Date
Nov. 26, 2024, 6:09 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 31.449329] ================================================================== [ 31.450516] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 31.451452] Write of size 16 at addr fff00000c5685469 by task kunit_try_catch/167 [ 31.452263] [ 31.453020] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.454206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.454743] Hardware name: linux,dummy-virt (DT) [ 31.455357] Call trace: [ 31.455803] show_stack+0x20/0x38 (C) [ 31.456550] dump_stack_lvl+0x8c/0xd0 [ 31.457497] print_report+0x118/0x5e0 [ 31.458140] kasan_report+0xc8/0x118 [ 31.458750] kasan_check_range+0x100/0x1a8 [ 31.459394] __asan_memset+0x34/0x78 [ 31.460021] kmalloc_oob_memset_16+0x150/0x2f8 [ 31.460995] kunit_try_run_case+0x14c/0x3d0 [ 31.461651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.462633] kthread+0x24c/0x2d0 [ 31.463342] ret_from_fork+0x10/0x20 [ 31.464121] [ 31.464731] Allocated by task 167: [ 31.465240] kasan_save_stack+0x3c/0x68 [ 31.465865] kasan_save_track+0x20/0x40 [ 31.466406] kasan_save_alloc_info+0x40/0x58 [ 31.467124] __kasan_kmalloc+0xd4/0xd8 [ 31.467696] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.468674] kmalloc_oob_memset_16+0xb0/0x2f8 [ 31.469256] kunit_try_run_case+0x14c/0x3d0 [ 31.469738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.470581] kthread+0x24c/0x2d0 [ 31.471186] ret_from_fork+0x10/0x20 [ 31.471758] [ 31.472113] The buggy address belongs to the object at fff00000c5685400 [ 31.472113] which belongs to the cache kmalloc-128 of size 128 [ 31.474034] The buggy address is located 105 bytes inside of [ 31.474034] allocated 120-byte region [fff00000c5685400, fff00000c5685478) [ 31.474926] [ 31.475875] The buggy address belongs to the physical page: [ 31.476801] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105685 [ 31.477775] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.478553] page_type: f5(slab) [ 31.479078] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.479884] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.480993] page dumped because: kasan: bad access detected [ 31.481652] [ 31.481940] Memory state around the buggy address: [ 31.482574] fff00000c5685300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.483367] fff00000c5685380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.484260] >fff00000c5685400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.485665] ^ [ 31.486734] fff00000c5685480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.487552] fff00000c5685500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.488340] ================================================================== [ 31.297147] ================================================================== [ 31.298121] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 31.299448] Write of size 2 at addr fff00000c648be77 by task kunit_try_catch/161 [ 31.300523] [ 31.300861] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.302204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.302815] Hardware name: linux,dummy-virt (DT) [ 31.303620] Call trace: [ 31.304211] show_stack+0x20/0x38 (C) [ 31.305081] dump_stack_lvl+0x8c/0xd0 [ 31.305691] print_report+0x118/0x5e0 [ 31.306574] kasan_report+0xc8/0x118 [ 31.307196] kasan_check_range+0x100/0x1a8 [ 31.307842] __asan_memset+0x34/0x78 [ 31.308839] kmalloc_oob_memset_2+0x150/0x2f8 [ 31.309451] kunit_try_run_case+0x14c/0x3d0 [ 31.310185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.310946] kthread+0x24c/0x2d0 [ 31.311547] ret_from_fork+0x10/0x20 [ 31.312151] [ 31.312942] Allocated by task 161: [ 31.313362] kasan_save_stack+0x3c/0x68 [ 31.314044] kasan_save_track+0x20/0x40 [ 31.314563] kasan_save_alloc_info+0x40/0x58 [ 31.315312] __kasan_kmalloc+0xd4/0xd8 [ 31.315968] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.316527] kmalloc_oob_memset_2+0xb0/0x2f8 [ 31.317469] kunit_try_run_case+0x14c/0x3d0 [ 31.318089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.318713] kthread+0x24c/0x2d0 [ 31.319526] ret_from_fork+0x10/0x20 [ 31.320044] [ 31.320841] The buggy address belongs to the object at fff00000c648be00 [ 31.320841] which belongs to the cache kmalloc-128 of size 128 [ 31.322113] The buggy address is located 119 bytes inside of [ 31.322113] allocated 120-byte region [fff00000c648be00, fff00000c648be78) [ 31.323427] [ 31.323823] The buggy address belongs to the physical page: [ 31.324699] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648b [ 31.325957] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.326683] page_type: f5(slab) [ 31.327254] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.328541] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.329672] page dumped because: kasan: bad access detected [ 31.330150] [ 31.330353] Memory state around the buggy address: [ 31.330637] fff00000c648bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.331874] fff00000c648bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.332896] >fff00000c648be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.333512] ^ [ 31.334754] fff00000c648be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.335761] fff00000c648bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.336878] ================================================================== [ 31.347508] ================================================================== [ 31.348665] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 31.349419] Write of size 4 at addr fff00000c5685375 by task kunit_try_catch/163 [ 31.350304] [ 31.350715] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.352382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.353356] Hardware