] ? preempt_count_sub+0x50/0x80 [ 30.578717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.579595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.580234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.580914] kthread+0x257/0x310 [ 30.581241] ? __pfx_kthread+0x10/0x10 [ 30.581928] ret_from_fork+0x41/0x80 [ 30.582253] ? __pfx_kthread+0x10/0x10 [ 30.582893] ret_from_fork_asm+0x1a/0x30 [ 30.583431] </TASK> [ 30.583795] [ 30.584112] The buggy address belongs to the physical page: [ 30.584714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce4 [ 30.585626] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.586592] flags: 0x200000000000040(head|node=0|zone=2) [ 30.587206] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.587965] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.588569] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.589729] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.590595] head: 0200000000000002 ffffea00040b3901 ffffffffffffffff 0000000000000000 [ 30.591336] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.592340] page dumped because: kasan: bad access detected [ 30.593158] [ 30.593458] Memory state around the buggy address: [ 30.594387] ffff888102ce3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.595043] ffff888102ce3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.595829] >ffff888102ce4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.596426] ^ [ 30.596878] ffff888102ce4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.597418] ffff888102ce4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.598238] ================================================================== [ 30.680052] ================================================================== [ 30.681236] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.681832] Read of size 1 at addr ffff888102ce8000 by task kunit_try_catch/240 [ 30.682915] [ 30.683240] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.684516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.684910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.686533] Call Trace: [ 30.687256] <TASK> [ 30.687709] dump_stack_lvl+0x73/0xb0 [ 30.688069] print_report+0xd1/0x640 [ 30.688586] ? __virt_addr_valid+0x1db/0x2d0 [ 30.689503] ? kasan_addr_to_slab+0x11/0xa0 [ 30.690321] kasan_report+0x102/0x140 [ 30.690765] ? mempool_uaf_helper+0x394/0x400 [ 30.691221] ? mempool_uaf_helper+0x394/0x400 [ 30.691682] __asan_report_load1_noabort+0x18/0x20 [ 30.692479] mempool_uaf_helper+0x394/0x400 [ 30.693109] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.693441] ? finish_task_switch.isra.0+0x153/0x700 [ 30.694143] mempool_page_alloc_uaf+0xb1/0x100 [ 30.695057] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 30.695816] ? __switch_to+0x5d9/0xf60 [ 30.696484] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 30.696996] ? __pfx_mempool_free_pages+0x10/0x10 [ 30.697704] ? __pfx_read_tsc+0x10/0x10 [ 30.698173] ? ktime_get_ts64+0x84/0x230 [ 30.698577] kunit_try_run_case+0x1b3/0x490 [ 30.699294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.699903] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.700439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.701086] ? __kthread_parkme+0x82/0x160 [ 30.701615] ? preempt_count_sub+0x50/0x80 [ 30.702228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.702560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.703270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.704290] kthread+0x257/0x310 [ 30.704667] ? __pfx_kthread+0x10/0x10 [ 30.705205] ret_from_fork+0x41/0x80 [ 30.705727] ? __pfx_kthread+0x10/0x10 [ 30.706295] ret_from_fork_asm+0x1a/0x30 [ 30.706782] </TASK> [ 30.707372] [ 30.707604] The buggy address belongs to the physical page: [ 30.708514] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce8 [ 30.709148] flags: 0x200000000000000(node=0|zone=2) [ 30.709919] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.710541] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.711905] page dumped because: kasan: bad access detected [ 30.712473] [ 30.712907] Memory state around the buggy address: [ 30.713457] ffff888102ce7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.714211] ffff888102ce7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.714975] >ffff888102ce8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.715961] ^ [ 30.716421] ffff888102ce8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.717552] ffff888102ce8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.718521] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 30.605627] ================================================================== [ 30.606386] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.606788] Read of size 1 at addr ffff888101ad9240 by task kunit_try_catch/238 [ 30.607152] [ 30.607309] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.609187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.611219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.612117] Call Trace: [ 30.612385] <TASK> [ 30.612645] dump_stack_lvl+0x73/0xb0 [ 30.614686] print_report+0xd1/0x640 [ 30.615526] ? __virt_addr_valid+0x1db/0x2d0 [ 30.616154] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.616477] kasan_report+0x102/0x140 [ 30.616836] ? mempool_uaf_helper+0x394/0x400 [ 30.617115] ? mempool_uaf_helper+0x394/0x400 [ 30.617397] __asan_report_load1_noabort+0x18/0x20 [ 30.617764] mempool_uaf_helper+0x394/0x400 [ 30.619085] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.620201] ? finish_task_switch.isra.0+0x153/0x700 [ 30.621379] mempool_slab_uaf+0xae/0x100 [ 30.621882] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 30.622960] ? __switch_to+0x5d9/0xf60 [ 30.623468] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 30.623978] ? __pfx_mempool_free_slab+0x10/0x10 [ 30.624658] ? __pfx_read_tsc+0x10/0x10 [ 30.625328] ? ktime_get_ts64+0x84/0x230 [ 30.625666] kunit_try_run_case+0x1b3/0x490 [ 30.626462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.627079] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.627662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.628290] ? __kthread_parkme+0x82/0x160 [ 30.629052] ? preempt_count_sub+0x50/0x80 [ 30.630195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.630782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.631550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.632721] kthread+0x257/0x310 [ 30.633133] ? __pfx_kthread+0x10/0x10 [ 30.633869] ret_from_fork+0x41/0x80 [ 30.634383] ? __pfx_kthread+0x10/0x10 [ 30.634860] ret_from_fork_asm+0x1a/0x30 [ 30.635367] </TASK> [ 30.635673] [ 30.636029] Allocated by task 238: [ 30.636954] kasan_save_stack+0x3d/0x60 [ 30.637944] kasan_save_track+0x18/0x40 [ 30.638418] kasan_save_alloc_info+0x3b/0x50 [ 30.639015] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 30.640025] remove_element+0x11e/0x190 [ 30.640510] mempool_alloc_preallocated+0x4d/0x90 [ 30.641212] mempool_uaf_helper+0x97/0x400 [ 30.642273] mempool_slab_uaf+0xae/0x100 [ 30.642723] kunit_try_run_case+0x1b3/0x490 [ 30.643407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.643920] kthread+0x257/0x310 [ 30.644501] ret_from_fork+0x41/0x80 [ 30.645407] ret_from_fork_asm+0x1a/0x30 [ 30.645613] [ 30.645777] Freed by task 238: [ 30.646973] kasan_save_stack+0x3d/0x60 [ 30.647762] kasan_save_track+0x18/0x40 [ 30.648034] kasan_save_free_info+0x3f/0x60 [ 30.648630] __kasan_mempool_poison_object+0x131/0x1d0 [ 30.649503] mempool_free+0x2ec/0x380 [ 30.650076] mempool_uaf_helper+0x11b/0x400 [ 30.650677] mempool_slab_uaf+0xae/0x100 [ 30.651262] kunit_try_run_case+0x1b3/0x490 [ 30.651940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.652909] kthread+0x257/0x310 [ 30.653196] ret_from_fork+0x41/0x80 [ 30.654295] ret_from_fork_asm+0x1a/0x30 [ 30.654796] [ 30.655134] The buggy address belongs to the object at ffff888101ad9240 [ 30.655134] which belongs to the cache test_cache of size 123 [ 30.656267] The buggy address is located 0 bytes inside of [ 30.656267] freed 123-byte region [ffff888101ad9240, ffff888101ad92bb) [ 30.657718] [ 30.657941] The buggy address belongs to the physical page: [ 30.658438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ad9 [ 30.659360] flags: 0x200000000000000(node=0|zone=2) [ 30.660039] page_type: f5(slab) [ 30.660787] raw: 0200000000000000 ffff888101ad2140 dead000000000122 0000000000000000 [ 30.661683] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 30.662550] page dumped because: kasan: bad access detected [ 30.663089] [ 30.663485] Memory state around the buggy address: [ 30.664029] ffff888101ad9100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.665208] ffff888101ad9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.665939] >ffff888101ad9200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 30.666834] ^ [ 30.667883] ffff888101ad9280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.669042] ffff888101ad9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.670178] ================================================================== [ 30.482037] ================================================================== [ 30.482821] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.483232] Read of size 1 at addr ffff888101acf900 by task kunit_try_catch/234 [ 30.484533] [ 30.484959] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.486592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.487589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.489028] Call Trace: [ 30.489621] <TASK> [ 30.489917] dump_stack_lvl+0x73/0xb0 [ 30.491058] print_report+0xd1/0x640 [ 30.491926] ? __virt_addr_valid+0x1db/0x2d0 [ 30.492520] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.493196] kasan_report+0x102/0x140 [ 30.493803] ? mempool_uaf_helper+0x394/0x400 [ 30.494566] ? mempool_uaf_helper+0x394/0x400 [ 30.495204] __asan_report_load1_noabort+0x18/0x20 [ 30.495843] mempool_uaf_helper+0x394/0x400 [ 30.496571] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.497064] ? finish_task_switch.isra.0+0x153/0x700 [ 30.497940] mempool_kmalloc_uaf+0xb3/0x100 [ 30.498624] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 30.499482] ? __switch_to+0x5d9/0xf60 [ 30.500263] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.501058] ? __pfx_mempool_kfree+0x10/0x10 [ 30.501925] ? __pfx_read_tsc+0x10/0x10 [ 30.502588] ? ktime_get_ts64+0x84/0x230 [ 30.503376] kunit_try_run_case+0x1b3/0x490 [ 30.504100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.505171] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.505777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.506903] ? __kthread_parkme+0x82/0x160 [ 30.507469] ? preempt_count_sub+0x50/0x80 [ 30.507925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.508397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.509942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.510599] kthread+0x257/0x310 [ 30.511367] ? __pfx_kthread+0x10/0x10 [ 30.512153] ret_from_fork+0x41/0x80 [ 30.512806] ? __pfx_kthread+0x10/0x10 [ 30.513852] ret_from_fork_asm+0x1a/0x30 [ 30.514807] </TASK> [ 30.515126] [ 30.515605] Allocated by task 234: [ 30.516405] kasan_save_stack+0x3d/0x60 [ 30.516816] kasan_save_track+0x18/0x40 [ 30.517761] kasan_save_alloc_info+0x3b/0x50 [ 30.518353] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.519361] remove_element+0x11e/0x190 [ 30.520042] mempool_alloc_preallocated+0x4d/0x90 [ 30.521071] mempool_uaf_helper+0x97/0x400 [ 30.521455] mempool_kmalloc_uaf+0xb3/0x100 [ 30.522401] kunit_try_run_case+0x1b3/0x490 [ 30.523190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.524263] kthread+0x257/0x310 [ 30.524581] ret_from_fork+0x41/0x80 [ 30.525541] ret_from_fork_asm+0x1a/0x30 [ 30.526148] [ 30.526401] Freed by task 234: [ 30.527295] kasan_save_stack+0x3d/0x60 [ 30.527612] kasan_save_track+0x18/0x40 [ 30.528920] kasan_save_free_info+0x3f/0x60 [ 30.529305] __kasan_mempool_poison_object+0x131/0x1d0 [ 30.530245] mempool_free+0x2ec/0x380 [ 30.531016] mempool_uaf_helper+0x11b/0x400 [ 30.531301] mempool_kmalloc_uaf+0xb3/0x100 [ 30.532070] kunit_try_run_case+0x1b3/0x490 [ 30.532550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.533348] kthread+0x257/0x310 [ 30.534127] ret_from_fork+0x41/0x80 [ 30.534788] ret_from_fork_asm+0x1a/0x30 [ 30.535540] [ 30.535811] The buggy address belongs to the object at ffff888101acf900 [ 30.535811] which belongs to the cache kmalloc-128 of size 128 [ 30.537515] The buggy address is located 0 bytes inside of [ 30.537515] freed 128-byte region [ffff888101acf900, ffff888101acf980) [ 30.538506] [ 30.538734] The buggy address belongs to the physical page: [ 30.539829] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101acf [ 30.540862] flags: 0x200000000000000(node=0|zone=2) [ 30.541612] page_type: f5(slab) [ 30.541878] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.542651] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.543275] page dumped because: kasan: bad access detected [ 30.544300] [ 30.544441] Memory state around the buggy address: [ 30.545647] ffff888101acf800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.547051] ffff888101acf880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.547990] >ffff888101acf900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.548966] ^ [ 30.549759] ffff888101acf980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.550940] ffff888101acfa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.551651] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 30.421100] ================================================================== [ 30.421912] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 30.423583] Read of size 1 at addr ffff8881029f32bb by task kunit_try_catch/232 [ 30.424665] [ 30.424966] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.425812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.426404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.428382] Call Trace: [ 30.428831] <TASK> [ 30.429141] dump_stack_lvl+0x73/0xb0 [ 30.429625] print_report+0xd1/0x640 [ 30.430047] ? __virt_addr_valid+0x1db/0x2d0 [ 30.430803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.431466] kasan_report+0x102/0x140 [ 30.432033] ? mempool_oob_right_helper+0x31a/0x380 [ 30.432612] ? mempool_oob_right_helper+0x31a/0x380 [ 30.433320] __asan_report_load1_noabort+0x18/0x20 [ 30.434292] mempool_oob_right_helper+0x31a/0x380 [ 30.434936] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 30.435495] ? finish_task_switch.isra.0+0x153/0x700 [ 30.436364] mempool_slab_oob_right+0xb1/0x100 [ 30.436829] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 30.437368] ? __switch_to+0x5d9/0xf60 [ 30.438093] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 30.438871] ? __pfx_mempool_free_slab+0x10/0x10 [ 30.439294] ? __pfx_read_tsc+0x10/0x10 [ 30.440090] ? ktime_get_ts64+0x84/0x230 [ 30.440448] kunit_try_run_case+0x1b3/0x490 [ 30.441026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.441911] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.442527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.443175] ? __kthread_parkme+0x82/0x160 [ 30.443906] ? preempt_count_sub+0x50/0x80 [ 30.444465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.444907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.445832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.446822] kthread+0x257/0x310 [ 30.447099] ? __pfx_kthread+0x10/0x10 [ 30.447550] ret_from_fork+0x41/0x80 [ 30.448222] ? __pfx_kthread+0x10/0x10 [ 30.448987] ret_from_fork_asm+0x1a/0x30 [ 30.449413] </TASK> [ 30.449866] [ 30.450037] Allocated by task 232: [ 30.450526] kasan_save_stack+0x3d/0x60 [ 30.451028] kasan_save_track+0x18/0x40 [ 30.451790] kasan_save_alloc_info+0x3b/0x50 [ 30.452453] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 30.453035] remove_element+0x11e/0x190 [ 30.453633] mempool_alloc_preallocated+0x4d/0x90 [ 30.454322] mempool_oob_right_helper+0x8b/0x380 [ 30.454984] mempool_slab_oob_right+0xb1/0x100 [ 30.455309] kunit_try_run_case+0x1b3/0x490 [ 30.455914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.457016] kthread+0x257/0x310 [ 30.457279] ret_from_fork+0x41/0x80 [ 30.457961] ret_from_fork_asm+0x1a/0x30 [ 30.458272] [ 30.458477] The buggy address belongs to the object at ffff8881029f3240 [ 30.458477] which belongs to the cache test_cache of size 123 [ 30.460140] The buggy address is located 0 bytes to the right of [ 30.460140] allocated 123-byte region [ffff8881029f3240, ffff8881029f32bb) [ 30.461476] [ 30.461633] The buggy address belongs to the physical page: [ 30.462522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f3 [ 30.463228] flags: 0x200000000000000(node=0|zone=2) [ 30.464006] page_type: f5(slab) [ 30.464374] raw: 0200000000000000 ffff888101ebcb40 dead000000000122 0000000000000000 [ 30.465089] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 30.466301] page dumped because: kasan: bad access detected [ 30.467010] [ 30.467403] Memory state around the buggy address: [ 30.467853] ffff8881029f3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.468668] ffff8881029f3200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 30.469300] >ffff8881029f3280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 30.470280] ^ [ 30.470651] ffff8881029f3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.471615] ffff8881029f3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.472371] ================================================================== [ 30.300254] ================================================================== [ 30.300938] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 30.301682] Read of size 1 at addr ffff8881029e9973 by task kunit_try_catch/228 [ 30.302183] [ 30.302367] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.303393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.303833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.305382] Call Trace: [ 30.305801] <TASK> [ 30.306035] dump_stack_lvl+0x73/0xb0 [ 30.306603] print_report+0xd1/0x640 [ 30.307342] ? __virt_addr_valid+0x1db/0x2d0 [ 30.308484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.309053] kasan_report+0x102/0x140 [ 30.309573] ? mempool_oob_right_helper+0x31a/0x380 [ 30.310211] ? mempool_oob_right_helper+0x31a/0x380 [ 30.310661] __asan_report_load1_noabort+0x18/0x20 [ 30.311135] mempool_oob_right_helper+0x31a/0x380 [ 30.311569] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 30.312850] ? irqentry_exit+0x2a/0x60 [ 30.313154] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 30.314013] mempool_kmalloc_oob_right+0xb6/0x100 [ 30.315107] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 30.315827] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.316613] ? __pfx_mempool_kfree+0x10/0x10 [ 30.317348] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 30.318564] kunit_try_run_case+0x1b3/0x490 [ 30.319090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.320242] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.321021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.322307] ? __kthread_parkme+0x82/0x160 [ 30.322824] ? preempt_count_sub+0x50/0x80 [ 30.323187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.323706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.324189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.324912] kthread+0x257/0x310 [ 30.325498] ? __pfx_kthread+0x10/0x10 [ 30.325995] ret_from_fork+0x41/0x80 [ 30.326617] ? __pfx_kthread+0x10/0x10 [ 30.327011] ret_from_fork_asm+0x1a/0x30 [ 30.327595] </TASK> [ 30.327809] [ 30.328108] Allocated by task 228: [ 30.328764] kasan_save_stack+0x3d/0x60 [ 30.329068] kasan_save_track+0x18/0x40 [ 30.329565] kasan_save_alloc_info+0x3b/0x50 [ 30.329975] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.330650] remove_element+0x11e/0x190 [ 30.332077] mempool_alloc_preallocated+0x4d/0x90 [ 30.332916] mempool_oob_right_helper+0x8b/0x380 [ 30.333634] mempool_kmalloc_oob_right+0xb6/0x100 [ 30.334400] kunit_try_run_case+0x1b3/0x490 [ 30.335207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.335440] kthread+0x257/0x310 [ 30.335606] ret_from_fork+0x41/0x80 [ 30.336254] ret_from_fork_asm+0x1a/0x30 [ 30.337198] [ 30.337803] The buggy address belongs to the object at ffff8881029e9900 [ 30.337803] which belongs to the cache kmalloc-128 of size 128 [ 30.340467] The buggy address is located 0 bytes to the right of [ 30.340467] allocated 115-byte region [ffff8881029e9900, ffff8881029e9973) [ 30.341617] [ 30.341851] The buggy address belongs to the physical page: [ 30.343775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e9 [ 30.344287] flags: 0x200000000000000(node=0|zone=2) [ 30.344569] page_type: f5(slab) [ 30.344817] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.345196] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.345574] page dumped because: kasan: bad access detected [ 30.348851] [ 30.351220] Memory state around the buggy address: [ 30.352678] ffff8881029e9800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.354880] ffff8881029e9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.356047] >ffff8881029e9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.356814] ^ [ 30.357595] ffff8881029e9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.358742] ffff8881029e9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.359525] ================================================================== [ 30.366741] ================================================================== [ 30.368143] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 30.369163] Read of size 1 at addr ffff888102cae001 by task kunit_try_catch/230 [ 30.370276] [ 30.370930] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 30.372071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.372876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.374319] Call Trace: [ 30.374619] <TASK> [ 30.375197] dump_stack_lvl+0x73/0xb0 [ 30.376221] print_report+0xd1/0x640 [ 30.376677] ? __virt_addr_valid+0x1db/0x2d0 [ 30.377327] ? kasan_addr_to_slab+0x11/0xa0 [ 30.377766] kasan_report+0x102/0x140 [ 30.378542] ? mempool_oob_right_helper+0x31a/0x380 [ 30.379116] ? mempool_oob_right_helper+0x31a/0x380 [ 30.380022] __asan_report_load1_noabort+0x18/0x20 [ 30.380869] mempool_oob_right_helper+0x31a/0x380 [ 30.381656] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 30.382553] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 30.383322] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 30.383832] ? __switch_to+0x5d9/0xf60 [ 30.384451] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.385279] ? __pfx_mempool_kfree+0x10/0x10 [ 30.386040] ? __pfx_read_tsc+0x10/0x10 [ 30.386529] ? ktime_get_ts64+0x84/0x230 [ 30.387446] kunit_try_run_case+0x1b3/0x490 [ 30.388115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.388940] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.389540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.390778] ? __kthread_parkme+0x82/0x160 [ 30.391624] ? preempt_count_sub+0x50/0x80 [ 30.392449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.393214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.393902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.394909] kthread+0x257/0x310 [ 30.395266] ? __pfx_kthread+0x10/0x10 [ 30.396088] ret_from_fork+0x41/0x80 [ 30.396565] ? __pfx_kthread+0x10/0x10 [ 30.397008] ret_from_fork_asm+0x1a/0x30 [ 30.398005] </TASK> [ 30.398227] [ 30.398746] The buggy address belongs to the physical page: [ 30.399251] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cac [ 30.399982] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.400742] flags: 0x200000000000040(head|node=0|zone=2) [ 30.401646] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.402455] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.403160] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.403901] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.404794] head: 0200000000000002 ffffea00040b2b01 ffffffffffffffff 0000000000000000 [ 30.405620] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.406489] page dumped because: kasan: bad access detected [ 30.407135] [ 30.407432] Memory state around the buggy address: [ 30.407825] ffff888102cadf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.409104] ffff888102cadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.410080] >ffff888102cae000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.410793] ^ [ 30.411172] ffff888102cae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.412526] ffff888102cae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.413110] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 29.688571] ================================================================== [ 29.690101] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 29.690934] Read of size 1 at addr ffff888101627dc0 by task kunit_try_catch/222 [ 29.692621] [ 29.692827] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.694474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.695079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.696224] Call Trace: [ 29.696507] <TASK> [ 29.697518] dump_stack_lvl+0x73/0xb0 [ 29.698076] print_report+0xd1/0x640 [ 29.698837] ? __virt_addr_valid+0x1db/0x2d0 [ 29.699130] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.699873] kasan_report+0x102/0x140 [ 29.700749] ? kmem_cache_double_destroy+0x1bd/0x380 [ 29.701528] ? kmem_cache_double_destroy+0x1bd/0x380 [ 29.702481] ? kmem_cache_double_destroy+0x1bd/0x380 [ 29.702971] __kasan_check_byte+0x3d/0x50 [ 29.703531] kmem_cache_destroy+0x25/0x1d0 [ 29.704456] kmem_cache_double_destroy+0x1bd/0x380 [ 29.705279] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 29.705671] ? finish_task_switch.isra.0+0x153/0x700 [ 29.706625] ? __switch_to+0x5d9/0xf60 [ 