Date
Nov. 22, 2024, 6:35 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 25.284649] ================================================================== [ 25.285623] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 25.286393] Write of size 16 at addr ffff888101aaf469 by task kunit_try_catch/186 [ 25.287286] [ 25.287590] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.288430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.288685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.290142] Call Trace: [ 25.290557] <TASK> [ 25.291041] dump_stack_lvl+0x73/0xb0 [ 25.291699] print_report+0xd1/0x640 [ 25.292339] ? __virt_addr_valid+0x1db/0x2d0 [ 25.292889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.293709] kasan_report+0x102/0x140 [ 25.294367] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.295091] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.295676] kasan_check_range+0x10c/0x1c0 [ 25.296374] __asan_memset+0x27/0x50 [ 25.296616] kmalloc_oob_memset_16+0x167/0x330 [ 25.297513] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 25.298045] ? __schedule+0xc3e/0x2790 [ 25.299327] ? __pfx_read_tsc+0x10/0x10 [ 25.299671] ? ktime_get_ts64+0x84/0x230 [ 25.300352] kunit_try_run_case+0x1b3/0x490 [ 25.300734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.301658] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.302027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.303100] ? __kthread_parkme+0x82/0x160 [ 25.303725] ? preempt_count_sub+0x50/0x80 [ 25.304460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.304948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.305359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.305921] kthread+0x257/0x310 [ 25.306307] ? __pfx_kthread+0x10/0x10 [ 25.306656] ret_from_fork+0x41/0x80 [ 25.307091] ? __pfx_kthread+0x10/0x10 [ 25.307781] ret_from_fork_asm+0x1a/0x30 [ 25.308348] </TASK> [ 25.308538] [ 25.308680] Allocated by task 186: [ 25.309301] kasan_save_stack+0x3d/0x60 [ 25.309720] kasan_save_track+0x18/0x40 [ 25.310364] kasan_save_alloc_info+0x3b/0x50 [ 25.311071] __kasan_kmalloc+0xb7/0xc0 [ 25.311517] __kmalloc_cache_noprof+0x184/0x410 [ 25.312129] kmalloc_oob_memset_16+0xad/0x330 [ 25.312458] kunit_try_run_case+0x1b3/0x490 [ 25.313112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.313697] kthread+0x257/0x310 [ 25.314732] ret_from_fork+0x41/0x80 [ 25.315469] ret_from_fork_asm+0x1a/0x30 [ 25.316067] [ 25.316329] The buggy address belongs to the object at ffff888101aaf400 [ 25.316329] which belongs to the cache kmalloc-128 of size 128 [ 25.317525] The buggy address is located 105 bytes inside of [ 25.317525] allocated 120-byte region [ffff888101aaf400, ffff888101aaf478) [ 25.318643] [ 25.319078] The buggy address belongs to the physical page: [ 25.319523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aaf [ 25.320329] flags: 0x200000000000000(node=0|zone=2) [ 25.321007] page_type: f5(slab) [ 25.321346] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.322188] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.322726] page dumped because: kasan: bad access detected [ 25.323501] [ 25.323710] Memory state around the buggy address: [ 25.324229] ffff888101aaf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.324655] ffff888101aaf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.325160] >ffff888101aaf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.325619] ^ [ 25.326465] ffff888101aaf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.327155] ffff888101aaf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.327791] ================================================================== [ 25.232414] ================================================================== [ 25.233424] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 25.234128] Write of size 8 at addr ffff888101aaf171 by task kunit_try_catch/184 [ 25.235372] [ 25.235621] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.236725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.237303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.238233] Call Trace: [ 25.238557] <TASK> [ 25.238946] dump_stack_lvl+0x73/0xb0 [ 25.239481] print_report+0xd1/0x640 [ 25.240137] ? __virt_addr_valid+0x1db/0x2d0 [ 25.240613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.241102] kasan_report+0x102/0x140 [ 25.241748] ? kmalloc_oob_memset_8+0x167/0x330 [ 25.242415] ? kmalloc_oob_memset_8+0x167/0x330 [ 25.242761] kasan_check_range+0x10c/0x1c0 [ 25.243502] __asan_memset+0x27/0x50 [ 25.244109] kmalloc_oob_memset_8+0x167/0x330 [ 25.244615] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 25.245298] ? __schedule+0xc3e/0x2790 [ 25.245748] ? __pfx_read_tsc+0x10/0x10 [ 25.246394] ? ktime_get_ts64+0x84/0x230 [ 25.246919] kunit_try_run_case+0x1b3/0x490 [ 25.247239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.247713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.248499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.249185] ? __kthread_parkme+0x82/0x160 [ 25.249703] ? preempt_count_sub+0x50/0x80 [ 25.250303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.250818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.251591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.252338] kthread+0x257/0x310 [ 25.252760] ? __pfx_kthread+0x10/0x10 [ 25.253213] ret_from_fork+0x41/0x80 [ 25.253605] ? __pfx_kthread+0x10/0x10 [ 25.253975] ret_from_fork_asm+0x1a/0x30 [ 25.254281] </TASK> [ 25.254556] [ 25.254773] Allocated by task 184: [ 25.255352] kasan_save_stack+0x3d/0x60 [ 25.255767] kasan_save_track+0x18/0x40 [ 25.256511] kasan_save_alloc_info+0x3b/0x50 [ 25.257114] __kasan_kmalloc+0xb7/0xc0 [ 25.257581] __kmalloc_cache_noprof+0x184/0x410 [ 25.258237] kmalloc_oob_memset_8+0xad/0x330 [ 25.258721] kunit_try_run_case+0x1b3/0x490 [ 25.259259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.259848] kthread+0x257/0x310 [ 25.260365] ret_from_fork+0x41/0x80 [ 25.260814] ret_from_fork_asm+0x1a/0x30 [ 25.261677] [ 25.261864] The buggy address belongs to the object at ffff888101aaf100 [ 25.261864] which belongs to the cache kmalloc-128 of size 128 [ 25.262616] The buggy address is located 113 bytes inside of [ 25.262616] allocated 120-byte region [ffff888101aaf100, ffff888101aaf178) [ 25.264435] [ 25.264664] The buggy address belongs to the physical page: [ 25.265442] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aaf [ 25.266356] flags: 0x200000000000000(node=0|zone=2) [ 25.266740] page_type: f5(slab) [ 25.267453] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.268495] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.269470] page dumped because: kasan: bad access detected [ 25.270157] [ 25.270426] Memory state around the buggy address: [ 25.270792] ffff888101aaf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.271706] ffff888101aaf080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.272542] >ffff888101aaf100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.273418] ^ [ 25.274107] ffff888101aaf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.274789] ffff888101aaf200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.275668] ================================================================== [ 25.132136] ================================================================== [ 25.133102] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 25.133785] Write of size 2 at addr ffff888101aabf77 by task kunit_try_catch/180 [ 25.134285] [ 25.134531] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.135110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.135567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.136346] Call Trace: [ 25.136548] <TASK> [ 25.137063] dump_stack_lvl+0x73/0xb0 [ 25.137591] print_report+0xd1/0x640 [ 25.138305] ? __virt_addr_valid+0x1db/0x2d0 [ 25.138701] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.139129] kasan_report+0x102/0x140 [ 25.139400] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.139977] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.140473] kasan_check_range+0x10c/0x1c0 [ 25.140936] __asan_memset+0x27/0x50 [ 25.142795] kmalloc_oob_memset_2+0x167/0x330 [ 25.143599] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.144516] ? __schedule+0xc3e/0x2790 [ 25.144874] ? __pfx_read_tsc+0x10/0x10 [ 25.145391] ? ktime_get_ts64+0x84/0x230 [ 25.146458] kunit_try_run_case+0x1b3/0x490 [ 25.146816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.147377] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.147707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.148225] ? __kthread_parkme+0x82/0x160 [ 25.149327] ? preempt_count_sub+0x50/0x80 [ 25.150311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.150745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.151315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.151775] kthread+0x257/0x310 [ 25.152618] ? __pfx_kthread+0x10/0x10 [ 25.152940] ret_from_fork+0x41/0x80 [ 25.153930] ? __pfx_kthread+0x10/0x10 [ 25.154562] ret_from_fork_asm+0x1a/0x30 [ 25.154869] </TASK> [ 25.155210] [ 25.155421] Allocated by task 180: [ 25.155950] kasan_save_stack+0x3d/0x60 [ 25.156986] kasan_save_track+0x18/0x40 [ 25.157143] kasan_save_alloc_info+0x3b/0x50 [ 25.157395] __kasan_kmalloc+0xb7/0xc0 [ 25.158481] __kmalloc_cache_noprof+0x184/0x410 [ 25.158654] kmalloc_oob_memset_2+0xad/0x330 [ 25.158862] kunit_try_run_case+0x1b3/0x490 [ 25.159336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.160176] kthread+0x257/0x310 [ 25.160610] ret_from_fork+0x41/0x80 [ 25.161366] ret_from_fork_asm+0x1a/0x30 [ 25.162114] [ 25.162441] The buggy address belongs to the object at ffff888101aabf00 [ 25.162441] which belongs to the cache kmalloc-128 of size 128 [ 25.163371] The buggy address is located 119 bytes inside of [ 25.163371] allocated 120-byte region [ffff888101aabf00, ffff888101aabf78) [ 25.164246] [ 25.164579] The buggy address belongs to the physical page: [ 25.165217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aab [ 25.166432] flags: 0x200000000000000(node=0|zone=2) [ 25.167117] page_type: f5(slab) [ 25.167272] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.167499] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.167710] page dumped because: kasan: bad access detected [ 25.167939] [ 25.168127] Memory state around the buggy address: [ 25.168582] ffff888101aabe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.169293] ffff888101aabe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.169870] >ffff888101aabf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.170266] ^ [ 25.171259] ffff888101aabf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.171726] ffff888101aac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.172172] ================================================================== [ 25.180760] ================================================================== [ 25.181956] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 25.182738] Write of size 4 at addr ffff888102a09775 by task kunit_try_catch/182 [ 25.183360] [ 25.183569] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.184595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.185173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.185990] Call Trace: [ 25.186215] <TASK> [ 25.186409] dump_stack_lvl+0x73/0xb0 [ 25.187385] print_report+0xd1/0x640 [ 25.187812] ? __virt_addr_valid+0x1db/0x2d0 [ 25.188487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.189095] kasan_report+0x102/0x140 [ 25.189559] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.190241] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.190789] kasan_check_range+0x10c/0x1c0 [ 25.191472] __asan_memset+0x27/0x50 [ 25.191839] kmalloc_oob_memset_4+0x167/0x330 [ 25.192818] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 25.193424] ? __schedule+0xc3e/0x2790 [ 25.193706] ? __pfx_read_tsc+0x10/0x10 [ 25.194314] ? ktime_get_ts64+0x84/0x230 [ 25.194812] kunit_try_run_case+0x1b3/0x490 [ 25.195534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.196176] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.196729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.197705] ? __kthread_parkme+0x82/0x160 [ 25.198336] ? preempt_count_sub+0x50/0x80 [ 25.198849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.199389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.200155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.200678] kthread+0x257/0x310 [ 25.201285] ? __pfx_kthread+0x10/0x10 [ 25.201735] ret_from_fork+0x41/0x80 [ 25.202723] ? __pfx_kthread+0x10/0x10 [ 25.203172] ret_from_fork_asm+0x1a/0x30 [ 25.203663] </TASK> [ 25.203922] [ 25.204087] Allocated by task 182: [ 25.204700] kasan_save_stack+0x3d/0x60 [ 25.205317] kasan_save_track+0x18/0x40 [ 25.205764] kasan_save_alloc_info+0x3b/0x50 [ 25.206414] __kasan_kmalloc+0xb7/0xc0 [ 25.206723] __kmalloc_cache_noprof+0x184/0x410 [ 25.207393] kmalloc_oob_memset_4+0xad/0x330 [ 25.208617] kunit_try_run_case+0x1b3/0x490 [ 25.209144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.209488] kthread+0x257/0x310 [ 25.209744] ret_from_fork+0x41/0x80 [ 25.210387] ret_from_fork_asm+0x1a/0x30 [ 25.211002] [ 25.211243] The buggy address belongs to the object at ffff888102a09700 [ 25.211243] which belongs to the cache kmalloc-128 of size 128 [ 25.212425] The buggy address is located 117 bytes inside of [ 25.212425] allocated 120-byte region [ffff888102a09700, ffff888102a09778) [ 25.213484] [ 25.213720] The buggy address belongs to the physical page: [ 25.215034] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a09 [ 25.215526] flags: 0x200000000000000(node=0|zone=2) [ 25.216169] page_type: f5(slab) [ 25.216587] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.217370] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.218158] page dumped because: kasan: bad access detected [ 25.218656] [ 25.218917] Memory state around the buggy address: [ 25.219193] ffff888102a09600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.219743] ffff888102a09680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.221363] >ffff888102a09700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.222158] ^ [ 25.222590] ffff888102a09780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.223440] ffff888102a09800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.224053] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 25.081416] ================================================================== [ 25.082652] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 25.084238] Write of size 128 at addr ffff888102a09400 by task kunit_try_catch/178 [ 25.084965] [ 25.085765] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.086543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.086956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.087617] Call Trace: [ 25.088561] <TASK> [ 25.088752] dump_stack_lvl+0x73/0xb0 [ 25.089319] print_report+0xd1/0x640 [ 25.089770] ? __virt_addr_valid+0x1db/0x2d0 [ 25.090559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.091357] kasan_report+0x102/0x140 [ 25.091770] ? kmalloc_oob_in_memset+0x160/0x320 [ 25.092664] ? kmalloc_oob_in_memset+0x160/0x320 [ 25.093565] kasan_check_range+0x10c/0x1c0 [ 25.094208] __asan_memset+0x27/0x50 [ 25.094473] kmalloc_oob_in_memset+0x160/0x320 [ 25.095018] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 25.095423] ? __schedule+0xc3e/0x2790 [ 25.095979] ? __pfx_read_tsc+0x10/0x10 [ 25.096309] ? ktime_get_ts64+0x84/0x230 [ 25.097107] kunit_try_run_case+0x1b3/0x490 [ 25.097428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.098025] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.098634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.099353] ? __kthread_parkme+0x82/0x160 [ 25.099672] ? preempt_count_sub+0x50/0x80 [ 25.100003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.100710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.101454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.102112] kthread+0x257/0x310 [ 25.102468] ? __pfx_kthread+0x10/0x10 [ 25.103002] ret_from_fork+0x41/0x80 [ 25.103468] ? __pfx_kthread+0x10/0x10 [ 25.103787] ret_from_fork_asm+0x1a/0x30 [ 25.104125] </TASK> [ 25.104403] [ 25.104632] Allocated by task 178: [ 25.105333] kasan_save_stack+0x3d/0x60 [ 25.105757] kasan_save_track+0x18/0x40 [ 25.106469] kasan_save_alloc_info+0x3b/0x50 [ 25.106873] __kasan_kmalloc+0xb7/0xc0 [ 25.107176] __kmalloc_cache_noprof+0x184/0x410 [ 25.107698] kmalloc_oob_in_memset+0xad/0x320 [ 25.108464] kunit_try_run_case+0x1b3/0x490 [ 25.109055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.109735] kthread+0x257/0x310 [ 25.110255] ret_from_fork+0x41/0x80 [ 25.111930] ret_from_fork_asm+0x1a/0x30 [ 25.112257] [ 25.112409] The buggy address belongs to the object at ffff888102a09400 [ 25.112409] which belongs to the cache kmalloc-128 of size 128 [ 25.114611] The buggy address is located 0 bytes inside of [ 25.114611] allocated 120-byte region [ffff888102a09400, ffff888102a09478) [ 25.115762] [ 25.116149] The buggy address belongs to the physical page: [ 25.116596] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a09 [ 25.117206] flags: 0x200000000000000(node=0|zone=2) [ 25.117771] page_type: f5(slab) [ 25.118360] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.118758] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.119653] page dumped because: kasan: bad access detected [ 25.120180] [ 25.120423] Memory state around the buggy address: [ 25.120805] ffff888102a09300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.121177] ffff888102a09380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.121923] >ffff888102a09400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.122275] ^ [ 25.122743] ffff888102a09480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.123221] ffff888102a09500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.123787] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 34.074794] ================================================================== [ 34.075480] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 34.075480] [ 34.076008] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 34.076598] test_double_free+0x113/0x260 [ 34.076892] kunit_try_run_case+0x1b3/0x490 [ 34.077250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.077861] kthread+0x257/0x310 [ 34.078241] ret_from_fork+0x41/0x80 [ 34.078664] ret_from_fork_asm+0x1a/0x30 [ 34.079114] [ 34.079281] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.079281] [ 34.079999] allocated by task 313 on cpu 0 at 34.074513s (0.005481s ago): [ 34.080717] test_alloc+0x2a7/0x10d0 [ 34.081084] test_double_free+0xdc/0x260 [ 34.081666] kunit_try_run_case+0x1b3/0x490 [ 34.082148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.082567] kthread+0x257/0x310 [ 34.083001] ret_from_fork+0x41/0x80 [ 34.083503] ret_from_fork_asm+0x1a/0x30 [ 34.083837] [ 34.084037] freed by task 313 on cpu 0 at 34.074607s (0.009425s ago): [ 34.084538] test_double_free+0xfb/0x260 [ 34.085004] kunit_try_run_case+0x1b3/0x490 [ 34.085452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.086063] kthread+0x257/0x310 [ 34.086487] ret_from_fork+0x41/0x80 [ 34.086912] ret_from_fork_asm+0x1a/0x30 [ 34.087351] [ 34.087602] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.088422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.088753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.089211] ================================================================== [ 33.970940] ================================================================== [ 33.971608] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 33.971608] [ 33.972055] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 33.972489] test_double_free+0x1d5/0x260 [ 33.972896] kunit_try_run_case+0x1b3/0x490 [ 33.973252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.973589] kthread+0x257/0x310 [ 33.973857] ret_from_fork+0x41/0x80 [ 33.974266] ret_from_fork_asm+0x1a/0x30 [ 33.974658] [ 33.974957] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.974957] [ 33.975856] allocated by task 311 on cpu 0 at 33.970488s (0.005363s ago): [ 33.976239] test_alloc+0x35f/0x10d0 [ 33.976486] test_double_free+0xdc/0x260 [ 33.977070] kunit_try_run_case+0x1b3/0x490 [ 33.977510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.978063] kthread+0x257/0x310 [ 33.978463] ret_from_fork+0x41/0x80 [ 33.978878] ret_from_fork_asm+0x1a/0x30 [ 33.979295] [ 33.979490] freed by task 311 on cpu 0 at 33.970606s (0.008880s ago): [ 33.979884] test_double_free+0x1e2/0x260 [ 33.980152] kunit_try_run_case+0x1b3/0x490 [ 33.980590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.981121] kthread+0x257/0x310 [ 33.981591] ret_from_fork+0x41/0x80 [ 33.981963] ret_from_fork_asm+0x1a/0x30 [ 33.982225] [ 33.982491] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.983324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.983683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.984242] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 25.336392] ================================================================== [ 25.338076] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 25.338674] Read of size 18446744073709551614 at addr ffff888102a03b04 by task kunit_try_catch/188 [ 25.340071] [ 25.340337] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.341762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.342471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.343047] Call Trace: [ 25.343461] <TASK> [ 25.343746] dump_stack_lvl+0x73/0xb0 [ 25.344132] print_report+0xd1/0x640 [ 25.344555] ? __virt_addr_valid+0x1db/0x2d0 [ 25.345190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.345665] kasan_report+0x102/0x140 [ 25.346618] ? kmalloc_memmove_negative_size+0x172/0x330 [ 25.347061] ? kmalloc_memmove_negative_size+0x172/0x330 [ 25.347726] kasan_check_range+0x10c/0x1c0 [ 25.348595] __asan_memmove+0x27/0x70 [ 25.349362] kmalloc_memmove_negative_size+0x172/0x330 [ 25.350120] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 25.350643] ? __schedule+0xc3e/0x2790 [ 25.351347] ? __pfx_read_tsc+0x10/0x10 [ 25.352451] ? ktime_get_ts64+0x84/0x230 [ 25.352898] kunit_try_run_case+0x1b3/0x490 [ 25.353299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.353739] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.354318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.354718] ? __kthread_parkme+0x82/0x160 [ 25.355334] ? preempt_count_sub+0x50/0x80 [ 25.355840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.356608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.357124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.357731] kthread+0x257/0x310 [ 25.358141] ? __pfx_kthread+0x10/0x10 [ 25.359227] ret_from_fork+0x41/0x80 [ 25.359876] ? __pfx_kthread+0x10/0x10 [ 25.361128] ret_from_fork_asm+0x1a/0x30 [ 25.361547] </TASK> [ 25.361944] [ 25.362249] Allocated by task 188: [ 25.362769] kasan_save_stack+0x3d/0x60 [ 25.363188] kasan_save_track+0x18/0x40 [ 25.364331] kasan_save_alloc_info+0x3b/0x50 [ 25.364719] __kasan_kmalloc+0xb7/0xc0 [ 25.365338] __kmalloc_cache_noprof+0x184/0x410 [ 25.365994] kmalloc_memmove_negative_size+0xad/0x330 [ 25.366659] kunit_try_run_case+0x1b3/0x490 [ 25.366986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.367583] kthread+0x257/0x310 [ 25.368247] ret_from_fork+0x41/0x80 [ 25.368634] ret_from_fork_asm+0x1a/0x30 [ 25.369398] [ 25.369622] The buggy address belongs to the object at ffff888102a03b00 [ 25.369622] which belongs to the cache kmalloc-64 of size 64 [ 25.371428] The buggy address is located 4 bytes inside of [ 25.371428] 64-byte region [ffff888102a03b00, ffff888102a03b40) [ 25.372547] [ 25.372857] The buggy address belongs to the physical page: [ 25.373421] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a03 [ 25.374321] flags: 0x200000000000000(node=0|zone=2) [ 25.374997] page_type: f5(slab) [ 25.375297] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.376241] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.376857] page dumped because: kasan: bad access detected [ 25.377932] [ 25.378101] Memory state around the buggy address: [ 25.378375] ffff888102a03a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.379062] ffff888102a03a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.380138] >ffff888102a03b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.380513] ^ [ 25.380734] ffff888102a03b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.381667] ffff888102a03c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.382759] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 27.402761] ================================================================== [ 27.403608] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.404236] Read of size 1 at addr ffff888102a1a240 by task kunit_try_catch/239 [ 27.404791] [ 27.405115] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.405976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.406496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.407180] Call Trace: [ 27.408061] <TASK> [ 27.408344] dump_stack_lvl+0x73/0xb0 [ 27.408658] print_report+0xd1/0x640 [ 27.410576] ? __virt_addr_valid+0x1db/0x2d0 [ 27.411085] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.411491] kasan_report+0x102/0x140 [ 27.412110] ? mempool_uaf_helper+0x394/0x400 [ 27.413023] ? mempool_uaf_helper+0x394/0x400 [ 27.413559] __asan_report_load1_noabort+0x18/0x20 [ 27.414332] mempool_uaf_helper+0x394/0x400 [ 27.414848] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.415504] ? irqentry_exit+0x2a/0x60 [ 27.415873] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.416952] mempool_slab_uaf+0xae/0x100 [ 27.417310] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 27.418161] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 27.418854] ? __pfx_mempool_free_slab+0x10/0x10 [ 27.419608] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 27.420278] kunit_try_run_case+0x1b3/0x490 [ 27.421239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.422027] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.422791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.423256] ? __kthread_parkme+0x82/0x160 [ 27.424082] ? preempt_count_sub+0x50/0x80 [ 27.424746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.425280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.425966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.427203] kthread+0x257/0x310 [ 27.427722] ? __pfx_kthread+0x10/0x10 [ 27.428707] ret_from_fork+0x41/0x80 [ 27.429570] ? __pfx_kthread+0x10/0x10 [ 27.429942] ret_from_fork_asm+0x1a/0x30 [ 27.430642] </TASK> [ 27.431271] [ 27.431667] Allocated by task 239: [ 27.431932] kasan_save_stack+0x3d/0x60 [ 27.432276] kasan_save_track+0x18/0x40 [ 27.432671] kasan_save_alloc_info+0x3b/0x50 [ 27.433423] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 27.434470] remove_element+0x11e/0x190 [ 27.434871] mempool_alloc_preallocated+0x4d/0x90 [ 27.435361] mempool_uaf_helper+0x97/0x400 [ 27.435747] mempool_slab_uaf+0xae/0x100 [ 27.436693] kunit_try_run_case+0x1b3/0x490 [ 27.437340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.438182] kthread+0x257/0x310 [ 27.438508] ret_from_fork+0x41/0x80 [ 27.439428] ret_from_fork_asm+0x1a/0x30 [ 27.440110] [ 27.440265] Freed by task 239: [ 27.440523] kasan_save_stack+0x3d/0x60 [ 27.440999] kasan_save_track+0x18/0x40 [ 27.441388] kasan_save_free_info+0x3f/0x60 [ 27.441767] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.442511] mempool_free+0x2ec/0x380 [ 27.443134] mempool_uaf_helper+0x11b/0x400 [ 27.444108] mempool_slab_uaf+0xae/0x100 [ 27.444995] kunit_try_run_case+0x1b3/0x490 [ 27.445511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.446048] kthread+0x257/0x310 [ 27.446365] ret_from_fork+0x41/0x80 [ 27.446702] ret_from_fork_asm+0x1a/0x30 [ 27.448198] [ 27.448468] The buggy address belongs to the object at ffff888102a1a240 [ 27.448468] which belongs to the cache test_cache of size 123 [ 27.449790] The buggy address is located 0 bytes inside of [ 27.449790] freed 123-byte region [ffff888102a1a240, ffff888102a1a2bb) [ 27.451681] [ 27.452220] The buggy address belongs to the physical page: [ 27.452879] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 27.454246] flags: 0x200000000000000(node=0|zone=2) [ 27.454738] page_type: f5(slab) [ 27.455067] raw: 0200000000000000 ffff888102a0e3c0 dead000000000122 0000000000000000 [ 27.456854] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 27.457703] page dumped because: kasan: bad access detected [ 27.459391] [ 27.459611] Memory state around the buggy address: [ 27.460099] ffff888102a1a100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.461022] ffff888102a1a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.461687] >ffff888102a1a200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 27.462407] ^ [ 27.463660] ffff888102a1a280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.464284] ffff888102a1a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.464959] ================================================================== [ 27.292630] ================================================================== [ 27.293879] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.294216] Read of size 1 at addr ffff888101ab3f00 by task kunit_try_catch/235 [ 27.295977] [ 27.296157] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.296920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.297407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.297957] Call Trace: [ 27.298250] <TASK> [ 27.299052] dump_stack_lvl+0x73/0xb0 [ 27.299373] print_report+0xd1/0x640 [ 27.299777] ? __virt_addr_valid+0x1db/0x2d0 [ 27.300263] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.301574] kasan_report+0x102/0x140 [ 27.301965] ? mempool_uaf_helper+0x394/0x400 [ 27.302802] ? mempool_uaf_helper+0x394/0x400 [ 27.303466] __asan_report_load1_noabort+0x18/0x20 [ 27.304145] mempool_uaf_helper+0x394/0x400 [ 27.304937] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.305439] ? update_load_avg+0x1c3/0x2110 [ 27.305771] ? update_curr+0x7d/0x5a0 [ 27.306202] ? update_curr+0x7d/0x5a0 [ 27.306637] ? finish_task_switch.isra.0+0x153/0x700 [ 27.307096] mempool_kmalloc_uaf+0xb3/0x100 [ 27.308114] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 27.308694] ? __switch_to+0x5d9/0xf60 [ 27.309195] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.309996] ? __pfx_mempool_kfree+0x10/0x10 [ 27.310294] ? __pfx_read_tsc+0x10/0x10 [ 27.310705] ? ktime_get_ts64+0x84/0x230 [ 27.311123] kunit_try_run_case+0x1b3/0x490 [ 27.311498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.311992] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.312368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.313331] ? __kthread_parkme+0x82/0x160 [ 27.313650] ? preempt_count_sub+0x50/0x80 [ 27.314120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.315123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.315680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.316142] kthread+0x257/0x310 [ 27.317028] ? __pfx_kthread+0x10/0x10 [ 27.317421] ret_from_fork+0x41/0x80 [ 27.317778] ? __pfx_kthread+0x10/0x10 [ 27.318158] ret_from_fork_asm+0x1a/0x30 [ 27.319070] </TASK> [ 27.319664] [ 27.319899] Allocated by task 235: [ 27.320261] kasan_save_stack+0x3d/0x60 [ 27.320663] kasan_save_track+0x18/0x40 [ 27.321100] kasan_save_alloc_info+0x3b/0x50 [ 27.322178] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.322548] remove_element+0x11e/0x190 [ 27.322924] mempool_alloc_preallocated+0x4d/0x90 [ 27.323799] mempool_uaf_helper+0x97/0x400 [ 27.324603] mempool_kmalloc_uaf+0xb3/0x100 [ 27.325002] kunit_try_run_case+0x1b3/0x490 [ 27.325393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.326021] kthread+0x257/0x310 [ 27.326275] ret_from_fork+0x41/0x80 [ 27.326671] ret_from_fork_asm+0x1a/0x30 [ 27.326979] [ 27.327197] Freed by task 235: [ 27.327685] kasan_save_stack+0x3d/0x60 [ 27.328090] kasan_save_track+0x18/0x40 [ 27.328508] kasan_save_free_info+0x3f/0x60 [ 27.329081] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.329485] mempool_free+0x2ec/0x380 [ 27.331011] mempool_uaf_helper+0x11b/0x400 [ 27.331582] mempool_kmalloc_uaf+0xb3/0x100 [ 27.331916] kunit_try_run_case+0x1b3/0x490 [ 27.332370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.332886] kthread+0x257/0x310 [ 27.333870] ret_from_fork+0x41/0x80 [ 27.334287] ret_from_fork_asm+0x1a/0x30 [ 27.335116] [ 27.335269] The buggy address belongs to the object at ffff888101ab3f00 [ 27.335269] which belongs to the cache kmalloc-128 of size 128 [ 27.336744] The buggy address is located 0 bytes inside of [ 27.336744] freed 128-byte region [ffff888101ab3f00, ffff888101ab3f80) [ 27.338129] [ 27.338317] The buggy address belongs to the physical page: [ 27.338781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab3 [ 27.339208] flags: 0x200000000000000(node=0|zone=2) [ 27.339969] page_type: f5(slab) [ 27.340348] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.341047] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 27.341923] page dumped because: kasan: bad access detected [ 27.342693] [ 27.342902] Memory state around the buggy address: [ 27.343291] ffff888101ab3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.344131] ffff888101ab3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.344876] >ffff888101ab3f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.345912] ^ [ 27.346296] ffff888101ab3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.347495] ffff888101ab4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.348201] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 27.182292] ================================================================== [ 27.183006] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.183918] Read of size 1 at addr ffff888102d22001 by task kunit_try_catch/231 [ 27.184383] [ 27.184698] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.185594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.186302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.186751] Call Trace: [ 27.186984] <TASK> [ 27.187382] dump_stack_lvl+0x73/0xb0 [ 27.187863] print_report+0xd1/0x640 [ 27.188486] ? __virt_addr_valid+0x1db/0x2d0 [ 27.188804] ? kasan_addr_to_slab+0x11/0xa0 [ 27.189342] kasan_report+0x102/0x140 [ 27.189884] ? mempool_oob_right_helper+0x31a/0x380 [ 27.190332] ? mempool_oob_right_helper+0x31a/0x380 [ 27.190744] __asan_report_load1_noabort+0x18/0x20 [ 27.191084] mempool_oob_right_helper+0x31a/0x380 [ 27.191848] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.192418] ? finish_task_switch.isra.0+0x153/0x700 [ 27.193483] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 27.193928] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 27.194377] ? __switch_to+0x5d9/0xf60 [ 27.194893] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.195397] ? __pfx_mempool_kfree+0x10/0x10 [ 27.196264] ? __pfx_read_tsc+0x10/0x10 [ 27.196694] ? ktime_get_ts64+0x84/0x230 [ 27.197015] kunit_try_run_case+0x1b3/0x490 [ 27.197587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.198391] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.199128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.199476] ? __kthread_parkme+0x82/0x160 [ 27.199761] ? preempt_count_sub+0x50/0x80 [ 27.200513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.201197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.201811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.202359] kthread+0x257/0x310 [ 27.202836] ? __pfx_kthread+0x10/0x10 [ 27.203151] ret_from_fork+0x41/0x80 [ 27.203738] ? __pfx_kthread+0x10/0x10 [ 27.204287] ret_from_fork_asm+0x1a/0x30 [ 27.204673] </TASK> [ 27.204883] [ 27.205366] The buggy address belongs to the physical page: [ 27.205937] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d20 [ 27.206901] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.207556] flags: 0x200000000000040(head|node=0|zone=2) [ 27.208225] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.209338] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.209737] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.210504] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.211371] head: 0200000000000002 ffffea00040b4801 ffffffffffffffff 0000000000000000 [ 27.211757] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.212722] page dumped because: kasan: bad access detected [ 27.213602] [ 27.213842] Memory state around the buggy address: [ 27.214200] ffff888102d21f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.214964] ffff888102d21f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.215748] >ffff888102d22000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.216263] ^ [ 27.216488] ffff888102d22080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.216889] ffff888102d22100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.217762] ================================================================== [ 27.122445] ================================================================== [ 27.123398] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.124316] Read of size 1 at addr ffff888102a17373 by task kunit_try_catch/229 [ 27.124810] [ 27.125287] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.126493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.127137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.127796] Call Trace: [ 27.128556] <TASK> [ 27.128778] dump_stack_lvl+0x73/0xb0 [ 27.129093] print_report+0xd1/0x640 [ 27.129514] ? __virt_addr_valid+0x1db/0x2d0 [ 27.130114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.130530] kasan_report+0x102/0x140 [ 27.130806] ? mempool_oob_right_helper+0x31a/0x380 [ 27.131568] ? mempool_oob_right_helper+0x31a/0x380 [ 27.132283] __asan_report_load1_noabort+0x18/0x20 [ 27.132701] mempool_oob_right_helper+0x31a/0x380 [ 27.133391] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.134492] ? update_load_avg+0x1c3/0x2110 [ 27.135220] ? update_curr+0x7d/0x5a0 [ 27.135673] ? update_curr+0x7d/0x5a0 [ 27.136287] ? finish_task_switch.isra.0+0x153/0x700 [ 27.136802] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.137481] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 27.138157] ? __switch_to+0x5d9/0xf60 [ 27.138657] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.139662] ? __pfx_mempool_kfree+0x10/0x10 [ 27.140151] ? __pfx_read_tsc+0x10/0x10 [ 27.140515] ? ktime_get_ts64+0x84/0x230 [ 27.141144] kunit_try_run_case+0x1b3/0x490 [ 27.141591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.142307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.142757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.143505] ? __kthread_parkme+0x82/0x160 [ 27.144040] ? preempt_count_sub+0x50/0x80 [ 27.144559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.145662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.146293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.147090] kthread+0x257/0x310 [ 27.147358] ? __pfx_kthread+0x10/0x10 [ 27.147884] ret_from_fork+0x41/0x80 [ 27.148733] ? __pfx_kthread+0x10/0x10 [ 27.149636] ret_from_fork_asm+0x1a/0x30 [ 27.150160] </TASK> [ 27.150774] [ 27.151574] Allocated by task 229: [ 27.151915] kasan_save_stack+0x3d/0x60 [ 27.152305] kasan_save_track+0x18/0x40 [ 27.152723] kasan_save_alloc_info+0x3b/0x50 [ 27.153170] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.154186] remove_element+0x11e/0x190 [ 27.155278] mempool_alloc_preallocated+0x4d/0x90 [ 27.155615] mempool_oob_right_helper+0x8b/0x380 [ 27.155948] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.156922] kunit_try_run_case+0x1b3/0x490 [ 27.157552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.158221] kthread+0x257/0x310 [ 27.158745] ret_from_fork+0x41/0x80 [ 27.159334] ret_from_fork_asm+0x1a/0x30 [ 27.159962] [ 27.160287] The buggy address belongs to the object at ffff888102a17300 [ 27.160287] which belongs to the cache kmalloc-128 of size 128 [ 27.161814] The buggy address is located 0 bytes to the right of [ 27.161814] allocated 115-byte region [ffff888102a17300, ffff888102a17373) [ 27.163038] [ 27.163412] The buggy address belongs to the physical page: [ 27.164049] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a17 [ 27.164473] flags: 0x200000000000000(node=0|zone=2) [ 27.165101] page_type: f5(slab) [ 27.165579] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.166939] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.167496] page dumped because: kasan: bad access detected [ 27.167923] [ 27.168192] Memory state around the buggy address: [ 27.168613] ffff888102a17200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.169411] ffff888102a17280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.169886] >ffff888102a17300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.170387] ^ [ 27.171104] ffff888102a17380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.171936] ffff888102a17400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.172433] ================================================================== [ 27.229055] ================================================================== [ 27.230043] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.230863] Read of size 1 at addr ffff888101abb2bb by task kunit_try_catch/233 [ 27.231555] [ 27.231756] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.232213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.232801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.234264] Call Trace: [ 27.234610] <TASK> [ 27.234922] dump_stack_lvl+0x73/0xb0 [ 27.235382] print_report+0xd1/0x640 [ 27.236303] ? __virt_addr_valid+0x1db/0x2d0 [ 27.236711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.237246] kasan_report+0x102/0x140 [ 27.239200] ? mempool_oob_right_helper+0x31a/0x380 [ 27.239783] ? mempool_oob_right_helper+0x31a/0x380 [ 27.240519] __asan_report_load1_noabort+0x18/0x20 [ 27.241189] mempool_oob_right_helper+0x31a/0x380 [ 27.241943] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.242591] ? finish_task_switch.isra.0+0x153/0x700 [ 27.243330] mempool_slab_oob_right+0xb1/0x100 [ 27.243936] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 27.244403] ? __switch_to+0x5d9/0xf60 [ 27.244948] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 27.245649] ? __pfx_mempool_free_slab+0x10/0x10 [ 27.246292] ? __pfx_read_tsc+0x10/0x10 [ 27.246611] ? ktime_get_ts64+0x84/0x230 [ 27.247077] kunit_try_run_case+0x1b3/0x490 [ 27.247782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.248519] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.249055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.249673] ? __kthread_parkme+0x82/0x160 [ 27.250225] ? preempt_count_sub+0x50/0x80 [ 27.250855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.251240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.252335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.252816] kthread+0x257/0x310 [ 27.253223] ? __pfx_kthread+0x10/0x10 [ 27.254118] ret_from_fork+0x41/0x80 [ 27.254476] ? __pfx_kthread+0x10/0x10 [ 27.254764] ret_from_fork_asm+0x1a/0x30 [ 27.255253] </TASK> [ 27.256052] [ 27.256234] Allocated by task 233: [ 27.256430] kasan_save_stack+0x3d/0x60 [ 27.256680] kasan_save_track+0x18/0x40 [ 27.257376] kasan_save_alloc_info+0x3b/0x50 [ 27.257813] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 27.258154] remove_element+0x11e/0x190 [ 27.258668] mempool_alloc_preallocated+0x4d/0x90 [ 27.259421] mempool_oob_right_helper+0x8b/0x380 [ 27.260633] mempool_slab_oob_right+0xb1/0x100 [ 27.261264] kunit_try_run_case+0x1b3/0x490 [ 27.261705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.262174] kthread+0x257/0x310 [ 27.262786] ret_from_fork+0x41/0x80 [ 27.263204] ret_from_fork_asm+0x1a/0x30 [ 27.263597] [ 27.263748] The buggy address belongs to the object at ffff888101abb240 [ 27.263748] which belongs to the cache test_cache of size 123 [ 27.265698] The buggy address is located 0 bytes to the right of [ 27.265698] allocated 123-byte region [ffff888101abb240, ffff888101abb2bb) [ 27.267787] [ 27.268054] The buggy address belongs to the physical page: [ 27.268452] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abb [ 27.270102] flags: 0x200000000000000(node=0|zone=2) [ 27.270768] page_type: f5(slab) [ 27.271359] raw: 0200000000000000 ffff888101a67780 dead000000000122 0000000000000000 [ 27.272356] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 27.272837] page dumped because: kasan: bad access detected [ 27.273438] [ 27.273924] Memory state around the buggy address: [ 27.274533] ffff888101abb180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.275305] ffff888101abb200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 27.276360] >ffff888101abb280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 27.276944] ^ [ 27.277422] ffff888101abb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.278169] ffff888101abb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.279094] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 26.505652] ================================================================== [ 26.506473] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 26.507311] Read of size 1 at addr ffff888101a67500 by task kunit_try_catch/223 [ 26.507885] [ 26.508188] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 26.509099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.509504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.510621] Call Trace: [ 26.510895] <TASK> [ 26.511258] dump_stack_lvl+0x73/0xb0 [ 26.511699] print_report+0xd1/0x640 [ 26.512150] ? __virt_addr_valid+0x1db/0x2d0 [ 26.512620] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.513388] kasan_report+0x102/0x140 [ 26.513769] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.514344] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.515405] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.515883] __kasan_check_byte+0x3d/0x50 [ 26.516166] kmem_cache_destroy+0x25/0x1d0 [ 26.516753] kmem_cache_double_destroy+0x1bd/0x380 [ 26.517397] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 26.518053] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.518679] ? __pfx_empty_cache_ctor+0x10/0x10 [ 26.519310] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 26.519949] kunit_try_run_case+0x1b3/0x490 [ 26.520524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.520990] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.521554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.522165] ? __kthread_parkme+0x82/0x160 [ 26.522970] ? preempt_count_sub+0x50/0x80 [ 26.523751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.524188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.524726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.525175] kthread+0x257/0x310 [ 26.526014] ? __pfx_kthread+0x10/0x10 [ 26.526357] ret_from_fork+0x41/0x80 [ 26.527021] ? __pfx_kthread+0x10/0x10 [ 26.527584] ret_from_fork_asm+0x1a/0x30 [ 26.528186] </TASK> [ 26.528536] [ 26.529224] Allocated by task 223: [ 26.529737] kasan_save_stack+0x3d/0x60 [ 26.530171] kasan_save_track+0x18/0x40 [ 26.530963] kasan_save_alloc_info+0x3b/0x50 [ 26.531617] __kasan_slab_alloc+0x91/0xa0 [ 26.532164] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.532658] __kmem_cache_create_args+0x177/0x250 [ 26.533385] kmem_cache_double_destroy+0xd3/0x380 [ 26.533779] kunit_try_run_case+0x1b3/0x490 [ 26.534173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.535265] kthread+0x257/0x310 [ 26.535778] ret_from_fork+0x41/0x80 [ 26.536380] ret_from_fork_asm+0x1a/0x30 [ 26.537271] [ 26.537416] Freed by task 223: [ 26.537650] kasan_save_stack+0x3d/0x60 [ 26.538120] kasan_save_track+0x18/0x40 [ 26.539129] kasan_save_free_info+0x3f/0x60 [ 26.539620] __kasan_slab_free+0x56/0x70 [ 26.540056] kmem_cache_free+0x120/0x420 [ 26.540630] slab_kmem_cache_release+0x2e/0x40 [ 26.541378] kmem_cache_release+0x16/0x20 [ 26.542099] kobject_put+0x181/0x450 [ 26.542354] sysfs_slab_release+0x16/0x20 [ 26.543054] kmem_cache_destroy+0xf0/0x1d0 [ 26.543789] kmem_cache_double_destroy+0x14c/0x380 [ 26.544330] kunit_try_run_case+0x1b3/0x490 [ 26.544712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.545252] kthread+0x257/0x310 [ 26.546049] ret_from_fork+0x41/0x80 [ 26.546741] ret_from_fork_asm+0x1a/0x30 [ 26.547069] [ 26.547592] The buggy address belongs to the object at ffff888101a67500 [ 26.547592] which belongs to the cache kmem_cache of size 208 [ 26.548719] The buggy address is located 0 bytes inside of [ 26.548719] freed 208-byte region [ffff888101a67500, ffff888101a675d0) [ 26.549653] [ 26.550518] The buggy address belongs to the physical page: [ 26.550995] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a67 [ 26.551710] flags: 0x200000000000000(node=0|zone=2) [ 26.552273] page_type: f5(slab) [ 26.553181] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 26.553784] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 26.554864] page dumped because: kasan: bad access detected [ 26.555399] [ 26.556115] Memory state around the buggy address: [ 26.556394] ffff888101a67400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.557427] ffff888101a67480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.558553] >ffff888101a67500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.559043] ^ [ 26.559261] ffff888101a67580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 26.560383] ffff888101a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.561269] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 26.424225] ================================================================== [ 26.425388] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.426747] Read of size 1 at addr ffff888101ab7000 by task kunit_try_catch/221 [ 26.427434] [ 26.427628] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 26.428471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.428923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.429966] Call Trace: [ 26.430173] <TASK> [ 26.430381] dump_stack_lvl+0x73/0xb0 [ 26.430676] print_report+0xd1/0x640 [ 26.431106] ? __virt_addr_valid+0x1db/0x2d0 [ 26.431537] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.432205] kasan_report+0x102/0x140 [ 26.432696] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.433288] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.433869] __asan_report_load1_noabort+0x18/0x20 [ 26.434489] kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.435015] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 26.436029] ? finish_task_switch.isra.0+0x153/0x700 [ 26.436550] ? __switch_to+0x5d9/0xf60 [ 26.437138] ? __pfx_read_tsc+0x10/0x10 [ 26.437851] ? ktime_get_ts64+0x84/0x230 [ 26.438484] kunit_try_run_case+0x1b3/0x490 [ 26.438925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439288] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.439900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.440329] ? __kthread_parkme+0x82/0x160 [ 26.440773] ? preempt_count_sub+0x50/0x80 [ 26.441125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.441640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.442308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.442801] kthread+0x257/0x310 [ 26.443211] ? __pfx_kthread+0x10/0x10 [ 26.443726] ret_from_fork+0x41/0x80 [ 26.444057] ? __pfx_kthread+0x10/0x10 [ 26.444330] ret_from_fork_asm+0x1a/0x30 [ 26.444784] </TASK> [ 26.445100] [ 26.445376] Allocated by task 221: [ 26.445758] kasan_save_stack+0x3d/0x60 [ 26.446183] kasan_save_track+0x18/0x40 [ 26.446662] kasan_save_alloc_info+0x3b/0x50 [ 26.446986] __kasan_slab_alloc+0x91/0xa0 [ 26.447259] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.448701] kmem_cache_rcu_uaf+0x156/0x510 [ 26.449298] kunit_try_run_case+0x1b3/0x490 [ 26.449735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.450215] kthread+0x257/0x310 [ 26.450549] ret_from_fork+0x41/0x80 [ 26.451020] ret_from_fork_asm+0x1a/0x30 [ 26.451451] [ 26.451647] Freed by task 0: [ 26.451927] kasan_save_stack+0x3d/0x60 [ 26.452312] kasan_save_track+0x18/0x40 [ 26.452763] kasan_save_free_info+0x3f/0x60 [ 26.453161] __kasan_slab_free+0x56/0x70 [ 26.453632] slab_free_after_rcu_debug+0xe4/0x310 [ 26.453957] rcu_core+0x680/0x1d70 [ 26.454211] rcu_core_si+0x12/0x20 [ 26.454678] handle_softirqs+0x209/0x720 [ 26.455216] __irq_exit_rcu+0xc9/0x110 [ 26.455733] irq_exit_rcu+0x12/0x20 [ 26.456168] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.456520] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.457060] [ 26.457318] Last potentially related work creation: [ 26.457754] kasan_save_stack+0x3d/0x60 [ 26.458199] __kasan_record_aux_stack+0xae/0xc0 [ 26.458600] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.458970] kmem_cache_free+0x276/0x420 [ 26.459235] kmem_cache_rcu_uaf+0x195/0x510 [ 26.459764] kunit_try_run_case+0x1b3/0x490 [ 26.460229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.460795] kthread+0x257/0x310 [ 26.461181] ret_from_fork+0x41/0x80 [ 26.461655] ret_from_fork_asm+0x1a/0x30 [ 26.462132] [ 26.462374] The buggy address belongs to the object at ffff888101ab7000 [ 26.462374] which belongs to the cache test_cache of size 200 [ 26.463129] The buggy address is located 0 bytes inside of [ 26.463129] freed 200-byte region [ffff888101ab7000, ffff888101ab70c8) [ 26.464129] [ 26.464356] The buggy address belongs to the physical page: [ 26.464685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab7 [ 26.465508] flags: 0x200000000000000(node=0|zone=2) [ 26.465856] page_type: f5(slab) [ 26.466280] raw: 0200000000000000 ffff888101a673c0 dead000000000122 0000000000000000 [ 26.466790] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.467461] page dumped because: kasan: bad access detected [ 26.467976] [ 26.468156] Memory state around the buggy address: [ 26.468479] ffff888101ab6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.468983] ffff888101ab6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.469669] >ffff888101ab7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.470367] ^ [ 26.470717] ffff888101ab7080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.471197] ffff888101ab7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.471952] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 26.328627] ================================================================== [ 26.329763] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 26.330184] Free of addr ffff888101ab5001 by task kunit_try_catch/219 [ 26.330870] [ 26.331119] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 26.332947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.333201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.333895] Call Trace: [ 26.334278] <TASK> [ 26.334646] dump_stack_lvl+0x73/0xb0 [ 26.335349] print_report+0xd1/0x640 [ 26.336122] ? __virt_addr_valid+0x1db/0x2d0 [ 26.336809] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.337457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.338064] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.338497] kasan_report_invalid_free+0xc0/0xf0 [ 26.338923] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.339202] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.339689] check_slab_allocation+0x11f/0x130 [ 26.341182] __kasan_slab_pre_free+0x28/0x40 [ 26.341683] kmem_cache_free+0xee/0x420 [ 26.341972] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.342683] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.344171] kmem_cache_invalid_free+0x1d9/0x470 [ 26.345054] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 26.345433] ? finish_task_switch.isra.0+0x153/0x700 [ 26.346284] ? __switch_to+0x5d9/0xf60 [ 26.346680] ? __pfx_read_tsc+0x10/0x10 [ 26.347589] ? ktime_get_ts64+0x84/0x230 [ 26.348491] kunit_try_run_case+0x1b3/0x490 [ 26.348917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.349685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.350158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.351226] ? __kthread_parkme+0x82/0x160 [ 26.351603] ? preempt_count_sub+0x50/0x80 [ 26.352060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.352786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.353656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.354039] kthread+0x257/0x310 [ 26.354296] ? __pfx_kthread+0x10/0x10 [ 26.355234] ret_from_fork+0x41/0x80 [ 26.355630] ? __pfx_kthread+0x10/0x10 [ 26.356091] ret_from_fork_asm+0x1a/0x30 [ 26.356458] </TASK> [ 26.356693] [ 26.357817] Allocated by task 219: [ 26.358285] kasan_save_stack+0x3d/0x60 [ 26.358648] kasan_save_track+0x18/0x40 [ 26.359576] kasan_save_alloc_info+0x3b/0x50 [ 26.360503] __kasan_slab_alloc+0x91/0xa0 [ 26.360765] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.361263] kmem_cache_invalid_free+0x158/0x470 [ 26.362597] kunit_try_run_case+0x1b3/0x490 [ 26.362942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.363565] kthread+0x257/0x310 [ 26.364531] ret_from_fork+0x41/0x80 [ 26.365337] ret_from_fork_asm+0x1a/0x30 [ 26.365886] [ 26.367038] The buggy address belongs to the object at ffff888101ab5000 [ 26.367038] which belongs to the cache test_cache of size 200 [ 26.368308] The buggy address is located 1 bytes inside of [ 26.368308] 200-byte region [ffff888101ab5000, ffff888101ab50c8) [ 26.370219] [ 26.370403] The buggy address belongs to the physical page: [ 26.370747] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab5 [ 26.371947] flags: 0x200000000000000(node=0|zone=2) [ 26.372861] page_type: f5(slab) [ 26.373950] raw: 0200000000000000 ffff888101a67280 dead000000000122 0000000000000000 [ 26.374532] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.375055] page dumped because: kasan: bad access detected [ 26.376124] [ 26.376302] Memory state around the buggy address: [ 26.376680] ffff888101ab4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.377009] ffff888101ab4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.377782] >ffff888101ab5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.378290] ^ [ 26.379590] ffff888101ab5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.379952] ffff888101ab5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.380988] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 26.254868] ================================================================== [ 26.255724] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 26.256474] Free of addr ffff888102a14000 by task kunit_try_catch/217 [ 26.256956] [ 26.257195] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 26.258056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.258652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.260573] Call Trace: [ 26.261088] <TASK> [ 26.261497] dump_stack_lvl+0x73/0xb0 [ 26.262108] print_report+0xd1/0x640 [ 26.262701] ? __virt_addr_valid+0x1db/0x2d0 [ 26.263486] ? kmem_cache_double_free+0x1e6/0x490 [ 26.264043] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.264816] ? kmem_cache_double_free+0x1e6/0x490 [ 26.265495] kasan_report_invalid_free+0xc0/0xf0 [ 26.266210] ? kmem_cache_double_free+0x1e6/0x490 [ 26.266796] ? kmem_cache_double_free+0x1e6/0x490 [ 26.267913] check_slab_allocation+0x101/0x130 [ 26.268408] __kasan_slab_pre_free+0x28/0x40 [ 26.268776] kmem_cache_free+0xee/0x420 [ 26.269586] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.270294] ? kmem_cache_double_free+0x1e6/0x490 [ 26.270720] kmem_cache_double_free+0x1e6/0x490 [ 26.271633] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 26.272183] ? finish_task_switch.isra.0+0x153/0x700 [ 26.272743] ? __switch_to+0x5d9/0xf60 [ 26.273443] ? __pfx_read_tsc+0x10/0x10 [ 26.274107] ? ktime_get_ts64+0x84/0x230 [ 26.274539] kunit_try_run_case+0x1b3/0x490 [ 26.275459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.275784] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.276620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.277394] ? __kthread_parkme+0x82/0x160 [ 26.278055] ? preempt_count_sub+0x50/0x80 [ 26.278546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.279388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.280390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.281237] kthread+0x257/0x310 [ 26.281753] ? __pfx_kthread+0x10/0x10 [ 26.282370] ret_from_fork+0x41/0x80 [ 26.282787] ? __pfx_kthread+0x10/0x10 [ 26.283918] ret_from_fork_asm+0x1a/0x30 [ 26.284226] </TASK> [ 26.284977] [ 26.285208] Allocated by task 217: [ 26.285675] kasan_save_stack+0x3d/0x60 [ 26.286437] kasan_save_track+0x18/0x40 [ 26.286736] kasan_save_alloc_info+0x3b/0x50 [ 26.287734] __kasan_slab_alloc+0x91/0xa0 [ 26.288323] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.289003] kmem_cache_double_free+0x150/0x490 [ 26.289587] kunit_try_run_case+0x1b3/0x490 [ 26.290187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.290810] kthread+0x257/0x310 [ 26.291593] ret_from_fork+0x41/0x80 [ 26.291939] ret_from_fork_asm+0x1a/0x30 [ 26.292621] [ 26.292858] Freed by task 217: [ 26.293314] kasan_save_stack+0x3d/0x60 [ 26.294013] kasan_save_track+0x18/0x40 [ 26.294443] kasan_save_free_info+0x3f/0x60 [ 26.294806] __kasan_slab_free+0x56/0x70 [ 26.295760] kmem_cache_free+0x120/0x420 [ 26.296435] kmem_cache_double_free+0x16b/0x490 [ 26.297014] kunit_try_run_case+0x1b3/0x490 [ 26.297571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.298100] kthread+0x257/0x310 [ 26.298562] ret_from_fork+0x41/0x80 [ 26.299416] ret_from_fork_asm+0x1a/0x30 [ 26.299851] [ 26.300283] The buggy address belongs to the object at ffff888102a14000 [ 26.300283] which belongs to the cache test_cache of size 200 [ 26.301402] The buggy address is located 0 bytes inside of [ 26.301402] 200-byte region [ffff888102a14000, ffff888102a140c8) [ 26.302354] [ 26.302514] The buggy address belongs to the physical page: [ 26.303023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a14 [ 26.303593] flags: 0x200000000000000(node=0|zone=2) [ 26.304447] page_type: f5(slab) [ 26.304691] raw: 0200000000000000 ffff888102a0e140 dead000000000122 0000000000000000 [ 26.305475] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.306497] page dumped because: kasan: bad access detected [ 26.307219] [ 26.307470] Memory state around the buggy address: [ 26.308374] ffff888102a13f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.308792] ffff888102a13f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.309438] >ffff888102a14000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.310370] ^ [ 26.310811] ffff888102a14080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.311624] ffff888102a14100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.312770] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 163.101324] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 63.300148] ================================================================== [ 63.300765] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 63.300765] [ 63.301393] Use-after-free read at 0x(____ptrval____) (in kfence-#168): [ 63.301937] test_krealloc+0x6fd/0xbe0 [ 63.302337] kunit_try_run_case+0x1b3/0x490 [ 63.302724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.304204] kthread+0x257/0x310 [ 63.304528] ret_from_fork+0x41/0x80 [ 63.304891] ret_from_fork_asm+0x1a/0x30 [ 63.305328] [ 63.305512] kfence-#168: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 63.305512] [ 63.306173] allocated by task 345 on cpu 1 at 63.298956s (0.007212s ago): [ 63.306664] test_alloc+0x35f/0x10d0 [ 63.307141] test_krealloc+0xae/0xbe0 [ 63.307675] kunit_try_run_case+0x1b3/0x490 [ 63.308108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.309114] kthread+0x257/0x310 [ 63.309465] ret_from_fork+0x41/0x80 [ 63.310259] ret_from_fork_asm+0x1a/0x30 [ 63.310660] [ 63.310841] freed by task 345 on cpu 1 at 63.299469s (0.011367s ago): [ 63.311940] krealloc_noprof+0x108/0x340 [ 63.312290] test_krealloc+0x227/0xbe0 [ 63.312878] kunit_try_run_case+0x1b3/0x490 [ 63.313339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.313869] kthread+0x257/0x310 [ 63.314337] ret_from_fork+0x41/0x80 [ 63.314932] ret_from_fork_asm+0x1a/0x30 [ 63.315463] [ 63.315759] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 63.316574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.316942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.317840] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 26.189868] ================================================================== [ 26.191045] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 26.192554] Read of size 1 at addr ffff888102a110c8 by task kunit_try_catch/215 [ 26.193339] [ 26.193688] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 26.194975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.195481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.196378] Call Trace: [ 26.196715] <TASK> [ 26.197075] dump_stack_lvl+0x73/0xb0 [ 26.197526] print_report+0xd1/0x640 [ 26.197924] ? __virt_addr_valid+0x1db/0x2d0 [ 26.198234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.199182] kasan_report+0x102/0x140 [ 26.199675] ? kmem_cache_oob+0x404/0x530 [ 26.200289] ? kmem_cache_oob+0x404/0x530 [ 26.200819] __asan_report_load1_noabort+0x18/0x20 [ 26.201603] kmem_cache_oob+0x404/0x530 [ 26.202211] ? __pfx_kmem_cache_oob+0x10/0x10 [ 26.202695] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.203362] ? __pfx_kmem_cache_oob+0x10/0x10 [ 26.204010] kunit_try_run_case+0x1b3/0x490 [ 26.204438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.205122] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.205577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.206319] ? __kthread_parkme+0x82/0x160 [ 26.206762] ? preempt_count_sub+0x50/0x80 [ 26.207441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.207772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.208569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.209345] kthread+0x257/0x310 [ 26.209766] ? __pfx_kthread+0x10/0x10 [ 26.210447] ret_from_fork+0x41/0x80 [ 26.211055] ? __pfx_kthread+0x10/0x10 [ 26.211475] ret_from_fork_asm+0x1a/0x30 [ 26.212118] </TASK> [ 26.212474] [ 26.212688] Allocated by task 215: [ 26.213086] kasan_save_stack+0x3d/0x60 [ 26.213440] kasan_save_track+0x18/0x40 [ 26.214192] kasan_save_alloc_info+0x3b/0x50 [ 26.214714] __kasan_slab_alloc+0x91/0xa0 [ 26.215294] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.215780] kmem_cache_oob+0x158/0x530 [ 26.216430] kunit_try_run_case+0x1b3/0x490 [ 26.216718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.217453] kthread+0x257/0x310 [ 26.217805] ret_from_fork+0x41/0x80 [ 26.218500] ret_from_fork_asm+0x1a/0x30 [ 26.219029] [ 26.219324] The buggy address belongs to the object at ffff888102a11000 [ 26.219324] which belongs to the cache test_cache of size 200 [ 26.220345] The buggy address is located 0 bytes to the right of [ 26.220345] allocated 200-byte region [ffff888102a11000, ffff888102a110c8) [ 26.221502] [ 26.221701] The buggy address belongs to the physical page: [ 26.222033] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a11 [ 26.222550] flags: 0x200000000000000(node=0|zone=2) [ 26.223053] page_type: f5(slab) [ 26.223414] raw: 0200000000000000 ffff888102a0e000 dead000000000122 0000000000000000 [ 26.224314] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.225036] page dumped because: kasan: bad access detected [ 26.225601] [ 26.225816] Memory state around the buggy address: [ 26.226509] ffff888102a10f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227096] ffff888102a11000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.227798] >ffff888102a11080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.228471] ^ [ 26.228776] ffff888102a11100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.229634] ffff888102a11180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.230428] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 26.114906] ================================================================== [ 26.116259] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 26.116760] Read of size 8 at addr ffff888101ab05c0 by task kunit_try_catch/208 [ 26.117155] [ 26.117400] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 26.118541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.119007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.119744] Call Trace: [ 26.120242] <TASK> [ 26.120561] dump_stack_lvl+0x73/0xb0 [ 26.121094] print_report+0xd1/0x640 [ 26.121585] ? __virt_addr_valid+0x1db/0x2d0 [ 26.122602] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.123155] kasan_report+0x102/0x140 [ 26.123621] ? workqueue_uaf+0x4d8/0x560 [ 26.124282] ? workqueue_uaf+0x4d8/0x560 [ 26.124711] __asan_report_load8_noabort+0x18/0x20 [ 26.125353] workqueue_uaf+0x4d8/0x560 [ 26.125711] ? __pfx_workqueue_uaf+0x10/0x10 [ 26.126462] ? __schedule+0xc3e/0x2790 [ 26.126843] ? __pfx_read_tsc+0x10/0x10 [ 26.128143] ? ktime_get_ts64+0x84/0x230 [ 26.128657] kunit_try_run_case+0x1b3/0x490 [ 26.129188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.129711] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.130129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.130724] ? __kthread_parkme+0x82/0x160 [ 26.131385] ? preempt_count_sub+0x50/0x80 [ 26.132013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.132427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.133606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.134344] kthread+0x257/0x310 [ 26.134729] ? __pfx_kthread+0x10/0x10 [ 26.135364] ret_from_fork+0x41/0x80 [ 26.135766] ? __pfx_kthread+0x10/0x10 [ 26.136310] ret_from_fork_asm+0x1a/0x30 [ 26.136769] </TASK> [ 26.137214] [ 26.137468] Allocated by task 208: [ 26.137896] kasan_save_stack+0x3d/0x60 [ 26.138335] kasan_save_track+0x18/0x40 [ 26.139373] kasan_save_alloc_info+0x3b/0x50 [ 26.140142] __kasan_kmalloc+0xb7/0xc0 [ 26.140451] __kmalloc_cache_noprof+0x184/0x410 [ 26.141092] workqueue_uaf+0x153/0x560 [ 26.141527] kunit_try_run_case+0x1b3/0x490 [ 26.142154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.142736] kthread+0x257/0x310 [ 26.143630] ret_from_fork+0x41/0x80 [ 26.144055] ret_from_fork_asm+0x1a/0x30 [ 26.144666] [ 26.145059] Freed by task 54: [ 26.145361] kasan_save_stack+0x3d/0x60 [ 26.145768] kasan_save_track+0x18/0x40 [ 26.146342] kasan_save_free_info+0x3f/0x60 [ 26.146818] __kasan_slab_free+0x56/0x70 [ 26.147325] kfree+0x123/0x3f0 [ 26.147558] workqueue_uaf_work+0x12/0x20 [ 26.148678] process_one_work+0x5ee/0xf60 [ 26.149181] worker_thread+0x720/0x1300 [ 26.149592] kthread+0x257/0x310 [ 26.149922] ret_from_fork+0x41/0x80 [ 26.150314] ret_from_fork_asm+0x1a/0x30 [ 26.150633] [ 26.151071] Last potentially related work creation: [ 26.151511] kasan_save_stack+0x3d/0x60 [ 26.152123] __kasan_record_aux_stack+0xae/0xc0 [ 26.152560] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.153344] __queue_work+0x67e/0xf70 [ 26.153713] queue_work_on+0x74/0xa0 [ 26.154139] workqueue_uaf+0x26e/0x560 [ 26.154559] kunit_try_run_case+0x1b3/0x490 [ 26.155942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.156456] kthread+0x257/0x310 [ 26.156819] ret_from_fork+0x41/0x80 [ 26.157239] ret_from_fork_asm+0x1a/0x30 [ 26.157577] [ 26.157794] The buggy address belongs to the object at ffff888101ab05c0 [ 26.157794] which belongs to the cache kmalloc-32 of size 32 [ 26.159398] The buggy address is located 0 bytes inside of [ 26.159398] freed 32-byte region [ffff888101ab05c0, ffff888101ab05e0) [ 26.160391] [ 26.160577] The buggy address belongs to the physical page: [ 26.161339] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab0 [ 26.161745] flags: 0x200000000000000(node=0|zone=2) [ 26.163063] page_type: f5(slab) [ 26.163418] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.164100] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 26.165062] page dumped because: kasan: bad access detected [ 26.165601] [ 26.165752] Memory state around the buggy address: [ 26.166434] ffff888101ab0480: 00 00 05 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.167176] ffff888101ab0500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.167670] >ffff888101ab0580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.169075] ^ [ 26.169560] ffff888101ab0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.170538] ffff888101ab0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.171277] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 26.034136] ================================================================== [ 26.034616] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 26.034876] Read of size 4 at addr ffff888101ab0500 by task swapper/0/0 [ 26.035075] [ 26.035172] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.12.0-next-20241122 #1 [ 26.035438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.035571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.035818] Call Trace: [ 26.036520] <IRQ> [ 26.037039] dump_stack_lvl+0x73/0xb0 [ 26.037515] print_report+0xd1/0x640 [ 26.038042] ? __virt_addr_valid+0x1db/0x2d0 [ 26.038574] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.039018] kasan_report+0x102/0x140 [ 26.039290] ? rcu_uaf_reclaim+0x50/0x60 [ 26.039567] ? rcu_uaf_reclaim+0x50/0x60 [ 26.039869] __asan_report_load4_noabort+0x18/0x20 [ 26.040329] rcu_uaf_reclaim+0x50/0x60 [ 26.040853] rcu_core+0x680/0x1d70 [ 26.041616] ? __pfx_rcu_core+0x10/0x10 [ 26.042412] ? ktime_get+0x69/0x150 [ 26.044643] ? handle_softirqs+0x18e/0x720 [ 26.045486] rcu_core_si+0x12/0x20 [ 26.046388] handle_softirqs+0x209/0x720 [ 26.046964] ? hrtimer_interrupt+0x2fe/0x780 [ 26.047692] ? __pfx_handle_softirqs+0x10/0x10 [ 26.048697] __irq_exit_rcu+0xc9/0x110 [ 26.049751] irq_exit_rcu+0x12/0x20 [ 26.050104] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.051038] </IRQ> [ 26.051236] <TASK> [ 26.051414] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.052854] RIP: 0010:default_idle+0xf/0x20 [ 26.053818] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 13 f0 34 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 26.055801] RSP: 0000:ffffffff89c07df0 EFLAGS: 00010206 [ 26.057127] RAX: ffff88815b000000 RBX: ffffffff89c1a680 RCX: ffffffff8890b925 [ 26.057853] RDX: ffffed102b606b23 RSI: 0000000000000004 RDI: 00000000000864c4 [ 26.058446] RBP: ffffffff89c07df8 R08: 0000000000000001 R09: ffffed102b606b22 [ 26.059875] R10: ffff88815b035913 R11: 0000000000000000 R12: 0000000000000000 [ 26.060955] R13: fffffbfff13834d0 R14: ffffffff8a772650 R15: 0000000000000000 [ 26.061799] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 26.062115] ? arch_cpu_idle+0xd/0x20 [ 26.062271] default_idle_call+0x48/0x80 [ 26.062420] do_idle+0x310/0x3c0 [ 26.062560] ? __pfx_do_idle+0x10/0x10 [ 26.062713] cpu_startup_entry+0x5c/0x70 [ 26.062932] rest_init+0x11a/0x140 [ 26.063307] ? acpi_subsystem_init+0x5d/0x150 [ 26.065403] start_kernel+0x320/0x400 [ 26.065814] x86_64_start_reservations+0x1c/0x30 [ 26.066739] x86_64_start_kernel+0xcf/0xe0 [ 26.067788] common_startup_64+0x12c/0x138 [ 26.068386] </TASK> [ 26.068565] [ 26.068693] Allocated by task 206: [ 26.069066] kasan_save_stack+0x3d/0x60 [ 26.069480] kasan_save_track+0x18/0x40 [ 26.069916] kasan_save_alloc_info+0x3b/0x50 [ 26.070368] __kasan_kmalloc+0xb7/0xc0 [ 26.070702] __kmalloc_cache_noprof+0x184/0x410 [ 26.071435] rcu_uaf+0xb1/0x330 [ 26.071787] kunit_try_run_case+0x1b3/0x490 [ 26.073057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.073586] kthread+0x257/0x310 [ 26.074130] ret_from_fork+0x41/0x80 [ 26.074622] ret_from_fork_asm+0x1a/0x30 [ 26.075378] [ 26.075608] Freed by task 0: [ 26.076597] kasan_save_stack+0x3d/0x60 [ 26.077209] kasan_save_track+0x18/0x40 [ 26.077572] kasan_save_free_info+0x3f/0x60 [ 26.078024] __kasan_slab_free+0x56/0x70 [ 26.078550] kfree+0x123/0x3f0 [ 26.079159] rcu_uaf_reclaim+0x1f/0x60 [ 26.079663] rcu_core+0x680/0x1d70 [ 26.080674] rcu_core_si+0x12/0x20 [ 26.081188] handle_softirqs+0x209/0x720 [ 26.081776] __irq_exit_rcu+0xc9/0x110 [ 26.082309] irq_exit_rcu+0x12/0x20 [ 26.082905] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.083717] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.084467] [ 26.084688] Last potentially related work creation: [ 26.085604] kasan_save_stack+0x3d/0x60 [ 26.086329] __kasan_record_aux_stack+0xae/0xc0 [ 26.087104] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.087685] __call_rcu_common.constprop.0+0x72/0xaa0 [ 26.088316] call_rcu+0x12/0x20 [ 26.088793] rcu_uaf+0x169/0x330 [ 26.089219] kunit_try_run_case+0x1b3/0x490 [ 26.089491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.090035] kthread+0x257/0x310 [ 26.090396] ret_from_fork+0x41/0x80 [ 26.090672] ret_from_fork_asm+0x1a/0x30 [ 26.091952] [ 26.092205] The buggy address belongs to the object at ffff888101ab0500 [ 26.092205] which belongs to the cache kmalloc-32 of size 32 [ 26.093900] The buggy address is located 0 bytes inside of [ 26.093900] freed 32-byte region [ffff888101ab0500, ffff888101ab0520) [ 26.094658] [ 26.094912] The buggy address belongs to the physical page: [ 26.095375] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab0 [ 26.096138] flags: 0x200000000000000(node=0|zone=2) [ 26.096485] page_type: f5(slab) [ 26.097326] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.098207] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 26.098773] page dumped because: kasan: bad access detected [ 26.099474] [ 26.099756] Memory state around the buggy address: [ 26.100393] ffff888101ab0400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.101011] ffff888101ab0480: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.102070] >ffff888101ab0500: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 26.102759] ^ [ 26.103093] ffff888101ab0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.103847] ffff888101ab0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.104518] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 25.969309] ================================================================== [ 25.970488] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 25.970917] Read of size 1 at addr ffff888102a0b578 by task kunit_try_catch/204 [ 25.971581] [ 25.971843] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.972537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.972962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.974037] Call Trace: [ 25.975011] <TASK> [ 25.975775] dump_stack_lvl+0x73/0xb0 [ 25.976244] print_report+0xd1/0x640 [ 25.976756] ? __virt_addr_valid+0x1db/0x2d0 [ 25.977038] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.977762] kasan_report+0x102/0x140 [ 25.978165] ? ksize_uaf+0x5e6/0x6c0 [ 25.978550] ? ksize_uaf+0x5e6/0x6c0 [ 25.979412] __asan_report_load1_noabort+0x18/0x20 [ 25.979730] ksize_uaf+0x5e6/0x6c0 [ 25.980560] ? __pfx_ksize_uaf+0x10/0x10 [ 25.981185] ? __pfx_ksize_uaf+0x10/0x10 [ 25.981915] kunit_try_run_case+0x1b3/0x490 [ 25.982885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.983278] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.983863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.984996] ? __kthread_parkme+0x82/0x160 [ 25.985354] ? preempt_count_sub+0x50/0x80 [ 25.985968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.986404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.987114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.987899] kthread+0x257/0x310 [ 25.988251] ? __pfx_kthread+0x10/0x10 [ 25.988968] ret_from_fork+0x41/0x80 [ 25.989559] ? __pfx_kthread+0x10/0x10 [ 25.990138] ret_from_fork_asm+0x1a/0x30 [ 25.990606] </TASK> [ 25.991180] [ 25.991420] Allocated by task 204: [ 25.992174] kasan_save_stack+0x3d/0x60 [ 25.992571] kasan_save_track+0x18/0x40 [ 25.992920] kasan_save_alloc_info+0x3b/0x50 [ 25.993638] __kasan_kmalloc+0xb7/0xc0 [ 25.994211] __kmalloc_cache_noprof+0x184/0x410 [ 25.994628] ksize_uaf+0xab/0x6c0 [ 25.995311] kunit_try_run_case+0x1b3/0x490 [ 25.996092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.996734] kthread+0x257/0x310 [ 25.997110] ret_from_fork+0x41/0x80 [ 25.997774] ret_from_fork_asm+0x1a/0x30 [ 25.998358] [ 25.998723] Freed by task 204: [ 25.999021] kasan_save_stack+0x3d/0x60 [ 25.999981] kasan_save_track+0x18/0x40 [ 26.000574] kasan_save_free_info+0x3f/0x60 [ 26.001155] __kasan_slab_free+0x56/0x70 [ 26.001660] kfree+0x123/0x3f0 [ 26.002051] ksize_uaf+0x12d/0x6c0 [ 26.002783] kunit_try_run_case+0x1b3/0x490 [ 26.003190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.003974] kthread+0x257/0x310 [ 26.004491] ret_from_fork+0x41/0x80 [ 26.005053] ret_from_fork_asm+0x1a/0x30 [ 26.005506] [ 26.005897] The buggy address belongs to the object at ffff888102a0b500 [ 26.005897] which belongs to the cache kmalloc-128 of size 128 [ 26.007027] The buggy address is located 120 bytes inside of [ 26.007027] freed 128-byte region [ffff888102a0b500, ffff888102a0b580) [ 26.008223] [ 26.008714] The buggy address belongs to the physical page: [ 26.009751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 26.010653] flags: 0x200000000000000(node=0|zone=2) [ 26.011330] page_type: f5(slab) [ 26.011920] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.012875] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.013481] page dumped because: kasan: bad access detected [ 26.014077] [ 26.014798] Memory state around the buggy address: [ 26.015205] ffff888102a0b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.016043] ffff888102a0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.016965] >ffff888102a0b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.017542] ^ [ 26.018134] ffff888102a0b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.019410] ffff888102a0b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.019887] ================================================================== [ 25.925298] ================================================================== [ 25.925994] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 25.926586] Read of size 1 at addr ffff888102a0b500 by task kunit_try_catch/204 [ 25.928159] [ 25.928461] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.929322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.929668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.930315] Call Trace: [ 25.930633] <TASK> [ 25.930934] dump_stack_lvl+0x73/0xb0 [ 25.931412] print_report+0xd1/0x640 [ 25.931747] ? __virt_addr_valid+0x1db/0x2d0 [ 25.932159] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.932520] kasan_report+0x102/0x140 [ 25.932785] ? ksize_uaf+0x600/0x6c0 [ 25.933202] ? ksize_uaf+0x600/0x6c0 [ 25.933667] __asan_report_load1_noabort+0x18/0x20 [ 25.934202] ksize_uaf+0x600/0x6c0 [ 25.934636] ? __pfx_ksize_uaf+0x10/0x10 [ 25.935079] ? __pfx_ksize_uaf+0x10/0x10 [ 25.935568] kunit_try_run_case+0x1b3/0x490 [ 25.935915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.936415] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.936810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.937241] ? __kthread_parkme+0x82/0x160 [ 25.937575] ? preempt_count_sub+0x50/0x80 [ 25.938053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.938508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.938948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.939325] kthread+0x257/0x310 [ 25.939588] ? __pfx_kthread+0x10/0x10 [ 25.939876] ret_from_fork+0x41/0x80 [ 25.940307] ? __pfx_kthread+0x10/0x10 [ 25.940732] ret_from_fork_asm+0x1a/0x30 [ 25.941195] </TASK> [ 25.941513] [ 25.941728] Allocated by task 204: [ 25.942126] kasan_save_stack+0x3d/0x60 [ 25.942546] kasan_save_track+0x18/0x40 [ 25.944525] kasan_save_alloc_info+0x3b/0x50 [ 25.944993] __kasan_kmalloc+0xb7/0xc0 [ 25.945406] __kmalloc_cache_noprof+0x184/0x410 [ 25.945856] ksize_uaf+0xab/0x6c0 [ 25.946238] kunit_try_run_case+0x1b3/0x490 [ 25.946600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.948602] kthread+0x257/0x310 [ 25.948882] ret_from_fork+0x41/0x80 [ 25.949140] ret_from_fork_asm+0x1a/0x30 [ 25.949418] [ 25.949621] Freed by task 204: [ 25.950009] kasan_save_stack+0x3d/0x60 [ 25.950477] kasan_save_track+0x18/0x40 [ 25.950903] kasan_save_free_info+0x3f/0x60 [ 25.951368] __kasan_slab_free+0x56/0x70 [ 25.951780] kfree+0x123/0x3f0 [ 25.952138] ksize_uaf+0x12d/0x6c0 [ 25.952515] kunit_try_run_case+0x1b3/0x490 [ 25.952792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.953130] kthread+0x257/0x310 [ 25.953425] ret_from_fork+0x41/0x80 [ 25.953845] ret_from_fork_asm+0x1a/0x30 [ 25.954325] [ 25.954539] The buggy address belongs to the