name: linux,dummy-virt (DT) [ 31.354071] Call trace: [ 31.354543] show_stack+0x20/0x38 (C) [ 31.355264] dump_stack_lvl+0x8c/0xd0 [ 31.355928] print_report+0x118/0x5e0 [ 31.356644] kasan_report+0xc8/0x118 [ 31.357215] kasan_check_range+0x100/0x1a8 [ 31.357813] __asan_memset+0x34/0x78 [ 31.358847] kmalloc_oob_memset_4+0x150/0x300 [ 31.359686] kunit_try_run_case+0x14c/0x3d0 [ 31.360672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.361631] kthread+0x24c/0x2d0 [ 31.362510] ret_from_fork+0x10/0x20 [ 31.363302] [ 31.363842] Allocated by task 163: [ 31.364342] kasan_save_stack+0x3c/0x68 [ 31.365353] kasan_save_track+0x20/0x40 [ 31.365897] kasan_save_alloc_info+0x40/0x58 [ 31.366488] __kasan_kmalloc+0xd4/0xd8 [ 31.367308] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.367928] kmalloc_oob_memset_4+0xb0/0x300 [ 31.368461] kunit_try_run_case+0x14c/0x3d0 [ 31.369406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.370081] kthread+0x24c/0x2d0 [ 31.370632] ret_from_fork+0x10/0x20 [ 31.371571] [ 31.371853] The buggy address belongs to the object at fff00000c5685300 [ 31.371853] which belongs to the cache kmalloc-128 of size 128 [ 31.373294] The buggy address is located 117 bytes inside of [ 31.373294] allocated 120-byte region [fff00000c5685300, fff00000c5685378) [ 31.374839] [ 31.375224] The buggy address belongs to the physical page: [ 31.375804] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105685 [ 31.377147] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.378012] page_type: f5(slab) [ 31.378576] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.379453] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.380226] page dumped because: kasan: bad access detected [ 31.381246] [ 31.381554] Memory state around the buggy address: [ 31.382177] fff00000c5685200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.382832] fff00000c5685280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.383741] >fff00000c5685300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.384884] ^ [ 31.385690] fff00000c5685380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.386535] fff00000c5685400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.387255] ================================================================== [ 31.397639] ================================================================== [ 31.398811] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 31.399602] Write of size 8 at addr fff00000c647b271 by task kunit_try_catch/165 [ 31.400726] [ 31.401069] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.402422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.403172] Hardware name: linux,dummy-virt (DT) [ 31.403897] Call trace: [ 31.404279] show_stack+0x20/0x38 (C) [ 31.405195] dump_stack_lvl+0x8c/0xd0 [ 31.405740] print_report+0x118/0x5e0 [ 31.406391] kasan_report+0xc8/0x118 [ 31.406974] kasan_check_range+0x100/0x1a8 [ 31.407544] __asan_memset+0x34/0x78 [ 31.408177] kmalloc_oob_memset_8+0x150/0x2f8 [ 31.408881] kunit_try_run_case+0x14c/0x3d0 [ 31.410039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.410872] kthread+0x24c/0x2d0 [ 31.411599] ret_from_fork+0x10/0x20 [ 31.412524] [ 31.412881] Allocated by task 165: [ 31.413444] kasan_save_stack+0x3c/0x68 [ 31.414223] kasan_save_track+0x20/0x40 [ 31.415024] kasan_save_alloc_info+0x40/0x58 [ 31.415728] __kasan_kmalloc+0xd4/0xd8 [ 31.416543] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.417340] kmalloc_oob_memset_8+0xb0/0x2f8 [ 31.418084] kunit_try_run_case+0x14c/0x3d0 [ 31.418526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.419495] kthread+0x24c/0x2d0 [ 31.419843] ret_from_fork+0x10/0x20 [ 31.420641] [ 31.421062] The buggy address belongs to the object at fff00000c647b200 [ 31.421062] which belongs to the cache kmalloc-128 of size 128 [ 31.422875] The buggy address is located 113 bytes inside of [ 31.422875] allocated 120-byte region [fff00000c647b200, fff00000c647b278) [ 31.424073] [ 31.424606] The buggy address belongs to the physical page: [ 31.425919] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10647b [ 31.426977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.427840] page_type: f5(slab) [ 31.428521] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.429570] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.430226] page dumped because: kasan: bad access detected [ 31.430920] [ 31.431316] Memory state around the buggy address: [ 31.432068] fff00000c647b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.433003] fff00000c647b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.434316] >fff00000c647b200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.435369] ^ [ 31.436273] fff00000c647b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.437359] fff00000c647b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.437981] ==================================================================