29.707439] ? __pfx_empty_cache_ctor+0x10/0x10 [ 29.708149] ? __pfx_read_tsc+0x10/0x10 [ 29.708537] ? ktime_get_ts64+0x84/0x230 [ 29.709032] kunit_try_run_case+0x1b3/0x490 [ 29.709434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.709875] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.710273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.711309] ? __kthread_parkme+0x82/0x160 [ 29.711984] ? preempt_count_sub+0x50/0x80 [ 29.713093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.713416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.714373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.715104] kthread+0x257/0x310 [ 29.715656] ? __pfx_kthread+0x10/0x10 [ 29.716011] ret_from_fork+0x41/0x80 [ 29.716638] ? __pfx_kthread+0x10/0x10 [ 29.717350] ret_from_fork_asm+0x1a/0x30 [ 29.717932] </TASK> [ 29.718253] [ 29.718454] Allocated by task 222: [ 29.719665] kasan_save_stack+0x3d/0x60 [ 29.719954] kasan_save_track+0x18/0x40 [ 29.720638] kasan_save_alloc_info+0x3b/0x50 [ 29.721474] __kasan_slab_alloc+0x91/0xa0 [ 29.721834] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.722964] __kmem_cache_create_args+0x177/0x250 [ 29.724105] kmem_cache_double_destroy+0xd3/0x380 [ 29.724596] kunit_try_run_case+0x1b3/0x490 [ 29.726047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.726570] kthread+0x257/0x310 [ 29.727145] ret_from_fork+0x41/0x80 [ 29.728019] ret_from_fork_asm+0x1a/0x30 [ 29.728405] [ 29.728634] Freed by task 222: [ 29.729012] kasan_save_stack+0x3d/0x60 [ 29.729368] kasan_save_track+0x18/0x40 [ 29.730452] kasan_save_free_info+0x3f/0x60 [ 29.730742] __kasan_slab_free+0x56/0x70 [ 29.731852] kmem_cache_free+0x120/0x420 [ 29.732112] slab_kmem_cache_release+0x2e/0x40 [ 29.733376] kmem_cache_release+0x16/0x20 [ 29.733773] kobject_put+0x181/0x450 [ 29.734604] sysfs_slab_release+0x16/0x20 [ 29.735038] kmem_cache_destroy+0xf0/0x1d0 [ 29.735930] kmem_cache_double_destroy+0x14c/0x380 [ 29.737138] kunit_try_run_case+0x1b3/0x490 [ 29.738138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.738487] kthread+0x257/0x310 [ 29.739058] ret_from_fork+0x41/0x80 [ 29.739834] ret_from_fork_asm+0x1a/0x30 [ 29.740180] [ 29.740565] The buggy address belongs to the object at ffff888101627dc0 [ 29.740565] which belongs to the cache kmem_cache of size 208 [ 29.741571] The buggy address is located 0 bytes inside of [ 29.741571] freed 208-byte region [ffff888101627dc0, ffff888101627e90) [ 29.743267] [ 29.743576] The buggy address belongs to the physical page: [ 29.744124] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101627 [ 29.745441] flags: 0x200000000000000(node=0|zone=2) [ 29.745832] page_type: f5(slab) [ 29.746285] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 29.747588] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 29.748451] page dumped because: kasan: bad access detected [ 29.748768] [ 29.748902] Memory state around the buggy address: [ 29.749176] ffff888101627c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.749549] ffff888101627d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 29.749949] >ffff888101627d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 29.750337] ^ [ 29.751070] ffff888101627e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.751466] ffff888101627e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.752055] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 29.585441] ================================================================== [ 29.587365] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.588135] Read of size 1 at addr ffff8881029ef000 by task kunit_try_catch/220 [ 29.589048] [ 29.589348] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.591291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.591564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.592865] Call Trace: [ 29.593266] <TASK> [ 29.593647] dump_stack_lvl+0x73/0xb0 [ 29.594421] print_report+0xd1/0x640 [ 29.594863] ? __virt_addr_valid+0x1db/0x2d0 [ 29.595311] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.595859] kasan_report+0x102/0x140 [ 29.596247] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.596761] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.597121] __asan_report_load1_noabort+0x18/0x20 [ 29.597532] kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.598139] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 29.598462] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 29.599263] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 29.599982] kunit_try_run_case+0x1b3/0x490 [ 29.600542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.600929] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.601980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.602680] ? __kthread_parkme+0x82/0x160 [ 29.603153] ? preempt_count_sub+0x50/0x80 [ 29.603515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.604245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.605191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.605749] kthread+0x257/0x310 [ 29.606194] ? __pfx_kthread+0x10/0x10 [ 29.606563] ret_from_fork+0x41/0x80 [ 29.607167] ? __pfx_kthread+0x10/0x10 [ 29.607522] ret_from_fork_asm+0x1a/0x30 [ 29.608190] </TASK> [ 29.609000] [ 29.609149] Allocated by task 220: [ 29.610109] kasan_save_stack+0x3d/0x60 [ 29.610647] kasan_save_track+0x18/0x40 [ 29.611051] kasan_save_alloc_info+0x3b/0x50 [ 29.611631] __kasan_slab_alloc+0x91/0xa0 [ 29.612802] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.613489] kmem_cache_rcu_uaf+0x156/0x510 [ 29.614530] kunit_try_run_case+0x1b3/0x490 [ 29.615162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.616301] kthread+0x257/0x310 [ 29.616567] ret_from_fork+0x41/0x80 [ 29.617075] ret_from_fork_asm+0x1a/0x30 [ 29.617505] [ 29.618295] Freed by task 0: [ 29.618705] kasan_save_stack+0x3d/0x60 [ 29.619810] kasan_save_track+0x18/0x40 [ 29.620215] kasan_save_free_info+0x3f/0x60 [ 29.621168] __kasan_slab_free+0x56/0x70 [ 29.621452] slab_free_after_rcu_debug+0xe4/0x310 [ 29.621980] rcu_core+0x680/0x1d70 [ 29.622338] rcu_core_si+0x12/0x20 [ 29.623315] handle_softirqs+0x209/0x720 [ 29.624192] __irq_exit_rcu+0xc9/0x110 [ 29.624948] irq_exit_rcu+0x12/0x20 [ 29.625141] sysvec_apic_timer_interrupt+0x81/0x90 [ 29.625889] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 29.627056] [ 29.627428] Last potentially related work creation: [ 29.627865] kasan_save_stack+0x3d/0x60 [ 29.628987] __kasan_record_aux_stack+0xae/0xc0 [ 29.630078] kasan_record_aux_stack_noalloc+0xf/0x20 [ 29.630841] kmem_cache_free+0x276/0x420 [ 29.631032] kmem_cache_rcu_uaf+0x195/0x510 [ 29.631222] kunit_try_run_case+0x1b3/0x490 [ 29.631875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.632490] kthread+0x257/0x310 [ 29.632770] ret_from_fork+0x41/0x80 [ 29.633247] ret_from_fork_asm+0x1a/0x30 [ 29.633824] [ 29.633999] The buggy address belongs to the object at ffff8881029ef000 [ 29.633999] which belongs to the cache test_cache of size 200 [ 29.635522] The buggy address is located 0 bytes inside of [ 29.635522] freed 200-byte region [ffff8881029ef000, ffff8881029ef0c8) [ 29.636414] [ 29.636738] The buggy address belongs to the physical page: [ 29.637338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 29.638112] flags: 0x200000000000000(node=0|zone=2) [ 29.638843] page_type: f5(slab) [ 29.639136] raw: 0200000000000000 ffff888101ebc8c0 dead000000000122 0000000000000000 [ 29.640751] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 29.641955] page dumped because: kasan: bad access detected [ 29.642819] [ 29.643348] Memory state around the buggy address: [ 29.644298] ffff8881029eef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.645013] ffff8881029eef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.645946] >ffff8881029ef000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.647111] ^ [ 29.647520] ffff8881029ef080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 29.648572] ffff8881029ef100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.649352] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 29.491408] ================================================================== [ 29.492496] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 29.493062] Free of addr ffff8881029ed001 by task kunit_try_catch/218 [ 29.493806] [ 29.493986] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.495189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.495676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.496985] Call Trace: [ 29.497551] <TASK> [ 29.497899] dump_stack_lvl+0x73/0xb0 [ 29.498400] print_report+0xd1/0x640 [ 29.498903] ? __virt_addr_valid+0x1db/0x2d0 [ 29.499408] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.499990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.500801] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.501494] kasan_report_invalid_free+0xc0/0xf0 [ 29.501956] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.502397] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.503297] check_slab_allocation+0x11f/0x130 [ 29.504088] __kasan_slab_pre_free+0x28/0x40 [ 29.504418] kmem_cache_free+0xee/0x420 [ 29.504913] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.505819] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.506392] kmem_cache_invalid_free+0x1d9/0x470 [ 29.506904] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 29.507715] ? finish_task_switch.isra.0+0x153/0x700 [ 29.508316] ? __switch_to+0x5d9/0xf60 [ 29.508630] ? __pfx_read_tsc+0x10/0x10 [ 29.509299] ? ktime_get_ts64+0x84/0x230 [ 29.510022] kunit_try_run_case+0x1b3/0x490 [ 29.510394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.511093] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.511523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.512272] ? __kthread_parkme+0x82/0x160 [ 29.512842] ? preempt_count_sub+0x50/0x80 [ 29.513255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.513888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.514809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.515528] kthread+0x257/0x310 [ 29.516107] ? __pfx_kthread+0x10/0x10 [ 29.516613] ret_from_fork+0x41/0x80 [ 29.517133] ? __pfx_kthread+0x10/0x10 [ 29.517841] ret_from_fork_asm+0x1a/0x30 [ 29.518529] </TASK> [ 29.518894] [ 29.519222] Allocated by task 218: [ 29.519614] kasan_save_stack+0x3d/0x60 [ 29.520235] kasan_save_track+0x18/0x40 [ 29.520743] kasan_save_alloc_info+0x3b/0x50 [ 29.521245] __kasan_slab_alloc+0x91/0xa0 [ 29.521813] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.522370] kmem_cache_invalid_free+0x158/0x470 [ 29.522756] kunit_try_run_case+0x1b3/0x490 [ 29.523052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.523818] kthread+0x257/0x310 [ 29.524284] ret_from_fork+0x41/0x80 [ 29.524625] ret_from_fork_asm+0x1a/0x30 [ 29.525029] [ 29.525363] The buggy address belongs to the object at ffff8881029ed000 [ 29.525363] which belongs to the cache test_cache of size 200 [ 29.526809] The buggy address is located 1 bytes inside of [ 29.526809] 200-byte region [ffff8881029ed000, ffff8881029ed0c8) [ 29.527418] [ 29.527589] The buggy address belongs to the physical page: [ 29.528501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 29.530081] flags: 0x200000000000000(node=0|zone=2) [ 29.530669] page_type: f5(slab) [ 29.531090] raw: 0200000000000000 ffff888101ebc780 dead000000000122 0000000000000000 [ 29.532389] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 29.534237] page dumped because: kasan: bad access detected [ 29.535465] [ 29.535753] Memory state around the buggy address: [ 29.536223] ffff8881029ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.536979] ffff8881029ecf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.537840] >ffff8881029ed000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.538753] ^ [ 29.539014] ffff8881029ed080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 29.539837] ffff8881029ed100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.540811] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 29.424684] ================================================================== [ 29.425671] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 29.426107] Free of addr ffff8881029ec000 by task kunit_try_catch/216 [ 29.426449] [ 29.426632] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.427682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.428172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.428729] Call Trace: [ 29.428980] <TASK> [ 29.429997] dump_stack_lvl+0x73/0xb0 [ 29.430635] print_report+0xd1/0x640 [ 29.431325] ? __virt_addr_valid+0x1db/0x2d0 [ 29.432011] ? kmem_cache_double_free+0x1e6/0x490 [ 29.432578] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.433561] ? kmem_cache_double_free+0x1e6/0x490 [ 29.434209] kasan_report_invalid_free+0xc0/0xf0 [ 29.434647] ? kmem_cache_double_free+0x1e6/0x490 [ 29.435207] ? kmem_cache_double_free+0x1e6/0x490 [ 29.435920] check_slab_allocation+0x101/0x130 [ 29.436539] __kasan_slab_pre_free+0x28/0x40 [ 29.436951] kmem_cache_free+0xee/0x420 [ 29.437922] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.438568] ? kmem_cache_double_free+0x1e6/0x490 [ 29.439236] kmem_cache_double_free+0x1e6/0x490 [ 29.439740] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 29.440188] ? finish_task_switch.isra.0+0x153/0x700 [ 29.440705] ? __switch_to+0x5d9/0xf60 [ 29.441105] ? __pfx_read_tsc+0x10/0x10 [ 29.441581] ? ktime_get_ts64+0x84/0x230 [ 29.442243] kunit_try_run_case+0x1b3/0x490 [ 29.442833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.443386] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.443939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.444548] ? __kthread_parkme+0x82/0x160 [ 29.445051] ? preempt_count_sub+0x50/0x80 [ 29.445857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.446491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.447086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.447569] kthread+0x257/0x310 [ 29.447875] ? __pfx_kthread+0x10/0x10 [ 29.448325] ret_from_fork+0x41/0x80 [ 29.448804] ? __pfx_kthread+0x10/0x10 [ 29.449086] ret_from_fork_asm+0x1a/0x30 [ 29.449926] </TASK> [ 29.450377] [ 29.450624] Allocated by task 216: [ 29.450939] kasan_save_stack+0x3d/0x60 [ 29.451541] kasan_save_track+0x18/0x40 [ 29.451985] kasan_save_alloc_info+0x3b/0x50 [ 29.452605] __kasan_slab_alloc+0x91/0xa0 [ 29.453081] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.453952] kmem_cache_double_free+0x150/0x490 [ 29.454494] kunit_try_run_case+0x1b3/0x490 [ 29.454962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.455642] kthread+0x257/0x310 [ 29.456006] ret_from_fork+0x41/0x80 [ 29.456643] ret_from_fork_asm+0x1a/0x30 [ 29.457525] [ 29.457846] Freed by task 216: [ 29.458373] kasan_save_stack+0x3d/0x60 [ 29.458667] kasan_save_track+0x18/0x40 [ 29.459346] kasan_save_free_info+0x3f/0x60 [ 29.459867] __kasan_slab_free+0x56/0x70 [ 29.460459] kmem_cache_free+0x120/0x420 [ 29.460998] kmem_cache_double_free+0x16b/0x490 [ 29.461937] kunit_try_run_case+0x1b3/0x490 [ 29.462465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.463287] kthread+0x257/0x310 [ 29.463991] ret_from_fork+0x41/0x80 [ 29.464361] ret_from_fork_asm+0x1a/0x30 [ 29.464857] [ 29.465055] The buggy address belongs to the object at ffff8881029ec000 [ 29.465055] which belongs to the cache test_cache of size 200 [ 29.466487] The buggy address is located 0 bytes inside of [ 29.466487] 200-byte region [ffff8881029ec000, ffff8881029ec0c8) [ 29.467622] [ 29.467893] The buggy address belongs to the physical page: [ 29.468582] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ec [ 29.469556] flags: 0x200000000000000(node=0|zone=2) [ 29.470309] page_type: f5(slab) [ 29.470544] raw: 0200000000000000 ffff888101ebc640 dead000000000122 0000000000000000 [ 29.471518] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 29.472618] page dumped because: kasan: bad access detected [ 29.473237] [ 29.473488] Memory state around the buggy address: [ 29.474016] ffff8881029ebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.475007] ffff8881029ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.475433] >ffff8881029ec000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.476092] ^ [ 29.477142] ffff8881029ec080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 29.477958] ffff8881029ec100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.478799] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 29.357669] ================================================================== [ 29.358774] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 29.359923] Read of size 1 at addr ffff888101ace0c8 by task kunit_try_catch/214 [ 29.361187] [ 29.361503] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.362364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.362866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.363552] Call Trace: [ 29.363971] <TASK> [ 29.364373] dump_stack_lvl+0x73/0xb0 [ 29.364873] print_report+0xd1/0x640 [ 29.365381] ? __virt_addr_valid+0x1db/0x2d0 [ 29.365913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.366535] kasan_report+0x102/0x140 [ 29.366995] ? kmem_cache_oob+0x404/0x530 [ 29.367320] ? kmem_cache_oob+0x404/0x530 [ 29.367767] __asan_report_load1_noabort+0x18/0x20 [ 29.368213] kmem_cache_oob+0x404/0x530 [ 29.368647] ? trace_hardirqs_on+0x37/0xe0 [ 29.369034] ? __pfx_kmem_cache_oob+0x10/0x10 [ 29.369798] ? finish_task_switch.isra.0+0x153/0x700 [ 29.370317] ? __switch_to+0x5d9/0xf60 [ 29.370876] ? __pfx_read_tsc+0x10/0x10 [ 29.371417] ? ktime_get_ts64+0x84/0x230 [ 29.371844] kunit_try_run_case+0x1b3/0x490 [ 29.372504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.373033] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.373587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.374343] ? __kthread_parkme+0x82/0x160 [ 29.374840] ? preempt_count_sub+0x50/0x80 [ 29.375477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.375949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.376955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.377984] kthread+0x257/0x310 [ 29.378252] ? __pfx_kthread+0x10/0x10 [ 29.379399] ret_from_fork+0x41/0x80 [ 29.379715] ? __pfx_kthread+0x10/0x10 [ 29.380553] ret_from_fork_asm+0x1a/0x30 [ 29.381515] </TASK> [ 29.381832] [ 29.382406] Allocated by task 214: [ 29.382714] kasan_save_stack+0x3d/0x60 [ 29.383361] kasan_save_track+0x18/0x40 [ 29.383652] kasan_save_alloc_info+0x3b/0x50 [ 29.384362] __kasan_slab_alloc+0x91/0xa0 [ 29.384671] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 29.385532] kmem_cache_oob+0x158/0x530 [ 29.385862] kunit_try_run_case+0x1b3/0x490 [ 29.387076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.387439] kthread+0x257/0x310 [ 29.387877] ret_from_fork+0x41/0x80 [ 29.388202] ret_from_fork_asm+0x1a/0x30 [ 29.388655] [ 29.388862] The buggy address belongs to the object at ffff888101ace000 [ 29.388862] which belongs to the cache test_cache of size 200 [ 29.390085] The buggy address is located 0 bytes to the right of [ 29.390085] allocated 200-byte region [ffff888101ace000, ffff888101ace0c8) [ 29.391266] [ 29.391551] The buggy address belongs to the physical page: [ 29.392014] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ace [ 29.393096] flags: 0x200000000000000(node=0|zone=2) [ 29.393845] page_type: f5(slab) [ 29.394310] raw: 0200000000000000 ffff888101627c80 dead000000000122 0000000000000000 [ 29.394985] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 29.396769] page dumped because: kasan: bad access detected [ 29.397896] [ 29.398260] Memory state around the buggy address: [ 29.398838] ffff888101acdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.400018] ffff888101ace000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.400747] >ffff888101ace080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 29.401801] ^ [ 29.402421] ffff888101ace100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.403268] ffff888101ace180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.403982] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 29.272196] ================================================================== [ 29.273257] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 29.274399] Read of size 8 at addr ffff8881029e55c0 by task kunit_try_catch/207 [ 29.275866] [ 29.276045] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.277576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.278135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.279504] Call Trace: [ 29.280066] <TASK> [ 29.280632] dump_stack_lvl+0x73/0xb0 [ 29.281450] print_report+0xd1/0x640 [ 29.281987] ? __virt_addr_valid+0x1db/0x2d0 [ 29.282726] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.283315] kasan_report+0x102/0x140 [ 29.284299] ? workqueue_uaf+0x4d8/0x560 [ 29.284930] ? workqueue_uaf+0x4d8/0x560 [ 29.285789] __asan_report_load8_noabort+0x18/0x20 [ 29.286598] workqueue_uaf+0x4d8/0x560 [ 29.287151] ? __pfx_workqueue_uaf+0x10/0x10 [ 29.288364] ? __pfx_workqueue_uaf+0x10/0x10 [ 29.288750] kunit_try_run_case+0x1b3/0x490 [ 29.289515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.290255] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.290921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.291711] ? __kthread_parkme+0x82/0x160 [ 29.292804] ? preempt_count_sub+0x50/0x80 [ 29.293376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.294300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.294919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.296715] kthread+0x257/0x310 [ 29.297473] ? __pfx_kthread+0x10/0x10 [ 29.297788] ret_from_fork+0x41/0x80 [ 29.298022] ? __pfx_kthread+0x10/0x10 [ 29.298225] ret_from_fork_asm+0x1a/0x30 [ 29.298430] </TASK> [ 29.298549] [ 29.298643] Allocated by task 207: [ 29.299012] kasan_save_stack+0x3d/0x60 [ 29.300424] kasan_save_track+0x18/0x40 [ 29.302630] kasan_save_alloc_info+0x3b/0x50 [ 29.304200] __kasan_kmalloc+0xb7/0xc0 [ 29.305085] __kmalloc_cache_noprof+0x184/0x410 [ 29.306586] workqueue_uaf+0x153/0x560 [ 29.306858] kunit_try_run_case+0x1b3/0x490 [ 29.307116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.307413] kthread+0x257/0x310 [ 29.308098] ret_from_fork+0x41/0x80 [ 29.308643] ret_from_fork_asm+0x1a/0x30 [ 29.309606] [ 29.309898] Freed by task 43: [ 29.310336] kasan_save_stack+0x3d/0x60 [ 29.310976] kasan_save_track+0x18/0x40 [ 29.311510] kasan_save_free_info+0x3f/0x60 [ 29.312275] __kasan_slab_free+0x56/0x70 [ 29.313244] kfree+0x123/0x3f0 [ 29.313893] workqueue_uaf_work+0x12/0x20 [ 29.314205] process_one_work+0x5ee/0xf60 [ 29.314576] worker_thread+0x720/0x1300 [ 29.315901] kthread+0x257/0x310 [ 29.316818] ret_from_fork+0x41/0x80 [ 29.317194] ret_from_fork_asm+0x1a/0x30 [ 29.317855] [ 29.318038] Last potentially related work creation: [ 29.318502] kasan_save_stack+0x3d/0x60 [ 29.319551] __kasan_record_aux_stack+0xae/0xc0 [ 29.320411] kasan_record_aux_stack_noalloc+0xf/0x20 [ 29.320846] __queue_work+0x67e/0xf70 [ 29.321233] queue_work_on+0x74/0xa0 [ 29.321605] workqueue_uaf+0x26e/0x560 [ 29.322017] kunit_try_run_case+0x1b3/0x490 [ 29.322455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.324339] kthread+0x257/0x310 [ 29.325079] ret_from_fork+0x41/0x80 [ 29.325808] ret_from_fork_asm+0x1a/0x30 [ 29.326248] [ 29.326867] The buggy address belongs to the object at ffff8881029e55c0 [ 29.326867] which belongs to the cache kmalloc-32 of size 32 [ 29.328514] The buggy address is located 0 bytes inside of [ 29.328514] freed 32-byte region [ffff8881029e55c0, ffff8881029e55e0) [ 29.329646] [ 29.330625] The buggy address belongs to the physical page: [ 29.331265] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 29.331809] flags: 0x200000000000000(node=0|zone=2) [ 29.332501] page_type: f5(slab) [ 29.332859] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 29.333820] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 29.334476] page dumped because: kasan: bad access detected [ 29.335149] [ 29.335337] Memory state around the buggy address: [ 29.335976] ffff8881029e5480: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 29.336735] ffff8881029e5500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.337903] >ffff8881029e5580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 29.339122] ^ [ 29.339918] ffff8881029e5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.340951] ffff8881029e5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.342357] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 29.185297] ================================================================== [ 29.186749] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 29.187776] Read of size 4 at addr ffff8881029e5540 by task swapper/1/0 [ 29.188432] [ 29.188660] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.12.0-next-20241120 #1 [ 29.189444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.190200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.191642] Call Trace: [ 29.191955] <IRQ> [ 29.192316] dump_stack_lvl+0x73/0xb0 [ 29.192733] print_report+0xd1/0x640 [ 29.193317] ? __virt_addr_valid+0x1db/0x2d0 [ 29.193774] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.194499] kasan_report+0x102/0x140 [ 29.194942] ? rcu_uaf_reclaim+0x50/0x60 [ 29.195473] ? rcu_uaf_reclaim+0x50/0x60 [ 29.195945] __asan_report_load4_noabort+0x18/0x20 [ 29.196609] rcu_uaf_reclaim+0x50/0x60 [ 29.197056] rcu_core+0x680/0x1d70 [ 29.197557] ? __pfx_rcu_core+0x10/0x10 [ 29.198033] ? ktime_get+0x69/0x150 [ 29.198513] ? handle_softirqs+0x18e/0x720 [ 29.198998] rcu_core_si+0x12/0x20 [ 29.199453] handle_softirqs+0x209/0x720 [ 29.199889] ? hrtimer_interrupt+0x2fe/0x780 [ 29.200534] ? __pfx_handle_softirqs+0x10/0x10 [ 29.200928] __irq_exit_rcu+0xc9/0x110 [ 29.201415] irq_exit_rcu+0x12/0x20 [ 29.202034] sysvec_apic_timer_interrupt+0x81/0x90 [ 29.202774] </IRQ> [ 