object at ffff888102a0b500 [ 25.954539] which belongs to the cache kmalloc-128 of size 128 [ 25.955640] The buggy address is located 0 bytes inside of [ 25.955640] freed 128-byte region [ffff888102a0b500, ffff888102a0b580) [ 25.956609] [ 25.956769] The buggy address belongs to the physical page: [ 25.957324] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 25.957989] flags: 0x200000000000000(node=0|zone=2) [ 25.958355] page_type: f5(slab) [ 25.958721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.959224] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.959642] page dumped because: kasan: bad access detected [ 25.960156] [ 25.960411] Memory state around the buggy address: [ 25.960870] ffff888102a0b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.961542] ffff888102a0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.962126] >ffff888102a0b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.962536] ^ [ 25.962863] ffff888102a0b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.963520] ffff888102a0b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.964058] ================================================================== [ 25.883503] ================================================================== [ 25.884528] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 25.885165] Read of size 1 at addr ffff888102a0b500 by task kunit_try_catch/204 [ 25.886084] [ 25.886284] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.887910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.888197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.888930] Call Trace: [ 25.889183] <TASK> [ 25.889667] dump_stack_lvl+0x73/0xb0 [ 25.890168] print_report+0xd1/0x640 [ 25.890851] ? __virt_addr_valid+0x1db/0x2d0 [ 25.891444] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.891905] kasan_report+0x102/0x140 [ 25.892178] ? ksize_uaf+0x19e/0x6c0 [ 25.892605] ? ksize_uaf+0x19e/0x6c0 [ 25.892917] ? ksize_uaf+0x19e/0x6c0 [ 25.893409] __kasan_check_byte+0x3d/0x50 [ 25.893848] ksize+0x20/0x60 [ 25.894233] ksize_uaf+0x19e/0x6c0 [ 25.894608] ? __pfx_ksize_uaf+0x10/0x10 [ 25.895000] ? __pfx_ksize_uaf+0x10/0x10 [ 25.895490] kunit_try_run_case+0x1b3/0x490 [ 25.895960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.896552] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.897154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.897849] ? __kthread_parkme+0x82/0x160 [ 25.898392] ? preempt_count_sub+0x50/0x80 [ 25.898757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.899232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.899982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.900631] kthread+0x257/0x310 [ 25.901103] ? __pfx_kthread+0x10/0x10 [ 25.901655] ret_from_fork+0x41/0x80 [ 25.902168] ? __pfx_kthread+0x10/0x10 [ 25.902694] ret_from_fork_asm+0x1a/0x30 [ 25.903298] </TASK> [ 25.903645] [ 25.903811] Allocated by task 204: [ 25.904084] kasan_save_stack+0x3d/0x60 [ 25.904513] kasan_save_track+0x18/0x40 [ 25.904995] kasan_save_alloc_info+0x3b/0x50 [ 25.905459] __kasan_kmalloc+0xb7/0xc0 [ 25.905919] __kmalloc_cache_noprof+0x184/0x410 [ 25.906317] ksize_uaf+0xab/0x6c0 [ 25.906564] kunit_try_run_case+0x1b3/0x490 [ 25.907018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.907638] kthread+0x257/0x310 [ 25.908030] ret_from_fork+0x41/0x80 [ 25.908385] ret_from_fork_asm+0x1a/0x30 [ 25.908691] [ 25.908935] Freed by task 204: [ 25.909343] kasan_save_stack+0x3d/0x60 [ 25.909759] kasan_save_track+0x18/0x40 [ 25.910238] kasan_save_free_info+0x3f/0x60 [ 25.910741] __kasan_slab_free+0x56/0x70 [ 25.911367] kfree+0x123/0x3f0 [ 25.911990] ksize_uaf+0x12d/0x6c0 [ 25.912852] kunit_try_run_case+0x1b3/0x490 [ 25.913450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.913786] kthread+0x257/0x310 [ 25.914054] ret_from_fork+0x41/0x80 [ 25.914366] ret_from_fork_asm+0x1a/0x30 [ 25.914714] [ 25.914961] The buggy address belongs to the object at ffff888102a0b500 [ 25.914961] which belongs to the cache kmalloc-128 of size 128 [ 25.915790] The buggy address is located 0 bytes inside of [ 25.915790] freed 128-byte region [ffff888102a0b500, ffff888102a0b580) [ 25.916491] [ 25.916655] The buggy address belongs to the physical page: [ 25.917155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 25.917886] flags: 0x200000000000000(node=0|zone=2) [ 25.918428] page_type: f5(slab) [ 25.918772] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.919435] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.919980] page dumped because: kasan: bad access detected [ 25.920524] [ 25.920696] Memory state around the buggy address: [ 25.921090] ffff888102a0b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.921687] ffff888102a0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.922230] >ffff888102a0b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.922729] ^ [ 25.922980] ffff888102a0b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.923392] ffff888102a0b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.923787] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 25.837990] ================================================================== [ 25.839035] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.839953] Read of size 1 at addr ffff888102a0b47f by task kunit_try_catch/202 [ 25.840748] [ 25.841015] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.842129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.842540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.843108] Call Trace: [ 25.843406] <TASK> [ 25.843694] dump_stack_lvl+0x73/0xb0 [ 25.844104] print_report+0xd1/0x640 [ 25.844534] ? __virt_addr_valid+0x1db/0x2d0 [ 25.845011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.845537] kasan_report+0x102/0x140 [ 25.845951] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.846411] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.846920] __asan_report_load1_noabort+0x18/0x20 [ 25.847364] ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.847671] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.848184] ? finish_task_switch.isra.0+0x153/0x700 [ 25.848732] ? __switch_to+0x5d9/0xf60 [ 25.849166] ? __schedule+0xc3e/0x2790 [ 25.849634] ? __pfx_read_tsc+0x10/0x10 [ 25.850048] ? ktime_get_ts64+0x84/0x230 [ 25.850447] kunit_try_run_case+0x1b3/0x490 [ 25.850897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.851448] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.851771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.852369] ? __kthread_parkme+0x82/0x160 [ 25.852795] ? preempt_count_sub+0x50/0x80 [ 25.853107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.853454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.854078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.854669] kthread+0x257/0x310 [ 25.855077] ? __pfx_kthread+0x10/0x10 [ 25.855575] ret_from_fork+0x41/0x80 [ 25.856031] ? __pfx_kthread+0x10/0x10 [ 25.856446] ret_from_fork_asm+0x1a/0x30 [ 25.856933] </TASK> [ 25.857287] [ 25.857510] Allocated by task 202: [ 25.857750] kasan_save_stack+0x3d/0x60 [ 25.858235] kasan_save_track+0x18/0x40 [ 25.858716] kasan_save_alloc_info+0x3b/0x50 [ 25.859211] __kasan_kmalloc+0xb7/0xc0 [ 25.859522] __kmalloc_cache_noprof+0x184/0x410 [ 25.859810] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.860330] kunit_try_run_case+0x1b3/0x490 [ 25.860817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.861399] kthread+0x257/0x310 [ 25.861675] ret_from_fork+0x41/0x80 [ 25.861963] ret_from_fork_asm+0x1a/0x30 [ 25.862227] [ 25.862423] The buggy address belongs to the object at ffff888102a0b400 [ 25.862423] which belongs to the cache kmalloc-128 of size 128 [ 25.863234] The buggy address is located 12 bytes to the right of [ 25.863234] allocated 115-byte region [ffff888102a0b400, ffff888102a0b473) [ 25.864307] [ 25.864474] The buggy address belongs to the physical page: [ 25.864767] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 25.865191] flags: 0x200000000000000(node=0|zone=2) [ 25.865539] page_type: f5(slab) [ 25.866355] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.867070] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.868589] page dumped because: kasan: bad access detected [ 25.869071] [ 25.869291] Memory state around the buggy address: [ 25.869741] ffff888102a0b300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.870384] ffff888102a0b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.871045] >ffff888102a0b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.871709] ^ [ 25.872402] ffff888102a0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.872891] ffff888102a0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.873399] ================================================================== [ 25.799242] ================================================================== [ 25.799933] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.800639] Read of size 1 at addr ffff888102a0b478 by task kunit_try_catch/202 [ 25.801289] [ 25.801526] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.802417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.803864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.804850] Call Trace: [ 25.805137] <TASK> [ 25.805596] dump_stack_lvl+0x73/0xb0 [ 25.806286] print_report+0xd1/0x640 [ 25.806784] ? __virt_addr_valid+0x1db/0x2d0 [ 25.807184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.807646] kasan_report+0x102/0x140 [ 25.808119] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.808631] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.808985] __asan_report_load1_noabort+0x18/0x20 [ 25.809528] ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.809965] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.810382] ? finish_task_switch.isra.0+0x153/0x700 [ 25.810901] ? __switch_to+0x5d9/0xf60 [ 25.811381] ? __schedule+0xc3e/0x2790 [ 25.811706] ? __pfx_read_tsc+0x10/0x10 [ 25.812128] ? ktime_get_ts64+0x84/0x230 [ 25.812525] kunit_try_run_case+0x1b3/0x490 [ 25.812914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.813394] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.813773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.814189] ? __kthread_parkme+0x82/0x160 [ 25.814662] ? preempt_count_sub+0x50/0x80 [ 25.815093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.815585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.816041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.816618] kthread+0x257/0x310 [ 25.816964] ? __pfx_kthread+0x10/0x10 [ 25.817304] ret_from_fork+0x41/0x80 [ 25.817712] ? __pfx_kthread+0x10/0x10 [ 25.818155] ret_from_fork_asm+0x1a/0x30 [ 25.818598] </TASK> [ 25.818876] [ 25.819028] Allocated by task 202: [ 25.819406] kasan_save_stack+0x3d/0x60 [ 25.819780] kasan_save_track+0x18/0x40 [ 25.820082] kasan_save_alloc_info+0x3b/0x50 [ 25.820564] __kasan_kmalloc+0xb7/0xc0 [ 25.820919] __kmalloc_cache_noprof+0x184/0x410 [ 25.821360] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.821789] kunit_try_run_case+0x1b3/0x490 [ 25.822287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.822667] kthread+0x257/0x310 [ 25.823041] ret_from_fork+0x41/0x80 [ 25.823397] ret_from_fork_asm+0x1a/0x30 [ 25.823672] [ 25.823819] The buggy address belongs to the object at ffff888102a0b400 [ 25.823819] which belongs to the cache kmalloc-128 of size 128 [ 25.824449] The buggy address is located 5 bytes to the right of [ 25.824449] allocated 115-byte region [ffff888102a0b400, ffff888102a0b473) [ 25.825213] [ 25.825479] The buggy address belongs to the physical page: [ 25.826012] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 25.826754] flags: 0x200000000000000(node=0|zone=2) [ 25.827285] page_type: f5(slab) [ 25.827647] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.828368] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.828746] page dumped because: kasan: bad access detected [ 25.829066] [ 25.829205] Memory state around the buggy address: [ 25.829523] ffff888102a0b300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.830173] ffff888102a0b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.830817] >ffff888102a0b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.831487] ^ [ 25.832109] ffff888102a0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.832770] ffff888102a0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.833236] ================================================================== [ 25.743737] ================================================================== [ 25.744975] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 25.746339] Read of size 1 at addr ffff888102a0b473 by task kunit_try_catch/202 [ 25.746907] [ 25.747108] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.748263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.748751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.750173] Call Trace: [ 25.750423] <TASK> [ 25.751760] dump_stack_lvl+0x73/0xb0 [ 25.752206] print_report+0xd1/0x640 [ 25.752888] ? __virt_addr_valid+0x1db/0x2d0 [ 25.753814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.754293] kasan_report+0x102/0x140 [ 25.754649] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 25.755132] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 25.756636] __asan_report_load1_noabort+0x18/0x20 [ 25.757290] ksize_unpoisons_memory+0x81e/0x9b0 [ 25.757702] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.758226] ? finish_task_switch.isra.0+0x153/0x700 [ 25.759323] ? __switch_to+0x5d9/0xf60 [ 25.759692] ? __schedule+0xc3e/0x2790 [ 25.760107] ? __pfx_read_tsc+0x10/0x10 [ 25.761609] ? ktime_get_ts64+0x84/0x230 [ 25.762172] kunit_try_run_case+0x1b3/0x490 [ 25.762979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.763688] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.764156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.764687] ? __kthread_parkme+0x82/0x160 [ 25.765793] ? preempt_count_sub+0x50/0x80 [ 25.766572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.767417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.768530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.769219] kthread+0x257/0x310 [ 25.770109] ? __pfx_kthread+0x10/0x10 [ 25.770688] ret_from_fork+0x41/0x80 [ 25.771124] ? __pfx_kthread+0x10/0x10 [ 25.771684] ret_from_fork_asm+0x1a/0x30 [ 25.772181] </TASK> [ 25.772791] [ 25.773674] Allocated by task 202: [ 25.774298] kasan_save_stack+0x3d/0x60 [ 25.775058] kasan_save_track+0x18/0x40 [ 25.775430] kasan_save_alloc_info+0x3b/0x50 [ 25.776470] __kasan_kmalloc+0xb7/0xc0 [ 25.777427] __kmalloc_cache_noprof+0x184/0x410 [ 25.777696] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.778937] kunit_try_run_case+0x1b3/0x490 [ 25.779327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.779999] kthread+0x257/0x310 [ 25.780925] ret_from_fork+0x41/0x80 [ 25.781330] ret_from_fork_asm+0x1a/0x30 [ 25.781553] [ 25.781687] The buggy address belongs to the object at ffff888102a0b400 [ 25.781687] which belongs to the cache kmalloc-128 of size 128 [ 25.782702] The buggy address is located 0 bytes to the right of [ 25.782702] allocated 115-byte region [ffff888102a0b400, ffff888102a0b473) [ 25.784705] [ 25.785277] The buggy address belongs to the physical page: [ 25.785717] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0b [ 25.787380] flags: 0x200000000000000(node=0|zone=2) [ 25.787785] page_type: f5(slab) [ 25.788648] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.790136] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.790569] page dumped because: kasan: bad access detected [ 25.791529] [ 25.792021] Memory state around the buggy address: [ 25.792726] ffff888102a0b300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.793496] ffff888102a0b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.794520] >ffff888102a0b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.795637] ^ [ 25.796093] ffff888102a0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.796738] ffff888102a0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.797557] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 63.215920] ================================================================== [ 63.216506] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.216506] [ 63.217422] Use-after-free read at 0x(____ptrval____) (in kfence-#167): [ 63.217947] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.218467] kunit_try_run_case+0x1b3/0x490 [ 63.218859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.219280] kthread+0x257/0x310 [ 63.220407] ret_from_fork+0x41/0x80 [ 63.221168] ret_from_fork_asm+0x1a/0x30 [ 63.221710] [ 63.222017] kfence-#167: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 63.222017] [ 63.222774] allocated by task 343 on cpu 1 at 63.194347s (0.028422s ago): [ 63.223598] test_alloc+0x2a7/0x10d0 [ 63.224081] test_memcache_typesafe_by_rcu+0x170/0x670 [ 63.224519] kunit_try_run_case+0x1b3/0x490 [ 63.224942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.225514] kthread+0x257/0x310 [ 63.225837] ret_from_fork+0x41/0x80 [ 63.226280] ret_from_fork_asm+0x1a/0x30 [ 63.226740] [ 63.226988] freed by task 343 on cpu 1 at 63.194490s (0.032493s ago): [ 63.227463] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 63.227987] kunit_try_run_case+0x1b3/0x490 [ 63.228486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.228858] kthread+0x257/0x310 [ 63.229101] ret_from_fork+0x41/0x80 [ 63.229554] ret_from_fork_asm+0x1a/0x30 [ 63.230032] [ 63.230332] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 63.230992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.231293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.232119] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 39.616279] ================================================================== [ 39.617975] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 39.617975] [ 39.618558] Invalid read at 0x(____ptrval____): [ 39.619715] test_invalid_access+0xf1/0x210 [ 39.620870] kunit_try_run_case+0x1b3/0x490 [ 39.621624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.622433] kthread+0x257/0x310 [ 39.622748] ret_from_fork+0x41/0x80 [ 39.623523] ret_from_fork_asm+0x1a/0x30 [ 39.624136] [ 39.624327] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.626007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.626327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.626592] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 39.378928] ================================================================== [ 39.379485] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.379485] [ 39.380967] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#163): [ 39.382370] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.383126] kunit_try_run_case+0x1b3/0x490 [ 39.383793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.384318] kthread+0x257/0x310 [ 39.385004] ret_from_fork+0x41/0x80 [ 39.385369] ret_from_fork_asm+0x1a/0x30 [ 39.385931] [ 39.386160] kfence-#163: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.386160] [ 39.386821] allocated by task 333 on cpu 1 at 39.378497s (0.008299s ago): [ 39.387747] test_alloc+0x35f/0x10d0 [ 39.388190] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 39.388787] kunit_try_run_case+0x1b3/0x490 [ 39.389457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.389983] kthread+0x257/0x310 [ 39.390398] ret_from_fork+0x41/0x80 [ 39.390860] ret_from_fork_asm+0x1a/0x30 [ 39.391215] [ 39.391453] freed by task 333 on cpu 1 at 39.378737s (0.012712s ago): [ 39.392027] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.392754] kunit_try_run_case+0x1b3/0x490 [ 39.393143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.393781] kthread+0x257/0x310 [ 39.394292] ret_from_fork+0x41/0x80 [ 39.394713] ret_from_fork_asm+0x1a/0x30 [ 39.395252] [ 39.395456] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.396127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.396581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.397661] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.274865] ================================================================== [ 39.275429] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.275429] [ 39.276450] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#162): [ 39.277083] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.277407] kunit_try_run_case+0x1b3/0x490 [ 39.277890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.278526] kthread+0x257/0x310 [ 39.278923] ret_from_fork+0x41/0x80 [ 39.279232] ret_from_fork_asm+0x1a/0x30 [ 39.279664] [ 39.280040] kfence-#162: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.280040] [ 39.281045] allocated by task 331 on cpu 0 at 39.274478s (0.006560s ago): [ 39.282077] test_alloc+0x35f/0x10d0 [ 39.282477] test_kmalloc_aligned_oob_read+0x106/0x570 [ 39.283181] kunit_try_run_case+0x1b3/0x490 [ 39.283781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.284252] kthread+0x257/0x310 [ 39.284722] ret_from_fork+0x41/0x80 [ 39.285251] ret_from_fork_asm+0x1a/0x30 [ 39.285676] [ 39.285887] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.286397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.286746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.288189] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 35.010708] ================================================================== [ 35.011335] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 35.011335] [ 35.011918] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#121): [ 35.014144] test_corruption+0x132/0x3e0 [ 35.014553] kunit_try_run_case+0x1b3/0x490 [ 35.014965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.015778] kthread+0x257/0x310 [ 35.016046] ret_from_fork+0x41/0x80 [ 35.017072] ret_from_fork_asm+0x1a/0x30 [ 35.017553] [ 35.017799] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.017799] [ 35.018632] allocated by task 321 on cpu 1 at 35.010494s (0.008133s ago): [ 35.019284] test_alloc+0x2a7/0x10d0 [ 35.019586] test_corruption+0xe7/0x3e0 [ 35.019881] kunit_try_run_case+0x1b3/0x490 [ 35.020313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.020949] kthread+0x257/0x310 [ 35.021192] ret_from_fork+0x41/0x80 [ 35.021588] ret_from_fork_asm+0x1a/0x30 [ 35.022165] [ 35.022432] freed by task 321 on cpu 1 at 35.010583s (0.011844s ago): [ 35.022864] test_corruption+0x132/0x3e0 [ 35.023304] kunit_try_run_case+0x1b3/0x490 [ 35.023641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.024060] kthread+0x257/0x310 [ 35.024506] ret_from_fork+0x41/0x80 [ 35.024843] ret_from_fork_asm+0x1a/0x30 [ 35.025118] [ 35.025310] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.026428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.026856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.027493] ================================================================== [ 34.802960] ================================================================== [ 34.803522] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 34.803522] [ 34.804144] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#119): [ 34.804773] test_corruption+0x2e1/0x3e0 [ 34.805195] kunit_try_run_case+0x1b3/0x490 [ 34.805529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.806030] kthread+0x257/0x310 [ 34.806271] ret_from_fork+0x41/0x80 [ 34.806535] ret_from_fork_asm+0x1a/0x30 [ 34.806799] [ 34.807122] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.807122] [ 34.807966] allocated by task 319 on cpu 1 at 34.802516s (0.005445s ago): [ 34.808641] test_alloc+0x35f/0x10d0 [ 34.809018] test_corruption+0x1cc/0x3e0 [ 34.809311] kunit_try_run_case+0x1b3/0x490 [ 34.809706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.810063] kthread+0x257/0x310 [ 34.810332] ret_from_fork+0x41/0x80 [ 34.810728] ret_from_fork_asm+0x1a/0x30 [ 34.811169] [ 34.811406] freed by task 319 on cpu 1 at 34.802678s (0.008723s ago): [ 34.812039] test_corruption+0x2e1/0x3e0 [ 34.812457] kunit_try_run_case+0x1b3/0x490 [ 34.812839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.813188] kthread+0x257/0x310 [ 34.813443] ret_from_fork+0x41/0x80 [ 34.813709] ret_from_fork_asm+0x1a/0x30 [ 34.814182] [ 34.814447] CPU: 1 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.815627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.816044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.817011] ================================================================== [ 34.594919] ================================================================== [ 34.595540] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 34.595540] [ 34.596176] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#117): [ 34.598115] test_corruption+0x2d4/0x3e0 [ 34.598463] kunit_try_run_case+0x1b3/0x490 [ 34.599042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.599377] kthread+0x257/0x310 [ 34.599777] ret_from_fork+0x41/0x80 [ 34.600212] ret_from_fork_asm+0x1a/0x30 [ 34.600621] [ 34.600777] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.600777] [ 34.601568] allocated by task 319 on cpu 1 at 34.594491s (0.007070s ago): [ 34.602173] test_alloc+0x35f/0x10d0 [ 34.602601] test_corruption+0xe7/0x3e0 [ 34.602966] kunit_try_run_case+0x1b3/0x490 [ 34.603247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.603584] kthread+0x257/0x310 [ 34.603984] ret_from_fork+0x41/0x80 [ 34.604506] ret_from_fork_asm+0x1a/0x30 [ 34.604891] [ 34.605046] freed by task 319 on cpu 1 at 34.594650s (0.010392s ago): [ 34.605614] test_corruption+0x2d4/0x3e0 [ 34.606056] kunit_try_run_case+0x1b3/0x490 [ 34.606553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.607080] kthread+0x257/0x310 [ 34.607520] ret_from_fork+0x41/0x80 [ 34.607833] ret_from_fork_asm+0x1a/0x30 [ 34.608109] [ 34.608303] CPU: 1 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.609310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.609742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.610638] ================================================================== [ 35.322698] ================================================================== [ 35.323341] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 35.323341] [ 35.324121] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#124): [ 35.324882] test_corruption+0x217/0x3e0 [ 35.325156] kunit_try_run_case+0x1b3/0x490 [ 35.325617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.326168] kthread+0x257/0x310 [ 35.326566] ret_from_fork+0x41/0x80 [ 35.326861] ret_from_fork_asm+0x1a/0x30 [ 35.327161] [ 35.327380] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.327380] [ 35.328352] allocated by task 321 on cpu 1 at 35.322490s (0.005857s ago): [ 35.328745] test_alloc+0x2a7/0x10d0 [ 35.329037] test_corruption+0x1cc/0x3e0 [ 35.329321] kunit_try_run_case+0x1b3/0x490 [ 35.329773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.330380] kthread+0x257/0x310 [ 35.330758] ret_from_fork+0x41/0x80 [ 35.331180] ret_from_fork_asm+0x1a/0x30 [ 35.331578] [ 35.331819] freed by task 321 on cpu 1 at 35.322576s (0.009220s ago): [ 35.332230] test_corruption+0x217/0x3e0 [ 35.332644] kunit_try_run_case+0x1b3/0x490 [ 35.333029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.333349] kthread+0x257/0x310 [ 35.333579] ret_from_fork+0x41/0x80 [ 35.334018] ret_from_fork_asm+0x1a/0x30 [ 35.334433] [ 35.334685] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.335539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.335973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.336658] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 34.178628] ================================================================== [ 34.179324] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 34.179324] [ 34.180226] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 34.181283] test_invalid_addr_free+0x1e3/0x260 [ 34.181709] kunit_try_run_case+0x1b3/0x490 [ 34.182701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.183412] kthread+0x257/0x310 [ 34.183953] ret_from_fork+0x41/0x80 [ 34.184895] ret_from_fork_asm+0x1a/0x30 [ 34.185250] [ 34.185543] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.185543] [ 34.186800] allocated by task 315 on cpu 0 at 34.178441s (0.008356s ago): [ 34.187249] test_alloc+0x35f/0x10d0 [ 34.187870] test_invalid_addr_free+0xdc/0x260 [ 34.188635] kunit_try_run_case+0x1b3/0x490 [ 34.189090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.189974] kthread+0x257/0x310 [ 34.190554] ret_from_fork+0x41/0x80 [ 34.191058] ret_from_fork_asm+0x1a/0x30 [ 34.191428] [ 34.191665] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.192389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.192792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.193284] ================================================================== [ 34.282701] ================================================================== [ 34.283296] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 34.283296] [ 34.284142] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 34.284772] test_invalid_addr_free+0xfc/0x260 [ 34.285150] kunit_try_run_case+0x1b3/0x490 [ 34.285576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.286154] kthread+0x257/0x310 [ 34.286562] ret_from_fork+0x41/0x80 [ 34.286921] ret_from_fork_asm+0x1a/0x30 [ 34.287200] [ 34.287361] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.287361] [ 34.288206] allocated by task 317 on cpu 1 at 34.282518s (0.005683s ago): [ 34.289273] test_alloc+0x2a7/0x10d0 [ 34.289630] test_invalid_addr_free+0xdc/0x260 [ 34.289963] kunit_try_run_case+0x1b3/0x490 [ 34.290245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.290765] kthread+0x257/0x310 [ 34.291265] ret_from_fork+0x41/0x80 [ 34.291896] ret_from_fork_asm+0x1a/0x30 [ 34.292370] [ 34.292629] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.293285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.293745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.294216] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 33.658611] ================================================================== [ 33.659248] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.659248] [ 33.660344] Use-after-free read at 0x(____ptrval____) (in kfence-#108): [ 33.660679] test_use_after_free_read+0x12a/0x270 [ 33.660915] kunit_try_run_case+0x1b3/0x490 [ 33.661192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.661532] kthread+0x257/0x310 [ 33.662013] ret_from_fork+0x41/0x80 [ 33.662472] ret_from_fork_asm+0x1a/0x30 [ 33.662958] [ 33.663213] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.663213] [ 33.663793] allocated by task 305 on cpu 0 at 33.658416s (0.005372s ago): [ 33.664515] test_alloc+0x2a7/0x10d0 [ 33.665006] test_use_after_free_read+0xdd/0x270 [ 33.665574] kunit_try_run_case+0x1b3/0x490 [ 33.666093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.666636] kthread+0x257/0x310 [ 33.666989] ret_from_fork+0x41/0x80 [ 33.667500] ret_from_fork_asm+0x1a/0x30 [ 33.667997] [ 33.668294] freed by task 305 on cpu 0 at 33.658504s (0.009784s ago): [ 33.669050] test_use_after_free_read+0xfc/0x270 [ 33.669613] kunit_try_run_case+0x1b3/0x490 [ 33.670057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.670578] kthread+0x257/0x310 [ 33.670943] ret_from_fork+0x41/0x80 [ 33.671394] ret_from_fork_asm+0x1a/0x30 [ 33.671781] [ 33.672057] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.672780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.673276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.673857] ================================================================== [ 33.554915] ================================================================== [ 33.555598] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.555598] [ 33.556415] Use-after-free read at 0x(____ptrval____) (in kfence-#107): [ 33.556968] test_use_after_free_read+0x12a/0x270 [ 33.557455] kunit_try_run_case+0x1b3/0x490 [ 33.557946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.558537] kthread+0x257/0x310 [ 33.559023] ret_from_fork+0x41/0x80 [ 33.559640] ret_from_fork_asm+0x1a/0x30 [ 33.560090] [ 33.560281] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.560281] [ 33.560801] allocated by task 303 on cpu 1 at 33.554509s (0.006288s ago): [ 33.561651] test_alloc+0x35f/0x10d0 [ 33.562030] test_use_after_free_read+0xdd/0x270 [ 33.562389] kunit_try_run_case+0x1b3/0x490 [ 33.562930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.563582] kthread+0x257/0x310 [ 33.563947] ret_from_fork+0x41/0x80 [ 33.564214] ret_from_fork_asm+0x1a/0x30 [ 33.564754] [ 33.565478] freed by task 303 on cpu 1 at 33.554630s (0.010643s ago): [ 33.566354] test_use_after_free_read+0x1e9/0x270 [ 33.566870] kunit_try_run_case+0x1b3/0x490 [ 33.567261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.567876] kthread+0x257/0x310 [ 33.568278] ret_from_fork+0x41/0x80 [ 33.568676] ret_from_fork_asm+0x1a/0x30 [ 33.569257] [ 33.569576] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.570448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.570895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.571890] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 33.346704] ================================================================== [ 33.347409] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.347409] [ 33.348369] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#105): [ 33.349107] test_out_of_bounds_write+0x10e/0x260 [ 33.350449] kunit_try_run_case+0x1b3/0x490 [ 33.350986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.352096] kthread+0x257/0x310 [ 33.352564] ret_from_fork+0x41/0x80 [ 33.352955] ret_from_fork_asm+0x1a/0x30 [ 33.353369] [ 33.353565] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.353565] [ 33.354142] allocated by task 299 on cpu 1 at 33.346507s (0.007630s ago): [ 33.354524] test_alloc+0x35f/0x10d0 [ 33.354708] test_out_of_bounds_write+0xd5/0x260 [ 33.355767] kunit_try_run_case+0x1b3/0x490 [ 33.356157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.356743] kthread+0x257/0x310 [ 33.357016] ret_from_fork+0x41/0x80 [ 33.357394] ret_from_fork_asm+0x1a/0x30 [ 33.357999] [ 33.358303] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.359520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.360511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.361243] ================================================================== [ 33.450592] ================================================================== [ 33.451522] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.451522] [ 33.452067] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#106): [ 33.452723] test_out_of_bounds_write+0x10e/0x260 [ 33.453032] kunit_try_run_case+0x1b3/0x490 [ 33.453558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.454258] kthread+0x257/0x310 [ 33.454682] ret_from_fork+0x41/0x80 [ 33.455125] ret_from_fork_asm+0x1a/0x30 [ 33.455604] [ 33.455847] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.455847] [ 33.456563] allocated by task 301 on cpu 1 at 33.450500s (0.006058s ago): [ 33.457145] test_alloc+0x2a7/0x10d0 [ 33.457409] test_out_of_bounds_write+0xd5/0x260 [ 33.457967] kunit_try_run_case+0x1b3/0x490 [ 33.458390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.458703] kthread+0x257/0x310 [ 33.459259] ret_from_fork+0x41/0x80 [ 33.459841] ret_from_fork_asm+0x1a/0x30 [ 33.460277] [ 33.460601] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.461340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.461653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.462244] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 33.034577] ================================================================== [ 33.035476] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 33.035476] [ 33.036244] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#102): [ 33.036794] test_out_of_bounds_read+0x127/0x4e0 [ 33.037444] kunit_try_run_case+0x1b3/0x490 [ 33.037874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.038548] kthread+0x257/0x310 [ 33.038978] ret_from_fork+0x41/0x80 [ 33.039539] ret_from_fork_asm+0x1a/0x30 [ 33.040060] [ 33.040317] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.040317] [ 33.041528] allocated by task 297 on cpu 0 at 33.034477s (0.007046s ago): [ 33.042244] test_alloc+0x2a7/0x10d0 [ 33.042766] test_out_of_bounds_read+0xee/0x4e0 [ 33.043249] kunit_try_run_case+0x1b3/0x490 [ 33.043895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.044453] kthread+0x257/0x310 [ 33.044984] ret_from_fork+0x41/0x80 [ 33.045412] ret_from_fork_asm+0x1a/0x30 [ 33.045996] [ 33.046332] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.047133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.047427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.048441] ================================================================== [ 32.826718] ================================================================== [ 32.827330] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 32.827330] [ 32.828227] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#100): [ 32.829010] test_out_of_bounds_read+0x217/0x4e0 [ 32.829315] kunit_try_run_case+0x1b3/0x490 [ 32.829803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.830380] kthread+0x257/0x310 [ 32.830649] ret_from_fork+0x41/0x80 [ 32.830943] ret_from_fork_asm+0x1a/0x30 [ 32.831504] [ 32.831725] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.831725] [ 32.832724] allocated by task 295 on cpu 1 at 32.826415s (0.006303s ago): [ 32.833256] test_alloc+0x35f/0x10d0 [ 32.833687] test_out_of_bounds_read+0x1e3/0x4e0 [ 32.834184] kunit_try_run_case+0x1b3/0x490 [ 32.834768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.835170] kthread+0x257/0x310 [ 32.835584] ret_from_fork+0x41/0x80 [ 32.835953] ret_from_fork_asm+0x1a/0x30 [ 32.836480] [ 32.836743] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.837256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.837729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.838655] ================================================================== [ 32.724133] ================================================================== [ 32.724949] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 32.724949] [ 32.725920] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#99): [ 32.727102] test_out_of_bounds_read+0x127/0x4e0 [ 32.727719] kunit_try_run_case+0x1b3/0x490 [ 32.728109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.728699] kthread+0x257/0x310 [ 32.729043] ret_from_fork+0x41/0x80 [ 32.729490] ret_from_fork_asm+0x1a/0x30 [ 32.730081] [ 32.730710] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.730710] [ 32.731887] allocated by task 295 on cpu 1 at 32.722463s (0.009228s ago): [ 32.733406] test_alloc+0x35f/0x10d0 [ 32.733761] test_out_of_bounds_read+0xee/0x4e0 [ 32.734097] kunit_try_run_case+0x1b3/0x490 [ 32.734586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.735167] kthread+0x257/0x310 [ 32.735567] ret_from_fork+0x41/0x80 [ 32.736010] ret_from_fork_asm+0x1a/0x30 [ 32.736669] [ 32.737066] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.737858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.738128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.738996] ================================================================== [ 33.242548] ================================================================== [ 33.243385] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.243385] [ 33.244194] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#104): [ 33.244730] test_out_of_bounds_read+0x217/0x4e0 [ 33.245327] kunit_try_run_case+0x1b3/0x490 [ 33.245880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.246507] kthread+0x257/0x310 [ 33.247079] ret_from_fork+0x41/0x80 [ 33.247508] ret_from_fork_asm+0x1a/0x30 [ 33.248108] [ 33.248385] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.248385] [ 33.248944] allocated by task 297 on cpu 0 at 33.242461s (0.006478s ago): [ 33.249840] test_alloc+0x2a7/0x10d0 [ 33.250319] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.250975] kunit_try_run_case+0x1b3/0x490 [ 33.251335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.251952] kthread+0x257/0x310 [ 33.252403] ret_from_fork+0x41/0x80 [ 33.252757] ret_from_fork_asm+0x1a/0x30 [ 33.253274] [ 33.253563] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.254324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.254641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.255472] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 32.472426] ================================================================== [ 32.473222] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 32.473994] Write of size 1 at addr ffff888101ac2878 by task kunit_try_catch/293 [ 32.474615] [ 32.474934] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.475849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.476374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.477092] Call Trace: [ 32.477490] <TASK> [ 32.477806] dump_stack_lvl+0x73/0xb0 [ 32.478292] print_report+0xd1/0x640 [ 32.478873] ? __virt_addr_valid+0x1db/0x2d0 [ 32.479496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.480139] kasan_report+0x102/0x140 [ 32.480577] ? strncpy_from_user+0x1a7/0x1e0 [ 32.481071] ? strncpy_from_user+0x1a7/0x1e0 [ 32.481548] __asan_report_store1_noabort+0x1b/0x30 [ 32.482138] strncpy_from_user+0x1a7/0x1e0 [ 32.482697] copy_user_test_oob+0x761/0x10f0 [ 32.483282] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.483834] ? finish_task_switch.isra.0+0x153/0x700 [ 32.484305] ? __switch_to+0x5d9/0xf60 [ 32.484595] ? irqentry_exit+0x2a/0x60 [ 32.485023] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.485590] ? trace_hardirqs_on+0x37/0xe0 [ 32.486071] ? __pfx_read_tsc+0x10/0x10 [ 32.486527] ? ktime_get_ts64+0x84/0x230 [ 32.486980] kunit_try_run_case+0x1b3/0x490 [ 32.487537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.487936] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.488354] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.488781] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.489405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.489975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.490623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.491191] kthread+0x257/0x310 [ 32.491614] ? __pfx_kthread+0x10/0x10 [ 32.492118] ret_from_fork+0x41/0x80 [ 32.492581] ? __pfx_kthread+0x10/0x10 [ 32.493103] ret_from_fork_asm+0x1a/0x30 [ 32.493660] </TASK> [ 32.493979] [ 32.494314] Allocated by task 293: [ 32.494649] kasan_save_stack+0x3d/0x60 [ 32.495276] kasan_save_track+0x18/0x40 [ 32.495613] kasan_save_alloc_info+0x3b/0x50 [ 32.496122] __kasan_kmalloc+0xb7/0xc0 [ 32.496584] __kmalloc_noprof+0x1c4/0x500 [ 32.497054] kunit_kmalloc_array+0x25/0x60 [ 32.497472] copy_user_test_oob+0xac/0x10f0 [ 32.497980] kunit_try_run_case+0x1b3/0x490 [ 32.498461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.498983] kthread+0x257/0x310 [ 32.499440] ret_from_fork+0x41/0x80 [ 32.499767] ret_from_fork_asm+0x1a/0x30 [ 32.500281] [ 32.500568] The buggy address belongs to the object at ffff888101ac2800 [ 32.500568] which belongs to the cache kmalloc-128 of size 128 [ 32.501501] The buggy address is located 0 bytes to the right of [ 32.501501] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.502537] [ 32.502771] The buggy address belongs to the physical page: [ 32.503216] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.503991] flags: 0x200000000000000(node=0|zone=2) [ 32.504543] page_type: f5(slab) [ 32.504963] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.505658] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.506377] page dumped because: kasan: bad access detected [ 32.506942] [ 32.507195] Memory state around the buggy address: [ 32.507685] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.508373] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.508982] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.509657] ^ [ 32.510370] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.510910] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.511479] ================================================================== [ 32.431602] ================================================================== [ 32.432299] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 32.433285] Write of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.433809] [ 32.434026] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.434757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.435219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.436022] Call Trace: [ 32.436234] <TASK> [ 32.436558] dump_stack_lvl+0x73/0xb0 [ 32.437038] print_report+0xd1/0x640 [ 32.437507] ? __virt_addr_valid+0x1db/0x2d0 [ 32.438026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.438547] kasan_report+0x102/0x140 [ 32.439059] ? strncpy_from_user+0x2e/0x1e0 [ 32.439455] ? strncpy_from_user+0x2e/0x1e0 [ 32.439974] kasan_check_range+0x10c/0x1c0 [ 32.440415] __kasan_check_write+0x18/0x20 [ 32.440940] strncpy_from_user+0x2e/0x1e0 [ 32.441370] ? __kasan_check_read+0x15/0x20 [ 32.441897] copy_user_test_oob+0x761/0x10f0 [ 32.442361] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.442904] ? finish_task_switch.isra.0+0x153/0x700 [ 32.443484] ? __switch_to+0x5d9/0xf60 [ 32.443968] ? irqentry_exit+0x2a/0x60 [ 32.444426] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.444875] ? trace_hardirqs_on+0x37/0xe0 [ 32.445286] ? __pfx_read_tsc+0x10/0x10 [ 32.445766] ? ktime_get_ts64+0x84/0x230 [ 32.446309] kunit_try_run_case+0x1b3/0x490 [ 32.446780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.447343] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.447853] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.448467] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.448991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.449566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.450129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.450779] kthread+0x257/0x310 [ 32.451174] ? __pfx_kthread+0x10/0x10 [ 32.451706] ret_from_fork+0x41/0x80 [ 32.452138] ? __pfx_kthread+0x10/0x10 [ 32.452541] ret_from_fork_asm+0x1a/0x30 [ 32.453016] </TASK> [ 32.453458] [ 32.453714] Allocated by task 293: [ 32.454133] kasan_save_stack+0x3d/0x60 [ 32.454539] kasan_save_track+0x18/0x40 [ 32.454972] kasan_save_alloc_info+0x3b/0x50 [ 32.455581] __kasan_kmalloc+0xb7/0xc0 [ 32.456035] __kmalloc_noprof+0x1c4/0x500 [ 32.456470] kunit_kmalloc_array+0x25/0x60 [ 32.456852] copy_user_test_oob+0xac/0x10f0 [ 32.457353] kunit_try_run_case+0x1b3/0x490 [ 32.457855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.458445] kthread+0x257/0x310 [ 32.458886] ret_from_fork+0x41/0x80 [ 32.459365] ret_from_fork_asm+0x1a/0x30 [ 32.459882] [ 32.460185] The buggy address belongs to the object at ffff888101ac2800 [ 32.460185] which belongs to the cache kmalloc-128 of size 128 [ 32.460926] The buggy address is located 0 bytes inside of [ 32.460926] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.461512] [ 32.461674] The buggy address belongs to the physical page: [ 32.462267] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.463000] flags: 0x200000000000000(node=0|zone=2) [ 32.463538] page_type: f5(slab) [ 32.463930] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.464710] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.465458] page dumped because: kasan: bad access detected [ 32.466066] [ 32.466402] Memory state around the buggy address: [ 32.466806] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.467548] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.467945] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.468357] ^ [ 32.468859] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.469674] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.470493] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 32.290157] ================================================================== [ 32.293013] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 32.293971] Read of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.295320] [ 32.295606] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.297146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.297998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.298951] Call Trace: [ 32.299225] <TASK> [ 32.299598] dump_stack_lvl+0x73/0xb0 [ 32.300138] print_report+0xd1/0x640 [ 32.300766] ? __virt_addr_valid+0x1db/0x2d0 [ 32.301402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.302101] kasan_report+0x102/0x140 [ 32.302861] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.303535] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.304063] kasan_check_range+0x10c/0x1c0 [ 32.304806] __kasan_check_read+0x15/0x20 [ 32.305423] copy_user_test_oob+0x4ab/0x10f0 [ 32.305992] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.306904] ? finish_task_switch.isra.0+0x153/0x700 [ 32.307492] ? __switch_to+0x5d9/0xf60 [ 32.307859] ? irqentry_exit+0x2a/0x60 [ 32.308221] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.309404] ? trace_hardirqs_on+0x37/0xe0 [ 32.309761] ? __pfx_read_tsc+0x10/0x10 [ 32.310327] ? ktime_get_ts64+0x84/0x230 [ 32.311472] kunit_try_run_case+0x1b3/0x490 [ 32.311886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.312489] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.313087] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.313729] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.314482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.314922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.315692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.316395] kthread+0x257/0x310 [ 32.316964] ? __pfx_kthread+0x10/0x10 [ 32.317727] ret_from_fork+0x41/0x80 [ 32.318126] ? __pfx_kthread+0x10/0x10 [ 32.318761] ret_from_fork_asm+0x1a/0x30 [ 32.319247] </TASK> [ 32.319454] [ 32.319679] Allocated by task 293: [ 32.319962] kasan_save_stack+0x3d/0x60 [ 32.320387] kasan_save_track+0x18/0x40 [ 32.320722] kasan_save_alloc_info+0x3b/0x50 [ 32.321914] __kasan_kmalloc+0xb7/0xc0 [ 32.322494] __kmalloc_noprof+0x1c4/0x500 [ 32.322874] kunit_kmalloc_array+0x25/0x60 [ 32.323594] copy_user_test_oob+0xac/0x10f0 [ 32.324009] kunit_try_run_case+0x1b3/0x490 [ 32.325106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.325500] kthread+0x257/0x310 [ 32.325924] ret_from_fork+0x41/0x80 [ 32.326689] ret_from_fork_asm+0x1a/0x30 [ 32.327240] [ 32.327519] The buggy address belongs to the object at ffff888101ac2800 [ 32.327519] which belongs to the cache kmalloc-128 of size 128 [ 32.328835] The buggy address is located 0 bytes inside of [ 32.328835] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.329978] [ 32.330692] The buggy address belongs to the physical page: [ 32.330999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.331986] flags: 0x200000000000000(node=0|zone=2) [ 32.332450] page_type: f5(slab) [ 32.333483] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.334000] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.334782] page dumped because: kasan: bad access detected [ 32.335549] [ 32.335723] Memory state around the buggy address: [ 32.336552] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.337018] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.337600] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.338209] ^ [ 32.338720] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.339867] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.340682] ================================================================== [ 32.387806] ================================================================== [ 32.388343] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 32.389002] Read of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.390605] [ 32.391228] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.392397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.392850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.393924] Call Trace: [ 32.394567] <TASK> [ 32.394881] dump_stack_lvl+0x73/0xb0 [ 32.395287] print_report+0xd1/0x640 [ 32.395863] ? __virt_addr_valid+0x1db/0x2d0 [ 32.396309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.397161] kasan_report+0x102/0x140 [ 32.397769] ? copy_user_test_oob+0x605/0x10f0 [ 32.398493] ? copy_user_test_oob+0x605/0x10f0 [ 32.399208] kasan_check_range+0x10c/0x1c0 [ 32.399940] __kasan_check_read+0x15/0x20 [ 32.400618] copy_user_test_oob+0x605/0x10f0 [ 32.400975] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.401799] ? finish_task_switch.isra.0+0x153/0x700 [ 32.402462] ? __switch_to+0x5d9/0xf60 [ 32.402864] ? irqentry_exit+0x2a/0x60 [ 32.403898] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.404409] ? trace_hardirqs_on+0x37/0xe0 [ 32.405092] ? __pfx_read_tsc+0x10/0x10 [ 32.405856] ? ktime_get_ts64+0x84/0x230 [ 32.406483] kunit_try_run_case+0x1b3/0x490 [ 32.407123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.407937] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.408599] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.409243] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.410007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.410495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.411020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.411433] kthread+0x257/0x310 [ 32.411876] ? __pfx_kthread+0x10/0x10 [ 32.412448] ret_from_fork+0x41/0x80 [ 32.412834] ? __pfx_kthread+0x10/0x10 [ 32.413331] ret_from_fork_asm+0x1a/0x30 [ 32.413668] </TASK> [ 32.413966] [ 32.414269] Allocated by task 293: [ 32.414639] kasan_save_stack+0x3d/0x60 [ 32.415114] kasan_save_track+0x18/0x40 [ 32.415599] kasan_save_alloc_info+0x3b/0x50 [ 32.415945] __kasan_kmalloc+0xb7/0xc0 [ 32.416427] __kmalloc_noprof+0x1c4/0x500 [ 32.416880] kunit_kmalloc_array+0x25/0x60 [ 32.417162] copy_user_test_oob+0xac/0x10f0 [ 32.417648] kunit_try_run_case+0x1b3/0x490 [ 32.418183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.418754] kthread+0x257/0x310 [ 32.419102] ret_from_fork+0x41/0x80 [ 32.419585] ret_from_fork_asm+0x1a/0x30 [ 32.419893] [ 32.420054] The buggy address belongs to the object at ffff888101ac2800 [ 32.420054] which belongs to the cache kmalloc-128 of size 128 [ 32.421144] The buggy address is located 0 bytes inside of [ 32.421144] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.421747] [ 32.422004] The buggy address belongs to the physical page: [ 32.422579] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.423356] flags: 0x200000000000000(node=0|zone=2) [ 32.423877] page_type: f5(slab) [ 32.424319] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.424841] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.425460] page dumped because: kasan: bad access detected [ 32.426011] [ 32.426171] Memory state around the buggy address: [ 32.426501] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.427187] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.427917] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.428614] ^ [ 32.429189] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.429849] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.430460] ================================================================== [ 32.342131] ================================================================== [ 32.342926] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 32.343257] Write of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.343624] [ 32.343804] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.344171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.344313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.344560] Call Trace: [ 32.344671] <TASK> [ 32.344772] dump_stack_lvl+0x73/0xb0 [ 32.346065] print_report+0xd1/0x640 [ 32.346673] ? __virt_addr_valid+0x1db/0x2d0 [ 32.347206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.347858] kasan_report+0x102/0x140 [ 32.348513] ? copy_user_test_oob+0x558/0x10f0 [ 32.349174] ? copy_user_test_oob+0x558/0x10f0 [ 32.349861] kasan_check_range+0x10c/0x1c0 [ 32.350483] __kasan_check_write+0x18/0x20 [ 32.351078] copy_user_test_oob+0x558/0x10f0 [ 32.351697] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.352331] ? finish_task_switch.isra.0+0x153/0x700 [ 32.352983] ? __switch_to+0x5d9/0xf60 [ 32.353499] ? irqentry_exit+0x2a/0x60 [ 32.354047] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.354675] ? trace_hardirqs_on+0x37/0xe0 [ 32.355091] ? __pfx_read_tsc+0x10/0x10 [ 32.355427] ? ktime_get_ts64+0x84/0x230 [ 32.356223] kunit_try_run_case+0x1b3/0x490 [ 32.356649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.357103] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.358043] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.358684] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.359414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.359998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.360506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.360982] kthread+0x257/0x310 [ 32.361908] ? __pfx_kthread+0x10/0x10 [ 32.362254] ret_from_fork+0x41/0x80 [ 32.362976] ? __pfx_kthread+0x10/0x10 [ 32.363719] ret_from_fork_asm+0x1a/0x30 [ 32.364161] </TASK> [ 32.364672] [ 32.364918] Allocated by task 293: [ 32.365963] kasan_save_stack+0x3d/0x60 [ 32.366322] kasan_save_track+0x18/0x40 [ 32.366611] kasan_save_alloc_info+0x3b/0x50 [ 32.367086] __kasan_kmalloc+0xb7/0xc0 [ 32.368026] __kmalloc_noprof+0x1c4/0x500 [ 32.368464] kunit_kmalloc_array+0x25/0x60 [ 32.368871] copy_user_test_oob+0xac/0x10f0 [ 32.370081] kunit_try_run_case+0x1b3/0x490 [ 32.370431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.371004] kthread+0x257/0x310 [ 32.371660] ret_from_fork+0x41/0x80 [ 32.372388] ret_from_fork_asm+0x1a/0x30 [ 32.372758] [ 32.372943] The buggy address belongs to the object at ffff888101ac2800 [ 32.372943] which belongs to the cache kmalloc-128 of size 128 [ 32.374400] The buggy address is located 0 bytes inside of [ 32.374400] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.375210] [ 32.375890] The buggy address belongs to the physical page: [ 32.376181] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.377131] flags: 0x200000000000000(node=0|zone=2) [ 32.378098] page_type: f5(slab) [ 32.378356] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.379030] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.380056] page dumped because: kasan: bad access detected [ 32.380808] [ 32.381037] Memory state around the buggy address: [ 32.381430] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.382181] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.382843] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.383721] ^ [ 32.384315] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.385090] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.386250] ================================================================== [ 32.250382] ================================================================== [ 32.250995] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 32.251612] Write of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.252392] [ 32.252690] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.253456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.253834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.254804] Call Trace: [ 32.255037] <TASK> [ 32.255459] dump_stack_lvl+0x73/0xb0 [ 32.256019] print_report+0xd1/0x640 [ 32.256451] ? __virt_addr_valid+0x1db/0x2d0 [ 32.256972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.257494] kasan_report+0x102/0x140 [ 32.258076] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.258583] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.259065] kasan_check_range+0x10c/0x1c0 [ 32.259639] __kasan_check_write+0x18/0x20 [ 32.260092] copy_user_test_oob+0x3fe/0x10f0 [ 32.260656] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.261108] ? finish_task_switch.isra.0+0x153/0x700 [ 32.261655] ? __switch_to+0x5d9/0xf60 [ 32.262252] ? irqentry_exit+0x2a/0x60 [ 32.262685] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.263281] ? trace_hardirqs_on+0x37/0xe0 [ 32.263634] ? __pfx_read_tsc+0x10/0x10 [ 32.264087] ? ktime_get_ts64+0x84/0x230 [ 32.264779] kunit_try_run_case+0x1b3/0x490 [ 32.265229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.265787] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.266331] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.266897] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.267382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.267899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.268524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.269111] kthread+0x257/0x310 [ 32.269547] ? __pfx_kthread+0x10/0x10 [ 32.269947] ret_from_fork+0x41/0x80 [ 32.270222] ? __pfx_kthread+0x10/0x10 [ 32.270501] ret_from_fork_asm+0x1a/0x30 [ 32.271050] </TASK> [ 32.271330] [ 32.271569] Allocated by task 293: [ 32.272064] kasan_save_stack+0x3d/0x60 [ 32.272479] kasan_save_track+0x18/0x40 [ 32.272934] kasan_save_alloc_info+0x3b/0x50 [ 32.273426] __kasan_kmalloc+0xb7/0xc0 [ 32.273968] __kmalloc_noprof+0x1c4/0x500 [ 32.274414] kunit_kmalloc_array+0x25/0x60 [ 32.274686] copy_user_test_oob+0xac/0x10f0 [ 32.275114] kunit_try_run_case+0x1b3/0x490 [ 32.275844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.276645] kthread+0x257/0x310 [ 32.276949] ret_from_fork+0x41/0x80 [ 32.277484] ret_from_fork_asm+0x1a/0x30 [ 32.277919] [ 32.278189] The buggy address belongs to the object at ffff888101ac2800 [ 32.278189] which belongs to the cache kmalloc-128 of size 128 [ 32.279088] The buggy address is located 0 bytes inside of [ 32.279088] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.279760] [ 32.280038] The buggy address belongs to the physical page: [ 32.280546] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.281314] flags: 0x200000000000000(node=0|zone=2) [ 32.281993] page_type: f5(slab) [ 32.282373] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.283065] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.284061] page dumped because: kasan: bad access detected [ 32.284526] [ 32.284804] Memory state around the buggy address: [ 32.285393] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.285945] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.286761] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.287247] ^ [ 32.287921] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.288381] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.288749] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 32.200328] ================================================================== [ 32.200930] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 32.201590] Read of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.202198] [ 32.202485] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.203218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.203708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.204294] Call Trace: [ 32.204698] <TASK> [ 32.205073] dump_stack_lvl+0x73/0xb0 [ 32.205464] print_report+0xd1/0x640 [ 32.205862] ? __virt_addr_valid+0x1db/0x2d0 [ 32.206536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.207103] kasan_report+0x102/0x140 [ 32.207616] ? _copy_to_user+0x4a/0x70 [ 32.208050] ? _copy_to_user+0x4a/0x70 [ 32.208454] kasan_check_range+0x10c/0x1c0 [ 32.209034] __kasan_check_read+0x15/0x20 [ 32.209484] _copy_to_user+0x4a/0x70 [ 32.210000] copy_user_test_oob+0x365/0x10f0 [ 32.210615] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.211079] ? finish_task_switch.isra.0+0x153/0x700 [ 32.211704] ? __switch_to+0x5d9/0xf60 [ 32.212249] ? irqentry_exit+0x2a/0x60 [ 32.212670] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.213259] ? trace_hardirqs_on+0x37/0xe0 [ 32.213974] ? __pfx_read_tsc+0x10/0x10 [ 32.214286] ? ktime_get_ts64+0x84/0x230 [ 32.214862] kunit_try_run_case+0x1b3/0x490 [ 32.215347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.215753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.216372] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.216848] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.217317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.217877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.218255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.218595] kthread+0x257/0x310 [ 32.218973] ? __pfx_kthread+0x10/0x10 [ 32.219464] ret_from_fork+0x41/0x80 [ 32.219902] ? __pfx_kthread+0x10/0x10 [ 32.220333] ret_from_fork_asm+0x1a/0x30 [ 32.220800] </TASK> [ 32.221099] [ 32.221334] Allocated by task 293: [ 32.221760] kasan_save_stack+0x3d/0x60 [ 32.222268] kasan_save_track+0x18/0x40 [ 32.222644] kasan_save_alloc_info+0x3b/0x50 [ 32.223149] __kasan_kmalloc+0xb7/0xc0 [ 32.223521] __kmalloc_noprof+0x1c4/0x500 [ 32.223794] kunit_kmalloc_array+0x25/0x60 [ 32.224251] copy_user_test_oob+0xac/0x10f0 [ 32.224932] kunit_try_run_case+0x1b3/0x490 [ 32.225415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.225951] kthread+0x257/0x310 [ 32.226408] ret_from_fork+0x41/0x80 [ 32.226882] ret_from_fork_asm+0x1a/0x30 [ 32.227252] [ 32.227507] The buggy address belongs to the object at ffff888101ac2800 [ 32.227507] which belongs to the cache kmalloc-128 of size 128 [ 32.228614] The buggy address is located 0 bytes inside of [ 32.228614] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.229413] [ 32.229637] The buggy address belongs to the physical page: [ 32.230171] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.231141] flags: 0x200000000000000(node=0|zone=2) [ 32.231737] page_type: f5(slab) [ 32.232132] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.233021] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.233564] page dumped because: kasan: bad access detected [ 32.234129] [ 32.234439] Memory state around the buggy address: [ 32.235044] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.235410] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.236407] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.237003] ^ [ 32.237769] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.238545] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.239127] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 32.150173] ================================================================== [ 32.151069] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 32.151804] Write of size 121 at addr ffff888101ac2800 by task kunit_try_catch/293 [ 32.152243] [ 32.152495] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.153287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.153734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.154256] Call Trace: [ 32.154473] <TASK> [ 32.154673] dump_stack_lvl+0x73/0xb0 [ 32.155142] print_report+0xd1/0x640 [ 32.155617] ? __virt_addr_valid+0x1db/0x2d0 [ 32.156114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.156668] kasan_report+0x102/0x140 [ 32.157448] ? _copy_from_user+0x33/0xa0 [ 32.159037] ? _copy_from_user+0x33/0xa0 [ 32.159561] kasan_check_range+0x10c/0x1c0 [ 32.160049] __kasan_check_write+0x18/0x20 [ 32.160961] _copy_from_user+0x33/0xa0 [ 32.161974] copy_user_test_oob+0x2bf/0x10f0 [ 32.162740] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.163165] ? finish_task_switch.isra.0+0x153/0x700 [ 32.163929] ? __switch_to+0x5d9/0xf60 [ 32.164191] ? irqentry_exit+0x2a/0x60 [ 32.164904] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.165437] ? trace_hardirqs_on+0x37/0xe0 [ 32.165910] ? __pfx_read_tsc+0x10/0x10 [ 32.166496] ? ktime_get_ts64+0x84/0x230 [ 32.166905] kunit_try_run_case+0x1b3/0x490 [ 32.167906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.168499] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.169040] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.169623] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 32.170124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.170653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.171293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.171923] kthread+0x257/0x310 [ 32.172208] ? __pfx_kthread+0x10/0x10 [ 32.172520] ret_from_fork+0x41/0x80 [ 32.173028] ? __pfx_kthread+0x10/0x10 [ 32.173441] ret_from_fork_asm+0x1a/0x30 [ 32.174075] </TASK> [ 32.174321] [ 32.174555] Allocated by task 293: [ 32.175089] kasan_save_stack+0x3d/0x60 [ 32.175530] kasan_save_track+0x18/0x40 [ 32.176024] kasan_save_alloc_info+0x3b/0x50 [ 32.176317] __kasan_kmalloc+0xb7/0xc0 [ 32.177041] __kmalloc_noprof+0x1c4/0x500 [ 32.177590] kunit_kmalloc_array+0x25/0x60 [ 32.178183] copy_user_test_oob+0xac/0x10f0 [ 32.178628] kunit_try_run_case+0x1b3/0x490 [ 32.179076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.179595] kthread+0x257/0x310 [ 32.180020] ret_from_fork+0x41/0x80 [ 32.180539] ret_from_fork_asm+0x1a/0x30 [ 32.181065] [ 32.181330] The buggy address belongs to the object at ffff888101ac2800 [ 32.181330] which belongs to the cache kmalloc-128 of size 128 [ 32.182426] The buggy address is located 0 bytes inside of [ 32.182426] allocated 120-byte region [ffff888101ac2800, ffff888101ac2878) [ 32.183379] [ 32.183552] The buggy address belongs to the physical page: [ 32.183999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 32.184846] flags: 0x200000000000000(node=0|zone=2) [ 32.185428] page_type: f5(slab) [ 32.185871] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.186503] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.187161] page dumped because: kasan: bad access detected [ 32.187798] [ 32.188113] Memory state around the buggy address: [ 32.188571] ffff888101ac2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.189234] ffff888101ac2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.189849] >ffff888101ac2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.190623] ^ [ 32.191197] ffff888101ac2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.191797] ffff888101ac2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.192613] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 32.078047] ================================================================== [ 32.079022] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 32.079411] Write of size 8 at addr ffff888102a1f278 by task kunit_try_catch/289 [ 32.081326] [ 32.081793] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.082684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.083192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.084484] Call Trace: [ 32.085256] <TASK> [ 32.085464] dump_stack_lvl+0x73/0xb0 [ 32.085998] print_report+0xd1/0x640 [ 32.086478] ? __virt_addr_valid+0x1db/0x2d0 [ 32.086842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.087573] kasan_report+0x102/0x140 [ 32.088012] ? copy_to_kernel_nofault+0x99/0x260 [ 32.088537] ? copy_to_kernel_nofault+0x99/0x260 [ 32.089580] kasan_check_range+0x10c/0x1c0 [ 32.090485] __kasan_check_write+0x18/0x20 [ 32.090791] copy_to_kernel_nofault+0x99/0x260 [ 32.091489] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 32.092122] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.092784] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.093154] ? trace_hardirqs_on+0x37/0xe0 [ 32.093633] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.094404] kunit_try_run_case+0x1b3/0x490 [ 32.094747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.095339] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.095851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.096188] ? __kthread_parkme+0x82/0x160 [ 32.097014] ? preempt_count_sub+0x50/0x80 [ 32.097534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.098061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.098787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.099414] kthread+0x257/0x310 [ 32.100102] ? __pfx_kthread+0x10/0x10 [ 32.100429] ret_from_fork+0x41/0x80 [ 32.100914] ? __pfx_kthread+0x10/0x10 [ 32.101359] ret_from_fork_asm+0x1a/0x30 [ 32.101720] </TASK> [ 32.102196] [ 32.102471] Allocated by task 289: [ 32.102751] kasan_save_stack+0x3d/0x60 [ 32.103064] kasan_save_track+0x18/0x40 [ 32.103492] kasan_save_alloc_info+0x3b/0x50 [ 32.104245] __kasan_kmalloc+0xb7/0xc0 [ 32.104721] __kmalloc_cache_noprof+0x184/0x410 [ 32.105214] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.105524] kunit_try_run_case+0x1b3/0x490 [ 32.105802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.106921] kthread+0x257/0x310 [ 32.107300] ret_from_fork+0x41/0x80 [ 32.108730] ret_from_fork_asm+0x1a/0x30 [ 32.109161] [ 32.109655] The buggy address belongs to the object at ffff888102a1f200 [ 32.109655] which belongs to the cache kmalloc-128 of size 128 [ 32.110974] The buggy address is located 0 bytes to the right of [ 32.110974] allocated 120-byte region [ffff888102a1f200, ffff888102a1f278) [ 32.111977] [ 32.112701] The buggy address belongs to the physical page: [ 32.113280] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1f [ 32.114763] flags: 0x200000000000000(node=0|zone=2) [ 32.115433] page_type: f5(slab) [ 32.116371] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.117137] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.118477] page dumped because: kasan: bad access detected [ 32.118962] [ 32.119191] Memory state around the buggy address: [ 32.120292] ffff888102a1f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.120855] ffff888102a1f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121602] >ffff888102a1f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.122648] ^ [ 32.123370] ffff888102a1f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.123881] ffff888102a1f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.124499] ================================================================== [ 32.026586] ================================================================== [ 32.027697] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 32.028316] Read of size 8 at addr ffff888102a1f278 by task kunit_try_catch/289 [ 32.029117] [ 32.029409] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.030694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.030982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.032617] Call Trace: [ 32.032930] <TASK> [ 32.033576] dump_stack_lvl+0x73/0xb0 [ 32.034550] print_report+0xd1/0x640 [ 32.034991] ? __virt_addr_valid+0x1db/0x2d0 [ 32.036354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.036889] kasan_report+0x102/0x140 [ 32.037982] ? copy_to_kernel_nofault+0x225/0x260 [ 32.038475] ? copy_to_kernel_nofault+0x225/0x260 [ 32.039135] __asan_report_load8_noabort+0x18/0x20 [ 32.039495] copy_to_kernel_nofault+0x225/0x260 [ 32.040510] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 32.041352] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.041954] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.042603] ? trace_hardirqs_on+0x37/0xe0 [ 32.043452] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.043767] kunit_try_run_case+0x1b3/0x490 [ 32.045022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.045701] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.046521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.047017] ? __kthread_parkme+0x82/0x160 [ 32.047988] ? preempt_count_sub+0x50/0x80 [ 32.048376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.049012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.049711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.050933] kthread+0x257/0x310 [ 32.051218] ? __pfx_kthread+0x10/0x10 [ 32.051430] ret_from_fork+0x41/0x80 [ 32.051584] ? __pfx_kthread+0x10/0x10 [ 32.051730] ret_from_fork_asm+0x1a/0x30 [ 32.052130] </TASK> [ 32.052414] [ 32.052691] Allocated by task 289: [ 32.053269] kasan_save_stack+0x3d/0x60 [ 32.053996] kasan_save_track+0x18/0x40 [ 32.054273] kasan_save_alloc_info+0x3b/0x50 [ 32.055256] __kasan_kmalloc+0xb7/0xc0 [ 32.056569] __kmalloc_cache_noprof+0x184/0x410 [ 32.057340] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.057863] kunit_try_run_case+0x1b3/0x490 [ 32.058366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.059063] kthread+0x257/0x310 [ 32.059437] ret_from_fork+0x41/0x80 [ 32.059950] ret_from_fork_asm+0x1a/0x30 [ 32.060581] [ 32.060845] The buggy address belongs to the object at ffff888102a1f200 [ 32.060845] which belongs to the cache kmalloc-128 of size 128 [ 32.061972] The buggy address is located 0 bytes to the right of [ 32.061972] allocated 120-byte region [ffff888102a1f200, ffff888102a1f278) [ 32.062985] [ 32.063157] The buggy address belongs to the physical page: [ 32.064048] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1f [ 32.065031] flags: 0x200000000000000(node=0|zone=2) [ 32.065703] page_type: f5(slab) [ 32.066149] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.067143] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.068041] page dumped because: kasan: bad access detected [ 32.068772] [ 32.069328] Memory state around the buggy address: [ 32.069937] ffff888102a1f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.070603] ffff888102a1f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.071696] >ffff888102a1f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.072331] ^ [ 32.073535] ffff888102a1f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.074018] ffff888102a1f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.074706] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 29.317015] ================================================================== [ 29.318122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 29.319331] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.320011] [ 29.320439] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.321466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.322183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.323128] Call Trace: [ 29.323605] <TASK> [ 29.324011] dump_stack_lvl+0x73/0xb0 [ 29.324513] print_report+0xd1/0x640 [ 29.325080] ? __virt_addr_valid+0x1db/0x2d0 [ 29.325697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.326451] kasan_report+0x102/0x140 [ 29.326990] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.327656] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.328488] __asan_report_store4_noabort+0x1b/0x30 [ 29.329121] kasan_atomics_helper+0x4b70/0x5450 [ 29.329800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.330595] ? ret_from_fork_asm+0x1a/0x30 [ 29.331196] ? ret_from_fork+0x41/0x80 [ 29.331797] kasan_atomics+0x1dd/0x310 [ 29.332441] ? __pfx_kasan_atomics+0x10/0x10 [ 29.333024] ? __pfx_read_tsc+0x10/0x10 [ 29.333579] ? ktime_get_ts64+0x84/0x230 [ 29.333960] kunit_try_run_case+0x1b3/0x490 [ 29.334729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.335229] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.335641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.336550] ? __kthread_parkme+0x82/0x160 [ 29.337119] ? preempt_count_sub+0x50/0x80 [ 29.337861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.338625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.339212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.339706] kthread+0x257/0x310 [ 29.339968] ? __pfx_kthread+0x10/0x10 [ 29.340237] ret_from_fork+0x41/0x80 [ 29.341448] ? __pfx_kthread+0x10/0x10 [ 29.342218] ret_from_fork_asm+0x1a/0x30 [ 29.342967] </TASK> [ 29.343257] [ 29.343416] Allocated by task 273: [ 29.343800] kasan_save_stack+0x3d/0x60 [ 29.344121] kasan_save_track+0x18/0x40 [ 29.344651] kasan_save_alloc_info+0x3b/0x50 [ 29.344966] __kasan_kmalloc+0xb7/0xc0 [ 29.345512] __kmalloc_cache_noprof+0x184/0x410 [ 29.346487] kasan_atomics+0x96/0x310 [ 29.347011] kunit_try_run_case+0x1b3/0x490 [ 29.347716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.348163] kthread+0x257/0x310 [ 29.348582] ret_from_fork+0x41/0x80 [ 29.348946] ret_from_fork_asm+0x1a/0x30 [ 29.349183] [ 29.349334] The buggy address belongs to the object at ffff888101abdc80 [ 29.349334] which belongs to the cache kmalloc-64 of size 64 [ 29.350962] The buggy address is located 0 bytes to the right of [ 29.350962] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.352255] [ 29.352728] The buggy address belongs to the physical page: [ 29.353649] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.354490] flags: 0x200000000000000(node=0|zone=2) [ 29.355070] page_type: f5(slab) [ 29.355332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.356179] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.357033] page dumped because: kasan: bad access detected [ 29.357379] [ 29.357649] Memory state around the buggy address: [ 29.358085] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.358840] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.359254] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.359851] ^ [ 29.360308] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.360857] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.361528] ================================================================== [ 30.644754] ================================================================== [ 30.649596] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 30.650180] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.650559] [ 30.650737] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.651277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.651525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.654689] Call Trace: [ 30.655215] <TASK> [ 30.655920] dump_stack_lvl+0x73/0xb0 [ 30.656531] print_report+0xd1/0x640 [ 30.657099] ? __virt_addr_valid+0x1db/0x2d0 [ 30.657763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.658600] kasan_report+0x102/0x140 [ 30.659260] ? kasan_atomics_helper+0x13b6/0x5450 [ 30.659946] ? kasan_atomics_helper+0x13b6/0x5450 [ 30.660707] kasan_check_range+0x10c/0x1c0 [ 30.661081] __kasan_check_read+0x15/0x20 [ 30.661445] kasan_atomics_helper+0x13b6/0x5450 [ 30.662285] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.662578] ? ret_from_fork_asm+0x1a/0x30 [ 30.663372] ? ret_from_fork+0x41/0x80 [ 30.664010] kasan_atomics+0x1dd/0x310 [ 30.664715] ? __pfx_kasan_atomics+0x10/0x10 [ 30.665102] ? __pfx_read_tsc+0x10/0x10 [ 30.665522] ? ktime_get_ts64+0x84/0x230 [ 30.665972] kunit_try_run_case+0x1b3/0x490 [ 30.666535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.666888] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.667516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.667965] ? __kthread_parkme+0x82/0x160 [ 30.668410] ? preempt_count_sub+0x50/0x80 [ 30.668803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.669404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.669960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.670438] kthread+0x257/0x310 [ 30.670897] ? __pfx_kthread+0x10/0x10 [ 30.671333] ret_from_fork+0x41/0x80 [ 30.671781] ? __pfx_kthread+0x10/0x10 [ 30.672109] ret_from_fork_asm+0x1a/0x30 [ 30.672705] </TASK> [ 30.673025] [ 30.673251] Allocated by task 273: [ 30.673619] kasan_save_stack+0x3d/0x60 [ 30.674006] kasan_save_track+0x18/0x40 [ 30.674500] kasan_save_alloc_info+0x3b/0x50 [ 30.674801] __kasan_kmalloc+0xb7/0xc0 [ 30.675232] __kmalloc_cache_noprof+0x184/0x410 [ 30.675794] kasan_atomics+0x96/0x310 [ 30.676124] kunit_try_run_case+0x1b3/0x490 [ 30.676561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.677133] kthread+0x257/0x310 [ 30.677411] ret_from_fork+0x41/0x80 [ 30.677864] ret_from_fork_asm+0x1a/0x30 [ 30.678342] [ 30.678565] The buggy address belongs to the object at ffff888101abdc80 [ 30.678565] which belongs to the cache kmalloc-64 of size 64 [ 30.679694] The buggy address is located 0 bytes to the right of [ 30.679694] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.680540] [ 30.680707] The buggy address belongs to the physical page: [ 30.681367] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.682191] flags: 0x200000000000000(node=0|zone=2) [ 30.682769] page_type: f5(slab) [ 30.683234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.684046] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.684732] page dumped because: kasan: bad access detected [ 30.685389] [ 30.685629] Memory state around the buggy address: [ 30.686148] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.686928] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.687668] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.688399] ^ [ 30.688931] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.689162] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.689532] ================================================================== [ 