[ 31.327145] ================================================================== [ 31.328221] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 31.329119] Write of size 4 at addr fff00000c64d9d75 by task kunit_try_catch/163 [ 31.329849] [ 31.331027] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.332668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.333388] Hardware name: linux,dummy-virt (DT) [ 31.334325] Call trace: [ 31.334771] show_stack+0x20/0x38 (C) [ 31.335354] dump_stack_lvl+0x8c/0xd0 [ 31.335872] print_report+0x118/0x5e0 [ 31.336509] kasan_report+0xc8/0x118 [ 31.337200] kasan_check_range+0x100/0x1a8 [ 31.337908] __asan_memset+0x34/0x78 [ 31.338768] kmalloc_oob_memset_4+0x150/0x300 [ 31.339422] kunit_try_run_case+0x14c/0x3d0 [ 31.340114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.340994] kthread+0x24c/0x2d0 [ 31.341878] ret_from_fork+0x10/0x20 [ 31.342480] [ 31.342825] Allocated by task 163: [ 31.343277] kasan_save_stack+0x3c/0x68 [ 31.343913] kasan_save_track+0x20/0x40 [ 31.344558] kasan_save_alloc_info+0x40/0x58 [ 31.345149] __kasan_kmalloc+0xd4/0xd8 [ 31.345971] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.346634] kmalloc_oob_memset_4+0xb0/0x300 [ 31.348182] kunit_try_run_case+0x14c/0x3d0 [ 31.348806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.349484] kthread+0x24c/0x2d0 [ 31.350486] ret_from_fork+0x10/0x20 [ 31.351015] [ 31.351348] The buggy address belongs to the object at fff00000c64d9d00 [ 31.351348] which belongs to the cache kmalloc-128 of size 128 [ 31.352740] The buggy address is located 117 bytes inside of [ 31.352740] allocated 120-byte region [fff00000c64d9d00, fff00000c64d9d78) [ 31.354587] [ 31.354955] The buggy address belongs to the physical page: [ 31.355673] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d9 [ 31.356647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.357567] page_type: f5(slab) [ 31.358059] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.359477] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.360366] page dumped because: kasan: bad access detected [ 31.361057] [ 31.361451] Memory state around the buggy address: [ 31.362594] fff00000c64d9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.363479] fff00000c64d9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.364225] >fff00000c64d9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.365143] ^ [ 31.366150] fff00000c64d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.367615] fff00000c64d9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.368454] ================================================================== [ 31.379551] ================================================================== [ 31.380753] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 31.381516] Write of size 8 at addr fff00000c64d9e71 by task kunit_try_catch/165 [ 31.383079] [ 31.383434] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.384640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.385396] Hardware name: linux,dummy-virt (DT) [ 31.385956] Call trace: [ 31.386451] show_stack+0x20/0x38 (C) [ 31.387085] dump_stack_lvl+0x8c/0xd0 [ 31.387785] print_report+0x118/0x5e0 [ 31.388389] kasan_report+0xc8/0x118 [ 31.389064] kasan_check_range+0x100/0x1a8 [ 31.389706] __asan_memset+0x34/0x78 [ 31.390271] kmalloc_oob_memset_8+0x150/0x2f8 [ 31.390871] kunit_try_run_case+0x14c/0x3d0 [ 31.391622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.392370] kthread+0x24c/0x2d0 [ 31.393001] ret_from_fork+0x10/0x20 [ 31.393580] [ 31.393980] Allocated by task 165: [ 31.394567] kasan_save_stack+0x3c/0x68 [ 31.395123] kasan_save_track+0x20/0x40 [ 31.395808] kasan_save_alloc_info+0x40/0x58 [ 31.396458] __kasan_kmalloc+0xd4/0xd8 [ 31.397052] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.397709] kmalloc_oob_memset_8+0xb0/0x2f8 [ 31.398401] kunit_try_run_case+0x14c/0x3d0 [ 31.399048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.399873] kthread+0x24c/0x2d0 [ 31.400383] ret_from_fork+0x10/0x20 [ 31.401045] [ 31.401434] The buggy address belongs to the object at fff00000c64d9e00 [ 31.401434] which belongs to the cache kmalloc-128 of size 128 [ 31.402325] The buggy address is located 113 bytes inside of [ 31.402325] allocated 120-byte region [fff00000c64d9e00, fff00000c64d9e78) [ 31.403224] [ 31.403582] The buggy address belongs to the physical page: [ 31.404100] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d9 [ 31.405194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.405808] page_type: f5(slab) [ 31.406211] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.406947] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.407954] page dumped because: kasan: bad access detected [ 31.408743] [ 31.409126] Memory state around the buggy address: [ 31.409633] fff00000c64d9d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.410566] fff00000c64d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.411484] >fff00000c64d9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.412122] ^ [ 31.412882] fff00000c64d9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.413804] fff00000c64d9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.414562] ================================================================== [ 31.274961] ================================================================== [ 31.275946] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 31.276835] Write of size 2 at addr fff00000c5e27277 by task kunit_try_catch/161 [ 31.277678] [ 31.278367] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.280454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.281043] Hardware name: linux,dummy-virt (DT) [ 31.281782] Call trace: [ 31.282144] show_stack+0x20/0x38 (C) [ 31.283509] dump_stack_lvl+0x8c/0xd0 [ 31.284174] print_report+0x118/0x5e0 [ 31.284861] kasan_report+0xc8/0x118 [ 31.285509] kasan_check_range+0x100/0x1a8 [ 31.286387] __asan_memset+0x34/0x78 [ 31.286993] kmalloc_oob_memset_2+0x150/0x2f8 [ 31.287634] kunit_try_run_case+0x14c/0x3d0 [ 31.288342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.289109] kthread+0x24c/0x2d0 [ 31.289677] ret_from_fork+0x10/0x20 [ 31.290924] [ 31.291267] Allocated by task 161: [ 31.291754] kasan_save_stack+0x3c/0x68 [ 31.292312] kasan_save_track+0x20/0x40 [ 31.292915] kasan_save_alloc_info+0x40/0x58 [ 31.293613] __kasan_kmalloc+0xd4/0xd8 [ 31.294218] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.294853] kmalloc_oob_memset_2+0xb0/0x2f8 [ 