29.202955] <TASK> [ 29.203304] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 29.204065] RIP: 0010:default_idle+0xf/0x20 [ 29.204822] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 13 f0 34 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 29.207374] RSP: 0000:ffff888100877de0 EFLAGS: 00010216 [ 29.208447] RAX: ffff88815b100000 RBX: ffff888100845000 RCX: ffffffff98f0b925 [ 29.209162] RDX: ffffed102b626b23 RSI: 0000000000000004 RDI: 000000000002ccac [ 29.209811] RBP: ffff888100877de8 R08: 0000000000000001 R09: ffffed102b626b22 [ 29.210450] R10: ffff88815b135913 R11: 0000000000000000 R12: 0000000000000001 [ 29.211426] R13: ffffed1020108a00 R14: ffffffff9ad72650 R15: 0000000000000000 [ 29.212122] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 29.212599] ? arch_cpu_idle+0xd/0x20 [ 29.213342] default_idle_call+0x48/0x80 [ 29.213540] do_idle+0x310/0x3c0 [ 29.213822] ? __pfx_do_idle+0x10/0x10 [ 29.214959] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 29.215751] ? complete+0x15b/0x1d0 [ 29.216788] cpu_startup_entry+0x5c/0x70 [ 29.217246] start_secondary+0x216/0x290 [ 29.217656] ? __pfx_start_secondary+0x10/0x10 [ 29.218297] common_startup_64+0x12c/0x138 [ 29.219370] </TASK> [ 29.219561] [ 29.219728] Allocated by task 205: [ 29.220361] kasan_save_stack+0x3d/0x60 [ 29.221023] kasan_save_track+0x18/0x40 [ 29.221949] kasan_save_alloc_info+0x3b/0x50 [ 29.222267] __kasan_kmalloc+0xb7/0xc0 [ 29.222780] __kmalloc_cache_noprof+0x184/0x410 [ 29.223841] rcu_uaf+0xb1/0x330 [ 29.224179] kunit_try_run_case+0x1b3/0x490 [ 29.224593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.225122] kthread+0x257/0x310 [ 29.225428] ret_from_fork+0x41/0x80 [ 29.226381] ret_from_fork_asm+0x1a/0x30 [ 29.226648] [ 29.226904] Freed by task 0: [ 29.227636] kasan_save_stack+0x3d/0x60 [ 29.228525] kasan_save_track+0x18/0x40 [ 29.229546] kasan_save_free_info+0x3f/0x60 [ 29.230143] __kasan_slab_free+0x56/0x70 [ 29.230955] kfree+0x123/0x3f0 [ 29.231338] rcu_uaf_reclaim+0x1f/0x60 [ 29.231782] rcu_core+0x680/0x1d70 [ 29.233210] rcu_core_si+0x12/0x20 [ 29.233535] handle_softirqs+0x209/0x720 [ 29.234528] __irq_exit_rcu+0xc9/0x110 [ 29.235088] irq_exit_rcu+0x12/0x20 [ 29.235608] sysvec_apic_timer_interrupt+0x81/0x90 [ 29.236102] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 29.237118] [ 29.237450] Last potentially related work creation: [ 29.237907] kasan_save_stack+0x3d/0x60 [ 29.238719] __kasan_record_aux_stack+0xae/0xc0 [ 29.239107] kasan_record_aux_stack_noalloc+0xf/0x20 [ 29.239896] __call_rcu_common.constprop.0+0x72/0xaa0 [ 29.240237] call_rcu+0x12/0x20 [ 29.240607] rcu_uaf+0x169/0x330 [ 29.241460] kunit_try_run_case+0x1b3/0x490 [ 29.242048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.242993] kthread+0x257/0x310 [ 29.243389] ret_from_fork+0x41/0x80 [ 29.244077] ret_from_fork_asm+0x1a/0x30 [ 29.244568] [ 29.244900] The buggy address belongs to the object at ffff8881029e5540 [ 29.244900] which belongs to the cache kmalloc-32 of size 32 [ 29.246768] The buggy address is located 0 bytes inside of [ 29.246768] freed 32-byte region [ffff8881029e5540, ffff8881029e5560) [ 29.248344] [ 29.248568] The buggy address belongs to the physical page: [ 29.249571] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 29.251329] flags: 0x200000000000000(node=0|zone=2) [ 29.251930] page_type: f5(slab) [ 29.252154] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 29.253271] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 29.254095] page dumped because: kasan: bad access detected [ 29.255090] [ 29.255477] Memory state around the buggy address: [ 29.256229] ffff8881029e5400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.257437] ffff8881029e5480: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 29.258952] >ffff8881029e5500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.260484] ^ [ 29.261014] ffff8881029e5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.261887] ffff8881029e5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.262907] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 28.992956] ================================================================== [ 28.994424] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 28.995323] Read of size 1 at addr ffff8881029e4a00 by task kunit_try_catch/203 [ 28.996200] [ 28.997220] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.998301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.999110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.000450] Call Trace: [ 29.000650] <TASK> [ 29.001123] dump_stack_lvl+0x73/0xb0 [ 29.002079] print_report+0xd1/0x640 [ 29.002970] ? __virt_addr_valid+0x1db/0x2d0 [ 29.003825] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.004749] kasan_report+0x102/0x140 [ 29.005374] ? ksize_uaf+0x19e/0x6c0 [ 29.006418] ? ksize_uaf+0x19e/0x6c0 [ 29.006784] ? ksize_uaf+0x19e/0x6c0 [ 29.007406] __kasan_check_byte+0x3d/0x50 [ 29.008126] ksize+0x20/0x60 [ 29.008522] ksize_uaf+0x19e/0x6c0 [ 29.009464] ? __pfx_ksize_uaf+0x10/0x10 [ 29.009797] ? __schedule+0xc3e/0x2790 [ 29.010329] ? __pfx_read_tsc+0x10/0x10 [ 29.011331] ? ktime_get_ts64+0x84/0x230 [ 29.011621] kunit_try_run_case+0x1b3/0x490 [ 29.012391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.013350] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.013946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.014783] ? __kthread_parkme+0x82/0x160 [ 29.014981] ? preempt_count_sub+0x50/0x80 [ 29.015175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.015384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.015764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.017237] kthread+0x257/0x310 [ 29.017506] ? __pfx_kthread+0x10/0x10 [ 29.018016] ret_from_fork+0x41/0x80 [ 29.018572] ? __pfx_kthread+0x10/0x10 [ 29.019085] ret_from_fork_asm+0x1a/0x30 [ 29.019921] </TASK> [ 29.020122] [ 29.020475] Allocated by task 203: [ 29.021161] kasan_save_stack+0x3d/0x60 [ 29.022007] kasan_save_track+0x18/0x40 [ 29.022830] kasan_save_alloc_info+0x3b/0x50 [ 29.023118] __kasan_kmalloc+0xb7/0xc0 [ 29.023788] __kmalloc_cache_noprof+0x184/0x410 [ 29.024652] ksize_uaf+0xab/0x6c0 [ 29.025296] kunit_try_run_case+0x1b3/0x490 [ 29.025705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.026190] kthread+0x257/0x310 [ 29.026744] ret_from_fork+0x41/0x80 [ 29.027011] ret_from_fork_asm+0x1a/0x30 [ 29.027966] [ 29.028260] Freed by task 203: [ 29.029024] kasan_save_stack+0x3d/0x60 [ 29.029367] kasan_save_track+0x18/0x40 [ 29.029643] kasan_save_free_info+0x3f/0x60 [ 29.029923] __kasan_slab_free+0x56/0x70 [ 29.030172] kfree+0x123/0x3f0 [ 29.030380] ksize_uaf+0x12d/0x6c0 [ 29.030602] kunit_try_run_case+0x1b3/0x490 [ 29.031964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.032286] kthread+0x257/0x310 [ 29.032502] ret_from_fork+0x41/0x80 [ 29.034198] ret_from_fork_asm+0x1a/0x30 [ 29.034492] [ 29.035525] The buggy address belongs to the object at ffff8881029e4a00 [ 29.035525] which belongs to the cache kmalloc-128 of size 128 [ 29.036306] The buggy address is located 0 bytes inside of [ 29.036306] freed 128-byte region [ffff8881029e4a00, ffff8881029e4a80) [ 29.036883] [ 29.037020] The buggy address belongs to the physical page: [ 29.037306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e4 [ 29.038869] flags: 0x200000000000000(node=0|zone=2) [ 29.039907] page_type: f5(slab) [ 29.040242] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.040622] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 29.041618] page dumped because: kasan: bad access detected [ 29.041949] [ 29.042095] Memory state around the buggy address: [ 29.042361] ffff8881029e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 29.043916] ffff8881029e4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.045589] >ffff8881029e4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.046511] ^ [ 29.046997] ffff8881029e4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.047809] ffff8881029e4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.048620] ================================================================== [ 29.106679] ================================================================== [ 29.107871] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 29.109567] Read of size 1 at addr ffff8881029e4a78 by task kunit_try_catch/203 [ 29.110372] [ 29.110576] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.111383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.112845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.113997] Call Trace: [ 29.114230] <TASK> [ 29.115136] dump_stack_lvl+0x73/0xb0 [ 29.115887] print_report+0xd1/0x640 [ 29.116631] ? __virt_addr_valid+0x1db/0x2d0 [ 29.117198] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.118104] kasan_report+0x102/0x140 [ 29.118528] ? ksize_uaf+0x5e6/0x6c0 [ 29.119266] ? ksize_uaf+0x5e6/0x6c0 [ 29.119680] __asan_report_load1_noabort+0x18/0x20 [ 29.120457] ksize_uaf+0x5e6/0x6c0 [ 29.121082] ? __pfx_ksize_uaf+0x10/0x10 [ 29.121954] ? __schedule+0xc3e/0x2790 [ 29.122601] ? __pfx_read_tsc+0x10/0x10 [ 29.123467] ? ktime_get_ts64+0x84/0x230 [ 29.124218] kunit_try_run_case+0x1b3/0x490 [ 29.125124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.125623] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.125952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.126574] ? __kthread_parkme+0x82/0x160 [ 29.127519] ? preempt_count_sub+0x50/0x80 [ 29.128300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.129603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.130227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.131086] kthread+0x257/0x310 [ 29.131600] ? __pfx_kthread+0x10/0x10 [ 29.132282] ret_from_fork+0x41/0x80 [ 29.133426] ? __pfx_kthread+0x10/0x10 [ 29.133798] ret_from_fork_asm+0x1a/0x30 [ 29.134274] </TASK> [ 29.134910] [ 29.135361] Allocated by task 203: [ 29.136037] kasan_save_stack+0x3d/0x60 [ 29.136509] kasan_save_track+0x18/0x40 [ 29.137748] kasan_save_alloc_info+0x3b/0x50 [ 29.138381] __kasan_kmalloc+0xb7/0xc0 [ 29.138736] __kmalloc_cache_noprof+0x184/0x410 [ 29.139771] ksize_uaf+0xab/0x6c0 [ 29.140100] kunit_try_run_case+0x1b3/0x490 [ 29.141124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.141594] kthread+0x257/0x310 [ 29.142124] ret_from_fork+0x41/0x80 [ 29.142577] ret_from_fork_asm+0x1a/0x30 [ 29.143283] [ 29.143464] Freed by task 203: [ 29.143937] kasan_save_stack+0x3d/0x60 [ 29.144766] kasan_save_track+0x18/0x40 [ 29.145211] kasan_save_free_info+0x3f/0x60 [ 29.145654] __kasan_slab_free+0x56/0x70 [ 29.146200] kfree+0x123/0x3f0 [ 29.146739] ksize_uaf+0x12d/0x6c0 [ 29.147378] kunit_try_run_case+0x1b3/0x490 [ 29.147850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.149025] kthread+0x257/0x310 [ 29.149309] ret_from_fork+0x41/0x80 [ 29.150224] ret_from_fork_asm+0x1a/0x30 [ 29.151522] [ 29.151796] The buggy address belongs to the object at ffff8881029e4a00 [ 29.151796] which belongs to the cache kmalloc-128 of size 128 [ 29.153844] The buggy address is located 120 bytes inside of [ 29.153844] freed 128-byte region [ffff8881029e4a00, ffff8881029e4a80) [ 29.155555] [ 29.156086] The buggy address belongs to the physical page: [ 29.156681] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e4 [ 29.157738] flags: 0x200000000000000(node=0|zone=2) [ 29.158521] page_type: f5(slab) [ 29.159394] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.160411] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 29.161938] page dumped because: kasan: bad access detected [ 29.162437] [ 29.162633] Memory state around the buggy address: [ 29.163062] ffff8881029e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 29.163581] ffff8881029e4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.165260] >ffff8881029e4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.165927] ^ [ 29.167360] ffff8881029e4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.168505] ffff8881029e4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.169675] ================================================================== [ 29.052349] ================================================================== [ 29.052921] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 29.053821] Read of size 1 at addr ffff8881029e4a00 by task kunit_try_catch/203 [ 29.054655] [ 29.054953] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 29.056440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.057012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.057870] Call Trace: [ 29.058387] <TASK> [ 29.058708] dump_stack_lvl+0x73/0xb0 [ 29.059436] print_report+0xd1/0x640 [ 29.059840] ? __virt_addr_valid+0x1db/0x2d0 [ 29.060556] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.061051] kasan_report+0x102/0x140 [ 29.061745] ? ksize_uaf+0x600/0x6c0 [ 29.062372] ? ksize_uaf+0x600/0x6c0 [ 29.062880] __asan_report_load1_noabort+0x18/0x20 [ 29.063716] ksize_uaf+0x600/0x6c0 [ 29.064021] ? __pfx_ksize_uaf+0x10/0x10 [ 29.064701] ? __schedule+0xc3e/0x2790 [ 29.065080] ? __pfx_read_tsc+0x10/0x10 [ 29.065761] ? ktime_get_ts64+0x84/0x230 [ 29.066371] kunit_try_run_case+0x1b3/0x490 [ 29.066952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.067679] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.068217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.068765] ? __kthread_parkme+0x82/0x160 [ 29.069071] ? preempt_count_sub+0x50/0x80 [ 29.069845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.070462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.071455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.072240] kthread+0x257/0x310 [ 29.072664] ? __pfx_kthread+0x10/0x10 [ 29.073513] ret_from_fork+0x41/0x80 [ 29.073977] ? __pfx_kthread+0x10/0x10 [ 29.074583] ret_from_fork_asm+0x1a/0x30 [ 29.075379] </TASK> [ 29.075735] [ 29.076047] Allocated by task 203: [ 29.076658] kasan_save_stack+0x3d/0x60 [ 29.077269] kasan_save_track+0x18/0x40 [ 29.077718] kasan_save_alloc_info+0x3b/0x50 [ 29.078304] __kasan_kmalloc+0xb7/0xc0 [ 29.078856] __kmalloc_cache_noprof+0x184/0x410 [ 29.079651] ksize_uaf+0xab/0x6c0 [ 29.080045] kunit_try_run_case+0x1b3/0x490 [ 29.080553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.081057] kthread+0x257/0x310 [ 29.081426] ret_from_fork+0x41/0x80 [ 29.082004] ret_from_fork_asm+0x1a/0x30 [ 29.082415] [ 29.082765] Freed by task 203: [ 29.083514] kasan_save_stack+0x3d/0x60 [ 29.084077] kasan_save_track+0x18/0x40 [ 29.084553] kasan_save_free_info+0x3f/0x60 [ 29.085271] __kasan_slab_free+0x56/0x70 [ 29.085810] kfree+0x123/0x3f0 [ 29.086380] ksize_uaf+0x12d/0x6c0 [ 29.086851] kunit_try_run_case+0x1b3/0x490 [ 29.087412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.087947] kthread+0x257/0x310 [ 29.088741] ret_from_fork+0x41/0x80 [ 29.089059] ret_from_fork_asm+0x1a/0x30 [ 29.089770] [ 29.089988] The buggy address belongs to the object at ffff8881029e4a00 [ 29.089988] which belongs to the cache kmalloc-128 of size 128 [ 29.091397] The buggy address is located 0 bytes inside of [ 29.091397] freed 128-byte region [ffff8881029e4a00, ffff8881029e4a80) [ 29.093034] [ 29.093218] The buggy address belongs to the physical page: [ 29.093789] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e4 [ 29.094570] flags: 0x200000000000000(node=0|zone=2) [ 29.095227] page_type: f5(slab) [ 29.095725] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.096858] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 29.097518] page dumped because: kasan: bad access detected [ 29.098185] [ 29.098522] Memory state around the buggy address: [ 29.099086] ffff8881029e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 29.099981] ffff8881029e4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.101410] >ffff8881029e4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.101988] ^ [ 29.102545] ffff8881029e4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.103611] ffff8881029e4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.104714] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 28.934832] ================================================================== [ 28.935540] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.936294] Read of size 1 at addr ffff888101ac957f by task kunit_try_catch/201 [ 28.938166] [ 28.938553] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.940014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.941123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.942020] Call Trace: [ 28.942488] <TASK> [ 28.942825] dump_stack_lvl+0x73/0xb0 [ 28.943191] print_report+0xd1/0x640 [ 28.943578] ? __virt_addr_valid+0x1db/0x2d0 [ 28.944653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.945417] kasan_report+0x102/0x140 [ 28.946205] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.946878] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.947663] __asan_report_load1_noabort+0x18/0x20 [ 28.948559] ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.949367] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.950347] ? finish_task_switch.isra.0+0x153/0x700 [ 28.950737] ? __switch_to+0x5d9/0xf60 [ 28.951565] ? __schedule+0xc3e/0x2790 [ 28.952243] ? __pfx_read_tsc+0x10/0x10 [ 28.952498] ? ktime_get_ts64+0x84/0x230 [ 28.953047] kunit_try_run_case+0x1b3/0x490 [ 28.953904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.955050] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.956266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.957291] ? __kthread_parkme+0x82/0x160 [ 28.958291] ? preempt_count_sub+0x50/0x80 [ 28.958594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.959232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.959881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.960859] kthread+0x257/0x310 [ 28.961387] ? __pfx_kthread+0x10/0x10 [ 28.961683] ret_from_fork+0x41/0x80 [ 28.962392] ? __pfx_kthread+0x10/0x10 [ 28.963232] ret_from_fork_asm+0x1a/0x30 [ 28.963664] </TASK> [ 28.964026] [ 28.964353] Allocated by task 201: [ 28.965312] kasan_save_stack+0x3d/0x60 [ 28.965681] kasan_save_track+0x18/0x40 [ 28.966080] kasan_save_alloc_info+0x3b/0x50 [ 28.966859] __kasan_kmalloc+0xb7/0xc0 [ 28.967222] __kmalloc_cache_noprof+0x184/0x410 [ 28.968112] ksize_unpoisons_memory+0xc8/0x9b0 [ 28.968462] kunit_try_run_case+0x1b3/0x490 [ 28.969384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.970448] kthread+0x257/0x310 [ 28.971047] ret_from_fork+0x41/0x80 [ 28.971485] ret_from_fork_asm+0x1a/0x30 [ 28.972408] [ 28.973080] The buggy address belongs to the object at ffff888101ac9500 [ 28.973080] which belongs to the cache kmalloc-128 of size 128 [ 28.974368] The buggy address is located 12 bytes to the right of [ 28.974368] allocated 115-byte region [ffff888101ac9500, ffff888101ac9573) [ 28.975729] [ 28.976212] The buggy address belongs to the physical page: [ 28.976908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac9 [ 28.978035] flags: 0x200000000000000(node=0|zone=2) [ 28.978910] page_type: f5(slab) [ 28.979500] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.980351] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.981025] page dumped because: kasan: bad access detected [ 28.981995] [ 28.982255] Memory state around the buggy address: [ 28.982704] ffff888101ac9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.983409] ffff888101ac9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.984229] >ffff888101ac9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.984981] ^ [ 28.985918] ffff888101ac9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.986821] ffff888101ac9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.987393] ================================================================== [ 28.822737] ================================================================== [ 28.824027] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 28.825449] Read of size 1 at addr ffff888101ac9573 by task kunit_try_catch/201 [ 28.826982] [ 28.827272] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.828029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.828562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.829708] Call Trace: [ 28.830394] <TASK> [ 28.830960] dump_stack_lvl+0x73/0xb0 [ 28.831570] print_report+0xd1/0x640 [ 28.832247] ? __virt_addr_valid+0x1db/0x2d0 [ 28.833029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.834103] kasan_report+0x102/0x140 [ 28.835259] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 28.836284] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 28.836661] __asan_report_load1_noabort+0x18/0x20 [ 28.837471] ksize_unpoisons_memory+0x81e/0x9b0 [ 28.838388] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.838978] ? finish_task_switch.isra.0+0x153/0x700 [ 28.839970] ? __switch_to+0x5d9/0xf60 [ 28.840756] ? __schedule+0xc3e/0x2790 [ 28.841148] ? __pfx_read_tsc+0x10/0x10 [ 28.841564] ? ktime_get_ts64+0x84/0x230 [ 28.841972] kunit_try_run_case+0x1b3/0x490 [ 28.842410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.843343] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.844056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.844868] ? __kthread_parkme+0x82/0x160 [ 28.845471] ? preempt_count_sub+0x50/0x80 [ 28.846051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.846788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.847510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.848307] kthread+0x257/0x310 [ 28.848746] ? __pfx_kthread+0x10/0x10 [ 28.849065] ret_from_fork+0x41/0x80 [ 28.849855] ? __pfx_kthread+0x10/0x10 [ 28.850542] ret_from_fork_asm+0x1a/0x30 [ 28.851041] </TASK> [ 28.851527] [ 28.851918] Allocated by task 201: [ 28.852496] kasan_save_stack+0x3d/0x60 [ 28.853011] kasan_save_track+0x18/0x40 [ 28.853619] kasan_save_alloc_info+0x3b/0x50 [ 28.854284] __kasan_kmalloc+0xb7/0xc0 [ 28.854854] __kmalloc_cache_noprof+0x184/0x410 [ 28.855517] ksize_unpoisons_memory+0xc8/0x9b0 [ 28.856028] kunit_try_run_case+0x1b3/0x490 [ 28.856770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.857272] kthread+0x257/0x310 [ 28.857621] ret_from_fork+0x41/0x80 [ 28.857985] ret_from_fork_asm+0x1a/0x30 [ 28.858430] [ 28.858621] The buggy address belongs to the object at ffff888101ac9500 [ 28.858621] which belongs to the cache kmalloc-128 of size 128 [ 28.860065] The buggy address is located 0 bytes to the right of [ 28.860065] allocated 115-byte region [ffff888101ac9500, ffff888101ac9573) [ 28.861603] [ 28.861877] The buggy address belongs to the physical page: [ 28.862897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac9 [ 28.863900] flags: 0x200000000000000(node=0|zone=2) [ 28.864684] page_type: f5(slab) [ 28.865149] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.866285] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.866899] page dumped because: kasan: bad access detected [ 28.867662] [ 28.867944] Memory state around the buggy address: [ 28.868660] ffff888101ac9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.869524] ffff888101ac9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.870316] >ffff888101ac9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.871017] ^ [ 28.871856] ffff888101ac9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.872769] ffff888101ac9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.873524] ================================================================== [ 28.875434] ================================================================== [ 28.876846] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.877272] Read of size 1 at addr ffff888101ac9578 by task kunit_try_catch/201 [ 28.879306] [ 28.879920] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.881424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.881966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.883123] Call Trace: [ 28.883437] <TASK> [ 28.883615] dump_stack_lvl+0x73/0xb0 [ 28.884965] print_report+0xd1/0x640 [ 28.885495] ? __virt_addr_valid+0x1db/0x2d0 [ 28.886166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.887295] kasan_report+0x102/0x140 [ 28.887913] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.888829] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.889591] __asan_report_load1_noabort+0x18/0x20 [ 28.890449] ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.891054] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.891976] ? finish_task_switch.isra.0+0x153/0x700 [ 28.893125] ? __switch_to+0x5d9/0xf60 [ 28.893524] ? __schedule+0xc3e/0x2790 [ 28.894485] ? __pfx_read_tsc+0x10/0x10 [ 28.894859] ? ktime_get_ts64+0x84/0x230 [ 28.895574] kunit_try_run_case+0x1b3/0x490 [ 28.896286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.897597] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.898107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.898862] ? __kthread_parkme+0x82/0x160 [ 28.899265] ? preempt_count_sub+0x50/0x80 [ 28.899624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.900602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.901801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.902367] kthread+0x257/0x310 [ 28.903002] ? __pfx_kthread+0x10/0x10 [ 28.903734] ret_from_fork+0x41/0x80 [ 28.904289] ? __pfx_kthread+0x10/0x10 [ 28.904632] ret_from_fork_asm+0x1a/0x30 [ 28.905118] </TASK> [ 28.905361] [ 28.905565] Allocated by task 201: [ 28.906625] kasan_save_stack+0x3d/0x60 [ 28.907297] kasan_save_track+0x18/0x40 [ 28.908098] kasan_save_alloc_info+0x3b/0x50 [ 28.908879] __kasan_kmalloc+0xb7/0xc0 [ 28.909442] __kmalloc_cache_noprof+0x184/0x410 [ 28.910408] ksize_unpoisons_memory+0xc8/0x9b0 [ 28.910785] kunit_try_run_case+0x1b3/0x490 [ 28.911768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.912366] kthread+0x257/0x310 [ 28.913481] ret_from_fork+0x41/0x80 [ 28.913949] ret_from_fork_asm+0x1a/0x30 [ 28.914814] [ 28.915253] The buggy address belongs to the object at ffff888101ac9500 [ 28.915253] which belongs to the cache