30.900934] ================================================================== [ 30.901572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 30.902578] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.903036] [ 30.903219] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.904291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.904855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.905874] Call Trace: [ 30.906226] <TASK> [ 30.906569] dump_stack_lvl+0x73/0xb0 [ 30.907084] print_report+0xd1/0x640 [ 30.907649] ? __virt_addr_valid+0x1db/0x2d0 [ 30.908214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.908945] kasan_report+0x102/0x140 [ 30.909496] ? kasan_atomics_helper+0x1650/0x5450 [ 30.910092] ? kasan_atomics_helper+0x1650/0x5450 [ 30.910650] kasan_check_range+0x10c/0x1c0 [ 30.911066] __kasan_check_write+0x18/0x20 [ 30.911485] kasan_atomics_helper+0x1650/0x5450 [ 30.912000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.912526] ? ret_from_fork_asm+0x1a/0x30 [ 30.912999] ? ret_from_fork+0x41/0x80 [ 30.913512] kasan_atomics+0x1dd/0x310 [ 30.913926] ? __pfx_kasan_atomics+0x10/0x10 [ 30.914476] ? __pfx_read_tsc+0x10/0x10 [ 30.914920] ? ktime_get_ts64+0x84/0x230 [ 30.915383] kunit_try_run_case+0x1b3/0x490 [ 30.915707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.916277] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.916812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.917299] ? __kthread_parkme+0x82/0x160 [ 30.917773] ? preempt_count_sub+0x50/0x80 [ 30.918314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.918764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.919456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.920025] kthread+0x257/0x310 [ 30.920482] ? __pfx_kthread+0x10/0x10 [ 30.920835] ret_from_fork+0x41/0x80 [ 30.921283] ? __pfx_kthread+0x10/0x10 [ 30.921681] ret_from_fork_asm+0x1a/0x30 [ 30.922151] </TASK> [ 30.922466] [ 30.922692] Allocated by task 273: [ 30.923113] kasan_save_stack+0x3d/0x60 [ 30.923525] kasan_save_track+0x18/0x40 [ 30.923961] kasan_save_alloc_info+0x3b/0x50 [ 30.924361] __kasan_kmalloc+0xb7/0xc0 [ 30.924734] __kmalloc_cache_noprof+0x184/0x410 [ 30.925205] kasan_atomics+0x96/0x310 [ 30.925651] kunit_try_run_case+0x1b3/0x490 [ 30.926153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.926578] kthread+0x257/0x310 [ 30.926954] ret_from_fork+0x41/0x80 [ 30.927429] ret_from_fork_asm+0x1a/0x30 [ 30.927904] [ 30.928082] The buggy address belongs to the object at ffff888101abdc80 [ 30.928082] which belongs to the cache kmalloc-64 of size 64 [ 30.929035] The buggy address is located 0 bytes to the right of [ 30.929035] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.930022] [ 30.930320] The buggy address belongs to the physical page: [ 30.930755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.931441] flags: 0x200000000000000(node=0|zone=2) [ 30.931744] page_type: f5(slab) [ 30.932009] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.932630] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.934322] page dumped because: kasan: bad access detected [ 30.935216] [ 30.935963] Memory state around the buggy address: [ 30.936565] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.937335] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.937809] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.938643] ^ [ 30.939179] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.940030] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.940910] ================================================================== [ 31.938366] ================================================================== [ 31.938793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 31.939958] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.940577] [ 31.940841] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.941345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.941599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.942326] Call Trace: [ 31.942685] <TASK> [ 31.943093] dump_stack_lvl+0x73/0xb0 [ 31.943628] print_report+0xd1/0x640 [ 31.944070] ? __virt_addr_valid+0x1db/0x2d0 [ 31.944680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.945298] kasan_report+0x102/0x140 [ 31.945693] ? kasan_atomics_helper+0x5117/0x5450 [ 31.946164] ? kasan_atomics_helper+0x5117/0x5450 [ 31.946683] __asan_report_load8_noabort+0x18/0x20 [ 31.947446] kasan_atomics_helper+0x5117/0x5450 [ 31.947971] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.948489] ? ret_from_fork_asm+0x1a/0x30 [ 31.948782] ? ret_from_fork+0x41/0x80 [ 31.949110] kasan_atomics+0x1dd/0x310 [ 31.949580] ? __pfx_kasan_atomics+0x10/0x10 [ 31.950154] ? __pfx_read_tsc+0x10/0x10 [ 31.950645] ? ktime_get_ts64+0x84/0x230 [ 31.951139] kunit_try_run_case+0x1b3/0x490 [ 31.951702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.952296] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.952836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.953488] ? __kthread_parkme+0x82/0x160 [ 31.953950] ? preempt_count_sub+0x50/0x80 [ 31.954477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.954954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.955647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.956021] kthread+0x257/0x310 [ 31.956336] ? __pfx_kthread+0x10/0x10 [ 31.956795] ret_from_fork+0x41/0x80 [ 31.957233] ? __pfx_kthread+0x10/0x10 [ 31.957644] ret_from_fork_asm+0x1a/0x30 [ 31.958171] </TASK> [ 31.958359] [ 31.958583] Allocated by task 273: [ 31.959056] kasan_save_stack+0x3d/0x60 [ 31.959636] kasan_save_track+0x18/0x40 [ 31.960226] kasan_save_alloc_info+0x3b/0x50 [ 31.960545] __kasan_kmalloc+0xb7/0xc0 [ 31.960858] __kmalloc_cache_noprof+0x184/0x410 [ 31.961237] kasan_atomics+0x96/0x310 [ 31.961662] kunit_try_run_case+0x1b3/0x490 [ 31.962134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.962729] kthread+0x257/0x310 [ 31.963127] ret_from_fork+0x41/0x80 [ 31.963616] ret_from_fork_asm+0x1a/0x30 [ 31.964132] [ 31.964349] The buggy address belongs to the object at ffff888101abdc80 [ 31.964349] which belongs to the cache kmalloc-64 of size 64 [ 31.965361] The buggy address is located 0 bytes to the right of [ 31.965361] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.966294] [ 31.966534] The buggy address belongs to the physical page: [ 31.966982] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.967504] flags: 0x200000000000000(node=0|zone=2) [ 31.968326] page_type: f5(slab) [ 31.968721] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.969229] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.969930] page dumped because: kasan: bad access detected [ 31.970482] [ 31.970637] Memory state around the buggy address: [ 31.970929] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.971726] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.972704] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.973248] ^ [ 31.973612] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.974373] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.975041] ================================================================== [ 31.474769] ================================================================== [ 31.475555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 31.476297] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.476902] [ 31.477172] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.478024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.479245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.481946] Call Trace: [ 31.482175] <TASK> [ 31.482374] dump_stack_lvl+0x73/0xb0 [ 31.483947] print_report+0xd1/0x640 [ 31.484386] ? __virt_addr_valid+0x1db/0x2d0 [ 31.484880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.486491] kasan_report+0x102/0x140 [ 31.486927] ? kasan_atomics_helper+0x1e13/0x5450 [ 31.488276] ? kasan_atomics_helper+0x1e13/0x5450 [ 31.488986] kasan_check_range+0x10c/0x1c0 [ 31.489839] __kasan_check_write+0x18/0x20 [ 31.490557] kasan_atomics_helper+0x1e13/0x5450 [ 31.490984] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.491529] ? ret_from_fork_asm+0x1a/0x30 [ 31.492092] ? ret_from_fork+0x41/0x80 [ 31.492573] kasan_atomics+0x1dd/0x310 [ 31.493005] ? __pfx_kasan_atomics+0x10/0x10 [ 31.493408] ? __pfx_read_tsc+0x10/0x10 [ 31.493885] ? ktime_get_ts64+0x84/0x230 [ 31.494337] kunit_try_run_case+0x1b3/0x490 [ 31.494704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.495214] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.495877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.496289] ? __kthread_parkme+0x82/0x160 [ 31.496663] ? preempt_count_sub+0x50/0x80 [ 31.497140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.497600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.497995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.498538] kthread+0x257/0x310 [ 31.499093] ? __pfx_kthread+0x10/0x10 [ 31.499630] ret_from_fork+0x41/0x80 [ 31.500067] ? __pfx_kthread+0x10/0x10 [ 31.500638] ret_from_fork_asm+0x1a/0x30 [ 31.501128] </TASK> [ 31.501525] [ 31.501750] Allocated by task 273: [ 31.502029] kasan_save_stack+0x3d/0x60 [ 31.502585] kasan_save_track+0x18/0x40 [ 31.502932] kasan_save_alloc_info+0x3b/0x50 [ 31.503408] __kasan_kmalloc+0xb7/0xc0 [ 31.503894] __kmalloc_cache_noprof+0x184/0x410 [ 31.504228] kasan_atomics+0x96/0x310 [ 31.504737] kunit_try_run_case+0x1b3/0x490 [ 31.505105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.505713] kthread+0x257/0x310 [ 31.506110] ret_from_fork+0x41/0x80 [ 31.506422] ret_from_fork_asm+0x1a/0x30 [ 31.506701] [ 31.506881] The buggy address belongs to the object at ffff888101abdc80 [ 31.506881] which belongs to the cache kmalloc-64 of size 64 [ 31.507443] The buggy address is located 0 bytes to the right of [ 31.507443] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.508694] [ 31.509025] The buggy address belongs to the physical page: [ 31.509664] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.510440] flags: 0x200000000000000(node=0|zone=2) [ 31.510764] page_type: f5(slab) [ 31.512240] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.512945] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.514781] page dumped because: kasan: bad access detected [ 31.515164] [ 31.515356] Memory state around the buggy address: [ 31.515793] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.516153] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.516976] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.517433] ^ [ 31.517736] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.518473] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.519116] ================================================================== [ 30.477080] ================================================================== [ 30.477784] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 30.479353] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.480011] [ 30.480287] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.480986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.481238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.481720] Call Trace: [ 30.482057] <TASK> [ 30.482374] dump_stack_lvl+0x73/0xb0 [ 30.482799] print_report+0xd1/0x640 [ 30.483238] ? __virt_addr_valid+0x1db/0x2d0 [ 30.483747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.484337] kasan_report+0x102/0x140 [ 30.484764] ? kasan_atomics_helper+0x1218/0x5450 [ 30.485285] ? kasan_atomics_helper+0x1218/0x5450 [ 30.485777] kasan_check_range+0x10c/0x1c0 [ 30.486114] __kasan_check_write+0x18/0x20 [ 30.486480] kasan_atomics_helper+0x1218/0x5450 [ 30.486963] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.487501] ? ret_from_fork_asm+0x1a/0x30 [ 30.487956] ? ret_from_fork+0x41/0x80 [ 30.488453] kasan_atomics+0x1dd/0x310 [ 30.488940] ? __pfx_kasan_atomics+0x10/0x10 [ 30.489381] ? __pfx_read_tsc+0x10/0x10 [ 30.489658] ? ktime_get_ts64+0x84/0x230 [ 30.490064] kunit_try_run_case+0x1b3/0x490 [ 30.490574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.491077] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.491619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.492051] ? __kthread_parkme+0x82/0x160 [ 30.492478] ? preempt_count_sub+0x50/0x80 [ 30.492866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.493203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.493858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.494453] kthread+0x257/0x310 [ 30.494739] ? __pfx_kthread+0x10/0x10 [ 30.495177] ret_from_fork+0x41/0x80 [ 30.495504] ? __pfx_kthread+0x10/0x10 [ 30.495787] ret_from_fork_asm+0x1a/0x30 [ 30.496304] </TASK> [ 30.496602] [ 30.496841] Allocated by task 273: [ 30.497206] kasan_save_stack+0x3d/0x60 [ 30.497650] kasan_save_track+0x18/0x40 [ 30.498034] kasan_save_alloc_info+0x3b/0x50 [ 30.498533] __kasan_kmalloc+0xb7/0xc0 [ 30.498847] __kmalloc_cache_noprof+0x184/0x410 [ 30.499192] kasan_atomics+0x96/0x310 [ 30.499505] kunit_try_run_case+0x1b3/0x490 [ 30.499786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.500383] kthread+0x257/0x310 [ 30.500759] ret_from_fork+0x41/0x80 [ 30.501185] ret_from_fork_asm+0x1a/0x30 [ 30.501651] [ 30.501888] The buggy address belongs to the object at ffff888101abdc80 [ 30.501888] which belongs to the cache kmalloc-64 of size 64 [ 30.502947] The buggy address is located 0 bytes to the right of [ 30.502947] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.503849] [ 30.504023] The buggy address belongs to the physical page: [ 30.504485] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.505170] flags: 0x200000000000000(node=0|zone=2) [ 30.505557] page_type: f5(slab) [ 30.505940] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.506516] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.507010] page dumped because: kasan: bad access detected [ 30.507539] [ 30.507766] Memory state around the buggy address: [ 30.508137] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.508697] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.509214] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.511841] ^ [ 30.512330] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.513050] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.513523] ================================================================== [ 30.861738] ================================================================== [ 30.862862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 30.863526] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.864197] [ 30.864526] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.865511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.865993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.866636] Call Trace: [ 30.867048] <TASK> [ 30.867529] dump_stack_lvl+0x73/0xb0 [ 30.867993] print_report+0xd1/0x640 [ 30.868551] ? __virt_addr_valid+0x1db/0x2d0 [ 30.868886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.869595] kasan_report+0x102/0x140 [ 30.870102] ? kasan_atomics_helper+0x15b7/0x5450 [ 30.870619] ? kasan_atomics_helper+0x15b7/0x5450 [ 30.871155] kasan_check_range+0x10c/0x1c0 [ 30.871568] __kasan_check_write+0x18/0x20 [ 30.872114] kasan_atomics_helper+0x15b7/0x5450 [ 30.872564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.873211] ? ret_from_fork_asm+0x1a/0x30 [ 30.873627] ? ret_from_fork+0x41/0x80 [ 30.874186] kasan_atomics+0x1dd/0x310 [ 30.874597] ? __pfx_kasan_atomics+0x10/0x10 [ 30.875174] ? __pfx_read_tsc+0x10/0x10 [ 30.875598] ? ktime_get_ts64+0x84/0x230 [ 30.875941] kunit_try_run_case+0x1b3/0x490 [ 30.876598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.877184] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.877712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.878355] ? __kthread_parkme+0x82/0x160 [ 30.878743] ? preempt_count_sub+0x50/0x80 [ 30.879074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.879682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.880561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.881189] kthread+0x257/0x310 [ 30.881686] ? __pfx_kthread+0x10/0x10 [ 30.882209] ret_from_fork+0x41/0x80 [ 30.882581] ? __pfx_kthread+0x10/0x10 [ 30.883102] ret_from_fork_asm+0x1a/0x30 [ 30.883552] </TASK> [ 30.883849] [ 30.884074] Allocated by task 273: [ 30.884465] kasan_save_stack+0x3d/0x60 [ 30.884745] kasan_save_track+0x18/0x40 [ 30.885271] kasan_save_alloc_info+0x3b/0x50 [ 30.885895] __kasan_kmalloc+0xb7/0xc0 [ 30.886436] __kmalloc_cache_noprof+0x184/0x410 [ 30.886897] kasan_atomics+0x96/0x310 [ 30.887393] kunit_try_run_case+0x1b3/0x490 [ 30.887682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.888213] kthread+0x257/0x310 [ 30.888707] ret_from_fork+0x41/0x80 [ 30.889302] ret_from_fork_asm+0x1a/0x30 [ 30.889799] [ 30.890137] The buggy address belongs to the object at ffff888101abdc80 [ 30.890137] which belongs to the cache kmalloc-64 of size 64 [ 30.891106] The buggy address is located 0 bytes to the right of [ 30.891106] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.891950] [ 30.892332] The buggy address belongs to the physical page: [ 30.892894] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.893562] flags: 0x200000000000000(node=0|zone=2) [ 30.894116] page_type: f5(slab) [ 30.894571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.895157] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.896026] page dumped because: kasan: bad access detected [ 30.896635] [ 30.896887] Memory state around the buggy address: [ 30.897578] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.898419] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.898883] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.899215] ^ [ 30.899419] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.899632] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.899894] ================================================================== [ 30.602620] ================================================================== [ 30.603655] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 30.604367] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.604991] [ 30.605283] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.606040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.606484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.607370] Call Trace: [ 30.607682] <TASK> [ 30.607988] dump_stack_lvl+0x73/0xb0 [ 30.608442] print_report+0xd1/0x640 [ 30.608807] ? __virt_addr_valid+0x1db/0x2d0 [ 30.609509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.609994] kasan_report+0x102/0x140 [ 30.610520] ? kasan_atomics_helper+0x49d0/0x5450 [ 30.611055] ? kasan_atomics_helper+0x49d0/0x5450 [ 30.611432] __asan_report_load4_noabort+0x18/0x20 [ 30.612021] kasan_atomics_helper+0x49d0/0x5450 [ 30.612666] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.613195] ? ret_from_fork_asm+0x1a/0x30 [ 30.613689] ? ret_from_fork+0x41/0x80 [ 30.614194] kasan_atomics+0x1dd/0x310 [ 30.614618] ? __pfx_kasan_atomics+0x10/0x10 [ 30.615003] ? __pfx_read_tsc+0x10/0x10 [ 30.615549] ? ktime_get_ts64+0x84/0x230 [ 30.616023] kunit_try_run_case+0x1b3/0x490 [ 30.616567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.617036] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.617632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.618203] ? __kthread_parkme+0x82/0x160 [ 30.618687] ? preempt_count_sub+0x50/0x80 [ 30.619153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.619764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.620429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.620906] kthread+0x257/0x310 [ 30.621236] ? __pfx_kthread+0x10/0x10 [ 30.621643] ret_from_fork+0x41/0x80 [ 30.622125] ? __pfx_kthread+0x10/0x10 [ 30.622594] ret_from_fork_asm+0x1a/0x30 [ 30.623077] </TASK> [ 30.623360] [ 30.623577] Allocated by task 273: [ 30.623997] kasan_save_stack+0x3d/0x60 [ 30.624537] kasan_save_track+0x18/0x40 [ 30.624964] kasan_save_alloc_info+0x3b/0x50 [ 30.625530] __kasan_kmalloc+0xb7/0xc0 [ 30.626005] __kmalloc_cache_noprof+0x184/0x410 [ 30.626506] kasan_atomics+0x96/0x310 [ 30.626943] kunit_try_run_case+0x1b3/0x490 [ 30.627457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.628003] kthread+0x257/0x310 [ 30.628433] ret_from_fork+0x41/0x80 [ 30.628915] ret_from_fork_asm+0x1a/0x30 [ 30.629295] [ 30.629604] The buggy address belongs to the object at ffff888101abdc80 [ 30.629604] which belongs to the cache kmalloc-64 of size 64 [ 30.630709] The buggy address is located 0 bytes to the right of [ 30.630709] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.631633] [ 30.631789] The buggy address belongs to the physical page: [ 30.632475] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.633139] flags: 0x200000000000000(node=0|zone=2) [ 30.633650] page_type: f5(slab) [ 30.633932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.634433] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.635162] page dumped because: kasan: bad access detected [ 30.635730] [ 30.636011] Memory state around the buggy address: [ 30.636557] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.639469] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.641071] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.641677] ^ [ 30.642200] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.642710] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.643485] ================================================================== [ 30.395792] ================================================================== [ 30.396686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 30.397332] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.397860] [ 30.398028] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.399057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.399517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.400260] Call Trace: [ 30.400566] <TASK> [ 30.400789] dump_stack_lvl+0x73/0xb0 [ 30.401116] print_report+0xd1/0x640 [ 30.401396] ? __virt_addr_valid+0x1db/0x2d0 [ 30.401700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.402280] kasan_report+0x102/0x140 [ 30.402840] ? kasan_atomics_helper+0x1149/0x5450 [ 30.403362] ? kasan_atomics_helper+0x1149/0x5450 [ 30.403903] kasan_check_range+0x10c/0x1c0 [ 30.404362] __kasan_check_write+0x18/0x20 [ 30.404870] kasan_atomics_helper+0x1149/0x5450 [ 30.405346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.405950] ? ret_from_fork_asm+0x1a/0x30 [ 30.406282] ? ret_from_fork+0x41/0x80 [ 30.406585] kasan_atomics+0x1dd/0x310 [ 30.407874] ? __pfx_kasan_atomics+0x10/0x10 [ 30.409177] ? __pfx_read_tsc+0x10/0x10 [ 30.409634] ? ktime_get_ts64+0x84/0x230 [ 30.410039] kunit_try_run_case+0x1b3/0x490 [ 30.410910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.411239] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.411574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.411923] ? __kthread_parkme+0x82/0x160 [ 30.412212] ? preempt_count_sub+0x50/0x80 [ 30.412503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.412806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.416939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.417491] kthread+0x257/0x310 [ 30.418554] ? __pfx_kthread+0x10/0x10 [ 30.418863] ret_from_fork+0x41/0x80 [ 30.419188] ? __pfx_kthread+0x10/0x10 [ 30.419476] ret_from_fork_asm+0x1a/0x30 [ 30.419776] </TASK> [ 30.421068] [ 30.421705] Allocated by task 273: [ 30.422485] kasan_save_stack+0x3d/0x60 [ 30.423009] kasan_save_track+0x18/0x40 [ 30.423175] kasan_save_alloc_info+0x3b/0x50 [ 30.423979] __kasan_kmalloc+0xb7/0xc0 [ 30.424401] __kmalloc_cache_noprof+0x184/0x410 [ 30.424883] kasan_atomics+0x96/0x310 [ 30.425293] kunit_try_run_case+0x1b3/0x490 [ 30.425707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.426180] kthread+0x257/0x310 [ 30.426448] ret_from_fork+0x41/0x80 [ 30.426700] ret_from_fork_asm+0x1a/0x30 [ 30.427011] [ 30.427167] The buggy address belongs to the object at ffff888101abdc80 [ 30.427167] which belongs to the cache kmalloc-64 of size 64 [ 30.428143] The buggy address is located 0 bytes to the right of [ 30.428143] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.428983] [ 30.429204] The buggy address belongs to the physical page: [ 30.429739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.430447] flags: 0x200000000000000(node=0|zone=2) [ 30.430841] page_type: f5(slab) [ 30.431091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.431805] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.432421] page dumped because: kasan: bad access detected [ 30.432723] [ 30.432925] Memory state around the buggy address: [ 30.433440] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.434114] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.434614] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.435000] ^ [ 30.435478] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.436106] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.436766] ================================================================== [ 30.813793] ================================================================== [ 30.814441] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 30.814975] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.817289] [ 30.817453] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.818256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.819001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.820366] Call Trace: [ 30.820588] <TASK> [ 30.820765] dump_stack_lvl+0x73/0xb0 [ 30.821484] print_report+0xd1/0x640 [ 30.822153] ? __virt_addr_valid+0x1db/0x2d0 [ 30.822874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.823524] kasan_report+0x102/0x140 [ 30.824030] ? kasan_atomics_helper+0x151e/0x5450 [ 30.824881] ? kasan_atomics_helper+0x151e/0x5450 [ 30.825614] kasan_check_range+0x10c/0x1c0 [ 30.825968] __kasan_check_write+0x18/0x20 [ 30.826456] kasan_atomics_helper+0x151e/0x5450 [ 30.826839] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.827475] ? ret_from_fork_asm+0x1a/0x30 [ 30.827913] ? ret_from_fork+0x41/0x80 [ 30.828294] kasan_atomics+0x1dd/0x310 [ 30.828698] ? __pfx_kasan_atomics+0x10/0x10 [ 30.830047] ? __pfx_read_tsc+0x10/0x10 [ 30.830405] ? ktime_get_ts64+0x84/0x230 [ 30.831038] kunit_try_run_case+0x1b3/0x490 [ 30.831868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.832275] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.832920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.833402] ? __kthread_parkme+0x82/0x160 [ 30.833809] ? preempt_count_sub+0x50/0x80 [ 30.834665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.835438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.835997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.837218] kthread+0x257/0x310 [ 30.837541] ? __pfx_kthread+0x10/0x10 [ 30.837864] ret_from_fork+0x41/0x80 [ 30.838543] ? __pfx_kthread+0x10/0x10 [ 30.839190] ret_from_fork_asm+0x1a/0x30 [ 30.839658] </TASK> [ 30.839933] [ 30.840121] Allocated by task 273: [ 30.841164] kasan_save_stack+0x3d/0x60 [ 30.841567] kasan_save_track+0x18/0x40 [ 30.842008] kasan_save_alloc_info+0x3b/0x50 [ 30.842436] __kasan_kmalloc+0xb7/0xc0 [ 30.842780] __kmalloc_cache_noprof+0x184/0x410 [ 30.843184] kasan_atomics+0x96/0x310 [ 30.844200] kunit_try_run_case+0x1b3/0x490 [ 30.844641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.845178] kthread+0x257/0x310 [ 30.845875] ret_from_fork+0x41/0x80 [ 30.846132] ret_from_fork_asm+0x1a/0x30 [ 30.846785] [ 30.847060] The buggy address belongs to the object at ffff888101abdc80 [ 30.847060] which belongs to the cache kmalloc-64 of size 64 [ 30.848480] The buggy address is located 0 bytes to the right of [ 30.848480] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.850021] [ 30.850184] The buggy address belongs to the physical page: [ 30.850481] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.851246] flags: 0x200000000000000(node=0|zone=2) [ 30.852177] page_type: f5(slab) [ 30.852638] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.853716] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.854684] page dumped because: kasan: bad access detected [ 30.855104] [ 30.855352] Memory state around the buggy address: [ 30.856195] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.856708] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.857218] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.857765] ^ [ 30.858262] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.858776] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.860059] ================================================================== [ 31.224533] ================================================================== [ 31.225732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 31.226541] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.227412] [ 31.227748] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.229023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.229399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.230513] Call Trace: [ 31.230723] <TASK> [ 31.231181] dump_stack_lvl+0x73/0xb0 [ 31.232172] print_report+0xd1/0x640 [ 31.232737] ? __virt_addr_valid+0x1db/0x2d0 [ 31.233352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.233969] kasan_report+0x102/0x140 [ 31.234537] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.235060] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.235729] kasan_check_range+0x10c/0x1c0 [ 31.236209] __kasan_check_write+0x18/0x20 [ 31.236773] kasan_atomics_helper+0x1a80/0x5450 [ 31.237290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.238007] ? ret_from_fork_asm+0x1a/0x30 [ 31.238309] ? ret_from_fork+0x41/0x80 [ 31.238975] kasan_atomics+0x1dd/0x310 [ 31.239658] ? __pfx_kasan_atomics+0x10/0x10 [ 31.240213] ? __pfx_read_tsc+0x10/0x10 [ 31.240685] ? ktime_get_ts64+0x84/0x230 [ 31.241239] kunit_try_run_case+0x1b3/0x490 [ 31.241727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.242415] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.242810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.243158] ? __kthread_parkme+0x82/0x160 [ 31.243668] ? preempt_count_sub+0x50/0x80 [ 31.244532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.245047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.245894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.246287] kthread+0x257/0x310 [ 31.246877] ? __pfx_kthread+0x10/0x10 [ 31.247411] ret_from_fork+0x41/0x80 [ 31.248042] ? __pfx_kthread+0x10/0x10 [ 31.248622] ret_from_fork_asm+0x1a/0x30 [ 31.249015] </TASK> [ 31.249325] [ 31.249546] Allocated by task 273: [ 31.250141] kasan_save_stack+0x3d/0x60 [ 31.250695] kasan_save_track+0x18/0x40 [ 31.251266] kasan_save_alloc_info+0x3b/0x50 [ 31.251562] __kasan_kmalloc+0xb7/0xc0 [ 31.251836] __kmalloc_cache_noprof+0x184/0x410 [ 31.252335] kasan_atomics+0x96/0x310 [ 31.253006] kunit_try_run_case+0x1b3/0x490 [ 31.253602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.254360] kthread+0x257/0x310 [ 31.254734] ret_from_fork+0x41/0x80 [ 31.255230] ret_from_fork_asm+0x1a/0x30 [ 31.255880] [ 31.256044] The buggy address belongs to the object at ffff888101abdc80 [ 31.256044] which belongs to the cache kmalloc-64 of size 64 [ 31.257096] The buggy address is located 0 bytes to the right of [ 31.257096] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.257936] [ 31.258232] The buggy address belongs to the physical page: [ 31.258848] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.259702] flags: 0x200000000000000(node=0|zone=2) [ 31.260241] page_type: f5(slab) [ 31.260880] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.261449] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.262178] page dumped because: kasan: bad access detected [ 31.262882] [ 31.263143] Memory state around the buggy address: [ 31.263741] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.264269] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.264983] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.265347] ^ [ 31.265790] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.267034] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.267748] ================================================================== [ 29.650375] ================================================================== [ 29.651070] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 29.651643] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.653622] [ 29.654034] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.656737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.657666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.658607] Call Trace: [ 29.658982] <TASK> [ 29.659187] dump_stack_lvl+0x73/0xb0 [ 29.659724] print_report+0xd1/0x640 [ 29.660584] ? __virt_addr_valid+0x1db/0x2d0 [ 29.660993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.661871] kasan_report+0x102/0x140 [ 29.662218] ? kasan_atomics_helper+0x730/0x5450 [ 29.662934] ? kasan_atomics_helper+0x730/0x5450 [ 29.663313] kasan_check_range+0x10c/0x1c0 [ 29.664233] __kasan_check_write+0x18/0x20 [ 29.664647] kasan_atomics_helper+0x730/0x5450 [ 29.665219] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.666052] ? ret_from_fork_asm+0x1a/0x30 [ 29.666444] ? ret_from_fork+0x41/0x80 [ 29.667088] kasan_atomics+0x1dd/0x310 [ 29.667768] ? __pfx_kasan_atomics+0x10/0x10 [ 29.668513] ? __pfx_read_tsc+0x10/0x10 [ 29.668916] ? ktime_get_ts64+0x84/0x230 [ 29.669557] kunit_try_run_case+0x1b3/0x490 [ 29.670172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.670856] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.671477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.672131] ? __kthread_parkme+0x82/0x160 [ 29.672844] ? preempt_count_sub+0x50/0x80 [ 29.673473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.674141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.674914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.675626] kthread+0x257/0x310 [ 29.676155] ? __pfx_kthread+0x10/0x10 [ 29.676875] ret_from_fork+0x41/0x80 [ 29.677455] ? __pfx_kthread+0x10/0x10 [ 29.678026] ret_from_fork_asm+0x1a/0x30 [ 29.678631] </TASK> [ 29.679219] [ 29.679439] Allocated by task 273: [ 29.679793] kasan_save_stack+0x3d/0x60 [ 29.680163] kasan_save_track+0x18/0x40 [ 29.680677] kasan_save_alloc_info+0x3b/0x50 [ 29.681175] __kasan_kmalloc+0xb7/0xc0 [ 29.681548] __kmalloc_cache_noprof+0x184/0x410 [ 29.681948] kasan_atomics+0x96/0x310 [ 29.682375] kunit_try_run_case+0x1b3/0x490 [ 29.682996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.683362] kthread+0x257/0x310 [ 29.683659] ret_from_fork+0x41/0x80 [ 29.684129] ret_from_fork_asm+0x1a/0x30 [ 29.684690] [ 29.684932] The buggy address belongs to the object at ffff888101abdc80 [ 29.684932] which belongs to the cache kmalloc-64 of size 64 [ 29.685624] The buggy address is located 0 bytes to the right of [ 29.685624] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.686672] [ 29.686862] The buggy address belongs to the physical page: [ 29.687162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.687806] flags: 0x200000000000000(node=0|zone=2) [ 29.688309] page_type: f5(slab) [ 29.688685] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.689508] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.690211] page dumped because: kasan: bad access detected [ 29.690615] [ 29.690773] Memory state around the buggy address: [ 29.691075] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.691597] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.692342] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.693033] ^ [ 29.693616] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.694113] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.694673] ================================================================== [ 30.059847] ================================================================== [ 30.062933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 30.063660] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.064084] [ 30.064266] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.065240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.065567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.066031] Call Trace: [ 30.066242] <TASK> [ 30.066520] dump_stack_lvl+0x73/0xb0 [ 30.066979] print_report+0xd1/0x640 [ 30.067412] ? __virt_addr_valid+0x1db/0x2d0 [ 30.067900] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.068522] kasan_report+0x102/0x140 [ 30.068924] ? kasan_atomics_helper+0xd48/0x5450 [ 30.069303] ? kasan_atomics_helper+0xd48/0x5450 [ 30.069850] kasan_check_range+0x10c/0x1c0 [ 30.070164] __kasan_check_write+0x18/0x20 [ 30.070444] kasan_atomics_helper+0xd48/0x5450 [ 30.070747] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.071253] ? ret_from_fork_asm+0x1a/0x30 [ 30.071867] ? ret_from_fork+0x41/0x80 [ 30.072344] kasan_atomics+0x1dd/0x310 [ 30.072802] ? __pfx_kasan_atomics+0x10/0x10 [ 30.073333] ? __pfx_read_tsc+0x10/0x10 [ 30.073800] ? ktime_get_ts64+0x84/0x230 [ 30.074294] kunit_try_run_case+0x1b3/0x490 [ 30.074670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.075000] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.075315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.075631] ? __kthread_parkme+0x82/0x160 [ 30.076096] ? preempt_count_sub+0x50/0x80 [ 30.076699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.077272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.078569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.080100] kthread+0x257/0x310 [ 30.081018] ? __pfx_kthread+0x10/0x10 [ 30.082532] ret_from_fork+0x41/0x80 [ 30.083583] ? __pfx_kthread+0x10/0x10 [ 30.083979] ret_from_fork_asm+0x1a/0x30 [ 30.084872] </TASK> [ 30.085094] [ 30.085662] Allocated by task 273: [ 30.085967] kasan_save_stack+0x3d/0x60 [ 30.086588] kasan_save_track+0x18/0x40 [ 30.087488] kasan_save_alloc_info+0x3b/0x50 [ 30.087871] __kasan_kmalloc+0xb7/0xc0 [ 30.088144] __kmalloc_cache_noprof+0x184/0x410 [ 30.089104] kasan_atomics+0x96/0x310 [ 30.089436] kunit_try_run_case+0x1b3/0x490 [ 30.090029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.090952] kthread+0x257/0x310 [ 30.091687] ret_from_fork+0x41/0x80 [ 30.092021] ret_from_fork_asm+0x1a/0x30 [ 30.092597] [ 30.093202] The buggy address belongs to the object at ffff888101abdc80 [ 30.093202] which belongs to the cache kmalloc-64 of size 64 [ 30.094234] The buggy address is located 0 bytes to the right of [ 30.094234] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.095079] [ 30.095258] The buggy address belongs to the physical page: [ 30.095527] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.095773] flags: 0x200000000000000(node=0|zone=2) [ 30.096777] page_type: f5(slab) [ 30.097053] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.098044] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.098916] page dumped because: kasan: bad access detected [ 30.099501] [ 30.099724] Memory state around the buggy address: [ 30.100062] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.101278] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.102168] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.102870] ^ [ 30.103606] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.104321] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.105182] ================================================================== [ 31.179072] ================================================================== [ 31.180560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 31.181615] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.182214] [ 31.182873] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.184270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.184648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.185980] Call Trace: [ 31.186296] <TASK> [ 31.186913] dump_stack_lvl+0x73/0xb0 [ 31.187206] print_report+0xd1/0x640 [ 31.187635] ? __virt_addr_valid+0x1db/0x2d0 [ 31.188277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.189200] kasan_report+0x102/0x140 [ 31.189807] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.190330] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.191079] kasan_check_range+0x10c/0x1c0 [ 31.191522] __kasan_check_write+0x18/0x20 [ 31.192171] kasan_atomics_helper+0x19e4/0x5450 [ 31.192810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.193441] ? ret_from_fork_asm+0x1a/0x30 [ 31.194037] ? ret_from_fork+0x41/0x80 [ 31.194562] kasan_atomics+0x1dd/0x310 [ 31.195037] ? __pfx_kasan_atomics+0x10/0x10 [ 31.195602] ? __pfx_read_tsc+0x10/0x10 [ 31.196120] ? ktime_get_ts64+0x84/0x230 [ 31.196736] kunit_try_run_case+0x1b3/0x490 [ 31.197069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.197311] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.197890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.198486] ? __kthread_parkme+0x82/0x160 [ 31.199116] ? preempt_count_sub+0x50/0x80 [ 31.199769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.200361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.201185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.201843] kthread+0x257/0x310 [ 31.202310] ? __pfx_kthread+0x10/0x10 [ 31.202896] ret_from_fork+0x41/0x80 [ 31.203276] ? __pfx_kthread+0x10/0x10 [ 31.203577] ret_from_fork_asm+0x1a/0x30 [ 31.203776] </TASK> [ 31.203960] [ 31.204109] Allocated by task 273: [ 31.204560] kasan_save_stack+0x3d/0x60 [ 31.205006] kasan_save_track+0x18/0x40 [ 31.205401] kasan_save_alloc_info+0x3b/0x50 [ 31.205691] __kasan_kmalloc+0xb7/0xc0 [ 31.206190] __kmalloc_cache_noprof+0x184/0x410 [ 31.207282] kasan_atomics+0x96/0x310 [ 31.207720] kunit_try_run_case+0x1b3/0x490 [ 31.208069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.208609] kthread+0x257/0x310 [ 31.209104] ret_from_fork+0x41/0x80 [ 31.209584] ret_from_fork_asm+0x1a/0x30 [ 31.209886] [ 31.210212] The buggy address belongs to the object at ffff888101abdc80 [ 31.210212] which belongs to the cache kmalloc-64 of size 64 [ 31.211741] The buggy address is located 0 bytes to the right of [ 31.211741] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.212847] [ 31.213186] The buggy address belongs to the physical page: [ 31.213536] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.214293] flags: 0x200000000000000(node=0|zone=2) [ 31.215226] page_type: f5(slab) [ 31.215609] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.216537] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.217047] page dumped because: kasan: bad access detected [ 31.217350] [ 31.217661] Memory state around the buggy address: [ 31.218455] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.219360] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.220314] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.220902] ^ [ 31.221411] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.221955] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.222415] ================================================================== [ 31.314867] ================================================================== [ 31.315524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 31.316327] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.317107] [ 31.317465] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.318471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.318864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.319517] Call Trace: [ 31.319853] <TASK> [ 31.320192] dump_stack_lvl+0x73/0xb0 [ 31.320710] print_report+0xd1/0x640 [ 31.321015] ? __virt_addr_valid+0x1db/0x2d0 [ 31.321548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.322200] kasan_report+0x102/0x140 [ 31.322701] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.323521] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.324102] kasan_check_range+0x10c/0x1c0 [ 31.324637] __kasan_check_write+0x18/0x20 [ 31.324956] kasan_atomics_helper+0x1c19/0x5450 [ 31.325536] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.325971] ? ret_from_fork_asm+0x1a/0x30 [ 31.326486] ? ret_from_fork+0x41/0x80 [ 31.326948] kasan_atomics+0x1dd/0x310 [ 31.327357] ? __pfx_kasan_atomics+0x10/0x10 [ 31.327710] ? __pfx_read_tsc+0x10/0x10 [ 31.328161] ? ktime_get_ts64+0x84/0x230 [ 31.328648] kunit_try_run_case+0x1b3/0x490 [ 31.329187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.329666] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.330015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.330533] ? __kthread_parkme+0x82/0x160 [ 31.331047] ? preempt_count_sub+0x50/0x80 [ 31.331480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.332001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.332409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.333007] kthread+0x257/0x310 [ 31.333456] ? __pfx_kthread+0x10/0x10 [ 31.333947] ret_from_fork+0x41/0x80 [ 31.334412] ? __pfx_kthread+0x10/0x10 [ 31.334847] ret_from_fork_asm+0x1a/0x30 [ 31.335159] </TASK> [ 31.335536] [ 31.335762] Allocated by task 273: [ 31.336180] kasan_save_stack+0x3d/0x60 [ 31.336638] kasan_save_track+0x18/0x40 [ 31.337068] kasan_save_alloc_info+0x3b/0x50 [ 31.337504] __kasan_kmalloc+0xb7/0xc0 [ 31.337971] __kmalloc_cache_noprof+0x184/0x410 [ 31.338455] kasan_atomics+0x96/0x310 [ 31.338838] kunit_try_run_case+0x1b3/0x490 [ 31.339420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.339859] kthread+0x257/0x310 [ 31.340292] ret_from_fork+0x41/0x80 [ 31.340607] ret_from_fork_asm+0x1a/0x30 [ 31.341055] [ 31.341316] The buggy address belongs to the object at ffff888101abdc80 [ 31.341316] which belongs to the cache kmalloc-64 of size 64 [ 31.342199] The buggy address is located 0 bytes to the right of [ 31.342199] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.342977] [ 31.343209] The buggy address belongs to the physical page: [ 31.343631] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.344409] flags: 0x200000000000000(node=0|zone=2) [ 31.344850] page_type: f5(slab) [ 31.345185] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.345796] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.346372] page dumped because: kasan: bad access detected [ 31.346921] [ 31.347081] Memory state around the buggy address: [ 31.347406] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.347777] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.348515] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.349222] ^ [ 31.349746] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.350312] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.350873] ================================================================== [ 30.236188] ================================================================== [ 30.236699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 30.237362] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.238045] [ 30.238337] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.238959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.239376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.240163] Call Trace: [ 30.240520] <TASK> [ 30.240856] dump_stack_lvl+0x73/0xb0 [ 30.241357] print_report+0xd1/0x640 [ 30.241675] ? __virt_addr_valid+0x1db/0x2d0 [ 30.242211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.242697] kasan_report+0x102/0x140 [ 30.243001] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.243368] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.243693] kasan_check_range+0x10c/0x1c0 [ 30.244131] __kasan_check_write+0x18/0x20 [ 30.244684] kasan_atomics_helper+0xfaa/0x5450 [ 30.245275] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.245785] ? ret_from_fork_asm+0x1a/0x30 [ 30.246272] ? ret_from_fork+0x41/0x80 [ 30.246718] kasan_atomics+0x1dd/0x310 [ 30.247303] ? __pfx_kasan_atomics+0x10/0x10 [ 30.247833] ? __pfx_read_tsc+0x10/0x10 [ 30.248330] ? ktime_get_ts64+0x84/0x230 [ 30.248773] kunit_try_run_case+0x1b3/0x490 [ 30.249192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.249756] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.250215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.250594] ? __kthread_parkme+0x82/0x160 [ 30.250906] ? preempt_count_sub+0x50/0x80 [ 30.251466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.252044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.252715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.253342] kthread+0x257/0x310 [ 30.253665] ? __pfx_kthread+0x10/0x10 [ 30.253982] ret_from_fork+0x41/0x80 [ 30.254293] ? __pfx_kthread+0x10/0x10 [ 30.254574] ret_from_fork_asm+0x1a/0x30 [ 30.254894] </TASK> [ 30.255216] [ 30.255511] Allocated by task 273: [ 30.255960] kasan_save_stack+0x3d/0x60 [ 30.256517] kasan_save_track+0x18/0x40 [ 30.256951] kasan_save_alloc_info+0x3b/0x50 [ 30.257487] __kasan_kmalloc+0xb7/0xc0 [ 30.257937] __kmalloc_cache_noprof+0x184/0x410 [ 30.258489] kasan_atomics+0x96/0x310 [ 30.258931] kunit_try_run_case+0x1b3/0x490 [ 30.259973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.261049] kthread+0x257/0x310 [ 30.261409] ret_from_fork+0x41/0x80 [ 30.261674] ret_from_fork_asm+0x1a/0x30 [ 30.262979] [ 30.263452] The buggy address belongs to the object at ffff888101abdc80 [ 30.263452] which belongs to the cache kmalloc-64 of size 64 [ 30.264301] The buggy address is located 0 bytes to the right of [ 30.264301] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.264910] [ 30.265134] The buggy address belongs to the physical page: [ 30.265628] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.266411] flags: 0x200000000000000(node=0|zone=2) [ 30.266912] page_type: f5(slab) [ 30.267293] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.267807] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.268384] page dumped because: kasan: bad access detected [ 30.268890] [ 30.269114] Memory state around the buggy address: [ 30.269555] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.270160] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.270706] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.271457] ^ [ 30.271747] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.272445] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.273960] ================================================================== [ 30.438335] ================================================================== [ 30.439142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 30.439888] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.440537] [ 30.440720] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.441289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.441708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.442561] Call Trace: [ 30.442864] <TASK> [ 30.443063] dump_stack_lvl+0x73/0xb0 [ 30.443627] print_report+0xd1/0x640 [ 30.444043] ? __virt_addr_valid+0x1db/0x2d0 [ 30.445322] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.445680] kasan_report+0x102/0x140 [ 30.446591] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.447097] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.447609] __asan_report_load4_noabort+0x18/0x20 [ 30.450045] kasan_atomics_helper+0x4a04/0x5450 [ 30.450401] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.450926] ? ret_from_fork_asm+0x1a/0x30 [ 30.451273] ? ret_from_fork+0x41/0x80 [ 30.451713] kasan_atomics+0x1dd/0x310 [ 30.452528] ? __pfx_kasan_atomics+0x10/0x10 [ 30.453294] ? __pfx_read_tsc+0x10/0x10 [ 30.453657] ? ktime_get_ts64+0x84/0x230 [ 30.454058] kunit_try_run_case+0x1b3/0x490 [ 30.454476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.454944] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.455284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.455804] ? __kthread_parkme+0x82/0x160 [ 30.456258] ? preempt_count_sub+0x50/0x80 [ 30.456697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.457198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.457703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.458550] kthread+0x257/0x310 [ 30.458993] ? __pfx_kthread+0x10/0x10 [ 30.459426] ret_from_fork+0x41/0x80 [ 30.459759] ? __pfx_kthread+0x10/0x10 [ 30.460225] ret_from_fork_asm+0x1a/0x30 [ 30.460650] </TASK> [ 30.460860] [ 30.461078] Allocated by task 273: [ 30.461485] kasan_save_stack+0x3d/0x60 [ 30.461926] kasan_save_track+0x18/0x40 [ 30.462309] kasan_save_alloc_info+0x3b/0x50 [ 30.462601] __kasan_kmalloc+0xb7/0xc0 [ 30.462959] __kmalloc_cache_noprof+0x184/0x410 [ 30.463458] kasan_atomics+0x96/0x310 [ 30.463891] kunit_try_run_case+0x1b3/0x490 [ 30.464374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.464897] kthread+0x257/0x310 [ 30.465138] ret_from_fork+0x41/0x80 [ 30.465584] ret_from_fork_asm+0x1a/0x30 [ 30.466038] [ 30.466296] The buggy address belongs to the object at ffff888101abdc80 [ 30.466296] which belongs to the cache kmalloc-64 of size 64 [ 30.466911] The buggy address is located 0 bytes to the right of [ 30.466911] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.467537] [ 30.467771] The buggy address belongs to the physical page: [ 30.468325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.469103] flags: 0x200000000000000(node=0|zone=2) [ 30.469639] page_type: f5(slab) [ 30.470029] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.470732] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.471320] page dumped because: kasan: bad access detected [ 30.471772] [ 30.472008] Memory state around the buggy address: [ 30.472398] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.472763] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.473462] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.474107] ^ [ 30.474617] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.475060] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.475639] ================================================================== [ 30.361197] ================================================================== [ 30.361652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 30.362093] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.362599] [ 30.362931] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.363743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.364344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.365049] Call Trace: [ 30.365261] <TASK> [ 30.365458] dump_stack_lvl+0x73/0xb0 [ 30.365755] print_report+0xd1/0x640 [ 30.366203] ? __virt_addr_valid+0x1db/0x2d0 [ 30.366668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.367402] kasan_report+0x102/0x140 [ 30.367788] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.368302] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.368696] __asan_report_load4_noabort+0x18/0x20 [ 30.369197] kasan_atomics_helper+0x4a1e/0x5450 [ 30.369687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.370077] ? ret_from_fork_asm+0x1a/0x30 [ 30.370588] ? ret_from_fork+0x41/0x80 [ 30.370967] kasan_atomics+0x1dd/0x310 [ 30.371302] ? __pfx_kasan_atomics+0x10/0x10 [ 30.371678] ? __pfx_read_tsc+0x10/0x10 [ 30.371974] ? ktime_get_ts64+0x84/0x230 [ 30.372261] kunit_try_run_case+0x1b3/0x490 [ 30.372724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.373391] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.373961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.374587] ? __kthread_parkme+0x82/0x160 [ 30.374982] ? preempt_count_sub+0x50/0x80 [ 30.375276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.375965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.376709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.377086] kthread+0x257/0x310 [ 30.377348] ? __pfx_kthread+0x10/0x10 [ 30.377617] ret_from_fork+0x41/0x80 [ 30.378011] ? __pfx_kthread+0x10/0x10 [ 30.378463] ret_from_fork_asm+0x1a/0x30 [ 30.379005] </TASK> [ 30.379364] [ 30.379587] Allocated by task 273: [ 30.379964] kasan_save_stack+0x3d/0x60 [ 30.380401] kasan_save_track+0x18/0x40 [ 30.380745] kasan_save_alloc_info+0x3b/0x50 [ 30.381060] __kasan_kmalloc+0xb7/0xc0 [ 30.381433] __kmalloc_cache_noprof+0x184/0x410 [ 30.381964] kasan_atomics+0x96/0x310 [ 30.382398] kunit_try_run_case+0x1b3/0x490 [ 30.382859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.383382] kthread+0x257/0x310 [ 30.383675] ret_from_fork+0x41/0x80 [ 30.384092] ret_from_fork_asm+0x1a/0x30 [ 30.384476] [ 30.384700] The buggy address belongs to the object at ffff888101abdc80 [ 30.384700] which belongs to the cache kmalloc-64 of size 64 [ 30.385515] The buggy address is located 0 bytes to the right of [ 30.385515] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.386810] [ 30.387009] The buggy address belongs to the physical page: [ 30.387308] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.387710] flags: 0x200000000000000(node=0|zone=2) [ 30.388210] page_type: f5(slab) [ 30.388575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.389614] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.390324] page dumped because: kasan: bad access detected [ 30.390814] [ 30.391056] Memory state around the buggy address: [ 30.391534] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.391956] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.392384] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.393047] ^ [ 30.393664] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.394324] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.394694] ================================================================== [ 31.269891] ================================================================== [ 31.270862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 31.271320] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.272163] [ 31.272398] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.273191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.274213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.274993] Call Trace: [ 31.275922] <TASK> [ 31.276259] dump_stack_lvl+0x73/0xb0 [ 31.276769] print_report+0xd1/0x640 [ 31.276986] ? __virt_addr_valid+0x1db/0x2d0 [ 31.277161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.277986] kasan_report+0x102/0x140 [ 31.278360] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.278736] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.279394] kasan_check_range+0x10c/0x1c0 [ 31.279723] __kasan_check_write+0x18/0x20 [ 31.280130] kasan_atomics_helper+0x1b23/0x5450 [ 31.281252] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.281758] ? ret_from_fork_asm+0x1a/0x30 [ 31.282559] ? ret_from_fork+0x41/0x80 [ 31.283294] kasan_atomics+0x1dd/0x310 [ 31.283648] ? __pfx_kasan_atomics+0x10/0x10 [ 31.284280] ? __pfx_read_tsc+0x10/0x10 [ 31.284914] ? ktime_get_ts64+0x84/0x230 [ 31.285521] kunit_try_run_case+0x1b3/0x490 [ 31.286197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.286849] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.287557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.288289] ? __kthread_parkme+0x82/0x160 [ 31.288985] ? preempt_count_sub+0x50/0x80 [ 31.289637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.290252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.291156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.291553] kthread+0x257/0x310 [ 31.292382] ? __pfx_kthread+0x10/0x10 [ 31.292783] ret_from_fork+0x41/0x80 [ 31.293492] ? __pfx_kthread+0x10/0x10 [ 31.293891] ret_from_fork_asm+0x1a/0x30 [ 31.294333] </TASK> [ 31.294525] [ 31.294739] Allocated by task 273: [ 31.295152] kasan_save_stack+0x3d/0x60 [ 31.295651] kasan_save_track+0x18/0x40 [ 31.296057] kasan_save_alloc_info+0x3b/0x50 [ 31.296442] __kasan_kmalloc+0xb7/0xc0 [ 31.296969] __kmalloc_cache_noprof+0x184/0x410 [ 31.297321] kasan_atomics+0x96/0x310 [ 31.297729] kunit_try_run_case+0x1b3/0x490 [ 31.298196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.298521] kthread+0x257/0x310 [ 31.298767] ret_from_fork+0x41/0x80 [ 31.299230] ret_from_fork_asm+0x1a/0x30 [ 31.299652] [ 31.299939] The buggy address belongs to the object at ffff888101abdc80 [ 31.299939] which belongs to the cache kmalloc-64 of size 64 [ 31.301325] The buggy address is located 0 bytes to the right of [ 31.301325] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.301947] [ 31.302101] The buggy address belongs to the physical page: [ 31.302505] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.303322] flags: 0x200000000000000(node=0|zone=2) [ 31.303837] page_type: f5(slab) [ 31.304385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.304984] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.305643] page dumped because: kasan: bad access detected [ 31.306123] [ 31.306312] Memory state around the buggy address: [ 31.306655] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.308044] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.309991] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.310760] ^ [ 31.311416] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.312288] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.312982] ================================================================== [ 31.088177] ================================================================== [ 31.088577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 31.089091] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.089881] [ 31.090201] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.090698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.091859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.092781] Call Trace: [ 31.093307] <TASK> [ 31.093721] dump_stack_lvl+0x73/0xb0 [ 31.094314] print_report+0xd1/0x640 [ 31.094740] ? __virt_addr_valid+0x1db/0x2d0 [ 31.095159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.096037] kasan_report+0x102/0x140 [ 31.096622] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.097525] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.097990] kasan_check_range+0x10c/0x1c0 [ 31.098664] __kasan_check_write+0x18/0x20 [ 31.099031] kasan_atomics_helper+0x18b2/0x5450 [ 31.099556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.100060] ? ret_from_fork_asm+0x1a/0x30 [ 31.101106] ? ret_from_fork+0x41/0x80 [ 31.101493] kasan_atomics+0x1dd/0x310 [ 31.102290] ? __pfx_kasan_atomics+0x10/0x10 [ 31.102700] ? __pfx_read_tsc+0x10/0x10 [ 31.103287] ? ktime_get_ts64+0x84/0x230 [ 31.103655] kunit_try_run_case+0x1b3/0x490 [ 31.104074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.104917] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.105325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.106087] ? __kthread_parkme+0x82/0x160 [ 31.106691] ? preempt_count_sub+0x50/0x80 [ 31.107300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.107750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.108258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.109208] kthread+0x257/0x310 [ 31.109561] ? __pfx_kthread+0x10/0x10 [ 31.110328] ret_from_fork+0x41/0x80 [ 31.110724] ? __pfx_kthread+0x10/0x10 [ 31.111106] ret_from_fork_asm+0x1a/0x30 [ 31.111582] </TASK> [ 31.111852] [ 31.112015] Allocated by task 273: [ 31.113217] kasan_save_stack+0x3d/0x60 [ 31.113600] kasan_save_track+0x18/0x40 [ 31.114357] kasan_save_alloc_info+0x3b/0x50 [ 31.114795] __kasan_kmalloc+0xb7/0xc0 [ 31.115180] __kmalloc_cache_noprof+0x184/0x410 [ 31.116004] kasan_atomics+0x96/0x310 [ 31.116478] kunit_try_run_case+0x1b3/0x490 [ 31.116864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.117291] kthread+0x257/0x310 [ 31.118271] ret_from_fork+0x41/0x80 [ 31.118609] ret_from_fork_asm+0x1a/0x30 [ 31.119195] [ 31.119682] The buggy address belongs to the object at ffff888101abdc80 [ 31.119682] which belongs to the cache kmalloc-64 of size 64 [ 31.120886] The buggy address is located 0 bytes to the right of [ 31.120886] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.122392] [ 31.122695] The buggy address belongs to the physical page: [ 31.123469] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.124068] flags: 0x200000000000000(node=0|zone=2) [ 31.124538] page_type: f5(slab) [ 31.124870] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.125467] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.126027] page dumped because: kasan: bad access detected [ 31.126506] [ 31.126699] Memory state around the buggy address: [ 31.128037] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.128642] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.129731] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.130522] ^ [ 31.131149] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.131898] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.132632] ================================================================== [ 29.943767] ================================================================== [ 29.944334] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 29.944802] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.945203] [ 29.945508] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.946489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.947067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.948027] Call Trace: [ 29.948244] <TASK> [ 29.948443] dump_stack_lvl+0x73/0xb0 [ 29.948750] print_report+0xd1/0x640 [ 29.949159] ? __virt_addr_valid+0x1db/0x2d0 [ 29.949638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.950290] kasan_report+0x102/0x140 [ 29.950582] ? kasan_atomics_helper+0xb6b/0x5450 [ 29.950908] ? kasan_atomics_helper+0xb6b/0x5450 [ 29.951223] kasan_check_range+0x10c/0x1c0 [ 29.951520] __kasan_check_write+0x18/0x20 [ 29.951807] kasan_atomics_helper+0xb6b/0x5450 [ 29.952349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.952878] ? ret_from_fork_asm+0x1a/0x30 [ 29.953457] ? ret_from_fork+0x41/0x80 [ 29.953940] kasan_atomics+0x1dd/0x310 [ 29.954377] ? __pfx_kasan_atomics+0x10/0x10 [ 29.954862] ? __pfx_read_tsc+0x10/0x10 [ 29.955323] ? ktime_get_ts64+0x84/0x230 [ 29.955790] kunit_try_run_case+0x1b3/0x490 [ 29.956297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.956806] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.957244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.957761] ? __kthread_parkme+0x82/0x160 [ 29.958147] ? preempt_count_sub+0x50/0x80 [ 29.958713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.959128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.959899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.960238] kthread+0x257/0x310 [ 29.960665] ? __pfx_kthread+0x10/0x10 [ 29.961108] ret_from_fork+0x41/0x80 [ 29.961496] ? __pfx_kthread+0x10/0x10 [ 29.962025] ret_from_fork_asm+0x1a/0x30 [ 29.962470] </TASK> [ 29.962662] [ 29.962815] Allocated by task 273: [ 29.963072] kasan_save_stack+0x3d/0x60 [ 29.963343] kasan_save_track+0x18/0x40 [ 29.963605] kasan_save_alloc_info+0x3b/0x50 [ 29.963941] __kasan_kmalloc+0xb7/0xc0 [ 29.964364] __kmalloc_cache_noprof+0x184/0x410 [ 29.964850] kasan_atomics+0x96/0x310 [ 29.965260] kunit_try_run_case+0x1b3/0x490 [ 29.965785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.966342] kthread+0x257/0x310 [ 29.966717] ret_from_fork+0x41/0x80 [ 29.967106] ret_from_fork_asm+0x1a/0x30 [ 29.967669] [ 29.967896] The buggy address belongs to the object at ffff888101abdc80 [ 29.967896] which belongs to the cache kmalloc-64 of size 64 [ 29.968758] The buggy address is located 0 bytes to the right of [ 29.968758] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.969938] [ 29.970108] The buggy address belongs to the physical page: [ 29.970603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.971211] flags: 0x200000000000000(node=0|zone=2) [ 29.971693] page_type: f5(slab) [ 29.972089] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.972984] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.973563] page dumped because: kasan: bad access detected [ 29.974099] [ 29.974308] Memory state around the buggy address: [ 29.974597] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.974991] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.975357] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.975712] ^ [ 29.976159] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.976790] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.977671] ================================================================== [ 30.942806] ================================================================== [ 30.943645] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 30.944290] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.946234] [ 30.946507] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.947579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.947979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.949050] Call Trace: [ 30.949682] <TASK> [ 30.949873] dump_stack_lvl+0x73/0xb0 [ 30.950343] print_report+0xd1/0x640 [ 30.951210] ? __virt_addr_valid+0x1db/0x2d0 [ 30.951668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.952580] kasan_report+0x102/0x140 [ 30.952964] ? kasan_atomics_helper+0x16e8/0x5450 [ 30.953632] ? kasan_atomics_helper+0x16e8/0x5450 [ 30.953977] kasan_check_range+0x10c/0x1c0 [ 30.954784] __kasan_check_write+0x18/0x20 [ 30.955414] kasan_atomics_helper+0x16e8/0x5450 [ 30.955874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.956336] ? ret_from_fork_asm+0x1a/0x30 [ 30.956732] ? ret_from_fork+0x41/0x80 [ 30.957605] kasan_atomics+0x1dd/0x310 [ 30.958031] ? __pfx_kasan_atomics+0x10/0x10 [ 30.958764] ? __pfx_read_tsc+0x10/0x10 [ 30.959187] ? ktime_get_ts64+0x84/0x230 [ 30.959928] kunit_try_run_case+0x1b3/0x490 [ 30.960570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.961081] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.961861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.962586] ? __kthread_parkme+0x82/0x160 [ 30.962979] ? preempt_count_sub+0x50/0x80 [ 30.963732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.964198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.965090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.965762] kthread+0x257/0x310 [ 30.966215] ? __pfx_kthread+0x10/0x10 [ 30.966605] ret_from_fork+0x41/0x80 [ 30.967376] ? __pfx_kthread+0x10/0x10 [ 30.967805] ret_from_fork_asm+0x1a/0x30 [ 30.968563] </TASK> [ 30.968792] [ 30.969069] Allocated by task 273: [ 30.969865] kasan_save_stack+0x3d/0x60 [ 30.970266] kasan_save_track+0x18/0x40 [ 30.970893] kasan_save_alloc_info+0x3b/0x50 [ 30.971674] __kasan_kmalloc+0xb7/0xc0 [ 30.972101] __kmalloc_cache_noprof+0x184/0x410 [ 30.972833] kasan_atomics+0x96/0x310 [ 30.973224] kunit_try_run_case+0x1b3/0x490 [ 30.973773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.974164] kthread+0x257/0x310 [ 30.974574] ret_from_fork+0x41/0x80 [ 30.974964] ret_from_fork_asm+0x1a/0x30 [ 30.975330] [ 30.975547] The buggy address belongs to the object at ffff888101abdc80 [ 30.975547] which belongs to the cache kmalloc-64 of size 64 [ 30.977201] The buggy address is located 0 bytes to the right of [ 30.977201] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.978704] [ 30.979362] The buggy address belongs to the physical page: [ 30.979675] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.981003] flags: 0x200000000000000(node=0|zone=2) [ 30.981386] page_type: f5(slab) [ 30.981773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.982812] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.983352] page dumped because: kasan: bad access detected [ 30.984191] [ 30.984364] Memory state around the buggy address: [ 30.985104] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.986133] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.986886] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.987875] ^ [ 30.988588] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.989282] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.990136] ================================================================== [ 31.352169] ================================================================== [ 31.352928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 31.353923] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.354589] [ 31.354885] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.355675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.355920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.356644] Call Trace: [ 31.357013] <TASK> [ 31.357346] dump_stack_lvl+0x73/0xb0 [ 31.357872] print_report+0xd1/0x640 [ 31.358364] ? __virt_addr_valid+0x1db/0x2d0 [ 31.359020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.359419] kasan_report+0x102/0x140 [ 31.359691] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.360181] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.360740] __asan_report_load8_noabort+0x18/0x20 [ 31.361285] kasan_atomics_helper+0x4f32/0x5450 [ 31.361752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.362297] ? ret_from_fork_asm+0x1a/0x30 [ 31.362595] ? ret_from_fork+0x41/0x80 [ 31.362920] kasan_atomics+0x1dd/0x310 [ 31.363396] ? __pfx_kasan_atomics+0x10/0x10 [ 31.363944] ? __pfx_read_tsc+0x10/0x10 [ 31.364464] ? ktime_get_ts64+0x84/0x230 [ 31.364927] kunit_try_run_case+0x1b3/0x490 [ 31.365495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.365880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.366212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.366586] ? __kthread_parkme+0x82/0x160 [ 31.366902] ? preempt_count_sub+0x50/0x80 [ 31.367423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.367961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.368592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.369195] kthread+0x257/0x310 [ 31.369628] ? __pfx_kthread+0x10/0x10 [ 31.370140] ret_from_fork+0x41/0x80 [ 31.370594] ? __pfx_kthread+0x10/0x10 [ 31.371051] ret_from_fork_asm+0x1a/0x30 [ 31.371479] </TASK> [ 31.371673] [ 31.371842] Allocated by task 273: [ 31.372206] kasan_save_stack+0x3d/0x60 [ 31.372721] kasan_save_track+0x18/0x40 [ 31.373186] kasan_save_alloc_info+0x3b/0x50 [ 31.373693] __kasan_kmalloc+0xb7/0xc0 [ 31.374436] __kmalloc_cache_noprof+0x184/0x410 [ 31.375251] kasan_atomics+0x96/0x310 [ 31.375603] kunit_try_run_case+0x1b3/0x490 [ 31.376067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.376508] kthread+0x257/0x310 [ 31.379030] ret_from_fork+0x41/0x80 [ 31.380130] ret_from_fork_asm+0x1a/0x30 [ 31.381140] [ 31.381757] The buggy address belongs to the object at ffff888101abdc80 [ 31.381757] which belongs to the cache kmalloc-64 of size 64 [ 31.383677] The buggy address is located 0 bytes to the right of [ 31.383677] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.384402] [ 31.384632] The buggy address belongs to the physical page: [ 31.385107] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.386494] flags: 0x200000000000000(node=0|zone=2) [ 31.386905] page_type: f5(slab) [ 31.387262] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.388177] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.388903] page dumped because: kasan: bad access detected [ 31.389560] [ 31.389785] Memory state around the buggy address: [ 31.390631] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.391240] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.391929] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.392527] ^ [ 31.393444] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.393854] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.394810] ================================================================== [ 29.407563] ================================================================== [ 29.407975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 29.408579] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.409371] [ 29.409669] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.410792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.411172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.412120] Call Trace: [ 29.412637] <TASK> [ 29.413331] dump_stack_lvl+0x73/0xb0 [ 29.413984] print_report+0xd1/0x640 [ 29.414512] ? __virt_addr_valid+0x1db/0x2d0 [ 29.415166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.415893] kasan_report+0x102/0x140 [ 29.416451] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.417156] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.417898] __asan_report_load4_noabort+0x18/0x20 [ 29.418662] kasan_atomics_helper+0x4b56/0x5450 [ 29.419011] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.419733] ? ret_from_fork_asm+0x1a/0x30 [ 29.420296] ? ret_from_fork+0x41/0x80 [ 29.420857] kasan_atomics+0x1dd/0x310 [ 29.421401] ? __pfx_kasan_atomics+0x10/0x10 [ 29.421962] ? __pfx_read_tsc+0x10/0x10 [ 29.422466] ? ktime_get_ts64+0x84/0x230 [ 29.423095] kunit_try_run_case+0x1b3/0x490 [ 29.423572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.424015] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.424344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.424791] ? __kthread_parkme+0x82/0x160 [ 29.425248] ? preempt_count_sub+0x50/0x80 [ 29.425566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.426099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.426801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.427253] kthread+0x257/0x310 [ 29.427689] ? __pfx_kthread+0x10/0x10 [ 29.428123] ret_from_fork+0x41/0x80 [ 29.428693] ? __pfx_kthread+0x10/0x10 [ 29.429001] ret_from_fork_asm+0x1a/0x30 [ 29.429514] </TASK> [ 29.429855] [ 29.430107] Allocated by task 273: [ 29.430337] kasan_save_stack+0x3d/0x60 [ 29.430817] kasan_save_track+0x18/0x40 [ 29.431441] kasan_save_alloc_info+0x3b/0x50 [ 29.431797] __kasan_kmalloc+0xb7/0xc0 [ 29.432086] __kmalloc_cache_noprof+0x184/0x410 [ 29.432442] kasan_atomics+0x96/0x310 [ 29.432884] kunit_try_run_case+0x1b3/0x490 [ 29.433463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.434015] kthread+0x257/0x310 [ 29.434416] ret_from_fork+0x41/0x80 [ 29.434866] ret_from_fork_asm+0x1a/0x30 [ 29.435317] [ 29.435502] The buggy address belongs to the object at ffff888101abdc80 [ 29.435502] which belongs to the cache kmalloc-64 of size 64 [ 29.436080] The buggy address is located 0 bytes to the right of [ 29.436080] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.436842] [ 29.437071] The buggy address belongs to the physical page: [ 29.437749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.438577] flags: 0x200000000000000(node=0|zone=2) [ 29.438912] page_type: f5(slab) [ 29.439154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.439938] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.440792] page dumped because: kasan: bad access detected [ 29.441242] [ 29.441461] Memory state around the buggy address: [ 29.441789] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.442379] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.442850] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.443407] ^ [ 29.443908] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.444643] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.445050] ================================================================== [ 30.321578] ================================================================== [ 30.322309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 30.323540] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.324004] [ 30.324290] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.325639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.326262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.326937] Call Trace: [ 30.327174] <TASK> [ 30.328331] dump_stack_lvl+0x73/0xb0 [ 30.328697] print_report+0xd1/0x640 [ 30.329275] ? __virt_addr_valid+0x1db/0x2d0 [ 30.329705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.330483] kasan_report+0x102/0x140 [ 30.330872] ? kasan_atomics_helper+0x107a/0x5450 [ 30.331290] ? kasan_atomics_helper+0x107a/0x5450 [ 30.331698] kasan_check_range+0x10c/0x1c0 [ 30.332635] __kasan_check_write+0x18/0x20 [ 30.333180] kasan_atomics_helper+0x107a/0x5450 [ 30.333930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.334314] ? ret_from_fork_asm+0x1a/0x30 [ 30.335008] ? ret_from_fork+0x41/0x80 [ 30.335654] kasan_atomics+0x1dd/0x310 [ 30.336260] ? __pfx_kasan_atomics+0x10/0x10 [ 30.336698] ? __pfx_read_tsc+0x10/0x10 [ 30.337077] ? ktime_get_ts64+0x84/0x230 [ 30.337482] kunit_try_run_case+0x1b3/0x490 [ 30.338467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.338921] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.339532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.340142] ? __kthread_parkme+0x82/0x160 [ 30.340761] ? preempt_count_sub+0x50/0x80 [ 30.341114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.341855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.342589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.343324] kthread+0x257/0x310 [ 30.343603] ? __pfx_kthread+0x10/0x10 [ 30.344047] ret_from_fork+0x41/0x80 [ 30.344400] ? __pfx_kthread+0x10/0x10 [ 30.344845] ret_from_fork_asm+0x1a/0x30 [ 30.345178] </TASK> [ 30.345505] [ 30.345717] Allocated by task 273: [ 30.345983] kasan_save_stack+0x3d/0x60 [ 30.346389] kasan_save_track+0x18/0x40 [ 30.346814] kasan_save_alloc_info+0x3b/0x50 [ 30.347169] __kasan_kmalloc+0xb7/0xc0 [ 30.347436] __kmalloc_cache_noprof+0x184/0x410 [ 30.347909] kasan_atomics+0x96/0x310 [ 30.348383] kunit_try_run_case+0x1b3/0x490 [ 30.348804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.349418] kthread+0x257/0x310 [ 30.349701] ret_from_fork+0x41/0x80 [ 30.350059] ret_from_fork_asm+0x1a/0x30 [ 30.350334] [ 30.350494] The buggy address belongs to the object at ffff888101abdc80 [ 30.350494] which belongs to the cache kmalloc-64 of size 64 [ 30.351606] The buggy address is located 0 bytes to the right of [ 30.351606] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.352329] [ 30.352497] The buggy address belongs to the physical page: [ 30.352794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.353526] flags: 0x200000000000000(node=0|zone=2) [ 30.354030] page_type: f5(slab) [ 30.354430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.355124] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.355577] page dumped because: kasan: bad access detected [ 30.355903] [ 30.356052] Memory state around the buggy address: [ 30.356584] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.357219] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.357852] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.358335] ^ [ 30.358745] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.359479] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.359864] ================================================================== [ 29.277934] ================================================================== [ 29.278306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 29.278703] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.279414] [ 29.279660] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.280673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.281099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.281963] Call Trace: [ 29.282299] <TASK> [ 29.282648] dump_stack_lvl+0x73/0xb0 [ 29.283054] print_report+0xd1/0x640 [ 29.283533] ? __virt_addr_valid+0x1db/0x2d0 [ 29.284064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.284460] kasan_report+0x102/0x140 [ 29.284735] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.285234] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.285966] __asan_report_load4_noabort+0x18/0x20 [ 29.286627] kasan_atomics_helper+0x4b8a/0x5450 [ 29.287198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.287807] ? ret_from_fork_asm+0x1a/0x30 [ 29.288283] ? ret_from_fork+0x41/0x80 [ 29.288593] kasan_atomics+0x1dd/0x310 [ 29.289019] ? __pfx_kasan_atomics+0x10/0x10 [ 29.289696] ? __pfx_read_tsc+0x10/0x10 [ 29.290206] ? ktime_get_ts64+0x84/0x230 [ 29.290696] kunit_try_run_case+0x1b3/0x490 [ 29.291177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.291771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.292325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.292890] ? __kthread_parkme+0x82/0x160 [ 29.293457] ? preempt_count_sub+0x50/0x80 [ 29.293920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.294229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.294629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.295087] kthread+0x257/0x310 [ 29.295680] ? __pfx_kthread+0x10/0x10 [ 29.296216] ret_from_fork+0x41/0x80 [ 29.296789] ? __pfx_kthread+0x10/0x10 [ 29.297231] ret_from_fork_asm+0x1a/0x30 [ 29.297804] </TASK> [ 29.298171] [ 29.298442] Allocated by task 273: [ 29.298933] kasan_save_stack+0x3d/0x60 [ 29.299472] kasan_save_track+0x18/0x40 [ 29.299984] kasan_save_alloc_info+0x3b/0x50 [ 29.300545] __kasan_kmalloc+0xb7/0xc0 [ 29.300977] __kmalloc_cache_noprof+0x184/0x410 [ 