31.295517] kunit_try_run_case+0x14c/0x3d0 [ 31.296609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.297289] kthread+0x24c/0x2d0 [ 31.298267] ret_from_fork+0x10/0x20 [ 31.299092] [ 31.299594] The buggy address belongs to the object at fff00000c5e27200 [ 31.299594] which belongs to the cache kmalloc-128 of size 128 [ 31.300845] The buggy address is located 119 bytes inside of [ 31.300845] allocated 120-byte region [fff00000c5e27200, fff00000c5e27278) [ 31.302763] [ 31.303125] The buggy address belongs to the physical page: [ 31.303759] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e27 [ 31.304673] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.305417] page_type: f5(slab) [ 31.306485] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.307389] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.308181] page dumped because: kasan: bad access detected [ 31.308977] [ 31.309347] Memory state around the buggy address: [ 31.310291] fff00000c5e27100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.311027] fff00000c5e27180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.312165] >fff00000c5e27200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.312894] ^ [ 31.314031] fff00000c5e27280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.314697] fff00000c5e27300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.315609] ================================================================== [ 31.428687] ================================================================== [ 31.429915] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 31.430901] Write of size 16 at addr fff00000c5e27869 by task kunit_try_catch/167 [ 31.431935] [ 31.433300] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.434577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.435607] Hardware name: linux,dummy-virt (DT) [ 31.436465] Call trace: [ 31.436890] show_stack+0x20/0x38 (C) [ 31.437589] dump_stack_lvl+0x8c/0xd0 [ 31.438449] print_report+0x118/0x5e0 [ 31.439332] kasan_report+0xc8/0x118 [ 31.439949] kasan_check_range+0x100/0x1a8 [ 31.440590] __asan_memset+0x34/0x78 [ 31.441244] kmalloc_oob_memset_16+0x150/0x2f8 [ 31.441922] kunit_try_run_case+0x14c/0x3d0 [ 31.442775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.443468] kthread+0x24c/0x2d0 [ 31.443950] ret_from_fork+0x10/0x20 [ 31.444675] [ 31.445086] Allocated by task 167: [ 31.445610] kasan_save_stack+0x3c/0x68 [ 31.446719] kasan_save_track+0x20/0x40 [ 31.447677] kasan_save_alloc_info+0x40/0x58 [ 31.448290] __kasan_kmalloc+0xd4/0xd8 [ 31.448951] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.449656] kmalloc_oob_memset_16+0xb0/0x2f8 [ 31.450474] kunit_try_run_case+0x14c/0x3d0 [ 31.450963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.451489] kthread+0x24c/0x2d0 [ 31.451930] ret_from_fork+0x10/0x20 [ 31.452378] [ 31.453827] The buggy address belongs to the object at fff00000c5e27800 [ 31.453827] which belongs to the cache kmalloc-128 of size 128 [ 31.455022] The buggy address is located 105 bytes inside of [ 31.455022] allocated 120-byte region [fff00000c5e27800, fff00000c5e27878) [ 31.456781] [ 31.457356] The buggy address belongs to the physical page: [ 31.458714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e27 [ 31.460291] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.461469] page_type: f5(slab) [ 31.462666] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.463572] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.464550] page dumped because: kasan: bad access detected [ 31.465200] [ 31.465568] Memory state around the buggy address: [ 31.466844] fff00000c5e27700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.468201] fff00000c5e27780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.469085] >fff00000c5e27800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.470127] ^ [ 31.471247] fff00000c5e27880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.472305] fff00000c5e27900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.473131] ==================================================================
[ 25.482617] ================================================================== [ 25.483266] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 25.483266] Write of size 4 at addr ffff888102938a75 by task kunit_try_catch/183 [ 25.483266] [ 25.483266] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.483266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.487915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.487915] Call Trace: [ 25.487915] <TASK> [ 25.487915] dump_stack_lvl+0x73/0xb0 [ 25.487915] print_report+0xd1/0x640 [ 25.487915] ? __virt_addr_valid+0x1db/0x2d0 [ 25.487915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.487915] kasan_report+0x102/0x140 [ 25.487915] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.487915] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.487915] kasan_check_range+0x10c/0x1c0 [ 25.487915] __asan_memset+0x27/0x50 [ 25.487915] kmalloc_oob_memset_4+0x167/0x330 [ 25.487915] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 25.487915] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 25.487915] kunit_try_run_case+0x1b3/0x490 [ 25.487915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.487915] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.487915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.487915] ? __kthread_parkme+0x82/0x160 [ 25.487915] ? preempt_count_sub+0x50/0x80 [ 25.487915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.487915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.487915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.487915] kthread+0x257/0x310 [ 25.487915] ? __pfx_kthread+0x10/0x10 [ 