kmalloc-128 of size 128 [ 28.916868] The buggy address is located 5 bytes to the right of [ 28.916868] allocated 115-byte region [ffff888101ac9500, ffff888101ac9573) [ 28.918587] [ 28.918788] The buggy address belongs to the physical page: [ 28.919118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac9 [ 28.920635] flags: 0x200000000000000(node=0|zone=2) [ 28.921321] page_type: f5(slab) [ 28.922042] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.923071] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.924174] page dumped because: kasan: bad access detected [ 28.924921] [ 28.925190] Memory state around the buggy address: [ 28.926157] ffff888101ac9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.927124] ffff888101ac9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.928367] >ffff888101ac9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.928932] ^ [ 28.929968] ffff888101ac9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.931091] ffff888101ac9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.932318] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 28.075828] ================================================================== [ 28.076978] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 28.077970] Read of size 16 at addr ffff8881025fee40 by task kunit_try_catch/175 [ 28.079914] [ 28.080113] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.080880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.081264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.082513] Call Trace: [ 28.083117] <TASK> [ 28.083313] dump_stack_lvl+0x73/0xb0 [ 28.084265] print_report+0xd1/0x640 [ 28.085358] ? __virt_addr_valid+0x1db/0x2d0 [ 28.086106] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.086636] kasan_report+0x102/0x140 [ 28.087361] ? kmalloc_uaf_16+0x47d/0x4c0 [ 28.088263] ? kmalloc_uaf_16+0x47d/0x4c0 [ 28.088549] __asan_report_load16_noabort+0x18/0x20 [ 28.089732] kmalloc_uaf_16+0x47d/0x4c0 [ 28.090101] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 28.091557] ? __schedule+0xc3e/0x2790 [ 28.091969] ? __pfx_read_tsc+0x10/0x10 [ 28.092602] ? ktime_get_ts64+0x84/0x230 [ 28.093368] kunit_try_run_case+0x1b3/0x490 [ 28.094106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.095179] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.096172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.096551] ? __kthread_parkme+0x82/0x160 [ 28.097427] ? preempt_count_sub+0x50/0x80 [ 28.097878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.098607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.099763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.100443] kthread+0x257/0x310 [ 28.100995] ? __pfx_kthread+0x10/0x10 [ 28.101502] ret_from_fork+0x41/0x80 [ 28.102382] ? __pfx_kthread+0x10/0x10 [ 28.102666] ret_from_fork_asm+0x1a/0x30 [ 28.103215] </TASK> [ 28.103440] [ 28.104223] Allocated by task 175: [ 28.104541] kasan_save_stack+0x3d/0x60 [ 28.104976] kasan_save_track+0x18/0x40 [ 28.106253] kasan_save_alloc_info+0x3b/0x50 [ 28.106617] __kasan_kmalloc+0xb7/0xc0 [ 28.107000] __kmalloc_cache_noprof+0x184/0x410 [ 28.107788] kmalloc_uaf_16+0x15c/0x4c0 [ 28.108146] kunit_try_run_case+0x1b3/0x490 [ 28.108737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.109637] kthread+0x257/0x310 [ 28.110033] ret_from_fork+0x41/0x80 [ 28.110514] ret_from_fork_asm+0x1a/0x30 [ 28.110979] [ 28.111161] Freed by task 175: [ 28.112477] kasan_save_stack+0x3d/0x60 [ 28.112831] kasan_save_track+0x18/0x40 [ 28.113344] kasan_save_free_info+0x3f/0x60 [ 28.113926] __kasan_slab_free+0x56/0x70 [ 28.114654] kfree+0x123/0x3f0 [ 28.115482] kmalloc_uaf_16+0x1d7/0x4c0 [ 28.115895] kunit_try_run_case+0x1b3/0x490 [ 28.116563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.117890] kthread+0x257/0x310 [ 28.118218] ret_from_fork+0x41/0x80 [ 28.119327] ret_from_fork_asm+0x1a/0x30 [ 28.120271] [ 28.120520] The buggy address belongs to the object at ffff8881025fee40 [ 28.120520] which belongs to the cache kmalloc-16 of size 16 [ 28.121634] The buggy address is located 0 bytes inside of [ 28.121634] freed 16-byte region [ffff8881025fee40, ffff8881025fee50) [ 28.122460] [ 28.122778] The buggy address belongs to the physical page: [ 28.123809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 28.124549] flags: 0x200000000000000(node=0|zone=2) [ 28.125051] page_type: f5(slab) [ 28.125364] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.126038] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.126836] page dumped because: kasan: bad access detected [ 28.127291] [ 28.127441] Memory state around the buggy address: [ 28.128133] ffff8881025fed00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 28.128532] ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 28.129382] >ffff8881025fee00: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 28.129910] ^ [ 28.130830] ffff8881025fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.132392] ffff8881025fef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.133537] ================================================================== [ 28.519672] ================================================================== [ 28.521010] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 28.521924] Read of size 1 at addr ffff8881025fee68 by task kunit_try_catch/191 [ 28.523227] [ 28.523400] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.524797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.525086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.526483] Call Trace: [ 28.526847] <TASK> [ 28.527097] dump_stack_lvl+0x73/0xb0 [ 28.528031] print_report+0xd1/0x640 [ 28.528631] ? __virt_addr_valid+0x1db/0x2d0 [ 28.529455] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.529963] kasan_report+0x102/0x140 [ 28.530351] ? kmalloc_uaf+0x322/0x380 [ 28.530722] ? kmalloc_uaf+0x322/0x380 [ 28.531111] __asan_report_load1_noabort+0x18/0x20 [ 28.531569] kmalloc_uaf+0x322/0x380 [ 28.532435] ? __pfx_kmalloc_uaf+0x10/0x10 [ 28.533408] ? __schedule+0xc3e/0x2790 [ 28.534330] ? __pfx_read_tsc+0x10/0x10 [ 28.535178] ? ktime_get_ts64+0x84/0x230 [ 28.536087] kunit_try_run_case+0x1b3/0x490 [ 28.537011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.538035] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.539073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.539774] ? __kthread_parkme+0x82/0x160 [ 28.540232] ? preempt_count_sub+0x50/0x80 [ 28.540623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.541255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.541881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.542473] kthread+0x257/0x310 [ 28.542910] ? __pfx_kthread+0x10/0x10 [ 28.543595] ret_from_fork+0x41/0x80 [ 28.544124] ? __pfx_kthread+0x10/0x10 [ 28.544655] ret_from_fork_asm+0x1a/0x30 [ 28.545054] </TASK> [ 28.545419] [ 28.545644] Allocated by task 191: [ 28.545967] kasan_save_stack+0x3d/0x60 [ 28.546390] kasan_save_track+0x18/0x40 [ 28.546934] kasan_save_alloc_info+0x3b/0x50 [ 28.547235] __kasan_kmalloc+0xb7/0xc0 [ 28.547501] __kmalloc_cache_noprof+0x184/0x410 [ 28.547821] kmalloc_uaf+0xab/0x380 [ 28.548591] kunit_try_run_case+0x1b3/0x490 [ 28.549249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.549658] kthread+0x257/0x310 [ 28.550578] ret_from_fork+0x41/0x80 [ 28.550918] ret_from_fork_asm+0x1a/0x30 [ 28.551800] [ 28.551976] Freed by task 191: [ 28.552308] kasan_save_stack+0x3d/0x60 [ 28.552945] kasan_save_track+0x18/0x40 [ 28.553508] kasan_save_free_info+0x3f/0x60 [ 28.553998] __kasan_slab_free+0x56/0x70 [ 28.554617] kfree+0x123/0x3f0 [ 28.554879] kmalloc_uaf+0x12d/0x380 [ 28.555145] kunit_try_run_case+0x1b3/0x490 [ 28.555433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.556197] kthread+0x257/0x310 [ 28.556657] ret_from_fork+0x41/0x80 [ 28.557145] ret_from_fork_asm+0x1a/0x30 [ 28.557831] [ 28.558108] The buggy address belongs to the object at ffff8881025fee60 [ 28.558108] which belongs to the cache kmalloc-16 of size 16 [ 28.559603] The buggy address is located 8 bytes inside of [ 28.559603] freed 16-byte region [ffff8881025fee60, ffff8881025fee70) [ 28.561322] [ 28.561482] The buggy address belongs to the physical page: [ 28.562883] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 28.564012] flags: 0x200000000000000(node=0|zone=2) [ 28.565365] page_type: f5(slab) [ 28.566301] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.566948] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.567523] page dumped because: kasan: bad access detected [ 28.567975] [ 28.568165] Memory state around the buggy address: [ 28.568557] ffff8881025fed00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 28.569466] ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 28.570945] >ffff8881025fee00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.572052] ^ [ 28.572796] ffff8881025fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.573816] ffff8881025fef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.574493] ================================================================== [ 28.633005] ================================================================== [ 28.634152] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 28.634803] Read of size 1 at addr ffff888101ac7728 by task kunit_try_catch/195 [ 28.635474] [ 28.635868] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.637526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.638239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.639326] Call Trace: [ 28.639525] <TASK> [ 28.640322] dump_stack_lvl+0x73/0xb0 [ 28.641318] print_report+0xd1/0x640 [ 28.641832] ? __virt_addr_valid+0x1db/0x2d0 [ 28.642081] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.643288] kasan_report+0x102/0x140 [ 28.643681] ? kmalloc_uaf2+0x4aa/0x520 [ 28.644017] ? kmalloc_uaf2+0x4aa/0x520 [ 28.645139] __asan_report_load1_noabort+0x18/0x20 [ 28.646445] kmalloc_uaf2+0x4aa/0x520 [ 28.646956] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 28.647308] ? finish_task_switch.isra.0+0x153/0x700 [ 28.648238] ? __switch_to+0x5d9/0xf60 [ 28.648647] ? __schedule+0xc3e/0x2790 [ 28.648926] ? __pfx_read_tsc+0x10/0x10 [ 28.649429] ? ktime_get_ts64+0x84/0x230 [ 28.650458] kunit_try_run_case+0x1b3/0x490 [ 28.651014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.651851] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.652177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.652738] ? __kthread_parkme+0x82/0x160 [ 28.653494] ? preempt_count_sub+0x50/0x80 [ 28.653999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.654645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.656135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.656912] kthread+0x257/0x310 [ 28.657529] ? __pfx_kthread+0x10/0x10 [ 28.658406] ret_from_fork+0x41/0x80 [ 28.658828] ? __pfx_kthread+0x10/0x10 [ 28.659490] ret_from_fork_asm+0x1a/0x30 [ 28.660135] </TASK> [ 28.660438] [ 28.660784] Allocated by task 195: [ 28.661372] kasan_save_stack+0x3d/0x60 [ 28.662296] kasan_save_track+0x18/0x40 [ 28.663033] kasan_save_alloc_info+0x3b/0x50 [ 28.663665] __kasan_kmalloc+0xb7/0xc0 [ 28.664080] __kmalloc_cache_noprof+0x184/0x410 [ 28.665375] kmalloc_uaf2+0xc7/0x520 [ 28.665583] kunit_try_run_case+0x1b3/0x490 [ 28.665888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.667421] kthread+0x257/0x310 [ 28.667651] ret_from_fork+0x41/0x80 [ 28.668222] ret_from_fork_asm+0x1a/0x30 [ 28.669110] [ 28.669411] Freed by task 195: [ 28.669833] kasan_save_stack+0x3d/0x60 [ 28.670269] kasan_save_track+0x18/0x40 [ 28.671490] kasan_save_free_info+0x3f/0x60 [ 28.672498] __kasan_slab_free+0x56/0x70 [ 28.672869] kfree+0x123/0x3f0 [ 28.673289] kmalloc_uaf2+0x14d/0x520 [ 28.673635] kunit_try_run_case+0x1b3/0x490 [ 28.674719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.675653] kthread+0x257/0x310 [ 28.676432] ret_from_fork+0x41/0x80 [ 28.676936] ret_from_fork_asm+0x1a/0x30 [ 28.677441] [ 28.677992] The buggy address belongs to the object at ffff888101ac7700 [ 28.677992] which belongs to the cache kmalloc-64 of size 64 [ 28.679319] The buggy address is located 40 bytes inside of [ 28.679319] freed 64-byte region [ffff888101ac7700, ffff888101ac7740) [ 28.681490] [ 28.681754] The buggy address belongs to the physical page: [ 28.682864] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac7 [ 28.683624] flags: 0x200000000000000(node=0|zone=2) [ 28.684138] page_type: f5(slab) [ 28.684498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.686044] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.687003] page dumped because: kasan: bad access detected [ 28.687665] [ 28.687958] Memory state around the buggy address: [ 28.689193] ffff888101ac7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.690317] ffff888101ac7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.691254] >ffff888101ac7700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.692810] ^ [ 28.693489] ffff888101ac7780: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 28.694926] ffff888101ac7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.695397] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 28.019903] ================================================================== [ 28.021100] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 28.021885] Write of size 16 at addr ffff8881025fede0 by task kunit_try_catch/173 [ 28.022266] [ 28.022848] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 28.023734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.025240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.026118] Call Trace: [ 28.026467] <TASK> [ 28.026881] dump_stack_lvl+0x73/0xb0 [ 28.027553] print_report+0xd1/0x640 [ 28.028363] ? __virt_addr_valid+0x1db/0x2d0 [ 28.029408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.030113] kasan_report+0x102/0x140 [ 28.030952] ? kmalloc_oob_16+0x454/0x4a0 [ 28.031572] ? kmalloc_oob_16+0x454/0x4a0 [ 28.032702] __asan_report_store16_noabort+0x1b/0x30 [ 28.033293] kmalloc_oob_16+0x454/0x4a0 [ 28.033984] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 28.034487] ? __schedule+0xc3e/0x2790 [ 28.035479] ? __pfx_read_tsc+0x10/0x10 [ 28.035804] ? ktime_get_ts64+0x84/0x230 [ 28.036847] kunit_try_run_case+0x1b3/0x490 [ 28.037263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.038077] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.039000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.040076] ? __kthread_parkme+0x82/0x160 [ 28.040933] ? preempt_count_sub+0x50/0x80 [ 28.041823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.042734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.043266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.043937] kthread+0x257/0x310 [ 28.044727] ? __pfx_kthread+0x10/0x10 [ 28.045034] ret_from_fork+0x41/0x80 [ 28.046053] ? __pfx_kthread+0x10/0x10 [ 28.046467] ret_from_fork_asm+0x1a/0x30 [ 28.047475] </TASK> [ 28.047705] [ 28.048539] Allocated by task 173: [ 28.049048] kasan_save_stack+0x3d/0x60 [ 28.049790] kasan_save_track+0x18/0x40 [ 28.050315] kasan_save_alloc_info+0x3b/0x50 [ 28.050962] __kasan_kmalloc+0xb7/0xc0 [ 28.051860] __kmalloc_cache_noprof+0x184/0x410 [ 28.052756] kmalloc_oob_16+0xa9/0x4a0 [ 28.053621] kunit_try_run_case+0x1b3/0x490 [ 28.053918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.054457] kthread+0x257/0x310 [ 28.055444] ret_from_fork+0x41/0x80 [ 28.055748] ret_from_fork_asm+0x1a/0x30 [ 28.056501] [ 28.056833] The buggy address belongs to the object at ffff8881025fede0 [ 28.056833] which belongs to the cache kmalloc-16 of size 16 [ 28.058941] The buggy address is located 0 bytes inside of [ 28.058941] allocated 13-byte region [ffff8881025fede0, ffff8881025feded) [ 28.060100] [ 28.060304] The buggy address belongs to the physical page: [ 28.061057] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 28.061631] flags: 0x200000000000000(node=0|zone=2) [ 28.062277] page_type: f5(slab) [ 28.062562] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.063528] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.064092] page dumped because: kasan: bad access detected [ 28.064780] [ 28.064984] Memory state around the buggy address: [ 28.065511] ffff8881025fec80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.066050] ffff8881025fed00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 28.067066] >ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc [ 28.067500] ^ [ 28.068187] ffff8881025fee00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.069189] ffff8881025fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.069637] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 27.949513] ================================================================== [ 27.949979] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 27.950455] Read of size 1 at addr ffff888100aa1a00 by task kunit_try_catch/171 [ 27.950965] [ 27.951250] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.952547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.953103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.954866] Call Trace: [ 27.955744] <TASK> [ 27.956261] dump_stack_lvl+0x73/0xb0 [ 27.956878] print_report+0xd1/0x640 [ 27.957510] ? __virt_addr_valid+0x1db/0x2d0 [ 27.958279] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.958804] kasan_report+0x102/0x140 [ 27.959050] ? krealloc_uaf+0x53e/0x5e0 [ 27.959404] ? krealloc_uaf+0x53e/0x5e0 [ 27.959912] __asan_report_load1_noabort+0x18/0x20 [ 27.960838] krealloc_uaf+0x53e/0x5e0 [ 27.961494] ? __pfx_krealloc_uaf+0x10/0x10 [ 27.962000] ? finish_task_switch.isra.0+0x153/0x700 [ 27.962413] ? __switch_to+0x5d9/0xf60 [ 27.962725] ? __schedule+0xc3e/0x2790 [ 27.962981] ? __pfx_read_tsc+0x10/0x10 [ 27.963315] ? ktime_get_ts64+0x84/0x230 [ 27.963565] kunit_try_run_case+0x1b3/0x490 [ 27.964328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.964644] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.965566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.966396] ? __kthread_parkme+0x82/0x160 [ 27.967304] ? preempt_count_sub+0x50/0x80 [ 27.967645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.968860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.969473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.970786] kthread+0x257/0x310 [ 27.971340] ? __pfx_kthread+0x10/0x10 [ 27.972015] ret_from_fork+0x41/0x80 [ 27.972503] ? __pfx_kthread+0x10/0x10 [ 27.972947] ret_from_fork_asm+0x1a/0x30 [ 27.973773] </TASK> [ 27.974266] [ 27.974537] Allocated by task 171: [ 27.975486] kasan_save_stack+0x3d/0x60 [ 27.976571] kasan_save_track+0x18/0x40 [ 27.977086] kasan_save_alloc_info+0x3b/0x50 [ 27.977566] __kasan_kmalloc+0xb7/0xc0 [ 27.978417] __kmalloc_cache_noprof+0x184/0x410 [ 27.979104] krealloc_uaf+0xbc/0x5e0 [ 27.979591] kunit_try_run_case+0x1b3/0x490 [ 27.980098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.980595] kthread+0x257/0x310 [ 27.981776] ret_from_fork+0x41/0x80 [ 27.982657] ret_from_fork_asm+0x1a/0x30 [ 27.983073] [ 27.983521] Freed by task 171: [ 27.984002] kasan_save_stack+0x3d/0x60 [ 27.984529] kasan_save_track+0x18/0x40 [ 27.985341] kasan_save_free_info+0x3f/0x60 [ 27.985835] __kasan_slab_free+0x56/0x70 [ 27.986913] kfree+0x123/0x3f0 [ 27.987312] krealloc_uaf+0x13e/0x5e0 [ 27.988030] kunit_try_run_case+0x1b3/0x490 [ 27.988547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.989759] kthread+0x257/0x310 [ 27.990419] ret_from_fork+0x41/0x80 [ 27.990900] ret_from_fork_asm+0x1a/0x30 [ 27.991758] [ 27.992047] The buggy address belongs to the object at ffff888100aa1a00 [ 27.992047] which belongs to the cache kmalloc-256 of size 256 [ 27.993551] The buggy address is located 0 bytes inside of [ 27.993551] freed 256-byte region [ffff888100aa1a00, ffff888100aa1b00) [ 27.995490] [ 27.995925] The buggy address belongs to the physical page: [ 27.996780] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.997990] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.998774] flags: 0x200000000000040(head|node=0|zone=2) [ 27.999473] page_type: f5(slab) [ 28.000206] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 28.001099] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.002652] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 28.003241] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.004409] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 28.005465] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 28.006404] page dumped because: kasan: bad access detected [ 28.006865] [ 28.007449] Memory state around the buggy address: [ 28.008204] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.009115] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.010229] >ffff888100aa1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.010895] ^ [ 28.011674] ffff888100aa1a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.012553] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.013626] ================================================================== [ 27.883330] ================================================================== [ 27.884986] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 27.885736] Read of size 1 at addr ffff888100aa1a00 by task kunit_try_catch/171 [ 27.886396] [ 27.886609] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.888654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.889411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.890291] Call Trace: [ 27.890484] <TASK> [ 27.890812] dump_stack_lvl+0x73/0xb0 [ 27.891661] print_report+0xd1/0x640 [ 27.892079] ? __virt_addr_valid+0x1db/0x2d0 [ 27.892543] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.893646] kasan_report+0x102/0x140 [ 27.894305] ? krealloc_uaf+0x1b9/0x5e0 [ 27.895080] ? krealloc_uaf+0x1b9/0x5e0 [ 27.895744] ? krealloc_uaf+0x1b9/0x5e0 [ 27.896815] __kasan_check_byte+0x3d/0x50 [ 27.897252] krealloc_noprof+0x3f/0x340 [ 27.898195] krealloc_uaf+0x1b9/0x5e0 [ 27.898565] ? __pfx_krealloc_uaf+0x10/0x10 [ 27.899291] ? finish_task_switch.isra.0+0x153/0x700 [ 27.900212] ? __switch_to+0x5d9/0xf60 [ 27.900914] ? __schedule+0xc3e/0x2790 [ 27.901869] ? __pfx_read_tsc+0x10/0x10 [ 27.902236] ? ktime_get_ts64+0x84/0x230 [ 27.902737] kunit_try_run_case+0x1b3/0x490 [ 27.903777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.904090] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.905031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.905710] ? __kthread_parkme+0x82/0x160 [ 27.906103] ? preempt_count_sub+0x50/0x80 [ 27.907239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.907708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.908468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.909110] kthread+0x257/0x310 [ 27.909494] ? __pfx_kthread+0x10/0x10 [ 27.910161] ret_from_fork+0x41/0x80 [ 27.910945] ? __pfx_kthread+0x10/0x10 [ 27.911397] ret_from_fork_asm+0x1a/0x30 [ 27.912841] </TASK> [ 27.913028] [ 27.913215] Allocated by task 171: [ 27.913545] kasan_save_stack+0x3d/0x60 [ 27.914573] kasan_save_track+0x18/0x40 [ 27.915462] kasan_save_alloc_info+0x3b/0x50 [ 27.915911] __kasan_kmalloc+0xb7/0xc0 [ 27.916338] __kmalloc_cache_noprof+0x184/0x410 [ 27.916775] krealloc_uaf+0xbc/0x5e0 [ 27.917221] kunit_try_run_case+0x1b3/0x490 [ 27.917796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.918636] kthread+0x257/0x310 [ 27.919022] ret_from_fork+0x41/0x80 [ 27.919701] ret_from_fork_asm+0x1a/0x30 [ 27.920064] [ 27.920303] Freed by task 171: [ 27.920985] kasan_save_stack+0x3d/0x60 [ 27.921637] kasan_save_track+0x18/0x40 [ 27.922238] kasan_save_free_info+0x3f/0x60 [ 27.922732] __kasan_slab_free+0x56/0x70 [ 27.923320] kfree+0x123/0x3f0 [ 27.923774] krealloc_uaf+0x13e/0x5e0 [ 27.924382] kunit_try_run_case+0x1b3/0x490 [ 27.924975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.925621] kthread+0x257/0x310 [ 27.925947] ret_from_fork+0x41/0x80 [ 27.926541] ret_from_fork_asm+0x1a/0x30 [ 27.926987] [ 27.927398] The buggy address belongs to the object at ffff888100aa1a00 [ 27.927398] which belongs to the cache kmalloc-256 of size 256 [ 27.928756] The buggy address is located 0 bytes inside of [ 27.928756] freed 256-byte region [ffff888100aa1a00, ffff888100aa1b00) [ 27.930236] [ 27.930595] The buggy address belongs to the physical page: [ 27.931142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.932022] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.933012] flags: 0x200000000000040(head|node=0|zone=2) [ 27.933597] page_type: f5(slab) [ 27.934003] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.934726] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.935968] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.936855] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.937732] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 27.938523] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.939922] page dumped because: kasan: bad access detected [ 27.940559] [ 27.940842] Memory state around the buggy address: [ 27.941254] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.942126] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.942483] >ffff888100aa1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.942871] ^ [ 27.943075] ffff888100aa1a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.943425] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.945794] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 27.268648] ================================================================== [ 27.269707] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 27.270390] Write of size 1 at addr ffff888100aa18c9 by task kunit_try_catch/165 [ 27.271165] [ 27.271416] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.272212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.272701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.273404] Call Trace: [ 27.274012] <TASK> [ 27.274229] dump_stack_lvl+0x73/0xb0 [ 27.274743] print_report+0xd1/0x640 [ 27.275439] ? __virt_addr_valid+0x1db/0x2d0 [ 27.275794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.276372] kasan_report+0x102/0x140 [ 27.276973] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 27.277313] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 27.277947] __asan_report_store1_noabort+0x1b/0x30 [ 27.278518] krealloc_less_oob_helper+0xd72/0x11d0 [ 27.279030] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.279486] ? finish_task_switch.isra.0+0x153/0x700 [ 27.280328] ? __switch_to+0x5d9/0xf60 [ 27.280621] ? __schedule+0xc3e/0x2790 [ 27.281249] ? __pfx_read_tsc+0x10/0x10 [ 27.281764] krealloc_less_oob+0x1c/0x30 [ 27.282102] kunit_try_run_case+0x1b3/0x490 [ 27.282415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.282882] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.283450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.284505] ? __kthread_parkme+0x82/0x160 [ 27.285031] ? preempt_count_sub+0x50/0x80 [ 27.285837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.286289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.286671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.287177] kthread+0x257/0x310 [ 27.287614] ? __pfx_kthread+0x10/0x10 [ 27.288107] ret_from_fork+0x41/0x80 [ 27.288551] ? __pfx_kthread+0x10/0x10 [ 27.289301] ret_from_fork_asm+0x1a/0x30 [ 27.289808] </TASK> [ 27.290114] [ 27.290266] Allocated by task 165: [ 27.290506] kasan_save_stack+0x3d/0x60 [ 27.290876] kasan_save_track+0x18/0x40 [ 27.291669] kasan_save_alloc_info+0x3b/0x50 [ 27.292180] __kasan_krealloc+0x190/0x1f0 [ 27.292882] krealloc_noprof+0xf3/0x340 [ 27.293408] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.293886] krealloc_less_oob+0x1c/0x30 [ 27.294533] kunit_try_run_case+0x1b3/0x490 [ 27.295324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.295717] kthread+0x257/0x310 [ 27.296234] ret_from_fork+0x41/0x80 [ 27.296501] ret_from_fork_asm+0x1a/0x30 [ 27.297078] [ 27.297305] The buggy address belongs to the object at ffff888100aa1800 [ 27.297305] which belongs to the cache kmalloc-256 of size 256 [ 27.298347] The buggy address is located 0 bytes to the right of [ 27.298347] allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9) [ 27.299062] [ 27.299304] The buggy address belongs to the physical page: [ 27.300165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.301247] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.301750] flags: 0x200000000000040(head|node=0|zone=2) [ 27.302181] page_type: f5(slab) [ 27.302428] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.303049] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.303893] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.305753] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.306381] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 27.307444] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.308178] page dumped because: kasan: bad access detected [ 27.308575] [ 27.308932] Memory state around the buggy address: [ 27.309599] ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.310163] ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.310568] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.311430] ^ [ 27.312284] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.312944] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.313430] ================================================================== [ 27.314866] ================================================================== [ 27.316052] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 27.316509] Write of size 1 at addr ffff888100aa18d0 by task kunit_try_catch/165 [ 27.317436] [ 27.317605] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.319439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.319755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.320812] Call Trace: [ 27.321039] <TASK> [ 27.321443] dump_stack_lvl+0x73/0xb0 [ 27.321817] print_report+0xd1/0x640 [ 27.322353] ? __virt_addr_valid+0x1db/0x2d0 [ 27.322678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.323709] kasan_report+0x102/0x140 [ 27.323996] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.324336] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.324963] __asan_report_store1_noabort+0x1b/0x30 [ 27.325819] krealloc_less_oob_helper+0xe25/0x11d0 [ 27.326327] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.326677] ? finish_task_switch.isra.0+0x153/0x700 [ 27.327631] ? __switch_to+0x5d9/0xf60 [ 27.328412] ? __schedule+0xc3e/0x2790 [ 27.329007] ? __pfx_read_tsc+0x10/0x10 [ 27.329784] krealloc_less_oob+0x1c/0x30 [ 27.330317] kunit_try_run_case+0x1b3/0x490 [ 27.330642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.331246] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.331788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.332125] ? __kthread_parkme+0x82/0x160 [ 27.332997] ? preempt_count_sub+0x50/0x80 [ 27.333709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.334447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.335331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.335869] kthread+0x257/0x310 [ 27.336427] ? __pfx_kthread+0x10/0x10 [ 27.337039] ret_from_fork+0x41/0x80 [ 27.337747] ? __pfx_kthread+0x10/0x10 [ 27.338398] ret_from_fork_asm+0x1a/0x30 [ 27.339036] </TASK> [ 27.339479] [ 27.339748] Allocated by task 165: [ 27.340536] kasan_save_stack+0x3d/0x60 [ 27.341020] kasan_save_track+0x18/0x40 [ 27.341658] kasan_save_alloc_info+0x3b/0x50 [ 27.342316] __kasan_krealloc+0x190/0x1f0 [ 27.342890] krealloc_noprof+0xf3/0x340 [ 27.343441] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.343988] krealloc_less_oob+0x1c/0x30 [ 27.344886] kunit_try_run_case+0x1b3/0x490 [ 27.345386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.345920] kthread+0x257/0x310 [ 27.346325] ret_from_fork+0x41/0x80 [ 27.346866] ret_from_fork_asm+0x1a/0x30 [ 27.347453] [ 27.347644] The buggy address belongs to the object at ffff888100aa1800 [ 27.347644] which belongs to the cache kmalloc-256 of size 256 [ 27.349408] The buggy address is located 7 bytes to the right of [ 27.349408] allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9) [ 27.350786] [ 27.350990] The buggy address belongs to the physical page: [ 27.351790] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.352798] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.353750] flags: 0x200000000000040(head|node=0|zone=2) [ 27.354243] page_type: f5(slab) [ 27.354754] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.355672] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.356863] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.357721] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.358430] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 27.359403] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.360429] page dumped because: kasan: bad access detected [ 27.360950] [ 27.361225] Memory state around the buggy address: [ 27.361753] ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.362671] ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.363315] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.364087] ^ [ 27.364595] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.365215] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.366206] ================================================================== [ 27.487742] ================================================================== [ 27.488145] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 27.489553] Write of size 1 at addr ffff888100aa18eb by task kunit_try_catch/165 [ 27.490513] [ 27.490749] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.492058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.492828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.494275] Call Trace: [ 27.494581] <TASK> [ 27.494985] dump_stack_lvl+0x73/0xb0 [ 27.495782] print_report+0xd1/0x640 [ 27.496493] ? __virt_addr_valid+0x1db/0x2d0 [ 27.497497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.498055] kasan_report+0x102/0x140 [ 27.498611] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.499426] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.500407] __asan_report_store1_noabort+0x1b/0x30 [ 27.500895] krealloc_less_oob_helper+0xd49/0x11d0 [ 27.501933] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.502537] ? finish_task_switch.isra.0+0x153/0x700 [ 27.503273] ? __switch_to+0x5d9/0xf60 [ 27.503980] ? __schedule+0xc3e/0x2790 [ 27.504587] ? __pfx_read_tsc+0x10/0x10 [ 27.505210] krealloc_less_oob+0x1c/0x30 [ 27.505746] kunit_try_run_case+0x1b3/0x490 [ 27.506581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.507483] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.508157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.508744] ? __kthread_parkme+0x82/0x160 [ 27.509515] ? preempt_count_sub+0x50/0x80 [ 27.510024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.510719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.511477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.512321] kthread+0x257/0x310 [ 27.512773] ? __pfx_kthread+0x10/0x10 [ 27.513496] ret_from_fork+0x41/0x80 [ 27.514153] ? __pfx_kthread+0x10/0x10 [ 27.514527] ret_from_fork_asm+0x1a/0x30 [ 27.515091] </TASK> [ 27.515342] [ 27.515529] Allocated by task 165: [ 27.516591] kasan_save_stack+0x3d/0x60 [ 27.517113] kasan_save_track+0x18/0x40 [ 27.517982] kasan_save_alloc_info+0x3b/0x50 [ 27.518518] __kasan_krealloc+0x190/0x1f0 [ 27.519417] krealloc_noprof+0xf3/0x340 [ 27.520527] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.521458] krealloc_less_oob+0x1c/0x30 [ 27.522213] kunit_try_run_case+0x1b3/0x490 [ 27.522632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.523767] kthread+0x257/0x310 [ 27.524173] ret_from_fork+0x41/0x80 [ 27.524941] ret_from_fork_asm+0x1a/0x30 [ 27.525402] [ 27.525556] The buggy address belongs to the object at ffff888100aa1800 [ 27.525556] which belongs to the cache kmalloc-256 of size 256 [ 27.527277] The buggy address is located 34 bytes to the right of [ 27.527277] allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9) [ 27.529456] [ 27.529650] The buggy address belongs to the physical page: [ 27.530272] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.531196] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.532411] flags: 0x200000000000040(head|node=0|zone=2) [ 27.533314] page_type: f5(slab) [ 27.533545] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.534336] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.535885] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.536732] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.537422] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 27.538450] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.539309] page dumped because: kasan: bad access detected [ 27.539947] [ 27.540418] Memory state around the buggy address: [ 27.540748] ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.542113] ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.543011] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.543806] ^ [ 27.544995] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.545852] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.546978] ================================================================== [ 27.746400] ================================================================== [ 27.747291] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 27.748067] Write of size 1 at addr ffff8881023260da by task kunit_try_catch/169 [ 27.748603] [ 27.749157] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.749886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.750745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.751647] Call Trace: [ 27.752045] <TASK> [ 27.752404] dump_stack_lvl+0x73/0xb0 [ 27.753438] print_report+0xd1/0x640 [ 27.753861] ? __virt_addr_valid+0x1db/0x2d0 [ 27.754518] ? kasan_addr_to_slab+0x11/0xa0 [ 27.755018] kasan_report+0x102/0x140 [ 27.755495] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.756492] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.757065] __asan_report_store1_noabort+0x1b/0x30 [ 27.757669] krealloc_less_oob_helper+0xec8/0x11d0 [ 27.758026] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.759107] ? finish_task_switch.isra.0+0x153/0x700 [ 27.759721] ? __switch_to+0x5d9/0xf60 [ 27.760492] ? __schedule+0xc3e/0x2790 [ 27.761039] ? __pfx_read_tsc+0x10/0x10 [ 27.761543] krealloc_large_less_oob+0x1c/0x30 [ 27.761971] kunit_try_run_case+0x1b3/0x490 [ 27.762308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.762871] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.763334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.764130] ? __kthread_parkme+0x82/0x160 [ 27.764608] ? preempt_count_sub+0x50/0x80 [ 27.765577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.766253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.766971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.767614] kthread+0x257/0x310 [ 27.768208] ? __pfx_kthread+0x10/0x10 [ 27.768549] ret_from_fork+0x41/0x80 [ 27.769304] ? __pfx_kthread+0x10/0x10 [ 27.770200] ret_from_fork_asm+0x1a/0x30 [ 27.770813] </TASK> [ 27.771114] [ 27.771414] The buggy address belongs to the physical page: [ 27.772133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 27.772891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.773664] flags: 0x200000000000040(head|node=0|zone=2) [ 27.774634] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.775275] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.776363] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.777111] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.778650] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000 [ 27.779333] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.780230] page dumped because: kasan: bad access detected [ 27.780935] [ 27.781120] Memory state around the buggy address: [ 27.781596] ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.782257] ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.784200] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.785323] ^ [ 27.786016] ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.787074] ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.787859] ================================================================== [ 27.789933] ================================================================== [ 27.791259] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 27.792249] Write of size 1 at addr ffff8881023260ea by task kunit_try_catch/169 [ 27.793790] [ 27.794422] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.795611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.796332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.797668] Call Trace: [ 27.798247] <TASK> [ 27.798642] dump_stack_lvl+0x73/0xb0 [ 27.799345] print_report+0xd1/0x640 [ 27.800040] ? __virt_addr_valid+0x1db/0x2d0 [ 27.800843] ? kasan_addr_to_slab+0x11/0xa0 [ 27.801665] kasan_report+0x102/0x140 [ 27.802303] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.803233] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.803642] __asan_report_store1_noabort+0x1b/0x30 [ 27.804448] krealloc_less_oob_helper+0xe92/0x11d0 [ 27.805058] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.805454] ? finish_task_switch.isra.0+0x153/0x700 [ 27.806341] ? __switch_to+0x5d9/0xf60 [ 27.807233] ? __schedule+0xc3e/0x2790 [ 27.807785] ? __pfx_read_tsc+0x10/0x10 [ 27.808280] krealloc_large_less_oob+0x1c/0x30 [ 27.808885] kunit_try_run_case+0x1b3/0x490 [ 27.809935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.810607] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.811167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.811957] ? __kthread_parkme+0x82/0x160 [ 27.812634] ? preempt_count_sub+0x50/0x80 [ 27.812985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.813934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.814792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.815365] kthread+0x257/0x310 [ 27.815997] ? __pfx_kthread+0x10/0x10 [ 27.816361] ret_from_fork+0x41/0x80 [ 27.816955] ? __pfx_kthread+0x10/0x10 [ 27.817994] ret_from_fork_asm+0x1a/0x30 [ 27.818556] </TASK> [ 27.819003] [ 27.819404] The buggy address belongs to the physical page: [ 27.819945] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 27.821006] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.822253] flags: 0x200000000000040(head|node=0|zone=2) [ 27.822754] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.823755] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.824408] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.825547] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.826346] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000 [ 27.827278] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.827964] page dumped because: kasan: bad access detected [ 27.828585] [ 27.828838] Memory state around the buggy address: [ 27.829268] ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.829853] ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.830468] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.831587] ^ [ 27.832410] ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.833126] ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.833936] ================================================================== [ 27.836021] ================================================================== [ 27.837179] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 27.837807] Write of size 1 at addr ffff8881023260eb by task kunit_try_catch/169 [ 27.838594] [ 27.838845] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.839879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.840300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.841530] Call Trace: [ 27.841825] <TASK> [ 27.842264] dump_stack_lvl+0x73/0xb0 [ 27.842740] print_report+0xd1/0x640 [ 27.843313] ? __virt_addr_valid+0x1db/0x2d0 [ 27.843811] ? kasan_addr_to_slab+0x11/0xa0 [ 27.844472] kasan_report+0x102/0x140 [ 27.844910] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.846047] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.846556] __asan_report_store1_noabort+0x1b/0x30 [ 27.847266] krealloc_less_oob_helper+0xd49/0x11d0 [ 27.847916] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.848446] ? finish_task_switch.isra.0+0x153/0x700 [ 27.849227] ? __switch_to+0x5d9/0xf60 [ 27.849587] ? __schedule+0xc3e/0x2790 [ 27.850465] ? __pfx_read_tsc+0x10/0x10 [ 27.851079] krealloc_large_less_oob+0x1c/0x30 [ 27.851729] kunit_try_run_case+0x1b3/0x490 [ 27.852387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.852992] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.853383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.853734] ? __kthread_parkme+0x82/0x160 [ 27.854791] ? preempt_count_sub+0x50/0x80 [ 27.855508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.856094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.856859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.857296] kthread+0x257/0x310 [ 27.857559] ? __pfx_kthread+0x10/0x10 [ 27.858066] ret_from_fork+0x41/0x80 [ 27.859074] ? __pfx_kthread+0x10/0x10 [ 27.859498] ret_from_fork_asm+0x1a/0x30 [ 27.860274] </TASK> [ 27.860462] [ 27.860779] The buggy address belongs to the physical page: [ 27.861410] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 27.862559] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.863030] flags: 0x200000000000040(head|node=0|zone=2) [ 27.863854] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.864642] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.865404] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.866166] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.867480] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000 [ 27.868325] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.869398] page dumped because: kasan: bad access detected [ 27.869910] [ 27.870055] Memory state around the buggy address: [ 27.871383] ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.872027] ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.873319] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.874010] ^ [ 27.875627] ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.876219] ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.877248] ================================================================== [ 27.431656] ================================================================== [ 27.432311] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 27.433342] Write of size 1 at addr ffff888100aa18ea by task kunit_try_catch/165 [ 27.434432] [ 27.434836] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.436161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.436890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.438086] Call Trace: [ 27.438436] <TASK> [ 27.438931] dump_stack_lvl+0x73/0xb0 [ 27.439677] print_report+0xd1/0x640 [ 27.440155] ? __virt_addr_valid+0x1db/0x2d0 [ 27.440839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.441701] kasan_report+0x102/0x140 [ 27.442182] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.442910] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.443528] __asan_report_store1_noabort+0x1b/0x30 [ 27.444373] krealloc_less_oob_helper+0xe92/0x11d0 [ 27.445106] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.445880] ? finish_task_switch.isra.0+0x153/0x700 [ 27.446379] ? __switch_to+0x5d9/0xf60 [ 27.447053] ? __schedule+0xc3e/0x2790 [ 27.447869] ? __pfx_read_tsc+0x10/0x10 [ 27.448501] krealloc_less_oob+0x1c/0x30 [ 27.449081] kunit_try_run_case+0x1b3/0x490 [ 27.449513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.450094] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.450528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.451180] ? __kthread_parkme+0x82/0x160 [ 27.451476] ? preempt_count_sub+0x50/0x80 [ 27.452513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.453820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.454824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.455893] kthread+0x257/0x310 [ 27.456381] ? __pfx_kthread+0x10/0x10 [ 27.457025] ret_from_fork+0x41/0x80 [ 27.457487] ? __pfx_kthread+0x10/0x10 [ 27.458142] ret_from_fork_asm+0x1a/0x30 [ 27.458775] </TASK> [ 27.458985] [ 27.459231] Allocated by task 165: [ 27.460113] kasan_save_stack+0x3d/0x60 [ 27.460607] kasan_save_track+0x18/0x40 [ 27.461311] kasan_save_alloc_info+0x3b/0x50 [ 27.461683] __kasan_krealloc+0x190/0x1f0 [ 27.462514] krealloc_noprof+0xf3/0x340 [ 27.462883] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.463533] krealloc_less_oob+0x1c/0x30 [ 27.464480] kunit_try_run_case+0x1b3/0x490 [ 27.465301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.465750] kthread+0x257/0x310 [ 27.466133] ret_from_fork+0x41/0x80 [ 27.466659] ret_from_fork_asm+0x1a/0x30 [ 27.467406] [ 27.467724] The buggy address belongs to the object at ffff888100aa1800 [ 27.467724] which belongs to the cache kmalloc-256 of size 256 [ 27.469113] The buggy address is located 33 bytes to the right of [ 27.469113] allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9) [ 27.470325] [ 27.470576] The buggy address belongs to the physical page: [ 27.471648] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.472351] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.473190] flags: 0x200000000000040(head|node=0|zone=2) [ 27.474073] page_type: f5(slab) [ 27.474315] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.475315] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.476311] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.477071] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.477946] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 27.478638] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.479475] page dumped because: kasan: bad access detected [ 27.480584] [ 27.480833] Memory state around the buggy address: [ 27.481216] ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.482199] ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.483079] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.484251] ^ [ 27.485009] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.486023] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.486816] ================================================================== [ 27.370043] ================================================================== [ 27.370718] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 27.371595] Write of size 1 at addr ffff888100aa18da by task kunit_try_catch/165 [ 27.372870] [ 27.373237] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.374620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.375141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.376211] Call Trace: [ 27.376804] <TASK> [ 27.377423] dump_stack_lvl+0x73/0xb0 [ 27.377947] print_report+0xd1/0x640 [ 27.378634] ? __virt_addr_valid+0x1db/0x2d0 [ 27.379407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.380070] kasan_report+0x102/0x140 [ 27.380638] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.381359] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.381866] __asan_report_store1_noabort+0x1b/0x30 [ 27.382890] krealloc_less_oob_helper+0xec8/0x11d0 [ 27.383705] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.384511] ? finish_task_switch.isra.0+0x153/0x700 [ 27.385063] ? __switch_to+0x5d9/0xf60 [ 27.385622] ? __schedule+0xc3e/0x2790 [ 27.386441] ? __pfx_read_tsc+0x10/0x10 [ 27.387075] krealloc_less_oob+0x1c/0x30 [ 27.387780] kunit_try_run_case+0x1b3/0x490 [ 27.388331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.389053] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.389425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.390233] ? __kthread_parkme+0x82/0x160 [ 27.390681] ? preempt_count_sub+0x50/0x80 [ 27.391103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.391559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.392642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.393531] kthread+0x257/0x310 [ 27.394204] ? __pfx_kthread+0x10/0x10 [ 27.394785] ret_from_fork+0x41/0x80 [ 27.395366] ? __pfx_kthread+0x10/0x10 [ 27.395940] ret_from_fork_asm+0x1a/0x30 [ 27.396569] </TASK> [ 27.396972] [ 27.397568] Allocated by task 165: [ 27.397956] kasan_save_stack+0x3d/0x60 [ 27.398765] kasan_save_track+0x18/0x40 [ 27.399386] kasan_save_alloc_info+0x3b/0x50 [ 27.399803] __kasan_krealloc+0x190/0x1f0 [ 27.400511] krealloc_noprof+0xf3/0x340 [ 27.401053] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.401897] krealloc_less_oob+0x1c/0x30 [ 27.402735] kunit_try_run_case+0x1b3/0x490 [ 27.403386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.404070] kthread+0x257/0x310 [ 27.404579] ret_from_fork+0x41/0x80 [ 27.405060] ret_from_fork_asm+0x1a/0x30 [ 27.405884] [ 27.406206] The buggy address belongs to the object at ffff888100aa1800 [ 27.406206] which belongs to the cache kmalloc-256 of size 256 [ 27.408118] The buggy address is located 17 bytes to the right of [ 27.408118] allocated 201-byte region [ffff888100aa1800, ffff888100aa18c9) [ 27.409293] [ 27.409466] The buggy address belongs to the physical page: [ 27.410532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 27.410959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.411329] flags: 0x200000000000040(head|node=0|zone=2) [ 27.411621] page_type: f5(slab) [ 27.411883] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.412565] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.413661] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.414446] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.417060] head: 0200000000000001 ffffea000402a801 ffffffffffffffff 0000000000000000 [ 27.419868] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.420240] page dumped because: kasan: bad access detected [ 27.420521] [ 27.420653] Memory state around the buggy address: [ 27.420950] ffff888100aa1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.421314] ffff888100aa1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.421669] >ffff888100aa1880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.425415] ^ [ 27.427140] ffff888100aa1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.428761] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.430199] ================================================================== [ 27.653765] ================================================================== [ 27.655056] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 27.655584] Write of size 1 at addr ffff8881023260c9 by task kunit_try_catch/169 [ 27.656672] [ 27.656993] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.658675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.659445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.660334] Call Trace: [ 27.660794] <TASK> [ 27.661075] dump_stack_lvl+0x73/0xb0 [ 27.661579] print_report+0xd1/0x640 [ 27.662374] ? __virt_addr_valid+0x1db/0x2d0 [ 27.662967] ? kasan_addr_to_slab+0x11/0xa0 [ 27.663385] kasan_report+0x102/0x140 [ 27.663966] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 27.664535] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 27.665358] __asan_report_store1_noabort+0x1b/0x30 [ 27.665866] krealloc_less_oob_helper+0xd72/0x11d0 [ 27.666761] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.667415] ? finish_task_switch.isra.0+0x153/0x700 [ 27.667998] ? __switch_to+0x5d9/0xf60 [ 27.668481] ? __schedule+0xc3e/0x2790 [ 27.669059] ? __pfx_read_tsc+0x10/0x10 [ 27.669620] krealloc_large_less_oob+0x1c/0x30 [ 27.670210] kunit_try_run_case+0x1b3/0x490 [ 27.671026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.671650] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.672271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.672681] ? __kthread_parkme+0x82/0x160 [ 27.673395] ? preempt_count_sub+0x50/0x80 [ 27.673873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.674657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.675307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.675963] kthread+0x257/0x310 [ 27.676284] ? __pfx_kthread+0x10/0x10 [ 27.676538] ret_from_fork+0x41/0x80 [ 27.679304] ? __pfx_kthread+0x10/0x10 [ 27.680375] ret_from_fork_asm+0x1a/0x30 [ 27.681626] </TASK> [ 27.682334] [ 27.682497] The buggy address belongs to the physical page: [ 27.684194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 27.686035] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.688148] flags: 0x200000000000040(head|node=0|zone=2) [ 27.689195] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.689591] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.691538] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.692072] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.693483] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000 [ 27.693991] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.695042] page dumped because: kasan: bad access detected [ 27.695574] [ 27.696494] Memory state around the buggy address: [ 27.697565] ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.698501] ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.699404] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.700940] ^ [ 27.701758] ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.703079] ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.703915] ================================================================== [ 27.704961] ================================================================== [ 27.706450] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 27.708568] Write of size 1 at addr ffff8881023260d0 by task kunit_try_catch/169 [ 27.709323] [ 27.709530] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.710978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.711722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.713081] Call Trace: [ 27.713764] <TASK> [ 27.714215] dump_stack_lvl+0x73/0xb0 [ 27.714885] print_report+0xd1/0x640 [ 27.715566] ? __virt_addr_valid+0x1db/0x2d0 [ 27.716033] ? kasan_addr_to_slab+0x11/0xa0 [ 27.716515] kasan_report+0x102/0x140 [ 27.716886] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.717291] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.718040] __asan_report_store1_noabort+0x1b/0x30 [ 27.718562] krealloc_less_oob_helper+0xe25/0x11d0 [ 27.719343] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.719924] ? finish_task_switch.isra.0+0x153/0x700 [ 27.720590] ? __switch_to+0x5d9/0xf60 [ 27.721235] ? __schedule+0xc3e/0x2790 [ 27.721534] ? __pfx_read_tsc+0x10/0x10 [ 27.722207] krealloc_large_less_oob+0x1c/0x30 [ 27.722624] kunit_try_run_case+0x1b3/0x490 [ 27.723462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.723877] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.724527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.725066] ? __kthread_parkme+0x82/0x160 [ 27.725709] ? preempt_count_sub+0x50/0x80 [ 27.726245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.726619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.727541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.728229] kthread+0x257/0x310 [ 27.728583] ? __pfx_kthread+0x10/0x10 [ 27.728954] ret_from_fork+0x41/0x80 [ 27.729535] ? __pfx_kthread+0x10/0x10 [ 27.729951] ret_from_fork_asm+0x1a/0x30 [ 27.730524] </TASK> [ 27.730854] [ 27.731077] The buggy address belongs to the physical page: [ 27.731603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102324 [ 27.732131] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.733211] flags: 0x200000000000040(head|node=0|zone=2) [ 27.733917] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.734745] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.735469] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.736455] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.737005] head: 0200000000000002 ffffea000408c901 ffffffffffffffff 0000000000000000 [ 27.737649] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.738269] page dumped because: kasan: bad access detected [ 27.738755] [ 27.738966] Memory state around the buggy address: [ 27.739559] ffff888102325f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.740577] ffff888102326000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.741422] >ffff888102326080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.742048] ^ [ 27.742450] ffff888102326100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.743352] ffff888102326180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.744030] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 27.601656] ================================================================== [ 27.602660] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 27.603496] Write of size 1 at addr ffff8881024f60f0 by task kunit_try_catch/167 [ 27.604969] [ 27.605206] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.606862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.607435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.608967] Call Trace: [ 27.609221] <TASK> [ 27.609412] dump_stack_lvl+0x73/0xb0 [ 27.610491] print_report+0xd1/0x640 [ 27.611202] ? __virt_addr_valid+0x1db/0x2d0 [ 27.611789] ? kasan_addr_to_slab+0x11/0xa0 [ 27.612540] kasan_report+0x102/0x140 [ 27.613415] ? krealloc_more_oob_helper+0x7ed/0x930 [ 27.614126] ? krealloc_more_oob_helper+0x7ed/0x930 [ 27.615014] __asan_report_store1_noabort+0x1b/0x30 [ 27.615785] krealloc_more_oob_helper+0x7ed/0x930 [ 27.616583] ? __schedule+0xc3e/0x2790 [ 27.617239] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 27.618137] ? finish_task_switch.isra.0+0x153/0x700 [ 27.618619] ? __switch_to+0x5d9/0xf60 [ 27.619025] ? __schedule+0xc3e/0x2790 [ 27.619428] ? __pfx_read_tsc+0x10/0x10 [ 27.620482] krealloc_large_more_oob+0x1c/0x30 [ 27.621228] kunit_try_run_case+0x1b3/0x490 [ 27.622390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.622791] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.623495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.624484] ? __kthread_parkme+0x82/0x160 [ 27.625075] ? preempt_count_sub+0x50/0x80 [ 27.625793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.626674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.627980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.628568] kthread+0x257/0x310 [ 27.629295] ? __pfx_kthread+0x10/0x10 [ 27.629846] ret_from_fork+0x41/0x80 [ 27.630177] ? __pfx_kthread+0x10/0x10 [ 27.630644] ret_from_fork_asm+0x1a/0x30 [ 27.631014] </TASK> [ 27.632071] [ 27.632323] The buggy address belongs to the physical page: [ 27.632674] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024f4 [ 27.633891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.634504] flags: 0x200000000000040(head|node=0|zone=2) [ 27.635540] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.636458] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.637370] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.638215] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.639499] head: 0200000000000002 ffffea0004093d01 ffffffffffffffff 0000000000000000 [ 27.640311] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.641382] page dumped because: kasan: bad access detected [ 27.641713] [ 27.641944] Memory state around the buggy address: [ 27.642908] ffff8881024f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.643492] ffff8881024f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.644547] >ffff8881024f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 27.645125] ^ [ 27.646261] ffff8881024f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.647160] ffff8881024f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.648006] ================================================================== [ 27.156273] ================================================================== [ 27.158148] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 27.158769] Write of size 1 at addr ffff888100394ceb by task kunit_try_catch/163 [ 27.160302] [ 27.160495] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.161386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.161828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.162702] Call Trace: [ 27.163014] <TASK> [ 27.163369] dump_stack_lvl+0x73/0xb0 [ 27.163782] print_report+0xd1/0x640 [ 27.165019] ? __virt_addr_valid+0x1db/0x2d0 [ 27.165927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.166315] kasan_report+0x102/0x140 [ 27.167098] ? krealloc_more_oob_helper+0x823/0x930 [ 27.168108] ? krealloc_more_oob_helper+0x823/0x930 [ 27.168790] __asan_report_store1_noabort+0x1b/0x30 [ 27.169445] krealloc_more_oob_helper+0x823/0x930 [ 27.170209] ? __schedule+0xc3e/0x2790 [ 27.170562] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 27.171114] ? __kasan_check_write+0x18/0x20 [ 27.171664] ? queued_spin_lock_slowpath+0x117/0xb40 [ 27.172293] ? irqentry_exit+0x2a/0x60 [ 27.173314] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.173812] ? trace_hardirqs_on+0x37/0xe0 [ 27.174591] ? __pfx_read_tsc+0x10/0x10 [ 27.175266] krealloc_more_oob+0x1c/0x30 [ 27.176038] kunit_try_run_case+0x1b3/0x490 [ 27.176717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.177528] ? queued_spin_lock_slowpath+0x117/0xb40 [ 27.178253] ? __kthread_parkme+0x82/0x160 [ 27.178706] ? preempt_count_sub+0x50/0x80 [ 27.179576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.180404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.181661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.182174] kthread+0x257/0x310 [ 27.182790] ? __pfx_kthread+0x10/0x10 [ 27.183590] ret_from_fork+0x41/0x80 [ 27.184285] ? __pfx_kthread+0x10/0x10 [ 27.184946] ret_from_fork_asm+0x1a/0x30 [ 27.185733] </TASK> [ 27.186053] [ 27.186675] Allocated by task 163: [ 27.186991] kasan_save_stack+0x3d/0x60 [ 27.187802] kasan_save_track+0x18/0x40 [ 27.188359] kasan_save_alloc_info+0x3b/0x50 [ 27.188800] __kasan_krealloc+0x190/0x1f0 [ 27.189112] krealloc_noprof+0xf3/0x340 [ 27.189454] krealloc_more_oob_helper+0x1aa/0x930 [ 27.190483] krealloc_more_oob+0x1c/0x30 [ 27.191011] kunit_try_run_case+0x1b3/0x490 [ 27.191567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.192461] kthread+0x257/0x310 [ 27.192797] ret_from_fork+0x41/0x80 [ 27.193320] ret_from_fork_asm+0x1a/0x30 [ 27.194120] [ 27.194398] The buggy address belongs to the object at ffff888100394c00 [ 27.194398] which belongs to the cache kmalloc-256 of size 256 [ 27.196054] The buggy address is located 0 bytes to the right of [ 27.196054] allocated 235-byte region [ffff888100394c00, ffff888100394ceb) [ 27.197436] [ 27.197839] The buggy address belongs to the physical page: [ 27.198482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 27.199595] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.200418] flags: 0x200000000000040(head|node=0|zone=2) [ 27.201221] page_type: f5(slab) [ 27.201572] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.202425] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.204004] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.204636] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.205561] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 27.206355] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.206867] page dumped because: kasan: bad access detected [ 27.207448] [ 27.207640] Memory state around the buggy address: [ 27.208309] ffff888100394b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.208867] ffff888100394c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.209655] >ffff888100394c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 27.210335] ^ [ 27.211304] ffff888100394d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.211944] ffff888100394d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.212751] ================================================================== [ 27.554007] ================================================================== [ 27.554818] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 27.556461] Write of size 1 at addr ffff8881024f60eb by task kunit_try_catch/167 [ 27.557554] [ 27.557773] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.559060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.559358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.560514] Call Trace: [ 27.560897] <TASK> [ 27.561544] dump_stack_lvl+0x73/0xb0 [ 27.562465] print_report+0xd1/0x640 [ 27.563231] ? __virt_addr_valid+0x1db/0x2d0 [ 27.563823] ? kasan_addr_to_slab+0x11/0xa0 [ 27.564180] kasan_report+0x102/0x140 [ 27.564841] ? krealloc_more_oob_helper+0x823/0x930 [ 27.565362] ? krealloc_more_oob_helper+0x823/0x930 [ 27.566147] __asan_report_store1_noabort+0x1b/0x30 [ 27.566972] krealloc_more_oob_helper+0x823/0x930 [ 27.567435] ? __schedule+0xc3e/0x2790 [ 27.567919] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 27.568612] ? finish_task_switch.isra.0+0x153/0x700 [ 27.569181] ? __switch_to+0x5d9/0xf60 [ 27.569644] ? __schedule+0xc3e/0x2790 [ 27.570592] ? __pfx_read_tsc+0x10/0x10 [ 27.571039] krealloc_large_more_oob+0x1c/0x30 [ 27.571608] kunit_try_run_case+0x1b3/0x490 [ 27.572314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.573004] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.573452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.574416] ? __kthread_parkme+0x82/0x160 [ 27.574884] ? preempt_count_sub+0x50/0x80 [ 27.575512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.575983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.576841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.577801] kthread+0x257/0x310 [ 27.578189] ? __pfx_kthread+0x10/0x10 [ 27.579006] ret_from_fork+0x41/0x80 [ 27.579494] ? __pfx_kthread+0x10/0x10 [ 27.580203] ret_from_fork_asm+0x1a/0x30 [ 27.580571] </TASK> [ 27.581041] [ 27.581327] The buggy address belongs to the physical page: [ 27.581908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024f4 [ 27.583127] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.584156] flags: 0x200000000000040(head|node=0|zone=2) [ 27.584523] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.586310] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.586958] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.588285] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.589331] head: 0200000000000002 ffffea0004093d01 ffffffffffffffff 0000000000000000 [ 27.589683] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.590352] page dumped because: kasan: bad access detected [ 27.591608] [ 27.591907] Memory state around the buggy address: [ 27.593418] ffff8881024f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.594146] ffff8881024f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.595495] >ffff8881024f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 27.596409] ^ [ 27.597587] ffff8881024f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.598291] ffff8881024f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.599388] ================================================================== [ 27.213773] ================================================================== [ 27.214371] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 27.215080] Write of size 1 at addr ffff888100394cf0 by task kunit_try_catch/163 [ 27.215650] [ 27.215926] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.217008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.217283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.218287] Call Trace: [ 27.218498] <TASK> [ 27.218893] dump_stack_lvl+0x73/0xb0 [ 27.219387] print_report+0xd1/0x640 [ 27.219833] ? __virt_addr_valid+0x1db/0x2d0 [ 27.220347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.220891] kasan_report+0x102/0x140 [ 27.221477] ? krealloc_more_oob_helper+0x7ed/0x930 [ 27.222003] ? krealloc_more_oob_helper+0x7ed/0x930 [ 27.222879] __asan_report_store1_noabort+0x1b/0x30 [ 27.223509] krealloc_more_oob_helper+0x7ed/0x930 [ 27.224139] ? __schedule+0xc3e/0x2790 [ 27.224421] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 27.224789] ? __kasan_check_write+0x18/0x20 [ 27.225172] ? queued_spin_lock_slowpath+0x117/0xb40 [ 27.225921] ? irqentry_exit+0x2a/0x60 [ 27.226660] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.227277] ? trace_hardirqs_on+0x37/0xe0 [ 27.227573] ? __pfx_read_tsc+0x10/0x10 [ 27.228533] krealloc_more_oob+0x1c/0x30 [ 27.228998] kunit_try_run_case+0x1b3/0x490 [ 27.229877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.230340] ? queued_spin_lock_slowpath+0x117/0xb40 [ 27.230885] ? __kthread_parkme+0x82/0x160 [ 27.231251] ? preempt_count_sub+0x50/0x80 [ 27.231799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.232124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.232717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.233075] kthread+0x257/0x310 [ 27.233446] ? __pfx_kthread+0x10/0x10 [ 27.234756] ret_from_fork+0x41/0x80 [ 27.235298] ? __pfx_kthread+0x10/0x10 [ 27.235603] ret_from_fork_asm+0x1a/0x30 [ 27.236814] </TASK> [ 27.237128] [ 27.237298] Allocated by task 163: [ 27.237536] kasan_save_stack+0x3d/0x60 [ 27.238375] kasan_save_track+0x18/0x40 [ 27.239551] kasan_save_alloc_info+0x3b/0x50 [ 27.240730] __kasan_krealloc+0x190/0x1f0 [ 27.241160] krealloc_noprof+0xf3/0x340 [ 27.241577] krealloc_more_oob_helper+0x1aa/0x930 [ 27.242174] krealloc_more_oob+0x1c/0x30 [ 27.242481] kunit_try_run_case+0x1b3/0x490 [ 27.243032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.243571] kthread+0x257/0x310 [ 27.244227] ret_from_fork+0x41/0x80 [ 27.244517] ret_from_fork_asm+0x1a/0x30 [ 27.245091] [ 27.245244] The buggy address belongs to the object at ffff888100394c00 [ 27.245244] which belongs to the cache kmalloc-256 of size 256 [ 27.246637] The buggy address is located 5 bytes to the right of [ 27.246637] allocated 235-byte region [ffff888100394c00, ffff888100394ceb) [ 27.247925] [ 27.248232] The buggy address belongs to the physical page: [ 27.248726] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 27.249234] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.250009] flags: 0x200000000000040(head|node=0|zone=2) [ 27.250465] page_type: f5(slab) [ 27.250728] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.251281] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.252350] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.253147] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.253585] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 27.254456] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.255419] page dumped because: kasan: bad access detected [ 27.255974] [ 27.256139] Memory state around the buggy address: [ 27.256549] ffff888100394b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.257443] ffff888100394c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.258042] >ffff888100394c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 27.259216] ^ [ 27.259910] ffff888100394d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.260406] ffff888100394d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.261020] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 27.109936] ================================================================== [ 27.112006] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 27.112636] Read of size 1 at addr ffff888102c40000 by task kunit_try_catch/161 [ 27.113200] [ 27.113433] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.114346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.114878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.116003] Call Trace: [ 27.116322] <TASK> [ 27.116762] dump_stack_lvl+0x73/0xb0 [ 27.117327] print_report+0xd1/0x640 [ 27.117751] ? __virt_addr_valid+0x1db/0x2d0 [ 27.118204] ? kasan_addr_to_slab+0x11/0xa0 [ 27.118858] kasan_report+0x102/0x140 [ 27.119139] ? page_alloc_uaf+0x358/0x3d0 [ 27.120048] ? page_alloc_uaf+0x358/0x3d0 [ 27.120640] __asan_report_load1_noabort+0x18/0x20 [ 27.121222] page_alloc_uaf+0x358/0x3d0 [ 27.121650] ? __pfx_page_alloc_uaf+0x10/0x10 [ 27.122001] ? __schedule+0xc3e/0x2790 [ 27.122348] ? __pfx_read_tsc+0x10/0x10 [ 27.123074] ? ktime_get_ts64+0x84/0x230 [ 27.123822] kunit_try_run_case+0x1b3/0x490 [ 27.124128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.124945] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.125530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.126247] ? __kthread_parkme+0x82/0x160 [ 27.126621] ? preempt_count_sub+0x50/0x80 [ 27.127176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.127616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.129462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.130500] kthread+0x257/0x310 [ 27.131035] ? __pfx_kthread+0x10/0x10 [ 27.131232] ret_from_fork+0x41/0x80 [ 27.131408] ? __pfx_kthread+0x10/0x10 [ 27.131585] ret_from_fork_asm+0x1a/0x30 [ 27.132001] </TASK> [ 27.132326] [ 27.132583] The buggy address belongs to the physical page: [ 27.133235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c40 [ 27.133903] flags: 0x200000000000000(node=0|zone=2) [ 27.134565] page_type: f0(buddy) [ 27.135261] raw: 0200000000000000 ffff88817fffb530 ffff88817fffb530 0000000000000000 [ 27.136329] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 27.137702] page dumped because: kasan: bad access detected [ 27.138096] [ 27.138370] Memory state around the buggy address: [ 27.139243] ffff888102c3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.139930] ffff888102c3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.141108] >ffff888102c40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.142179] ^ [ 27.142769] ffff888102c40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.143248] ffff888102c40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.145055] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 