29.301308] kasan_atomics+0x96/0x310 [ 29.301575] kunit_try_run_case+0x1b3/0x490 [ 29.301865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.302528] kthread+0x257/0x310 [ 29.302974] ret_from_fork+0x41/0x80 [ 29.303401] ret_from_fork_asm+0x1a/0x30 [ 29.303911] [ 29.304200] The buggy address belongs to the object at ffff888101abdc80 [ 29.304200] which belongs to the cache kmalloc-64 of size 64 [ 29.305241] The buggy address is located 0 bytes to the right of [ 29.305241] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.306230] [ 29.306439] The buggy address belongs to the physical page: [ 29.306733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.307622] flags: 0x200000000000000(node=0|zone=2) [ 29.308137] page_type: f5(slab) [ 29.308604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.309419] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.310070] page dumped because: kasan: bad access detected [ 29.310640] [ 29.310882] Memory state around the buggy address: [ 29.311236] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.312024] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.312481] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.313199] ^ [ 29.315060] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.315457] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.315810] ================================================================== [ 31.561308] ================================================================== [ 31.562127] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 31.562958] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.563352] [ 31.563539] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.564665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.565038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.565917] Call Trace: [ 31.566133] <TASK> [ 31.566423] dump_stack_lvl+0x73/0xb0 [ 31.566946] print_report+0xd1/0x640 [ 31.567394] ? __virt_addr_valid+0x1db/0x2d0 [ 31.567860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.568208] kasan_report+0x102/0x140 [ 31.568482] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.569073] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.569675] kasan_check_range+0x10c/0x1c0 [ 31.570189] __kasan_check_write+0x18/0x20 [ 31.570636] kasan_atomics_helper+0x1f44/0x5450 [ 31.572329] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.572998] ? ret_from_fork_asm+0x1a/0x30 [ 31.573294] ? ret_from_fork+0x41/0x80 [ 31.573743] kasan_atomics+0x1dd/0x310 [ 31.574212] ? __pfx_kasan_atomics+0x10/0x10 [ 31.576009] ? __pfx_read_tsc+0x10/0x10 [ 31.576521] ? ktime_get_ts64+0x84/0x230 [ 31.577067] kunit_try_run_case+0x1b3/0x490 [ 31.577655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.578260] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.578896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.579532] ? __kthread_parkme+0x82/0x160 [ 31.580069] ? preempt_count_sub+0x50/0x80 [ 31.580605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.580897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.581497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.582063] kthread+0x257/0x310 [ 31.582448] ? __pfx_kthread+0x10/0x10 [ 31.582741] ret_from_fork+0x41/0x80 [ 31.583223] ? __pfx_kthread+0x10/0x10 [ 31.583719] ret_from_fork_asm+0x1a/0x30 [ 31.584145] </TASK> [ 31.584488] [ 31.584690] Allocated by task 273: [ 31.585086] kasan_save_stack+0x3d/0x60 [ 31.585451] kasan_save_track+0x18/0x40 [ 31.585875] kasan_save_alloc_info+0x3b/0x50 [ 31.586434] __kasan_kmalloc+0xb7/0xc0 [ 31.586874] __kmalloc_cache_noprof+0x184/0x410 [ 31.587177] kasan_atomics+0x96/0x310 [ 31.587494] kunit_try_run_case+0x1b3/0x490 [ 31.587944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.588542] kthread+0x257/0x310 [ 31.588939] ret_from_fork+0x41/0x80 [ 31.589384] ret_from_fork_asm+0x1a/0x30 [ 31.589856] [ 31.590094] The buggy address belongs to the object at ffff888101abdc80 [ 31.590094] which belongs to the cache kmalloc-64 of size 64 [ 31.590709] The buggy address is located 0 bytes to the right of [ 31.590709] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.591866] [ 31.592101] The buggy address belongs to the physical page: [ 31.592582] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.593172] flags: 0x200000000000000(node=0|zone=2) [ 31.593734] page_type: f5(slab) [ 31.594083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.594533] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.595316] page dumped because: kasan: bad access detected [ 31.595847] [ 31.596068] Memory state around the buggy address: [ 31.596546] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.597075] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.597792] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.598314] ^ [ 31.598728] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.599519] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.600029] ================================================================== [ 31.682762] ================================================================== [ 31.683386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 31.684031] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.684588] [ 31.684876] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.685558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.685838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.686327] Call Trace: [ 31.686542] <TASK> [ 31.686740] dump_stack_lvl+0x73/0xb0 [ 31.687226] print_report+0xd1/0x640 [ 31.687696] ? __virt_addr_valid+0x1db/0x2d0 [ 31.688186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.688775] kasan_report+0x102/0x140 [ 31.689308] ? kasan_atomics_helper+0x4f9a/0x5450 [ 31.689809] ? kasan_atomics_helper+0x4f9a/0x5450 [ 31.690467] __asan_report_load8_noabort+0x18/0x20 [ 31.690939] kasan_atomics_helper+0x4f9a/0x5450 [ 31.691510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.691907] ? ret_from_fork_asm+0x1a/0x30 [ 31.692433] ? ret_from_fork+0x41/0x80 [ 31.692795] kasan_atomics+0x1dd/0x310 [ 31.693309] ? __pfx_kasan_atomics+0x10/0x10 [ 31.693625] ? __pfx_read_tsc+0x10/0x10 [ 31.693965] ? ktime_get_ts64+0x84/0x230 [ 31.694429] kunit_try_run_case+0x1b3/0x490 [ 31.694968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.695501] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.696289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.697034] ? __kthread_parkme+0x82/0x160 [ 31.699413] ? preempt_count_sub+0x50/0x80 [ 31.699857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.700361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.700787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.702840] kthread+0x257/0x310 [ 31.704024] ? __pfx_kthread+0x10/0x10 [ 31.704314] ret_from_fork+0x41/0x80 [ 31.704580] ? __pfx_kthread+0x10/0x10 [ 31.704866] ret_from_fork_asm+0x1a/0x30 [ 31.705321] </TASK> [ 31.705597] [ 31.705806] Allocated by task 273: [ 31.706802] kasan_save_stack+0x3d/0x60 [ 31.707255] kasan_save_track+0x18/0x40 [ 31.707652] kasan_save_alloc_info+0x3b/0x50 [ 31.708120] __kasan_kmalloc+0xb7/0xc0 [ 31.708642] __kmalloc_cache_noprof+0x184/0x410 [ 31.710154] kasan_atomics+0x96/0x310 [ 31.710563] kunit_try_run_case+0x1b3/0x490 [ 31.711206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.711794] kthread+0x257/0x310 [ 31.712192] ret_from_fork+0x41/0x80 [ 31.712922] ret_from_fork_asm+0x1a/0x30 [ 31.713552] [ 31.713778] The buggy address belongs to the object at ffff888101abdc80 [ 31.713778] which belongs to the cache kmalloc-64 of size 64 [ 31.714690] The buggy address is located 0 bytes to the right of [ 31.714690] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.715865] [ 31.716199] The buggy address belongs to the physical page: [ 31.716739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.717459] flags: 0x200000000000000(node=0|zone=2) [ 31.717783] page_type: f5(slab) [ 31.718162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.719192] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.720360] page dumped because: kasan: bad access detected [ 31.720966] [ 31.721124] Memory state around the buggy address: [ 31.721565] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.722420] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.722800] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.723549] ^ [ 31.724264] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.724863] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.725785] ================================================================== [ 31.435410] ================================================================== [ 31.435968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 31.436750] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.437395] [ 31.437670] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.438577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.439031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.439740] Call Trace: [ 31.440065] <TASK> [ 31.440473] dump_stack_lvl+0x73/0xb0 [ 31.441011] print_report+0xd1/0x640 [ 31.441440] ? __virt_addr_valid+0x1db/0x2d0 [ 31.441967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.442527] kasan_report+0x102/0x140 [ 31.442948] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.443597] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.444055] kasan_check_range+0x10c/0x1c0 [ 31.444565] __kasan_check_write+0x18/0x20 [ 31.445037] kasan_atomics_helper+0x1d7b/0x5450 [ 31.445591] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.446125] ? ret_from_fork_asm+0x1a/0x30 [ 31.446679] ? ret_from_fork+0x41/0x80 [ 31.447136] kasan_atomics+0x1dd/0x310 [ 31.447736] ? __pfx_kasan_atomics+0x10/0x10 [ 31.448075] ? __pfx_read_tsc+0x10/0x10 [ 31.448549] ? ktime_get_ts64+0x84/0x230 [ 31.449125] kunit_try_run_case+0x1b3/0x490 [ 31.449694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.450215] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.450585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.450924] ? __kthread_parkme+0x82/0x160 [ 31.451536] ? preempt_count_sub+0x50/0x80 [ 31.452105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.452708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.453437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.454020] kthread+0x257/0x310 [ 31.454392] ? __pfx_kthread+0x10/0x10 [ 31.454920] ret_from_fork+0x41/0x80 [ 31.455280] ? __pfx_kthread+0x10/0x10 [ 31.455706] ret_from_fork_asm+0x1a/0x30 [ 31.456104] </TASK> [ 31.456293] [ 31.456440] Allocated by task 273: [ 31.456665] kasan_save_stack+0x3d/0x60 [ 31.457161] kasan_save_track+0x18/0x40 [ 31.457631] kasan_save_alloc_info+0x3b/0x50 [ 31.458163] __kasan_kmalloc+0xb7/0xc0 [ 31.458707] __kmalloc_cache_noprof+0x184/0x410 [ 31.459235] kasan_atomics+0x96/0x310 [ 31.459768] kunit_try_run_case+0x1b3/0x490 [ 31.460227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.460594] kthread+0x257/0x310 [ 31.460854] ret_from_fork+0x41/0x80 [ 31.461370] ret_from_fork_asm+0x1a/0x30 [ 31.461954] [ 31.462188] The buggy address belongs to the object at ffff888101abdc80 [ 31.462188] which belongs to the cache kmalloc-64 of size 64 [ 31.463427] The buggy address is located 0 bytes to the right of [ 31.463427] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.464445] [ 31.464708] The buggy address belongs to the physical page: [ 31.465191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.465882] flags: 0x200000000000000(node=0|zone=2) [ 31.466424] page_type: f5(slab) [ 31.466896] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.467513] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.468140] page dumped because: kasan: bad access detected [ 31.468501] [ 31.468657] Memory state around the buggy address: [ 31.469158] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.470004] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.470755] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.471521] ^ [ 31.472004] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.472430] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.473157] ================================================================== [ 29.237731] ================================================================== [ 29.238952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 29.239600] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.240331] [ 29.240585] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.241235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.241721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.242432] Call Trace: [ 29.242697] <TASK> [ 29.242916] dump_stack_lvl+0x73/0xb0 [ 29.243430] print_report+0xd1/0x640 [ 29.243873] ? __virt_addr_valid+0x1db/0x2d0 [ 29.244414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.244900] kasan_report+0x102/0x140 [ 29.245177] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.245748] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.246322] __asan_report_store4_noabort+0x1b/0x30 [ 29.246879] kasan_atomics_helper+0x4ba4/0x5450 [ 29.247363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.247733] ? ret_from_fork_asm+0x1a/0x30 [ 29.248196] ? ret_from_fork+0x41/0x80 [ 29.248587] kasan_atomics+0x1dd/0x310 [ 29.248993] ? __pfx_kasan_atomics+0x10/0x10 [ 29.249529] ? __pfx_read_tsc+0x10/0x10 [ 29.250011] ? ktime_get_ts64+0x84/0x230 [ 29.250498] kunit_try_run_case+0x1b3/0x490 [ 29.250945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.251523] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.252287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.252730] ? __kthread_parkme+0x82/0x160 [ 29.253328] ? preempt_count_sub+0x50/0x80 [ 29.253969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.254486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.255291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.256011] kthread+0x257/0x310 [ 29.256301] ? __pfx_kthread+0x10/0x10 [ 29.256574] ret_from_fork+0x41/0x80 [ 29.256917] ? __pfx_kthread+0x10/0x10 [ 29.257467] ret_from_fork_asm+0x1a/0x30 [ 29.257963] </TASK> [ 29.258332] [ 29.258551] Allocated by task 273: [ 29.258980] kasan_save_stack+0x3d/0x60 [ 29.259515] kasan_save_track+0x18/0x40 [ 29.259959] kasan_save_alloc_info+0x3b/0x50 [ 29.260387] __kasan_kmalloc+0xb7/0xc0 [ 29.260799] __kmalloc_cache_noprof+0x184/0x410 [ 29.261143] kasan_atomics+0x96/0x310 [ 29.261660] kunit_try_run_case+0x1b3/0x490 [ 29.262200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.262730] kthread+0x257/0x310 [ 29.263290] ret_from_fork+0x41/0x80 [ 29.263613] ret_from_fork_asm+0x1a/0x30 [ 29.263907] [ 29.264200] The buggy address belongs to the object at ffff888101abdc80 [ 29.264200] which belongs to the cache kmalloc-64 of size 64 [ 29.265399] The buggy address is located 0 bytes to the right of [ 29.265399] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.266197] [ 29.266407] The buggy address belongs to the physical page: [ 29.266701] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.267626] flags: 0x200000000000000(node=0|zone=2) [ 29.268229] page_type: f5(slab) [ 29.268700] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.269538] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.270123] page dumped because: kasan: bad access detected [ 29.270687] [ 29.270925] Memory state around the buggy address: [ 29.271428] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.272073] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.272642] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.273231] ^ [ 29.273782] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.274459] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.275042] ================================================================== [ 31.848772] ================================================================== [ 31.850977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 31.851453] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.851857] [ 31.852015] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.854067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.854864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.856292] Call Trace: [ 31.856705] <TASK> [ 31.857197] dump_stack_lvl+0x73/0xb0 [ 31.857632] print_report+0xd1/0x640 [ 31.858002] ? __virt_addr_valid+0x1db/0x2d0 [ 31.859281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.859908] kasan_report+0x102/0x140 [ 31.860341] ? kasan_atomics_helper+0x4fa7/0x5450 [ 31.860755] ? kasan_atomics_helper+0x4fa7/0x5450 [ 31.861316] __asan_report_load8_noabort+0x18/0x20 [ 31.861839] kasan_atomics_helper+0x4fa7/0x5450 [ 31.862660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.863175] ? ret_from_fork_asm+0x1a/0x30 [ 31.864125] ? ret_from_fork+0x41/0x80 [ 31.864497] kasan_atomics+0x1dd/0x310 [ 31.864890] ? __pfx_kasan_atomics+0x10/0x10 [ 31.865764] ? __pfx_read_tsc+0x10/0x10 [ 31.866359] ? ktime_get_ts64+0x84/0x230 [ 31.866804] kunit_try_run_case+0x1b3/0x490 [ 31.867161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.867690] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.868068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.868630] ? __kthread_parkme+0x82/0x160 [ 31.869027] ? preempt_count_sub+0x50/0x80 [ 31.869575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.870175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.870791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.871256] kthread+0x257/0x310 [ 31.871615] ? __pfx_kthread+0x10/0x10 [ 31.872311] ret_from_fork+0x41/0x80 [ 31.873325] ? __pfx_kthread+0x10/0x10 [ 31.873894] ret_from_fork_asm+0x1a/0x30 [ 31.874632] </TASK> [ 31.874916] [ 31.875140] Allocated by task 273: [ 31.875463] kasan_save_stack+0x3d/0x60 [ 31.875914] kasan_save_track+0x18/0x40 [ 31.876958] kasan_save_alloc_info+0x3b/0x50 [ 31.877234] __kasan_kmalloc+0xb7/0xc0 [ 31.877730] __kmalloc_cache_noprof+0x184/0x410 [ 31.878805] kasan_atomics+0x96/0x310 [ 31.879219] kunit_try_run_case+0x1b3/0x490 [ 31.879709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.880520] kthread+0x257/0x310 [ 31.880940] ret_from_fork+0x41/0x80 [ 31.881675] ret_from_fork_asm+0x1a/0x30 [ 31.881960] [ 31.882174] The buggy address belongs to the object at ffff888101abdc80 [ 31.882174] which belongs to the cache kmalloc-64 of size 64 [ 31.883368] The buggy address is located 0 bytes to the right of [ 31.883368] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.885077] [ 31.885587] The buggy address belongs to the physical page: [ 31.885986] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.886874] flags: 0x200000000000000(node=0|zone=2) [ 31.887378] page_type: f5(slab) [ 31.888109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.888567] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.889268] page dumped because: kasan: bad access detected [ 31.890059] [ 31.890305] Memory state around the buggy address: [ 31.890974] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.891980] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.892661] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.893365] ^ [ 31.893848] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.894709] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.895242] ================================================================== [ 29.697072] ================================================================== [ 29.698304] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 29.698739] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.699448] [ 29.699688] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.700739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.701019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.701760] Call Trace: [ 29.702194] <TASK> [ 29.702512] dump_stack_lvl+0x73/0xb0 [ 29.702935] print_report+0xd1/0x640 [ 29.703218] ? __virt_addr_valid+0x1db/0x2d0 [ 29.703707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.704331] kasan_report+0x102/0x140 [ 29.704703] ? kasan_atomics_helper+0x7c8/0x5450 [ 29.705118] ? kasan_atomics_helper+0x7c8/0x5450 [ 29.705444] kasan_check_range+0x10c/0x1c0 [ 29.705965] __kasan_check_write+0x18/0x20 [ 29.706468] kasan_atomics_helper+0x7c8/0x5450 [ 29.706990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.707441] ? ret_from_fork_asm+0x1a/0x30 [ 29.708027] ? ret_from_fork+0x41/0x80 [ 29.708461] kasan_atomics+0x1dd/0x310 [ 29.708845] ? __pfx_kasan_atomics+0x10/0x10 [ 29.709378] ? __pfx_read_tsc+0x10/0x10 [ 29.709689] ? ktime_get_ts64+0x84/0x230 [ 29.710018] kunit_try_run_case+0x1b3/0x490 [ 29.710381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.710904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.711416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.711948] ? __kthread_parkme+0x82/0x160 [ 29.712414] ? preempt_count_sub+0x50/0x80 [ 29.712708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.713226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.714055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.714754] kthread+0x257/0x310 [ 29.715167] ? __pfx_kthread+0x10/0x10 [ 29.715613] ret_from_fork+0x41/0x80 [ 29.715916] ? __pfx_kthread+0x10/0x10 [ 29.716188] ret_from_fork_asm+0x1a/0x30 [ 29.716644] </TASK> [ 29.716948] [ 29.717203] Allocated by task 273: [ 29.717698] kasan_save_stack+0x3d/0x60 [ 29.718145] kasan_save_track+0x18/0x40 [ 29.718582] kasan_save_alloc_info+0x3b/0x50 [ 29.719048] __kasan_kmalloc+0xb7/0xc0 [ 29.719518] __kmalloc_cache_noprof+0x184/0x410 [ 29.719867] kasan_atomics+0x96/0x310 [ 29.720309] kunit_try_run_case+0x1b3/0x490 [ 29.720651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.721110] kthread+0x257/0x310 [ 29.721639] ret_from_fork+0x41/0x80 [ 29.721937] ret_from_fork_asm+0x1a/0x30 [ 29.722216] [ 29.722436] The buggy address belongs to the object at ffff888101abdc80 [ 29.722436] which belongs to the cache kmalloc-64 of size 64 [ 29.723688] The buggy address is located 0 bytes to the right of [ 29.723688] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.724454] [ 29.724614] The buggy address belongs to the physical page: [ 29.725142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.725871] flags: 0x200000000000000(node=0|zone=2) [ 29.726182] page_type: f5(slab) [ 29.726426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.726810] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.727556] page dumped because: kasan: bad access detected [ 29.728089] [ 29.728318] Memory state around the buggy address: [ 29.728786] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.729634] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.730236] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.730784] ^ [ 29.731095] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.731637] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.732361] ================================================================== [ 30.690973] ================================================================== [ 30.691610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 30.692561] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.693346] [ 30.693458] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.693750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.693983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.694583] Call Trace: [ 30.694949] <TASK> [ 30.695252] dump_stack_lvl+0x73/0xb0 [ 30.695605] print_report+0xd1/0x640 [ 30.695988] ? __virt_addr_valid+0x1db/0x2d0 [ 30.696559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.696998] kasan_report+0x102/0x140 [ 30.697495] ? kasan_atomics_helper+0x4eb0/0x5450 [ 30.697933] ? kasan_atomics_helper+0x4eb0/0x5450 [ 30.698498] __asan_report_load8_noabort+0x18/0x20 [ 30.699008] kasan_atomics_helper+0x4eb0/0x5450 [ 30.699551] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.700047] ? ret_from_fork_asm+0x1a/0x30 [ 30.700421] ? ret_from_fork+0x41/0x80 [ 30.700898] kasan_atomics+0x1dd/0x310 [ 30.701328] ? __pfx_kasan_atomics+0x10/0x10 [ 30.701752] ? __pfx_read_tsc+0x10/0x10 [ 30.702064] ? ktime_get_ts64+0x84/0x230 [ 30.702440] kunit_try_run_case+0x1b3/0x490 [ 30.702962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.703514] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.704028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.704510] ? __kthread_parkme+0x82/0x160 [ 30.704802] ? preempt_count_sub+0x50/0x80 [ 30.705294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.705743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.706322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.706887] kthread+0x257/0x310 [ 30.707185] ? __pfx_kthread+0x10/0x10 [ 30.707669] ret_from_fork+0x41/0x80 [ 30.708089] ? __pfx_kthread+0x10/0x10 [ 30.708471] ret_from_fork_asm+0x1a/0x30 [ 30.709031] </TASK> [ 30.709311] [ 30.709542] Allocated by task 273: [ 30.709785] kasan_save_stack+0x3d/0x60 [ 30.710246] kasan_save_track+0x18/0x40 [ 30.710679] kasan_save_alloc_info+0x3b/0x50 [ 30.711072] __kasan_kmalloc+0xb7/0xc0 [ 30.711383] __kmalloc_cache_noprof+0x184/0x410 [ 30.712115] kasan_atomics+0x96/0x310 [ 30.712585] kunit_try_run_case+0x1b3/0x490 [ 30.712895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.713215] kthread+0x257/0x310 [ 30.713575] ret_from_fork+0x41/0x80 [ 30.716292] ret_from_fork_asm+0x1a/0x30 [ 30.717565] [ 30.717867] The buggy address belongs to the object at ffff888101abdc80 [ 30.717867] which belongs to the cache kmalloc-64 of size 64 [ 30.719198] The buggy address is located 0 bytes to the right of [ 30.719198] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.720515] [ 30.720807] The buggy address belongs to the physical page: [ 30.721452] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.722339] flags: 0x200000000000000(node=0|zone=2) [ 30.722727] page_type: f5(slab) [ 30.723182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.724288] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.724522] page dumped because: kasan: bad access detected [ 30.724691] [ 30.724770] Memory state around the buggy address: [ 30.725032] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.725720] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.727201] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.727886] ^ [ 30.728238] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.728674] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.729379] ================================================================== [ 31.601628] ================================================================== [ 31.602343] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 31.604148] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.604619] [ 31.604806] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.605520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.606461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.608066] Call Trace: [ 31.608752] <TASK> [ 31.609055] dump_stack_lvl+0x73/0xb0 [ 31.609533] print_report+0xd1/0x640 [ 31.610071] ? __virt_addr_valid+0x1db/0x2d0 [ 31.610591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.611233] kasan_report+0x102/0x140 [ 31.611770] ? kasan_atomics_helper+0x4f73/0x5450 [ 31.612166] ? kasan_atomics_helper+0x4f73/0x5450 [ 31.612803] __asan_report_load8_noabort+0x18/0x20 [ 31.613529] kasan_atomics_helper+0x4f73/0x5450 [ 31.613918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.614354] ? ret_from_fork_asm+0x1a/0x30 [ 31.614726] ? ret_from_fork+0x41/0x80 [ 31.615174] kasan_atomics+0x1dd/0x310 [ 31.615568] ? __pfx_kasan_atomics+0x10/0x10 [ 31.616677] ? __pfx_read_tsc+0x10/0x10 [ 31.617319] ? ktime_get_ts64+0x84/0x230 [ 31.617962] kunit_try_run_case+0x1b3/0x490 [ 31.618613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.619052] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.619560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.620216] ? __kthread_parkme+0x82/0x160 [ 31.621136] ? preempt_count_sub+0x50/0x80 [ 31.621771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.622728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.623195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.623929] kthread+0x257/0x310 [ 31.624553] ? __pfx_kthread+0x10/0x10 [ 31.625249] ret_from_fork+0x41/0x80 [ 31.625739] ? __pfx_kthread+0x10/0x10 [ 31.626191] ret_from_fork_asm+0x1a/0x30 [ 31.626614] </TASK> [ 31.626920] [ 31.627142] Allocated by task 273: [ 31.627466] kasan_save_stack+0x3d/0x60 [ 31.627850] kasan_save_track+0x18/0x40 [ 31.628269] kasan_save_alloc_info+0x3b/0x50 [ 31.629240] __kasan_kmalloc+0xb7/0xc0 [ 31.629584] __kmalloc_cache_noprof+0x184/0x410 [ 31.629909] kasan_atomics+0x96/0x310 [ 31.630174] kunit_try_run_case+0x1b3/0x490 [ 31.631099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.631792] kthread+0x257/0x310 [ 31.632305] ret_from_fork+0x41/0x80 [ 31.632887] ret_from_fork_asm+0x1a/0x30 [ 31.633449] [ 31.633685] The buggy address belongs to the object at ffff888101abdc80 [ 31.633685] which belongs to the cache kmalloc-64 of size 64 [ 31.634976] The buggy address is located 0 bytes to the right of [ 31.634976] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.636306] [ 31.636609] The buggy address belongs to the physical page: [ 31.637208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.638085] flags: 0x200000000000000(node=0|zone=2) [ 31.638515] page_type: f5(slab) [ 31.638849] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.639639] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.640278] page dumped because: kasan: bad access detected [ 31.640848] [ 31.641034] Memory state around the buggy address: [ 31.641381] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.642105] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.642588] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.643304] ^ [ 31.643681] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.644183] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.644854] ================================================================== [ 31.896379] ================================================================== [ 31.898351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 31.898986] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.900149] [ 31.900922] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.902109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.902777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.903457] Call Trace: [ 31.903694] <TASK> [ 31.904254] dump_stack_lvl+0x73/0xb0 [ 31.904668] print_report+0xd1/0x640 [ 31.905036] ? __virt_addr_valid+0x1db/0x2d0 [ 31.905898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.906631] kasan_report+0x102/0x140 [ 31.907032] ? kasan_atomics_helper+0x224d/0x5450 [ 31.907799] ? kasan_atomics_helper+0x224d/0x5450 [ 31.908275] kasan_check_range+0x10c/0x1c0 [ 31.909062] __kasan_check_write+0x18/0x20 [ 31.909661] kasan_atomics_helper+0x224d/0x5450 [ 31.910134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.910904] ? ret_from_fork_asm+0x1a/0x30 [ 31.911328] ? ret_from_fork+0x41/0x80 [ 31.912151] kasan_atomics+0x1dd/0x310 [ 31.913025] ? __pfx_kasan_atomics+0x10/0x10 [ 31.913565] ? __pfx_read_tsc+0x10/0x10 [ 31.913925] ? ktime_get_ts64+0x84/0x230 [ 31.914315] kunit_try_run_case+0x1b3/0x490 [ 31.915091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.915892] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.916463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.917033] ? __kthread_parkme+0x82/0x160 [ 31.917681] ? preempt_count_sub+0x50/0x80 [ 31.918152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.918455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.919193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.919917] kthread+0x257/0x310 [ 31.920415] ? __pfx_kthread+0x10/0x10 [ 31.920869] ret_from_fork+0x41/0x80 [ 31.921070] ? __pfx_kthread+0x10/0x10 [ 31.921222] ret_from_fork_asm+0x1a/0x30 [ 31.921491] </TASK> [ 31.921769] [ 31.921988] Allocated by task 273: [ 31.922315] kasan_save_stack+0x3d/0x60 [ 31.922593] kasan_save_track+0x18/0x40 [ 31.923019] kasan_save_alloc_info+0x3b/0x50 [ 31.923534] __kasan_kmalloc+0xb7/0xc0 [ 31.923936] __kmalloc_cache_noprof+0x184/0x410 [ 31.924233] kasan_atomics+0x96/0x310 [ 31.924639] kunit_try_run_case+0x1b3/0x490 [ 31.925141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.925882] kthread+0x257/0x310 [ 31.926157] ret_from_fork+0x41/0x80 [ 31.926617] ret_from_fork_asm+0x1a/0x30 [ 31.926963] [ 31.927232] The buggy address belongs to the object at ffff888101abdc80 [ 31.927232] which belongs to the cache kmalloc-64 of size 64 [ 31.927883] The buggy address is located 0 bytes to the right of [ 31.927883] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.929134] [ 31.929405] The buggy address belongs to the physical page: [ 31.929775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.930496] flags: 0x200000000000000(node=0|zone=2) [ 31.931017] page_type: f5(slab) [ 31.931263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.931654] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.932052] page dumped because: kasan: bad access detected [ 31.932484] [ 31.932741] Memory state around the buggy address: [ 31.933259] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.934176] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.934784] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.935173] ^ [ 31.935724] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.936507] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.937127] ================================================================== [ 31.134789] ================================================================== [ 31.135721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 31.136552] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.137050] [ 31.137254] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.138962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.139886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.140655] Call Trace: [ 31.140925] <TASK> [ 31.141209] dump_stack_lvl+0x73/0xb0 [ 31.141811] print_report+0xd1/0x640 [ 31.142222] ? __virt_addr_valid+0x1db/0x2d0 [ 31.142530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.143334] kasan_report+0x102/0x140 [ 31.143962] ? kasan_atomics_helper+0x194b/0x5450 [ 31.144447] ? kasan_atomics_helper+0x194b/0x5450 [ 31.144918] kasan_check_range+0x10c/0x1c0 [ 31.145504] __kasan_check_write+0x18/0x20 [ 31.146134] kasan_atomics_helper+0x194b/0x5450 [ 31.146761] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.147121] ? ret_from_fork_asm+0x1a/0x30 [ 31.147784] ? ret_from_fork+0x41/0x80 [ 31.148309] kasan_atomics+0x1dd/0x310 [ 31.148751] ? __pfx_kasan_atomics+0x10/0x10 [ 31.149282] ? __pfx_read_tsc+0x10/0x10 [ 31.149738] ? ktime_get_ts64+0x84/0x230 [ 31.150350] kunit_try_run_case+0x1b3/0x490 [ 31.150833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.151291] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.151788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.152373] ? __kthread_parkme+0x82/0x160 [ 31.152974] ? preempt_count_sub+0x50/0x80 [ 31.153287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.154165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.154719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.155095] kthread+0x257/0x310 [ 31.155723] ? __pfx_kthread+0x10/0x10 [ 31.156286] ret_from_fork+0x41/0x80 [ 31.156919] ? __pfx_kthread+0x10/0x10 [ 31.157408] ret_from_fork_asm+0x1a/0x30 [ 31.157723] </TASK> [ 31.158071] [ 31.158319] Allocated by task 273: [ 31.159004] kasan_save_stack+0x3d/0x60 [ 31.159633] kasan_save_track+0x18/0x40 [ 31.160077] kasan_save_alloc_info+0x3b/0x50 [ 31.160423] __kasan_kmalloc+0xb7/0xc0 [ 31.160686] __kmalloc_cache_noprof+0x184/0x410 [ 31.161358] kasan_atomics+0x96/0x310 [ 31.162048] kunit_try_run_case+0x1b3/0x490 [ 31.162660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.163038] kthread+0x257/0x310 [ 31.163641] ret_from_fork+0x41/0x80 [ 31.164068] ret_from_fork_asm+0x1a/0x30 [ 31.164485] [ 31.164644] The buggy address belongs to the object at ffff888101abdc80 [ 31.164644] which belongs to the cache kmalloc-64 of size 64 [ 31.165860] The buggy address is located 0 bytes to the right of [ 31.165860] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.167192] [ 31.167357] The buggy address belongs to the physical page: [ 31.167723] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.169000] flags: 0x200000000000000(node=0|zone=2) [ 31.169708] page_type: f5(slab) [ 31.170109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.170989] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.171503] page dumped because: kasan: bad access detected [ 31.172037] [ 31.172221] Memory state around the buggy address: [ 31.173261] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.173644] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.174561] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.175655] ^ [ 31.175981] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.176878] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.177678] ================================================================== [ 29.820540] ================================================================== [ 29.821205] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 29.821744] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.822410] [ 29.822602] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.823330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.823733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.824599] Call Trace: [ 29.824877] <TASK> [ 29.825277] dump_stack_lvl+0x73/0xb0 [ 29.825696] print_report+0xd1/0x640 [ 29.826212] ? __virt_addr_valid+0x1db/0x2d0 [ 29.826744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.827391] kasan_report+0x102/0x140 [ 29.827674] ? kasan_atomics_helper+0x993/0x5450 [ 29.828172] ? kasan_atomics_helper+0x993/0x5450 [ 29.828922] kasan_check_range+0x10c/0x1c0 [ 29.829561] __kasan_check_write+0x18/0x20 [ 29.830104] kasan_atomics_helper+0x993/0x5450 [ 29.830569] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.831142] ? ret_from_fork_asm+0x1a/0x30 [ 29.831485] ? ret_from_fork+0x41/0x80 [ 29.831804] kasan_atomics+0x1dd/0x310 [ 29.832378] ? __pfx_kasan_atomics+0x10/0x10 [ 29.833045] ? __pfx_read_tsc+0x10/0x10 [ 29.833594] ? ktime_get_ts64+0x84/0x230 [ 29.834135] kunit_try_run_case+0x1b3/0x490 [ 29.834714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.835123] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.835789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.836146] ? __kthread_parkme+0x82/0x160 [ 29.836478] ? preempt_count_sub+0x50/0x80 [ 29.836946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.837564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.838336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.838963] kthread+0x257/0x310 [ 29.839240] ? __pfx_kthread+0x10/0x10 [ 29.839631] ret_from_fork+0x41/0x80 [ 29.839968] ? __pfx_kthread+0x10/0x10 [ 29.840492] ret_from_fork_asm+0x1a/0x30 [ 29.841049] </TASK> [ 29.841456] [ 29.841679] Allocated by task 273: [ 29.842065] kasan_save_stack+0x3d/0x60 [ 29.842597] kasan_save_track+0x18/0x40 [ 29.843108] kasan_save_alloc_info+0x3b/0x50 [ 29.843563] __kasan_kmalloc+0xb7/0xc0 [ 29.843851] __kmalloc_cache_noprof+0x184/0x410 [ 29.844299] kasan_atomics+0x96/0x310 [ 29.844798] kunit_try_run_case+0x1b3/0x490 [ 29.845435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.846087] kthread+0x257/0x310 [ 29.846491] ret_from_fork+0x41/0x80 [ 29.846756] ret_from_fork_asm+0x1a/0x30 [ 29.847213] [ 29.847478] The buggy address belongs to the object at ffff888101abdc80 [ 29.847478] which belongs to the cache kmalloc-64 of size 64 [ 29.849952] The buggy address is located 0 bytes to the right of [ 29.849952] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.851663] [ 29.851930] The buggy address belongs to the physical page: [ 29.852511] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.853414] flags: 0x200000000000000(node=0|zone=2) [ 29.854169] page_type: f5(slab) [ 29.854717] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.855724] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.856258] page dumped because: kasan: bad access detected [ 29.856661] [ 29.856851] Memory state around the buggy address: [ 29.857255] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.857955] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.858543] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.858970] ^ [ 29.859306] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.859981] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.860860] ================================================================== [ 29.364152] ================================================================== [ 29.364915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 29.366265] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.366774] [ 29.366978] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.367951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.368249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.368994] Call Trace: [ 29.369351] <TASK> [ 29.369621] dump_stack_lvl+0x73/0xb0 [ 29.370074] print_report+0xd1/0x640 [ 29.370363] ? __virt_addr_valid+0x1db/0x2d0 [ 29.370899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.371241] kasan_report+0x102/0x140 [ 29.371662] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.372181] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.372560] kasan_check_range+0x10c/0x1c0 [ 29.372951] __kasan_check_read+0x15/0x20 [ 29.373420] kasan_atomics_helper+0x3e0/0x5450 [ 29.373769] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.374299] ? ret_from_fork_asm+0x1a/0x30 [ 29.374601] ? ret_from_fork+0x41/0x80 [ 29.375065] kasan_atomics+0x1dd/0x310 [ 29.375517] ? __pfx_kasan_atomics+0x10/0x10 [ 29.375811] ? __pfx_read_tsc+0x10/0x10 [ 29.377146] ? ktime_get_ts64+0x84/0x230 [ 29.378764] kunit_try_run_case+0x1b3/0x490 [ 29.379380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.380178] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.380815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.381308] ? __kthread_parkme+0x82/0x160 [ 29.381686] ? preempt_count_sub+0x50/0x80 [ 29.382159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.382581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.383782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.384514] kthread+0x257/0x310 [ 29.385120] ? __pfx_kthread+0x10/0x10 [ 29.385811] ret_from_fork+0x41/0x80 [ 29.386454] ? __pfx_kthread+0x10/0x10 [ 29.387113] ret_from_fork_asm+0x1a/0x30 [ 29.387560] </TASK> [ 29.387862] [ 29.388343] Allocated by task 273: [ 29.388912] kasan_save_stack+0x3d/0x60 [ 29.389269] kasan_save_track+0x18/0x40 [ 29.390145] kasan_save_alloc_info+0x3b/0x50 [ 29.390773] __kasan_kmalloc+0xb7/0xc0 [ 29.391130] __kmalloc_cache_noprof+0x184/0x410 [ 29.391619] kasan_atomics+0x96/0x310 [ 29.392198] kunit_try_run_case+0x1b3/0x490 [ 29.392609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.393494] kthread+0x257/0x310 [ 29.393881] ret_from_fork+0x41/0x80 [ 29.394646] ret_from_fork_asm+0x1a/0x30 [ 29.395140] [ 29.395423] The buggy address belongs to the object at ffff888101abdc80 [ 29.395423] which belongs to the cache kmalloc-64 of size 64 [ 29.396194] The buggy address is located 0 bytes to the right of [ 29.396194] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.397796] [ 29.398052] The buggy address belongs to the physical page: [ 29.398739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.399807] flags: 0x200000000000000(node=0|zone=2) [ 29.400187] page_type: f5(slab) [ 29.400610] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.401577] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.402416] page dumped because: kasan: bad access detected [ 29.403048] [ 29.403270] Memory state around the buggy address: [ 29.403923] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.404487] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.405258] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.406228] ^ [ 29.406426] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.406635] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.406853] ================================================================== [ 29.776187] ================================================================== [ 29.776795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 29.777513] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.778152] [ 29.778449] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.779124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.779555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.780424] Call Trace: [ 29.780737] <TASK> [ 29.781038] dump_stack_lvl+0x73/0xb0 [ 29.781545] print_report+0xd1/0x640 [ 29.781958] ? __virt_addr_valid+0x1db/0x2d0 [ 29.782360] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.782919] kasan_report+0x102/0x140 [ 29.783428] ? kasan_atomics_helper+0x8fa/0x5450 [ 29.783759] ? kasan_atomics_helper+0x8fa/0x5450 [ 29.784103] kasan_check_range+0x10c/0x1c0 [ 29.784641] __kasan_check_write+0x18/0x20 [ 29.785118] kasan_atomics_helper+0x8fa/0x5450 [ 29.785675] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.786206] ? ret_from_fork_asm+0x1a/0x30 [ 29.786699] ? ret_from_fork+0x41/0x80 [ 29.787194] kasan_atomics+0x1dd/0x310 [ 29.787640] ? __pfx_kasan_atomics+0x10/0x10 [ 29.787952] ? __pfx_read_tsc+0x10/0x10 [ 29.788314] ? ktime_get_ts64+0x84/0x230 [ 29.788677] kunit_try_run_case+0x1b3/0x490 [ 29.790158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.790522] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.790885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.792609] ? __kthread_parkme+0x82/0x160 [ 29.793362] ? preempt_count_sub+0x50/0x80 [ 29.794214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.794663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.795202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.796228] kthread+0x257/0x310 [ 29.796887] ? __pfx_kthread+0x10/0x10 [ 29.797514] ret_from_fork+0x41/0x80 [ 29.797926] ? __pfx_kthread+0x10/0x10 [ 29.798335] ret_from_fork_asm+0x1a/0x30 [ 29.798768] </TASK> [ 29.799163] [ 29.799392] Allocated by task 273: [ 29.800010] kasan_save_stack+0x3d/0x60 [ 29.800517] kasan_save_track+0x18/0x40 [ 29.801107] kasan_save_alloc_info+0x3b/0x50 [ 29.801718] __kasan_kmalloc+0xb7/0xc0 [ 29.802266] __kmalloc_cache_noprof+0x184/0x410 [ 29.803025] kasan_atomics+0x96/0x310 [ 29.803581] kunit_try_run_case+0x1b3/0x490 [ 29.803889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.804423] kthread+0x257/0x310 [ 29.805551] ret_from_fork+0x41/0x80 [ 29.805916] ret_from_fork_asm+0x1a/0x30 [ 29.806209] [ 29.806816] The buggy address belongs to the object at ffff888101abdc80 [ 29.806816] which belongs to the cache kmalloc-64 of size 64 [ 29.807813] The buggy address is located 0 bytes to the right of [ 29.807813] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.809104] [ 29.809333] The buggy address belongs to the physical page: [ 29.810086] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.811112] flags: 0x200000000000000(node=0|zone=2) [ 29.811795] page_type: f5(slab) [ 29.812219] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.813090] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.814104] page dumped because: kasan: bad access detected [ 29.814492] [ 29.814709] Memory state around the buggy address: [ 29.815434] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.816294] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.816907] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.817438] ^ [ 29.817915] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.818416] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.818912] ================================================================== [ 29.733872] ================================================================== [ 29.734797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 29.735560] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.736171] [ 29.736426] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.737095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.737355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.737788] Call Trace: [ 29.738129] <TASK> [ 29.738418] dump_stack_lvl+0x73/0xb0 [ 29.738967] print_report+0xd1/0x640 [ 29.739432] ? __virt_addr_valid+0x1db/0x2d0 [ 29.739932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.740568] kasan_report+0x102/0x140 [ 29.740993] ? kasan_atomics_helper+0x861/0x5450 [ 29.741531] ? kasan_atomics_helper+0x861/0x5450 [ 29.741939] kasan_check_range+0x10c/0x1c0 [ 29.742439] __kasan_check_write+0x18/0x20 [ 29.742849] kasan_atomics_helper+0x861/0x5450 [ 29.743163] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.743656] ? ret_from_fork_asm+0x1a/0x30 [ 29.744317] ? ret_from_fork+0x41/0x80 [ 29.744806] kasan_atomics+0x1dd/0x310 [ 29.745243] ? __pfx_kasan_atomics+0x10/0x10 [ 29.745647] ? __pfx_read_tsc+0x10/0x10 [ 29.746039] ? ktime_get_ts64+0x84/0x230 [ 29.746590] kunit_try_run_case+0x1b3/0x490 [ 29.747115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.747738] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.748184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.748725] ? __kthread_parkme+0x82/0x160 [ 29.749157] ? preempt_count_sub+0x50/0x80 [ 29.749461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.749761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.752546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.752914] kthread+0x257/0x310 [ 29.753175] ? __pfx_kthread+0x10/0x10 [ 29.753449] ret_from_fork+0x41/0x80 [ 29.753721] ? __pfx_kthread+0x10/0x10 [ 29.756436] ret_from_fork_asm+0x1a/0x30 [ 29.757807] </TASK> [ 29.758312] [ 29.758549] Allocated by task 273: [ 29.758929] kasan_save_stack+0x3d/0x60 [ 29.759412] kasan_save_track+0x18/0x40 [ 29.759816] kasan_save_alloc_info+0x3b/0x50 [ 29.760319] __kasan_kmalloc+0xb7/0xc0 [ 29.760740] __kmalloc_cache_noprof+0x184/0x410 [ 29.761060] kasan_atomics+0x96/0x310 [ 29.761556] kunit_try_run_case+0x1b3/0x490 [ 29.761959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.762541] kthread+0x257/0x310 [ 29.762862] ret_from_fork+0x41/0x80 [ 29.763426] ret_from_fork_asm+0x1a/0x30 [ 29.763861] [ 29.764112] The buggy address belongs to the object at ffff888101abdc80 [ 29.764112] which belongs to the cache kmalloc-64 of size 64 [ 29.765075] The buggy address is located 0 bytes to the right of [ 29.765075] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.765940] [ 29.766172] The buggy address belongs to the physical page: [ 29.766721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.767351] flags: 0x200000000000000(node=0|zone=2) [ 29.767989] page_type: f5(slab) [ 29.768453] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.769119] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.769790] page dumped because: kasan: bad access detected [ 29.770409] [ 29.770580] Memory state around the buggy address: [ 29.770879] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.771291] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.771958] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.772669] ^ [ 29.773158] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.773876] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.774410] ================================================================== [ 30.107721] ================================================================== [ 30.108345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 30.108756] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.109255] [ 30.109439] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.111001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.111772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.112419] Call Trace: [ 30.113070] <TASK> [ 30.113318] dump_stack_lvl+0x73/0xb0 [ 30.114064] print_report+0xd1/0x640 [ 30.114610] ? __virt_addr_valid+0x1db/0x2d0 [ 30.115071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.115866] kasan_report+0x102/0x140 [ 30.116222] ? kasan_atomics_helper+0xde1/0x5450 [ 30.117405] ? kasan_atomics_helper+0xde1/0x5450 [ 30.117779] kasan_check_range+0x10c/0x1c0 [ 30.118449] __kasan_check_write+0x18/0x20 [ 30.119174] kasan_atomics_helper+0xde1/0x5450 [ 30.120251] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.120697] ? ret_from_fork_asm+0x1a/0x30 [ 30.121293] ? ret_from_fork+0x41/0x80 [ 30.122028] kasan_atomics+0x1dd/0x310 [ 30.122428] ? __pfx_kasan_atomics+0x10/0x10 [ 30.122808] ? __pfx_read_tsc+0x10/0x10 [ 30.123246] ? ktime_get_ts64+0x84/0x230 [ 30.123811] kunit_try_run_case+0x1b3/0x490 [ 30.124227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.124801] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.125198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.125526] ? __kthread_parkme+0x82/0x160 [ 30.126023] ? preempt_count_sub+0x50/0x80 [ 30.126806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.128001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.128586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.129418] kthread+0x257/0x310 [ 30.129854] ? __pfx_kthread+0x10/0x10 [ 30.130646] ret_from_fork+0x41/0x80 [ 30.131108] ? __pfx_kthread+0x10/0x10 [ 30.131887] ret_from_fork_asm+0x1a/0x30 [ 30.132424] </TASK> [ 30.132653] [ 30.132889] Allocated by task 273: [ 30.133698] kasan_save_stack+0x3d/0x60 [ 30.134138] kasan_save_track+0x18/0x40 [ 30.134519] kasan_save_alloc_info+0x3b/0x50 [ 30.135316] __kasan_kmalloc+0xb7/0xc0 [ 30.135792] __kmalloc_cache_noprof+0x184/0x410 [ 30.136270] kasan_atomics+0x96/0x310 [ 30.137128] kunit_try_run_case+0x1b3/0x490 [ 30.137495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.138366] kthread+0x257/0x310 [ 30.138737] ret_from_fork+0x41/0x80 [ 30.139159] ret_from_fork_asm+0x1a/0x30 [ 30.140139] [ 30.140337] The buggy address belongs to the object at ffff888101abdc80 [ 30.140337] which belongs to the cache kmalloc-64 of size 64 [ 30.140975] The buggy address is located 0 bytes to the right of [ 30.140975] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.143351] [ 30.143550] The buggy address belongs to the physical page: [ 30.143884] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.144942] flags: 0x200000000000000(node=0|zone=2) [ 30.145322] page_type: f5(slab) [ 30.146091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.147042] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.147846] page dumped because: kasan: bad access detected [ 30.148481] [ 30.148657] Memory state around the buggy address: [ 30.149121] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.149913] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.150346] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.150663] ^ [ 30.150905] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.151121] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.151324] ================================================================== [ 30.193584] ================================================================== [ 30.194344] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 30.195106] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.195779] [ 30.196077] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.196773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.197064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.197769] Call Trace: [ 30.198361] <TASK> [ 30.198612] dump_stack_lvl+0x73/0xb0 [ 30.200008] print_report+0xd1/0x640 [ 30.200386] ? __virt_addr_valid+0x1db/0x2d0 [ 30.202446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.203116] kasan_report+0x102/0x140 [ 30.203775] ? kasan_atomics_helper+0xf11/0x5450 [ 30.204538] ? kasan_atomics_helper+0xf11/0x5450 [ 30.204951] kasan_check_range+0x10c/0x1c0 [ 30.205548] __kasan_check_write+0x18/0x20 [ 30.206118] kasan_atomics_helper+0xf11/0x5450 [ 30.206599] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.207098] ? ret_from_fork_asm+0x1a/0x30 [ 30.207439] ? ret_from_fork+0x41/0x80 [ 30.207987] kasan_atomics+0x1dd/0x310 [ 30.208453] ? __pfx_kasan_atomics+0x10/0x10 [ 30.208814] ? __pfx_read_tsc+0x10/0x10 [ 30.209218] ? ktime_get_ts64+0x84/0x230 [ 30.209725] kunit_try_run_case+0x1b3/0x490 [ 30.210288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.210681] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.211287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.211812] ? __kthread_parkme+0x82/0x160 [ 30.212281] ? preempt_count_sub+0x50/0x80 [ 30.212771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.213308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.213673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.214344] kthread+0x257/0x310 [ 30.214743] ? __pfx_kthread+0x10/0x10 [ 30.215122] ret_from_fork+0x41/0x80 [ 30.215596] ? __pfx_kthread+0x10/0x10 [ 30.216035] ret_from_fork_asm+0x1a/0x30 [ 30.216545] </TASK> [ 30.216846] [ 30.217111] Allocated by task 273: [ 30.217462] kasan_save_stack+0x3d/0x60 [ 30.217942] kasan_save_track+0x18/0x40 [ 30.218346] kasan_save_alloc_info+0x3b/0x50 [ 30.218761] __kasan_kmalloc+0xb7/0xc0 [ 30.219220] __kmalloc_cache_noprof+0x184/0x410 [ 30.219591] kasan_atomics+0x96/0x310 [ 30.220019] kunit_try_run_case+0x1b3/0x490 [ 30.220389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.220711] kthread+0x257/0x310 [ 30.221151] ret_from_fork+0x41/0x80 [ 30.221595] ret_from_fork_asm+0x1a/0x30 [ 30.222099] [ 30.222408] The buggy address belongs to the object at ffff888101abdc80 [ 30.222408] which belongs to the cache kmalloc-64 of size 64 [ 30.223488] The buggy address is located 0 bytes to the right of [ 30.223488] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.224163] [ 30.224446] The buggy address belongs to the physical page: [ 30.224990] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.225736] flags: 0x200000000000000(node=0|zone=2) [ 30.226225] page_type: f5(slab) [ 30.226514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.226923] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.227338] page dumped because: kasan: bad access detected [ 30.227899] [ 30.228160] Memory state around the buggy address: [ 30.229640] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.230731] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.232185] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.232900] ^ [ 30.233444] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.234134] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.234682] ================================================================== [ 29.484059] ================================================================== [ 29.484505] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 29.484956] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.485709] [ 29.486024] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.487193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.487473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.487930] Call Trace: [ 29.488139] <TASK> [ 29.488326] dump_stack_lvl+0x73/0xb0 [ 29.488803] print_report+0xd1/0x640 [ 29.489290] ? __virt_addr_valid+0x1db/0x2d0 [ 29.489917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.490609] kasan_report+0x102/0x140 [ 29.491056] ? kasan_atomics_helper+0x4b3c/0x5450 [ 29.491688] ? kasan_atomics_helper+0x4b3c/0x5450 [ 29.492200] __asan_report_store4_noabort+0x1b/0x30 [ 29.492702] kasan_atomics_helper+0x4b3c/0x5450 [ 29.493040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.493415] ? ret_from_fork_asm+0x1a/0x30 [ 29.494051] ? ret_from_fork+0x41/0x80 [ 29.494612] kasan_atomics+0x1dd/0x310 [ 29.495045] ? __pfx_kasan_atomics+0x10/0x10 [ 29.495440] ? __pfx_read_tsc+0x10/0x10 [ 29.495894] ? ktime_get_ts64+0x84/0x230 [ 29.496396] kunit_try_run_case+0x1b3/0x490 [ 29.496772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.497269] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.497742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.498171] ? __kthread_parkme+0x82/0x160 [ 29.498645] ? preempt_count_sub+0x50/0x80 [ 29.499021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.499341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.499695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.500366] kthread+0x257/0x310 [ 29.500789] ? __pfx_kthread+0x10/0x10 [ 29.501277] ret_from_fork+0x41/0x80 [ 29.501726] ? __pfx_kthread+0x10/0x10 [ 29.502108] ret_from_fork_asm+0x1a/0x30 [ 29.503007] </TASK> [ 29.503253] [ 29.503441] Allocated by task 273: [ 29.503752] kasan_save_stack+0x3d/0x60 [ 29.504134] kasan_save_track+0x18/0x40 [ 29.505005] kasan_save_alloc_info+0x3b/0x50 [ 29.505326] __kasan_kmalloc+0xb7/0xc0 [ 29.505592] __kmalloc_cache_noprof+0x184/0x410 [ 29.505915] kasan_atomics+0x96/0x310 [ 29.506180] kunit_try_run_case+0x1b3/0x490 [ 29.506460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.506776] kthread+0x257/0x310 [ 29.509452] ret_from_fork+0x41/0x80 [ 29.509921] ret_from_fork_asm+0x1a/0x30 [ 29.510431] [ 29.510668] The buggy address belongs to the object at ffff888101abdc80 [ 29.510668] which belongs to the cache kmalloc-64 of size 64 [ 29.511997] The buggy address is located 0 bytes to the right of [ 29.511997] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.513285] [ 29.513539] The buggy address belongs to the physical page: [ 29.514156] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.515221] flags: 0x200000000000000(node=0|zone=2) [ 29.515794] page_type: f5(slab) [ 29.516213] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.517014] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.517959] page dumped because: kasan: bad access detected [ 29.518621] [ 29.518888] Memory state around the buggy address: [ 29.519509] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.520351] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.521112] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.521895] ^ [ 29.522565] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.523317] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.523918] ================================================================== [ 30.514484] ================================================================== [ 30.515670] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 30.517042] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.517759] [ 30.518087] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.519231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.519712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.521807] Call Trace: [ 30.522063] <TASK> [ 30.522261] dump_stack_lvl+0x73/0xb0 [ 30.522571] print_report+0xd1/0x640 [ 30.523000] ? __virt_addr_valid+0x1db/0x2d0 [ 30.523951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.525281] kasan_report+0x102/0x140 [ 30.525706] ? kasan_atomics_helper+0x49ea/0x5450 [ 30.526240] ? kasan_atomics_helper+0x49ea/0x5450 [ 30.526748] __asan_report_load4_noabort+0x18/0x20 [ 30.527392] kasan_atomics_helper+0x49ea/0x5450 [ 30.528047] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.529075] ? ret_from_fork_asm+0x1a/0x30 [ 30.529752] ? ret_from_fork+0x41/0x80 [ 30.530378] kasan_atomics+0x1dd/0x310 [ 30.530736] ? __pfx_kasan_atomics+0x10/0x10 [ 30.531217] ? __pfx_read_tsc+0x10/0x10 [ 30.532041] ? ktime_get_ts64+0x84/0x230 [ 30.532676] kunit_try_run_case+0x1b3/0x490 [ 30.533314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.533963] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.534949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.535942] ? __kthread_parkme+0x82/0x160 [ 30.536310] ? preempt_count_sub+0x50/0x80 [ 30.537014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.537489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.537989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.538435] kthread+0x257/0x310 [ 30.538777] ? __pfx_kthread+0x10/0x10 [ 30.539391] ret_from_fork+0x41/0x80 [ 30.539852] ? __pfx_kthread+0x10/0x10 [ 30.540396] ret_from_fork_asm+0x1a/0x30 [ 30.540809] </TASK> [ 30.541195] [ 30.541502] Allocated by task 273: [ 30.541856] kasan_save_stack+0x3d/0x60 [ 30.542146] kasan_save_track+0x18/0x40 [ 30.542675] kasan_save_alloc_info+0x3b/0x50 [ 30.543295] __kasan_kmalloc+0xb7/0xc0 [ 30.543726] __kmalloc_cache_noprof+0x184/0x410 [ 30.544207] kasan_atomics+0x96/0x310 [ 30.544727] kunit_try_run_case+0x1b3/0x490 [ 30.545129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.545569] kthread+0x257/0x310 [ 30.546070] ret_from_fork+0x41/0x80 [ 30.546564] ret_from_fork_asm+0x1a/0x30 [ 30.547091] [ 30.547422] The buggy address belongs to the object at ffff888101abdc80 [ 30.547422] which belongs to the cache kmalloc-64 of size 64 [ 30.548288] The buggy address is located 0 bytes to the right of [ 30.548288] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.549329] [ 30.549539] The buggy address belongs to the physical page: [ 30.550147] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.550857] flags: 0x200000000000000(node=0|zone=2) [ 30.551397] page_type: f5(slab) [ 30.551753] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.552558] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.553227] page dumped because: kasan: bad access detected [ 30.553737] [ 30.554018] Memory state around the buggy address: [ 30.554509] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.555194] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.555899] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.556626] ^ [ 30.557045] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.557782] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.558407] ================================================================== [ 29.979160] ================================================================== [ 29.980120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 29.981013] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.981836] [ 29.982092] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.983102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.983601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.984275] Call Trace: [ 29.984495] <TASK> [ 29.984685] dump_stack_lvl+0x73/0xb0 [ 29.985046] print_report+0xd1/0x640 [ 29.985461] ? __virt_addr_valid+0x1db/0x2d0 [ 29.986017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.986779] kasan_report+0x102/0x140 [ 29.987244] ? kasan_atomics_helper+0xc71/0x5450 [ 29.987716] ? kasan_atomics_helper+0xc71/0x5450 [ 29.988120] kasan_check_range+0x10c/0x1c0 [ 29.988563] __kasan_check_write+0x18/0x20 [ 29.989029] kasan_atomics_helper+0xc71/0x5450 [ 29.989523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.989961] ? ret_from_fork_asm+0x1a/0x30 [ 29.990252] ? ret_from_fork+0x41/0x80 [ 29.990557] kasan_atomics+0x1dd/0x310 [ 29.991024] ? __pfx_kasan_atomics+0x10/0x10 [ 29.991496] ? __pfx_read_tsc+0x10/0x10 [ 29.992039] ? ktime_get_ts64+0x84/0x230 [ 29.992748] kunit_try_run_case+0x1b3/0x490 [ 29.993233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.993712] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.994076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.994587] ? __kthread_parkme+0x82/0x160 [ 29.995089] ? preempt_count_sub+0x50/0x80 [ 29.995629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.995968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.996353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.997097] kthread+0x257/0x310 [ 29.997605] ? __pfx_kthread+0x10/0x10 [ 29.998087] ret_from_fork+0x41/0x80 [ 29.998575] ? __pfx_kthread+0x10/0x10 [ 29.998925] ret_from_fork_asm+0x1a/0x30 [ 29.999236] </TASK> [ 29.999426] [ 29.999576] Allocated by task 273: [ 29.999797] kasan_save_stack+0x3d/0x60 [ 30.000241] kasan_save_track+0x18/0x40 [ 30.000652] kasan_save_alloc_info+0x3b/0x50 [ 30.001262] __kasan_kmalloc+0xb7/0xc0 [ 30.001730] __kmalloc_cache_noprof+0x184/0x410 [ 30.002246] kasan_atomics+0x96/0x310 [ 30.002680] kunit_try_run_case+0x1b3/0x490 [ 30.003147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.003904] kthread+0x257/0x310 [ 30.004285] ret_from_fork+0x41/0x80 [ 30.004723] ret_from_fork_asm+0x1a/0x30 [ 30.005063] [ 30.005221] The buggy address belongs to the object at ffff888101abdc80 [ 30.005221] which belongs to the cache kmalloc-64 of size 64 [ 30.006261] The buggy address is located 0 bytes to the right of [ 30.006261] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.007004] [ 30.007172] The buggy address belongs to the physical page: [ 30.007476] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.007901] flags: 0x200000000000000(node=0|zone=2) [ 30.008390] page_type: f5(slab) [ 30.008753] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.009645] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.010265] page dumped because: kasan: bad access detected [ 30.010738] [ 30.010987] Memory state around the buggy address: [ 30.011463] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.011977] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.012578] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.013065] ^ [ 30.013667] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.014184] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.014752] ================================================================== [ 29.613655] ================================================================== [ 29.614299] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 29.615036] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.615747] [ 29.616015] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.616930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.617320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.618115] Call Trace: [ 29.618473] <TASK> [ 29.618755] dump_stack_lvl+0x73/0xb0 [ 29.619148] print_report+0xd1/0x640 [ 29.619750] ? __virt_addr_valid+0x1db/0x2d0 [ 29.620211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.620709] kasan_report+0x102/0x140 [ 29.621077] ? kasan_atomics_helper+0x698/0x5450 [ 29.621546] ? kasan_atomics_helper+0x698/0x5450 [ 29.623534] kasan_check_range+0x10c/0x1c0 [ 29.623921] __kasan_check_write+0x18/0x20 [ 29.624240] kasan_atomics_helper+0x698/0x5450 [ 29.624674] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.625283] ? ret_from_fork_asm+0x1a/0x30 [ 29.625696] ? ret_from_fork+0x41/0x80 [ 29.626031] kasan_atomics+0x1dd/0x310 [ 29.626429] ? __pfx_kasan_atomics+0x10/0x10 [ 29.626916] ? __pfx_read_tsc+0x10/0x10 [ 29.627223] ? ktime_get_ts64+0x84/0x230 [ 29.627709] kunit_try_run_case+0x1b3/0x490 [ 29.628081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.628523] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.629002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.629572] ? __kthread_parkme+0x82/0x160 [ 29.629963] ? preempt_count_sub+0x50/0x80 [ 29.630459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.630770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.631425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.631963] kthread+0x257/0x310 [ 29.632343] ? __pfx_kthread+0x10/0x10 [ 29.632628] ret_from_fork+0x41/0x80 [ 29.633040] ? __pfx_kthread+0x10/0x10 [ 29.633497] ret_from_fork_asm+0x1a/0x30 [ 29.633991] </TASK> [ 29.634278] [ 29.634460] Allocated by task 273: [ 29.634691] kasan_save_stack+0x3d/0x60 [ 29.634984] kasan_save_track+0x18/0x40 [ 29.635440] kasan_save_alloc_info+0x3b/0x50 [ 29.635905] __kasan_kmalloc+0xb7/0xc0 [ 29.636338] __kmalloc_cache_noprof+0x184/0x410 [ 29.636917] kasan_atomics+0x96/0x310 [ 29.637207] kunit_try_run_case+0x1b3/0x490 [ 29.637689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.638080] kthread+0x257/0x310 [ 29.638499] ret_from_fork+0x41/0x80 [ 29.638800] ret_from_fork_asm+0x1a/0x30 [ 29.639200] [ 29.639401] The buggy address belongs to the object at ffff888101abdc80 [ 29.639401] which belongs to the cache kmalloc-64 of size 64 [ 29.640436] The buggy address is located 0 bytes to the right of [ 29.640436] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.641105] [ 29.641372] The buggy address belongs to the physical page: [ 29.641891] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.642479] flags: 0x200000000000000(node=0|zone=2) [ 29.642940] page_type: f5(slab) [ 29.643322] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.643813] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.644401] page dumped because: kasan: bad access detected [ 29.644699] [ 29.644940] Memory state around the buggy address: [ 29.645447] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.646114] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.646789] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.647321] ^ [ 29.647610] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.648291] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.648929] ================================================================== [ 30.991900] ================================================================== [ 30.993337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 30.993849] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.994571] [ 30.994842] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.996120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.996541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.997244] Call Trace: [ 30.997877] <TASK> [ 30.998100] dump_stack_lvl+0x73/0xb0 [ 30.998968] print_report+0xd1/0x640 [ 30.999209] ? __virt_addr_valid+0x1db/0x2d0 [ 30.999917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.000723] kasan_report+0x102/0x140 [ 31.001122] ? kasan_atomics_helper+0x1780/0x5450 [ 31.001893] ? kasan_atomics_helper+0x1780/0x5450 [ 31.002635] kasan_check_range+0x10c/0x1c0 [ 31.003061] __kasan_check_write+0x18/0x20 [ 31.003774] kasan_atomics_helper+0x1780/0x5450 [ 31.004232] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.004991] ? ret_from_fork_asm+0x1a/0x30 [ 31.005691] ? ret_from_fork+0x41/0x80 [ 31.006115] kasan_atomics+0x1dd/0x310 [ 31.006807] ? __pfx_kasan_atomics+0x10/0x10 [ 31.007267] ? __pfx_read_tsc+0x10/0x10 [ 31.008275] ? ktime_get_ts64+0x84/0x230 [ 31.008645] kunit_try_run_case+0x1b3/0x490 [ 31.009366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.009787] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.010729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.011196] ? __kthread_parkme+0x82/0x160 [ 31.011939] ? preempt_count_sub+0x50/0x80 [ 31.012598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.013066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.013944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.014647] kthread+0x257/0x310 [ 31.015081] ? __pfx_kthread+0x10/0x10 [ 31.015843] ret_from_fork+0x41/0x80 [ 31.016458] ? __pfx_kthread+0x10/0x10 [ 31.016933] ret_from_fork_asm+0x1a/0x30 [ 31.017306] </TASK> [ 31.018077] [ 31.018234] Allocated by task 273: [ 31.018477] kasan_save_stack+0x3d/0x60 [ 31.019405] kasan_save_track+0x18/0x40 [ 31.019807] kasan_save_alloc_info+0x3b/0x50 [ 31.020581] __kasan_kmalloc+0xb7/0xc0 [ 31.020975] __kmalloc_cache_noprof+0x184/0x410 [ 31.021371] kasan_atomics+0x96/0x310 [ 31.022157] kunit_try_run_case+0x1b3/0x490 [ 31.022624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.023459] kthread+0x257/0x310 [ 31.023841] ret_from_fork+0x41/0x80 [ 31.024249] ret_from_fork_asm+0x1a/0x30 [ 31.025355] [ 31.025500] The buggy address belongs to the object at ffff888101abdc80 [ 31.025500] which belongs to the cache kmalloc-64 of size 64 [ 31.026195] The buggy address is located 0 bytes to the right of [ 31.026195] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.027649] [ 31.027893] The buggy address belongs to the physical page: [ 31.028479] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.029199] flags: 0x200000000000000(node=0|zone=2) [ 31.029754] page_type: f5(slab) [ 31.030151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.031365] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.032034] page dumped because: kasan: bad access detected [ 31.032949] [ 31.033172] Memory state around the buggy address: [ 31.034392] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.034894] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.035499] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.036491] ^ [ 31.036779] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.037412] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.037965] ================================================================== [ 31.039689] ================================================================== [ 31.040113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 31.041609] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.042117] [ 31.042959] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.043749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.044117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.044846] Call Trace: [ 31.045122] <TASK> [ 31.045346] dump_stack_lvl+0x73/0xb0 [ 31.045689] print_report+0xd1/0x640 [ 31.046759] ? __virt_addr_valid+0x1db/0x2d0 [ 31.047426] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.047790] kasan_report+0x102/0x140 [ 31.048778] ? kasan_atomics_helper+0x1819/0x5450 [ 31.049251] ? kasan_atomics_helper+0x1819/0x5450 [ 31.050128] kasan_check_range+0x10c/0x1c0 [ 31.050741] __kasan_check_write+0x18/0x20 [ 31.051154] kasan_atomics_helper+0x1819/0x5450 [ 31.052068] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.052887] ? ret_from_fork_asm+0x1a/0x30 [ 31.053267] ? ret_from_fork+0x41/0x80 [ 31.053747] kasan_atomics+0x1dd/0x310 [ 31.054184] ? __pfx_kasan_atomics+0x10/0x10 [ 31.055190] ? __pfx_read_tsc+0x10/0x10 [ 31.055568] ? ktime_get_ts64+0x84/0x230 [ 31.056331] kunit_try_run_case+0x1b3/0x490 [ 31.056733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.057314] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.057953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.058353] ? __kthread_parkme+0x82/0x160 [ 31.058740] ? preempt_count_sub+0x50/0x80 [ 31.059183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.059585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.060665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.061322] kthread+0x257/0x310 [ 31.061928] ? __pfx_kthread+0x10/0x10 [ 31.062573] ret_from_fork+0x41/0x80 [ 31.063125] ? __pfx_kthread+0x10/0x10 [ 31.063580] ret_from_fork_asm+0x1a/0x30 [ 31.064357] </TASK> [ 31.064784] [ 31.064969] Allocated by task 273: [ 31.065843] kasan_save_stack+0x3d/0x60 [ 31.066178] kasan_save_track+0x18/0x40 [ 31.066657] kasan_save_alloc_info+0x3b/0x50 [ 31.067169] __kasan_kmalloc+0xb7/0xc0 [ 31.068071] __kmalloc_cache_noprof+0x184/0x410 [ 31.068750] kasan_atomics+0x96/0x310 [ 31.069380] kunit_try_run_case+0x1b3/0x490 [ 31.069798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.070789] kthread+0x257/0x310 [ 31.071135] ret_from_fork+0x41/0x80 [ 31.071519] ret_from_fork_asm+0x1a/0x30 [ 31.072480] [ 31.072675] The buggy address belongs to the object at ffff888101abdc80 [ 31.072675] which belongs to the cache kmalloc-64 of size 64 [ 31.074199] The buggy address is located 0 bytes to the right of [ 31.074199] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.075091] [ 31.075533] The buggy address belongs to the physical page: [ 31.076230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.076627] flags: 0x200000000000000(node=0|zone=2) [ 31.077121] page_type: f5(slab) [ 31.077475] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.078840] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.079572] page dumped because: kasan: bad access detected [ 31.079954] [ 31.080477] Memory state around the buggy address: [ 31.080953] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.081622] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.082202] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.082732] ^ [ 31.083804] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.084767] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.085266] ================================================================== [ 29.189406] ================================================================== [ 29.190483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 29.191413] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.192221] [ 29.192902] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.193643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.194198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.195012] Call Trace: [ 29.195874] <TASK> [ 29.196176] dump_stack_lvl+0x73/0xb0 [ 29.197129] print_report+0xd1/0x640 [ 29.197493] ? __virt_addr_valid+0x1db/0x2d0 [ 29.198068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.198626] kasan_report+0x102/0x140 [ 29.198924] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.199508] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.200304] __asan_report_load4_noabort+0x18/0x20 [ 29.200804] kasan_atomics_helper+0x4bbe/0x5450 [ 29.201645] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.202495] ? ret_from_fork_asm+0x1a/0x30 [ 29.202842] ? ret_from_fork+0x41/0x80 [ 29.203143] kasan_atomics+0x1dd/0x310 [ 29.203810] ? __pfx_kasan_atomics+0x10/0x10 [ 29.204571] ? __pfx_read_tsc+0x10/0x10 [ 29.205028] ? ktime_get_ts64+0x84/0x230 [ 29.205775] kunit_try_run_case+0x1b3/0x490 [ 29.206119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.206977] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.207697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.208340] ? __kthread_parkme+0x82/0x160 [ 29.208638] ? preempt_count_sub+0x50/0x80 [ 29.209203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.209837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.210624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.211336] kthread+0x257/0x310 [ 29.211629] ? __pfx_kthread+0x10/0x10 [ 29.212642] ret_from_fork+0x41/0x80 [ 29.213611] ? __pfx_kthread+0x10/0x10 [ 29.214297] ret_from_fork_asm+0x1a/0x30 [ 29.214725] </TASK> [ 29.214969] [ 29.215136] Allocated by task 273: [ 29.216718] kasan_save_stack+0x3d/0x60 [ 29.217627] kasan_save_track+0x18/0x40 [ 29.218435] kasan_save_alloc_info+0x3b/0x50 [ 29.218804] __kasan_kmalloc+0xb7/0xc0 [ 29.219354] __kmalloc_cache_noprof+0x184/0x410 [ 29.219966] kasan_atomics+0x96/0x310 [ 29.220380] kunit_try_run_case+0x1b3/0x490 [ 29.220713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.221229] kthread+0x257/0x310 [ 29.221539] ret_from_fork+0x41/0x80 [ 29.222527] ret_from_fork_asm+0x1a/0x30 [ 29.222807] [ 29.223273] The buggy address belongs to the object at ffff888101abdc80 [ 29.223273] which belongs to the cache kmalloc-64 of size 64 [ 29.224204] The buggy address is located 0 bytes to the right of [ 29.224204] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.225243] [ 29.225512] The buggy address belongs to the physical page: [ 29.226441] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.227318] flags: 0x200000000000000(node=0|zone=2) [ 29.227838] page_type: f5(slab) [ 29.228320] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.229223] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.230434] page dumped because: kasan: bad access detected [ 29.230754] [ 29.230984] Memory state around the buggy address: [ 29.231540] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.232347] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.233048] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.233712] ^ [ 29.234221] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.234686] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.236050] ================================================================== [ 29.570281] ================================================================== [ 29.570910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 29.572550] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.573139] [ 29.573417] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.574057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.574314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.575130] Call Trace: [ 29.575565] <TASK> [ 29.575894] dump_stack_lvl+0x73/0xb0 [ 29.576341] print_report+0xd1/0x640 [ 29.576736] ? __virt_addr_valid+0x1db/0x2d0 [ 29.577068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.577501] kasan_report+0x102/0x140 [ 29.577979] ? kasan_atomics_helper+0x5ff/0x5450 [ 29.578684] ? kasan_atomics_helper+0x5ff/0x5450 [ 29.579299] kasan_check_range+0x10c/0x1c0 [ 29.579736] __kasan_check_write+0x18/0x20 [ 29.580075] kasan_atomics_helper+0x5ff/0x5450 [ 29.580386] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.580724] ? ret_from_fork_asm+0x1a/0x30 [ 29.581361] ? ret_from_fork+0x41/0x80 [ 29.581812] kasan_atomics+0x1dd/0x310 [ 29.582303] ? __pfx_kasan_atomics+0x10/0x10 [ 29.582801] ? __pfx_read_tsc+0x10/0x10 [ 29.583221] ? ktime_get_ts64+0x84/0x230 [ 29.583710] kunit_try_run_case+0x1b3/0x490 [ 29.584035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.584393] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.584921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.585592] ? __kthread_parkme+0x82/0x160 [ 29.586056] ? preempt_count_sub+0x50/0x80 [ 29.586615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.586991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.587354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.587689] kthread+0x257/0x310 [ 29.587963] ? __pfx_kthread+0x10/0x10 [ 29.588478] ret_from_fork+0x41/0x80 [ 29.588976] ? __pfx_kthread+0x10/0x10 [ 29.589419] ret_from_fork_asm+0x1a/0x30 [ 29.589925] </TASK> [ 29.590239] [ 29.590458] Allocated by task 273: [ 29.590811] kasan_save_stack+0x3d/0x60 [ 29.591255] kasan_save_track+0x18/0x40 [ 29.591684] kasan_save_alloc_info+0x3b/0x50 [ 29.592112] __kasan_kmalloc+0xb7/0xc0 [ 29.592538] __kmalloc_cache_noprof+0x184/0x410 [ 29.593019] kasan_atomics+0x96/0x310 [ 29.593289] kunit_try_run_case+0x1b3/0x490 [ 29.593734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.595395] kthread+0x257/0x310 [ 29.595780] ret_from_fork+0x41/0x80 [ 29.596205] ret_from_fork_asm+0x1a/0x30 [ 29.596611] [ 29.596786] The buggy address belongs to the object at ffff888101abdc80 [ 29.596786] which belongs to the cache kmalloc-64 of size 64 [ 29.600463] The buggy address is located 0 bytes to the right of [ 29.600463] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.601250] [ 29.601481] The buggy address belongs to the physical page: [ 29.602571] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.603504] flags: 0x200000000000000(node=0|zone=2) [ 29.604084] page_type: f5(slab) [ 29.604554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.605260] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.605897] page dumped because: kasan: bad access detected [ 29.606394] [ 29.606569] Memory state around the buggy address: [ 29.608083] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.608456] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.609691] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.610158] ^ [ 29.611050] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.611494] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.612291] ================================================================== [ 29.903378] ================================================================== [ 29.903977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 29.904512] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.905216] [ 29.905492] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.906209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.906644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.907104] Call Trace: [ 29.907506] <TASK> [ 29.907795] dump_stack_lvl+0x73/0xb0 [ 29.908311] print_report+0xd1/0x640 [ 29.908731] ? __virt_addr_valid+0x1db/0x2d0 [ 29.909185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.909747] kasan_report+0x102/0x140 [ 29.910129] ? kasan_atomics_helper+0xac8/0x5450 [ 29.910659] ? kasan_atomics_helper+0xac8/0x5450 [ 29.911086] kasan_check_range+0x10c/0x1c0 [ 29.911632] __kasan_check_write+0x18/0x20 [ 29.912053] kasan_atomics_helper+0xac8/0x5450 [ 29.912471] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.913014] ? ret_from_fork_asm+0x1a/0x30 [ 29.913515] ? ret_from_fork+0x41/0x80 [ 29.913946] kasan_atomics+0x1dd/0x310 [ 29.914238] ? __pfx_kasan_atomics+0x10/0x10 [ 29.914596] ? __pfx_read_tsc+0x10/0x10 [ 29.914895] ? ktime_get_ts64+0x84/0x230 [ 29.915391] kunit_try_run_case+0x1b3/0x490 [ 29.915927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.916498] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.917012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.917607] ? __kthread_parkme+0x82/0x160 [ 29.918093] ? preempt_count_sub+0x50/0x80 [ 29.918627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.919038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.920151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.920718] kthread+0x257/0x310 [ 29.923559] ? __pfx_kthread+0x10/0x10 [ 29.924001] ret_from_fork+0x41/0x80 [ 29.924620] ? __pfx_kthread+0x10/0x10 [ 29.925053] ret_from_fork_asm+0x1a/0x30 [ 29.925864] </TASK> [ 29.926211] [ 29.926653] Allocated by task 273: [ 29.927008] kasan_save_stack+0x3d/0x60 [ 29.927692] kasan_save_track+0x18/0x40 [ 29.927985] kasan_save_alloc_info+0x3b/0x50 [ 29.928805] __kasan_kmalloc+0xb7/0xc0 [ 29.929110] __kmalloc_cache_noprof+0x184/0x410 [ 29.929859] kasan_atomics+0x96/0x310 [ 29.930232] kunit_try_run_case+0x1b3/0x490 [ 29.930722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.931197] kthread+0x257/0x310 [ 29.931566] ret_from_fork+0x41/0x80 [ 29.931937] ret_from_fork_asm+0x1a/0x30 [ 29.932391] [ 29.932660] The buggy address belongs to the object at ffff888101abdc80 [ 29.932660] which belongs to the cache kmalloc-64 of size 64 [ 29.933266] The buggy address is located 0 bytes to the right of [ 29.933266] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.934319] [ 29.934558] The buggy address belongs to the physical page: [ 29.934918] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.935345] flags: 0x200000000000000(node=0|zone=2) [ 29.935884] page_type: f5(slab) [ 29.936362] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.937055] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.937564] page dumped because: kasan: bad access detected [ 29.938121] [ 29.938274] Memory state around the buggy address: [ 29.938912] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.939496] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.939964] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.940327] ^ [ 29.940611] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.941308] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.942179] ================================================================== [ 31.727137] ================================================================== [ 31.728789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 31.729537] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.730250] [ 31.730546] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.731280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.731891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.732617] Call Trace: [ 31.733033] <TASK> [ 31.733331] dump_stack_lvl+0x73/0xb0 [ 31.733701] print_report+0xd1/0x640 [ 31.734215] ? __virt_addr_valid+0x1db/0x2d0 [ 31.734702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.735306] kasan_report+0x102/0x140 [ 31.735863] ? kasan_atomics_helper+0x20c9/0x5450 [ 31.736290] ? kasan_atomics_helper+0x20c9/0x5450 [ 31.736847] kasan_check_range+0x10c/0x1c0 [ 31.737374] __kasan_check_write+0x18/0x20 [ 31.737738] kasan_atomics_helper+0x20c9/0x5450 [ 31.738282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.738684] ? ret_from_fork_asm+0x1a/0x30 [ 31.739193] ? ret_from_fork+0x41/0x80 [ 31.739629] kasan_atomics+0x1dd/0x310 [ 31.740162] ? __pfx_kasan_atomics+0x10/0x10 [ 31.740557] ? __pfx_read_tsc+0x10/0x10 [ 31.741093] ? ktime_get_ts64+0x84/0x230 [ 31.741497] kunit_try_run_case+0x1b3/0x490 [ 31.742014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.742652] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.743223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.743578] ? __kthread_parkme+0x82/0x160 [ 31.744469] ? preempt_count_sub+0x50/0x80 [ 31.745338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.745684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.746288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.746717] kthread+0x257/0x310 [ 31.747711] ? __pfx_kthread+0x10/0x10 [ 31.748531] ret_from_fork+0x41/0x80 [ 31.748811] ? __pfx_kthread+0x10/0x10 [ 31.749752] ret_from_fork_asm+0x1a/0x30 [ 31.750238] </TASK> [ 31.750575] [ 31.750832] Allocated by task 273: [ 31.751263] kasan_save_stack+0x3d/0x60 [ 31.751801] kasan_save_track+0x18/0x40 [ 31.752338] kasan_save_alloc_info+0x3b/0x50 [ 31.752882] __kasan_kmalloc+0xb7/0xc0 [ 31.753407] __kmalloc_cache_noprof+0x184/0x410 [ 31.753965] kasan_atomics+0x96/0x310 [ 31.754456] kunit_try_run_case+0x1b3/0x490 [ 31.755007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.755615] kthread+0x257/0x310 [ 31.756107] ret_from_fork+0x41/0x80 [ 31.756712] ret_from_fork_asm+0x1a/0x30 [ 31.757227] [ 31.757475] The buggy address belongs to the object at ffff888101abdc80 [ 31.757475] which belongs to the cache kmalloc-64 of size 64 [ 31.758719] The buggy address is located 0 bytes to the right of [ 31.758719] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.760002] [ 31.760244] The buggy address belongs to the physical page: [ 31.760882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.761470] flags: 0x200000000000000(node=0|zone=2) [ 31.761650] page_type: f5(slab) [ 31.761785] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.762288] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.762806] page dumped because: kasan: bad access detected [ 31.763251] [ 31.763524] Memory state around the buggy address: [ 31.764008] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.764401] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.764802] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.765487] ^ [ 31.766151] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.766592] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.767104] ================================================================== [ 31.807674] ================================================================== [ 31.808633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 31.809352] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.809937] [ 31.810119] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.810612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.811085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.811938] Call Trace: [ 31.812289] <TASK> [ 31.812582] dump_stack_lvl+0x73/0xb0 [ 31.813077] print_report+0xd1/0x640 [ 31.814616] ? __virt_addr_valid+0x1db/0x2d0 [ 31.814963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.815360] kasan_report+0x102/0x140 [ 31.815682] ? kasan_atomics_helper+0x218b/0x5450 [ 31.817932] ? kasan_atomics_helper+0x218b/0x5450 [ 31.818332] kasan_check_range+0x10c/0x1c0 [ 31.818793] __kasan_check_write+0x18/0x20 [ 31.819148] kasan_atomics_helper+0x218b/0x5450 [ 31.819691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.820169] ? ret_from_fork_asm+0x1a/0x30 [ 31.820466] ? ret_from_fork+0x41/0x80 [ 31.821045] kasan_atomics+0x1dd/0x310 [ 31.821569] ? __pfx_kasan_atomics+0x10/0x10 [ 31.822247] ? __pfx_read_tsc+0x10/0x10 [ 31.822784] ? ktime_get_ts64+0x84/0x230 [ 31.823326] kunit_try_run_case+0x1b3/0x490 [ 31.823888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.824574] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.825164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.825787] ? __kthread_parkme+0x82/0x160 [ 31.826409] ? preempt_count_sub+0x50/0x80 [ 31.826763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.827355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.828090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.828800] kthread+0x257/0x310 [ 31.829151] ? __pfx_kthread+0x10/0x10 [ 31.829651] ret_from_fork+0x41/0x80 [ 31.830185] ? __pfx_kthread+0x10/0x10 [ 31.830636] ret_from_fork_asm+0x1a/0x30 [ 31.831103] </TASK> [ 31.831465] [ 31.831640] Allocated by task 273: [ 31.831957] kasan_save_stack+0x3d/0x60 [ 31.832370] kasan_save_track+0x18/0x40 [ 31.832893] kasan_save_alloc_info+0x3b/0x50 [ 31.833382] __kasan_kmalloc+0xb7/0xc0 [ 31.833729] __kmalloc_cache_noprof+0x184/0x410 [ 31.834230] kasan_atomics+0x96/0x310 [ 31.834634] kunit_try_run_case+0x1b3/0x490 [ 31.835144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.835609] kthread+0x257/0x310 [ 31.835936] ret_from_fork+0x41/0x80 [ 31.836519] ret_from_fork_asm+0x1a/0x30 [ 31.836973] [ 31.837197] The buggy address belongs to the object at ffff888101abdc80 [ 31.837197] which belongs to the cache kmalloc-64 of size 64 [ 31.838228] The buggy address is located 0 bytes to the right of [ 31.838228] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.839165] [ 31.839458] The buggy address belongs to the physical page: [ 31.839921] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.840361] flags: 0x200000000000000(node=0|zone=2) [ 31.841020] page_type: f5(slab) [ 31.841470] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.842065] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.842681] page dumped because: kasan: bad access detected [ 31.843232] [ 31.843453] Memory state around the buggy address: [ 31.843844] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.844217] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.844900] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.845798] ^ [ 31.846263] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.846752] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.847131] ================================================================== [ 31.396710] ================================================================== [ 31.397349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 31.397610] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.397861] [ 31.398105] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.399114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.399645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.400484] Call Trace: [ 31.400800] <TASK> [ 31.401183] dump_stack_lvl+0x73/0xb0 [ 31.401647] print_report+0xd1/0x640 [ 31.402090] ? __virt_addr_valid+0x1db/0x2d0 [ 31.402626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.403162] kasan_report+0x102/0x140 [ 31.403686] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.404122] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.404732] kasan_check_range+0x10c/0x1c0 [ 31.405161] __kasan_check_write+0x18/0x20 [ 31.405570] kasan_atomics_helper+0x1ce2/0x5450 [ 31.406122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.406683] ? ret_from_fork_asm+0x1a/0x30 [ 31.407228] ? ret_from_fork+0x41/0x80 [ 31.407718] kasan_atomics+0x1dd/0x310 [ 31.408117] ? __pfx_kasan_atomics+0x10/0x10 [ 31.408682] ? __pfx_read_tsc+0x10/0x10 [ 31.409211] ? ktime_get_ts64+0x84/0x230 [ 31.409650] kunit_try_run_case+0x1b3/0x490 [ 31.410219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.410743] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.411200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.411803] ? __kthread_parkme+0x82/0x160 [ 31.412393] ? preempt_count_sub+0x50/0x80 [ 31.412889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.413496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.414071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.414839] kthread+0x257/0x310 [ 31.415429] ? __pfx_kthread+0x10/0x10 [ 31.415975] ret_from_fork+0x41/0x80 [ 31.416416] ? __pfx_kthread+0x10/0x10 [ 31.416654] ret_from_fork_asm+0x1a/0x30 [ 31.417209] </TASK> [ 31.417611] [ 31.417842] Allocated by task 273: [ 31.418137] kasan_save_stack+0x3d/0x60 [ 31.418622] kasan_save_track+0x18/0x40 [ 31.419184] kasan_save_alloc_info+0x3b/0x50 [ 31.419697] __kasan_kmalloc+0xb7/0xc0 [ 31.420155] __kmalloc_cache_noprof+0x184/0x410 [ 31.420631] kasan_atomics+0x96/0x310 [ 31.421087] kunit_try_run_case+0x1b3/0x490 [ 31.421459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.421781] kthread+0x257/0x310 [ 31.422063] ret_from_fork+0x41/0x80 [ 31.422511] ret_from_fork_asm+0x1a/0x30 [ 31.422956] [ 31.423288] The buggy address belongs to the object at ffff888101abdc80 [ 31.423288] which belongs to the cache kmalloc-64 of size 64 [ 31.424465] The buggy address is located 0 bytes to the right of [ 31.424465] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.425571] [ 31.425883] The buggy address belongs to the physical page: [ 31.426348] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.426758] flags: 0x200000000000000(node=0|zone=2) [ 31.427322] page_type: f5(slab) [ 31.427723] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.428550] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.429374] page dumped because: kasan: bad access detected [ 31.429882] [ 31.430090] Memory state around the buggy address: [ 31.430642] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.431319] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.431966] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.432359] ^ [ 31.432640] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.433272] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.433992] ================================================================== [ 29.525484] ================================================================== [ 29.527625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 29.528208] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.530669] [ 29.530887] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.531865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.532239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.532999] Call Trace: [ 29.533258] <TASK> [ 29.533493] dump_stack_lvl+0x73/0xb0 [ 29.534968] print_report+0xd1/0x640 [ 29.535579] ? __virt_addr_valid+0x1db/0x2d0 [ 29.536235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.537019] kasan_report+0x102/0x140 [ 29.537617] ? kasan_atomics_helper+0x566/0x5450 [ 29.538264] ? kasan_atomics_helper+0x566/0x5450 [ 29.539012] kasan_check_range+0x10c/0x1c0 [ 29.539659] __kasan_check_write+0x18/0x20 [ 29.540081] kasan_atomics_helper+0x566/0x5450 [ 29.540760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.541459] ? ret_from_fork_asm+0x1a/0x30 [ 29.542078] ? ret_from_fork+0x41/0x80 [ 29.542697] kasan_atomics+0x1dd/0x310 [ 29.543091] ? __pfx_kasan_atomics+0x10/0x10 [ 29.543850] ? __pfx_read_tsc+0x10/0x10 [ 29.544479] ? ktime_get_ts64+0x84/0x230 [ 29.544907] kunit_try_run_case+0x1b3/0x490 [ 29.545630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.546272] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.547304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.547704] ? __kthread_parkme+0x82/0x160 [ 29.548312] ? preempt_count_sub+0x50/0x80 [ 29.548754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.549192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.550387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.550836] kthread+0x257/0x310 [ 29.551457] ? __pfx_kthread+0x10/0x10 [ 29.551838] ret_from_fork+0x41/0x80 [ 29.552103] ? __pfx_kthread+0x10/0x10 [ 29.553044] ret_from_fork_asm+0x1a/0x30 [ 29.553796] </TASK> [ 29.554023] [ 29.554492] Allocated by task 273: [ 29.554881] kasan_save_stack+0x3d/0x60 [ 29.555332] kasan_save_track+0x18/0x40 [ 29.555702] kasan_save_alloc_info+0x3b/0x50 [ 29.556087] __kasan_kmalloc+0xb7/0xc0 [ 29.556445] __kmalloc_cache_noprof+0x184/0x410 [ 29.556955] kasan_atomics+0x96/0x310 [ 29.557308] kunit_try_run_case+0x1b3/0x490 [ 29.557585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.558216] kthread+0x257/0x310 [ 29.558620] ret_from_fork+0x41/0x80 [ 29.559074] ret_from_fork_asm+0x1a/0x30 [ 29.559436] [ 29.559636] The buggy address belongs to the object at ffff888101abdc80 [ 29.559636] which belongs to the cache kmalloc-64 of size 64 [ 29.560210] The buggy address is located 0 bytes to the right of [ 29.560210] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.561279] [ 29.561533] The buggy address belongs to the physical page: [ 29.561990] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.562395] flags: 0x200000000000000(node=0|zone=2) [ 29.562994] page_type: f5(slab) [ 29.563516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.564226] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.564632] page dumped because: kasan: bad access detected [ 29.565187] [ 29.565400] Memory state around the buggy address: [ 29.565852] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.566560] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.567180] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.567661] ^ [ 29.568170] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.568785] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.569204] ================================================================== [ 30.560512] ================================================================== [ 30.561927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 30.563330] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.564078] [ 30.564443] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.565309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.565577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.566541] Call Trace: [ 30.566968] <TASK> [ 30.567293] dump_stack_lvl+0x73/0xb0 [ 30.567806] print_report+0xd1/0x640 [ 30.568464] ? __virt_addr_valid+0x1db/0x2d0 [ 30.569067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.569648] kasan_report+0x102/0x140 [ 30.570296] ? kasan_atomics_helper+0x12e7/0x5450 [ 30.570960] ? kasan_atomics_helper+0x12e7/0x5450 [ 30.571641] kasan_check_range+0x10c/0x1c0 [ 30.572350] __kasan_check_write+0x18/0x20 [ 30.572860] kasan_atomics_helper+0x12e7/0x5450 [ 30.573479] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.573858] ? ret_from_fork_asm+0x1a/0x30 [ 30.574512] ? ret_from_fork+0x41/0x80 [ 30.575087] kasan_atomics+0x1dd/0x310 [ 30.575637] ? __pfx_kasan_atomics+0x10/0x10 [ 30.575925] ? __pfx_read_tsc+0x10/0x10 [ 30.576471] ? ktime_get_ts64+0x84/0x230 [ 30.576939] kunit_try_run_case+0x1b3/0x490 [ 30.577287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.577668] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.578132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.578505] ? __kthread_parkme+0x82/0x160 [ 30.578951] ? preempt_count_sub+0x50/0x80 [ 30.579631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.580228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.580875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.581394] kthread+0x257/0x310 [ 30.581814] ? __pfx_kthread+0x10/0x10 [ 30.582378] ret_from_fork+0x41/0x80 [ 30.582839] ? __pfx_kthread+0x10/0x10 [ 30.583288] ret_from_fork_asm+0x1a/0x30 [ 30.583794] </TASK> [ 30.584115] [ 30.584417] Allocated by task 273: [ 30.584720] kasan_save_stack+0x3d/0x60 [ 30.585237] kasan_save_track+0x18/0x40 [ 30.585712] kasan_save_alloc_info+0x3b/0x50 [ 30.586278] __kasan_kmalloc+0xb7/0xc0 [ 30.586668] __kmalloc_cache_noprof+0x184/0x410 [ 30.587178] kasan_atomics+0x96/0x310 [ 30.587620] kunit_try_run_case+0x1b3/0x490 [ 30.588145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.588642] kthread+0x257/0x310 [ 30.589055] ret_from_fork+0x41/0x80 [ 30.589537] ret_from_fork_asm+0x1a/0x30 [ 30.589995] [ 30.590304] The buggy address belongs to the object at ffff888101abdc80 [ 30.590304] which belongs to the cache kmalloc-64 of size 64 [ 30.591336] The buggy address is located 0 bytes to the right of [ 30.591336] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.592232] [ 30.592587] The buggy address belongs to the physical page: [ 30.593089] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.593715] flags: 0x200000000000000(node=0|zone=2) [ 30.594329] page_type: f5(slab) [ 30.594755] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.595342] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.596061] page dumped because: kasan: bad access detected [ 30.596490] [ 30.596649] Memory state around the buggy address: [ 30.597355] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.598040] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.598728] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.599391] ^ [ 30.599879] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.600635] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.601135] ================================================================== [ 30.731164] ================================================================== [ 30.731653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 30.732389] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.733100] [ 30.733335] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.734086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.734396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.735225] Call Trace: [ 30.735585] <TASK> [ 30.735887] dump_stack_lvl+0x73/0xb0 [ 30.736412] print_report+0xd1/0x640 [ 30.736766] ? __virt_addr_valid+0x1db/0x2d0 [ 30.737104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.737726] kasan_report+0x102/0x140 [ 30.738152] ? kasan_atomics_helper+0x1468/0x5450 [ 30.738608] ? kasan_atomics_helper+0x1468/0x5450 [ 30.739214] kasan_check_range+0x10c/0x1c0 [ 30.739735] __kasan_check_write+0x18/0x20 [ 30.740209] kasan_atomics_helper+0x1468/0x5450 [ 30.740672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.741165] ? ret_from_fork_asm+0x1a/0x30 [ 30.741691] ? ret_from_fork+0x41/0x80 [ 30.742116] kasan_atomics+0x1dd/0x310 [ 30.742461] ? __pfx_kasan_atomics+0x10/0x10 [ 30.742770] ? __pfx_read_tsc+0x10/0x10 [ 30.743218] ? ktime_get_ts64+0x84/0x230 [ 30.743753] kunit_try_run_case+0x1b3/0x490 [ 30.744237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.744764] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.745357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.745797] ? __kthread_parkme+0x82/0x160 [ 30.746300] ? preempt_count_sub+0x50/0x80 [ 30.746607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.747110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.747785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.748430] kthread+0x257/0x310 [ 30.748843] ? __pfx_kthread+0x10/0x10 [ 30.749311] ret_from_fork+0x41/0x80 [ 30.749682] ? __pfx_kthread+0x10/0x10 [ 30.750162] ret_from_fork_asm+0x1a/0x30 [ 30.750680] </TASK> [ 30.751010] [ 30.751203] Allocated by task 273: [ 30.751610] kasan_save_stack+0x3d/0x60 [ 30.751939] kasan_save_track+0x18/0x40 [ 30.752447] kasan_save_alloc_info+0x3b/0x50 [ 30.752888] __kasan_kmalloc+0xb7/0xc0 [ 30.753346] __kmalloc_cache_noprof+0x184/0x410 [ 30.753790] kasan_atomics+0x96/0x310 [ 30.754168] kunit_try_run_case+0x1b3/0x490 [ 30.754676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.755166] kthread+0x257/0x310 [ 30.755592] ret_from_fork+0x41/0x80 [ 30.756059] ret_from_fork_asm+0x1a/0x30 [ 30.756610] [ 30.756899] The buggy address belongs to the object at ffff888101abdc80 [ 30.756899] which belongs to the cache kmalloc-64 of size 64 [ 30.757689] The buggy address is located 0 bytes to the right of [ 30.757689] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.758973] [ 30.759317] The buggy address belongs to the physical page: [ 30.759920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.760771] flags: 0x200000000000000(node=0|zone=2) [ 30.761375] page_type: f5(slab) [ 30.761807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.762622] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.763432] page dumped because: kasan: bad access detected [ 30.763987] [ 30.764139] Memory state around the buggy address: [ 30.764664] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.765469] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.766239] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.767051] ^ [ 30.767607] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.768059] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.768607] ================================================================== [ 30.770201] ================================================================== [ 30.770854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 30.771485] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.772155] [ 30.772463] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.773205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.773667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.774307] Call Trace: [ 30.774666] <TASK> [ 30.774978] dump_stack_lvl+0x73/0xb0 [ 30.775441] print_report+0xd1/0x640 [ 30.775915] ? __virt_addr_valid+0x1db/0x2d0 [ 30.776314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.776889] kasan_report+0x102/0x140 [ 30.777170] ? kasan_atomics_helper+0x50d6/0x5450 [ 30.777690] ? kasan_atomics_helper+0x50d6/0x5450 [ 30.778238] __asan_report_store8_noabort+0x1b/0x30 [ 30.778786] kasan_atomics_helper+0x50d6/0x5450 [ 30.779361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.779691] ? ret_from_fork_asm+0x1a/0x30 [ 30.780161] ? ret_from_fork+0x41/0x80 [ 30.780494] kasan_atomics+0x1dd/0x310 [ 30.781012] ? __pfx_kasan_atomics+0x10/0x10 [ 30.781369] ? __pfx_read_tsc+0x10/0x10 [ 30.781648] ? ktime_get_ts64+0x84/0x230 [ 30.782139] kunit_try_run_case+0x1b3/0x490 [ 30.782647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.783158] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.783732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.784099] ? __kthread_parkme+0x82/0x160 [ 30.784623] ? preempt_count_sub+0x50/0x80 [ 30.785010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.785371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.786017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.786632] kthread+0x257/0x310 [ 30.787161] ? __pfx_kthread+0x10/0x10 [ 30.788294] ret_from_fork+0x41/0x80 [ 30.789538] ? __pfx_kthread+0x10/0x10 [ 30.789949] ret_from_fork_asm+0x1a/0x30 [ 30.790987] </TASK> [ 30.791538] [ 30.791709] Allocated by task 273: [ 30.792070] kasan_save_stack+0x3d/0x60 [ 30.792465] kasan_save_track+0x18/0x40 [ 30.792876] kasan_save_alloc_info+0x3b/0x50 [ 30.794048] __kasan_kmalloc+0xb7/0xc0 [ 30.794391] __kmalloc_cache_noprof+0x184/0x410 [ 30.795193] kasan_atomics+0x96/0x310 [ 30.795664] kunit_try_run_case+0x1b3/0x490 [ 30.796582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.797081] kthread+0x257/0x310 [ 30.797740] ret_from_fork+0x41/0x80 [ 30.798457] ret_from_fork_asm+0x1a/0x30 [ 30.799025] [ 30.799252] The buggy address belongs to the object at ffff888101abdc80 [ 30.799252] which belongs to the cache kmalloc-64 of size 64 [ 30.800305] The buggy address is located 0 bytes to the right of [ 30.800305] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.801738] [ 30.802212] The buggy address belongs to the physical page: [ 30.803206] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.804007] flags: 0x200000000000000(node=0|zone=2) [ 30.804463] page_type: f5(slab) [ 30.804775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.805183] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.805914] page dumped because: kasan: bad access detected [ 30.807336] [ 30.807517] Memory state around the buggy address: [ 30.807813] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.808967] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.809636] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.810491] ^ [ 30.811059] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.811713] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.812540] ================================================================== [ 29.862414] ================================================================== [ 29.863204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 29.863988] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.864589] [ 29.864855] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.865694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.866057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.867045] Call Trace: [ 29.867343] <TASK> [ 29.867595] dump_stack_lvl+0x73/0xb0 [ 29.868159] print_report+0xd1/0x640 [ 29.868679] ? __virt_addr_valid+0x1db/0x2d0 [ 29.869208] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.869778] kasan_report+0x102/0x140 [ 29.870227] ? kasan_atomics_helper+0xa2c/0x5450 [ 29.870633] ? kasan_atomics_helper+0xa2c/0x5450 [ 29.870983] kasan_check_range+0x10c/0x1c0 [ 29.871576] __kasan_check_write+0x18/0x20 [ 29.872175] kasan_atomics_helper+0xa2c/0x5450 [ 29.872677] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.873176] ? ret_from_fork_asm+0x1a/0x30 [ 29.873650] ? ret_from_fork+0x41/0x80 [ 29.874220] kasan_atomics+0x1dd/0x310 [ 29.874685] ? __pfx_kasan_atomics+0x10/0x10 [ 29.875151] ? __pfx_read_tsc+0x10/0x10 [ 29.875582] ? ktime_get_ts64+0x84/0x230 [ 29.875896] kunit_try_run_case+0x1b3/0x490 [ 29.876361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.877009] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.877735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.878262] ? __kthread_parkme+0x82/0x160 [ 29.878581] ? preempt_count_sub+0x50/0x80 [ 29.879173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.879856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.880435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.881031] kthread+0x257/0x310 [ 29.881388] ? __pfx_kthread+0x10/0x10 [ 29.881928] ret_from_fork+0x41/0x80 [ 29.883245] ? __pfx_kthread+0x10/0x10 [ 29.884336] ret_from_fork_asm+0x1a/0x30 [ 29.884687] </TASK> [ 29.884906] [ 29.885061] Allocated by task 273: [ 29.886603] kasan_save_stack+0x3d/0x60 [ 29.886973] kasan_save_track+0x18/0x40 [ 29.887323] kasan_save_alloc_info+0x3b/0x50 [ 29.888225] __kasan_kmalloc+0xb7/0xc0 [ 29.888649] __kmalloc_cache_noprof+0x184/0x410 [ 29.889219] kasan_atomics+0x96/0x310 [ 29.889744] kunit_try_run_case+0x1b3/0x490 [ 29.890194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.890879] kthread+0x257/0x310 [ 29.891334] ret_from_fork+0x41/0x80 [ 29.891561] ret_from_fork_asm+0x1a/0x30 [ 29.892016] [ 29.892277] The buggy address belongs to the object at ffff888101abdc80 [ 29.892277] which belongs to the cache kmalloc-64 of size 64 [ 29.893080] The buggy address is located 0 bytes to the right of [ 29.893080] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.894085] [ 29.894312] The buggy address belongs to the physical page: [ 29.894878] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.895479] flags: 0x200000000000000(node=0|zone=2) [ 29.895955] page_type: f5(slab) [ 29.896198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.896913] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.897631] page dumped because: kasan: bad access detected [ 29.898068] [ 29.898225] Memory state around the buggy address: [ 29.898612] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.899293] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.899890] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.900551] ^ [ 29.901070] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.901496] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.902151] ================================================================== [ 31.520143] ================================================================== [ 31.520883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 31.521492] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.521911] [ 31.522189] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.523077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.523582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.524117] Call Trace: [ 31.524394] <TASK> [ 31.524703] dump_stack_lvl+0x73/0xb0 [ 31.525187] print_report+0xd1/0x640 [ 31.525604] ? __virt_addr_valid+0x1db/0x2d0 [ 31.526093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.526549] kasan_report+0x102/0x140 [ 31.527011] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.527579] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.527967] kasan_check_range+0x10c/0x1c0 [ 31.528513] __kasan_check_write+0x18/0x20 [ 31.528969] kasan_atomics_helper+0x1eab/0x5450 [ 31.529557] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.529944] ? ret_from_fork_asm+0x1a/0x30 [ 31.530415] ? ret_from_fork+0x41/0x80 [ 31.530921] kasan_atomics+0x1dd/0x310 [ 31.531328] ? __pfx_kasan_atomics+0x10/0x10 [ 31.531846] ? __pfx_read_tsc+0x10/0x10 [ 31.532174] ? ktime_get_ts64+0x84/0x230 [ 31.532623] kunit_try_run_case+0x1b3/0x490 [ 31.533074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.533467] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.534026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.534469] ? __kthread_parkme+0x82/0x160 [ 31.534841] ? preempt_count_sub+0x50/0x80 [ 31.535304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.535792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.536220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.536565] kthread+0x257/0x310 [ 31.536847] ? __pfx_kthread+0x10/0x10 [ 31.537304] ret_from_fork+0x41/0x80 [ 31.537722] ? __pfx_kthread+0x10/0x10 [ 31.538285] ret_from_fork_asm+0x1a/0x30 [ 31.538754] </TASK> [ 31.539093] [ 31.539372] Allocated by task 273: [ 31.539718] kasan_save_stack+0x3d/0x60 [ 31.540844] kasan_save_track+0x18/0x40 [ 31.541261] kasan_save_alloc_info+0x3b/0x50 [ 31.541664] __kasan_kmalloc+0xb7/0xc0 [ 31.542030] __kmalloc_cache_noprof+0x184/0x410 [ 31.543530] kasan_atomics+0x96/0x310 [ 31.543999] kunit_try_run_case+0x1b3/0x490 [ 31.545386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.545984] kthread+0x257/0x310 [ 31.547148] ret_from_fork+0x41/0x80 [ 31.547638] ret_from_fork_asm+0x1a/0x30 [ 31.548007] [ 31.548187] The buggy address belongs to the object at ffff888101abdc80 [ 31.548187] which belongs to the cache kmalloc-64 of size 64 [ 31.550238] The buggy address is located 0 bytes to the right of [ 31.550238] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.551849] [ 31.552033] The buggy address belongs to the physical page: [ 31.553007] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.553439] flags: 0x200000000000000(node=0|zone=2) [ 31.553999] page_type: f5(slab) [ 31.554360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.554937] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.555420] page dumped because: kasan: bad access detected [ 31.555983] [ 31.556192] Memory state around the buggy address: [ 31.556480] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.557201] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.557697] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.558523] ^ [ 31.558962] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.559786] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.560276] ================================================================== [ 31.646375] ================================================================== [ 31.646993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 31.647618] Write of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.648335] [ 31.648596] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.649461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.649889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.650612] Call Trace: [ 31.650941] <TASK> [ 31.651305] dump_stack_lvl+0x73/0xb0 [ 31.651653] print_report+0xd1/0x640 [ 31.652092] ? __virt_addr_valid+0x1db/0x2d0 [ 31.652623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.652993] kasan_report+0x102/0x140 [ 31.653504] ? kasan_atomics_helper+0x2007/0x5450 [ 31.654043] ? kasan_atomics_helper+0x2007/0x5450 [ 31.654596] kasan_check_range+0x10c/0x1c0 [ 31.655072] __kasan_check_write+0x18/0x20 [ 31.655572] kasan_atomics_helper+0x2007/0x5450 [ 31.655999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.656555] ? ret_from_fork_asm+0x1a/0x30 [ 31.657062] ? ret_from_fork+0x41/0x80 [ 31.657410] kasan_atomics+0x1dd/0x310 [ 31.657898] ? __pfx_kasan_atomics+0x10/0x10 [ 31.658402] ? __pfx_read_tsc+0x10/0x10 [ 31.658791] ? ktime_get_ts64+0x84/0x230 [ 31.659285] kunit_try_run_case+0x1b3/0x490 [ 31.659788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.660224] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.660660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.661127] ? __kthread_parkme+0x82/0x160 [ 31.661649] ? preempt_count_sub+0x50/0x80 [ 31.662094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.662554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.662940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.663325] kthread+0x257/0x310 [ 31.663589] ? __pfx_kthread+0x10/0x10 [ 31.663885] ret_from_fork+0x41/0x80 [ 31.664382] ? __pfx_kthread+0x10/0x10 [ 31.664829] ret_from_fork_asm+0x1a/0x30 [ 31.665322] </TASK> [ 31.665615] [ 31.665851] Allocated by task 273: [ 31.666233] kasan_save_stack+0x3d/0x60 [ 31.666740] kasan_save_track+0x18/0x40 [ 31.667210] kasan_save_alloc_info+0x3b/0x50 [ 31.667742] __kasan_kmalloc+0xb7/0xc0 [ 31.668172] __kmalloc_cache_noprof+0x184/0x410 [ 31.668707] kasan_atomics+0x96/0x310 [ 31.669185] kunit_try_run_case+0x1b3/0x490 [ 31.669633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.669991] kthread+0x257/0x310 [ 31.670233] ret_from_fork+0x41/0x80 [ 31.670534] ret_from_fork_asm+0x1a/0x30 [ 31.670978] [ 31.671274] The buggy address belongs to the object at ffff888101abdc80 [ 31.671274] which belongs to the cache kmalloc-64 of size 64 [ 31.672400] The buggy address is located 0 bytes to the right of [ 31.672400] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.673485] [ 31.673652] The buggy address belongs to the physical page: [ 31.674089] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.674886] flags: 0x200000000000000(node=0|zone=2) [ 31.675427] page_type: f5(slab) [ 31.675769] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.676181] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.676930] page dumped because: kasan: bad access detected [ 31.677487] [ 31.677709] Memory state around the buggy address: [ 31.678293] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.678766] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.679574] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.680036] ^ [ 31.680576] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.681072] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.681629] ================================================================== [ 30.015634] ================================================================== [ 30.016754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 30.020001] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.020784] [ 30.020998] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.021493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.021749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.022550] Call Trace: [ 30.022962] <TASK> [ 30.023340] dump_stack_lvl+0x73/0xb0 [ 30.023792] print_report+0xd1/0x640 [ 30.024245] ? __virt_addr_valid+0x1db/0x2d0 [ 30.024746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.025339] kasan_report+0x102/0x140 [ 30.025680] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.026036] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.026425] __asan_report_load4_noabort+0x18/0x20 [ 30.026943] kasan_atomics_helper+0x4a86/0x5450 [ 30.027477] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.028024] ? ret_from_fork_asm+0x1a/0x30 [ 30.028528] ? ret_from_fork+0x41/0x80 [ 30.028920] kasan_atomics+0x1dd/0x310 [ 30.029209] ? __pfx_kasan_atomics+0x10/0x10 [ 30.029681] ? __pfx_read_tsc+0x10/0x10 [ 30.030157] ? ktime_get_ts64+0x84/0x230 [ 30.030751] kunit_try_run_case+0x1b3/0x490 [ 30.031177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.031705] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.032090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.032579] ? __kthread_parkme+0x82/0x160 [ 30.033081] ? preempt_count_sub+0x50/0x80 [ 30.033444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.033755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.034142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.034481] kthread+0x257/0x310 [ 30.034731] ? __pfx_kthread+0x10/0x10 [ 30.035242] ret_from_fork+0x41/0x80 [ 30.035650] ? __pfx_kthread+0x10/0x10 [ 30.036237] ret_from_fork_asm+0x1a/0x30 [ 30.036701] </TASK> [ 30.037056] [ 30.037315] Allocated by task 273: [ 30.037705] kasan_save_stack+0x3d/0x60 [ 30.038193] kasan_save_track+0x18/0x40 [ 30.038646] kasan_save_alloc_info+0x3b/0x50 [ 30.039108] __kasan_kmalloc+0xb7/0xc0 [ 30.039613] __kmalloc_cache_noprof+0x184/0x410 [ 30.040111] kasan_atomics+0x96/0x310 [ 30.040623] kunit_try_run_case+0x1b3/0x490 [ 30.041080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.041408] kthread+0x257/0x310 [ 30.041646] ret_from_fork+0x41/0x80 [ 30.041992] ret_from_fork_asm+0x1a/0x30 [ 30.042432] [ 30.042714] The buggy address belongs to the object at ffff888101abdc80 [ 30.042714] which belongs to the cache kmalloc-64 of size 64 [ 30.043993] The buggy address is located 0 bytes to the right of [ 30.043993] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.045399] [ 30.045566] The buggy address belongs to the physical page: [ 30.045886] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.046307] flags: 0x200000000000000(node=0|zone=2) [ 30.046603] page_type: f5(slab) [ 30.046862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.047567] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.048264] page dumped because: kasan: bad access detected [ 30.048768] [ 30.048961] Memory state around the buggy address: [ 30.049406] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.052096] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.052566] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.053020] ^ [ 30.055114] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.055742] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.057503] ================================================================== [ 29.446192] ================================================================== [ 29.447017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 29.448533] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 29.449513] [ 29.449807] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.450627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.451024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.451685] Call Trace: [ 29.451939] <TASK> [ 29.452254] dump_stack_lvl+0x73/0xb0 [ 29.452749] print_report+0xd1/0x640 [ 29.453191] ? __virt_addr_valid+0x1db/0x2d0 [ 29.453563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.453936] kasan_report+0x102/0x140 [ 29.454213] ? kasan_atomics_helper+0x4a1/0x5450 [ 29.454694] ? kasan_atomics_helper+0x4a1/0x5450 [ 29.455241] kasan_check_range+0x10c/0x1c0 [ 29.455810] __kasan_check_write+0x18/0x20 [ 29.456290] kasan_atomics_helper+0x4a1/0x5450 [ 29.456774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.457330] ? ret_from_fork_asm+0x1a/0x30 [ 29.457810] ? ret_from_fork+0x41/0x80 [ 29.458302] kasan_atomics+0x1dd/0x310 [ 29.458696] ? __pfx_kasan_atomics+0x10/0x10 [ 29.459031] ? __pfx_read_tsc+0x10/0x10 [ 29.459494] ? ktime_get_ts64+0x84/0x230 [ 29.460301] kunit_try_run_case+0x1b3/0x490 [ 29.460768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.461272] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.461752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.462116] ? __kthread_parkme+0x82/0x160 [ 29.462503] ? preempt_count_sub+0x50/0x80 [ 29.463139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.463758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.464303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.464845] kthread+0x257/0x310 [ 29.465236] ? __pfx_kthread+0x10/0x10 [ 29.465535] ret_from_fork+0x41/0x80 [ 29.465805] ? __pfx_kthread+0x10/0x10 [ 29.466423] ret_from_fork_asm+0x1a/0x30 [ 29.466966] </TASK> [ 29.467252] [ 29.467469] Allocated by task 273: [ 29.467703] kasan_save_stack+0x3d/0x60 [ 29.467999] kasan_save_track+0x18/0x40 [ 29.468485] kasan_save_alloc_info+0x3b/0x50 [ 29.468979] __kasan_kmalloc+0xb7/0xc0 [ 29.469413] __kmalloc_cache_noprof+0x184/0x410 [ 29.469945] kasan_atomics+0x96/0x310 [ 29.470405] kunit_try_run_case+0x1b3/0x490 [ 29.470721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.471236] kthread+0x257/0x310 [ 29.471631] ret_from_fork+0x41/0x80 [ 29.471959] ret_from_fork_asm+0x1a/0x30 [ 29.472471] [ 29.472669] The buggy address belongs to the object at ffff888101abdc80 [ 29.472669] which belongs to the cache kmalloc-64 of size 64 [ 29.473420] The buggy address is located 0 bytes to the right of [ 29.473420] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 29.474559] [ 29.474836] The buggy address belongs to the physical page: [ 29.475178] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 29.475779] flags: 0x200000000000000(node=0|zone=2) [ 29.476106] page_type: f5(slab) [ 29.476349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.476737] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.477427] page dumped because: kasan: bad access detected [ 29.478043] [ 29.478275] Memory state around the buggy address: [ 29.478969] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.479717] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.480418] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.480919] ^ [ 29.481439] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.481808] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.482539] ================================================================== [ 30.152300] ================================================================== [ 30.153210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 30.154072] Write of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.154972] [ 30.155384] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.156528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.157000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.158013] Call Trace: [ 30.158293] <TASK> [ 30.158527] dump_stack_lvl+0x73/0xb0 [ 30.158962] print_report+0xd1/0x640 [ 30.160681] ? __virt_addr_valid+0x1db/0x2d0 [ 30.161093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.162191] kasan_report+0x102/0x140 [ 30.162560] ? kasan_atomics_helper+0xe79/0x5450 [ 30.163134] ? kasan_atomics_helper+0xe79/0x5450 [ 30.163771] kasan_check_range+0x10c/0x1c0 [ 30.164450] __kasan_check_write+0x18/0x20 [ 30.164875] kasan_atomics_helper+0xe79/0x5450 [ 30.165920] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.166613] ? ret_from_fork_asm+0x1a/0x30 [ 30.166857] ? ret_from_fork+0x41/0x80 [ 30.167033] kasan_atomics+0x1dd/0x310 [ 30.167187] ? __pfx_kasan_atomics+0x10/0x10 [ 30.167813] ? __pfx_read_tsc+0x10/0x10 [ 30.168328] ? ktime_get_ts64+0x84/0x230 [ 30.168775] kunit_try_run_case+0x1b3/0x490 [ 30.169278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.169740] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.170466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.171069] ? __kthread_parkme+0x82/0x160 [ 30.171658] ? preempt_count_sub+0x50/0x80 [ 30.172201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.172850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.173498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.173922] kthread+0x257/0x310 [ 30.174345] ? __pfx_kthread+0x10/0x10 [ 30.174785] ret_from_fork+0x41/0x80 [ 30.175202] ? __pfx_kthread+0x10/0x10 [ 30.175646] ret_from_fork_asm+0x1a/0x30 [ 30.176152] </TASK> [ 30.176515] [ 30.176742] Allocated by task 273: [ 30.177206] kasan_save_stack+0x3d/0x60 [ 30.177684] kasan_save_track+0x18/0x40 [ 30.178032] kasan_save_alloc_info+0x3b/0x50 [ 30.178533] __kasan_kmalloc+0xb7/0xc0 [ 30.178956] __kmalloc_cache_noprof+0x184/0x410 [ 30.179410] kasan_atomics+0x96/0x310 [ 30.179756] kunit_try_run_case+0x1b3/0x490 [ 30.180230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.180806] kthread+0x257/0x310 [ 30.181200] ret_from_fork+0x41/0x80 [ 30.181640] ret_from_fork_asm+0x1a/0x30 [ 30.182034] [ 30.182195] The buggy address belongs to the object at ffff888101abdc80 [ 30.182195] which belongs to the cache kmalloc-64 of size 64 [ 30.183320] The buggy address is located 0 bytes to the right of [ 30.183320] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.184195] [ 30.184501] The buggy address belongs to the physical page: [ 30.184866] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.185456] flags: 0x200000000000000(node=0|zone=2) [ 30.185853] page_type: f5(slab) [ 30.186236] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.186998] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.187706] page dumped because: kasan: bad access detected [ 30.188097] [ 30.188404] Memory state around the buggy address: [ 30.188872] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.189382] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.189862] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.190583] ^ [ 30.191074] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.191707] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.192194] ================================================================== [ 30.276094] ================================================================== [ 30.277376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 30.278017] Read of size 4 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 30.278598] [ 30.279133] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 30.280371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.281006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.281607] Call Trace: [ 30.281937] <TASK> [ 30.282200] dump_stack_lvl+0x73/0xb0 [ 30.282595] print_report+0xd1/0x640 [ 30.282972] ? __virt_addr_valid+0x1db/0x2d0 [ 30.283420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.283991] kasan_report+0x102/0x140 [ 30.284386] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.284808] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.285669] __asan_report_load4_noabort+0x18/0x20 [ 30.286182] kasan_atomics_helper+0x4a38/0x5450 [ 30.286950] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.287631] ? ret_from_fork_asm+0x1a/0x30 [ 30.288064] ? ret_from_fork+0x41/0x80 [ 30.288755] kasan_atomics+0x1dd/0x310 [ 30.289571] ? __pfx_kasan_atomics+0x10/0x10 [ 30.290002] ? __pfx_read_tsc+0x10/0x10 [ 30.290958] ? ktime_get_ts64+0x84/0x230 [ 30.291520] kunit_try_run_case+0x1b3/0x490 [ 30.291966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.292481] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.292908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.293396] ? __kthread_parkme+0x82/0x160 [ 30.294191] ? preempt_count_sub+0x50/0x80 [ 30.294530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.294983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.296130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.296947] kthread+0x257/0x310 [ 30.297444] ? __pfx_kthread+0x10/0x10 [ 30.297715] ret_from_fork+0x41/0x80 [ 30.298183] ? __pfx_kthread+0x10/0x10 [ 30.298547] ret_from_fork_asm+0x1a/0x30 [ 30.299415] </TASK> [ 30.299712] [ 30.299940] Allocated by task 273: [ 30.300265] kasan_save_stack+0x3d/0x60 [ 30.300631] kasan_save_track+0x18/0x40 [ 30.301799] kasan_save_alloc_info+0x3b/0x50 [ 30.302160] __kasan_kmalloc+0xb7/0xc0 [ 30.303102] __kmalloc_cache_noprof+0x184/0x410 [ 30.303624] kasan_atomics+0x96/0x310 [ 30.303995] kunit_try_run_case+0x1b3/0x490 [ 30.304856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.305211] kthread+0x257/0x310 [ 30.305847] ret_from_fork+0x41/0x80 [ 30.306120] ret_from_fork_asm+0x1a/0x30 [ 30.306641] [ 30.306810] The buggy address belongs to the object at ffff888101abdc80 [ 30.306810] which belongs to the cache kmalloc-64 of size 64 [ 30.307791] The buggy address is located 0 bytes to the right of [ 30.307791] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 30.308970] [ 30.309444] The buggy address belongs to the physical page: [ 30.309980] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 30.311489] flags: 0x200000000000000(node=0|zone=2) [ 30.311934] page_type: f5(slab) [ 30.312247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.312915] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.314057] page dumped because: kasan: bad access detected [ 30.314856] [ 30.315330] Memory state around the buggy address: [ 30.315974] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.316636] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.317450] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.318153] ^ [ 30.318755] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.319566] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.320335] ================================================================== [ 31.768149] ================================================================== [ 31.768837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 31.769758] Read of size 8 at addr ffff888101abdcb0 by task kunit_try_catch/273 [ 31.770212] [ 31.770398] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.771130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.771549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.772332] Call Trace: [ 31.772591] <TASK> [ 31.772795] dump_stack_lvl+0x73/0xb0 [ 31.773291] print_report+0xd1/0x640 [ 31.773881] ? __virt_addr_valid+0x1db/0x2d0 [ 31.774443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.774802] kasan_report+0x102/0x140 [ 31.775233] ? kasan_atomics_helper+0x4fb4/0x5450 [ 31.775741] ? kasan_atomics_helper+0x4fb4/0x5450 [ 31.776334] __asan_report_load8_noabort+0x18/0x20 [ 31.776897] kasan_atomics_helper+0x4fb4/0x5450 [ 31.777431] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.777777] ? ret_from_fork_asm+0x1a/0x30 [ 31.778508] ? ret_from_fork+0x41/0x80 [ 31.780337] kasan_atomics+0x1dd/0x310 [ 31.781070] ? __pfx_kasan_atomics+0x10/0x10 [ 31.782206] ? __pfx_read_tsc+0x10/0x10 [ 31.782975] ? ktime_get_ts64+0x84/0x230 [ 31.783460] kunit_try_run_case+0x1b3/0x490 [ 31.783918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.784229] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.784752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.785250] ? __kthread_parkme+0x82/0x160 [ 31.785923] ? preempt_count_sub+0x50/0x80 [ 31.786848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.787247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.787608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.788100] kthread+0x257/0x310 [ 31.789140] ? __pfx_kthread+0x10/0x10 [ 31.789729] ret_from_fork+0x41/0x80 [ 31.790168] ? __pfx_kthread+0x10/0x10 [ 31.790465] ret_from_fork_asm+0x1a/0x30 [ 31.790979] </TASK> [ 31.791234] [ 31.791489] Allocated by task 273: [ 31.791857] kasan_save_stack+0x3d/0x60 [ 31.792283] kasan_save_track+0x18/0x40 [ 31.792665] kasan_save_alloc_info+0x3b/0x50 [ 31.792983] __kasan_kmalloc+0xb7/0xc0 [ 31.793383] __kmalloc_cache_noprof+0x184/0x410 [ 31.793884] kasan_atomics+0x96/0x310 [ 31.794319] kunit_try_run_case+0x1b3/0x490 [ 31.794720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.795069] kthread+0x257/0x310 [ 31.795480] ret_from_fork+0x41/0x80 [ 31.795925] ret_from_fork_asm+0x1a/0x30 [ 31.796426] [ 31.796646] The buggy address belongs to the object at ffff888101abdc80 [ 31.796646] which belongs to the cache kmalloc-64 of size 64 [ 31.797380] The buggy address is located 0 bytes to the right of [ 31.797380] allocated 48-byte region [ffff888101abdc80, ffff888101abdcb0) [ 31.798097] [ 31.798327] The buggy address belongs to the physical page: [ 31.798874] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abd [ 31.799847] flags: 0x200000000000000(node=0|zone=2) [ 31.800335] page_type: f5(slab) [ 31.800596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.801207] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.801588] page dumped because: kasan: bad access detected [ 31.802173] [ 31.802425] Memory state around the buggy address: [ 31.802937] ffff888101abdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.803661] ffff888101abdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.804060] >ffff888101abdc80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.804561] ^ [ 31.805077] ffff888101abdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.805974] ffff888101abdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.806509] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 28.840533] ================================================================== [ 28.842343] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.843045] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.843427] [ 28.843667] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.844518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.844801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.845395] Call Trace: [ 28.845605] <TASK> [ 28.845812] dump_stack_lvl+0x73/0xb0 [ 28.846352] print_report+0xd1/0x640 [ 28.846801] ? __virt_addr_valid+0x1db/0x2d0 [ 28.847294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.847733] kasan_report+0x102/0x140 [ 28.848077] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.848912] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.849305] kasan_check_range+0x10c/0x1c0 [ 28.849761] __kasan_check_write+0x18/0x20 [ 28.850136] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.850765] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.851414] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.851717] ? trace_hardirqs_on+0x37/0xe0 [ 28.852155] ? kasan_bitops_generic+0x93/0x1c0 [ 28.852695] kasan_bitops_generic+0x122/0x1c0 [ 28.853172] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.853577] ? __pfx_read_tsc+0x10/0x10 [ 28.853880] ? ktime_get_ts64+0x84/0x230 [ 28.854294] kunit_try_run_case+0x1b3/0x490 [ 28.854804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.855318] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.855729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.856072] ? __kthread_parkme+0x82/0x160 [ 28.856358] ? preempt_count_sub+0x50/0x80 [ 28.856651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.858965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.859551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.860170] kthread+0x257/0x310 [ 28.860549] ? __pfx_kthread+0x10/0x10 [ 28.861900] ret_from_fork+0x41/0x80 [ 28.862909] ? __pfx_kthread+0x10/0x10 [ 28.864073] ret_from_fork_asm+0x1a/0x30 [ 28.864478] </TASK> [ 28.864949] [ 28.865289] Allocated by task 269: [ 28.865696] kasan_save_stack+0x3d/0x60 [ 28.866330] kasan_save_track+0x18/0x40 [ 28.866866] kasan_save_alloc_info+0x3b/0x50 [ 28.867464] __kasan_kmalloc+0xb7/0xc0 [ 28.867886] __kmalloc_cache_noprof+0x184/0x410 [ 28.868348] kasan_bitops_generic+0x93/0x1c0 [ 28.868746] kunit_try_run_case+0x1b3/0x490 [ 28.869583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.870135] kthread+0x257/0x310 [ 28.871135] ret_from_fork+0x41/0x80 [ 28.871506] ret_from_fork_asm+0x1a/0x30 [ 28.871948] [ 28.872160] The buggy address belongs to the object at ffff888100f9bce0 [ 28.872160] which belongs to the cache kmalloc-16 of size 16 [ 28.873069] The buggy address is located 8 bytes inside of [ 28.873069] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.873850] [ 28.874080] The buggy address belongs to the physical page: [ 28.874564] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.875321] flags: 0x200000000000000(node=0|zone=2) [ 28.875812] page_type: f5(slab) [ 28.876173] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.876765] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.877325] page dumped because: kasan: bad access detected [ 28.877890] [ 28.878184] Memory state around the buggy address: [ 28.878615] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.879143] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.879607] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.880297] ^ [ 28.880874] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.881336] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.882010] ================================================================== [ 28.921765] ================================================================== [ 28.922531] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.923371] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.924071] [ 28.924354] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.925296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.925711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.926616] Call Trace: [ 28.926952] <TASK> [ 28.927231] dump_stack_lvl+0x73/0xb0 [ 28.927671] print_report+0xd1/0x640 [ 28.928022] ? __virt_addr_valid+0x1db/0x2d0 [ 28.928491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.928944] kasan_report+0x102/0x140 [ 28.929414] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.930050] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.930780] kasan_check_range+0x10c/0x1c0 [ 28.931338] __kasan_check_write+0x18/0x20 [ 28.931771] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.932449] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.933154] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.934709] ? trace_hardirqs_on+0x37/0xe0 [ 28.935206] ? kasan_bitops_generic+0x93/0x1c0 [ 28.936241] kasan_bitops_generic+0x122/0x1c0 [ 28.936732] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.937116] ? __pfx_read_tsc+0x10/0x10 [ 28.937391] ? ktime_get_ts64+0x84/0x230 [ 28.937792] kunit_try_run_case+0x1b3/0x490 [ 28.938456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.939524] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.940148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.940518] ? __kthread_parkme+0x82/0x160 [ 28.941082] ? preempt_count_sub+0x50/0x80 [ 28.941573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.942382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.943042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.943388] kthread+0x257/0x310 [ 28.943634] ? __pfx_kthread+0x10/0x10 [ 28.944054] ret_from_fork+0x41/0x80 [ 28.944614] ? __pfx_kthread+0x10/0x10 [ 28.945201] ret_from_fork_asm+0x1a/0x30 [ 28.945770] </TASK> [ 28.946176] [ 28.946521] Allocated by task 269: [ 28.947069] kasan_save_stack+0x3d/0x60 [ 28.947532] kasan_save_track+0x18/0x40 [ 28.948063] kasan_save_alloc_info+0x3b/0x50 [ 28.948789] __kasan_kmalloc+0xb7/0xc0 [ 28.949397] __kmalloc_cache_noprof+0x184/0x410 [ 28.950035] kasan_bitops_generic+0x93/0x1c0 [ 28.950627] kunit_try_run_case+0x1b3/0x490 [ 28.951154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.952043] kthread+0x257/0x310 [ 28.952498] ret_from_fork+0x41/0x80 [ 28.952810] ret_from_fork_asm+0x1a/0x30 [ 28.953237] [ 28.953499] The buggy address belongs to the object at ffff888100f9bce0 [ 28.953499] which belongs to the cache kmalloc-16 of size 16 [ 28.954391] The buggy address is located 8 bytes inside of [ 28.954391] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.955335] [ 28.955594] The buggy address belongs to the physical page: [ 28.956039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.956734] flags: 0x200000000000000(node=0|zone=2) [ 28.957202] page_type: f5(slab) [ 28.957605] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.958300] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.958943] page dumped because: kasan: bad access detected [ 28.959241] [ 28.959500] Memory state around the buggy address: [ 28.960009] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.960649] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.961366] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.961940] ^ [ 28.962503] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.963097] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.963634] ================================================================== [ 29.002630] ================================================================== [ 29.004485] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.005367] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 29.006053] [ 29.006367] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.007036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.007510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.008107] Call Trace: [ 29.008503] <TASK> [ 29.008729] dump_stack_lvl+0x73/0xb0 [ 29.009229] print_report+0xd1/0x640 [ 29.009620] ? __virt_addr_valid+0x1db/0x2d0 [ 29.009961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.010348] kasan_report+0x102/0x140 [ 29.010622] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.011161] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.011868] kasan_check_range+0x10c/0x1c0 [ 29.012406] __kasan_check_write+0x18/0x20 [ 29.012871] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.013548] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.014223] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.014782] ? trace_hardirqs_on+0x37/0xe0 [ 29.015280] ? kasan_bitops_generic+0x93/0x1c0 [ 29.015740] kasan_bitops_generic+0x122/0x1c0 [ 29.016240] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.016794] ? __pfx_read_tsc+0x10/0x10 [ 29.017096] ? ktime_get_ts64+0x84/0x230 [ 29.017431] kunit_try_run_case+0x1b3/0x490 [ 29.017725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.018059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.018485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.019089] ? __kthread_parkme+0x82/0x160 [ 29.019615] ? preempt_count_sub+0x50/0x80 [ 29.020155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.020677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.021341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.021915] kthread+0x257/0x310 [ 29.022385] ? __pfx_kthread+0x10/0x10 [ 29.022795] ret_from_fork+0x41/0x80 [ 29.023223] ? __pfx_kthread+0x10/0x10 [ 29.023716] ret_from_fork_asm+0x1a/0x30 [ 29.024187] </TASK> [ 29.024535] [ 29.024780] Allocated by task 269: [ 29.025068] kasan_save_stack+0x3d/0x60 [ 29.025378] kasan_save_track+0x18/0x40 [ 29.025634] kasan_save_alloc_info+0x3b/0x50 [ 29.026027] __kasan_kmalloc+0xb7/0xc0 [ 29.026437] __kmalloc_cache_noprof+0x184/0x410 [ 29.026919] kasan_bitops_generic+0x93/0x1c0 [ 29.027389] kunit_try_run_case+0x1b3/0x490 [ 29.029865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.030470] kthread+0x257/0x310 [ 29.030859] ret_from_fork+0x41/0x80 [ 29.031262] ret_from_fork_asm+0x1a/0x30 [ 29.031560] [ 29.031709] The buggy address belongs to the object at ffff888100f9bce0 [ 29.031709] which belongs to the cache kmalloc-16 of size 16 [ 29.034774] The buggy address is located 8 bytes inside of [ 29.034774] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 29.036053] [ 29.036285] The buggy address belongs to the physical page: [ 29.038947] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 29.039489] flags: 0x200000000000000(node=0|zone=2) [ 29.039908] page_type: f5(slab) [ 29.040438] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.041230] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.041760] page dumped because: kasan: bad access detected [ 29.042237] [ 29.042463] Memory state around the buggy address: [ 29.042943] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.043334] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.043957] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.044510] ^ [ 29.045166] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.045539] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.046179] ================================================================== [ 29.047810] ================================================================== [ 29.048397] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.049168] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 29.049855] [ 29.050114] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.051157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.051467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.052598] Call Trace: [ 29.052944] <TASK> [ 29.053223] dump_stack_lvl+0x73/0xb0 [ 29.053648] print_report+0xd1/0x640 [ 29.054026] ? __virt_addr_valid+0x1db/0x2d0 [ 29.054855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.055496] kasan_report+0x102/0x140 [ 29.055774] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.056189] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.056987] kasan_check_range+0x10c/0x1c0 [ 29.057655] __kasan_check_write+0x18/0x20 [ 29.058119] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.058880] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.059840] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.060472] ? trace_hardirqs_on+0x37/0xe0 [ 29.061000] ? kasan_bitops_generic+0x93/0x1c0 [ 29.061707] kasan_bitops_generic+0x122/0x1c0 [ 29.062418] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.062799] ? __pfx_read_tsc+0x10/0x10 [ 29.063290] ? ktime_get_ts64+0x84/0x230 [ 29.063780] kunit_try_run_case+0x1b3/0x490 [ 29.064301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.065048] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.065452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.066121] ? __kthread_parkme+0x82/0x160 [ 29.066776] ? preempt_count_sub+0x50/0x80 [ 29.067318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.068020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.068778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.069498] kthread+0x257/0x310 [ 29.069786] ? __pfx_kthread+0x10/0x10 [ 29.070232] ret_from_fork+0x41/0x80 [ 29.070573] ? __pfx_kthread+0x10/0x10 [ 29.070945] ret_from_fork_asm+0x1a/0x30 [ 29.071936] </TASK> [ 29.072139] [ 29.072279] Allocated by task 269: [ 29.072423] kasan_save_stack+0x3d/0x60 [ 29.072574] kasan_save_track+0x18/0x40 [ 29.072714] kasan_save_alloc_info+0x3b/0x50 [ 29.073592] __kasan_kmalloc+0xb7/0xc0 [ 29.074483] __kmalloc_cache_noprof+0x184/0x410 [ 29.074924] kasan_bitops_generic+0x93/0x1c0 [ 29.075844] kunit_try_run_case+0x1b3/0x490 [ 29.076286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.076753] kthread+0x257/0x310 [ 29.077068] ret_from_fork+0x41/0x80 [ 29.077422] ret_from_fork_asm+0x1a/0x30 [ 29.077789] [ 29.078992] The buggy address belongs to the object at ffff888100f9bce0 [ 29.078992] which belongs to the cache kmalloc-16 of size 16 [ 29.080442] The buggy address is located 8 bytes inside of [ 29.080442] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 29.081265] [ 29.081488] The buggy address belongs to the physical page: [ 29.082191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 29.082644] flags: 0x200000000000000(node=0|zone=2) [ 29.083110] page_type: f5(slab) [ 29.083495] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.084444] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.084958] page dumped because: kasan: bad access detected [ 29.085439] [ 29.085737] Memory state around the buggy address: [ 29.086102] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.086465] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.087098] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.087664] ^ [ 29.088351] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.088981] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.089857] ================================================================== [ 29.092740] ================================================================== [ 29.093666] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.094335] Read of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 29.094892] [ 29.095065] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.095932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.096364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.097352] Call Trace: [ 29.097557] <TASK> [ 29.097747] dump_stack_lvl+0x73/0xb0 [ 29.098449] print_report+0xd1/0x640 [ 29.098904] ? __virt_addr_valid+0x1db/0x2d0 [ 29.099401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.099914] kasan_report+0x102/0x140 [ 29.100299] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.100954] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.101518] kasan_check_range+0x10c/0x1c0 [ 29.101814] __kasan_check_read+0x15/0x20 [ 29.102132] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.102739] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.103468] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.103982] ? trace_hardirqs_on+0x37/0xe0 [ 29.104386] ? kasan_bitops_generic+0x93/0x1c0 [ 29.105790] kasan_bitops_generic+0x122/0x1c0 [ 29.106668] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.107181] ? __pfx_read_tsc+0x10/0x10 [ 29.108063] ? ktime_get_ts64+0x84/0x230 [ 29.108591] kunit_try_run_case+0x1b3/0x490 [ 29.109054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.109883] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.110470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.110945] ? __kthread_parkme+0x82/0x160 [ 29.111414] ? preempt_count_sub+0x50/0x80 [ 29.111788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.112300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.112781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.113249] kthread+0x257/0x310 [ 29.113676] ? __pfx_kthread+0x10/0x10 [ 29.114045] ret_from_fork+0x41/0x80 [ 29.114608] ? __pfx_kthread+0x10/0x10 [ 29.115004] ret_from_fork_asm+0x1a/0x30 [ 29.115309] </TASK> [ 29.115591] [ 29.115804] Allocated by task 269: [ 29.116194] kasan_save_stack+0x3d/0x60 [ 29.116615] kasan_save_track+0x18/0x40 [ 29.116945] kasan_save_alloc_info+0x3b/0x50 [ 29.117507] __kasan_kmalloc+0xb7/0xc0 [ 29.117804] __kmalloc_cache_noprof+0x184/0x410 [ 29.118346] kasan_bitops_generic+0x93/0x1c0 [ 29.118634] kunit_try_run_case+0x1b3/0x490 [ 29.118947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.119307] kthread+0x257/0x310 [ 29.119678] ret_from_fork+0x41/0x80 [ 29.120081] ret_from_fork_asm+0x1a/0x30 [ 29.120707] [ 29.121016] The buggy address belongs to the object at ffff888100f9bce0 [ 29.121016] which belongs to the cache kmalloc-16 of size 16 [ 29.122364] The buggy address is located 8 bytes inside of [ 29.122364] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 29.123366] [ 29.123561] The buggy address belongs to the physical page: [ 29.124059] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 29.124698] flags: 0x200000000000000(node=0|zone=2) [ 29.125022] page_type: f5(slab) [ 29.125262] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.125644] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.126328] page dumped because: kasan: bad access detected [ 29.126907] [ 29.127236] Memory state around the buggy address: [ 29.127875] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.128590] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.129292] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.129784] ^ [ 29.130262] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.130803] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.131180] ================================================================== [ 28.883217] ================================================================== [ 28.883918] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.884699] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.885806] [ 28.886126] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.886766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.887161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.887993] Call Trace: [ 28.888384] <TASK> [ 28.888593] dump_stack_lvl+0x73/0xb0 [ 28.888944] print_report+0xd1/0x640 [ 28.889352] ? __virt_addr_valid+0x1db/0x2d0 [ 28.889717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.890376] kasan_report+0x102/0x140 [ 28.890782] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.891475] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.892121] kasan_check_range+0x10c/0x1c0 [ 28.892625] __kasan_check_write+0x18/0x20 [ 28.893138] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.893760] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.894324] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.894817] ? trace_hardirqs_on+0x37/0xe0 [ 28.895214] ? kasan_bitops_generic+0x93/0x1c0 [ 28.895724] kasan_bitops_generic+0x122/0x1c0 [ 28.896161] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.896735] ? __pfx_read_tsc+0x10/0x10 [ 28.897131] ? ktime_get_ts64+0x84/0x230 [ 28.897634] kunit_try_run_case+0x1b3/0x490 [ 28.898166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.898545] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.899045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.899614] ? __kthread_parkme+0x82/0x160 [ 28.899991] ? preempt_count_sub+0x50/0x80 [ 28.900469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.900975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.901538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.902010] kthread+0x257/0x310 [ 28.902434] ? __pfx_kthread+0x10/0x10 [ 28.902873] ret_from_fork+0x41/0x80 [ 28.903351] ? __pfx_kthread+0x10/0x10 [ 28.903760] ret_from_fork_asm+0x1a/0x30 [ 28.904162] </TASK> [ 28.904467] [ 28.904683] Allocated by task 269: [ 28.904997] kasan_save_stack+0x3d/0x60 [ 28.905264] kasan_save_track+0x18/0x40 [ 28.905521] kasan_save_alloc_info+0x3b/0x50 [ 28.905797] __kasan_kmalloc+0xb7/0xc0 [ 28.906235] __kmalloc_cache_noprof+0x184/0x410 [ 28.906741] kasan_bitops_generic+0x93/0x1c0 [ 28.907214] kunit_try_run_case+0x1b3/0x490 [ 28.907701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.908243] kthread+0x257/0x310 [ 28.908651] ret_from_fork+0x41/0x80 [ 28.909027] ret_from_fork_asm+0x1a/0x30 [ 28.909493] [ 28.909714] The buggy address belongs to the object at ffff888100f9bce0 [ 28.909714] which belongs to the cache kmalloc-16 of size 16 [ 28.910793] The buggy address is located 8 bytes inside of [ 28.910793] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.911917] [ 28.912108] The buggy address belongs to the physical page: [ 28.912654] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.913201] flags: 0x200000000000000(node=0|zone=2) [ 28.913632] page_type: f5(slab) [ 28.914007] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.914716] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.915436] page dumped because: kasan: bad access detected [ 28.915966] [ 28.916179] Memory state around the buggy address: [ 28.916676] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.917422] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.918106] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.918611] ^ [ 28.919057] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.919588] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.920168] ================================================================== [ 29.132540] ================================================================== [ 29.133374] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.134929] Read of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 29.135812] [ 29.136018] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 29.139955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.140573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.141165] Call Trace: [ 29.141571] <TASK> [ 29.141947] dump_stack_lvl+0x73/0xb0 [ 29.142344] print_report+0xd1/0x640 [ 29.142764] ? __virt_addr_valid+0x1db/0x2d0 [ 29.143169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.143876] kasan_report+0x102/0x140 [ 29.144417] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.145203] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.146074] __asan_report_load8_noabort+0x18/0x20 [ 29.146718] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.147344] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.147991] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.148527] ? trace_hardirqs_on+0x37/0xe0 [ 29.149046] ? kasan_bitops_generic+0x93/0x1c0 [ 29.149578] kasan_bitops_generic+0x122/0x1c0 [ 29.150279] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.150698] ? __pfx_read_tsc+0x10/0x10 [ 29.151326] ? ktime_get_ts64+0x84/0x230 [ 29.151739] kunit_try_run_case+0x1b3/0x490 [ 29.152063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.152676] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.153325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.153650] ? __kthread_parkme+0x82/0x160 [ 29.154117] ? preempt_count_sub+0x50/0x80 [ 29.154694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.155201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.155859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.156485] kthread+0x257/0x310 [ 29.156749] ? __pfx_kthread+0x10/0x10 [ 29.157331] ret_from_fork+0x41/0x80 [ 29.157860] ? __pfx_kthread+0x10/0x10 [ 29.158417] ret_from_fork_asm+0x1a/0x30 [ 29.158890] </TASK> [ 29.159178] [ 29.159522] Allocated by task 269: [ 29.159876] kasan_save_stack+0x3d/0x60 [ 29.160451] kasan_save_track+0x18/0x40 [ 29.160713] kasan_save_alloc_info+0x3b/0x50 [ 29.161295] __kasan_kmalloc+0xb7/0xc0 [ 29.161708] __kmalloc_cache_noprof+0x184/0x410 [ 29.162195] kasan_bitops_generic+0x93/0x1c0 [ 29.162702] kunit_try_run_case+0x1b3/0x490 [ 29.163190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.163555] kthread+0x257/0x310 [ 29.163967] ret_from_fork+0x41/0x80 [ 29.164376] ret_from_fork_asm+0x1a/0x30 [ 29.164797] [ 29.165228] The buggy address belongs to the object at ffff888100f9bce0 [ 29.165228] which belongs to the cache kmalloc-16 of size 16 [ 29.166189] The buggy address is located 8 bytes inside of [ 29.166189] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 29.166944] [ 29.167286] The buggy address belongs to the physical page: [ 29.167802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 29.168507] flags: 0x200000000000000(node=0|zone=2) [ 29.168996] page_type: f5(slab) [ 29.169492] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.170102] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.170791] page dumped because: kasan: bad access detected [ 29.171206] [ 29.171546] Memory state around the buggy address: [ 29.172052] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.172474] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.173043] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.173781] ^ [ 29.174457] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.175171] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.175710] ================================================================== [ 28.793224] ================================================================== [ 28.793618] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.796315] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.796929] [ 28.797082] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.797529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.797759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.800539] Call Trace: [ 28.800732] <TASK> [ 28.800963] dump_stack_lvl+0x73/0xb0 [ 28.801228] print_report+0xd1/0x640 [ 28.801495] ? __virt_addr_valid+0x1db/0x2d0 [ 28.801769] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.804868] kasan_report+0x102/0x140 [ 28.805593] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.806336] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.807189] kasan_check_range+0x10c/0x1c0 [ 28.807878] __kasan_check_write+0x18/0x20 [ 28.808255] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.809093] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.809898] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.810269] ? trace_hardirqs_on+0x37/0xe0 [ 28.810701] ? kasan_bitops_generic+0x93/0x1c0 [ 28.811295] kasan_bitops_generic+0x122/0x1c0 [ 28.811852] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.812510] ? __pfx_read_tsc+0x10/0x10 [ 28.813058] ? ktime_get_ts64+0x84/0x230 [ 28.813575] kunit_try_run_case+0x1b3/0x490 [ 28.813919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.814545] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.815121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.815938] ? __kthread_parkme+0x82/0x160 [ 28.816458] ? preempt_count_sub+0x50/0x80 [ 28.816998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.817609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.818058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.818538] kthread+0x257/0x310 [ 28.818913] ? __pfx_kthread+0x10/0x10 [ 28.819358] ret_from_fork+0x41/0x80 [ 28.819817] ? __pfx_kthread+0x10/0x10 [ 28.820129] ret_from_fork_asm+0x1a/0x30 [ 28.820656] </TASK> [ 28.820971] [ 28.821173] Allocated by task 269: [ 28.821536] kasan_save_stack+0x3d/0x60 [ 28.821947] kasan_save_track+0x18/0x40 [ 28.822304] kasan_save_alloc_info+0x3b/0x50 [ 28.822775] __kasan_kmalloc+0xb7/0xc0 [ 28.823235] __kmalloc_cache_noprof+0x184/0x410 [ 28.823762] kasan_bitops_generic+0x93/0x1c0 [ 28.824374] kunit_try_run_case+0x1b3/0x490 [ 28.824683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.825283] kthread+0x257/0x310 [ 28.825612] ret_from_fork+0x41/0x80 [ 28.826002] ret_from_fork_asm+0x1a/0x30 [ 28.827488] [ 28.828027] The buggy address belongs to the object at ffff888100f9bce0 [ 28.828027] which belongs to the cache kmalloc-16 of size 16 [ 28.829037] The buggy address is located 8 bytes inside of [ 28.829037] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.829928] [ 28.830304] The buggy address belongs to the physical page: [ 28.831543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.832201] flags: 0x200000000000000(node=0|zone=2) [ 28.832929] page_type: f5(slab) [ 28.833379] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.834175] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.834961] page dumped because: kasan: bad access detected [ 28.835567] [ 28.835916] Memory state around the buggy address: [ 28.836611] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.837427] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.838050] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.838282] ^ [ 28.838483] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.838688] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.839009] ================================================================== [ 28.966242] ================================================================== [ 28.966660] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.967095] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.967871] [ 28.968100] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.968985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.969355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.970059] Call Trace: [ 28.970319] <TASK> [ 28.970645] dump_stack_lvl+0x73/0xb0 [ 28.971028] print_report+0xd1/0x640 [ 28.971544] ? __virt_addr_valid+0x1db/0x2d0 [ 28.971936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.972315] kasan_report+0x102/0x140 [ 28.972591] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.973243] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.973891] kasan_check_range+0x10c/0x1c0 [ 28.974413] __kasan_check_write+0x18/0x20 [ 28.974870] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.975360] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.976060] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.976415] ? trace_hardirqs_on+0x37/0xe0 [ 28.976727] ? kasan_bitops_generic+0x93/0x1c0 [ 28.977323] kasan_bitops_generic+0x122/0x1c0 [ 28.977818] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.978465] ? __pfx_read_tsc+0x10/0x10 [ 28.978910] ? ktime_get_ts64+0x84/0x230 [ 28.979312] kunit_try_run_case+0x1b3/0x490 [ 28.979691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.980195] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.980552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.981036] ? __kthread_parkme+0x82/0x160 [ 28.981595] ? preempt_count_sub+0x50/0x80 [ 28.982070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.982638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.983169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.983596] kthread+0x257/0x310 [ 28.984031] ? __pfx_kthread+0x10/0x10 [ 28.984523] ret_from_fork+0x41/0x80 [ 28.984895] ? __pfx_kthread+0x10/0x10 [ 28.985165] ret_from_fork_asm+0x1a/0x30 [ 28.985522] </TASK> [ 28.985843] [ 28.986074] Allocated by task 269: [ 28.986480] kasan_save_stack+0x3d/0x60 [ 28.986916] kasan_save_track+0x18/0x40 [ 28.987388] kasan_save_alloc_info+0x3b/0x50 [ 28.987854] __kasan_kmalloc+0xb7/0xc0 [ 28.988322] __kmalloc_cache_noprof+0x184/0x410 [ 28.988713] kasan_bitops_generic+0x93/0x1c0 [ 28.989027] kunit_try_run_case+0x1b3/0x490 [ 28.989347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.989921] kthread+0x257/0x310 [ 28.990327] ret_from_fork+0x41/0x80 [ 28.990725] ret_from_fork_asm+0x1a/0x30 [ 28.991195] [ 28.991457] The buggy address belongs to the object at ffff888100f9bce0 [ 28.991457] which belongs to the cache kmalloc-16 of size 16 [ 28.992283] The buggy address is located 8 bytes inside of [ 28.992283] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.992858] [ 28.993131] The buggy address belongs to the physical page: [ 28.993684] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.994452] flags: 0x200000000000000(node=0|zone=2) [ 28.994975] page_type: f5(slab) [ 28.995357] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.996002] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.996485] page dumped because: kasan: bad access detected [ 28.997043] [ 28.997297] Memory state around the buggy address: [ 28.997593] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.998166] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.998845] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.999389] ^ [ 28.999963] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.000378] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.000737] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 28.712185] ================================================================== [ 28.712545] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.714227] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.715191] [ 28.715428] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.716876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.717369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.718028] Call Trace: [ 28.718383] <TASK> [ 28.718672] dump_stack_lvl+0x73/0xb0 [ 28.719097] print_report+0xd1/0x640 [ 28.719668] ? __virt_addr_valid+0x1db/0x2d0 [ 28.720178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.720925] kasan_report+0x102/0x140 [ 28.721530] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.722233] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.722985] kasan_check_range+0x10c/0x1c0 [ 28.723487] __kasan_check_write+0x18/0x20 [ 28.723974] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.724412] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.725005] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.725474] ? trace_hardirqs_on+0x37/0xe0 [ 28.726000] ? kasan_bitops_generic+0x93/0x1c0 [ 28.726373] kasan_bitops_generic+0x117/0x1c0 [ 28.726990] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.727343] ? __pfx_read_tsc+0x10/0x10 [ 28.727787] ? ktime_get_ts64+0x84/0x230 [ 28.728278] kunit_try_run_case+0x1b3/0x490 [ 28.728801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.729134] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.729665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.730358] ? __kthread_parkme+0x82/0x160 [ 28.730768] ? preempt_count_sub+0x50/0x80 [ 28.731087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.731773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.732475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.732899] kthread+0x257/0x310 [ 28.733307] ? __pfx_kthread+0x10/0x10 [ 28.733684] ret_from_fork+0x41/0x80 [ 28.733988] ? __pfx_kthread+0x10/0x10 [ 28.734256] ret_from_fork_asm+0x1a/0x30 [ 28.734854] </TASK> [ 28.735226] [ 28.735460] Allocated by task 269: [ 28.735840] kasan_save_stack+0x3d/0x60 [ 28.736252] kasan_save_track+0x18/0x40 [ 28.736643] kasan_save_alloc_info+0x3b/0x50 [ 28.737090] __kasan_kmalloc+0xb7/0xc0 [ 28.737458] __kmalloc_cache_noprof+0x184/0x410 [ 28.737946] kasan_bitops_generic+0x93/0x1c0 [ 28.738234] kunit_try_run_case+0x1b3/0x490 [ 28.738791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.739355] kthread+0x257/0x310 [ 28.739797] ret_from_fork+0x41/0x80 [ 28.740154] ret_from_fork_asm+0x1a/0x30 [ 28.740428] [ 28.740670] The buggy address belongs to the object at ffff888100f9bce0 [ 28.740670] which belongs to the cache kmalloc-16 of size 16 [ 28.741992] The buggy address is located 8 bytes inside of [ 28.741992] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.742596] [ 28.742839] The buggy address belongs to the physical page: [ 28.743367] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.744034] flags: 0x200000000000000(node=0|zone=2) [ 28.744540] page_type: f5(slab) [ 28.744932] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.745482] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.746194] page dumped because: kasan: bad access detected [ 28.746488] [ 28.746634] Memory state around the buggy address: [ 28.747016] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.747395] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.747756] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.748394] ^ [ 28.749215] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.749940] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.750524] ================================================================== [ 28.752349] ================================================================== [ 28.753187] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 28.753806] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.754531] [ 28.754866] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.755655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.755931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.756860] Call Trace: [ 28.757202] <TASK> [ 28.757534] dump_stack_lvl+0x73/0xb0 [ 28.757845] print_report+0xd1/0x640 [ 28.758378] ? __virt_addr_valid+0x1db/0x2d0 [ 28.758874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.759401] kasan_report+0x102/0x140 [ 28.759859] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 28.760442] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 28.761076] kasan_check_range+0x10c/0x1c0 [ 28.761738] __kasan_check_write+0x18/0x20 [ 28.762138] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 28.763017] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.763675] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.764188] ? trace_hardirqs_on+0x37/0xe0 [ 28.764652] ? kasan_bitops_generic+0x93/0x1c0 [ 28.764996] kasan_bitops_generic+0x117/0x1c0 [ 28.765486] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.765952] ? __pfx_read_tsc+0x10/0x10 [ 28.766468] ? ktime_get_ts64+0x84/0x230 [ 28.767075] kunit_try_run_case+0x1b3/0x490 [ 28.767647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.768496] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.769063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.769386] ? __kthread_parkme+0x82/0x160 [ 28.769755] ? preempt_count_sub+0x50/0x80 [ 28.770387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.770985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.771601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.772214] kthread+0x257/0x310 [ 28.772642] ? __pfx_kthread+0x10/0x10 [ 28.772945] ret_from_fork+0x41/0x80 [ 28.773322] ? __pfx_kthread+0x10/0x10 [ 28.773778] ret_from_fork_asm+0x1a/0x30 [ 28.774270] </TASK> [ 28.774486] [ 28.774638] Allocated by task 269: [ 28.774966] kasan_save_stack+0x3d/0x60 [ 28.775430] kasan_save_track+0x18/0x40 [ 28.775858] kasan_save_alloc_info+0x3b/0x50 [ 28.776424] __kasan_kmalloc+0xb7/0xc0 [ 28.776917] __kmalloc_cache_noprof+0x184/0x410 [ 28.777542] kasan_bitops_generic+0x93/0x1c0 [ 28.777943] kunit_try_run_case+0x1b3/0x490 [ 28.778416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.779088] kthread+0x257/0x310 [ 28.779326] ret_from_fork+0x41/0x80 [ 28.779775] ret_from_fork_asm+0x1a/0x30 [ 28.780295] [ 28.780507] The buggy address belongs to the object at ffff888100f9bce0 [ 28.780507] which belongs to the cache kmalloc-16 of size 16 [ 28.781410] The buggy address is located 8 bytes inside of [ 28.781410] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.782526] [ 28.782847] The buggy address belongs to the physical page: [ 28.783223] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.783960] flags: 0x200000000000000(node=0|zone=2) [ 28.784427] page_type: f5(slab) [ 28.784790] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.785513] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.786232] page dumped because: kasan: bad access detected [ 28.786741] [ 28.787026] Memory state around the buggy address: [ 28.787622] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.788127] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.788683] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.789415] ^ [ 28.790036] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.790884] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.791267] ================================================================== [ 28.670892] ================================================================== [ 28.671614] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.672168] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.672548] [ 28.672724] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.673656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.674133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.674753] Call Trace: [ 28.675174] <TASK> [ 28.675425] dump_stack_lvl+0x73/0xb0 [ 28.675910] print_report+0xd1/0x640 [ 28.676340] ? __virt_addr_valid+0x1db/0x2d0 [ 28.676713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.677209] kasan_report+0x102/0x140 [ 28.677483] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.677839] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.678506] kasan_check_range+0x10c/0x1c0 [ 28.678964] __kasan_check_write+0x18/0x20 [ 28.679508] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.680044] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.680734] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.681140] ? trace_hardirqs_on+0x37/0xe0 [ 28.681498] ? kasan_bitops_generic+0x93/0x1c0 [ 28.682165] kasan_bitops_generic+0x117/0x1c0 [ 28.682659] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.683192] ? __pfx_read_tsc+0x10/0x10 [ 28.683620] ? ktime_get_ts64+0x84/0x230 [ 28.684114] kunit_try_run_case+0x1b3/0x490 [ 28.684706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.685151] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.685695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.686223] ? __kthread_parkme+0x82/0x160 [ 28.686638] ? preempt_count_sub+0x50/0x80 [ 28.687019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.687338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.688095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.688795] kthread+0x257/0x310 [ 28.689084] ? __pfx_kthread+0x10/0x10 [ 28.689402] ret_from_fork+0x41/0x80 [ 28.689910] ? __pfx_kthread+0x10/0x10 [ 28.690350] ret_from_fork_asm+0x1a/0x30 [ 28.690839] </TASK> [ 28.691064] [ 28.691280] Allocated by task 269: [ 28.691698] kasan_save_stack+0x3d/0x60 [ 28.692158] kasan_save_track+0x18/0x40 [ 28.692693] kasan_save_alloc_info+0x3b/0x50 [ 28.693063] __kasan_kmalloc+0xb7/0xc0 [ 28.693325] __kmalloc_cache_noprof+0x184/0x410 [ 28.693600] kasan_bitops_generic+0x93/0x1c0 [ 28.693927] kunit_try_run_case+0x1b3/0x490 [ 28.694427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.695196] kthread+0x257/0x310 [ 28.695610] ret_from_fork+0x41/0x80 [ 28.696078] ret_from_fork_asm+0x1a/0x30 [ 28.696660] [ 28.696876] The buggy address belongs to the object at ffff888100f9bce0 [ 28.696876] which belongs to the cache kmalloc-16 of size 16 [ 28.697762] The buggy address is located 8 bytes inside of [ 28.697762] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.699156] [ 28.699313] The buggy address belongs to the physical page: [ 28.699600] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.700012] flags: 0x200000000000000(node=0|zone=2) [ 28.700304] page_type: f5(slab) [ 28.700664] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.701413] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.702193] page dumped because: kasan: bad access detected [ 28.702766] [ 28.703006] Memory state around the buggy address: [ 28.704389] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.705550] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.706219] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.708022] ^ [ 28.708552] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.709003] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.710160] ================================================================== [ 28.474536] ================================================================== [ 28.475488] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.476431] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.477020] [ 28.477302] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.478618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.479006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.479765] Call Trace: [ 28.480471] <TASK> [ 28.480750] dump_stack_lvl+0x73/0xb0 [ 28.481481] print_report+0xd1/0x640 [ 28.481807] ? __virt_addr_valid+0x1db/0x2d0 [ 28.482333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.483214] kasan_report+0x102/0x140 [ 28.484677] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.485025] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.485780] kasan_check_range+0x10c/0x1c0 [ 28.486785] __kasan_check_write+0x18/0x20 [ 28.487396] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.487784] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.488296] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.488699] ? trace_hardirqs_on+0x37/0xe0 [ 28.489684] ? kasan_bitops_generic+0x93/0x1c0 [ 28.490568] kasan_bitops_generic+0x117/0x1c0 [ 28.491243] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.492095] ? __pfx_read_tsc+0x10/0x10 [ 28.492558] ? ktime_get_ts64+0x84/0x230 [ 28.493478] kunit_try_run_case+0x1b3/0x490 [ 28.494069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.494725] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.495451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.496014] ? __kthread_parkme+0x82/0x160 [ 28.496656] ? preempt_count_sub+0x50/0x80 [ 28.497576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.498297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.499007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.499678] kthread+0x257/0x310 [ 28.500321] ? __pfx_kthread+0x10/0x10 [ 28.500648] ret_from_fork+0x41/0x80 [ 28.501713] ? __pfx_kthread+0x10/0x10 [ 28.502337] ret_from_fork_asm+0x1a/0x30 [ 28.502767] </TASK> [ 28.503363] [ 28.503584] Allocated by task 269: [ 28.504127] kasan_save_stack+0x3d/0x60 [ 28.504671] kasan_save_track+0x18/0x40 [ 28.505721] kasan_save_alloc_info+0x3b/0x50 [ 28.506411] __kasan_kmalloc+0xb7/0xc0 [ 28.506735] __kmalloc_cache_noprof+0x184/0x410 [ 28.507465] kasan_bitops_generic+0x93/0x1c0 [ 28.507771] kunit_try_run_case+0x1b3/0x490 [ 28.508427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.508937] kthread+0x257/0x310 [ 28.509179] ret_from_fork+0x41/0x80 [ 28.509566] ret_from_fork_asm+0x1a/0x30 [ 28.510680] [ 28.510916] The buggy address belongs to the object at ffff888100f9bce0 [ 28.510916] which belongs to the cache kmalloc-16 of size 16 [ 28.511847] The buggy address is located 8 bytes inside of [ 28.511847] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.513356] [ 28.513602] The buggy address belongs to the physical page: [ 28.514722] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.515461] flags: 0x200000000000000(node=0|zone=2) [ 28.515996] page_type: f5(slab) [ 28.516583] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.517343] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.518147] page dumped because: kasan: bad access detected [ 28.518659] [ 28.518897] Memory state around the buggy address: [ 28.520165] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.521035] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.521658] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.522531] ^ [ 28.523210] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.523942] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.524987] ================================================================== [ 28.625039] ================================================================== [ 28.625764] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.626962] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.627847] [ 28.628024] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.629767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.630339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.631285] Call Trace: [ 28.631887] <TASK> [ 28.632145] dump_stack_lvl+0x73/0xb0 [ 28.632638] print_report+0xd1/0x640 [ 28.632989] ? __virt_addr_valid+0x1db/0x2d0 [ 28.633561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.633992] kasan_report+0x102/0x140 [ 28.634445] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.634917] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.635474] kasan_check_range+0x10c/0x1c0 [ 28.635999] __kasan_check_write+0x18/0x20 [ 28.636428] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.636792] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.637479] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.637967] ? trace_hardirqs_on+0x37/0xe0 [ 28.638488] ? kasan_bitops_generic+0x93/0x1c0 [ 28.638815] kasan_bitops_generic+0x117/0x1c0 [ 28.639244] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.639761] ? __pfx_read_tsc+0x10/0x10 [ 28.640221] ? ktime_get_ts64+0x84/0x230 [ 28.640652] kunit_try_run_case+0x1b3/0x490 [ 28.641131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.641704] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.642158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.642473] ? __kthread_parkme+0x82/0x160 [ 28.642759] ? preempt_count_sub+0x50/0x80 [ 28.643224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.643751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.644387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.644887] kthread+0x257/0x310 [ 28.645295] ? __pfx_kthread+0x10/0x10 [ 28.645645] ret_from_fork+0x41/0x80 [ 28.646400] ? __pfx_kthread+0x10/0x10 [ 28.647285] ret_from_fork_asm+0x1a/0x30 [ 28.648260] </TASK> [ 28.649352] [ 28.649587] Allocated by task 269: [ 28.650409] kasan_save_stack+0x3d/0x60 [ 28.650872] kasan_save_track+0x18/0x40 [ 28.651232] kasan_save_alloc_info+0x3b/0x50 [ 28.652100] __kasan_kmalloc+0xb7/0xc0 [ 28.652529] __kmalloc_cache_noprof+0x184/0x410 [ 28.653040] kasan_bitops_generic+0x93/0x1c0 [ 28.653396] kunit_try_run_case+0x1b3/0x490 [ 28.654098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.654894] kthread+0x257/0x310 [ 28.655207] ret_from_fork+0x41/0x80 [ 28.656126] ret_from_fork_asm+0x1a/0x30 [ 28.656668] [ 28.656871] The buggy address belongs to the object at ffff888100f9bce0 [ 28.656871] which belongs to the cache kmalloc-16 of size 16 [ 28.657710] The buggy address is located 8 bytes inside of [ 28.657710] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.658309] [ 28.658530] The buggy address belongs to the physical page: [ 28.659125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.659897] flags: 0x200000000000000(node=0|zone=2) [ 28.660868] page_type: f5(slab) [ 28.661110] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.661492] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.662449] page dumped because: kasan: bad access detected [ 28.663025] [ 28.663504] Memory state around the buggy address: [ 28.664104] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.664936] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.665787] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.666579] ^ [ 28.667104] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.667643] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.668277] ================================================================== [ 28.528567] ================================================================== [ 28.529071] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.530059] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.530710] [ 28.531337] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.532613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.533183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.534029] Call Trace: [ 28.534409] <TASK> [ 28.534722] dump_stack_lvl+0x73/0xb0 [ 28.535243] print_report+0xd1/0x640 [ 28.535766] ? __virt_addr_valid+0x1db/0x2d0 [ 28.536430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.537011] kasan_report+0x102/0x140 [ 28.537843] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.538535] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.538994] kasan_check_range+0x10c/0x1c0 [ 28.539700] __kasan_check_write+0x18/0x20 [ 28.540455] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.540859] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.541776] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.542857] ? trace_hardirqs_on+0x37/0xe0 [ 28.543529] ? kasan_bitops_generic+0x93/0x1c0 [ 28.544292] kasan_bitops_generic+0x117/0x1c0 [ 28.544785] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.545810] ? __pfx_read_tsc+0x10/0x10 [ 28.546469] ? ktime_get_ts64+0x84/0x230 [ 28.547211] kunit_try_run_case+0x1b3/0x490 [ 28.547635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.548172] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.548929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.549726] ? __kthread_parkme+0x82/0x160 [ 28.550185] ? preempt_count_sub+0x50/0x80 [ 28.551282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.551988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.553052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.554025] kthread+0x257/0x310 [ 28.554687] ? __pfx_kthread+0x10/0x10 [ 28.555079] ret_from_fork+0x41/0x80 [ 28.556426] ? __pfx_kthread+0x10/0x10 [ 28.556763] ret_from_fork_asm+0x1a/0x30 [ 28.557667] </TASK> [ 28.557923] [ 28.558100] Allocated by task 269: [ 28.559431] kasan_save_stack+0x3d/0x60 [ 28.559757] kasan_save_track+0x18/0x40 [ 28.560225] kasan_save_alloc_info+0x3b/0x50 [ 28.560704] __kasan_kmalloc+0xb7/0xc0 [ 28.561686] __kmalloc_cache_noprof+0x184/0x410 [ 28.562576] kasan_bitops_generic+0x93/0x1c0 [ 28.563697] kunit_try_run_case+0x1b3/0x490 [ 28.564088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.564721] kthread+0x257/0x310 [ 28.565071] ret_from_fork+0x41/0x80 [ 28.565529] ret_from_fork_asm+0x1a/0x30 [ 28.566230] [ 28.566401] The buggy address belongs to the object at ffff888100f9bce0 [ 28.566401] which belongs to the cache kmalloc-16 of size 16 [ 28.568045] The buggy address is located 8 bytes inside of [ 28.568045] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.569065] [ 28.569493] The buggy address belongs to the physical page: [ 28.569969] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.570374] flags: 0x200000000000000(node=0|zone=2) [ 28.570815] page_type: f5(slab) [ 28.571472] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.572175] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.573352] page dumped because: kasan: bad access detected [ 28.574243] [ 28.574453] Memory state around the buggy address: [ 28.574728] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.575408] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.576589] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.577272] ^ [ 28.577794] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.578952] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.579745] ================================================================== [ 28.420227] ================================================================== [ 28.421526] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.422181] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.422729] [ 28.423608] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.424596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.425308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.426271] Call Trace: [ 28.426603] <TASK> [ 28.427405] dump_stack_lvl+0x73/0xb0 [ 28.427801] print_report+0xd1/0x640 [ 28.428512] ? __virt_addr_valid+0x1db/0x2d0 [ 28.428937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.429649] kasan_report+0x102/0x140 [ 28.430200] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.431407] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.431920] kasan_check_range+0x10c/0x1c0 [ 28.432602] __kasan_check_write+0x18/0x20 [ 28.433315] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.434015] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.434630] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.435529] ? trace_hardirqs_on+0x37/0xe0 [ 28.436066] ? kasan_bitops_generic+0x93/0x1c0 [ 28.436415] kasan_bitops_generic+0x117/0x1c0 [ 28.437135] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.437745] ? __pfx_read_tsc+0x10/0x10 [ 28.438341] ? ktime_get_ts64+0x84/0x230 [ 28.439307] kunit_try_run_case+0x1b3/0x490 [ 28.439804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.440306] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.440695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.441416] ? __kthread_parkme+0x82/0x160 [ 28.442172] ? preempt_count_sub+0x50/0x80 [ 28.442732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.443681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.444470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.445110] kthread+0x257/0x310 [ 28.445597] ? __pfx_kthread+0x10/0x10 [ 28.446296] ret_from_fork+0x41/0x80 [ 28.446615] ? __pfx_kthread+0x10/0x10 [ 28.447563] ret_from_fork_asm+0x1a/0x30 [ 28.448349] </TASK> [ 28.448719] [ 28.449131] Allocated by task 269: [ 28.449577] kasan_save_stack+0x3d/0x60 [ 28.450230] kasan_save_track+0x18/0x40 [ 28.450690] kasan_save_alloc_info+0x3b/0x50 [ 28.451729] __kasan_kmalloc+0xb7/0xc0 [ 28.452393] __kmalloc_cache_noprof+0x184/0x410 [ 28.452707] kasan_bitops_generic+0x93/0x1c0 [ 28.453402] kunit_try_run_case+0x1b3/0x490 [ 28.454167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.454619] kthread+0x257/0x310 [ 28.455512] ret_from_fork+0x41/0x80 [ 28.456207] ret_from_fork_asm+0x1a/0x30 [ 28.456663] [ 28.457181] The buggy address belongs to the object at ffff888100f9bce0 [ 28.457181] which belongs to the cache kmalloc-16 of size 16 [ 28.458526] The buggy address is located 8 bytes inside of [ 28.458526] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.459703] [ 28.460550] The buggy address belongs to the physical page: [ 28.461293] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.462150] flags: 0x200000000000000(node=0|zone=2) [ 28.462793] page_type: f5(slab) [ 28.463756] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.464132] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.464805] page dumped because: kasan: bad access detected [ 28.465611] [ 28.465761] Memory state around the buggy address: [ 28.466552] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.467637] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.468408] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.469216] ^ [ 28.469813] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.470655] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.471669] ================================================================== [ 28.581221] ================================================================== [ 28.582354] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.583111] Write of size 8 at addr ffff888100f9bce8 by task kunit_try_catch/269 [ 28.583739] [ 28.584000] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.585517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.585880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.586379] Call Trace: [ 28.586583] <TASK> [ 28.586758] dump_stack_lvl+0x73/0xb0 [ 28.587076] print_report+0xd1/0x640 [ 28.587551] ? __virt_addr_valid+0x1db/0x2d0 [ 28.588044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.588591] kasan_report+0x102/0x140 [ 28.589211] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.590025] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.590758] kasan_check_range+0x10c/0x1c0 [ 28.591168] __kasan_check_write+0x18/0x20 [ 28.591454] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.591788] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.592398] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.592976] ? trace_hardirqs_on+0x37/0xe0 [ 28.593491] ? kasan_bitops_generic+0x93/0x1c0 [ 28.594032] kasan_bitops_generic+0x117/0x1c0 [ 28.594630] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.595023] ? __pfx_read_tsc+0x10/0x10 [ 28.595327] ? ktime_get_ts64+0x84/0x230 [ 28.595770] kunit_try_run_case+0x1b3/0x490 [ 28.596302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.596850] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.597263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.597839] ? __kthread_parkme+0x82/0x160 [ 28.598192] ? preempt_count_sub+0x50/0x80 [ 28.598696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.599169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.599926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.600323] kthread+0x257/0x310 [ 28.600581] ? __pfx_kthread+0x10/0x10 [ 28.600878] ret_from_fork+0x41/0x80 [ 28.601280] ? __pfx_kthread+0x10/0x10 [ 28.601761] ret_from_fork_asm+0x1a/0x30 [ 28.602267] </TASK> [ 28.602542] [ 28.602755] Allocated by task 269: [ 28.603165] kasan_save_stack+0x3d/0x60 [ 28.603602] kasan_save_track+0x18/0x40 [ 28.603969] kasan_save_alloc_info+0x3b/0x50 [ 28.604250] __kasan_kmalloc+0xb7/0xc0 [ 28.604507] __kmalloc_cache_noprof+0x184/0x410 [ 28.604778] kasan_bitops_generic+0x93/0x1c0 [ 28.605236] kunit_try_run_case+0x1b3/0x490 [ 28.605817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.606439] kthread+0x257/0x310 [ 28.606850] ret_from_fork+0x41/0x80 [ 28.607246] ret_from_fork_asm+0x1a/0x30 [ 28.607725] [ 28.607966] The buggy address belongs to the object at ffff888100f9bce0 [ 28.607966] which belongs to the cache kmalloc-16 of size 16 [ 28.609391] The buggy address is located 8 bytes inside of [ 28.609391] allocated 9-byte region [ffff888100f9bce0, ffff888100f9bce9) [ 28.609980] [ 28.610137] The buggy address belongs to the physical page: [ 28.610558] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 28.611268] flags: 0x200000000000000(node=0|zone=2) [ 28.611790] page_type: f5(slab) [ 28.612197] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.612817] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.613628] page dumped because: kasan: bad access detected [ 28.613968] [ 28.614115] Memory state around the buggy address: [ 28.614516] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.615526] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.616606] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.618217] ^ [ 28.619411] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.621164] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.622016] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 28.354536] ================================================================== [ 28.357540] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 28.358102] Read of size 1 at addr ffff888102a18a90 by task kunit_try_catch/267 [ 28.358648] [ 28.359515] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.360596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.360968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.362150] Call Trace: [ 28.362766] <TASK> [ 28.363412] dump_stack_lvl+0x73/0xb0 [ 28.363762] print_report+0xd1/0x640 [ 28.364766] ? __virt_addr_valid+0x1db/0x2d0 [ 28.365577] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.366281] kasan_report+0x102/0x140 [ 28.367689] ? strnlen+0x73/0x80 [ 28.368058] ? strnlen+0x73/0x80 [ 28.368974] __asan_report_load1_noabort+0x18/0x20 [ 28.369394] strnlen+0x73/0x80 [ 28.370120] kasan_strings+0x4cc/0xb60 [ 28.370541] ? __pfx_kasan_strings+0x10/0x10 [ 28.371173] ? __schedule+0xc3e/0x2790 [ 28.372044] ? __pfx_read_tsc+0x10/0x10 [ 28.372391] ? ktime_get_ts64+0x84/0x230 [ 28.373755] kunit_try_run_case+0x1b3/0x490 [ 28.374279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.374720] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.375149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.375800] ? __kthread_parkme+0x82/0x160 [ 28.376656] ? preempt_count_sub+0x50/0x80 [ 28.377015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.377323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.378278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.379363] kthread+0x257/0x310 [ 28.379764] ? __pfx_kthread+0x10/0x10 [ 28.380220] ret_from_fork+0x41/0x80 [ 28.380627] ? __pfx_kthread+0x10/0x10 [ 28.381447] ret_from_fork_asm+0x1a/0x30 [ 28.382186] </TASK> [ 28.382465] [ 28.383015] Allocated by task 267: [ 28.384147] kasan_save_stack+0x3d/0x60 [ 28.384539] kasan_save_track+0x18/0x40 [ 28.384968] kasan_save_alloc_info+0x3b/0x50 [ 28.385377] __kasan_kmalloc+0xb7/0xc0 [ 28.385713] __kmalloc_cache_noprof+0x184/0x410 [ 28.386503] kasan_strings+0xb3/0xb60 [ 28.386936] kunit_try_run_case+0x1b3/0x490 [ 28.387224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.387534] kthread+0x257/0x310 [ 28.387933] ret_from_fork+0x41/0x80 [ 28.388416] ret_from_fork_asm+0x1a/0x30 [ 28.390147] [ 28.390578] Freed by task 267: [ 28.391067] kasan_save_stack+0x3d/0x60 [ 28.391704] kasan_save_track+0x18/0x40 [ 28.392331] kasan_save_free_info+0x3f/0x60 [ 28.392894] __kasan_slab_free+0x56/0x70 [ 28.393277] kfree+0x123/0x3f0 [ 28.394346] kasan_strings+0x13a/0xb60 [ 28.395094] kunit_try_run_case+0x1b3/0x490 [ 28.395487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.396282] kthread+0x257/0x310 [ 28.396616] ret_from_fork+0x41/0x80 [ 28.397056] ret_from_fork_asm+0x1a/0x30 [ 28.397870] [ 28.398093] The buggy address belongs to the object at ffff888102a18a80 [ 28.398093] which belongs to the cache kmalloc-32 of size 32 [ 28.399512] The buggy address is located 16 bytes inside of [ 28.399512] freed 32-byte region [ffff888102a18a80, ffff888102a18aa0) [ 28.400412] [ 28.400788] The buggy address belongs to the physical page: [ 28.402253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.402933] flags: 0x200000000000000(node=0|zone=2) [ 28.403619] page_type: f5(slab) [ 28.404161] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.404864] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.406069] page dumped because: kasan: bad access detected [ 28.406681] [ 28.406845] Memory state around the buggy address: [ 28.407529] ffff888102a18980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.408006] ffff888102a18a00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.409024] >ffff888102a18a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.409722] ^ [ 28.410479] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.411164] ffff888102a18b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.411956] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 28.305327] ================================================================== [ 28.306524] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 28.307534] Read of size 1 at addr ffff888102a18a90 by task kunit_try_catch/267 [ 28.308293] [ 28.308543] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.309344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.309794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.310817] Call Trace: [ 28.311772] <TASK> [ 28.312231] dump_stack_lvl+0x73/0xb0 [ 28.312725] print_report+0xd1/0x640 [ 28.313114] ? __virt_addr_valid+0x1db/0x2d0 [ 28.313654] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.314290] kasan_report+0x102/0x140 [ 28.314801] ? strlen+0x8f/0xb0 [ 28.315300] ? strlen+0x8f/0xb0 [ 28.315627] __asan_report_load1_noabort+0x18/0x20 [ 28.316158] strlen+0x8f/0xb0 [ 28.316586] kasan_strings+0x432/0xb60 [ 28.317180] ? __pfx_kasan_strings+0x10/0x10 [ 28.317537] ? __schedule+0xc3e/0x2790 [ 28.317817] ? __pfx_read_tsc+0x10/0x10 [ 28.318776] ? ktime_get_ts64+0x84/0x230 [ 28.319315] kunit_try_run_case+0x1b3/0x490 [ 28.320059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.320732] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.321410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.321985] ? __kthread_parkme+0x82/0x160 [ 28.322374] ? preempt_count_sub+0x50/0x80 [ 28.322953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.323254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.323605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.324234] kthread+0x257/0x310 [ 28.324645] ? __pfx_kthread+0x10/0x10 [ 28.325177] ret_from_fork+0x41/0x80 [ 28.325853] ? __pfx_kthread+0x10/0x10 [ 28.326939] ret_from_fork_asm+0x1a/0x30 [ 28.327652] </TASK> [ 28.328020] [ 28.328241] Allocated by task 267: [ 28.329249] kasan_save_stack+0x3d/0x60 [ 28.329802] kasan_save_track+0x18/0x40 [ 28.330245] kasan_save_alloc_info+0x3b/0x50 [ 28.331802] __kasan_kmalloc+0xb7/0xc0 [ 28.332278] __kmalloc_cache_noprof+0x184/0x410 [ 28.332568] kasan_strings+0xb3/0xb60 [ 28.332846] kunit_try_run_case+0x1b3/0x490 [ 28.333218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.334189] kthread+0x257/0x310 [ 28.334578] ret_from_fork+0x41/0x80 [ 28.335022] ret_from_fork_asm+0x1a/0x30 [ 28.335593] [ 28.335814] Freed by task 267: [ 28.336317] kasan_save_stack+0x3d/0x60 [ 28.336731] kasan_save_track+0x18/0x40 [ 28.337355] kasan_save_free_info+0x3f/0x60 [ 28.337644] __kasan_slab_free+0x56/0x70 [ 28.337999] kfree+0x123/0x3f0 [ 28.338339] kasan_strings+0x13a/0xb60 [ 28.339041] kunit_try_run_case+0x1b3/0x490 [ 28.340140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.340739] kthread+0x257/0x310 [ 28.341015] ret_from_fork+0x41/0x80 [ 28.341272] ret_from_fork_asm+0x1a/0x30 [ 28.341541] [ 28.341741] The buggy address belongs to the object at ffff888102a18a80 [ 28.341741] which belongs to the cache kmalloc-32 of size 32 [ 28.343400] The buggy address is located 16 bytes inside of [ 28.343400] freed 32-byte region [ffff888102a18a80, ffff888102a18aa0) [ 28.344622] [ 28.344949] The buggy address belongs to the physical page: [ 28.345319] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.345850] flags: 0x200000000000000(node=0|zone=2) [ 28.346172] page_type: f5(slab) [ 28.346410] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.347779] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.348631] page dumped because: kasan: bad access detected [ 28.349136] [ 28.349379] Memory state around the buggy address: [ 28.349774] ffff888102a18980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.350737] ffff888102a18a00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.351240] >ffff888102a18a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.351887] ^ [ 28.352347] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.352714] ffff888102a18b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.353093] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 28.251204] ================================================================== [ 28.251951] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 28.252714] Read of size 1 at addr ffff888102a18a90 by task kunit_try_catch/267 [ 28.253420] [ 28.253612] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.254562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.254809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.259102] Call Trace: [ 28.259323] <TASK> [ 28.259517] dump_stack_lvl+0x73/0xb0 [ 28.260937] print_report+0xd1/0x640 [ 28.261770] ? __virt_addr_valid+0x1db/0x2d0 [ 28.262582] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.262941] kasan_report+0x102/0x140 [ 28.263967] ? kasan_strings+0xa0f/0xb60 [ 28.264387] ? kasan_strings+0xa0f/0xb60 [ 28.264846] __asan_report_load1_noabort+0x18/0x20 [ 28.265264] kasan_strings+0xa0f/0xb60 [ 28.266699] ? __pfx_kasan_strings+0x10/0x10 [ 28.266986] ? __schedule+0xc3e/0x2790 [ 28.267840] ? __pfx_read_tsc+0x10/0x10 [ 28.268375] ? ktime_get_ts64+0x84/0x230 [ 28.268837] kunit_try_run_case+0x1b3/0x490 [ 28.269584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.270362] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.271199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.271684] ? __kthread_parkme+0x82/0x160 [ 28.272627] ? preempt_count_sub+0x50/0x80 [ 28.273103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.273728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.275081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.275663] kthread+0x257/0x310 [ 28.276226] ? __pfx_kthread+0x10/0x10 [ 28.276513] ret_from_fork+0x41/0x80 [ 28.277443] ? __pfx_kthread+0x10/0x10 [ 28.277769] ret_from_fork_asm+0x1a/0x30 [ 28.278257] </TASK> [ 28.278482] [ 28.278851] Allocated by task 267: [ 28.279289] kasan_save_stack+0x3d/0x60 [ 28.279693] kasan_save_track+0x18/0x40 [ 28.280036] kasan_save_alloc_info+0x3b/0x50 [ 28.280319] __kasan_kmalloc+0xb7/0xc0 [ 28.280919] __kmalloc_cache_noprof+0x184/0x410 [ 28.281516] kasan_strings+0xb3/0xb60 [ 28.281961] kunit_try_run_case+0x1b3/0x490 [ 28.282862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.283502] kthread+0x257/0x310 [ 28.283800] ret_from_fork+0x41/0x80 [ 28.284286] ret_from_fork_asm+0x1a/0x30 [ 28.284696] [ 28.284877] Freed by task 267: [ 28.285343] kasan_save_stack+0x3d/0x60 [ 28.285880] kasan_save_track+0x18/0x40 [ 28.286297] kasan_save_free_info+0x3f/0x60 [ 28.286755] __kasan_slab_free+0x56/0x70 [ 28.287319] kfree+0x123/0x3f0 [ 28.287873] kasan_strings+0x13a/0xb60 [ 28.288139] kunit_try_run_case+0x1b3/0x490 [ 28.288545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.289029] kthread+0x257/0x310 [ 28.289495] ret_from_fork+0x41/0x80 [ 28.290398] ret_from_fork_asm+0x1a/0x30 [ 28.290904] [ 28.291135] The buggy address belongs to the object at ffff888102a18a80 [ 28.291135] which belongs to the cache kmalloc-32 of size 32 [ 28.292357] The buggy address is located 16 bytes inside of [ 28.292357] freed 32-byte region [ffff888102a18a80, ffff888102a18aa0) [ 28.293333] [ 28.293653] The buggy address belongs to the physical page: [ 28.293981] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.294387] flags: 0x200000000000000(node=0|zone=2) [ 28.294847] page_type: f5(slab) [ 28.295339] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.296950] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.297803] page dumped because: kasan: bad access detected [ 28.298131] [ 28.298282] Memory state around the buggy address: [ 28.299051] ffff888102a18980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.299906] ffff888102a18a00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.300561] >ffff888102a18a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.301377] ^ [ 28.301668] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.302375] ffff888102a18b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.303031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 28.206896] ================================================================== [ 28.207710] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 28.208117] Read of size 1 at addr ffff888102a18a90 by task kunit_try_catch/267 [ 28.208925] [ 28.209167] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.209957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.210328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.211014] Call Trace: [ 28.211323] <TASK> [ 28.211553] dump_stack_lvl+0x73/0xb0 [ 28.211894] print_report+0xd1/0x640 [ 28.212331] ? __virt_addr_valid+0x1db/0x2d0 [ 28.212787] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.213293] kasan_report+0x102/0x140 [ 28.213921] ? strcmp+0xb0/0xc0 [ 28.214189] ? strcmp+0xb0/0xc0 [ 28.214452] __asan_report_load1_noabort+0x18/0x20 [ 28.215165] strcmp+0xb0/0xc0 [ 28.215569] kasan_strings+0x2e9/0xb60 [ 28.216161] ? __pfx_kasan_strings+0x10/0x10 [ 28.216743] ? __schedule+0xc3e/0x2790 [ 28.217561] ? __pfx_read_tsc+0x10/0x10 [ 28.218022] ? ktime_get_ts64+0x84/0x230 [ 28.218460] kunit_try_run_case+0x1b3/0x490 [ 28.219078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.219429] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.219738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.220303] ? __kthread_parkme+0x82/0x160 [ 28.221001] ? preempt_count_sub+0x50/0x80 [ 28.221531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.222106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.224140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.225540] kthread+0x257/0x310 [ 28.225852] ? __pfx_kthread+0x10/0x10 [ 28.226157] ret_from_fork+0x41/0x80 [ 28.226574] ? __pfx_kthread+0x10/0x10 [ 28.227137] ret_from_fork_asm+0x1a/0x30 [ 28.227485] </TASK> [ 28.227668] [ 28.227812] Allocated by task 267: [ 28.228214] kasan_save_stack+0x3d/0x60 [ 28.228654] kasan_save_track+0x18/0x40 [ 28.229127] kasan_save_alloc_info+0x3b/0x50 [ 28.229851] __kasan_kmalloc+0xb7/0xc0 [ 28.230272] __kmalloc_cache_noprof+0x184/0x410 [ 28.230671] kasan_strings+0xb3/0xb60 [ 28.230956] kunit_try_run_case+0x1b3/0x490 [ 28.231231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.231548] kthread+0x257/0x310 [ 28.232050] ret_from_fork+0x41/0x80 [ 28.232534] ret_from_fork_asm+0x1a/0x30 [ 28.232958] [ 28.233176] Freed by task 267: [ 28.233713] kasan_save_stack+0x3d/0x60 [ 28.234741] kasan_save_track+0x18/0x40 [ 28.235318] kasan_save_free_info+0x3f/0x60 [ 28.235634] __kasan_slab_free+0x56/0x70 [ 28.236071] kfree+0x123/0x3f0 [ 28.236313] kasan_strings+0x13a/0xb60 [ 28.236977] kunit_try_run_case+0x1b3/0x490 [ 28.237318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.237882] kthread+0x257/0x310 [ 28.238134] ret_from_fork+0x41/0x80 [ 28.238738] ret_from_fork_asm+0x1a/0x30 [ 28.239227] [ 28.239477] The buggy address belongs to the object at ffff888102a18a80 [ 28.239477] which belongs to the cache kmalloc-32 of size 32 [ 28.240168] The buggy address is located 16 bytes inside of [ 28.240168] freed 32-byte region [ffff888102a18a80, ffff888102a18aa0) [ 28.240959] [ 28.241171] The buggy address belongs to the physical page: [ 28.241769] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.242707] flags: 0x200000000000000(node=0|zone=2) [ 28.243037] page_type: f5(slab) [ 28.244007] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.244846] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.245344] page dumped because: kasan: bad access detected [ 28.246175] [ 28.246356] Memory state around the buggy address: [ 28.246637] ffff888102a18980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.247031] ffff888102a18a00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.247411] >ffff888102a18a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.248157] ^ [ 28.248561] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.249286] ffff888102a18b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.250394] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 28.154943] ================================================================== [ 28.155565] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 28.156458] Read of size 1 at addr ffff888102a18a90 by task kunit_try_catch/267 [ 28.157333] [ 28.157644] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.159009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.159565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.160217] Call Trace: [ 28.160540] <TASK> [ 28.160955] dump_stack_lvl+0x73/0xb0 [ 28.161965] print_report+0xd1/0x640 [ 28.162586] ? __virt_addr_valid+0x1db/0x2d0 [ 28.163125] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.163793] kasan_report+0x102/0x140 [ 28.164464] ? strrchr+0x64/0x70 [ 28.164941] ? strrchr+0x64/0x70 [ 28.165242] __asan_report_load1_noabort+0x18/0x20 [ 28.166254] strrchr+0x64/0x70 [ 28.167141] kasan_strings+0x24c/0xb60 [ 28.167722] ? __pfx_kasan_strings+0x10/0x10 [ 28.168566] ? __schedule+0xc3e/0x2790 [ 28.169535] ? __pfx_read_tsc+0x10/0x10 [ 28.169888] ? ktime_get_ts64+0x84/0x230 [ 28.170377] kunit_try_run_case+0x1b3/0x490 [ 28.170770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.171049] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.171765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.172674] ? __kthread_parkme+0x82/0x160 [ 28.173067] ? preempt_count_sub+0x50/0x80 [ 28.174176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.174653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.175271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.175853] kthread+0x257/0x310 [ 28.176406] ? __pfx_kthread+0x10/0x10 [ 28.176845] ret_from_fork+0x41/0x80 [ 28.177412] ? __pfx_kthread+0x10/0x10 [ 28.177867] ret_from_fork_asm+0x1a/0x30 [ 28.178487] </TASK> [ 28.178736] [ 28.179493] Allocated by task 267: [ 28.179844] kasan_save_stack+0x3d/0x60 [ 28.180393] kasan_save_track+0x18/0x40 [ 28.180671] kasan_save_alloc_info+0x3b/0x50 [ 28.181085] __kasan_kmalloc+0xb7/0xc0 [ 28.181531] __kmalloc_cache_noprof+0x184/0x410 [ 28.182243] kasan_strings+0xb3/0xb60 [ 28.182614] kunit_try_run_case+0x1b3/0x490 [ 28.183208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.183626] kthread+0x257/0x310 [ 28.184210] ret_from_fork+0x41/0x80 [ 28.184611] ret_from_fork_asm+0x1a/0x30 [ 28.185014] [ 28.185240] Freed by task 267: [ 28.185635] kasan_save_stack+0x3d/0x60 [ 28.186083] kasan_save_track+0x18/0x40 [ 28.186565] kasan_save_free_info+0x3f/0x60 [ 28.186940] __kasan_slab_free+0x56/0x70 [ 28.187206] kfree+0x123/0x3f0 [ 28.187756] kasan_strings+0x13a/0xb60 [ 28.188726] kunit_try_run_case+0x1b3/0x490 [ 28.189422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.190034] kthread+0x257/0x310 [ 28.190527] ret_from_fork+0x41/0x80 [ 28.190852] ret_from_fork_asm+0x1a/0x30 [ 28.191348] [ 28.192775] The buggy address belongs to the object at ffff888102a18a80 [ 28.192775] which belongs to the cache kmalloc-32 of size 32 [ 28.194530] The buggy address is located 16 bytes inside of [ 28.194530] freed 32-byte region [ffff888102a18a80, ffff888102a18aa0) [ 28.195773] [ 28.196484] The buggy address belongs to the physical page: [ 28.196847] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.197653] flags: 0x200000000000000(node=0|zone=2) [ 28.198203] page_type: f5(slab) [ 28.198625] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.199341] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.199717] page dumped because: kasan: bad access detected [ 28.200344] [ 28.200508] Memory state around the buggy address: [ 28.200781] ffff888102a18980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.201602] ffff888102a18a00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.202491] >ffff888102a18a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.203355] ^ [ 28.204373] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.205176] ffff888102a18b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.205503] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 28.101092] ================================================================== [ 28.102051] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 28.103006] Read of size 1 at addr ffff888102a18a90 by task kunit_try_catch/267 [ 28.103721] [ 28.104174] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.105230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.105542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.106981] Call Trace: [ 28.107415] <TASK> [ 28.107987] dump_stack_lvl+0x73/0xb0 [ 28.108560] print_report+0xd1/0x640 [ 28.109191] ? __virt_addr_valid+0x1db/0x2d0 [ 28.109669] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.110442] kasan_report+0x102/0x140 [ 28.110889] ? strchr+0x9c/0xc0 [ 28.111608] ? strchr+0x9c/0xc0 [ 28.111910] __asan_report_load1_noabort+0x18/0x20 [ 28.112513] strchr+0x9c/0xc0 [ 28.113713] kasan_strings+0x1b1/0xb60 [ 28.114106] ? __pfx_kasan_strings+0x10/0x10 [ 28.115097] ? __schedule+0xc3e/0x2790 [ 28.115551] ? __pfx_read_tsc+0x10/0x10 [ 28.116269] ? ktime_get_ts64+0x84/0x230 [ 28.117295] kunit_try_run_case+0x1b3/0x490 [ 28.117665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.118237] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.118742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.119103] ? __kthread_parkme+0x82/0x160 [ 28.119694] ? preempt_count_sub+0x50/0x80 [ 28.120165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.120686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.121768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.122249] kthread+0x257/0x310 [ 28.122534] ? __pfx_kthread+0x10/0x10 [ 28.122968] ret_from_fork+0x41/0x80 [ 28.123332] ? __pfx_kthread+0x10/0x10 [ 28.124406] ret_from_fork_asm+0x1a/0x30 [ 28.125057] </TASK> [ 28.125447] [ 28.125841] Allocated by task 267: [ 28.126574] kasan_save_stack+0x3d/0x60 [ 28.126876] kasan_save_track+0x18/0x40 [ 28.127931] kasan_save_alloc_info+0x3b/0x50 [ 28.128771] __kasan_kmalloc+0xb7/0xc0 [ 28.129231] __kmalloc_cache_noprof+0x184/0x410 [ 28.129619] kasan_strings+0xb3/0xb60 [ 28.130378] kunit_try_run_case+0x1b3/0x490 [ 28.130666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.131333] kthread+0x257/0x310 [ 28.132667] ret_from_fork+0x41/0x80 [ 28.133041] ret_from_fork_asm+0x1a/0x30 [ 28.133207] [ 28.133336] Freed by task 267: [ 28.133668] kasan_save_stack+0x3d/0x60 [ 28.134201] kasan_save_track+0x18/0x40 [ 28.134809] kasan_save_free_info+0x3f/0x60 [ 28.135352] __kasan_slab_free+0x56/0x70 [ 28.136204] kfree+0x123/0x3f0 [ 28.136572] kasan_strings+0x13a/0xb60 [ 28.137082] kunit_try_run_case+0x1b3/0x490 [ 28.137853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.138492] kthread+0x257/0x310 [ 28.139098] ret_from_fork+0x41/0x80 [ 28.139530] ret_from_fork_asm+0x1a/0x30 [ 28.140209] [ 28.140462] The buggy address belongs to the object at ffff888102a18a80 [ 28.140462] which belongs to the cache kmalloc-32 of size 32 [ 28.141397] The buggy address is located 16 bytes inside of [ 28.141397] freed 32-byte region [ffff888102a18a80, ffff888102a18aa0) [ 28.142295] [ 28.142510] The buggy address belongs to the physical page: [ 28.143638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.144408] flags: 0x200000000000000(node=0|zone=2) [ 28.144773] page_type: f5(slab) [ 28.145345] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.146290] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.147009] page dumped because: kasan: bad access detected [ 28.147608] [ 28.147845] Memory state around the buggy address: [ 28.149119] ffff888102a18980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.149712] ffff888102a18a00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.150496] >ffff888102a18a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.151319] ^ [ 28.151593] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.152492] ffff888102a18b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.153510] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 28.048405] ================================================================== [ 28.049534] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 28.050634] Read of size 1 at addr ffff888102a18958 by task kunit_try_catch/265 [ 28.051499] [ 28.052043] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.053191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.053743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.054327] Call Trace: [ 28.055532] <TASK> [ 28.055848] dump_stack_lvl+0x73/0xb0 [ 28.056357] print_report+0xd1/0x640 [ 28.057029] ? __virt_addr_valid+0x1db/0x2d0 [ 28.057521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.058195] kasan_report+0x102/0x140 [ 28.058592] ? memcmp+0x1b4/0x1d0 [ 28.059558] ? memcmp+0x1b4/0x1d0 [ 28.060008] __asan_report_load1_noabort+0x18/0x20 [ 28.060641] memcmp+0x1b4/0x1d0 [ 28.061203] kasan_memcmp+0x190/0x390 [ 28.061760] ? trace_hardirqs_on+0x37/0xe0 [ 28.062344] ? __pfx_kasan_memcmp+0x10/0x10 [ 28.062813] ? finish_task_switch.isra.0+0x153/0x700 [ 28.063253] ? __switch_to+0x5d9/0xf60 [ 28.063699] ? __pfx_read_tsc+0x10/0x10 [ 28.064379] ? ktime_get_ts64+0x84/0x230 [ 28.064772] kunit_try_run_case+0x1b3/0x490 [ 28.065695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.066428] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.067151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.067628] ? __kthread_parkme+0x82/0x160 [ 28.068433] ? preempt_count_sub+0x50/0x80 [ 28.068741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.069540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.069965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.071095] kthread+0x257/0x310 [ 28.071670] ? __pfx_kthread+0x10/0x10 [ 28.072193] ret_from_fork+0x41/0x80 [ 28.072851] ? __pfx_kthread+0x10/0x10 [ 28.073381] ret_from_fork_asm+0x1a/0x30 [ 28.073970] </TASK> [ 28.074471] [ 28.074644] Allocated by task 265: [ 28.074904] kasan_save_stack+0x3d/0x60 [ 28.075303] kasan_save_track+0x18/0x40 [ 28.075970] kasan_save_alloc_info+0x3b/0x50 [ 28.076906] __kasan_kmalloc+0xb7/0xc0 [ 28.077290] __kmalloc_cache_noprof+0x184/0x410 [ 28.077626] kasan_memcmp+0xb8/0x390 [ 28.077917] kunit_try_run_case+0x1b3/0x490 [ 28.078386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.079101] kthread+0x257/0x310 [ 28.079552] ret_from_fork+0x41/0x80 [ 28.079934] ret_from_fork_asm+0x1a/0x30 [ 28.080211] [ 28.080365] The buggy address belongs to the object at ffff888102a18940 [ 28.080365] which belongs to the cache kmalloc-32 of size 32 [ 28.081621] The buggy address is located 0 bytes to the right of [ 28.081621] allocated 24-byte region [ffff888102a18940, ffff888102a18958) [ 28.082702] [ 28.082958] The buggy address belongs to the physical page: [ 28.083670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.084907] flags: 0x200000000000000(node=0|zone=2) [ 28.085298] page_type: f5(slab) [ 28.085543] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.086206] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.087277] page dumped because: kasan: bad access detected [ 28.087788] [ 28.088029] Memory state around the buggy address: [ 28.088465] ffff888102a18800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.090122] ffff888102a18880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.090786] >ffff888102a18900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.091699] ^ [ 28.092297] ffff888102a18980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.092848] ffff888102a18a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.093480] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 27.995155] ================================================================== [ 27.996425] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 27.997180] Read of size 1 at addr ffff888102a18818 by task kunit_try_catch/263 [ 27.998045] [ 27.998311] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 28.000119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.001594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.002288] Call Trace: [ 28.003195] <TASK> [ 28.003415] dump_stack_lvl+0x73/0xb0 [ 28.003675] print_report+0xd1/0x640 [ 28.004488] ? __virt_addr_valid+0x1db/0x2d0 [ 28.005396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.006086] kasan_report+0x102/0x140 [ 28.006530] ? memchr+0x79/0x90 [ 28.006949] ? memchr+0x79/0x90 [ 28.007299] __asan_report_load1_noabort+0x18/0x20 [ 28.007624] memchr+0x79/0x90 [ 28.008323] kasan_memchr+0x163/0x320 [ 28.008802] ? __pfx_kasan_memchr+0x10/0x10 [ 28.009651] ? __schedule+0xc3e/0x2790 [ 28.010406] ? __pfx_read_tsc+0x10/0x10 [ 28.010759] ? ktime_get_ts64+0x84/0x230 [ 28.011261] kunit_try_run_case+0x1b3/0x490 [ 28.012250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.012637] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.013782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.014235] ? __kthread_parkme+0x82/0x160 [ 28.015028] ? preempt_count_sub+0x50/0x80 [ 28.015385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.016129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.016581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.017538] kthread+0x257/0x310 [ 28.017874] ? __pfx_kthread+0x10/0x10 [ 28.018160] ret_from_fork+0x41/0x80 [ 28.018585] ? __pfx_kthread+0x10/0x10 [ 28.019353] ret_from_fork_asm+0x1a/0x30 [ 28.019838] </TASK> [ 28.020125] [ 28.020520] Allocated by task 263: [ 28.020844] kasan_save_stack+0x3d/0x60 [ 28.021316] kasan_save_track+0x18/0x40 [ 28.021883] kasan_save_alloc_info+0x3b/0x50 [ 28.022188] __kasan_kmalloc+0xb7/0xc0 [ 28.022445] __kmalloc_cache_noprof+0x184/0x410 [ 28.024282] kasan_memchr+0xad/0x320 [ 28.024658] kunit_try_run_case+0x1b3/0x490 [ 28.025419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.026491] kthread+0x257/0x310 [ 28.026748] ret_from_fork+0x41/0x80 [ 28.027208] ret_from_fork_asm+0x1a/0x30 [ 28.027594] [ 28.028125] The buggy address belongs to the object at ffff888102a18800 [ 28.028125] which belongs to the cache kmalloc-32 of size 32 [ 28.029021] The buggy address is located 0 bytes to the right of [ 28.029021] allocated 24-byte region [ffff888102a18800, ffff888102a18818) [ 28.030325] [ 28.030585] The buggy address belongs to the physical page: [ 28.031580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 28.032504] flags: 0x200000000000000(node=0|zone=2) [ 28.033189] page_type: f5(slab) [ 28.033629] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.034341] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.035025] page dumped because: kasan: bad access detected [ 28.035715] [ 28.035918] Memory state around the buggy address: [ 28.036366] ffff888102a18700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.037434] ffff888102a18780: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.038327] >ffff888102a18800: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.039172] ^ [ 28.039628] ffff888102a18880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.040414] ffff888102a18900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.041161] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 25.682454] ================================================================== [ 25.683753] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 25.684226] Free of addr ffff8881028346c0 by task kunit_try_catch/200 [ 25.685367] [ 25.685545] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.687164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.687510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.688112] Call Trace: [ 25.688485] <TASK> [ 25.688743] dump_stack_lvl+0x73/0xb0 [ 25.689049] print_report+0xd1/0x640 [ 25.689275] ? __virt_addr_valid+0x1db/0x2d0 [ 25.690559] ? kfree_sensitive+0x2e/0x90 [ 25.691179] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.691743] ? kfree_sensitive+0x2e/0x90 [ 25.692178] kasan_report_invalid_free+0xc0/0xf0 [ 25.692688] ? kfree_sensitive+0x2e/0x90 [ 25.693660] ? kfree_sensitive+0x2e/0x90 [ 25.694352] check_slab_allocation+0x101/0x130 [ 25.694752] __kasan_slab_pre_free+0x28/0x40 [ 25.695416] kfree+0xf1/0x3f0 [ 25.695765] ? kfree_sensitive+0x2e/0x90 [ 25.696358] kfree_sensitive+0x2e/0x90 [ 25.696923] kmalloc_double_kzfree+0x19d/0x360 [ 25.697288] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.697975] ? __schedule+0xc3e/0x2790 [ 25.698423] ? __pfx_read_tsc+0x10/0x10 [ 25.698869] ? ktime_get_ts64+0x84/0x230 [ 25.699463] kunit_try_run_case+0x1b3/0x490 [ 25.700261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.700952] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.701472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.702518] ? __kthread_parkme+0x82/0x160 [ 25.703007] ? preempt_count_sub+0x50/0x80 [ 25.703296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.703917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.705282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.705656] kthread+0x257/0x310 [ 25.706180] ? __pfx_kthread+0x10/0x10 [ 25.706610] ret_from_fork+0x41/0x80 [ 25.707209] ? __pfx_kthread+0x10/0x10 [ 25.707511] ret_from_fork_asm+0x1a/0x30 [ 25.708489] </TASK> [ 25.708804] [ 25.709061] Allocated by task 200: [ 25.709296] kasan_save_stack+0x3d/0x60 [ 25.709561] kasan_save_track+0x18/0x40 [ 25.710231] kasan_save_alloc_info+0x3b/0x50 [ 25.710890] __kasan_kmalloc+0xb7/0xc0 [ 25.711296] __kmalloc_cache_noprof+0x184/0x410 [ 25.711813] kmalloc_double_kzfree+0xaa/0x360 [ 25.712155] kunit_try_run_case+0x1b3/0x490 [ 25.713455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.714248] kthread+0x257/0x310 [ 25.714495] ret_from_fork+0x41/0x80 [ 25.714847] ret_from_fork_asm+0x1a/0x30 [ 25.715467] [ 25.715725] Freed by task 200: [ 25.716269] kasan_save_stack+0x3d/0x60 [ 25.716651] kasan_save_track+0x18/0x40 [ 25.717016] kasan_save_free_info+0x3f/0x60 [ 25.717348] __kasan_slab_free+0x56/0x70 [ 25.718385] kfree+0x123/0x3f0 [ 25.718742] kfree_sensitive+0x67/0x90 [ 25.719164] kmalloc_double_kzfree+0x12c/0x360 [ 25.720009] kunit_try_run_case+0x1b3/0x490 [ 25.720523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.721401] kthread+0x257/0x310 [ 25.721685] ret_from_fork+0x41/0x80 [ 25.722126] ret_from_fork_asm+0x1a/0x30 [ 25.722608] [ 25.722849] The buggy address belongs to the object at ffff8881028346c0 [ 25.722849] which belongs to the cache kmalloc-16 of size 16 [ 25.724159] The buggy address is located 0 bytes inside of [ 25.724159] 16-byte region [ffff8881028346c0, ffff8881028346d0) [ 25.725243] [ 25.725669] The buggy address belongs to the physical page: [ 25.726714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102834 [ 25.728493] flags: 0x200000000000000(node=0|zone=2) [ 25.729723] page_type: f5(slab) [ 25.730139] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.730798] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.731314] page dumped because: kasan: bad access detected [ 25.731778] [ 25.731986] Memory state around the buggy address: [ 25.732425] ffff888102834580: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 25.733302] ffff888102834600: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 25.734086] >ffff888102834680: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 25.734585] ^ [ 25.734942] ffff888102834700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.735681] ffff888102834780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.736216] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 25.625369] ================================================================== [ 25.626487] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 25.627602] Read of size 1 at addr ffff8881028346c0 by task kunit_try_catch/200 [ 25.628602] [ 25.628846] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.629620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.630406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.631162] Call Trace: [ 25.631800] <TASK> [ 25.632088] dump_stack_lvl+0x73/0xb0 [ 25.633118] print_report+0xd1/0x640 [ 25.633552] ? __virt_addr_valid+0x1db/0x2d0 [ 25.633967] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.635065] kasan_report+0x102/0x140 [ 25.635423] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.636195] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.637092] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.638242] __kasan_check_byte+0x3d/0x50 [ 25.638634] kfree_sensitive+0x22/0x90 [ 25.639264] kmalloc_double_kzfree+0x19d/0x360 [ 25.639719] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.640577] ? __schedule+0xc3e/0x2790 [ 25.641014] ? __pfx_read_tsc+0x10/0x10 [ 25.641580] ? ktime_get_ts64+0x84/0x230 [ 25.642336] kunit_try_run_case+0x1b3/0x490 [ 25.642870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.643771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.644455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.645710] ? __kthread_parkme+0x82/0x160 [ 25.646062] ? preempt_count_sub+0x50/0x80 [ 25.646506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.647154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.647586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.648458] kthread+0x257/0x310 [ 25.649264] ? __pfx_kthread+0x10/0x10 [ 25.649897] ret_from_fork+0x41/0x80 [ 25.650497] ? __pfx_kthread+0x10/0x10 [ 25.651183] ret_from_fork_asm+0x1a/0x30 [ 25.651731] </TASK> [ 25.652112] [ 25.652241] Allocated by task 200: [ 25.652407] kasan_save_stack+0x3d/0x60 [ 25.652558] kasan_save_track+0x18/0x40 [ 25.652694] kasan_save_alloc_info+0x3b/0x50 [ 25.652893] __kasan_kmalloc+0xb7/0xc0 [ 25.653355] __kmalloc_cache_noprof+0x184/0x410 [ 25.653769] kmalloc_double_kzfree+0xaa/0x360 [ 25.655094] kunit_try_run_case+0x1b3/0x490 [ 25.655547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.656083] kthread+0x257/0x310 [ 25.656451] ret_from_fork+0x41/0x80 [ 25.657494] ret_from_fork_asm+0x1a/0x30 [ 25.657976] [ 25.658190] Freed by task 200: [ 25.658517] kasan_save_stack+0x3d/0x60 [ 25.659490] kasan_save_track+0x18/0x40 [ 25.660333] kasan_save_free_info+0x3f/0x60 [ 25.661053] __kasan_slab_free+0x56/0x70 [ 25.661327] kfree+0x123/0x3f0 [ 25.661777] kfree_sensitive+0x67/0x90 [ 25.662407] kmalloc_double_kzfree+0x12c/0x360 [ 25.663325] kunit_try_run_case+0x1b3/0x490 [ 25.664097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.664787] kthread+0x257/0x310 [ 25.665678] ret_from_fork+0x41/0x80 [ 25.666000] ret_from_fork_asm+0x1a/0x30 [ 25.666523] [ 25.666740] The buggy address belongs to the object at ffff8881028346c0 [ 25.666740] which belongs to the cache kmalloc-16 of size 16 [ 25.667690] The buggy address is located 0 bytes inside of [ 25.667690] freed 16-byte region [ffff8881028346c0, ffff8881028346d0) [ 25.669222] [ 25.669819] The buggy address belongs to the physical page: [ 25.670557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102834 [ 25.671401] flags: 0x200000000000000(node=0|zone=2) [ 25.672160] page_type: f5(slab) [ 25.672403] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.673429] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.674086] page dumped because: kasan: bad access detected [ 25.674695] [ 25.675118] Memory state around the buggy address: [ 25.675601] ffff888102834580: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 25.677325] ffff888102834600: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 25.678288] >ffff888102834680: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 25.678958] ^ [ 25.679558] ffff888102834700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.680775] ffff888102834780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.681605] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 25.500235] ================================================================== [ 25.500890] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 25.501664] Write of size 33 at addr ffff888101aad680 by task kunit_try_catch/194 [ 25.502854] [ 25.503049] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.504422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.504784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.505261] Call Trace: [ 25.505611] <TASK> [ 25.506119] dump_stack_lvl+0x73/0xb0 [ 25.506673] print_report+0xd1/0x640 [ 25.507300] ? __virt_addr_valid+0x1db/0x2d0 [ 25.507772] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.508507] kasan_report+0x102/0x140 [ 25.508849] ? kmalloc_uaf_memset+0x1a4/0x360 [ 25.509158] ? kmalloc_uaf_memset+0x1a4/0x360 [ 25.509609] kasan_check_range+0x10c/0x1c0 [ 25.510395] __asan_memset+0x27/0x50 [ 25.510789] kmalloc_uaf_memset+0x1a4/0x360 [ 25.511371] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 25.511734] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 25.512506] kunit_try_run_case+0x1b3/0x490 [ 25.512920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.513223] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.515170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.515793] ? __kthread_parkme+0x82/0x160 [ 25.516251] ? preempt_count_sub+0x50/0x80 [ 25.516953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.517679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.518619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.519399] kthread+0x257/0x310 [ 25.519720] ? __pfx_kthread+0x10/0x10 [ 25.519993] ret_from_fork+0x41/0x80 [ 25.520478] ? __pfx_kthread+0x10/0x10 [ 25.521215] ret_from_fork_asm+0x1a/0x30 [ 25.522336] </TASK> [ 25.522658] [ 25.523027] Allocated by task 194: [ 25.523447] kasan_save_stack+0x3d/0x60 [ 25.524024] kasan_save_track+0x18/0x40 [ 25.524705] kasan_save_alloc_info+0x3b/0x50 [ 25.525230] __kasan_kmalloc+0xb7/0xc0 [ 25.525930] __kmalloc_cache_noprof+0x184/0x410 [ 25.526516] kmalloc_uaf_memset+0xaa/0x360 [ 25.527001] kunit_try_run_case+0x1b3/0x490 [ 25.527460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.528445] kthread+0x257/0x310 [ 25.528815] ret_from_fork+0x41/0x80 [ 25.529256] ret_from_fork_asm+0x1a/0x30 [ 25.530257] [ 25.530472] Freed by task 194: [ 25.530788] kasan_save_stack+0x3d/0x60 [ 25.531076] kasan_save_track+0x18/0x40 [ 25.531701] kasan_save_free_info+0x3f/0x60 [ 25.532283] __kasan_slab_free+0x56/0x70 [ 25.532724] kfree+0x123/0x3f0 [ 25.533133] kmalloc_uaf_memset+0x12c/0x360 [ 25.533750] kunit_try_run_case+0x1b3/0x490 [ 25.534395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.534990] kthread+0x257/0x310 [ 25.535528] ret_from_fork+0x41/0x80 [ 25.535784] ret_from_fork_asm+0x1a/0x30 [ 25.536401] [ 25.536632] The buggy address belongs to the object at ffff888101aad680 [ 25.536632] which belongs to the cache kmalloc-64 of size 64 [ 25.537985] The buggy address is located 0 bytes inside of [ 25.537985] freed 64-byte region [ffff888101aad680, ffff888101aad6c0) [ 25.539264] [ 25.539507] The buggy address belongs to the physical page: [ 25.540391] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aad [ 25.541460] flags: 0x200000000000000(node=0|zone=2) [ 25.541770] page_type: f5(slab) [ 25.542055] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.542945] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.543771] page dumped because: kasan: bad access detected [ 25.544488] [ 25.544701] Memory state around the buggy address: [ 25.545290] ffff888101aad580: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 25.545723] ffff888101aad600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.546326] >ffff888101aad680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.546944] ^ [ 25.547170] ffff888101aad700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.547981] ffff888101aad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.548517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 25.391164] ================================================================== [ 25.392369] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 25.394144] Read of size 64 at addr ffff888101aad504 by task kunit_try_catch/190 [ 25.394807] [ 25.395292] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.396159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.396789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.397484] Call Trace: [ 25.397894] <TASK> [ 25.398300] dump_stack_lvl+0x73/0xb0 [ 25.398764] print_report+0xd1/0x640 [ 25.399574] ? __virt_addr_valid+0x1db/0x2d0 [ 25.400149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.400900] kasan_report+0x102/0x140 [ 25.401176] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 25.401530] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 25.402628] kasan_check_range+0x10c/0x1c0 [ 25.403096] __asan_memmove+0x27/0x70 [ 25.403503] kmalloc_memmove_invalid_size+0x170/0x330 [ 25.404777] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 25.405733] ? __schedule+0xc3e/0x2790 [ 25.406534] ? __pfx_read_tsc+0x10/0x10 [ 25.407076] ? ktime_get_ts64+0x84/0x230 [ 25.407449] kunit_try_run_case+0x1b3/0x490 [ 25.408098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.408623] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.409243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.409771] ? __kthread_parkme+0x82/0x160 [ 25.410163] ? preempt_count_sub+0x50/0x80 [ 25.410571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.411354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.412147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.412536] kthread+0x257/0x310 [ 25.413007] ? __pfx_kthread+0x10/0x10 [ 25.413453] ret_from_fork+0x41/0x80 [ 25.414030] ? __pfx_kthread+0x10/0x10 [ 25.414499] ret_from_fork_asm+0x1a/0x30 [ 25.415348] </TASK> [ 25.415536] [ 25.415748] Allocated by task 190: [ 25.416122] kasan_save_stack+0x3d/0x60 [ 25.416523] kasan_save_track+0x18/0x40 [ 25.416964] kasan_save_alloc_info+0x3b/0x50 [ 25.417589] __kasan_kmalloc+0xb7/0xc0 [ 25.418169] __kmalloc_cache_noprof+0x184/0x410 [ 25.418563] kmalloc_memmove_invalid_size+0xad/0x330 [ 25.419478] kunit_try_run_case+0x1b3/0x490 [ 25.419759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.420478] kthread+0x257/0x310 [ 25.420840] ret_from_fork+0x41/0x80 [ 25.421320] ret_from_fork_asm+0x1a/0x30 [ 25.421627] [ 25.422020] The buggy address belongs to the object at ffff888101aad500 [ 25.422020] which belongs to the cache kmalloc-64 of size 64 [ 25.423451] The buggy address is located 4 bytes inside of [ 25.423451] allocated 64-byte region [ffff888101aad500, ffff888101aad540) [ 25.424374] [ 25.424574] The buggy address belongs to the physical page: [ 25.425077] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aad [ 