25.487915] ret_from_fork+0x41/0x80 [ 25.487915] ? __pfx_kthread+0x10/0x10 [ 25.487915] ret_from_fork_asm+0x1a/0x30 [ 25.487915] </TASK> [ 25.487915] [ 25.487915] Allocated by task 183: [ 25.487915] kasan_save_stack+0x3d/0x60 [ 25.487915] kasan_save_track+0x18/0x40 [ 25.487915] kasan_save_alloc_info+0x3b/0x50 [ 25.487915] __kasan_kmalloc+0xb7/0xc0 [ 25.487915] __kmalloc_cache_noprof+0x184/0x410 [ 25.487915] kmalloc_oob_memset_4+0xad/0x330 [ 25.487915] kunit_try_run_case+0x1b3/0x490 [ 25.487915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.487915] kthread+0x257/0x310 [ 25.487915] ret_from_fork+0x41/0x80 [ 25.487915] ret_from_fork_asm+0x1a/0x30 [ 25.487915] [ 25.487915] The buggy address belongs to the object at ffff888102938a00 [ 25.487915] which belongs to the cache kmalloc-128 of size 128 [ 25.487915] The buggy address is located 117 bytes inside of [ 25.487915] allocated 120-byte region [ffff888102938a00, ffff888102938a78) [ 25.487915] [ 25.487915] The buggy address belongs to the physical page: [ 25.487915] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 25.487915] flags: 0x200000000000000(node=0|zone=2) [ 25.487915] page_type: f5(slab) [ 25.487915] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.487915] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.487915] page dumped because: kasan: bad access detected [ 25.487915] [ 25.487915] Memory state around the buggy address: [ 25.487915] ffff888102938900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.487915] ffff888102938980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.487915] >ffff888102938a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.487915] ^ [ 25.487915] ffff888102938a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.487915] ffff888102938b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.487915] ================================================================== [ 25.436456] ================================================================== [ 25.437150] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] Write of size 2 at addr ffff888102938877 by task kunit_try_catch/181 [ 25.437161] [ 25.437161] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.437161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.437161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.437161] Call Trace: [ 25.437161] <TASK> [ 25.437161] dump_stack_lvl+0x73/0xb0 [ 25.437161] print_report+0xd1/0x640 [ 25.437161] ? __virt_addr_valid+0x1db/0x2d0 [ 25.437161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.437161] kasan_report+0x102/0x140 [ 25.437161] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] kasan_check_range+0x10c/0x1c0 [ 25.437161] __asan_memset+0x27/0x50 [ 25.437161] kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.437161] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.437161] kunit_try_run_case+0x1b3/0x490 [ 25.437161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.437161] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.437161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.437161] ? __kthread_parkme+0x82/0x160 [ 25.437161] ? preempt_count_sub+0x50/0x80 [ 25.437161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.437161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.437161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.437161] kthread+0x257/0x310 [ 25.437161] ? __pfx_kthread+0x10/0x10 [ 25.437161] ret_from_fork+0x41/0x80 [ 25.437161] ? __pfx_kthread+0x10/0x10 [ 25.437161] ret_from_fork_asm+0x1a/0x30 [ 25.437161] </TASK> [ 25.437161] [ 25.437161] Allocated by task 181: [ 25.437161] kasan_save_stack+0x3d/0x60 [ 25.437161] kasan_save_track+0x18/0x40 [ 25.437161] kasan_save_alloc_info+0x3b/0x50 [ 25.437161] __kasan_kmalloc+0xb7/0xc0 [ 25.437161] __kmalloc_cache_noprof+0x184/0x410 [ 25.437161] kmalloc_oob_memset_2+0xad/0x330 [ 25.437161] kunit_try_run_case+0x1b3/0x490 [ 25.437161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.437161] kthread+0x257/0x310 [ 25.437161] ret_from_fork+0x41/0x80 [ 25.437161] ret_from_fork_asm+0x1a/0x30 [ 25.437161] [ 25.437161] The buggy address belongs to the object at ffff888102938800 [ 25.437161] which belongs to the cache kmalloc-128 of size 128 [ 25.437161] The buggy address is located 119 bytes inside of [ 25.437161] allocated 120-byte region [ffff888102938800, ffff888102938878) [ 25.437161] [ 25.437161] The buggy address belongs to the physical page: [ 25.437161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 25.437161] flags: 0x200000000000000(node=0|zone=2) [ 25.437161] page_type: f5(slab) [ 25.437161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.437161] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.437161] page dumped because: kasan: bad access detected [ 25.437161] [ 25.437161] Memory state around the buggy address: [ 25.437161] ffff888102938700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.437161] ffff888102938780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.437161] >ffff888102938800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.437161] ^ [ 25.437161] ffff888102938880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.437161] ffff888102938900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.437161] ================================================================== [ 25.575357] ================================================================== [ 25.576161] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] Write of size 16 at addr ffff8881028e1069 by task kunit_try_catch/187 [ 25.576161] [ 25.576161] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.576161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.576161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.576161] Call