27.056851] ================================================================== [ 27.058251] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 27.059198] Free of addr ffff888102320001 by task kunit_try_catch/157 [ 27.060132] [ 27.061417] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.062493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.063518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.064320] Call Trace: [ 27.065149] <TASK> [ 27.065385] dump_stack_lvl+0x73/0xb0 [ 27.065719] print_report+0xd1/0x640 [ 27.066544] ? __virt_addr_valid+0x1db/0x2d0 [ 27.067313] ? kfree+0x271/0x3f0 [ 27.067647] ? kasan_addr_to_slab+0x11/0xa0 [ 27.068419] ? kfree+0x271/0x3f0 [ 27.069114] kasan_report_invalid_free+0xc0/0xf0 [ 27.069587] ? kfree+0x271/0x3f0 [ 27.069973] ? kfree+0x271/0x3f0 [ 27.070346] __kasan_kfree_large+0x86/0xd0 [ 27.071594] free_large_kmalloc+0x3b/0xd0 [ 27.072182] kfree+0x271/0x3f0 [ 27.072635] kmalloc_large_invalid_free+0x121/0x2b0 [ 27.073201] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 27.073813] ? __schedule+0xc3e/0x2790 [ 27.074444] ? __pfx_read_tsc+0x10/0x10 [ 27.075242] ? ktime_get_ts64+0x84/0x230 [ 27.076090] kunit_try_run_case+0x1b3/0x490 [ 27.076514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.077646] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.078439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.078791] ? __kthread_parkme+0x82/0x160 [ 27.079228] ? preempt_count_sub+0x50/0x80 [ 27.079639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.080025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.080635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.081207] kthread+0x257/0x310 [ 27.081571] ? __pfx_kthread+0x10/0x10 [ 27.082577] ret_from_fork+0x41/0x80 [ 27.083123] ? __pfx_kthread+0x10/0x10 [ 27.083429] ret_from_fork_asm+0x1a/0x30 [ 27.084126] </TASK> [ 27.084419] [ 27.084635] The buggy address belongs to the physical page: [ 27.085335] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102320 [ 27.085821] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.086945] flags: 0x200000000000040(head|node=0|zone=2) [ 27.087844] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.088559] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.090174] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.091019] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.091906] head: 0200000000000002 ffffea000408c801 ffffffffffffffff 0000000000000000 [ 27.092523] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.093445] page dumped because: kasan: bad access detected [ 27.094126] [ 27.094274] Memory state around the buggy address: [ 27.095088] ffff88810231ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.095871] ffff88810231ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.096604] >ffff888102320000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.097207] ^ [ 27.097569] ffff888102320080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.098778] ffff888102320100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.099518] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 27.010388] ================================================================== [ 27.011512] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 27.012121] Read of size 1 at addr ffff888102320000 by task kunit_try_catch/155 [ 27.013875] [ 27.014044] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 27.015113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.015454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.016865] Call Trace: [ 27.017567] <TASK> [ 27.017893] dump_stack_lvl+0x73/0xb0 [ 27.018797] print_report+0xd1/0x640 [ 27.019075] ? __virt_addr_valid+0x1db/0x2d0 [ 27.019992] ? kasan_addr_to_slab+0x11/0xa0 [ 27.020615] kasan_report+0x102/0x140 [ 27.021524] ? kmalloc_large_uaf+0x2f3/0x340 [ 27.022358] ? kmalloc_large_uaf+0x2f3/0x340 [ 27.023065] __asan_report_load1_noabort+0x18/0x20 [ 27.023511] kmalloc_large_uaf+0x2f3/0x340 [ 27.024442] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 27.025137] ? __schedule+0xc3e/0x2790 [ 27.026023] ? __pfx_read_tsc+0x10/0x10 [ 27.026891] ? ktime_get_ts64+0x84/0x230 [ 27.027601] kunit_try_run_case+0x1b3/0x490 [ 27.028762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.029135] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.029808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.030875] ? __kthread_parkme+0x82/0x160 [ 27.031683] ? preempt_count_sub+0x50/0x80 [ 27.032428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.032904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.033824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.034600] kthread+0x257/0x310 [ 27.035358] ? __pfx_kthread+0x10/0x10 [ 27.036107] ret_from_fork+0x41/0x80 [ 27.036993] ? __pfx_kthread+0x10/0x10 [ 27.037541] ret_from_fork_asm+0x1a/0x30 [ 27.038085] </TASK> [ 27.038788] [ 27.038954] The buggy address belongs to the physical page: [ 27.039985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102320 [ 27.040953] flags: 0x200000000000000(node=0|zone=2) [ 27.041814] raw: 0200000000000000 ffffea000408c908 ffff88815b03f000 0000000000000000 [ 27.042508] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.043234] page dumped because: kasan: bad access detected [ 27.044621] [ 27.045353] Memory state around the buggy address: [ 27.045608] ffff88810231ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.046142] ffff88810231ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.047448] >ffff888102320000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.049110] ^ [ 27.049566] ffff888102320080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.050291] ffff888102320100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.051407] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 26.962858] ================================================================== [ 26.963906] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 26.964767] Write of size 1 at addr ffff8881024f600a by task kunit_try_catch/153 [ 26.965369] [ 26.965538] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.966668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.967792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.969578] Call Trace: [ 26.970028] <TASK> [ 26.970596] dump_stack_lvl+0x73/0xb0 [ 26.971156] print_report+0xd1/0x640 [ 26.971970] ? __virt_addr_valid+0x1db/0x2d0 [ 26.972941] ? kasan_addr_to_slab+0x11/0xa0 [ 26.973401] kasan_report+0x102/0x140 [ 26.974094] ? kmalloc_large_oob_right+0x2eb/0x340 [ 26.974515] ? kmalloc_large_oob_right+0x2eb/0x340 [ 26.975223] __asan_report_store1_noabort+0x1b/0x30 [ 26.975721] kmalloc_large_oob_right+0x2eb/0x340 [ 26.977020] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 26.977714] ? __schedule+0xc3e/0x2790 [ 26.978580] ? __pfx_read_tsc+0x10/0x10 [ 26.979007] ? ktime_get_ts64+0x84/0x230 [ 26.979588] kunit_try_run_case+0x1b3/0x490 [ 26.980062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.980565] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.980903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.982283] ? __kthread_parkme+0x82/0x160 [ 26.982640] ? preempt_count_sub+0x50/0x80 [ 26.983352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.983849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.984677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.985103] kthread+0x257/0x310 [ 26.985780] ? __pfx_kthread+0x10/0x10 [ 26.986399] ret_from_fork+0x41/0x80 [ 26.986720] ? __pfx_kthread+0x10/0x10 [ 26.987265] ret_from_fork_asm+0x1a/0x30 [ 26.987600] </TASK> [ 26.988104] [ 26.988316] The buggy address belongs to the physical page: [ 26.988906] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024f4 [ 26.991136] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.991838] flags: 0x200000000000040(head|node=0|zone=2) [ 26.992409] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.993554] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.994433] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.995767] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.996943] head: 0200000000000002 ffffea0004093d01 ffffffffffffffff 0000000000000000 [ 26.998143] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.999077] page dumped because: kasan: bad access detected [ 26.999579] [ 26.999766] Memory state around the buggy address: [ 27.000262] ffff8881024f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.001438] ffff8881024f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.002494] >ffff8881024f6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.003116] ^ [ 27.003944] ffff8881024f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.004824] ffff8881024f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.005490] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 26.900795] ================================================================== [ 26.902701] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 26.903742] Write of size 1 at addr ffff8881020edf00 by task kunit_try_catch/151 [ 26.904774] [ 26.904979] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.905943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.906940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.908115] Call Trace: [ 26.908633] <TASK> [ 26.909459] dump_stack_lvl+0x73/0xb0 [ 26.910420] print_report+0xd1/0x640 [ 26.911002] ? __virt_addr_valid+0x1db/0x2d0 [ 26.911498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.912570] kasan_report+0x102/0x140 [ 26.913382] ? kmalloc_big_oob_right+0x318/0x370 [ 26.914090] ? kmalloc_big_oob_right+0x318/0x370 [ 26.914757] __asan_report_store1_noabort+0x1b/0x30 [ 26.915752] kmalloc_big_oob_right+0x318/0x370 [ 26.916550] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 26.917639] ? __schedule+0xc3e/0x2790 [ 26.918094] ? __pfx_read_tsc+0x10/0x10 [ 26.918824] ? ktime_get_ts64+0x84/0x230 [ 26.919621] kunit_try_run_case+0x1b3/0x490 [ 26.920258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.921176] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.921624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.922928] ? __kthread_parkme+0x82/0x160 [ 26.923673] ? preempt_count_sub+0x50/0x80 [ 26.924433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.924876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.925778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.926530] kthread+0x257/0x310 [ 26.927652] ? __pfx_kthread+0x10/0x10 [ 26.928058] ret_from_fork+0x41/0x80 [ 26.928877] ? __pfx_kthread+0x10/0x10 [ 26.929884] ret_from_fork_asm+0x1a/0x30 [ 26.930301] </TASK> [ 26.930485] [ 26.930593] Allocated by task 151: [ 26.930794] kasan_save_stack+0x3d/0x60 [ 26.930975] kasan_save_track+0x18/0x40 [ 26.931313] kasan_save_alloc_info+0x3b/0x50 [ 26.932753] __kasan_kmalloc+0xb7/0xc0 [ 26.933576] __kmalloc_cache_noprof+0x184/0x410 [ 26.934928] kmalloc_big_oob_right+0xaa/0x370 [ 26.935542] kunit_try_run_case+0x1b3/0x490 [ 26.936188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.937057] kthread+0x257/0x310 [ 26.937845] ret_from_fork+0x41/0x80 [ 26.938948] ret_from_fork_asm+0x1a/0x30 [ 26.939634] [ 26.939821] The buggy address belongs to the object at ffff8881020ec000 [ 26.939821] which belongs to the cache kmalloc-8k of size 8192 [ 26.941021] The buggy address is located 0 bytes to the right of [ 26.941021] allocated 7936-byte region [ffff8881020ec000, ffff8881020edf00) [ 26.942543] [ 26.943371] The buggy address belongs to the physical page: [ 26.944112] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020e8 [ 26.944768] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.945110] flags: 0x200000000000040(head|node=0|zone=2) [ 26.945333] page_type: f5(slab) [ 26.945489] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 26.946345] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 26.947126] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 26.948169] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 26.949625] head: 0200000000000003 ffffea0004083a01 ffffffffffffffff 0000000000000000 [ 26.950377] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 26.951244] page dumped because: kasan: bad access detected [ 26.951780] [ 26.952024] Memory state around the buggy address: [ 26.952654] ffff8881020ede00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.953336] ffff8881020ede80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.953851] >ffff8881020edf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.955065] ^ [ 26.955722] ffff8881020edf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.956494] ffff8881020ee000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.957252] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 26.812650] ================================================================== [ 26.813662] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.815202] Write of size 1 at addr ffff888101abf878 by task kunit_try_catch/149 [ 26.817108] [ 26.817351] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.818402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.819114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.820090] Call Trace: [ 26.820827] <TASK> [ 26.821104] dump_stack_lvl+0x73/0xb0 [ 26.821850] print_report+0xd1/0x640 [ 26.822553] ? __virt_addr_valid+0x1db/0x2d0 [ 26.823290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.823910] kasan_report+0x102/0x140 [ 26.824669] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.825434] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.826205] __asan_report_store1_noabort+0x1b/0x30 [ 26.826670] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.827044] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 26.827614] ? __schedule+0xc3e/0x2790 [ 26.828200] ? __pfx_read_tsc+0x10/0x10 [ 26.829024] ? ktime_get_ts64+0x84/0x230 [ 26.829904] kunit_try_run_case+0x1b3/0x490 [ 26.830503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.831181] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.831992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.832429] ? __kthread_parkme+0x82/0x160 [ 26.833337] ? preempt_count_sub+0x50/0x80 [ 26.833741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.834534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.835278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.836064] kthread+0x257/0x310 [ 26.836489] ? __pfx_kthread+0x10/0x10 [ 26.836968] ret_from_fork+0x41/0x80 [ 26.837291] ? __pfx_kthread+0x10/0x10 [ 26.837887] ret_from_fork_asm+0x1a/0x30 [ 26.838349] </TASK> [ 26.838654] [ 26.838875] Allocated by task 149: [ 26.839412] kasan_save_stack+0x3d/0x60 [ 26.839729] kasan_save_track+0x18/0x40 [ 26.840242] kasan_save_alloc_info+0x3b/0x50 [ 26.840747] __kasan_kmalloc+0xb7/0xc0 [ 26.841277] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 26.841626] kmalloc_track_caller_oob_right+0x9a/0x530 [ 26.842358] kunit_try_run_case+0x1b3/0x490 [ 26.843008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.843629] kthread+0x257/0x310 [ 26.843948] ret_from_fork+0x41/0x80 [ 26.844603] ret_from_fork_asm+0x1a/0x30 [ 26.845057] [ 26.845210] The buggy address belongs to the object at ffff888101abf800 [ 26.845210] which belongs to the cache kmalloc-128 of size 128 [ 26.846661] The buggy address is located 0 bytes to the right of [ 26.846661] allocated 120-byte region [ffff888101abf800, ffff888101abf878) [ 26.847404] [ 26.847775] The buggy address belongs to the physical page: [ 26.848619] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abf [ 26.849431] flags: 0x200000000000000(node=0|zone=2) [ 26.849840] page_type: f5(slab) [ 26.850352] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.850804] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.851586] page dumped because: kasan: bad access detected [ 26.852225] [ 26.852461] Memory state around the buggy address: [ 26.852929] ffff888101abf700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.853653] ffff888101abf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.854458] >ffff888101abf800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.854966] ^ [ 26.855368] ffff888101abf880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.857179] ffff888101abf900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.858044] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 26.752277] ================================================================== [ 26.753833] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 26.754749] Read of size 1 at addr ffff888102b93000 by task kunit_try_catch/147 [ 26.755778] [ 26.756361] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.757600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.758304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.759059] Call Trace: [ 26.759968] <TASK> [ 26.760259] dump_stack_lvl+0x73/0xb0 [ 26.760560] print_report+0xd1/0x640 [ 26.761492] ? __virt_addr_valid+0x1db/0x2d0 [ 26.762871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.763438] kasan_report+0x102/0x140 [ 26.764224] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 26.764719] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 26.765177] __asan_report_load1_noabort+0x18/0x20 [ 26.765618] kmalloc_node_oob_right+0x36b/0x3d0 [ 26.766113] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 26.766576] ? __schedule+0xc3e/0x2790 [ 26.767880] ? __pfx_read_tsc+0x10/0x10 [ 26.768512] ? ktime_get_ts64+0x84/0x230 [ 26.769757] kunit_try_run_case+0x1b3/0x490 [ 26.770254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.770928] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.771469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.772376] ? __kthread_parkme+0x82/0x160 [ 26.773169] ? preempt_count_sub+0x50/0x80 [ 26.774019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.774600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.775220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.776546] kthread+0x257/0x310 [ 26.776803] ? __pfx_kthread+0x10/0x10 [ 26.777893] ret_from_fork+0x41/0x80 [ 26.778304] ? __pfx_kthread+0x10/0x10 [ 26.778722] ret_from_fork_asm+0x1a/0x30 [ 26.779034] </TASK> [ 26.779966] [ 26.780258] Allocated by task 147: [ 26.780646] kasan_save_stack+0x3d/0x60 [ 26.780962] kasan_save_track+0x18/0x40 [ 26.781378] kasan_save_alloc_info+0x3b/0x50 [ 26.782556] __kasan_kmalloc+0xb7/0xc0 [ 26.783260] __kmalloc_cache_node_noprof+0x183/0x420 [ 26.783823] kmalloc_node_oob_right+0xac/0x3d0 [ 26.784530] kunit_try_run_case+0x1b3/0x490 [ 26.784914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.785870] kthread+0x257/0x310 [ 26.786462] ret_from_fork+0x41/0x80 [ 26.787029] ret_from_fork_asm+0x1a/0x30 [ 26.787510] [ 26.787766] The buggy address belongs to the object at ffff888102b92000 [ 26.787766] which belongs to the cache kmalloc-4k of size 4096 [ 26.789800] The buggy address is located 0 bytes to the right of [ 26.789800] allocated 4096-byte region [ffff888102b92000, ffff888102b93000) [ 26.791547] [ 26.791728] The buggy address belongs to the physical page: [ 26.792470] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 26.793602] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.794784] flags: 0x200000000000040(head|node=0|zone=2) [ 26.795808] page_type: f5(slab) [ 26.796544] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 26.797646] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 26.798882] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 26.799313] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 26.800170] head: 0200000000000003 ffffea00040ae401 ffffffffffffffff 0000000000000000 [ 26.800650] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 26.801374] page dumped because: kasan: bad access detected [ 26.802381] [ 26.802669] Memory state around the buggy address: [ 26.803191] ffff888102b92f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.803882] ffff888102b92f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.804642] >ffff888102b93000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.805329] ^ [ 26.805615] ffff888102b93080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.806548] ffff888102b93100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.807211] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 26.703439] ================================================================== [ 26.704342] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 26.705306] Read of size 1 at addr ffff8881025fedbf by task kunit_try_catch/145 [ 26.705913] [ 26.706119] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.707564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.708113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.708899] Call Trace: [ 26.709356] <TASK> [ 26.709584] dump_stack_lvl+0x73/0xb0 [ 26.710077] print_report+0xd1/0x640 [ 26.710487] ? __virt_addr_valid+0x1db/0x2d0 [ 26.710978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.711895] kasan_report+0x102/0x140 [ 26.712428] ? kmalloc_oob_left+0x363/0x3c0 [ 26.712819] ? kmalloc_oob_left+0x363/0x3c0 [ 26.713327] __asan_report_load1_noabort+0x18/0x20 [ 26.713848] kmalloc_oob_left+0x363/0x3c0 [ 26.714157] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 26.714646] ? __schedule+0xc3e/0x2790 [ 26.715049] ? __pfx_read_tsc+0x10/0x10 [ 26.715759] ? ktime_get_ts64+0x84/0x230 [ 26.716414] kunit_try_run_case+0x1b3/0x490 [ 26.716983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.717540] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.717913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.718257] ? __kthread_parkme+0x82/0x160 [ 26.718904] ? preempt_count_sub+0x50/0x80 [ 26.719384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.719890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.720380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.721410] kthread+0x257/0x310 [ 26.721712] ? __pfx_kthread+0x10/0x10 [ 26.722175] ret_from_fork+0x41/0x80 [ 26.722466] ? __pfx_kthread+0x10/0x10 [ 26.722930] ret_from_fork_asm+0x1a/0x30 [ 26.723553] </TASK> [ 26.723820] [ 26.724006] Allocated by task 1: [ 26.724241] kasan_save_stack+0x3d/0x60 [ 26.724517] kasan_save_track+0x18/0x40 [ 26.724905] kasan_save_alloc_info+0x3b/0x50 [ 26.725448] __kasan_kmalloc+0xb7/0xc0 [ 26.726406] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 26.727035] kvasprintf+0xc6/0x150 [ 26.727472] __kthread_create_on_node+0x18c/0x3a0 [ 26.728223] kthread_create_on_node+0xa8/0xe0 [ 26.728632] create_worker+0x3c8/0x7a0 [ 26.728967] alloc_unbound_pwq+0x8ea/0xdb0 [ 26.729360] apply_wqattrs_prepare+0x332/0xd40 [ 26.729802] apply_workqueue_attrs_locked+0x4d/0xa0 [ 26.730593] alloc_workqueue+0xcc4/0x1ad0 [ 26.731002] latency_fsnotify_init+0x1b/0x50 [ 26.731305] do_one_initcall+0xb5/0x370 [ 26.731583] kernel_init_freeable+0x425/0x6f0 [ 26.732098] kernel_init+0x23/0x1e0 [ 26.732571] ret_from_fork+0x41/0x80 [ 26.733379] ret_from_fork_asm+0x1a/0x30 [ 26.734089] [ 26.734516] The buggy address belongs to the object at ffff8881025feda0 [ 26.734516] which belongs to the cache kmalloc-16 of size 16 [ 26.735767] The buggy address is located 18 bytes to the right of [ 26.735767] allocated 13-byte region [ffff8881025feda0, ffff8881025fedad) [ 26.736431] [ 26.736680] The buggy address belongs to the physical page: [ 26.737321] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 26.738159] flags: 0x200000000000000(node=0|zone=2) [ 26.739025] page_type: f5(slab) [ 26.739427] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.740355] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 26.740812] page dumped because: kasan: bad access detected [ 26.741138] [ 26.741289] Memory state around the buggy address: [ 26.741587] ffff8881025fec80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 26.742379] ffff8881025fed00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.743175] >ffff8881025fed80: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 26.744246] ^ [ 26.744656] ffff8881025fee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.745527] ffff8881025fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.746207] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 26.569274] ================================================================== [ 26.570367] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 26.571561] Write of size 1 at addr ffff888101abf673 by task kunit_try_catch/143 [ 26.572293] [ 26.573852] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241120 #1 [ 26.574845] Tainted: [N]=TEST [ 26.575190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.576397] Call Trace: [ 26.576780] <TASK> [ 26.577224] dump_stack_lvl+0x73/0xb0 [ 26.577834] print_report+0xd1/0x640 [ 26.578176] ? __virt_addr_valid+0x1db/0x2d0 [ 26.578647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.579064] kasan_report+0x102/0x140 [ 26.579498] ? kmalloc_oob_right+0x6f2/0x7f0 [ 26.579992] ? kmalloc_oob_right+0x6f2/0x7f0 [ 26.580421] __asan_report_store1_noabort+0x1b/0x30 [ 26.580783] kmalloc_oob_right+0x6f2/0x7f0 [ 26.581274] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.581807] ? __schedule+0xc3e/0x2790 [ 26.582183] ? __pfx_read_tsc+0x10/0x10 [ 26.582464] ? ktime_get_ts64+0x84/0x230 [ 26.582975] kunit_try_run_case+0x1b3/0x490 [ 26.583604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.583960] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.584484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.585014] ? __kthread_parkme+0x82/0x160 [ 26.585310] ? preempt_count_sub+0x50/0x80 [ 26.585737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.586263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.586892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.587347] kthread+0x257/0x310 [ 26.587780] ? __pfx_kthread+0x10/0x10 [ 26.588065] ret_from_fork+0x41/0x80 [ 26.588463] ? __pfx_kthread+0x10/0x10 [ 26.588943] ret_from_fork_asm+0x1a/0x30 [ 26.589325] </TASK> [ 26.589869] [ 26.590198] Allocated