25.425520] flags: 0x200000000000000(node=0|zone=2) [ 25.426293] page_type: f5(slab) [ 25.426610] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.427571] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.428418] page dumped because: kasan: bad access detected [ 25.429120] [ 25.429364] Memory state around the buggy address: [ 25.429696] ffff888101aad400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.430372] ffff888101aad480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.431441] >ffff888101aad500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.432199] ^ [ 25.432590] ffff888101aad580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.433186] ffff888101aad600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.433548] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 27.948310] ================================================================== [ 27.949135] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 27.950289] Read of size 1 at addr ffff888102d67caa by task kunit_try_catch/261 [ 27.951137] [ 27.951356] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.952073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.953351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.953849] Call Trace: [ 27.954054] <TASK> [ 27.954327] dump_stack_lvl+0x73/0xb0 [ 27.954784] print_report+0xd1/0x640 [ 27.955234] ? __virt_addr_valid+0x1db/0x2d0 [ 27.955714] ? kasan_addr_to_slab+0x11/0xa0 [ 27.956550] kasan_report+0x102/0x140 [ 27.957606] ? kasan_alloca_oob_right+0x328/0x390 [ 27.958078] ? kasan_alloca_oob_right+0x328/0x390 [ 27.959069] __asan_report_load1_noabort+0x18/0x20 [ 27.959714] kasan_alloca_oob_right+0x328/0x390 [ 27.960760] ? __schedule+0xc3e/0x2790 [ 27.961356] ? finish_task_switch.isra.0+0x153/0x700 [ 27.961713] ? finish_task_switch.isra.0+0x156/0x700 [ 27.962560] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 27.963516] ? __schedule+0xc3e/0x2790 [ 27.963924] ? __pfx_read_tsc+0x10/0x10 [ 27.964742] ? ktime_get_ts64+0x84/0x230 [ 27.965641] kunit_try_run_case+0x1b3/0x490 [ 27.966464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.967322] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.968249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.968654] ? __kthread_parkme+0x82/0x160 [ 27.969602] ? preempt_count_sub+0x50/0x80 [ 27.970149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.970959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.971817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.972359] kthread+0x257/0x310 [ 27.972750] ? __pfx_kthread+0x10/0x10 [ 27.973733] ret_from_fork+0x41/0x80 [ 27.974325] ? __pfx_kthread+0x10/0x10 [ 27.974607] ret_from_fork_asm+0x1a/0x30 [ 27.975343] </TASK> [ 27.975653] [ 27.975906] The buggy address belongs to stack of task kunit_try_catch/261 [ 27.976461] [ 27.976765] The buggy address belongs to the physical page: [ 27.977310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d67 [ 27.978108] flags: 0x200000000000000(node=0|zone=2) [ 27.979233] raw: 0200000000000000 ffffea00040b59c8 ffffea00040b59c8 0000000000000000 [ 27.980113] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.981156] page dumped because: kasan: bad access detected [ 27.981598] [ 27.981752] Memory state around the buggy address: [ 27.982468] ffff888102d67b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.982800] ffff888102d67c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.983149] >ffff888102d67c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 27.983462] ^ [ 27.983704] ffff888102d67d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 27.985141] ffff888102d67d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.985843] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 27.899335] ================================================================== [ 27.900420] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 27.901320] Read of size 1 at addr ffff888102d77c9f by task kunit_try_catch/259 [ 27.903261] [ 27.903530] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.905022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.905976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.906694] Call Trace: [ 27.906970] <TASK> [ 27.907259] dump_stack_lvl+0x73/0xb0 [ 27.908184] print_report+0xd1/0x640 [ 27.909027] ? __virt_addr_valid+0x1db/0x2d0 [ 27.909673] ? kasan_addr_to_slab+0x11/0xa0 [ 27.910657] kasan_report+0x102/0x140 [ 27.910979] ? kasan_alloca_oob_left+0x31f/0x380 [ 27.911258] ? kasan_alloca_oob_left+0x31f/0x380 [ 27.911798] __asan_report_load1_noabort+0x18/0x20 [ 27.912845] kasan_alloca_oob_left+0x31f/0x380 [ 27.913540] ? __pfx_trace_event_raw_event_ipi_raise+0x10/0x10 [ 27.914611] ? __schedule+0xc3e/0x2790 [ 27.914921] ? trace_hardirqs_on+0x37/0xe0 [ 27.915506] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 27.916391] ? __schedule+0xc3e/0x2790 [ 27.916666] ? __pfx_read_tsc+0x10/0x10 [ 27.917584] ? ktime_get_ts64+0x84/0x230 [ 27.918344] kunit_try_run_case+0x1b3/0x490 [ 27.918710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.919283] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.920555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.921538] ? __kthread_parkme+0x82/0x160 [ 27.922083] ? preempt_count_sub+0x50/0x80 [ 27.922518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.922988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.923883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.924610] kthread+0x257/0x310 [ 27.925229] ? __pfx_kthread+0x10/0x10 [ 27.926111] ret_from_fork+0x41/0x80 [ 27.926596] ? __pfx_kthread+0x10/0x10 [ 27.927469] ret_from_fork_asm+0x1a/0x30 [ 27.928165] </TASK> [ 27.928895] [ 27.929171] The buggy address belongs to stack of task kunit_try_catch/259 [ 27.929931] [ 27.930108] The buggy address belongs to the physical page: [ 27.931140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d77 [ 27.931853] flags: 0x200000000000000(node=0|zone=2) [ 27.932790] raw: 0200000000000000 ffffea00040b5dc8 ffffea00040b5dc8 0000000000000000 [ 27.934496] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.935083] page dumped because: kasan: bad access detected [ 27.935595] [ 27.935768] Memory state around the buggy address: [ 27.936695] ffff888102d77b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.937723] ffff888102d77c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.938253] >ffff888102d77c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 27.939024] ^ [ 27.939501] ffff888102d77d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 27.940021] ffff888102d77d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.940789] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 27.848501] ================================================================== [ 27.850581] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 27.851232] Read of size 1 at addr ffff888102ca7d72 by task kunit_try_catch/257 [ 27.851851] [ 27.852089] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.853838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.854373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.855165] Call Trace: [ 27.856388] <TASK> [ 27.856698] dump_stack_lvl+0x73/0xb0 [ 27.857333] print_report+0xd1/0x640 [ 27.857688] ? __virt_addr_valid+0x1db/0x2d0 [ 27.858760] ? kasan_addr_to_slab+0x11/0xa0 [ 27.859403] kasan_report+0x102/0x140 [ 27.859762] ? kasan_stack_oob+0x2ae/0x300 [ 27.860643] ? kasan_stack_oob+0x2ae/0x300 [ 27.861931] __asan_report_load1_noabort+0x18/0x20 [ 27.862319] kasan_stack_oob+0x2ae/0x300 [ 27.862710] ? __pfx_kasan_stack_oob+0x10/0x10 [ 27.863063] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.864019] ? __pfx_kasan_stack_oob+0x10/0x10 [ 27.864678] kunit_try_run_case+0x1b3/0x490 [ 27.865100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.866051] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.866576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.867102] ? __kthread_parkme+0x82/0x160 [ 27.868103] ? preempt_count_sub+0x50/0x80 [ 27.869291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.869689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.870612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.871376] kthread+0x257/0x310 [ 27.872135] ? __pfx_kthread+0x10/0x10 [ 27.872568] ret_from_fork+0x41/0x80 [ 27.872929] ? __pfx_kthread+0x10/0x10 [ 27.873351] ret_from_fork_asm+0x1a/0x30 [ 27.874140] </TASK> [ 27.874472] [ 27.874895] The buggy address belongs to stack of task kunit_try_catch/257 [ 27.875748] and is located at offset 138 in frame: [ 27.876580] kasan_stack_oob+0x0/0x300 [ 27.877529] [ 27.877871] This frame has 4 objects: [ 27.878728] [48, 49) '__assertion' [ 27.878856] [64, 72) 'array' [ 27.879449] [96, 112) '__assertion' [ 27.880237] [128, 138) 'stack_array' [ 27.880713] [ 27.881850] The buggy address belongs to the physical page: [ 27.882813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ca7 [ 27.883848] flags: 0x200000000000000(node=0|zone=2) [ 27.884595] raw: 0200000000000000 ffffea00040b29c8 ffffea00040b29c8 0000000000000000 [ 27.885698] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.886085] page dumped because: kasan: bad access detected [ 27.886706] [ 27.886942] Memory state around the buggy address: [ 27.887419] ffff888102ca7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.888645] ffff888102ca7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.889066] >ffff888102ca7d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 27.890147] ^ [ 27.890943] ffff888102ca7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.891653] ffff888102ca7e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 27.892540] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 27.798500] ================================================================== [ 27.800178] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 27.800911] Read of size 1 at addr ffffffff8affbc2d by task kunit_try_catch/253 [ 27.801732] [ 27.802291] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.803533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.803788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.804600] Call Trace: [ 27.805280] <TASK> [ 27.805582] dump_stack_lvl+0x73/0xb0 [ 27.805947] print_report+0xd1/0x640 [ 27.806725] ? __virt_addr_valid+0x1db/0x2d0 [ 27.807411] ? kasan_addr_to_slab+0x11/0xa0 [ 27.808158] kasan_report+0x102/0x140 [ 27.808596] ? kasan_global_oob_right+0x288/0x2d0 [ 27.809547] ? kasan_global_oob_right+0x288/0x2d0 [ 27.810462] __asan_report_load1_noabort+0x18/0x20 [ 27.811196] kasan_global_oob_right+0x288/0x2d0 [ 27.811722] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 27.812138] ? __schedule+0xc3e/0x2790 [ 27.813172] ? __pfx_read_tsc+0x10/0x10 [ 27.813481] ? ktime_get_ts64+0x84/0x230 [ 27.814556] kunit_try_run_case+0x1b3/0x490 [ 27.815147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.815783] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.816208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.816675] ? __kthread_parkme+0x82/0x160 [ 27.817069] ? preempt_count_sub+0x50/0x80 [ 27.817936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.819174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.819742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.820930] kthread+0x257/0x310 [ 27.821184] ? __pfx_kthread+0x10/0x10 [ 27.821446] ret_from_fork+0x41/0x80 [ 27.821990] ? __pfx_kthread+0x10/0x10 [ 27.822507] ret_from_fork_asm+0x1a/0x30 [ 27.823054] </TASK> [ 27.823245] [ 27.823658] The buggy address belongs to the variable: [ 27.824527] global_array+0xd/0x40 [ 27.825198] [ 27.825493] The buggy address belongs to the physical page: [ 27.826619] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1123fb [ 27.827794] flags: 0x200000000002000(reserved|node=0|zone=2) [ 27.828660] raw: 0200000000002000 ffffea000448fec8 ffffea000448fec8 0000000000000000 [ 27.829436] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.830059] page dumped because: kasan: bad access detected [ 27.830623] [ 27.830840] Memory state around the buggy address: [ 27.831425] ffffffff8affbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.832064] ffffffff8affbb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.833154] >ffffffff8affbc00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 27.833528] ^ [ 27.834188] ffffffff8affbc80: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 27.835094] ffffffff8affbd00: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 27.835765] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 27.694244] ================================================================== [ 27.695172] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.696107] Free of addr ffff888102a1b001 by task kunit_try_catch/249 [ 27.696600] [ 27.696780] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.697615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.698061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.698669] Call Trace: [ 27.699212] <TASK> [ 27.699466] dump_stack_lvl+0x73/0xb0 [ 27.699957] print_report+0xd1/0x640 [ 27.700447] ? __virt_addr_valid+0x1db/0x2d0 [ 27.700814] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.701398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.701735] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.702118] kasan_report_invalid_free+0xc0/0xf0 [ 27.702677] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.703336] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.703955] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.704610] check_slab_allocation+0x11f/0x130 [ 27.705055] __kasan_mempool_poison_object+0x91/0x1d0 [ 27.705435] mempool_free+0x2ec/0x380 [ 27.705933] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.706554] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 27.707207] ? irqentry_exit+0x2a/0x60 [ 27.707689] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.708051] mempool_kmalloc_invalid_free+0xb1/0x100 [ 27.708503] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 27.709052] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.709569] ? __pfx_mempool_kfree+0x10/0x10 [ 27.710060] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 27.710721] kunit_try_run_case+0x1b3/0x490 [ 27.711232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.711693] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.712193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.712556] ? __kthread_parkme+0x82/0x160 [ 27.713019] ? preempt_count_sub+0x50/0x80 [ 27.713549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.714064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.714621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.714987] kthread+0x257/0x310 [ 27.715241] ? __pfx_kthread+0x10/0x10 [ 27.715537] ret_from_fork+0x41/0x80 [ 27.715962] ? __pfx_kthread+0x10/0x10 [ 27.716430] ret_from_fork_asm+0x1a/0x30 [ 27.716896] </TASK> [ 27.717215] [ 27.717475] Allocated by task 249: [ 27.717791] kasan_save_stack+0x3d/0x60 [ 27.718284] kasan_save_track+0x18/0x40 [ 27.718709] kasan_save_alloc_info+0x3b/0x50 [ 27.719029] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.719601] remove_element+0x11e/0x190 [ 27.720045] mempool_alloc_preallocated+0x4d/0x90 [ 27.720520] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 27.720880] mempool_kmalloc_invalid_free+0xb1/0x100 [ 27.721188] kunit_try_run_case+0x1b3/0x490 [ 27.721692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.722279] kthread+0x257/0x310 [ 27.722689] ret_from_fork+0x41/0x80 [ 27.723116] ret_from_fork_asm+0x1a/0x30 [ 27.723591] [ 27.723870] The buggy address belongs to the object at ffff888102a1b000 [ 27.723870] which belongs to the cache kmalloc-128 of size 128 [ 27.726278] The buggy address is located 1 bytes inside of [ 27.726278] 128-byte region [ffff888102a1b000, ffff888102a1b080) [ 27.727245] [ 27.727915] The buggy address belongs to the physical page: [ 27.728371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1b [ 27.729280] flags: 0x200000000000000(node=0|zone=2) [ 27.729589] page_type: f5(slab) [ 27.729847] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.730463] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.731237] page dumped because: kasan: bad access detected [ 27.731786] [ 27.732024] Memory state around the buggy address: [ 27.732596] ffff888102a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.733138] ffff888102a1af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.733839] >ffff888102a1b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.734461] ^ [ 27.734958] ffff888102a1b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.735649] ffff888102a1b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.736335] ================================================================== [ 27.744321] ================================================================== [ 27.745848] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.746783] Free of addr ffff888102d24001 by task kunit_try_catch/251 [ 27.747490] [ 27.748369] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.749136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.749538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.750588] Call Trace: [ 27.750935] <TASK> [ 27.751160] dump_stack_lvl+0x73/0xb0 [ 27.751789] print_report+0xd1/0x640 [ 27.752225] ? __virt_addr_valid+0x1db/0x2d0 [ 27.752720] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.753799] ? kasan_addr_to_slab+0x11/0xa0 [ 27.754544] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.755365] kasan_report_invalid_free+0xc0/0xf0 [ 27.755725] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.756713] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.757753] __kasan_mempool_poison_object+0x102/0x1d0 [ 27.758423] mempool_free+0x2ec/0x380 [ 27.759252] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.759784] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 27.760751] ? finish_task_switch.isra.0+0x153/0x700 [ 27.761544] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 27.762588] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 27.763039] ? __switch_to+0x5d9/0xf60 [ 27.763564] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.764413] ? __pfx_mempool_kfree+0x10/0x10 [ 27.764783] ? __pfx_read_tsc+0x10/0x10 [ 27.765589] ? ktime_get_ts64+0x84/0x230 [ 27.766039] kunit_try_run_case+0x1b3/0x490 [ 27.766411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.767576] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.768019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.768560] ? __kthread_parkme+0x82/0x160 [ 27.769407] ? preempt_count_sub+0x50/0x80 [ 27.770310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.771576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.772042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.773161] kthread+0x257/0x310 [ 27.773474] ? __pfx_kthread+0x10/0x10 [ 27.773711] ret_from_fork+0x41/0x80 [ 27.774403] ? __pfx_kthread+0x10/0x10 [ 27.774812] ret_from_fork_asm+0x1a/0x30 [ 27.775201] </TASK> [ 27.775454] [ 27.775655] The buggy address belongs to the physical page: [ 27.777193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d24 [ 27.777948] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.779099] flags: 0x200000000000040(head|node=0|zone=2) [ 27.779530] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.780915] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.781650] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.782616] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.783044] head: 0200000000000002 ffffea00040b4901 ffffffffffffffff 0000000000000000 [ 27.783910] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.785509] page dumped because: kasan: bad access detected [ 27.786011] [ 27.786556] Memory state around the buggy address: [ 27.787200] ffff888102d23f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.787638] ffff888102d23f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.788646] >ffff888102d24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.789304] ^ [ 27.790165] ffff888102d24080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.790580] ffff888102d24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.791261] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 27.526062] ================================================================== [ 27.527179] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.529295] Free of addr ffff888101abb900 by task kunit_try_catch/243 [ 27.529691] [ 27.529898] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.530847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.531268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.532562] Call Trace: [ 27.533217] <TASK> [ 27.533916] dump_stack_lvl+0x73/0xb0 [ 27.534382] print_report+0xd1/0x640 [ 27.535312] ? __virt_addr_valid+0x1db/0x2d0 [ 27.535577] ? mempool_double_free_helper+0x185/0x370 [ 27.536106] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.536637] ? mempool_double_free_helper+0x185/0x370 [ 27.537223] kasan_report_invalid_free+0xc0/0xf0 [ 27.537545] ? mempool_double_free_helper+0x185/0x370 [ 27.538174] ? mempool_double_free_helper+0x185/0x370 [ 27.538724] ? mempool_double_free_helper+0x185/0x370 [ 27.539648] check_slab_allocation+0x101/0x130 [ 27.540686] __kasan_mempool_poison_object+0x91/0x1d0 [ 27.541267] mempool_free+0x2ec/0x380 [ 27.541916] mempool_double_free_helper+0x185/0x370 [ 27.542321] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.542853] ? irqentry_exit+0x2a/0x60 [ 27.543115] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.543726] mempool_kmalloc_double_free+0xb1/0x100 [ 27.544450] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 27.544989] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.545614] ? __pfx_mempool_kfree+0x10/0x10 [ 27.546205] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 27.547046] kunit_try_run_case+0x1b3/0x490 [ 27.547654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.548413] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.548924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.549293] ? __kthread_parkme+0x82/0x160 [ 27.549932] ? preempt_count_sub+0x50/0x80 [ 27.550549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.551198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.551649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.551956] kthread+0x257/0x310 [ 27.552429] ? __pfx_kthread+0x10/0x10 [ 27.552977] ret_from_fork+0x41/0x80 [ 27.553561] ? __pfx_kthread+0x10/0x10 [ 27.554207] ret_from_fork_asm+0x1a/0x30 [ 27.554655] </TASK> [ 27.555010] [ 27.555245] Allocated by task 243: [ 27.555746] kasan_save_stack+0x3d/0x60 [ 27.556229] kasan_save_track+0x18/0x40 [ 27.556728] kasan_save_alloc_info+0x3b/0x50 [ 27.557346] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.558041] remove_element+0x11e/0x190 [ 27.558540] mempool_alloc_preallocated+0x4d/0x90 [ 27.559151] mempool_double_free_helper+0x8b/0x370 [ 27.559731] mempool_kmalloc_double_free+0xb1/0x100 [ 27.561038] kunit_try_run_case+0x1b3/0x490 [ 27.561440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.561888] kthread+0x257/0x310 [ 27.562236] ret_from_fork+0x41/0x80 [ 27.562645] ret_from_fork_asm+0x1a/0x30 [ 27.563257] [ 27.563408] Freed by task 243: [ 27.563621] kasan_save_stack+0x3d/0x60 [ 27.564046] kasan_save_track+0x18/0x40 [ 27.564465] kasan_save_free_info+0x3f/0x60 [ 27.565213] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.565729] mempool_free+0x2ec/0x380 [ 27.566192] mempool_double_free_helper+0x10a/0x370 [ 27.566867] mempool_kmalloc_double_free+0xb1/0x100 [ 27.567418] kunit_try_run_case+0x1b3/0x490 [ 27.567791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.568137] kthread+0x257/0x310 [ 27.568416] ret_from_fork+0x41/0x80 [ 27.569745] ret_from_fork_asm+0x1a/0x30 [ 27.570523] [ 27.570755] The buggy address belongs to the object at ffff888101abb900 [ 27.570755] which belongs to the cache kmalloc-128 of size 128 [ 27.571994] The buggy address is located 0 bytes inside of [ 27.571994] 128-byte region [ffff888101abb900, ffff888101abb980) [ 27.572987] [ 27.573297] The buggy address belongs to the physical page: [ 27.573668] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abb [ 27.574104] flags: 0x200000000000000(node=0|zone=2) [ 27.574558] page_type: f5(slab) [ 27.575573] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.576612] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.577662] page dumped because: kasan: bad access detected [ 27.578259] [ 27.578409] Memory state around the buggy address: [ 27.578809] ffff888101abb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.579794] ffff888101abb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.580455] >ffff888101abb900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.580812] ^ [ 27.581140] ffff888101abb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.582738] ffff888101abba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.583587] ================================================================== [ 27.648628] ================================================================== [ 27.650200] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.650817] Free of addr ffff888102cf4000 by task kunit_try_catch/247 [ 27.651925] [ 27.652459] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.653204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.653894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.654969] Call Trace: [ 27.655164] <TASK> [ 27.655457] dump_stack_lvl+0x73/0xb0 [ 27.655916] print_report+0xd1/0x640 [ 27.656273] ? __virt_addr_valid+0x1db/0x2d0 [ 27.657611] ? mempool_double_free_helper+0x185/0x370 [ 27.658002] ? kasan_addr_to_slab+0x11/0xa0 [ 27.658696] ? mempool_double_free_helper+0x185/0x370 [ 27.659175] kasan_report_invalid_free+0xc0/0xf0 [ 27.660370] ? mempool_double_free_helper+0x185/0x370 [ 27.660756] ? mempool_double_free_helper+0x185/0x370 [ 27.661363] __kasan_mempool_poison_pages+0x115/0x130 [ 27.662023] mempool_free+0x290/0x380 [ 27.662941] mempool_double_free_helper+0x185/0x370 [ 27.663450] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.664053] ? finish_task_switch.isra.0+0x153/0x700 [ 27.664789] mempool_page_alloc_double_free+0xac/0x100 [ 27.665414] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 27.665890] ? __switch_to+0x5d9/0xf60 [ 27.666275] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 27.667142] ? __pfx_mempool_free_pages+0x10/0x10 [ 27.667804] ? __pfx_read_tsc+0x10/0x10 [ 27.668424] ? ktime_get_ts64+0x84/0x230 [ 27.668809] kunit_try_run_case+0x1b3/0x490 [ 27.669259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.670380] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.670796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.671446] ? __kthread_parkme+0x82/0x160 [ 27.672030] ? preempt_count_sub+0x50/0x80 [ 27.672531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.673367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.674220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.674960] kthread+0x257/0x310 [ 27.675340] ? __pfx_kthread+0x10/0x10 [ 27.676220] ret_from_fork+0x41/0x80 [ 27.676572] ? __pfx_kthread+0x10/0x10 [ 27.676907] ret_from_fork_asm+0x1a/0x30 [ 27.677346] </TASK> [ 27.677614] [ 27.678516] The buggy address belongs to the physical page: [ 27.679012] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cf4 [ 27.679798] flags: 0x200000000000000(node=0|zone=2) [ 27.680156] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.680806] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.681935] page dumped because: kasan: bad access detected [ 27.682412] [ 27.682634] Memory state around the buggy address: [ 27.683063] ffff888102cf3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.683703] ffff888102cf3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.684247] >ffff888102cf4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.684850] ^ [ 27.685424] ffff888102cf4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.686033] ffff888102cf4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.686849] ================================================================== [ 27.593425] ================================================================== [ 27.595916] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.596578] Free of addr ffff888102cf4000 by task kunit_try_catch/245 [ 27.597299] [ 27.597560] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.598753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.599101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.600360] Call Trace: [ 27.600864] <TASK> [ 27.601194] dump_stack_lvl+0x73/0xb0 [ 27.601807] print_report+0xd1/0x640 [ 27.602399] ? __virt_addr_valid+0x1db/0x2d0 [ 27.603127] ? mempool_double_free_helper+0x185/0x370 [ 27.603970] ? kasan_addr_to_slab+0x11/0xa0 [ 27.604641] ? mempool_double_free_helper+0x185/0x370 [ 27.605192] kasan_report_invalid_free+0xc0/0xf0 [ 27.605893] ? mempool_double_free_helper+0x185/0x370 [ 27.606430] ? mempool_double_free_helper+0x185/0x370 [ 27.607030] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 27.607733] mempool_free+0x2ec/0x380 [ 27.608679] mempool_double_free_helper+0x185/0x370 [ 27.609303] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.609853] ? finish_task_switch.isra.0+0x153/0x700 [ 27.610683] mempool_kmalloc_large_double_free+0xb1/0x100 [ 27.611295] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 27.611881] ? __switch_to+0x5d9/0xf60 [ 27.612600] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.613265] ? __pfx_mempool_kfree+0x10/0x10 [ 27.613756] ? __pfx_read_tsc+0x10/0x10 [ 27.614382] ? ktime_get_ts64+0x84/0x230 [ 27.614899] kunit_try_run_case+0x1b3/0x490 [ 27.615287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.616369] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.616870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.617521] ? __kthread_parkme+0x82/0x160 [ 27.618463] ? preempt_count_sub+0x50/0x80 [ 27.618880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.619517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.620334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.621433] kthread+0x257/0x310 [ 27.621746] ? __pfx_kthread+0x10/0x10 [ 27.622113] ret_from_fork+0x41/0x80 [ 27.622578] ? __pfx_kthread+0x10/0x10 [ 27.623382] ret_from_fork_asm+0x1a/0x30 [ 27.623879] </TASK> [ 27.624162] [ 27.624705] The buggy address belongs to the physical page: [ 27.625421] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cf4 [ 27.626216] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.626893] flags: 0x200000000000040(head|node=0|zone=2) [ 27.627893] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.628580] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.629429] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.630413] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.630804] head: 0200000000000002 ffffea00040b3d01 ffffffffffffffff 0000000000000000 [ 27.632157] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.633065] page dumped because: kasan: bad access detected [ 27.633576] [ 27.633746] Memory state around the buggy address: [ 27.634062] ffff888102cf3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.635259] ffff888102cf3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.636672] >ffff888102cf4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.637812] ^ [ 27.638504] ffff888102cf4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.639545] ffff888102cf4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.640468] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 27.355678] ================================================================== [ 27.356354] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.356854] Read of size 1 at addr ffff888102cf4000 by task kunit_try_catch/237 [ 27.357260] [ 27.357494] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.358475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.359033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.360204] Call Trace: [ 27.360581] <TASK> [ 27.361051] dump_stack_lvl+0x73/0xb0 [ 27.361559] print_report+0xd1/0x640 [ 27.362610] ? __virt_addr_valid+0x1db/0x2d0 [ 27.363243] ? kasan_addr_to_slab+0x11/0xa0 [ 27.363735] kasan_report+0x102/0x140 [ 27.364503] ? mempool_uaf_helper+0x394/0x400 [ 27.365015] ? mempool_uaf_helper+0x394/0x400 [ 27.365530] __asan_report_load1_noabort+0x18/0x20 [ 27.366089] mempool_uaf_helper+0x394/0x400 [ 27.366585] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.367068] ? finish_task_switch.isra.0+0x153/0x700 [ 27.367612] mempool_kmalloc_large_uaf+0xb3/0x100 [ 27.367974] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 27.368500] ? __switch_to+0x5d9/0xf60 [ 27.369383] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.369746] ? __pfx_mempool_kfree+0x10/0x10 [ 27.370483] ? __pfx_read_tsc+0x10/0x10 [ 27.370851] ? ktime_get_ts64+0x84/0x230 [ 27.371442] kunit_try_run_case+0x1b3/0x490 [ 27.371987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.372362] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.372841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.373765] ? __kthread_parkme+0x82/0x160 [ 27.374455] ? preempt_count_sub+0x50/0x80 [ 27.375078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.375491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.376217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.376624] kthread+0x257/0x310 [ 27.377380] ? __pfx_kthread+0x10/0x10 [ 27.378052] ret_from_fork+0x41/0x80 [ 27.378441] ? __pfx_kthread+0x10/0x10 [ 27.378714] ret_from_fork_asm+0x1a/0x30 [ 27.379416] </TASK> [ 27.379626] [ 27.380000] The buggy address belongs to the physical page: [ 27.380453] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cf4 [ 27.381098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.381722] flags: 0x200000000000040(head|node=0|zone=2) [ 27.382604] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.383305] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.384585] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.385431] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.386468] head: 0200000000000002 ffffea00040b3d01 ffffffffffffffff 0000000000000000 [ 27.387285] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.387908] page dumped because: kasan: bad access detected [ 27.388299] [ 27.388452] Memory state around the buggy address: [ 27.388804] ffff888102cf3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.389547] ffff888102cf3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.390605] >ffff888102cf4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.391282] ^ [ 27.391643] ffff888102cf4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.392240] ffff888102cf4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.393047] ================================================================== [ 27.477776] ================================================================== [ 27.478806] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.479638] Read of size 1 at addr ffff888102d20000 by task kunit_try_catch/241 [ 27.481317] [ 27.482141] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 27.483181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.484205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.484614] Call Trace: [ 27.484778] <TASK> [ 27.484962] dump_stack_lvl+0x73/0xb0 [ 27.485224] print_report+0xd1/0x640 [ 27.486178] ? __virt_addr_valid+0x1db/0x2d0 [ 27.486728] ? kasan_addr_to_slab+0x11/0xa0 [ 27.487548] kasan_report+0x102/0x140 [ 27.487934] ? mempool_uaf_helper+0x394/0x400 [ 27.489017] ? mempool_uaf_helper+0x394/0x400 [ 27.489749] __asan_report_load1_noabort+0x18/0x20 [ 27.490923] mempool_uaf_helper+0x394/0x400 [ 27.491414] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.491708] ? finish_task_switch.isra.0+0x153/0x700 [ 27.492752] mempool_page_alloc_uaf+0xb1/0x100 [ 27.493103] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 27.493641] ? __switch_to+0x5d9/0xf60 [ 27.494564] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 27.494997] ? __pfx_mempool_free_pages+0x10/0x10 [ 27.495653] ? __pfx_read_tsc+0x10/0x10 [ 27.495997] ? ktime_get_ts64+0x84/0x230 [ 27.496713] kunit_try_run_case+0x1b3/0x490 [ 27.498208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.498970] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.499731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.500605] ? __kthread_parkme+0x82/0x160 [ 27.501790] ? preempt_count_sub+0x50/0x80 [ 27.502211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.503130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.503602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.504123] kthread+0x257/0x310 [ 27.504977] ? __pfx_kthread+0x10/0x10 [ 27.505206] ret_from_fork+0x41/0x80 [ 27.505424] ? __pfx_kthread+0x10/0x10 [ 27.505802] ret_from_fork_asm+0x1a/0x30 [ 27.506631] </TASK> [ 27.507591] [ 27.507775] The buggy address belongs to the physical page: [ 27.508777] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d20 [ 27.510326] flags: 0x200000000000000(node=0|zone=2) [ 27.510703] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.511804] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.512336] page dumped because: kasan: bad access detected [ 27.512803] [ 27.513021] Memory state around the buggy address: [ 27.513473] ffff888102d1ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.514735] ffff888102d1ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.515896] >ffff888102d20000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.516837] ^ [ 27.517044] ffff888102d20080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.518103] ffff888102d20100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.518565] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 25.442532] ================================================================== [ 25.443357] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 25.444554] Read of size 1 at addr ffff888100f9bcc8 by task kunit_try_catch/192 [ 25.445969] [ 25.446204] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.446702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.447086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.449410] Call Trace: [ 25.450155] <TASK> [ 25.450433] dump_stack_lvl+0x73/0xb0 [ 25.450806] print_report+0xd1/0x640 [ 25.451946] ? __virt_addr_valid+0x1db/0x2d0 [ 25.452472] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.452771] kasan_report+0x102/0x140 [ 25.453407] ? kmalloc_uaf+0x322/0x380 [ 25.454352] ? kmalloc_uaf+0x322/0x380 [ 25.454729] __asan_report_load1_noabort+0x18/0x20 [ 25.455615] kmalloc_uaf+0x322/0x380 [ 25.455976] ? __pfx_kmalloc_uaf+0x10/0x10 [ 25.456343] ? __pfx_kmalloc_uaf+0x10/0x10 [ 25.457533] kunit_try_run_case+0x1b3/0x490 [ 25.458216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.459008] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.459868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.461358] ? __kthread_parkme+0x82/0x160 [ 25.461707] ? preempt_count_sub+0x50/0x80 [ 25.462605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.462999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.464180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.464445] kthread+0x257/0x310 [ 25.464625] ? __pfx_kthread+0x10/0x10 [ 25.464772] ret_from_fork+0x41/0x80 [ 25.465162] ? __pfx_kthread+0x10/0x10 [ 25.465573] ret_from_fork_asm+0x1a/0x30 [ 25.466048] </TASK> [ 25.466306] [ 25.466514] Allocated by task 192: [ 25.466951] kasan_save_stack+0x3d/0x60 [ 25.467308] kasan_save_track+0x18/0x40 [ 25.467800] kasan_save_alloc_info+0x3b/0x50 [ 25.468443] __kasan_kmalloc+0xb7/0xc0 [ 25.468895] __kmalloc_cache_noprof+0x184/0x410 [ 25.469405] kmalloc_uaf+0xab/0x380 [ 25.469807] kunit_try_run_case+0x1b3/0x490 [ 25.470433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.470793] kthread+0x257/0x310 [ 25.471178] ret_from_fork+0x41/0x80 [ 25.471726] ret_from_fork_asm+0x1a/0x30 [ 25.472335] [ 25.472573] Freed by task 192: [ 25.473165] kasan_save_stack+0x3d/0x60 [ 25.473977] kasan_save_track+0x18/0x40 [ 25.474490] kasan_save_free_info+0x3f/0x60 [ 25.474952] __kasan_slab_free+0x56/0x70 [ 25.475583] kfree+0x123/0x3f0 [ 25.476108] kmalloc_uaf+0x12d/0x380 [ 25.476723] kunit_try_run_case+0x1b3/0x490 [ 25.477313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.478248] kthread+0x257/0x310 [ 25.478727] ret_from_fork+0x41/0x80 [ 25.479167] ret_from_fork_asm+0x1a/0x30 [ 25.479771] [ 25.480075] The buggy address belongs to the object at ffff888100f9bcc0 [ 25.480075] which belongs to the cache kmalloc-16 of size 16 [ 25.481045] The buggy address is located 8 bytes inside of [ 25.481045] freed 16-byte region [ffff888100f9bcc0, ffff888100f9bcd0) [ 25.482482] [ 25.482776] The buggy address belongs to the physical page: [ 25.483163] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 25.483982] flags: 0x200000000000000(node=0|zone=2) [ 25.484737] page_type: f5(slab) [ 25.485473] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.486436] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.487066] page dumped because: kasan: bad access detected [ 25.487844] [ 25.488231] Memory state around the buggy address: [ 25.488851] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.489718] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.490329] >ffff888100f9bc80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 25.490642] ^ [ 25.491145] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.491771] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.492535] ================================================================== [ 25.031793] ================================================================== [ 25.032676] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 25.033221] Read of size 16 at addr ffff888100f9bca0 by task kunit_try_catch/176 [ 25.033748] [ 25.034145] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.034976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.035443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.036090] Call Trace: [ 25.036392] <TASK> [ 25.036638] dump_stack_lvl+0x73/0xb0 [ 25.037129] print_report+0xd1/0x640 [ 25.037589] ? __virt_addr_valid+0x1db/0x2d0 [ 25.037991] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.038638] kasan_report+0x102/0x140 [ 25.039164] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.039506] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.040011] __asan_report_load16_noabort+0x18/0x20 [ 25.040586] kmalloc_uaf_16+0x47d/0x4c0 [ 25.041042] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 25.041388] ? __schedule+0xc3e/0x2790 [ 25.042026] ? __pfx_read_tsc+0x10/0x10 [ 25.042310] ? ktime_get_ts64+0x84/0x230 [ 25.042778] kunit_try_run_case+0x1b3/0x490 [ 25.043402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.043710] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.044350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.044878] ? __kthread_parkme+0x82/0x160 [ 25.045390] ? preempt_count_sub+0x50/0x80 [ 25.045865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.046292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.047038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.047634] kthread+0x257/0x310 [ 25.048043] ? __pfx_kthread+0x10/0x10 [ 25.048558] ret_from_fork+0x41/0x80 [ 25.049113] ? __pfx_kthread+0x10/0x10 [ 25.049389] ret_from_fork_asm+0x1a/0x30 [ 25.049693] </TASK> [ 25.049898] [ 25.050129] Allocated by task 176: [ 25.050617] kasan_save_stack+0x3d/0x60 [ 25.051131] kasan_save_track+0x18/0x40 [ 25.051627] kasan_save_alloc_info+0x3b/0x50 [ 25.052034] __kasan_kmalloc+0xb7/0xc0 [ 25.052502] __kmalloc_cache_noprof+0x184/0x410 [ 25.052811] kmalloc_uaf_16+0x15c/0x4c0 [ 25.053262] kunit_try_run_case+0x1b3/0x490 [ 25.053650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.054157] kthread+0x257/0x310 [ 25.054630] ret_from_fork+0x41/0x80 [ 25.055001] ret_from_fork_asm+0x1a/0x30 [ 25.055647] [ 25.055817] Freed by task 176: [ 25.056054] kasan_save_stack+0x3d/0x60 [ 25.056310] kasan_save_track+0x18/0x40 [ 25.056562] kasan_save_free_info+0x3f/0x60 [ 25.056845] __kasan_slab_free+0x56/0x70 [ 25.057357] kfree+0x123/0x3f0 [ 25.057714] kmalloc_uaf_16+0x1d7/0x4c0 [ 25.058155] kunit_try_run_case+0x1b3/0x490 [ 25.058593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.059476] kthread+0x257/0x310 [ 25.060013] ret_from_fork+0x41/0x80 [ 25.060440] ret_from_fork_asm+0x1a/0x30 [ 25.060860] [ 25.061108] The buggy address belongs to the object at ffff888100f9bca0 [ 25.061108] which belongs to the cache kmalloc-16 of size 16 [ 25.062397] The buggy address is located 0 bytes inside of [ 25.062397] freed 16-byte region [ffff888100f9bca0, ffff888100f9bcb0) [ 25.063379] [ 25.063544] The buggy address belongs to the physical page: [ 25.063855] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100f9b [ 25.064542] flags: 0x200000000000000(node=0|zone=2) [ 25.065232] page_type: f5(slab) [ 25.065682] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.066546] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.067177] page dumped because: kasan: bad access detected [ 25.067602] [ 25.067921] Memory state around the buggy address: [ 25.068314] ffff888100f9bb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.068982] ffff888100f9bc00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.069549] >ffff888100f9bc80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 25.070113] ^ [ 25.070457] ffff888100f9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.071319] ffff888100f9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.071708] ================================================================== [ 25.555495] ================================================================== [ 25.556912] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 25.557543] Read of size 1 at addr ffff888101aad728 by task kunit_try_catch/196 [ 25.558764] [ 25.559442] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 25.560377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.561376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.562281] Call Trace: [ 25.562518] <TASK> [ 25.562987] dump_stack_lvl+0x73/0xb0 [ 25.563405] print_report+0xd1/0x640 [ 25.564592] ? __virt_addr_valid+0x1db/0x2d0 [ 25.564920] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.565882] kasan_report+0x102/0x140 [ 25.566955] ? kmalloc_uaf2+0x4aa/0x520 [ 25.567296] ? kmalloc_uaf2+0x4aa/0x520 [ 25.568375] __asan_report_load1_noabort+0x18/0x20 [ 25.568749] kmalloc_uaf2+0x4aa/0x520 [ 25.569242] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 25.569783] ? finish_task_switch.isra.0+0x153/0x700 [ 25.570265] ? __switch_to+0x5d9/0xf60 [ 25.571422] ? __schedule+0xc3e/0x2790 [ 25.572000] ? __pfx_read_tsc+0x10/0x10 [ 25.572253] ? ktime_get_ts64+0x84/0x230 [ 25.572653] kunit_try_run_case+0x1b3/0x490 [ 25.574016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.574473] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.575383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.576424] ? __kthread_parkme+0x82/0x160 [ 25.576756] ? preempt_count_sub+0x50/0x80 [ 25.577192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.578070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.578987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.579665] kthread+0x257/0x310 [ 25.579971] ? __pfx_kthread+0x10/0x10 [ 25.580981] ret_from_fork+0x41/0x80 [ 25.581409] ? __pfx_kthread+0x10/0x10 [ 25.581681] ret_from_fork_asm+0x1a/0x30 [ 25.582120] </TASK> [ 25.582811] [ 25.583100] Allocated by task 196: [ 25.584021] kasan_save_stack+0x3d/0x60 [ 25.584298] kasan_save_track+0x18/0x40 [ 25.584634] kasan_save_alloc_info+0x3b/0x50 [ 25.585101] __kasan_kmalloc+0xb7/0xc0 [ 25.585466] __kmalloc_cache_noprof+0x184/0x410 [ 25.586869] kmalloc_uaf2+0xc7/0x520 [ 25.587418] kunit_try_run_case+0x1b3/0x490 [ 25.587862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.589123] kthread+0x257/0x310 [ 25.589465] ret_from_fork+0x41/0x80 [ 25.589784] ret_from_fork_asm+0x1a/0x30 [ 25.591000] [ 25.591155] Freed by task 196: [ 25.591541] kasan_save_stack+0x3d/0x60 [ 25.591908] kasan_save_track+0x18/0x40 [ 25.592142] kasan_save_free_info+0x3f/0x60 [ 25.592655] __kasan_slab_free+0x56/0x70 [ 25.593093] kfree+0x123/0x3f0 [ 25.593640] kmalloc_uaf2+0x14d/0x520 [ 25.593933] kunit_try_run_case+0x1b3/0x490 [ 25.594200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.595154] kthread+0x257/0x310 [ 25.595945] ret_from_fork+0x41/0x80 [ 25.597046] ret_from_fork_asm+0x1a/0x30 [ 25.597783] [ 25.598059] The buggy address belongs to the object at ffff888101aad700 [ 25.598059] which belongs to the cache kmalloc-64 of size 64 [ 25.600372] The buggy address is located 40 bytes inside of [ 25.600372] freed 64-byte region [ffff888101aad700, ffff888101aad740) [ 25.601363] [ 25.601636] The buggy address belongs to the physical page: [ 25.602246] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aad [ 25.602819] flags: 0x200000000000000(node=0|zone=2) [ 25.603562] page_type: f5(slab) [ 25.603958] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.604595] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.606096] page dumped because: kasan: bad access detected [ 25.606584] [ 25.606794] Memory state around the buggy address: [ 25.607417] ffff888101aad600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.607980] ffff888101aad680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.608804] >ffff888101aad700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.610602] ^ [ 25.611235] ffff888101aad780: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 25.612286] ffff888101aad800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.613421] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 24.979727] ================================================================== [ 24.980582] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 24.981538] Write of size 16 at addr ffff888102834680 by task kunit_try_catch/174 [ 24.982913] [ 24.983191] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.983814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.985073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.986171] Call Trace: [ 24.986813] <TASK> [ 24.987136] dump_stack_lvl+0x73/0xb0 [ 24.987654] print_report+0xd1/0x640 [ 24.988144] ? __virt_addr_valid+0x1db/0x2d0 [ 24.989313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.989761] kasan_report+0x102/0x140 [ 24.990439] ? kmalloc_oob_16+0x454/0x4a0 [ 24.990846] ? kmalloc_oob_16+0x454/0x4a0 [ 24.991231] __asan_report_store16_noabort+0x1b/0x30 [ 24.992471] kmalloc_oob_16+0x454/0x4a0 [ 24.992850] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 24.993634] ? __schedule+0xc3e/0x2790 [ 24.994366] ? __pfx_read_tsc+0x10/0x10 [ 24.995314] ? ktime_get_ts64+0x84/0x230 [ 24.995709] kunit_try_run_case+0x1b3/0x490 [ 24.996334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.997207] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.997616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.998485] ? __kthread_parkme+0x82/0x160 [ 24.999179] ? preempt_count_sub+0x50/0x80 [ 24.999674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.000758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.001232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.001934] kthread+0x257/0x310 [ 25.002628] ? __pfx_kthread+0x10/0x10 [ 25.003301] ret_from_fork+0x41/0x80 [ 25.003728] ? __pfx_kthread+0x10/0x10 [ 25.004200] ret_from_fork_asm+0x1a/0x30 [ 25.004892] </TASK> [ 25.005395] [ 25.005633] Allocated by task 174: [ 25.006415] kasan_save_stack+0x3d/0x60 [ 25.006957] kasan_save_track+0x18/0x40 [ 25.007639] kasan_save_alloc_info+0x3b/0x50 [ 25.008217] __kasan_kmalloc+0xb7/0xc0 [ 25.008896] __kmalloc_cache_noprof+0x184/0x410 [ 25.009565] kmalloc_oob_16+0xa9/0x4a0 [ 25.009841] kunit_try_run_case+0x1b3/0x490 [ 25.010145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.010690] kthread+0x257/0x310 [ 25.011036] ret_from_fork+0x41/0x80 [ 25.011568] ret_from_fork_asm+0x1a/0x30 [ 25.011893] [ 25.012047] The buggy address belongs to the object at ffff888102834680 [ 25.012047] which belongs to the cache kmalloc-16 of size 16 [ 25.012898] The buggy address is located 0 bytes inside of [ 25.012898] allocated 13-byte region [ffff888102834680, ffff88810283468d) [ 25.013924] [ 25.014086] The buggy address belongs to the physical page: [ 25.015115] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102834 [ 25.015982] flags: 0x200000000000000(node=0|zone=2) [ 25.016484] page_type: f5(slab) [ 25.017064] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.017814] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.019158] page dumped because: kasan: bad access detected [ 25.019737] [ 25.019975] Memory state around the buggy address: [ 25.020555] ffff888102834580: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 25.021206] ffff888102834600: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 25.021858] >ffff888102834680: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.022228] ^ [ 25.022902] ffff888102834700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.023537] ffff888102834780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.024430] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 24.851402] ================================================================== [ 24.852783] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 24.853649] Read of size 1 at addr ffff888100a25800 by task kunit_try_catch/172 [ 24.854227] [ 24.854430] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.856102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.856871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.857856] Call Trace: [ 24.858423] <TASK> [ 24.858607] dump_stack_lvl+0x73/0xb0 [ 24.859570] print_report+0xd1/0x640 [ 24.860035] ? __virt_addr_valid+0x1db/0x2d0 [ 24.861366] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.862279] kasan_report+0x102/0x140 [ 24.862728] ? krealloc_uaf+0x1b9/0x5e0 [ 24.863170] ? krealloc_uaf+0x1b9/0x5e0 [ 24.863711] ? krealloc_uaf+0x1b9/0x5e0 [ 24.864793] __kasan_check_byte+0x3d/0x50 [ 24.865295] krealloc_noprof+0x3f/0x340 [ 24.865651] krealloc_uaf+0x1b9/0x5e0 [ 24.866549] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.866996] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.868151] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.868558] kunit_try_run_case+0x1b3/0x490 [ 24.869312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.869577] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.870270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.871332] ? __kthread_parkme+0x82/0x160 [ 24.871990] ? preempt_count_sub+0x50/0x80 [ 24.872696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.873586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.874642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.875244] kthread+0x257/0x310 [ 24.875870] ? __pfx_kthread+0x10/0x10 [ 24.876265] ret_from_fork+0x41/0x80 [ 24.877468] ? __pfx_kthread+0x10/0x10 [ 24.877811] ret_from_fork_asm+0x1a/0x30 [ 24.878854] </TASK> [ 24.879154] [ 24.879328] Allocated by task 172: [ 24.879561] kasan_save_stack+0x3d/0x60 [ 24.880586] kasan_save_track+0x18/0x40 [ 24.881286] kasan_save_alloc_info+0x3b/0x50 [ 24.881583] __kasan_kmalloc+0xb7/0xc0 [ 24.882015] __kmalloc_cache_noprof+0x184/0x410 [ 24.882971] krealloc_uaf+0xbc/0x5e0 [ 24.883616] kunit_try_run_case+0x1b3/0x490 [ 24.884512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.885373] kthread+0x257/0x310 [ 24.885693] ret_from_fork+0x41/0x80 [ 24.886049] ret_from_fork_asm+0x1a/0x30 [ 24.886559] [ 24.886791] Freed by task 172: [ 24.887198] kasan_save_stack+0x3d/0x60 [ 24.887689] kasan_save_track+0x18/0x40 [ 24.889074] kasan_save_free_info+0x3f/0x60 [ 24.889684] __kasan_slab_free+0x56/0x70 [ 24.889996] kfree+0x123/0x3f0 [ 24.890777] krealloc_uaf+0x13e/0x5e0 [ 24.891893] kunit_try_run_case+0x1b3/0x490 [ 24.892266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.892583] kthread+0x257/0x310 [ 24.893428] ret_from_fork+0x41/0x80 [ 24.893846] ret_from_fork_asm+0x1a/0x30 [ 24.894469] [ 24.894708] The buggy address belongs to the object at ffff888100a25800 [ 24.894708] which belongs to the cache kmalloc-256 of size 256 [ 24.895612] The buggy address is located 0 bytes inside of [ 24.895612] freed 256-byte region [ffff888100a25800, ffff888100a25900) [ 24.896841] [ 24.897682] The buggy address belongs to the physical page: [ 24.898606] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.899633] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.900192] flags: 0x200000000000040(head|node=0|zone=2) [ 24.900880] page_type: f5(slab) [ 24.901305] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.902013] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.902492] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.903794] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.904275] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.905037] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.906174] page dumped because: kasan: bad access detected [ 24.906511] [ 24.906802] Memory state around the buggy address: [ 24.907655] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.908312] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.909151] >ffff888100a25800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.909592] ^ [ 24.910131] ffff888100a25880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.910850] ffff888100a25900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.911433] ================================================================== [ 24.913407] ================================================================== [ 24.913882] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 24.915168] Read of size 1 at addr ffff888100a25800 by task kunit_try_catch/172 [ 24.915954] [ 24.916203] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.918639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.919228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.919847] Call Trace: [ 24.920202] <TASK> [ 24.920703] dump_stack_lvl+0x73/0xb0 [ 24.921459] print_report+0xd1/0x640 [ 24.922286] ? __virt_addr_valid+0x1db/0x2d0 [ 24.922730] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.923805] kasan_report+0x102/0x140 [ 24.924480] ? krealloc_uaf+0x53e/0x5e0 [ 24.924921] ? krealloc_uaf+0x53e/0x5e0 [ 24.925323] __asan_report_load1_noabort+0x18/0x20 [ 24.926348] krealloc_uaf+0x53e/0x5e0 [ 24.927106] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.927697] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.928336] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.929604] kunit_try_run_case+0x1b3/0x490 [ 24.930089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.930894] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.931637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.932439] ? __kthread_parkme+0x82/0x160 [ 24.932904] ? preempt_count_sub+0x50/0x80 [ 24.933365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.933771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.934331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.934758] kthread+0x257/0x310 [ 24.935557] ? __pfx_kthread+0x10/0x10 [ 24.935999] ret_from_fork+0x41/0x80 [ 24.936307] ? __pfx_kthread+0x10/0x10 [ 24.936574] ret_from_fork_asm+0x1a/0x30 [ 24.937143] </TASK> [ 24.937491] [ 24.938167] Allocated by task 172: [ 24.938742] kasan_save_stack+0x3d/0x60 [ 24.939084] kasan_save_track+0x18/0x40 [ 24.939342] kasan_save_alloc_info+0x3b/0x50 [ 24.939895] __kasan_kmalloc+0xb7/0xc0 [ 24.941104] __kmalloc_cache_noprof+0x184/0x410 [ 24.941871] krealloc_uaf+0xbc/0x5e0 [ 24.942445] kunit_try_run_case+0x1b3/0x490 [ 24.942734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.943261] kthread+0x257/0x310 [ 24.944597] ret_from_fork+0x41/0x80 [ 24.945352] ret_from_fork_asm+0x1a/0x30 [ 24.945850] [ 24.946083] Freed by task 172: [ 24.946625] kasan_save_stack+0x3d/0x60 [ 24.947000] kasan_save_track+0x18/0x40 [ 24.947263] kasan_save_free_info+0x3f/0x60 [ 24.948154] __kasan_slab_free+0x56/0x70 [ 24.948620] kfree+0x123/0x3f0 [ 24.949365] krealloc_uaf+0x13e/0x5e0 [ 24.950634] kunit_try_run_case+0x1b3/0x490 [ 24.951228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.951794] kthread+0x257/0x310 [ 24.952193] ret_from_fork+0x41/0x80 [ 24.952672] ret_from_fork_asm+0x1a/0x30 [ 24.953167] [ 24.953528] The buggy address belongs to the object at ffff888100a25800 [ 24.953528] which belongs to the cache kmalloc-256 of size 256 [ 24.954963] The buggy address is located 0 bytes inside of [ 24.954963] freed 256-byte region [ffff888100a25800, ffff888100a25900) [ 24.956149] [ 24.956312] The buggy address belongs to the physical page: [ 24.956812] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.957812] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.958225] flags: 0x200000000000040(head|node=0|zone=2) [ 24.958877] page_type: f5(slab) [ 24.959531] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.960631] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.961517] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.963084] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.963865] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.964551] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.965528] page dumped because: kasan: bad access detected [ 24.966256] [ 24.966919] Memory state around the buggy address: [ 24.967419] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.968347] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.969287] >ffff888100a25800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.969924] ^ [ 24.970565] ffff888100a25880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.971345] ffff888100a25900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.972477] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 24.395156] ================================================================== [ 24.395687] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 24.396124] Write of size 1 at addr ffff888100a256da by task kunit_try_catch/166 [ 24.396554] [ 24.396737] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.397645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.398055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.398809] Call Trace: [ 24.399205] <TASK> [ 24.399529] dump_stack_lvl+0x73/0xb0 [ 24.400009] print_report+0xd1/0x640 [ 24.400447] ? __virt_addr_valid+0x1db/0x2d0 [ 24.400941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.401326] kasan_report+0x102/0x140 [ 24.401677] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.402309] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.402718] __asan_report_store1_noabort+0x1b/0x30 [ 24.403384] krealloc_less_oob_helper+0xec8/0x11d0 [ 24.403923] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.404293] ? finish_task_switch.isra.0+0x153/0x700 [ 24.404608] ? __switch_to+0x5d9/0xf60 [ 24.404919] ? __schedule+0xc3e/0x2790 [ 24.405369] ? __pfx_read_tsc+0x10/0x10 [ 24.405971] krealloc_less_oob+0x1c/0x30 [ 24.406415] kunit_try_run_case+0x1b3/0x490 [ 24.406899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.407495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.408077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.408714] ? __kthread_parkme+0x82/0x160 [ 24.409236] ? preempt_count_sub+0x50/0x80 [ 24.409700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.410041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.410444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.411111] kthread+0x257/0x310 [ 24.411571] ? __pfx_kthread+0x10/0x10 [ 24.412032] ret_from_fork+0x41/0x80 [ 24.412590] ? __pfx_kthread+0x10/0x10 [ 24.413066] ret_from_fork_asm+0x1a/0x30 [ 24.413692] </TASK> [ 24.413985] [ 24.414132] Allocated by task 166: [ 24.414410] kasan_save_stack+0x3d/0x60 [ 24.414681] kasan_save_track+0x18/0x40 [ 24.415784] kasan_save_alloc_info+0x3b/0x50 [ 24.418372] __kasan_krealloc+0x190/0x1f0 [ 24.418802] krealloc_noprof+0xf3/0x340 [ 24.419228] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.420736] krealloc_less_oob+0x1c/0x30 [ 24.423040] kunit_try_run_case+0x1b3/0x490 [ 24.424129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.426302] kthread+0x257/0x310 [ 24.427734] ret_from_fork+0x41/0x80 [ 24.428935] ret_from_fork_asm+0x1a/0x30 [ 24.429806] [ 24.430627] The buggy address belongs to the object at ffff888100a25600 [ 24.430627] which belongs to the cache kmalloc-256 of size 256 [ 24.432957] The buggy address is located 17 bytes to the right of [ 24.432957] allocated 201-byte region [ffff888100a25600, ffff888100a256c9) [ 24.435486] [ 24.436087] The buggy address belongs to the physical page: [ 24.437322] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.438004] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.438706] flags: 0x200000000000040(head|node=0|zone=2) [ 24.439416] page_type: f5(slab) [ 24.439639] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.440388] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.440913] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.441469] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.442186] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.443042] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.443496] page dumped because: kasan: bad access detected [ 24.444241] [ 24.444584] Memory state around the buggy address: [ 24.445371] ffff888100a25580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.446370] ffff888100a25600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.447280] >ffff888100a25680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.448037] ^ [ 24.448843] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.449894] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.451053] ================================================================== [ 24.356374] ================================================================== [ 24.357093] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 24.357617] Write of size 1 at addr ffff888100a256d0 by task kunit_try_catch/166 [ 24.358489] [ 24.358718] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.359453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.359698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.360511] Call Trace: [ 24.360813] <TASK> [ 24.361086] dump_stack_lvl+0x73/0xb0 [ 24.361578] print_report+0xd1/0x640 [ 24.361913] ? __virt_addr_valid+0x1db/0x2d0 [ 24.362433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.362769] kasan_report+0x102/0x140 [ 24.363063] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.363652] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.364434] __asan_report_store1_noabort+0x1b/0x30 [ 24.364978] krealloc_less_oob_helper+0xe25/0x11d0 [ 24.365493] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.365901] ? finish_task_switch.isra.0+0x153/0x700 [ 24.366359] ? __switch_to+0x5d9/0xf60 [ 24.366816] ? __schedule+0xc3e/0x2790 [ 24.367455] ? __pfx_read_tsc+0x10/0x10 [ 24.367883] krealloc_less_oob+0x1c/0x30 [ 24.368243] kunit_try_run_case+0x1b3/0x490 [ 24.368540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.368862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.369335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.369938] ? __kthread_parkme+0x82/0x160 [ 24.370500] ? preempt_count_sub+0x50/0x80 [ 24.370906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.371212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.371871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.372410] kthread+0x257/0x310 [ 24.372986] ? __pfx_kthread+0x10/0x10 [ 24.373405] ret_from_fork+0x41/0x80 [ 24.373736] ? __pfx_kthread+0x10/0x10 [ 24.374302] ret_from_fork_asm+0x1a/0x30 [ 24.374617] </TASK> [ 24.374974] [ 24.375187] Allocated by task 166: [ 24.375471] kasan_save_stack+0x3d/0x60 [ 24.375901] kasan_save_track+0x18/0x40 [ 24.376452] kasan_save_alloc_info+0x3b/0x50 [ 24.376949] __kasan_krealloc+0x190/0x1f0 [ 24.377346] krealloc_noprof+0xf3/0x340 [ 24.377599] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.377924] krealloc_less_oob+0x1c/0x30 [ 24.378187] kunit_try_run_case+0x1b3/0x490 [ 24.378503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.378839] kthread+0x257/0x310 [ 24.379208] ret_from_fork+0x41/0x80 [ 24.379646] ret_from_fork_asm+0x1a/0x30 [ 24.380128] [ 24.380465] The buggy address belongs to the object at ffff888100a25600 [ 24.380465] which belongs to the cache kmalloc-256 of size 256 [ 24.381699] The buggy address is located 7 bytes to the right of [ 24.381699] allocated 201-byte region [ffff888100a25600, ffff888100a256c9) [ 24.382845] [ 24.383120] The buggy address belongs to the physical page: [ 24.383699] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.384239] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.384611] flags: 0x200000000000040(head|node=0|zone=2) [ 24.385154] page_type: f5(slab) [ 24.385578] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.386260] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.386997] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.387654] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.388283] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.388968] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.389404] page dumped because: kasan: bad access detected [ 24.389656] [ 24.389786] Memory state around the buggy address: [ 24.390264] ffff888100a25580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.390984] ffff888100a25600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.391561] >ffff888100a25680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.392157] ^ [ 24.392670] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.393226] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.393857] ================================================================== [ 24.651063] ================================================================== [ 24.651855] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 24.652761] Write of size 1 at addr ffff88810232a0c9 by task kunit_try_catch/170 [ 24.654945] [ 24.655117] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.655726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.656260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.657684] Call Trace: [ 24.658453] <TASK> [ 24.658683] dump_stack_lvl+0x73/0xb0 [ 24.659145] print_report+0xd1/0x640 [ 24.659439] ? __virt_addr_valid+0x1db/0x2d0 [ 24.660061] ? kasan_addr_to_slab+0x11/0xa0 [ 24.660490] kasan_report+0x102/0x140 [ 24.660844] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.661492] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.662135] __asan_report_store1_noabort+0x1b/0x30 [ 24.662499] krealloc_less_oob_helper+0xd72/0x11d0 [ 24.663049] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.663492] ? finish_task_switch.isra.0+0x153/0x700 [ 24.663815] ? __switch_to+0x5d9/0xf60 [ 24.664344] ? irqentry_exit+0x2a/0x60 [ 24.664798] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.665304] ? trace_hardirqs_on+0x37/0xe0 [ 24.665648] ? __pfx_read_tsc+0x10/0x10 [ 24.665962] krealloc_large_less_oob+0x1c/0x30 [ 24.667009] kunit_try_run_case+0x1b3/0x490 [ 24.667566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.668255] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.668740] ? __kthread_parkme+0x82/0x160 [ 24.669180] ? preempt_count_sub+0x50/0x80 [ 24.669469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.670002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.670565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.671191] kthread+0x257/0x310 [ 24.671740] ? __pfx_kthread+0x10/0x10 [ 24.672194] ret_from_fork+0x41/0x80 [ 24.672613] ? __pfx_kthread+0x10/0x10 [ 24.673578] ret_from_fork_asm+0x1a/0x30 [ 24.673961] </TASK> [ 24.674219] [ 24.674378] The buggy address belongs to the physical page: [ 24.674670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.675343] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.676020] flags: 0x200000000000040(head|node=0|zone=2) [ 24.676684] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.677555] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.678167] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.679165] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.679692] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.680300] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.680690] page dumped because: kasan: bad access detected [ 24.683056] [ 24.683281] Memory state around the buggy address: [ 24.683725] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.684214] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.685572] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.686028] ^ [ 24.686661] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.687603] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.688516] ================================================================== [ 24.690309] ================================================================== [ 24.692081] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 24.692700] Write of size 1 at addr ffff88810232a0d0 by task kunit_try_catch/170 [ 24.693352] [ 24.693765] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.694651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.695228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.695802] Call Trace: [ 24.696138] <TASK> [ 24.696767] dump_stack_lvl+0x73/0xb0 [ 24.697199] print_report+0xd1/0x640 [ 24.697599] ? __virt_addr_valid+0x1db/0x2d0 [ 24.698169] ? kasan_addr_to_slab+0x11/0xa0 [ 24.698897] kasan_report+0x102/0x140 [ 24.699216] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.699619] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.699978] __asan_report_store1_noabort+0x1b/0x30 [ 24.700522] krealloc_less_oob_helper+0xe25/0x11d0 [ 24.701144] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.701725] ? finish_task_switch.isra.0+0x153/0x700 [ 24.702278] ? __switch_to+0x5d9/0xf60 [ 24.702563] ? irqentry_exit+0x2a/0x60 [ 24.702851] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.703360] ? trace_hardirqs_on+0x37/0xe0 [ 24.703798] ? __pfx_read_tsc+0x10/0x10 [ 24.704240] krealloc_large_less_oob+0x1c/0x30 [ 24.705207] kunit_try_run_case+0x1b3/0x490 [ 24.705791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.706168] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.706481] ? __kthread_parkme+0x82/0x160 [ 24.706966] ? preempt_count_sub+0x50/0x80 [ 24.707402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.708122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.709032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.709449] kthread+0x257/0x310 [ 24.709719] ? __pfx_kthread+0x10/0x10 [ 24.710168] ret_from_fork+0x41/0x80 [ 24.710700] ? __pfx_kthread+0x10/0x10 [ 24.711138] ret_from_fork_asm+0x1a/0x30 [ 24.711864] </TASK> [ 24.712149] [ 24.712454] The buggy address belongs to the physical page: [ 24.713340] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.713863] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.714878] flags: 0x200000000000040(head|node=0|zone=2) [ 24.715229] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.715880] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.716738] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.719000] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.720420] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.721089] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.723177] page dumped because: kasan: bad access detected [ 24.723560] [ 24.723777] Memory state around the buggy address: [ 24.724378] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.724877] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.725671] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.726276] ^ [ 24.726791] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.727285] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.728554] ================================================================== [ 24.452351] ================================================================== [ 24.452810] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 24.453240] Write of size 1 at addr ffff888100a256ea by task kunit_try_catch/166 [ 24.453814] [ 24.454320] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.455339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.455592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.456311] Call Trace: [ 24.456772] <TASK> [ 24.457059] dump_stack_lvl+0x73/0xb0 [ 24.457502] print_report+0xd1/0x640 [ 24.457959] ? __virt_addr_valid+0x1db/0x2d0 [ 24.458583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.458992] kasan_report+0x102/0x140 [ 24.459529] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.460120] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.460653] __asan_report_store1_noabort+0x1b/0x30 [ 24.461177] krealloc_less_oob_helper+0xe92/0x11d0 [ 24.461651] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.462403] ? finish_task_switch.isra.0+0x153/0x700 [ 24.462980] ? __switch_to+0x5d9/0xf60 [ 24.463221] ? __schedule+0xc3e/0x2790 [ 24.463503] ? __pfx_read_tsc+0x10/0x10 [ 24.464056] krealloc_less_oob+0x1c/0x30 [ 24.464562] kunit_try_run_case+0x1b3/0x490 [ 24.465138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.465636] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.466365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.466680] ? __kthread_parkme+0x82/0x160 [ 24.467111] ? preempt_count_sub+0x50/0x80 [ 24.467731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.468294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.469045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.469857] kthread+0x257/0x310 [ 24.470134] ? __pfx_kthread+0x10/0x10 [ 24.470442] ret_from_fork+0x41/0x80 [ 24.470708] ? __pfx_kthread+0x10/0x10 [ 24.471237] ret_from_fork_asm+0x1a/0x30 [ 24.471805] </TASK> [ 24.472232] [ 24.472560] Allocated by task 166: [ 24.472983] kasan_save_stack+0x3d/0x60 [ 24.473417] kasan_save_track+0x18/0x40 [ 24.473807] kasan_save_alloc_info+0x3b/0x50 [ 24.474527] __kasan_krealloc+0x190/0x1f0 [ 24.474986] krealloc_noprof+0xf3/0x340 [ 24.475275] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.475574] krealloc_less_oob+0x1c/0x30 [ 24.475857] kunit_try_run_case+0x1b3/0x490 [ 24.476297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.476799] kthread+0x257/0x310 [ 24.477291] ret_from_fork+0x41/0x80 [ 24.477676] ret_from_fork_asm+0x1a/0x30 [ 24.478320] [ 24.478544] The buggy address belongs to the object at ffff888100a25600 [ 24.478544] which belongs to the cache kmalloc-256 of size 256 [ 24.479491] The buggy address is located 33 bytes to the right of [ 24.479491] allocated 201-byte region [ffff888100a25600, ffff888100a256c9) [ 24.480361] [ 24.480650] The buggy address belongs to the physical page: [ 24.481325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.481897] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.482727] flags: 0x200000000000040(head|node=0|zone=2) [ 24.483166] page_type: f5(slab) [ 24.483453] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.484126] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.484990] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.485658] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.486408] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.487121] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.487758] page dumped because: kasan: bad access detected [ 24.488367] [ 24.488575] Memory state around the buggy address: [ 24.488933] ffff888100a25580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.489293] ffff888100a25600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.489646] >ffff888100a25680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.490304] ^ [ 24.490922] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.491626] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.492515] ================================================================== [ 24.768932] ================================================================== [ 24.770418] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 24.771214] Write of size 1 at addr ffff88810232a0ea by task kunit_try_catch/170 [ 24.771644] [ 24.771813] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.772318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.772563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.773350] Call Trace: [ 24.773658] <TASK> [ 24.774157] dump_stack_lvl+0x73/0xb0 [ 24.774647] print_report+0xd1/0x640 [ 24.775224] ? __virt_addr_valid+0x1db/0x2d0 [ 24.775763] ? kasan_addr_to_slab+0x11/0xa0 [ 24.776364] kasan_report+0x102/0x140 [ 24.776634] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.778010] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.778603] __asan_report_store1_noabort+0x1b/0x30 [ 24.779348] krealloc_less_oob_helper+0xe92/0x11d0 [ 24.780084] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.780653] ? finish_task_switch.isra.0+0x153/0x700 [ 24.781364] ? __switch_to+0x5d9/0xf60 [ 24.781788] ? irqentry_exit+0x2a/0x60 [ 24.782678] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.783197] ? trace_hardirqs_on+0x37/0xe0 [ 24.783632] ? __pfx_read_tsc+0x10/0x10 [ 24.784409] krealloc_large_less_oob+0x1c/0x30 [ 24.784798] kunit_try_run_case+0x1b3/0x490 [ 24.785407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.786122] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.786653] ? __kthread_parkme+0x82/0x160 [ 24.787299] ? preempt_count_sub+0x50/0x80 [ 24.787666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.788636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.789144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.790084] kthread+0x257/0x310 [ 24.790509] ? __pfx_kthread+0x10/0x10 [ 24.790817] ret_from_fork+0x41/0x80 [ 24.791435] ? __pfx_kthread+0x10/0x10 [ 24.792048] ret_from_fork_asm+0x1a/0x30 [ 24.792472] </TASK> [ 24.792658] [ 24.792806] The buggy address belongs to the physical page: [ 24.794054] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.794791] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.795672] flags: 0x200000000000040(head|node=0|zone=2) [ 24.796354] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.797051] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.797726] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.798957] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.799520] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.800523] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.801072] page dumped because: kasan: bad access detected [ 24.801615] [ 24.802025] Memory state around the buggy address: [ 24.802516] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.803074] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.803761] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.805088] ^ [ 24.805806] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.806551] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.807361] ================================================================== [ 24.307106] ================================================================== [ 24.307782] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 24.308490] Write of size 1 at addr ffff888100a256c9 by task kunit_try_catch/166 [ 24.309353] [ 24.309602] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.310743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.311952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.312497] Call Trace: [ 24.312996] <TASK> [ 24.313285] dump_stack_lvl+0x73/0xb0 [ 24.313704] print_report+0xd1/0x640 [ 24.314036] ? __virt_addr_valid+0x1db/0x2d0 [ 24.314342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.315448] kasan_report+0x102/0x140 [ 24.315898] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.316593] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.317125] __asan_report_store1_noabort+0x1b/0x30 [ 24.317562] krealloc_less_oob_helper+0xd72/0x11d0 [ 24.317982] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.318414] ? finish_task_switch.isra.0+0x153/0x700 [ 24.319305] ? __switch_to+0x5d9/0xf60 [ 24.319723] ? __schedule+0xc3e/0x2790 [ 24.320348] ? __pfx_read_tsc+0x10/0x10 [ 24.320720] krealloc_less_oob+0x1c/0x30 [ 24.321159] kunit_try_run_case+0x1b3/0x490 [ 24.321474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.321776] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.322370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.323324] ? __kthread_parkme+0x82/0x160 [ 24.323798] ? preempt_count_sub+0x50/0x80 [ 24.324430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.325047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.325754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.326146] kthread+0x257/0x310 [ 24.326405] ? __pfx_kthread+0x10/0x10 [ 24.326718] ret_from_fork+0x41/0x80 [ 24.327569] ? __pfx_kthread+0x10/0x10 [ 24.328044] ret_from_fork_asm+0x1a/0x30 [ 24.328725] </TASK> [ 24.329083] [ 24.329386] Allocated by task 166: [ 24.329661] kasan_save_stack+0x3d/0x60 [ 24.329966] kasan_save_track+0x18/0x40 [ 24.330509] kasan_save_alloc_info+0x3b/0x50 [ 24.330971] __kasan_krealloc+0x190/0x1f0 [ 24.331877] krealloc_noprof+0xf3/0x340 [ 24.332328] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.332714] krealloc_less_oob+0x1c/0x30 [ 24.333002] kunit_try_run_case+0x1b3/0x490 [ 24.333275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.333757] kthread+0x257/0x310 [ 24.334156] ret_from_fork+0x41/0x80 [ 24.334552] ret_from_fork_asm+0x1a/0x30 [ 24.335070] [ 24.335282] The buggy address belongs to the object at ffff888100a25600 [ 24.335282] which belongs to the cache kmalloc-256 of size 256 [ 24.336183] The buggy address is located 0 bytes to the right of [ 24.336183] allocated 201-byte region [ffff888100a25600, ffff888100a256c9) [ 24.337133] [ 24.337300] The buggy address belongs to the physical page: [ 24.337601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.338035] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.338466] flags: 0x200000000000040(head|node=0|zone=2) [ 24.339607] page_type: f5(slab) [ 24.339997] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.341095] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.342163] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.343376] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.344074] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.344464] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.345494] page dumped because: kasan: bad access detected [ 24.346068] [ 24.347660] Memory state around the buggy address: [ 24.349082] ffff888100a25580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.350738] ffff888100a25600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.351849] >ffff888100a25680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.353136] ^ [ 24.353688] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.354562] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.354933] ================================================================== [ 24.495591] ================================================================== [ 24.497419] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 24.498056] Write of size 1 at addr ffff888100a256eb by task kunit_try_catch/166 [ 24.498437] [ 24.498612] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.500488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.500891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.501628] Call Trace: [ 24.503621] <TASK> [ 24.503928] dump_stack_lvl+0x73/0xb0 [ 24.504367] print_report+0xd1/0x640 [ 24.504777] ? __virt_addr_valid+0x1db/0x2d0 [ 24.505541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.506204] kasan_report+0x102/0x140 [ 24.506571] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.507606] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.508345] __asan_report_store1_noabort+0x1b/0x30 [ 24.509158] krealloc_less_oob_helper+0xd49/0x11d0 [ 24.509705] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.510511] ? finish_task_switch.isra.0+0x153/0x700 [ 24.511604] ? __switch_to+0x5d9/0xf60 [ 24.512189] ? __schedule+0xc3e/0x2790 [ 24.513147] ? __pfx_read_tsc+0x10/0x10 [ 24.513550] krealloc_less_oob+0x1c/0x30 [ 24.514226] kunit_try_run_case+0x1b3/0x490 [ 24.514645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.515425] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.515943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.516456] ? __kthread_parkme+0x82/0x160 [ 24.517425] ? preempt_count_sub+0x50/0x80 [ 24.518099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.518656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.520101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.520721] kthread+0x257/0x310 [ 24.521404] ? __pfx_kthread+0x10/0x10 [ 24.521994] ret_from_fork+0x41/0x80 [ 24.522408] ? __pfx_kthread+0x10/0x10 [ 24.522850] ret_from_fork_asm+0x1a/0x30 [ 24.524101] </TASK> [ 24.524439] [ 24.524619] Allocated by task 166: [ 24.525064] kasan_save_stack+0x3d/0x60 [ 24.525526] kasan_save_track+0x18/0x40 [ 24.526236] kasan_save_alloc_info+0x3b/0x50 [ 24.526730] __kasan_krealloc+0x190/0x1f0 [ 24.527616] krealloc_noprof+0xf3/0x340 [ 24.528052] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.528528] krealloc_less_oob+0x1c/0x30 [ 24.529475] kunit_try_run_case+0x1b3/0x490 [ 24.529773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.530674] kthread+0x257/0x310 [ 24.532136] ret_from_fork+0x41/0x80 [ 24.532603] ret_from_fork_asm+0x1a/0x30 [ 24.533191] [ 24.533428] The buggy address belongs to the object at ffff888100a25600 [ 24.533428] which belongs to the cache kmalloc-256 of size 256 [ 24.534678] The buggy address is located 34 bytes to the right of [ 24.534678] allocated 201-byte region [ffff888100a25600, ffff888100a256c9) [ 24.536516] [ 24.536844] The buggy address belongs to the physical page: [ 24.537559] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 24.538514] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.539483] flags: 0x200000000000040(head|node=0|zone=2) [ 24.540693] page_type: f5(slab) [ 24.541087] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.541796] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.542697] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.543551] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.544804] head: 0200000000000001 ffffea0004028901 ffffffffffffffff 0000000000000000 [ 24.545407] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.546445] page dumped because: kasan: bad access detected [ 24.546936] [ 24.547133] Memory state around the buggy address: [ 24.548392] ffff888100a25580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.549109] ffff888100a25600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.549763] >ffff888100a25680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.550524] ^ [ 24.551392] ffff888100a25700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.551817] ffff888100a25780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.553283] ================================================================== [ 24.808209] ================================================================== [ 24.808991] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 24.810455] Write of size 1 at addr ffff88810232a0eb by task kunit_try_catch/170 [ 24.811424] [ 24.811682] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.813479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.813778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.814238] Call Trace: [ 24.814496] <TASK> [ 24.814719] dump_stack_lvl+0x73/0xb0 [ 24.815090] print_report+0xd1/0x640 [ 24.815430] ? __virt_addr_valid+0x1db/0x2d0 [ 24.815813] ? kasan_addr_to_slab+0x11/0xa0 [ 24.816447] kasan_report+0x102/0x140 [ 24.817298] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.817701] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.818584] __asan_report_store1_noabort+0x1b/0x30 [ 24.818939] krealloc_less_oob_helper+0xd49/0x11d0 [ 24.819496] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.819868] ? finish_task_switch.isra.0+0x153/0x700 [ 24.820332] ? __switch_to+0x5d9/0xf60 [ 24.820680] ? irqentry_exit+0x2a/0x60 [ 24.821157] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.821889] ? trace_hardirqs_on+0x37/0xe0 [ 24.822379] ? __pfx_read_tsc+0x10/0x10 [ 24.823134] krealloc_large_less_oob+0x1c/0x30 [ 24.823671] kunit_try_run_case+0x1b3/0x490 [ 24.824258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.824951] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.826038] ? __kthread_parkme+0x82/0x160 [ 24.826500] ? preempt_count_sub+0x50/0x80 [ 24.826857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.827507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.828172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.828626] kthread+0x257/0x310 [ 24.828920] ? __pfx_kthread+0x10/0x10 [ 24.829343] ret_from_fork+0x41/0x80 [ 24.829937] ? __pfx_kthread+0x10/0x10 [ 24.830484] ret_from_fork_asm+0x1a/0x30 [ 24.830893] </TASK> [ 24.831200] [ 24.832031] The buggy address belongs to the physical page: [ 24.832643] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.833089] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.834034] flags: 0x200000000000040(head|node=0|zone=2) [ 24.834578] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.835455] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.835914] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.836693] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.837286] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.837789] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.838569] page dumped because: kasan: bad access detected [ 24.839133] [ 24.840060] Memory state around the buggy address: [ 24.840408] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.840781] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.841163] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.841648] ^ [ 24.842380] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.843007] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.843845] ================================================================== [ 24.729490] ================================================================== [ 24.730224] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 24.730983] Write of size 1 at addr ffff88810232a0da by task kunit_try_catch/170 [ 24.731723] [ 24.732117] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.732888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.733415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.734289] Call Trace: [ 24.734543] <TASK> [ 24.734813] dump_stack_lvl+0x73/0xb0 [ 24.735422] print_report+0xd1/0x640 [ 24.735978] ? __virt_addr_valid+0x1db/0x2d0 [ 24.736339] ? kasan_addr_to_slab+0x11/0xa0 [ 24.736889] kasan_report+0x102/0x140 [ 24.737619] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.739027] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.739618] __asan_report_store1_noabort+0x1b/0x30 [ 24.740133] krealloc_less_oob_helper+0xec8/0x11d0 [ 24.740698] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.741560] ? finish_task_switch.isra.0+0x153/0x700 [ 24.742297] ? __switch_to+0x5d9/0xf60 [ 24.742715] ? irqentry_exit+0x2a/0x60 [ 24.743376] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.743731] ? trace_hardirqs_on+0x37/0xe0 [ 24.744039] ? __pfx_read_tsc+0x10/0x10 [ 24.744483] krealloc_large_less_oob+0x1c/0x30 [ 24.744944] kunit_try_run_case+0x1b3/0x490 [ 24.745940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.746336] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.746641] ? __kthread_parkme+0x82/0x160 [ 24.747284] ? preempt_count_sub+0x50/0x80 [ 24.747741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.748741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.749366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.749753] kthread+0x257/0x310 [ 24.750041] ? __pfx_kthread+0x10/0x10 [ 24.751418] ret_from_fork+0x41/0x80 [ 24.751676] ? __pfx_kthread+0x10/0x10 [ 24.751885] ret_from_fork_asm+0x1a/0x30 [ 24.752183] </TASK> [ 24.752363] [ 24.752505] The buggy address belongs to the physical page: [ 24.752683] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.753462] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.755184] flags: 0x200000000000040(head|node=0|zone=2) [ 24.755800] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.756845] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.758052] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.758939] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.760037] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.760646] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.761257] page dumped because: kasan: bad access detected [ 24.761644] [ 24.762218] Memory state around the buggy address: [ 24.762995] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.763376] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.764177] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.765341] ^ [ 24.766414] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.767096] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.768057] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 24.604553] ================================================================== [ 24.605032] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 24.605687] Write of size 1 at addr ffff88810232a0f0 by task kunit_try_catch/168 [ 24.606427] [ 24.606610] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.607282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.607889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.608650] Call Trace: [ 24.609102] <TASK> [ 24.609517] dump_stack_lvl+0x73/0xb0 [ 24.610033] print_report+0xd1/0x640 [ 24.610530] ? __virt_addr_valid+0x1db/0x2d0 [ 24.611290] ? kasan_addr_to_slab+0x11/0xa0 [ 24.612002] kasan_report+0x102/0x140 [ 24.612562] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.613478] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.614057] __asan_report_store1_noabort+0x1b/0x30 [ 24.614639] krealloc_more_oob_helper+0x7ed/0x930 [ 24.615387] ? __schedule+0xc3e/0x2790 [ 24.616106] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.616729] ? finish_task_switch.isra.0+0x153/0x700 [ 24.617476] ? __switch_to+0x5d9/0xf60 [ 24.618201] ? __schedule+0xc3e/0x2790 [ 24.618768] ? __pfx_read_tsc+0x10/0x10 [ 24.619497] krealloc_large_more_oob+0x1c/0x30 [ 24.620028] kunit_try_run_case+0x1b3/0x490 [ 24.620900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.621199] ? irqentry_exit+0x2a/0x60 [ 24.622138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.623127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.623552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.624509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.624982] kthread+0x257/0x310 [ 24.626266] ? __pfx_kthread+0x10/0x10 [ 24.626621] ret_from_fork+0x41/0x80 [ 24.627480] ? __pfx_kthread+0x10/0x10 [ 24.627808] ret_from_fork_asm+0x1a/0x30 [ 24.628332] </TASK> [ 24.628641] [ 24.628934] The buggy address belongs to the physical page: [ 24.630026] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.630552] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.631660] flags: 0x200000000000040(head|node=0|zone=2) [ 24.632530] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.633265] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.633921] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.634481] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.635104] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.635951] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.636478] page dumped because: kasan: bad access detected [ 24.637562] [ 24.637783] Memory state around the buggy address: [ 24.638437] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.639644] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.640181] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.641065] ^ [ 24.641687] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.642458] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.643294] ================================================================== [ 24.562363] ================================================================== [ 24.563347] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 24.564556] Write of size 1 at addr ffff88810232a0eb by task kunit_try_catch/168 [ 24.565456] [ 24.565711] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.566776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.568107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.568990] Call Trace: [ 24.569426] <TASK> [ 24.569666] dump_stack_lvl+0x73/0xb0 [ 24.570396] print_report+0xd1/0x640 [ 24.570839] ? __virt_addr_valid+0x1db/0x2d0 [ 24.571464] ? kasan_addr_to_slab+0x11/0xa0 [ 24.571679] kasan_report+0x102/0x140 [ 24.572050] ? krealloc_more_oob_helper+0x823/0x930 [ 24.572947] ? krealloc_more_oob_helper+0x823/0x930 [ 24.573683] __asan_report_store1_noabort+0x1b/0x30 [ 24.574444] krealloc_more_oob_helper+0x823/0x930 [ 24.574962] ? __schedule+0xc3e/0x2790 [ 24.575588] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.576284] ? finish_task_switch.isra.0+0x153/0x700 [ 24.576789] ? __switch_to+0x5d9/0xf60 [ 24.577620] ? __schedule+0xc3e/0x2790 [ 24.578242] ? __pfx_read_tsc+0x10/0x10 [ 24.578723] krealloc_large_more_oob+0x1c/0x30 [ 24.579495] kunit_try_run_case+0x1b3/0x490 [ 24.580030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.580653] ? irqentry_exit+0x2a/0x60 [ 24.581210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.582334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.582789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.583538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.584318] kthread+0x257/0x310 [ 24.584745] ? __pfx_kthread+0x10/0x10 [ 24.585308] ret_from_fork+0x41/0x80 [ 24.585722] ? __pfx_kthread+0x10/0x10 [ 24.586401] ret_from_fork_asm+0x1a/0x30 [ 24.587407] </TASK> [ 24.587601] [ 24.587849] The buggy address belongs to the physical page: [ 24.588622] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.589446] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.590227] flags: 0x200000000000040(head|node=0|zone=2) [ 24.590798] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.591891] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.592878] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.594200] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.595071] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.595927] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.596527] page dumped because: kasan: bad access detected [ 24.597616] [ 24.598096] Memory state around the buggy address: [ 24.598813] ffff888102329f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.600150] ffff88810232a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.600784] >ffff88810232a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.601514] ^ [ 24.602142] ffff88810232a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.602719] ffff88810232a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.603497] ================================================================== [ 24.251199] ================================================================== [ 24.251925] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 24.252545] Write of size 1 at addr ffff888100394cf0 by task kunit_try_catch/164 [ 24.253105] [ 24.253381] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.253998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.254398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.255090] Call Trace: [ 24.255416] <TASK> [ 24.255675] dump_stack_lvl+0x73/0xb0 [ 24.256057] print_report+0xd1/0x640 [ 24.256579] ? __virt_addr_valid+0x1db/0x2d0 [ 24.257226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.257588] kasan_report+0x102/0x140 [ 24.257973] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.259482] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.259948] __asan_report_store1_noabort+0x1b/0x30 [ 24.260424] krealloc_more_oob_helper+0x7ed/0x930 [ 24.260729] ? trace_hardirqs_on+0x37/0xe0 [ 24.261030] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.261341] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.262500] ? __pfx_krealloc_more_oob+0x10/0x10 [ 24.263272] krealloc_more_oob+0x1c/0x30 [ 24.263710] kunit_try_run_case+0x1b3/0x490 [ 24.264466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.265150] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.265865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.266409] ? __kthread_parkme+0x82/0x160 [ 24.266901] ? preempt_count_sub+0x50/0x80 [ 24.267210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.268091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.268733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.270396] kthread+0x257/0x310 [ 24.270861] ? __pfx_kthread+0x10/0x10 [ 24.271197] ret_from_fork+0x41/0x80 [ 24.271784] ? __pfx_kthread+0x10/0x10 [ 24.272388] ret_from_fork_asm+0x1a/0x30 [ 24.272692] </TASK> [ 24.273031] [ 24.273743] Allocated by task 164: [ 24.274210] kasan_save_stack+0x3d/0x60 [ 24.274749] kasan_save_track+0x18/0x40 [ 24.275040] kasan_save_alloc_info+0x3b/0x50 [ 24.275438] __kasan_krealloc+0x190/0x1f0 [ 24.275931] krealloc_noprof+0xf3/0x340 [ 24.276366] krealloc_more_oob_helper+0x1aa/0x930 [ 24.277179] krealloc_more_oob+0x1c/0x30 [ 24.278026] kunit_try_run_case+0x1b3/0x490 [ 24.278601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.279039] kthread+0x257/0x310 [ 24.279443] ret_from_fork+0x41/0x80 [ 24.280182] ret_from_fork_asm+0x1a/0x30 [ 24.280584] [ 24.280737] The buggy address belongs to the object at ffff888100394c00 [ 24.280737] which belongs to the cache kmalloc-256 of size 256 [ 24.281409] The buggy address is located 5 bytes to the right of [ 24.281409] allocated 235-byte region [ffff888100394c00, ffff888100394ceb) [ 24.282969] [ 24.283226] The buggy address belongs to the physical page: [ 24.283697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 24.284209] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.285344] flags: 0x200000000000040(head|node=0|zone=2) [ 24.286604] page_type: f5(slab) [ 24.286870] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.287532] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.288429] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.289343] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.290666] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 24.292148] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.292951] page dumped because: kasan: bad access detected [ 24.293501] [ 24.293651] Memory state around the buggy address: [ 24.294109] ffff888100394b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.295011] ffff888100394c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.295442] >ffff888100394c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.296215] ^ [ 24.296744] ffff888100394d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.297634] ffff888100394d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.298167] ================================================================== [ 24.195661] ================================================================== [ 24.196728] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 24.197183] Write of size 1 at addr ffff888100394ceb by task kunit_try_catch/164 [ 24.197997] [ 24.198235] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.199931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.200352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.201040] Call Trace: [ 24.201243] <TASK> [ 24.201741] dump_stack_lvl+0x73/0xb0 [ 24.203129] print_report+0xd1/0x640 [ 24.203634] ? __virt_addr_valid+0x1db/0x2d0 [ 24.204406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.204761] kasan_report+0x102/0x140 [ 24.205405] ? krealloc_more_oob_helper+0x823/0x930 [ 24.206572] ? krealloc_more_oob_helper+0x823/0x930 [ 24.207346] __asan_report_store1_noabort+0x1b/0x30 [ 24.207720] krealloc_more_oob_helper+0x823/0x930 [ 24.208847] ? trace_hardirqs_on+0x37/0xe0 [ 24.209642] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.210076] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.210465] ? __pfx_krealloc_more_oob+0x10/0x10 [ 24.211252] krealloc_more_oob+0x1c/0x30 [ 24.211848] kunit_try_run_case+0x1b3/0x490 [ 24.212773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.213374] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.213817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.215046] ? __kthread_parkme+0x82/0x160 [ 24.215421] ? preempt_count_sub+0x50/0x80 [ 24.216149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.216799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.217249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.217922] kthread+0x257/0x310 [ 24.219366] ? __pfx_kthread+0x10/0x10 [ 24.220052] ret_from_fork+0x41/0x80 [ 24.220411] ? __pfx_kthread+0x10/0x10 [ 24.220933] ret_from_fork_asm+0x1a/0x30 [ 24.221498] </TASK> [ 24.221795] [ 24.222304] Allocated by task 164: [ 24.222727] kasan_save_stack+0x3d/0x60 [ 24.223786] kasan_save_track+0x18/0x40 [ 24.224268] kasan_save_alloc_info+0x3b/0x50 [ 24.224481] __kasan_krealloc+0x190/0x1f0 [ 24.224629] krealloc_noprof+0xf3/0x340 [ 24.224765] krealloc_more_oob_helper+0x1aa/0x930 [ 24.225168] krealloc_more_oob+0x1c/0x30 [ 24.225625] kunit_try_run_case+0x1b3/0x490 [ 24.226344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.227495] kthread+0x257/0x310 [ 24.227950] ret_from_fork+0x41/0x80 [ 24.228553] ret_from_fork_asm+0x1a/0x30 [ 24.229285] [ 24.229523] The buggy address belongs to the object at ffff888100394c00 [ 24.229523] which belongs to the cache kmalloc-256 of size 256 [ 24.230770] The buggy address is located 0 bytes to the right of [ 24.230770] allocated 235-byte region [ffff888100394c00, ffff888100394ceb) [ 24.233061] [ 24.233227] The buggy address belongs to the physical page: [ 24.234063] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 24.234777] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.235785] flags: 0x200000000000040(head|node=0|zone=2) [ 24.236478] page_type: f5(slab) [ 24.236866] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.237409] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.238213] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.238850] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.240110] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 24.240770] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.241540] page dumped because: kasan: bad access detected [ 24.242279] [ 24.242504] Memory state around the buggy address: [ 24.243456] ffff888100394b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.243982] ffff888100394c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.244519] >ffff888100394c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.245142] ^ [ 24.246085] ffff888100394d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.246759] ffff888100394d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.247786] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 24.156703] ================================================================== [ 24.158711] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 24.159260] Read of size 1 at addr ffff888102cb0000 by task kunit_try_catch/162 [ 24.160169] [ 24.160745] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.161922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.162389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.163649] Call Trace: [ 24.163895] <TASK> [ 24.164084] dump_stack_lvl+0x73/0xb0 [ 24.164765] print_report+0xd1/0x640 [ 24.165132] ? __virt_addr_valid+0x1db/0x2d0 [ 24.166113] ? kasan_addr_to_slab+0x11/0xa0 [ 24.166483] kasan_report+0x102/0x140 [ 24.167076] ? page_alloc_uaf+0x358/0x3d0 [ 24.167573] ? page_alloc_uaf+0x358/0x3d0 [ 24.168169] __asan_report_load1_noabort+0x18/0x20 [ 24.168706] page_alloc_uaf+0x358/0x3d0 [ 24.169117] ? __pfx_page_alloc_uaf+0x10/0x10 [ 24.169494] ? __schedule+0xc3e/0x2790 [ 24.169998] ? __pfx_read_tsc+0x10/0x10 [ 24.170463] ? ktime_get_ts64+0x84/0x230 [ 24.170958] kunit_try_run_case+0x1b3/0x490 [ 24.171447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.171983] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.172477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.172840] ? __kthread_parkme+0x82/0x160 [ 24.173125] ? preempt_count_sub+0x50/0x80 [ 24.173572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.174156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.174787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.175284] kthread+0x257/0x310 [ 24.175734] ? __pfx_kthread+0x10/0x10 [ 24.176168] ret_from_fork+0x41/0x80 [ 24.176621] ? __pfx_kthread+0x10/0x10 [ 24.177093] ret_from_fork_asm+0x1a/0x30 [ 24.177556] </TASK> [ 24.177884] [ 24.178145] The buggy address belongs to the physical page: [ 24.178640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb0 [ 24.179183] flags: 0x200000000000000(node=0|zone=2) [ 24.179740] page_type: f0(buddy) [ 24.180109] raw: 0200000000000000 ffff88817fffc4a0 ffff88817fffc4a0 0000000000000000 [ 24.180608] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 24.181362] page dumped because: kasan: bad access detected [ 24.181815] [ 24.181998] Memory state around the buggy address: [ 24.182527] ffff888102caff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.183212] ffff888102caff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.183725] >ffff888102cb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.184374] ^ [ 24.184765] ffff888102cb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.185392] ffff888102cb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.186072] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 24.106612] ================================================================== [ 24.107811] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 24.108558] Free of addr ffff888102328001 by task kunit_try_catch/158 [ 24.109344] [ 24.109580] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.110880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.111780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.113069] Call Trace: [ 24.113554] <TASK> [ 24.113864] dump_stack_lvl+0x73/0xb0 [ 24.114205] print_report+0xd1/0x640 [ 24.114809] ? __virt_addr_valid+0x1db/0x2d0 [ 24.115168] ? kfree+0x271/0x3f0 [ 24.115617] ? kasan_addr_to_slab+0x11/0xa0 [ 24.115995] ? kfree+0x271/0x3f0 [ 24.116241] kasan_report_invalid_free+0xc0/0xf0 [ 24.116842] ? kfree+0x271/0x3f0 [ 24.117449] ? kfree+0x271/0x3f0 [ 24.117768] __kasan_kfree_large+0x86/0xd0 [ 24.118126] free_large_kmalloc+0x3b/0xd0 [ 24.118648] kfree+0x271/0x3f0 [ 24.119112] kmalloc_large_invalid_free+0x121/0x2b0 [ 24.119632] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 24.120286] ? __schedule+0xc3e/0x2790 [ 24.120575] ? __pfx_read_tsc+0x10/0x10 [ 24.121103] ? ktime_get_ts64+0x84/0x230 [ 24.121580] kunit_try_run_case+0x1b3/0x490 [ 24.122186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.122565] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.122916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.123481] ? __kthread_parkme+0x82/0x160 [ 24.123936] ? preempt_count_sub+0x50/0x80 [ 24.124366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.124922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.125538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.126112] kthread+0x257/0x310 [ 24.126586] ? __pfx_kthread+0x10/0x10 [ 24.127031] ret_from_fork+0x41/0x80 [ 24.127416] ? __pfx_kthread+0x10/0x10 [ 24.127848] ret_from_fork_asm+0x1a/0x30 [ 24.128425] </TASK> [ 24.128615] [ 24.128772] The buggy address belongs to the physical page: [ 24.129341] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 24.130141] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.131047] flags: 0x200000000000040(head|node=0|zone=2) [ 24.131700] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.132106] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.132970] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.133984] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.134556] head: 0200000000000002 ffffea000408ca01 ffffffffffffffff 0000000000000000 [ 24.135071] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.135878] page dumped because: kasan: bad access detected [ 24.136237] [ 24.136528] Memory state around the buggy address: [ 24.137094] ffff888102327f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.137602] ffff888102327f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.138002] >ffff888102328000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.138705] ^ [ 24.139041] ffff888102328080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.139803] ffff888102328100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.140376] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 24.067717] ================================================================== [ 24.068665] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 24.069374] Read of size 1 at addr ffff8881023b0000 by task kunit_try_catch/156 [ 24.070127] [ 24.070315] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.071487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.071977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.072655] Call Trace: [ 24.073147] <TASK> [ 24.073421] dump_stack_lvl+0x73/0xb0 [ 24.073814] print_report+0xd1/0x640 [ 24.074523] ? __virt_addr_valid+0x1db/0x2d0 [ 24.075357] ? kasan_addr_to_slab+0x11/0xa0 [ 24.075843] kasan_report+0x102/0x140 [ 24.076120] ? kmalloc_large_uaf+0x2f3/0x340 [ 24.076619] ? kmalloc_large_uaf+0x2f3/0x340 [ 24.077295] __asan_report_load1_noabort+0x18/0x20 [ 24.077802] kmalloc_large_uaf+0x2f3/0x340 [ 24.078288] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 24.078814] ? __schedule+0xc3e/0x2790 [ 24.079450] ? __pfx_read_tsc+0x10/0x10 [ 24.079795] ? ktime_get_ts64+0x84/0x230 [ 24.080318] kunit_try_run_case+0x1b3/0x490 [ 24.081430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.081779] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.082428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.082995] ? __kthread_parkme+0x82/0x160 [ 24.083291] ? preempt_count_sub+0x50/0x80 [ 24.084037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.084364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.084715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.085499] kthread+0x257/0x310 [ 24.086155] ? __pfx_kthread+0x10/0x10 [ 24.086706] ret_from_fork+0x41/0x80 [ 24.087443] ? __pfx_kthread+0x10/0x10 [ 24.088124] ret_from_fork_asm+0x1a/0x30 [ 24.088580] </TASK> [ 24.088819] [ 24.089234] The buggy address belongs to the physical page: [ 24.089737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b0 [ 24.090242] flags: 0x200000000000000(node=0|zone=2) [ 24.090559] raw: 0200000000000000 ffffea000408ed08 ffff88815b13f000 0000000000000000 [ 24.090962] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.091707] page dumped because: kasan: bad access detected [ 24.092321] [ 24.092542] Memory state around the buggy address: [ 24.093011] ffff8881023aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.093775] ffff8881023aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.094308] >ffff8881023b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.095181] ^ [ 24.095546] ffff8881023b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.096472] ffff8881023b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.097099] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 24.021494] ================================================================== [ 24.022372] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 24.023256] Write of size 1 at addr ffff8881023b200a by task kunit_try_catch/154 [ 24.024897] [ 24.025499] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 24.026622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.027045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.027843] Call Trace: [ 24.028130] <TASK> [ 24.028566] dump_stack_lvl+0x73/0xb0 [ 24.029134] print_report+0xd1/0x640 [ 24.030115] ? __virt_addr_valid+0x1db/0x2d0 [ 24.030789] ? kasan_addr_to_slab+0x11/0xa0 [ 24.031262] kasan_report+0x102/0x140 [ 24.031620] ? kmalloc_large_oob_right+0x2eb/0x340 [ 24.032062] ? kmalloc_large_oob_right+0x2eb/0x340 [ 24.033377] __asan_report_store1_noabort+0x1b/0x30 [ 24.034138] kmalloc_large_oob_right+0x2eb/0x340 [ 24.034588] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 24.035019] ? __schedule+0xc3e/0x2790 [ 24.035697] ? __pfx_read_tsc+0x10/0x10 [ 24.036165] ? ktime_get_ts64+0x84/0x230 [ 24.036688] kunit_try_run_case+0x1b3/0x490 [ 24.037042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.037860] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.038403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.039240] ? __kthread_parkme+0x82/0x160 [ 24.039661] ? preempt_count_sub+0x50/0x80 [ 24.040331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.040712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.041688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.042170] kthread+0x257/0x310 [ 24.042757] ? __pfx_kthread+0x10/0x10 [ 24.043159] ret_from_fork+0x41/0x80 [ 24.043968] ? __pfx_kthread+0x10/0x10 [ 24.044296] ret_from_fork_asm+0x1a/0x30 [ 24.044910] </TASK> [ 24.045323] [ 24.045560] The buggy address belongs to the physical page: [ 24.046185] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b0 [ 24.046581] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.047226] flags: 0x200000000000040(head|node=0|zone=2) [ 24.048088] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.048857] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.049635] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.050083] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.052089] head: 0200000000000002 ffffea000408ec01 ffffffffffffffff 0000000000000000 [ 24.053304] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.054195] page dumped because: kasan: bad access detected [ 24.054696] [ 24.055079] Memory state around the buggy address: [ 24.055534] ffff8881023b1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.056333] ffff8881023b1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.056858] >ffff8881023b2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.057757] ^ [ 24.058216] ffff8881023b2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.058873] ffff8881023b2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.059392] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 23.964162] ================================================================== [ 23.965348] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 23.966492] Write of size 1 at addr ffff888102b75f00 by task kunit_try_catch/152 [ 23.967234] [ 23.967515] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.968076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.968548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.970290] Call Trace: [ 23.970602] <TASK> [ 23.971168] dump_stack_lvl+0x73/0xb0 [ 23.972073] print_report+0xd1/0x640 [ 23.972713] ? __virt_addr_valid+0x1db/0x2d0 [ 23.973387] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.974297] kasan_report+0x102/0x140 [ 23.974643] ? kmalloc_big_oob_right+0x318/0x370 [ 23.975484] ? kmalloc_big_oob_right+0x318/0x370 [ 23.976200] __asan_report_store1_noabort+0x1b/0x30 [ 23.977046] kmalloc_big_oob_right+0x318/0x370 [ 23.978008] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 23.978467] ? __schedule+0xc3e/0x2790 [ 23.978889] ? __pfx_read_tsc+0x10/0x10 [ 23.980221] ? ktime_get_ts64+0x84/0x230 [ 23.981124] kunit_try_run_case+0x1b3/0x490 [ 23.982082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.982610] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.983133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.983557] ? __kthread_parkme+0x82/0x160 [ 23.983980] ? preempt_count_sub+0x50/0x80 [ 23.984356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.985617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.986207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.986708] kthread+0x257/0x310 [ 23.987752] ? __pfx_kthread+0x10/0x10 [ 23.988428] ret_from_fork+0x41/0x80 [ 23.989332] ? __pfx_kthread+0x10/0x10 [ 23.989702] ret_from_fork_asm+0x1a/0x30 [ 23.990339] </TASK> [ 23.990602] [ 23.990814] Allocated by task 152: [ 23.991183] kasan_save_stack+0x3d/0x60 [ 23.992577] kasan_save_track+0x18/0x40 [ 23.993103] kasan_save_alloc_info+0x3b/0x50 [ 23.993956] __kasan_kmalloc+0xb7/0xc0 [ 23.994423] __kmalloc_cache_noprof+0x184/0x410 [ 23.995055] kmalloc_big_oob_right+0xaa/0x370 [ 23.995595] kunit_try_run_case+0x1b3/0x490 [ 23.996199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.996806] kthread+0x257/0x310 [ 23.997202] ret_from_fork+0x41/0x80 [ 23.997611] ret_from_fork_asm+0x1a/0x30 [ 23.998191] [ 23.998372] The buggy address belongs to the object at ffff888102b74000 [ 23.998372] which belongs to the cache kmalloc-8k of size 8192 [ 23.999319] The buggy address is located 0 bytes to the right of [ 23.999319] allocated 7936-byte region [ffff888102b74000, ffff888102b75f00) [ 24.001033] [ 24.001290] The buggy address belongs to the physical page: [ 24.001935] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b70 [ 24.003169] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.004108] flags: 0x200000000000040(head|node=0|zone=2) [ 24.004859] page_type: f5(slab) [ 24.005532] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.005964] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 24.006504] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.006955] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 24.007478] head: 0200000000000003 ffffea00040adc01 ffffffffffffffff 0000000000000000 [ 24.008419] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 24.009173] page dumped because: kasan: bad access detected [ 24.009497] [ 24.009645] Memory state around the buggy address: [ 24.010308] ffff888102b75e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.010933] ffff888102b75e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.011361] >ffff888102b75f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.012041] ^ [ 24.012535] ffff888102b75f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.013447] ffff888102b76000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.014055] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 23.862591] ================================================================== [ 23.863624] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.864268] Write of size 1 at addr ffff888102a04578 by task kunit_try_catch/150 [ 23.865132] [ 23.865559] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.866435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.867542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.868549] Call Trace: [ 23.869045] <TASK> [ 23.869332] dump_stack_lvl+0x73/0xb0 [ 23.869818] print_report+0xd1/0x640 [ 23.870325] ? __virt_addr_valid+0x1db/0x2d0 [ 23.871088] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.872401] kasan_report+0x102/0x140 [ 23.872877] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.873365] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.874183] __asan_report_store1_noabort+0x1b/0x30 [ 23.874501] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.875176] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 23.875855] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 23.876273] kunit_try_run_case+0x1b3/0x490 [ 23.877521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.878047] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.878692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.879150] ? __kthread_parkme+0x82/0x160 [ 23.880159] ? preempt_count_sub+0x50/0x80 [ 23.880951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.881684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.882385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.883389] kthread+0x257/0x310 [ 23.884237] ? __pfx_kthread+0x10/0x10 [ 23.884632] ret_from_fork+0x41/0x80 [ 23.885069] ? __pfx_kthread+0x10/0x10 [ 23.885692] ret_from_fork_asm+0x1a/0x30 [ 23.886417] </TASK> [ 23.886679] [ 23.887113] Allocated by task 150: [ 23.887408] kasan_save_stack+0x3d/0x60 [ 23.888213] kasan_save_track+0x18/0x40 [ 23.888652] kasan_save_alloc_info+0x3b/0x50 [ 23.889266] __kasan_kmalloc+0xb7/0xc0 [ 23.889868] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.890341] kmalloc_track_caller_oob_right+0x9a/0x530 [ 23.891807] kunit_try_run_case+0x1b3/0x490 [ 23.892418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.892877] kthread+0x257/0x310 [ 23.893440] ret_from_fork+0x41/0x80 [ 23.893815] ret_from_fork_asm+0x1a/0x30 [ 23.894434] [ 23.894672] The buggy address belongs to the object at ffff888102a04500 [ 23.894672] which belongs to the cache kmalloc-128 of size 128 [ 23.895672] The buggy address is located 0 bytes to the right of [ 23.895672] allocated 120-byte region [ffff888102a04500, ffff888102a04578) [ 23.897049] [ 23.897513] The buggy address belongs to the physical page: [ 23.898214] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 23.898978] flags: 0x200000000000000(node=0|zone=2) [ 23.900328] page_type: f5(slab) [ 23.901031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.902045] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.902766] page dumped because: kasan: bad access detected [ 23.903496] [ 23.903659] Memory state around the buggy address: [ 23.904853] ffff888102a04400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.905710] ffff888102a04480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.906402] >ffff888102a04500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.907212] ^ [ 23.908149] ffff888102a04580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.908628] ffff888102a04600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.909565] ================================================================== [ 23.912690] ================================================================== [ 23.913531] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.914353] Write of size 1 at addr ffff888102a04678 by task kunit_try_catch/150 [ 23.915216] [ 23.915491] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.916416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.916891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.917713] Call Trace: [ 23.918649] <TASK> [ 23.919246] dump_stack_lvl+0x73/0xb0 [ 23.919700] print_report+0xd1/0x640 [ 23.920087] ? __virt_addr_valid+0x1db/0x2d0 [ 23.920768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.921468] kasan_report+0x102/0x140 [ 23.922022] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.922599] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.923868] __asan_report_store1_noabort+0x1b/0x30 [ 23.924435] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.925045] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 23.925501] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 23.926463] kunit_try_run_case+0x1b3/0x490 [ 23.927055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.927778] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.928157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.928859] ? __kthread_parkme+0x82/0x160 [ 23.929422] ? preempt_count_sub+0x50/0x80 [ 23.931106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.931898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.932642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.933336] kthread+0x257/0x310 [ 23.933775] ? __pfx_kthread+0x10/0x10 [ 23.934947] ret_from_fork+0x41/0x80 [ 23.935499] ? __pfx_kthread+0x10/0x10 [ 23.935800] ret_from_fork_asm+0x1a/0x30 [ 23.936227] </TASK> [ 23.936697] [ 23.936937] Allocated by task 150: [ 23.937494] kasan_save_stack+0x3d/0x60 [ 23.937842] kasan_save_track+0x18/0x40 [ 23.938299] kasan_save_alloc_info+0x3b/0x50 [ 23.938913] __kasan_kmalloc+0xb7/0xc0 [ 23.939422] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.940233] kmalloc_track_caller_oob_right+0x19b/0x530 [ 23.940571] kunit_try_run_case+0x1b3/0x490 [ 23.942003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.942701] kthread+0x257/0x310 [ 23.943066] ret_from_fork+0x41/0x80 [ 23.943697] ret_from_fork_asm+0x1a/0x30 [ 23.944045] [ 23.944199] The buggy address belongs to the object at ffff888102a04600 [ 23.944199] which belongs to the cache kmalloc-128 of size 128 [ 23.945289] The buggy address is located 0 bytes to the right of [ 23.945289] allocated 120-byte region [ffff888102a04600, ffff888102a04678) [ 23.946508] [ 23.946723] The buggy address belongs to the physical page: [ 23.947563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 23.948216] flags: 0x200000000000000(node=0|zone=2) [ 23.948513] page_type: f5(slab) [ 23.948784] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.950052] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.951565] page dumped because: kasan: bad access detected [ 23.952373] [ 23.952651] Memory state around the buggy address: [ 23.953134] ffff888102a04500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.953860] ffff888102a04580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.954339] >ffff888102a04600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.955231] ^ [ 23.956314] ffff888102a04680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.956972] ffff888102a04700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.957357] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 23.807732] ================================================================== [ 23.808894] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 23.809418] Read of size 1 at addr ffff888102be1000 by task kunit_try_catch/148 [ 23.809886] [ 23.810105] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.811148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.811562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.812359] Call Trace: [ 23.812785] <TASK> [ 23.813143] dump_stack_lvl+0x73/0xb0 [ 23.813507] print_report+0xd1/0x640 [ 23.813787] ? __virt_addr_valid+0x1db/0x2d0 [ 23.814124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.814845] kasan_report+0x102/0x140 [ 23.815625] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 23.816230] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 23.816739] __asan_report_load1_noabort+0x18/0x20 [ 23.817371] kmalloc_node_oob_right+0x36b/0x3d0 [ 23.818028] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 23.818493] ? __schedule+0xc3e/0x2790 [ 23.818996] ? __pfx_read_tsc+0x10/0x10 [ 23.819437] ? ktime_get_ts64+0x84/0x230 [ 23.819941] kunit_try_run_case+0x1b3/0x490 [ 23.820494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.821218] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.821724] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.822383] ? __kthread_parkme+0x82/0x160 [ 23.822806] ? preempt_count_sub+0x50/0x80 [ 23.823373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.823739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.824517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.825179] kthread+0x257/0x310 [ 23.825527] ? __pfx_kthread+0x10/0x10 [ 23.826131] ret_from_fork+0x41/0x80 [ 23.826591] ? __pfx_kthread+0x10/0x10 [ 23.827073] ret_from_fork_asm+0x1a/0x30 [ 23.827433] </TASK> [ 23.827883] [ 23.828163] Allocated by task 148: [ 23.828623] kasan_save_stack+0x3d/0x60 [ 23.829229] kasan_save_track+0x18/0x40 [ 23.829626] kasan_save_alloc_info+0x3b/0x50 [ 23.830286] __kasan_kmalloc+0xb7/0xc0 [ 23.830721] __kmalloc_cache_node_noprof+0x183/0x420 [ 23.831195] kmalloc_node_oob_right+0xac/0x3d0 [ 23.831566] kunit_try_run_case+0x1b3/0x490 [ 23.831863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.832178] kthread+0x257/0x310 [ 23.832642] ret_from_fork+0x41/0x80 [ 23.833066] ret_from_fork_asm+0x1a/0x30 [ 23.833551] [ 23.833860] The buggy address belongs to the object at ffff888102be0000 [ 23.833860] which belongs to the cache kmalloc-4k of size 4096 [ 23.834977] The buggy address is located 0 bytes to the right of [ 23.834977] allocated 4096-byte region [ffff888102be0000, ffff888102be1000) [ 23.836194] [ 23.837141] The buggy address belongs to the physical page: [ 23.838966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0 [ 23.840113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.841733] flags: 0x200000000000040(head|node=0|zone=2) [ 23.843023] page_type: f5(slab) [ 23.843473] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 23.844124] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 23.844562] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 23.845319] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 23.846360] head: 0200000000000003 ffffea00040af801 ffffffffffffffff 0000000000000000 [ 23.847297] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 23.848139] page dumped because: kasan: bad access detected [ 23.848943] [ 23.849189] Memory state around the buggy address: [ 23.849800] ffff888102be0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.850195] ffff888102be0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.851109] >ffff888102be1000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.851633] ^ [ 23.852115] ffff888102be1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.852762] ffff888102be1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.853762] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 23.754147] ================================================================== [ 23.755698] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 23.756973] Read of size 1 at addr ffff88810283465f by task kunit_try_catch/146 [ 23.757691] [ 23.757878] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.758991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.759530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.760547] Call Trace: [ 23.761265] <TASK> [ 23.761693] dump_stack_lvl+0x73/0xb0 [ 23.762176] print_report+0xd1/0x640 [ 23.762652] ? __virt_addr_valid+0x1db/0x2d0 [ 23.763321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.763775] kasan_report+0x102/0x140 [ 23.764169] ? kmalloc_oob_left+0x363/0x3c0 [ 23.765347] ? kmalloc_oob_left+0x363/0x3c0 [ 23.765752] __asan_report_load1_noabort+0x18/0x20 [ 23.766847] kmalloc_oob_left+0x363/0x3c0 [ 23.767187] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 23.768214] ? __schedule+0xc3e/0x2790 [ 23.768609] ? __pfx_read_tsc+0x10/0x10 [ 23.769279] ? ktime_get_ts64+0x84/0x230 [ 23.769663] kunit_try_run_case+0x1b3/0x490 [ 23.770242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.770661] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.771498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.772106] ? __kthread_parkme+0x82/0x160 [ 23.773247] ? preempt_count_sub+0x50/0x80 [ 23.773638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.774237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.775094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.775578] kthread+0x257/0x310 [ 23.775974] ? __pfx_kthread+0x10/0x10 [ 23.776319] ret_from_fork+0x41/0x80 [ 23.776811] ? __pfx_kthread+0x10/0x10 [ 23.778009] ret_from_fork_asm+0x1a/0x30 [ 23.778309] </TASK> [ 23.778622] [ 23.778801] Allocated by task 1: [ 23.779047] kasan_save_stack+0x3d/0x60 [ 23.779307] kasan_save_track+0x18/0x40 [ 23.779535] kasan_save_alloc_info+0x3b/0x50 [ 23.779777] __kasan_kmalloc+0xb7/0xc0 [ 23.780029] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.780310] kvasprintf+0xc6/0x150 [ 23.780538] __kthread_create_on_node+0x18c/0x3a0 [ 23.780789] kthread_create_on_node+0xa8/0xe0 [ 23.782119] create_worker+0x3c8/0x7a0 [ 23.782840] alloc_unbound_pwq+0x8ea/0xdb0 [ 23.783464] apply_wqattrs_prepare+0x332/0xd40 [ 23.783757] apply_workqueue_attrs_locked+0x4d/0xa0 [ 23.785257] alloc_workqueue+0xcc4/0x1ad0 [ 23.785685] latency_fsnotify_init+0x1b/0x50 [ 23.786232] do_one_initcall+0xb5/0x370 [ 23.786671] kernel_init_freeable+0x425/0x6f0 [ 23.787217] kernel_init+0x23/0x1e0 [ 23.787688] ret_from_fork+0x41/0x80 [ 23.788051] ret_from_fork_asm+0x1a/0x30 [ 23.788659] [ 23.788857] The buggy address belongs to the object at ffff888102834640 [ 23.788857] which belongs to the cache kmalloc-16 of size 16 [ 23.789681] The buggy address is located 18 bytes to the right of [ 23.789681] allocated 13-byte region [ffff888102834640, ffff88810283464d) [ 23.790865] [ 23.791026] The buggy address belongs to the physical page: [ 23.791294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102834 [ 23.791652] flags: 0x200000000000000(node=0|zone=2) [ 23.791964] page_type: f5(slab) [ 23.792412] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.793024] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.793866] page dumped because: kasan: bad access detected [ 23.794291] [ 23.794554] Memory state around the buggy address: [ 23.795007] ffff888102834500: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 23.795720] ffff888102834580: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.796366] >ffff888102834600: fa fb fc fc fa fb fc fc 00 05 fc fc 00 07 fc fc [ 23.796955] ^ [ 23.797697] ffff888102834680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.798535] ffff888102834700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.799132] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 23.700549] ================================================================== [ 23.702640] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 23.705725] Read of size 1 at addr ffff8881029fdf80 by task kunit_try_catch/144 [ 23.707587] [ 23.707771] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.708737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.709217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.710457] Call Trace: [ 23.711034] <TASK> [ 23.711219] dump_stack_lvl+0x73/0xb0 [ 23.712001] print_report+0xd1/0x640 [ 23.712672] ? __virt_addr_valid+0x1db/0x2d0 [ 23.713096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.714076] kasan_report+0x102/0x140 [ 23.714667] ? kmalloc_oob_right+0x68c/0x7f0 [ 23.715292] ? kmalloc_oob_right+0x68c/0x7f0 [ 23.715941] __asan_report_load1_noabort+0x18/0x20 [ 23.716682] kmalloc_oob_right+0x68c/0x7f0 [ 23.717156] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.717552] ? __schedule+0xc3e/0x2790 [ 23.718428] ? __pfx_read_tsc+0x10/0x10 [ 23.718683] ? ktime_get_ts64+0x84/0x230 [ 23.719480] kunit_try_run_case+0x1b3/0x490 [ 23.720058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.720979] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.721428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.721886] ? __kthread_parkme+0x82/0x160 [ 23.723187] ? preempt_count_sub+0x50/0x80 [ 23.723599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.724039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.724527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.725089] kthread+0x257/0x310 [ 23.725656] ? __pfx_kthread+0x10/0x10 [ 23.726027] ret_from_fork+0x41/0x80 [ 23.726515] ? __pfx_kthread+0x10/0x10 [ 23.726953] ret_from_fork_asm+0x1a/0x30 [ 23.727510] </TASK> [ 23.727748] [ 23.728035] Allocated by task 144: [ 23.728328] kasan_save_stack+0x3d/0x60 [ 23.728740] kasan_save_track+0x18/0x40 [ 23.729158] kasan_save_alloc_info+0x3b/0x50 [ 23.729725] __kasan_kmalloc+0xb7/0xc0 [ 23.730238] __kmalloc_cache_noprof+0x184/0x410 [ 23.730637] kmalloc_oob_right+0xaa/0x7f0 [ 23.731169] kunit_try_run_case+0x1b3/0x490 [ 23.731492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.732993] kthread+0x257/0x310 [ 23.733215] ret_from_fork+0x41/0x80 [ 23.733707] ret_from_fork_asm+0x1a/0x30 [ 23.734189] [ 23.734451] The buggy address belongs to the object at ffff8881029fdf00 [ 23.734451] which belongs to the cache kmalloc-128 of size 128 [ 23.735517] The buggy address is located 13 bytes to the right of [ 23.735517] allocated 115-byte region [ffff8881029fdf00, ffff8881029fdf73) [ 23.736490] [ 23.736647] The buggy address belongs to the physical page: [ 23.737096] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fd [ 23.737853] flags: 0x200000000000000(node=0|zone=2) [ 23.738410] page_type: f5(slab) [ 23.738847] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.739667] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.740620] page dumped because: kasan: bad access detected [ 23.741294] [ 23.741523] Memory state around the buggy address: [ 23.742026] ffff8881029fde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.742761] ffff8881029fdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.743475] >ffff8881029fdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.744167] ^ [ 23.744599] ffff8881029fe000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.745374] ffff8881029fe080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.745797] ================================================================== [ 23.666292] ================================================================== [ 23.666927] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 23.667639] Write of size 1 at addr ffff8881029fdf78 by task kunit_try_catch/144 [ 23.668192] [ 23.668449] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 23.669140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.669699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.670348] Call Trace: [ 23.670661] <TASK> [ 23.670929] dump_stack_lvl+0x73/0xb0 [ 23.671350] print_report+0xd1/0x640 [ 23.671806] ? __virt_addr_valid+0x1db/0x2d0 [ 23.672192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.672712] kasan_report+0x102/0x140 [ 23.673097] ? kmalloc_oob_right+0x6bf/0x7f0 [ 23.673592] ? kmalloc_oob_right+0x6bf/0x7f0 [ 23.674109] __asan_report_store1_noabort+0x1b/0x30 [ 23.674777] kmalloc_oob_right+0x6bf/0x7f0 [ 23.675250] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.675702] ? __schedule+0xc3e/0x2790 [ 23.676104] ? __pfx_read_tsc+0x10/0x10 [ 23.676681] ? ktime_get_ts64+0x84/0x230 [ 23.677077] kunit_try_run_case+0x1b3/0x490 [ 23.677656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.677995] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.678366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.678890] ? __kthread_parkme+0x82/0x160 [ 23.679380] ? preempt_count_sub+0x50/0x80 [ 23.679897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.680384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.680797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.681404] kthread+0x257/0x310 [ 23.681768] ? __pfx_kthread+0x10/0x10 [ 23.682066] ret_from_fork+0x41/0x80 [ 23.682366] ? __pfx_kthread+0x10/0x10 [ 23.682843] ret_from_fork_asm+0x1a/0x30 [ 23.683343] </TASK> [ 23.683656] [ 23.683887] Allocated by task 144: [ 23.684274] kasan_save_stack+0x3d/0x60 [ 23.684693] kasan_save_track+0x18/0x40 [ 23.685023] kasan_save_alloc_info+0x3b/0x50 [ 23.685306] __kasan_kmalloc+0xb7/0xc0 [ 23.685731] __kmalloc_cache_noprof+0x184/0x410 [ 23.686261] kmalloc_oob_right+0xaa/0x7f0 [ 23.686705] kunit_try_run_case+0x1b3/0x490 [ 23.687091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.687613] kthread+0x257/0x310 [ 23.688113] ret_from_fork+0x41/0x80 [ 23.688603] ret_from_fork_asm+0x1a/0x30 [ 23.688992] [ 23.689191] The buggy address belongs to the object at ffff8881029fdf00 [ 23.689191] which belongs to the cache kmalloc-128 of size 128 [ 23.689927] The buggy address is located 5 bytes to the right of [ 23.689927] allocated 115-byte region [ffff8881029fdf00, ffff8881029fdf73) [ 23.690992] [ 23.691241] The buggy address belongs to the physical page: [ 23.691952] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fd [ 23.692688] flags: 0x200000000000000(node=0|zone=2) [ 23.693219] page_type: f5(slab) [ 23.693606] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.694217] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.694689] page dumped because: kasan: bad access detected [ 23.695252] [ 23.695492] Memory state around the buggy address: [ 23.695975] ffff8881029fde00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.696752] ffff8881029fde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.697390] >ffff8881029fdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.697811] ^ [ 23.698579] ffff8881029fdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.699076] ffff8881029fe000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.699521] ================================================================== [ 23.617193] ================================================================== [ 23.618651] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 23.619910] Write of size 1 at addr ffff8881029fdf73 by task kunit_try_catch/144 [ 23.620930] [ 23.622687] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241122 #1 [ 23.623661] Tainted: [N]=TEST [ 23.624022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.625302] Call Trace: [ 23.625751] <TASK> [ 23.626443] dump_stack_lvl+0x73/0xb0 [ 23.627081] print_report+0xd1/0x640 [ 23.627498] ? __virt_addr_valid+0x1db/0x2d0 [ 23.627944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.628503] kasan_report+0x102/0x140 [ 23.628788] ? kmalloc_oob_right+0x6f2/0x7f0 [ 23.629215] ? kmalloc_oob_right+0x6f2/0x7f0 [ 23.629567] __asan_report_store1_noabort+0x1b/0x30 [ 23.630149] kmalloc_oob_right+0x6f2/0x7f0 [ 23.630645] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.631034] ? __schedule+0xc3e/0x2790 [ 23.631401] ? __pfx_read_tsc+0x10/0x10 [ 23.631734] ? ktime_get_ts64+0x84/0x230 [ 23.632074] kunit_try_run_case+0x1b3/0x490 [ 23.632562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.633058] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.633364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.633673] ? __kthread_parkme+0x82/0x160 [ 23.634209] ? preempt_count_sub+0x50/0x80 [ 23.634780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.635286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.635844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.636227] kthread+0x257/0x310 [ 23.636611] ? __pfx_kthread+0x10/0x10 [ 23.637019] ret_from_fork+0x41/0x80 [ 23.637493] ? __pfx_kthread+0x10/0x10 [ 23.637780] ret_from_fork_asm+0x1a/0x30 [ 23.638343] </TASK> [ 23.638799] [ 23.640135] Allocated by task 144: [ 23.640942] kasan_save_stack+0x3d/0x60 [ 23.641319] kasan_save_track+0x18/0x40 [ 23.641678] kasan_save_alloc_info+0x3b/0x50 [ 23.642361] __kasan_kmalloc+0xb7/0xc0 [ 23.642637] __kmalloc_cache_noprof+0x184/0x410 [ 23.643487] kmalloc_oob_right+0xaa/0x7f0 [ 23.643903] kunit_try_run_case+0x1b3/0x490 [ 23.645106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.645848] kthread+0x257/0x310 [ 23.646143] ret_from_fork+0x41/0x80 [ 23.646623] ret_from_fork_asm+0x1a/0x30 [ 23.647458] [ 23.647977] The buggy address belongs to the object at ffff8881029fdf00 [ 23.647977] which belongs to the cache kmalloc-128 of size 128 [ 23.648767] The buggy address is located 0 bytes to the right of [ 23.648767] allocated 115-byte region [ffff8881029fdf00, ffff8881029fdf73) [ 23.650497] [ 23.651006] The buggy address belongs to the physical page: [ 23.651975] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fd [ 23.653211] flags: 0x200000000000000(node=0|zone=2) [ 23.654812] page_type: f5(slab) [ 23.656105] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.656851] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.657605] page dumped because: kasan: bad access detected [ 23.658126] [ 23.658407] Memory state around the buggy address: [ 23.659686] ffff8881029fde00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.660324] ffff8881029fde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.660899] >ffff8881029fdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.661753] ^ [ 23.662346] ffff8881029fdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.662911] ffff8881029fe000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.663739] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 206.960862] WARNING: CPU: 1 PID: 2236 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 206.961633] Modules linked in: [ 206.962013] CPU: 1 UID: 0 PID: 2236 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241122 #1 [ 206.963966] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.964811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.965768] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 206.966354] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 206.968603] RSP: 0000:ffff88810691fce8 EFLAGS: 00010286 [ 206.969663] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 206.970741] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff89008c3c [ 206.971535] RBP: ffff88810691fd10 R08: 0000000000000000 R09: ffffed1020d31f40 [ 206.972618] R10: ffff88810698fa07 R11: 0000000000000000 R12: ffffffff89008c28 [ 206.973354] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810691fda8 [ 206.973875] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 206.974304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.975226] CR2: 00007ffff7ffe000 CR3: 00000001110b8000 CR4: 00000000000006f0 [ 206.976459] DR0: ffffffff8afea1a4 DR1: ffffffff8afea1a9 DR2: ffffffff8afea1aa [ 206.977432] DR3: ffffffff8afea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.978434] Call Trace: [ 206.978825] <TASK> [ 206.979750] ? show_regs+0x68/0x80 [ 206.980668] ? __warn+0xd5/0x260 [ 206.980924] ? drm_rect_calc_vscale+0x130/0x190 [ 206.981621] ? report_bug+0x278/0x2e0 [ 206.982012] ? handle_bug+0x5c/0xb0 [ 206.983119] ? exc_invalid_op+0x1c/0x50 [ 206.983507] ? asm_exc_invalid_op+0x1f/0x30 [ 206.983870] ? drm_rect_calc_vscale+0x130/0x190 [ 206.984553] drm_test_rect_calc_vscale+0x109/0x270 [ 206.985675] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 206.986215] ? __schedule+0xc3e/0x2790 [ 206.987076] ? __pfx_read_tsc+0x10/0x10 [ 206.987684] ? ktime_get_ts64+0x84/0x230 [ 206.989093] kunit_try_run_case+0x1b3/0x490 [ 206.989490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.990057] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 206.991091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.991446] ? __kthread_parkme+0x82/0x160 [ 206.992521] ? preempt_count_sub+0x50/0x80 [ 206.993178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.993806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.994592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.995684] kthread+0x257/0x310 [ 206.996140] ? __pfx_kthread+0x10/0x10 [ 206.996509] ret_from_fork+0x41/0x80 [ 206.997253] ? __pfx_kthread+0x10/0x10 [ 206.998277] ret_from_fork_asm+0x1a/0x30 [ 206.999486] </TASK> [ 206.999776] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 207.006835] WARNING: CPU: 1 PID: 2238 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 207.008664] Modules linked in: [ 207.008982] CPU: 1 UID: 0 PID: 2238 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241122 #1 [ 207.011206] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 207.011608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 207.012523] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 207.013413] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 207.015111] RSP: 0000:ffff88810684fce8 EFLAGS: 00010286 [ 207.015643] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 207.016538] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff89008c74 [ 207.017357] RBP: ffff88810684fd10 R08: 0000000000000000 R09: ffffed1020d6b680 [ 207.017784] R10: ffff888106b5b407 R11: 0000000000000000 R12: ffffffff89008c60 [ 207.018840] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810684fda8 [ 207.019992] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 207.020389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.021204] CR2: 00007ffff7ffe000 CR3: 00000001110b8000 CR4: 00000000000006f0 [ 207.021603] DR0: ffffffff8afea1a4 DR1: ffffffff8afea1a9 DR2: ffffffff8afea1aa [ 207.022741] DR3: ffffffff8afea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 207.023944] Call Trace: [ 207.024173] <TASK> [ 207.024357] ? show_regs+0x68/0x80 [ 207.025768] ? __warn+0xd5/0x260 [ 207.026022] ? drm_rect_calc_vscale+0x130/0x190 [ 207.026850] ? report_bug+0x278/0x2e0 [ 207.027215] ? handle_bug+0x5c/0xb0 [ 207.028301] ? exc_invalid_op+0x1c/0x50 [ 207.029093] ? asm_exc_invalid_op+0x1f/0x30 [ 207.029440] ? drm_rect_calc_vscale+0x130/0x190 [ 207.030408] drm_test_rect_calc_vscale+0x109/0x270 [ 207.030754] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 207.031546] ? __schedule+0xc3e/0x2790 [ 207.032559] ? __pfx_read_tsc+0x10/0x10 [ 207.033079] ? ktime_get_ts64+0x84/0x230 [ 207.033526] kunit_try_run_case+0x1b3/0x490 [ 207.034344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 207.034763] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 207.035951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 207.036582] ? __kthread_parkme+0x82/0x160 [ 207.036957] ? preempt_count_sub+0x50/0x80 [ 207.037740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 207.038185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 207.039848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 207.040541] kthread+0x257/0x310 [ 207.041123] ? __pfx_kthread+0x10/0x10 [ 207.041649] ret_from_fork+0x41/0x80 [ 207.042284] ? __pfx_kthread+0x10/0x10 [ 207.042725] ret_from_fork_asm+0x1a/0x30 [ 207.043175] </TASK> [ 207.043369] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 206.895083] WARNING: CPU: 0 PID: 2226 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 206.897648] Modules linked in: [ 206.898426] CPU: 0 UID: 0 PID: 2226 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241122 #1 [ 206.899721] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.900264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.900529] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 206.900770] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 206.901912] RSP: 0000:ffff888103027ce8 EFLAGS: 00010286 [ 206.903406] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 206.903973] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff89008c78 [ 206.904833] RBP: ffff888103027d10 R08: 0000000000000000 R09: ffffed1020d31ea0 [ 206.905631] R10: ffff88810698f507 R11: 0000000000000000 R12: ffffffff89008c60 [ 206.906640] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103027da8 [ 206.907462] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 206.908129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.909255] CR2: 00007ffff7ffe000 CR3: 00000001110b8000 CR4: 00000000000006f0 [ 206.910082] DR0: ffffffff8afea1a0 DR1: ffffffff8afea1a1 DR2: ffffffff8afea1a3 [ 206.910789] DR3: ffffffff8afea1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.912269] Call Trace: [ 206.912836] <TASK> [ 206.913336] ? show_regs+0x68/0x80 [ 206.913766] ? __warn+0xd5/0x260 [ 206.914102] ? drm_rect_calc_hscale+0x125/0x190 [ 206.914507] ? report_bug+0x278/0x2e0 [ 206.915848] ? handle_bug+0x5c/0xb0 [ 206.916346] ? exc_invalid_op+0x1c/0x50 [ 206.916679] ? asm_exc_invalid_op+0x1f/0x30 [ 206.917997] ? drm_rect_calc_hscale+0x125/0x190 [ 206.918312] drm_test_rect_calc_hscale+0x109/0x270 [ 206.918636] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 206.919287] ? __schedule+0xc3e/0x2790 [ 206.919739] ? __pfx_read_tsc+0x10/0x10 [ 206.920247] ? ktime_get_ts64+0x84/0x230 [ 206.920652] kunit_try_run_case+0x1b3/0x490 [ 206.921737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.922122] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 206.922541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.922882] ? __kthread_parkme+0x82/0x160 [ 206.923292] ? preempt_count_sub+0x50/0x80 [ 206.924185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.924678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.926203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.926768] kthread+0x257/0x310 [ 206.927404] ? __pfx_kthread+0x10/0x10 [ 206.928095] ret_from_fork+0x41/0x80 [ 206.928489] ? __pfx_kthread+0x10/0x10 [ 206.929383] ret_from_fork_asm+0x1a/0x30 [ 206.930111] </TASK> [ 206.930448] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 206.849863] WARNING: CPU: 1 PID: 2224 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 206.851478] Modules linked in: [ 206.851780] CPU: 1 UID: 0 PID: 2224 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241122 #1 [ 206.852617] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.853776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.855268] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 206.855759] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 206.858818] RSP: 0000:ffff888103027ce8 EFLAGS: 00010286 [ 206.859338] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 206.860527] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff89008c40 [ 206.861262] RBP: ffff888103027d10 R08: 0000000000000000 R09: ffffed1020d31e60 [ 206.862562] R10: ffff88810698f307 R11: 0000000000000000 R12: ffffffff89008c28 [ 206.863207] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103027da8 [ 206.863811] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 206.865116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.865573] CR2: 00007ffff7ffe000 CR3: 00000001110b8000 CR4: 00000000000006f0 [ 206.866691] DR0: ffffffff8afea1a4 DR1: ffffffff8afea1a9 DR2: ffffffff8afea1aa [ 206.867722] DR3: ffffffff8afea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.868620] Call Trace: [ 206.869287] <TASK> [ 206.869565] ? show_regs+0x68/0x80 [ 206.870604] ? __warn+0xd5/0x260 [ 206.871160] ? drm_rect_calc_hscale+0x125/0x190 [ 206.871574] ? report_bug+0x278/0x2e0 [ 206.871983] ? handle_bug+0x5c/0xb0 [ 206.872728] ? exc_invalid_op+0x1c/0x50 [ 206.873248] ? asm_exc_invalid_op+0x1f/0x30 [ 206.873801] ? drm_rect_calc_hscale+0x125/0x190 [ 206.875004] drm_test_rect_calc_hscale+0x109/0x270 [ 206.875409] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 206.875863] ? __schedule+0xc3e/0x2790 [ 206.876619] ? __pfx_read_tsc+0x10/0x10 [ 206.877236] ? ktime_get_ts64+0x84/0x230 [ 206.877598] kunit_try_run_case+0x1b3/0x490 [ 206.878535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.879047] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 206.879759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.880193] ? __kthread_parkme+0x82/0x160 [ 206.880668] ? preempt_count_sub+0x50/0x80 [ 206.881136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.882427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.882855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.883654] kthread+0x257/0x310 [ 206.883996] ? __pfx_kthread+0x10/0x10 [ 206.884630] ret_from_fork+0x41/0x80 [ 206.885061] ? __pfx_kthread+0x10/0x10 [ 206.885631] ret_from_fork_asm+0x1a/0x30 [ 206.886138] </TASK> [ 206.887166] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 205.374258] WARNING: CPU: 1 PID: 2032 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 205.375625] Modules linked in: [ 205.375906] CPU: 1 UID: 0 PID: 2032 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241122 #1 [ 205.377338] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 205.378181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 205.379448] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 205.380105] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 205.381323] RSP: 0000:ffff888106567ba0 EFLAGS: 00010246 [ 205.381961] RAX: dffffc0000000000 RBX: ffff888106567c98 RCX: 0000000000000000 [ 205.382627] RDX: 1ffff11020cacf9c RSI: ffff888106567c98 RDI: ffff888106567ce0 [ 205.383473] RBP: ffff888106567be0 R08: ffff888106484000 R09: ffffffff88fb5800 [ 205.384510] R10: 0000000000000003 R11: 00000000ffffffff R12: ffff888106484000 [ 205.385523] R13: ffff888100317b20 R14: ffff888106567c18 R15: ffff888106567e28 [ 205.386045] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 205.387403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.388382] CR2: 00007ffff7ffe000 CR3: 00000001110b8000 CR4: 00000000000006f0 [ 205.388860] DR0: ffffffff8afea1a4 DR1: ffffffff8afea1a9 DR2: ffffffff8afea1aa [ 205.390157] DR3: ffffffff8afea1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 205.390660] Call Trace: [ 205.391471] <TASK> [ 205.391679] ? show_regs+0x68/0x80 [ 205.392508] ? __warn+0xd5/0x260 [ 205.393012] ? drm_framebuffer_init+0x44/0x300 [ 205.393656] ? report_bug+0x278/0x2e0 [ 205.394392] ? handle_bug+0x5c/0xb0 [ 205.394997] ? exc_invalid_op+0x1c/0x50 [ 205.395689] ? asm_exc_invalid_op+0x1f/0x30 [ 205.396332] ? drm_framebuffer_init+0x44/0x300 [ 205.396666] ? add_dr+0xc1/0x1d0 [ 205.397785] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 205.398283] ? add_dr+0x148/0x1d0 [ 205.399150] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 205.399581] ? __drmm_add_action+0x1a4/0x280 [ 205.400404] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 205.401216] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 205.402145] ? __drmm_add_action_or_reset+0x22/0x50 [ 205.402829] ? __schedule+0xc3e/0x2790 [ 205.403495] ? __pfx_read_tsc+0x10/0x10 [ 205.403793] ? ktime_get_ts64+0x84/0x230 [ 205.404807] kunit_try_run_case+0x1b3/0x490 [ 205.405346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.405780] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 205.406248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 205.406844] ? __kthread_parkme+0x82/0x160 [ 205.407415] ? preempt_count_sub+0x50/0x80 [ 205.407741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.408440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 205.408836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 205.409486] kthread+0x257/0x310 [ 205.409972] ? __pfx_kthread+0x10/0x10 [ 205.410331] ret_from_fork+0x41/0x80 [ 205.410816] ? __pfx_kthread+0x10/0x10 [ 205.411318] ret_from_fork_asm+0x1a/0x30 [ 205.411630] </TASK> [ 205.411934] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 205.298653] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 205.299721] WARNING: CPU: 0 PID: 2028 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 205.302366] Modules linked in: [ 205.302801] CPU: 0 UID: 0 PID: 2028 Comm: kunit_try_catch Tainted: G B D N 6.12.0-next-20241122 #1 [ 205.304450] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 205.304854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 205.306193] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 205.306754] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 54 1c 80 00 48 c7 c1 00 08 fb 88 4c 89 fa 48 c7 c7 60 08 fb 88 48 89 c6 e8 6b 97 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 205.308355] RSP: 0000:ffff888106567bd8 EFLAGS: 00010282 [ 205.308798] RAX: 0000000000000000 RBX: ffff888106567cb0 RCX: 1ffffffff13a42ec [ 205.309337] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 205.310314] RBP: ffff888106567c00 R08: 0000000000000000 R09: fffffbfff13a42ec [ 205.310852] R10: 0000000000000003 R11: 0000000000027970 R12: ffff888106567c88 [ 205.312374] R13: ffff8881061c0800 R14: ffff888106327000 R15: ffff888105de7700 [ 205.312897] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 205.313754] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.314821] CR2: 00007ffff7ffe000 CR3: 00000001110b8000 CR4: 00000000000006f0 [ 205.315754] DR0: ffffffff8afea1a0 DR1: ffffffff8afea1a1 DR2: ffffffff8afea1a3 [ 205.316479] DR3: ffffffff8afea1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 205.317402] Call Trace: [ 205.317611] <TASK> [ 205.317938] ? show_regs+0x68/0x80 [ 205.318982] ? __warn+0xd5/0x260 [ 205.319267] ? drm_framebuffer_free+0x136/0x1b0 [ 205.319724] ? report_bug+0x278/0x2e0 [ 205.320804] ? drm_framebuffer_free+0x137/0x1b0 [ 205.321245] ? handle_bug+0x5c/0xb0 [ 205.322295] ? exc_invalid_op+0x1c/0x50 [ 205.322667] ? asm_exc_invalid_op+0x1f/0x30 [ 205.323490] ? drm_framebuffer_free+0x136/0x1b0 [ 205.323906] ? drm_framebuffer_free+0x135/0x1b0 [ 205.324814] drm_test_framebuffer_free+0x1ac/0x610 [ 205.325909] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 205.326325] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 205.327297] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 205.327760] ? __drmm_add_action_or_reset+0x22/0x50 [ 205.328683] ? __schedule+0xc3e/0x2790 [ 205.329450] ? __pfx_read_tsc+0x10/0x10 [ 205.329761] ? ktime_get_ts64+0x84/0x230 [ 205.330816] kunit_try_run_case+0x1b3/0x490 [ 205.331299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.331780] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 205.332575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 205.333056] ? __kthread_parkme+0x82/0x160 [ 205.334366] ? preempt_count_sub+0x50/0x80 [ 205.334757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.335635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 205.336178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 205.336858] kthread+0x257/0x310 [ 205.337609] ? __pfx_kthread+0x10/0x10 [ 205.338405] ret_from_fork+0x41/0x80 [ 205.338774] ? __pfx_kthread+0x10/0x10 [ 205.339733] ret_from_fork_asm+0x1a/0x30 [ 205.340520] </TASK> [ 205.340888] ---[ end trace 0000000000000000 ]---