Trace: [ 25.576161] <TASK> [ 25.576161] dump_stack_lvl+0x73/0xb0 [ 25.576161] print_report+0xd1/0x640 [ 25.576161] ? __virt_addr_valid+0x1db/0x2d0 [ 25.576161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.576161] kasan_report+0x102/0x140 [ 25.576161] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] kasan_check_range+0x10c/0x1c0 [ 25.576161] __asan_memset+0x27/0x50 [ 25.576161] kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 25.576161] ? __schedule+0xc3e/0x2790 [ 25.576161] ? ktime_get_ts64+0x84/0x230 [ 25.576161] kunit_try_run_case+0x1b3/0x490 [ 25.576161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.576161] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.576161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.576161] ? __kthread_parkme+0x82/0x160 [ 25.576161] ? preempt_count_sub+0x50/0x80 [ 25.576161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.576161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.576161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.576161] kthread+0x257/0x310 [ 25.576161] ? __pfx_kthread+0x10/0x10 [ 25.576161] ret_from_fork+0x41/0x80 [ 25.576161] ? __pfx_kthread+0x10/0x10 [ 25.576161] ret_from_fork_asm+0x1a/0x30 [ 25.576161] </TASK> [ 25.576161] [ 25.576161] Allocated by task 187: [ 25.576161] kasan_save_stack+0x3d/0x60 [ 25.576161] kasan_save_track+0x18/0x40 [ 25.576161] kasan_save_alloc_info+0x3b/0x50 [ 25.576161] __kasan_kmalloc+0xb7/0xc0 [ 25.576161] __kmalloc_cache_noprof+0x184/0x410 [ 25.576161] kmalloc_oob_memset_16+0xad/0x330 [ 25.576161] kunit_try_run_case+0x1b3/0x490 [ 25.576161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.576161] kthread+0x257/0x310 [ 25.576161] ret_from_fork+0x41/0x80 [ 25.576161] ret_from_fork_asm+0x1a/0x30 [ 25.576161] [ 25.576161] The buggy address belongs to the object at ffff8881028e1000 [ 25.576161] which belongs to the cache kmalloc-128 of size 128 [ 25.576161] The buggy address is located 105 bytes inside of [ 25.576161] allocated 120-byte region [ffff8881028e1000, ffff8881028e1078) [ 25.576161] [ 25.576161] The buggy address belongs to the physical page: [ 25.576161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e1 [ 25.576161] flags: 0x200000000000000(node=0|zone=2) [ 25.576161] page_type: f5(slab) [ 25.576161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.576161] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.576161] page dumped because: kasan: bad access detected [ 25.576161] [ 25.576161] Memory state around the buggy address: [ 25.576161] ffff8881028e0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] ffff8881028e0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] >ffff8881028e1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.576161] ^ [ 25.576161] ffff8881028e1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] ffff8881028e1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] ==================================================================
[ 20.511746] ================================================================== [ 20.513172] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 20.513852] Write of size 4 at addr ffff88810295eb75 by task kunit_try_catch/181 [ 20.515445] [ 20.516112] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.516990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.517219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.517630] Call Trace: [ 20.517807] <TASK> [ 20.517981] dump_stack_lvl+0x73/0xb0 [ 20.518271] print_report+0xd1/0x640 [ 20.518624] ? __virt_addr_valid+0x1db/0x2d0 [ 20.520400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.521377] kasan_report+0x102/0x140 [ 20.522621] ? kmalloc_oob_memset_4+0x167/0x330 [ 20.523043] ? kmalloc_oob_memset_4+0x167/0x330 [ 20.523336] kasan_check_range+0x10c/0x1c0 [ 20.523794] __asan_memset+0x27/0x50 [ 20.524362] kmalloc_oob_memset_4+0x167/0x330 [ 20.526315] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 20.527221] ? __schedule+0xc3e/0x2790 [ 20.527934] ? __pfx_read_tsc+0x10/0x10 [ 20.528733] ? ktime_get_ts64+0x84/0x230 [ 20.529244] kunit_try_run_case+0x1b3/0x490 [ 20.530017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.530335] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.530645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.531008] ? __kthread_parkme+0x82/0x160 [ 20.531688] ? preempt_count_sub+0x50/0x80 [ 20.532013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.532422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.533631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.534001] kthread+0x257/0x310 [ 20.534321] ? __pfx_kthread+0x10/0x10 [ 20.535234] ret_from_fork+0x41/0x80 [ 20.535724] ? __pfx_kthread+0x10/0x10 [ 20.536294] ret_from_fork_asm+0x1a/0x30 [ 20.536754] </TASK> [ 20.537292] [ 20.537545] Allocated by task 181: [ 20.538040] kasan_save_stack+0x3d/0x60 [ 20.538506] kasan_save_track+0x18/0x40 [ 20.538792] kasan_save_alloc_info+0x3b/0x50 [ 20.539244] __kasan_kmalloc+0xb7/0xc0 [ 20.540500] __kmalloc_cache_noprof+0x184/0x410 [ 20.541066] kmalloc_oob_memset_4+0xad/0x330 [ 20.541756] kunit_try_run_case+0x1b3/0x490 [ 20.542471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.543172] kthread+0x257/0x310 [ 20.543567] ret_from_fork+0x41/0x80 [ 20.543990] ret_from_fork_asm+0x1a/0x30 [ 20.544587] [ 20.545144] The buggy address belongs to the object at ffff88810295eb00 [ 20.545144] which belongs to the cache kmalloc-128 of size 128 [ 20.546142] The buggy address is located 117 bytes inside of [ 20.546142] allocated 120-byte region [ffff88810295eb00, ffff88810295eb78) [ 20.548160] [ 20.548586] The buggy address belongs to the physical page: [ 