by task 143: [ 26.590775] kasan_save_stack+0x3d/0x60 [ 26.591300] kasan_save_track+0x18/0x40 [ 26.591836] kasan_save_alloc_info+0x3b/0x50 [ 26.592214] __kasan_kmalloc+0xb7/0xc0 [ 26.592503] __kmalloc_cache_noprof+0x184/0x410 [ 26.592831] kmalloc_oob_right+0xaa/0x7f0 [ 26.593491] kunit_try_run_case+0x1b3/0x490 [ 26.594098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.594467] kthread+0x257/0x310 [ 26.594809] ret_from_fork+0x41/0x80 [ 26.595312] ret_from_fork_asm+0x1a/0x30 [ 26.595818] [ 26.596175] The buggy address belongs to the object at ffff888101abf600 [ 26.596175] which belongs to the cache kmalloc-128 of size 128 [ 26.597186] The buggy address is located 0 bytes to the right of [ 26.597186] allocated 115-byte region [ffff888101abf600, ffff888101abf673) [ 26.598281] [ 26.598716] The buggy address belongs to the physical page: [ 26.599633] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abf [ 26.602029] flags: 0x200000000000000(node=0|zone=2) [ 26.603267] page_type: f5(slab) [ 26.604528] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.605965] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.607557] page dumped because: kasan: bad access detected [ 26.608111] [ 26.608347] Memory state around the buggy address: [ 26.610261] ffff888101abf500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.611332] ffff888101abf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.612268] >ffff888101abf600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.613007] ^ [ 26.614292] ffff888101abf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.615169] ffff888101abf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.616011] ================================================================== [ 26.618593] ================================================================== [ 26.620921] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 26.621479] Write of size 1 at addr ffff888101abf678 by task kunit_try_catch/143 [ 26.623213] [ 26.623494] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.624491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.625048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.625823] Call Trace: [ 26.626148] <TASK> [ 26.626445] dump_stack_lvl+0x73/0xb0 [ 26.626845] print_report+0xd1/0x640 [ 26.627177] ? __virt_addr_valid+0x1db/0x2d0 [ 26.627778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.628153] kasan_report+0x102/0x140 [ 26.628660] ? kmalloc_oob_right+0x6bf/0x7f0 [ 26.629043] ? kmalloc_oob_right+0x6bf/0x7f0 [ 26.629571] __asan_report_store1_noabort+0x1b/0x30 [ 26.630080] kmalloc_oob_right+0x6bf/0x7f0 [ 26.630656] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.631068] ? __schedule+0xc3e/0x2790 [ 26.631576] ? __pfx_read_tsc+0x10/0x10 [ 26.632013] ? ktime_get_ts64+0x84/0x230 [ 26.632544] kunit_try_run_case+0x1b3/0x490 [ 26.633003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.633389] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.634025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.634657] ? __kthread_parkme+0x82/0x160 [ 26.635132] ? preempt_count_sub+0x50/0x80 [ 26.635750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.636199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.636869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.637424] kthread+0x257/0x310 [ 26.637887] ? __pfx_kthread+0x10/0x10 [ 26.638384] ret_from_fork+0x41/0x80 [ 26.638895] ? __pfx_kthread+0x10/0x10 [ 26.639354] ret_from_fork_asm+0x1a/0x30 [ 26.639948] </TASK> [ 26.640276] [ 26.640531] Allocated by task 143: [ 26.641001] kasan_save_stack+0x3d/0x60 [ 26.641469] kasan_save_track+0x18/0x40 [ 26.641925] kasan_save_alloc_info+0x3b/0x50 [ 26.642285] __kasan_kmalloc+0xb7/0xc0 [ 26.642820] __kmalloc_cache_noprof+0x184/0x410 [ 26.643278] kmalloc_oob_right+0xaa/0x7f0 [ 26.643862] kunit_try_run_case+0x1b3/0x490 [ 26.644240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.644901] kthread+0x257/0x310 [ 26.645311] ret_from_fork+0x41/0x80 [ 26.645722] ret_from_fork_asm+0x1a/0x30 [ 26.646228] [ 26.646493] The buggy address belongs to the object at ffff888101abf600 [ 26.646493] which belongs to the cache kmalloc-128 of size 128 [ 26.647656] The buggy address is located 5 bytes to the right of [ 26.647656] allocated 115-byte region [ffff888101abf600, ffff888101abf673) [ 26.648855] [ 26.649098] The buggy address belongs to the physical page: [ 26.649708] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abf [ 26.650389] flags: 0x200000000000000(node=0|zone=2) [ 26.650946] page_type: f5(slab) [ 26.651373] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.652111] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.652905] page dumped because: kasan: bad access detected [ 26.653337] [ 26.653652] Memory state around the buggy address: [ 26.654120] ffff888101abf500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.654746] ffff888101abf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.655382] >ffff888101abf600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.656081] ^ [ 26.656767] ffff888101abf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.657408] ffff888101abf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.658079] ================================================================== [ 26.659345] ================================================================== [ 26.659794] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 26.660484] Read of size 1 at addr ffff888101abf680 by task kunit_try_catch/143 [ 26.661301] [ 26.661548] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241120 #1 [ 26.662649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.662996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.664352] Call Trace: [ 26.664722] <TASK> [ 26.664912] dump_stack_lvl+0x73/0xb0 [ 26.665410] print_report+0xd1/0x640 [ 26.665880] ? __virt_addr_valid+0x1db/0x2d0 [ 26.666203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.666930] kasan_report+0x102/0x140 [ 26.667465] ? kmalloc_oob_right+0x68c/0x7f0 [ 26.668084] ? kmalloc_oob_right+0x68c/0x7f0 [ 26.668486] __asan_report_load1_noabort+0x18/0x20 [ 26.669076] kmalloc_oob_right+0x68c/0x7f0 [ 26.669402] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.670083] ? __schedule+0xc3e/0x2790 [ 26.670493] ? __pfx_read_tsc+0x10/0x10 [ 26.670988] ? ktime_get_ts64+0x84/0x230 [ 26.671478] kunit_try_run_case+0x1b3/0x490 [ 26.671874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.672484] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.672992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.673642] ? __kthread_parkme+0x82/0x160 [ 26.673973] ? preempt_count_sub+0x50/0x80 [ 26.674508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.675100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.675761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.676398] kthread+0x257/0x310 [ 26.676839] ? __pfx_kthread+0x10/0x10 [ 26.677280] ret_from_fork+0x41/0x80 [ 26.677800] ? __pfx_kthread+0x10/0x10 [ 26.678114] ret_from_fork_asm+0x1a/0x30 [ 26.678766] </TASK> [ 26.679005] [ 26.679156] Allocated by task 143: [ 26.679721] kasan_save_stack+0x3d/0x60 [ 26.680096] kasan_save_track+0x18/0x40 [ 26.680561] kasan_save_alloc_info+0x3b/0x50 [ 26.681094] __kasan_kmalloc+0xb7/0xc0 [ 26.681506] __kmalloc_cache_noprof+0x184/0x410 [ 26.681974] kmalloc_oob_right+0xaa/0x7f0 [ 26.682579] kunit_try_run_case+0x1b3/0x490 [ 26.683199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.683778] kthread+0x257/0x310 [ 26.684095] ret_from_fork+0x41/0x80 [ 26.684511] ret_from_fork_asm+0x1a/0x30 [ 26.685027] [ 26.685280] The buggy address belongs to the object at ffff888101abf600 [ 26.685280] which belongs to the cache kmalloc-128 of size 128 [ 26.686273] The buggy address is located 13 bytes to the right of [ 26.686273] allocated 115-byte region [ffff888101abf600, ffff888101abf673) [ 26.687458] [ 26.687797] The buggy address belongs to the physical page: [ 26.688172] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abf [ 26.689030] flags: 0x200000000000000(node=0|zone=2) [ 26.689385] page_type: f5(slab) [ 26.689916] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.690634] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.691404] page dumped because: kasan: bad access detected [ 26.691937] [ 26.692233] Memory state around the buggy address: [ 26.692805] ffff888101abf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.693816] ffff888101abf600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.694443] >ffff888101abf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.695182] ^ [ 26.695430] ffff888101abf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.696261] ffff888101abf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.696846] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 230.375649] WARNING: CPU: 1 PID: 2238 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 230.376870] Modules linked in: [ 230.377335] CPU: 1 UID: 0 PID: 2238 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241120 #1 [ 230.378846] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 230.379460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 230.380549] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 230.381072] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 230.383045] RSP: 0000:ffff888104f67ce8 EFLAGS: 00010286 [ 230.383871] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 230.384923] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff99608d74 [ 230.385870] RBP: ffff888104f67d10 R08: 0000000000000000 R09: ffffed102096be00 [ 230.386782] R10: ffff888104b5f007 R11: 0000000000000000 R12: ffffffff99608d60 [ 230.387626] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104f67da8 [ 230.388179] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 230.389282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.389957] CR2: 00007ffff7ffe000 CR3: 0000000051cb8000 CR4: 00000000000006f0 [ 230.391061] DR0: ffffffff9b5ea1a4 DR1: ffffffff9b5ea1a9 DR2: ffffffff9b5ea1aa [ 230.392272] DR3: ffffffff9b5ea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 230.392851] Call Trace: [ 230.393162] <TASK> [ 230.393425] ? show_regs+0x68/0x80 [ 230.393819] ? __warn+0xd5/0x260 [ 230.394180] ? drm_rect_calc_vscale+0x130/0x190 [ 230.394618] ? report_bug+0x278/0x2e0 [ 230.395492] ? handle_bug+0x5c/0xb0 [ 230.395968] ? exc_invalid_op+0x1c/0x50 [ 230.396841] ? asm_exc_invalid_op+0x1f/0x30 [ 230.397581] ? drm_rect_calc_vscale+0x130/0x190 [ 230.398610] drm_test_rect_calc_vscale+0x109/0x270 [ 230.399336] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 230.399829] ? __schedule+0xc3e/0x2790 [ 230.400621] ? __pfx_read_tsc+0x10/0x10 [ 230.401355] ? ktime_get_ts64+0x84/0x230 [ 230.401840] kunit_try_run_case+0x1b3/0x490 [ 230.402539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.403287] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 230.404052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 230.405067] ? __kthread_parkme+0x82/0x160 [ 230.405926] ? preempt_count_sub+0x50/0x80 [ 230.406849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.407587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 230.408310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 230.409098] kthread+0x257/0x310 [ 230.409737] ? __pfx_kthread+0x10/0x10 [ 230.410604] ret_from_fork+0x41/0x80 [ 230.411040] ? __pfx_kthread+0x10/0x10 [ 230.412244] ret_from_fork_asm+0x1a/0x30 [ 230.412897] </TASK> [ 230.413090] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 230.333327] WARNING: CPU: 1 PID: 2236 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 230.334082] Modules linked in: [ 230.334578] CPU: 1 UID: 0 PID: 2236 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241120 #1 [ 230.336047] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 230.336767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 230.337699] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 230.338351] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 230.340610] RSP: 0000:ffff888105097ce8 EFLAGS: 00010286 [ 230.341735] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 230.342130] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff99608d3c [ 230.343456] RBP: ffff888105097d10 R08: 0000000000000000 R09: ffffed102096b7c0 [ 230.344450] R10: ffff888104b5be07 R11: 0000000000000000 R12: ffffffff99608d28 [ 230.345352] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105097da8 [ 230.346014] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 230.347197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.348163] CR2: 00007ffff7ffe000 CR3: 0000000051cb8000 CR4: 00000000000006f0 [ 230.349339] DR0: ffffffff9b5ea1a4 DR1: ffffffff9b5ea1a9 DR2: ffffffff9b5ea1aa [ 230.350317] DR3: ffffffff9b5ea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 230.350980] Call Trace: [ 230.351829] <TASK> [ 230.352369] ? show_regs+0x68/0x80 [ 230.353036] ? __warn+0xd5/0x260 [ 230.353400] ? drm_rect_calc_vscale+0x130/0x190 [ 230.353788] ? report_bug+0x278/0x2e0 [ 230.354292] ? handle_bug+0x5c/0xb0 [ 230.354759] ? exc_invalid_op+0x1c/0x50 [ 230.355364] ? asm_exc_invalid_op+0x1f/0x30 [ 230.356380] ? drm_rect_calc_vscale+0x130/0x190 [ 230.357054] drm_test_rect_calc_vscale+0x109/0x270 [ 230.357604] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 230.358457] ? __schedule+0xc3e/0x2790 [ 230.358928] ? __pfx_read_tsc+0x10/0x10 [ 230.359652] ? ktime_get_ts64+0x84/0x230 [ 230.360262] kunit_try_run_case+0x1b3/0x490 [ 230.360975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.361722] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 230.362181] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 230.362956] ? __kthread_parkme+0x82/0x160 [ 230.363386] ? preempt_count_sub+0x50/0x80 [ 230.364058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.364942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 230.365676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 230.366465] kthread+0x257/0x310 [ 230.366980] ? __pfx_kthread+0x10/0x10 [ 230.367350] ret_from_fork+0x41/0x80 [ 230.368026] ? __pfx_kthread+0x10/0x10 [ 230.368519] ret_from_fork_asm+0x1a/0x30 [ 230.369261] </TASK> [ 230.370062] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 230.265022] WARNING: CPU: 1 PID: 2226 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 230.266181] Modules linked in: [ 230.266501] CPU: 1 UID: 0 PID: 2226 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241120 #1 [ 230.267450] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 230.267819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 230.268660] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 230.269662] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 230.271367] RSP: 0000:ffff8881078cfce8 EFLAGS: 00010286 [ 230.272127] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 230.272982] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff99608d78 [ 230.274371] RBP: ffff8881078cfd10 R08: 0000000000000000 R09: ffffed102096b720 [ 230.274960] R10: ffff888104b5b907 R11: 0000000000000000 R12: ffffffff99608d60 [ 230.275840] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881078cfda8 [ 230.276768] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 230.277888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.279081] CR2: 00007ffff7ffe000 CR3: 0000000051cb8000 CR4: 00000000000006f0 [ 230.280058] DR0: ffffffff9b5ea1a4 DR1: ffffffff9b5ea1a9 DR2: ffffffff9b5ea1aa [ 230.281251] DR3: ffffffff9b5ea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 230.282415] Call Trace: [ 230.282901] <TASK> [ 230.283535] ? show_regs+0x68/0x80 [ 230.284075] ? __warn+0xd5/0x260 [ 230.284529] ? drm_rect_calc_hscale+0x125/0x190 [ 230.284935] ? report_bug+0x278/0x2e0 [ 230.285423] ? handle_bug+0x5c/0xb0 [ 230.286140] ? exc_invalid_op+0x1c/0x50 [ 230.286799] ? asm_exc_invalid_op+0x1f/0x30 [ 230.287209] ? drm_rect_calc_hscale+0x125/0x190 [ 230.287775] drm_test_rect_calc_hscale+0x109/0x270 [ 230.288359] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 230.288984] ? __schedule+0xc3e/0x2790 [ 230.289425] ? __pfx_read_tsc+0x10/0x10 [ 230.289917] ? ktime_get_ts64+0x84/0x230 [ 230.290331] kunit_try_run_case+0x1b3/0x490 [ 230.290647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.291576] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 230.292022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 230.293022] ? __kthread_parkme+0x82/0x160 [ 230.293467] ? preempt_count_sub+0x50/0x80 [ 230.296071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.296603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 230.297422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 230.299561] kthread+0x257/0x310 [ 230.300341] ? __pfx_kthread+0x10/0x10 [ 230.302248] ret_from_fork+0x41/0x80 [ 230.303959] ? __pfx_kthread+0x10/0x10 [ 230.305700] ret_from_fork_asm+0x1a/0x30 [ 230.306387] </TASK> [ 230.306808] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 230.221500] WARNING: CPU: 0 PID: 2224 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 230.223067] Modules linked in: [ 230.224837] CPU: 0 UID: 0 PID: 2224 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241120 #1 [ 230.226053] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 230.227196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 230.228115] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 230.228628] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 230.230242] RSP: 0000:ffff8881048dfce8 EFLAGS: 00010286 [ 230.231314] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 230.231991] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff99608d40 [ 230.233151] RBP: ffff8881048dfd10 R08: 0000000000000000 R09: ffffed1020a2f120 [ 230.234212] R10: ffff888105178907 R11: 0000000000000000 R12: ffffffff99608d28 [ 230.235375] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881048dfda8 [ 230.236068] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 230.237086] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.237924] CR2: ffffffffffffffff CR3: 0000000051cb8000 CR4: 00000000000006f0 [ 230.238845] DR0: ffffffff9b5ea1a0 DR1: ffffffff9b5ea1a1 DR2: ffffffff9b5ea1a3 [ 230.240082] DR3: ffffffff9b5ea1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 230.240885] Call Trace: [ 230.241137] <TASK> [ 230.241759] ? show_regs+0x68/0x80 [ 230.242059] ? __warn+0xd5/0x260 [ 230.242525] ? drm_rect_calc_hscale+0x125/0x190 [ 230.243582] ? report_bug+0x278/0x2e0 [ 230.243913] ? handle_bug+0x5c/0xb0 [ 230.244611] ? exc_invalid_op+0x1c/0x50 [ 230.245137] ? asm_exc_invalid_op+0x1f/0x30 [ 230.245894] ? drm_rect_calc_hscale+0x125/0x190 [ 230.246738] drm_test_rect_calc_hscale+0x109/0x270 [ 230.247449] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 230.247875] ? __schedule+0xc3e/0x2790 [ 230.248228] ? __pfx_read_tsc+0x10/0x10 [ 230.248893] ? ktime_get_ts64+0x84/0x230 [ 230.249630] kunit_try_run_case+0x1b3/0x490 [ 230.250756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.251329] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 230.252099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 230.253062] ? __kthread_parkme+0x82/0x160 [ 230.253511] ? preempt_count_sub+0x50/0x80 [ 230.254065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 230.254932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 230.255369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 230.256117] kthread+0x257/0x310 [ 230.256385] ? __pfx_kthread+0x10/0x10 [ 230.257105] ret_from_fork+0x41/0x80 [ 230.257709] ? __pfx_kthread+0x10/0x10 [ 230.258017] ret_from_fork_asm+0x1a/0x30 [ 230.258727] </TASK> [ 230.259046] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 228.806474] WARNING: CPU: 1 PID: 2032 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 228.808068] Modules linked in: [ 228.808573] CPU: 1 UID: 0 PID: 2032 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241120 #1 [ 228.809906] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 228.810326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 228.811378] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 228.811938] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 228.813054] RSP: 0000:ffff88810314fba0 EFLAGS: 00010246 [ 228.813474] RAX: dffffc0000000000 RBX: ffff88810314fc98 RCX: 0000000000000000 [ 228.813970] RDX: 1ffff11020629f9c RSI: ffff88810314fc98 RDI: ffff88810314fce0 [ 228.815231] RBP: ffff88810314fbe0 R08: ffff888104322000 R09: ffffffff995b5900 [ 228.816464] R10: 0000000000000003 R11: 00000000ffffffff R12: ffff888104322000 [ 228.817301] R13: ffff888100317b20 R14: ffff88810314fc18 R15: ffff88810314fe28 [ 228.817735] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 228.818277] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.818654] CR2: 00007ffff7ffe000 CR3: 0000000051cb8000 CR4: 00000000000006f0 [ 228.820769] DR0: ffffffff9b5ea1a4 DR1: ffffffff9b5ea1a9 DR2: ffffffff9b5ea1aa [ 228.821403] DR3: ffffffff9b5ea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 228.822019] Call Trace: [ 228.822318] <TASK> [ 228.822606] ? show_regs+0x68/0x80 [ 228.823314] ? __warn+0xd5/0x260 [ 228.823938] ? drm_framebuffer_init+0x44/0x300 [ 228.824977] ? report_bug+0x278/0x2e0 [ 228.825634] ? handle_bug+0x5c/0xb0 [ 228.826548] ? exc_invalid_op+0x1c/0x50 [ 228.827146] ? asm_exc_invalid_op+0x1f/0x30 [ 228.828022] ? drm_framebuffer_init+0x44/0x300 [ 228.828933] ? add_dr+0xc1/0x1d0 [ 228.829839] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 228.830668] ? add_dr+0x148/0x1d0 [ 228.831142] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 228.831932] ? __drmm_add_action+0x1a4/0x280 [ 228.832366] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 228.833456] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 228.834132] ? __drmm_add_action_or_reset+0x22/0x50 [ 228.835004] ? __schedule+0xc3e/0x2790 [ 228.835579] ? __pfx_read_tsc+0x10/0x10 [ 228.836583] ? ktime_get_ts64+0x84/0x230 [ 228.837387] kunit_try_run_case+0x1b3/0x490 [ 228.838084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 228.839061] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 228.839569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 228.840184] ? __kthread_parkme+0x82/0x160 [ 228.840765] ? preempt_count_sub+0x50/0x80 [ 228.842092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 228.842638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 228.843426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 228.844299] kthread+0x257/0x310 [ 228.845059] ? __pfx_kthread+0x10/0x10 [ 228.845561] ret_from_fork+0x41/0x80 [ 228.846225] ? __pfx_kthread+0x10/0x10 [ 228.846635] ret_from_fork_asm+0x1a/0x30 [ 228.847108] </TASK> [ 228.847628] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 228.734628] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 228.735746] WARNING: CPU: 1 PID: 2028 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 228.738308] Modules linked in: [ 228.738741] CPU: 1 UID: 0 PID: 2028 Comm: kunit_try_catch Tainted: G B D N 6.12.0-next-20241120 #1 [ 228.739553] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 228.741340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 228.742014] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 228.742771] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 54 1c 80 00 48 c7 c1 00 09 5b 99 4c 89 fa 48 c7 c7 60 09 5b 99 48 89 c6 e8 9b 98 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 228.744214] RSP: 0000:ffff8881047ffbd8 EFLAGS: 00010282 [ 228.744912] RAX: 0000000000000000 RBX: ffff8881047ffcb0 RCX: 1ffffffff34642ec [ 228.745718] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 228.746577] RBP: ffff8881047ffc00 R08: 0000000000000000 R09: fffffbfff34642ec [ 228.747482] R10: 0000000000000003 R11: 0000000000027eb8 R12: ffff8881047ffc88 [ 228.748364] R13: ffff888104af3000 R14: ffff888104320000 R15: ffff888104713480 [ 228.749056] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 228.749825] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.750496] CR2: 00007ffff7ffe000 CR3: 0000000051cb8000 CR4: 00000000000006f0 [ 228.751522] DR0: ffffffff9b5ea1a4 DR1: ffffffff9b5ea1a9 DR2: ffffffff9b5ea1aa [ 228.753272] DR3: ffffffff9b5ea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 228.753941] Call Trace: [ 228.754355] <TASK> [ 228.754563] ? show_regs+0x68/0x80 [ 228.755082] ? __warn+0xd5/0x260 [ 228.755419] ? drm_framebuffer_free+0x136/0x1b0 [ 228.756438] ? report_bug+0x278/0x2e0 [ 228.757310] ? handle_bug+0x5c/0xb0 [ 228.758212] ? exc_invalid_op+0x1c/0x50 [ 228.758874] ? asm_exc_invalid_op+0x1f/0x30 [ 228.759521] ? drm_framebuffer_free+0x136/0x1b0 [ 228.760001] ? drm_framebuffer_free+0x135/0x1b0 [ 228.760459] drm_test_framebuffer_free+0x1ac/0x610 [ 228.761268] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 228.762011] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 228.762826] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 228.763329] ? __drmm_add_action_or_reset+0x22/0x50 [ 228.764289] ? __schedule+0xc3e/0x2790 [ 228.764835] ? __pfx_read_tsc+0x10/0x10 [ 228.765851] ? ktime_get_ts64+0x84/0x230 [ 228.766494] kunit_try_run_case+0x1b3/0x490 [ 228.767466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 228.767992] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 228.768947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 228.769750] ? __kthread_parkme+0x82/0x160 [ 228.770523] ? preempt_count_sub+0x50/0x80 [ 228.771053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 228.771539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 228.771942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 228.772394] kthread+0x257/0x310 [ 228.772649] ? __pfx_kthread+0x10/0x10 [ 228.773651] ret_from_fork+0x41/0x80 [ 228.774512] ? __pfx_kthread+0x10/0x10 [ 228.775162] ret_from_fork_asm+0x1a/0x30 [ 228.777026] </TASK> [ 228.777340] ---[ end trace 0000000000000000 ]---
Failure - kunit - _kasan
_kasan fail