20.549117] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295e [ 20.549514] flags: 0x200000000000000(node=0|zone=2) [ 20.550186] page_type: f5(slab) [ 20.551106] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.552312] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.553341] page dumped because: kasan: bad access detected [ 20.553968] [ 20.554204] Memory state around the buggy address: [ 20.554538] ffff88810295ea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.555878] ffff88810295ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.556615] >ffff88810295eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.557005] ^ [ 20.557604] ffff88810295eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.558659] ffff88810295ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.559420] ================================================================== [ 20.566738] ================================================================== [ 20.567629] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 20.568544] Write of size 8 at addr ffff8881028b7c71 by task kunit_try_catch/183 [ 20.569440] [ 20.569737] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.570602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.570947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.571908] Call Trace: [ 20.572332] <TASK> [ 20.572661] dump_stack_lvl+0x73/0xb0 [ 20.573235] print_report+0xd1/0x640 [ 20.573806] ? __virt_addr_valid+0x1db/0x2d0 [ 20.575384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.575915] kasan_report+0x102/0x140 [ 20.576406] ? kmalloc_oob_memset_8+0x167/0x330 [ 20.576976] ? kmalloc_oob_memset_8+0x167/0x330 [ 20.578152] kasan_check_range+0x10c/0x1c0 [ 20.578503] __asan_memset+0x27/0x50 [ 20.579311] kmalloc_oob_memset_8+0x167/0x330 [ 20.579833] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 20.580393] ? __schedule+0xc3e/0x2790 [ 20.581446] ? __pfx_read_tsc+0x10/0x10 [ 20.582388] ? ktime_get_ts64+0x84/0x230 [ 20.582754] kunit_try_run_case+0x1b3/0x490 [ 20.583161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.584044] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.584468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.585436] ? __kthread_parkme+0x82/0x160 [ 20.586127] ? preempt_count_sub+0x50/0x80 [ 20.586747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.587420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.588199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.588815] kthread+0x257/0x310 [ 20.589354] ? __pfx_kthread+0x10/0x10 [ 20.589915] ret_from_fork+0x41/0x80 [ 20.590534] ? __pfx_kthread+0x10/0x10 [ 20.591022] ret_from_fork_asm+0x1a/0x30 [ 20.591620] </TASK> [ 20.591885] [ 20.592156] Allocated by task 183: [ 20.592614] kasan_save_stack+0x3d/0x60 [ 20.593217] kasan_save_track+0x18/0x40 [ 20.593732] kasan_save_alloc_info+0x3b/0x50 [ 20.594360] __kasan_kmalloc+0xb7/0xc0 [ 20.594899] __kmalloc_cache_noprof+0x184/0x410 [ 20.595480] kmalloc_oob_memset_8+0xad/0x330 [ 20.595963] kunit_try_run_case+0x1b3/0x490 [ 20.596538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.597376] kthread+0x257/0x310 [ 20.598143] ret_from_fork+0x41/0x80 [ 20.598672] ret_from_fork_asm+0x1a/0x30 [ 20.599263] [ 20.599523] The buggy address belongs to the object at ffff8881028b7c00 [ 20.599523] which belongs to the cache kmalloc-128 of size 128 [ 20.600632] The buggy address is located 113 bytes inside of [ 20.600632] allocated 120-byte region [ffff8881028b7c00, ffff8881028b7c78) [ 20.602766] [ 20.603033] The buggy address belongs to the physical page: [ 20.603794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b7 [ 20.604393] flags: 0x200000000000000(node=0|zone=2) [ 20.604823] page_type: f5(slab) [ 20.605234] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.605667] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.606379] page dumped because: kasan: bad access detected [ 20.607465] [ 20.607665] Memory state around the buggy address: [ 20.608197] ffff8881028b7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 20.608834] ffff8881028b7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.609383] >ffff8881028b7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.610153] ^ [ 20.611319] ffff8881028b7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.611893] ffff8881028b7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.612455] ================================================================== [ 20.620738] ================================================================== [ 20.621592] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 20.622160] Write of size 16 at addr ffff8881028b7e69 by task kunit_try_catch/185 [ 20.622992] [ 20.623186] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.624050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.624457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.625780] Call Trace: [ 20.626310] <TASK> [ 20.626663] dump_stack_lvl+0x73/0xb0 [ 20.627195] print_report+0xd1/0x640 [ 20.627659] ? __virt_addr_valid+0x1db/0x2d0 [ 20.628502] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.629238] kasan_report+0x102/0x140 [ 20.629677] ? kmalloc_oob_memset_16+0x167/0x330 [ 20.630333] ? kmalloc_oob_memset_16+0x167/0x330 [ 20.630898] kasan_check_range+0x10c/0x1c0 [ 20.631382] __asan_memset+0x27/0x50 [ 20.631861] kmalloc_oob_memset_16+0x167/0x330 [ 20.632592] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 20.633161] ? __schedule+0xc3e/0x2790 [ 20.633734] ? __pfx_read_tsc+0x10/0x10 [ 20.634080] ? ktime_get_ts64+0x84/0x230 [ 20.634442] kunit_try_run_case+0x1b3/0x490 [ 20.634921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.635445] ? irqentry_exit+0x2a/0x60 [ 20.636476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.637162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.637517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.638244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.638676] kthread+0x257/0x310 [ 20.639341] ? __pfx_kthread+0x10/0x10 [ 20.639821] ret_from_fork+0x41/0x80 [ 20.640671] ? __pfx_kthread+0x10/0x10 [ 20.641256] ret_from_fork_asm+0x1a/0x30 [ 20.641722] </TASK> [ 20.641994] [ 20.642527] Allocated by task 185: [ 20.643362] kasan_save_stack+0x3d/0x60 [ 20.643773] kasan_save_track+0x18/0x40 [ 20.644177] kasan_save_alloc_info+0x3b/0x50 [ 20.644570] __kasan_kmalloc+0xb7/0xc0 [ 20.644974] __kmalloc_cache_noprof+0x184/0x410 [ 20.645450] kmalloc_oob_memset_16+0xad/0x330 [ 20.645888] kunit_try_run_case+0x1b3/0x490 [ 20.646744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.647526] kthread+0x257/0x310 [ 20.647935] ret_from_fork+0x41/0x80 [ 20.648505] ret_from_fork_asm+0x1a/0x30 [ 20.649116] [ 20.649349] The buggy address belongs to the object at ffff8881028b7e00 [ 20.649349] which belongs to the cache kmalloc-128 of size 128 [ 20.650578] The buggy address is located 105 bytes inside of [ 20.650578] allocated 120-byte region [ffff8881028b7e00, ffff8881028b7e78) [ 20.651834] [ 20.652179] The buggy address belongs to the physical page: [ 20.652768] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b7 [ 20.653708] flags: 0x200000000000000(node=0|zone=2) [ 20.654747] page_type: f5(slab) [ 20.655420] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.656161] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.656909] page dumped because: kasan: bad access detected [ 20.657661] [ 20.657873] Memory state around the buggy address: [ 20.658712] ffff8881028b7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 20.659547] ffff8881028b7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.660399] >ffff8881028b7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.661177] ^ [ 20.661824] ffff8881028b7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.662743] ffff8881028b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.663116] ================================================================== [ 20.459210] ================================================================== [ 20.460171] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 20.461217] Write of size 2 at addr ffff88810295ea77 by task kunit_try_catch/179 [ 20.462620] [ 20.462859] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.464220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.464966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.465840] Call Trace: [ 20.466077] <TASK> [ 20.466376] dump_stack_lvl+0x73/0xb0 [ 20.466951] print_report+0xd1/0x640 [ 20.467573] ? __virt_addr_valid+0x1db/0x2d0 [ 20.468181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.470210] kasan_report+0x102/0x140 [ 20.471307] ? kmalloc_oob_memset_2+0x167/0x330 [ 20.471841] ? kmalloc_oob_memset_2+0x167/0x330 [ 20.472151] kasan_check_range+0x10c/0x1c0 [ 20.472445] __asan_memset+0x27/0x50 [ 20.474680] kmalloc_oob_memset_2+0x167/0x330 [ 20.475842] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 20.476812] ? __schedule+0xc3e/0x2790 [ 20.477318] ? __pfx_read_tsc+0x10/0x10 [ 20.478352] ? ktime_get_ts64+0x84/0x230 [ 20.478853] kunit_try_run_case+0x1b3/0x490 [ 20.479738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.480087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.480575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.480947] ? __kthread_parkme+0x82/0x160 [ 20.481398] ? preempt_count_sub+0x50/0x80 [ 20.482076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.482395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.482771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.483319] kthread+0x257/0x310 [ 20.483662] ? __pfx_kthread+0x10/0x10 [ 20.483942] ret_from_fork+0x41/0x80 [ 20.484367] ? __pfx_kthread+0x10/0x10 [ 20.484722] ret_from_fork_asm+0x1a/0x30 [ 20.485249] </TASK> [ 20.486377] [ 20.486612] Allocated by task 179: [ 20.486927] kasan_save_stack+0x3d/0x60 [ 20.487353] kasan_save_track+0x18/0x40 [ 20.488297] kasan_save_alloc_info+0x3b/0x50 [ 20.488996] __kasan_kmalloc+0xb7/0xc0 [ 20.489185] __kmalloc_cache_noprof+0x184/0x410 [ 20.489347] kmalloc_oob_memset_2+0xad/0x330 [ 20.489531] kunit_try_run_case+0x1b3/0x490 [ 20.489800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.490132] kthread+0x257/0x310 [ 20.490558] ret_from_fork+0x41/0x80 [ 20.490891] ret_from_fork_asm+0x1a/0x30 [ 20.491469] [ 20.491763] The buggy address belongs to the object at ffff88810295ea00 [ 20.491763] which belongs to the cache kmalloc-128 of size 128 [ 20.492694] The buggy address is located 119 bytes inside of [ 20.492694] allocated 120-byte region [ffff88810295ea00, ffff88810295ea78) [ 20.494525] [ 20.494816] The buggy address belongs to the physical page: [ 20.495532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295e [ 20.496213] flags: 0x200000000000000(node=0|zone=2) [ 20.496792] page_type: f5(slab) [ 20.497330] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.498059] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.498561] page dumped because: kasan: bad access detected [ 20.499069] [ 20.499257] Memory state around the buggy address: [ 20.499734] ffff88810295e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.501100] ffff88810295e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.501679] >ffff88810295ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.502513] ^ [ 20.503190] ffff88810295ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.503874] ffff88810295eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.504550] ==================================================================