Date
Nov. 26, 2024, 6:09 a.m.
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 169.648957] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 36.325734] ================================================================== [ 36.326239] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 36.326239] [ 36.326935] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#181): [ 36.327565] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 36.328087] kunit_try_run_case+0x1b3/0x490 [ 36.328461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.328845] kthread+0x257/0x310 [ 36.329121] ret_from_fork+0x41/0x80 [ 36.329555] ret_from_fork_asm+0x1a/0x30 [ 36.330146] [ 36.330316] kfence-#181: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 36.330316] [ 36.331074] allocated by task 330 on cpu 0 at 36.325405s (0.005663s ago): [ 36.331648] test_alloc+0x35f/0x10d0 [ 36.332041] test_kmalloc_aligned_oob_read+0x106/0x570 [ 36.332573] kunit_try_run_case+0x1b3/0x490 [ 36.332938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.333431] kthread+0x257/0x310 [ 36.333715] ret_from_fork+0x41/0x80 [ 36.333990] ret_from_fork_asm+0x1a/0x30 [ 36.334283] [ 36.334577] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.335472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.336059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.336964] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 60.142640] ================================================================== [ 60.143081] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 60.143081] [ 60.143718] Use-after-free read at 0x(____ptrval____) (in kfence-#187): [ 60.144532] test_krealloc+0x6fd/0xbe0 [ 60.145081] kunit_try_run_case+0x1b3/0x490 [ 60.145725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.146137] kthread+0x257/0x310 [ 60.146402] ret_from_fork+0x41/0x80 [ 60.146906] ret_from_fork_asm+0x1a/0x30 [ 60.147428] [ 60.147788] kfence-#187: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 60.147788] [ 60.148805] allocated by task 344 on cpu 0 at 60.141466s (0.007334s ago): [ 60.149639] test_alloc+0x35f/0x10d0 [ 60.150169] test_krealloc+0xae/0xbe0 [ 60.150710] kunit_try_run_case+0x1b3/0x490 [ 60.151238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.151812] kthread+0x257/0x310 [ 60.152097] ret_from_fork+0x41/0x80 [ 60.152598] ret_from_fork_asm+0x1a/0x30 [ 60.153068] [ 60.153284] freed by task 344 on cpu 0 at 60.141896s (0.011382s ago): [ 60.153792] krealloc_noprof+0x108/0x340 [ 60.154252] test_krealloc+0x227/0xbe0 [ 60.154776] kunit_try_run_case+0x1b3/0x490 [ 60.155263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.155921] kthread+0x257/0x310 [ 60.156328] ret_from_fork+0x41/0x80 [ 60.156785] ret_from_fork_asm+0x1a/0x30 [ 60.157074] [ 60.157267] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 60.158010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.158425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 60.159108] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 60.056371] ================================================================== [ 60.057117] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 60.057117] [ 60.057949] Use-after-free read at 0x(____ptrval____) (in kfence-#186): [ 60.058625] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 60.059114] kunit_try_run_case+0x1b3/0x490 [ 60.059617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.059981] kthread+0x257/0x310 [ 60.060379] ret_from_fork+0x41/0x80 [ 60.060889] ret_from_fork_asm+0x1a/0x30 [ 60.061184] [ 60.061348] kfence-#186: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 60.061348] [ 60.062049] allocated by task 342 on cpu 0 at 60.037522s (0.024522s ago): [ 60.062901] test_alloc+0x2a7/0x10d0 [ 60.063339] test_memcache_typesafe_by_rcu+0x170/0x670 [ 60.063987] kunit_try_run_case+0x1b3/0x490 [ 60.064442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.065026] kthread+0x257/0x310 [ 60.065515] ret_from_fork+0x41/0x80 [ 60.065868] ret_from_fork_asm+0x1a/0x30 [ 60.066395] [ 60.066751] freed by task 342 on cpu 0 at 60.037670s (0.029073s ago): [ 60.067224] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 60.067876] kunit_try_run_case+0x1b3/0x490 [ 60.068331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 60.068900] kthread+0x257/0x310 [ 60.069370] ret_from_fork+0x41/0x80 [ 60.069806] ret_from_fork_asm+0x1a/0x30 [ 60.070334] [ 60.070706] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 60.071452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.072032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 60.072726] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 36.658871] ================================================================== [ 36.659700] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 36.659700] [ 36.660744] Invalid read at 0x(____ptrval____): [ 36.661546] test_invalid_access+0xf1/0x210 [ 36.662061] kunit_try_run_case+0x1b3/0x490 [ 36.662734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.663624] kthread+0x257/0x310 [ 36.664254] ret_from_fork+0x41/0x80 [ 36.664806] ret_from_fork_asm+0x1a/0x30 [ 36.665613] [ 36.666112] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.666796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.667075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.668055] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 36.429821] ================================================================== [ 36.430549] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 36.430549] [ 36.431859] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#182): [ 36.434072] test_kmalloc_aligned_oob_write+0x251/0x340 [ 36.434729] kunit_try_run_case+0x1b3/0x490 [ 36.435126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.435649] kthread+0x257/0x310 [ 36.435990] ret_from_fork+0x41/0x80 [ 36.436416] ret_from_fork_asm+0x1a/0x30 [ 36.436821] [ 36.436987] kfence-#182: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 36.436987] [ 36.437758] allocated by task 332 on cpu 1 at 36.429443s (0.008310s ago): [ 36.438495] test_alloc+0x35f/0x10d0 [ 36.439171] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 36.439621] kunit_try_run_case+0x1b3/0x490 [ 36.440743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.441042] kthread+0x257/0x310 [ 36.441407] ret_from_fork+0x41/0x80 [ 36.441828] ret_from_fork_asm+0x1a/0x30 [ 36.442243] [ 36.442411] freed by task 332 on cpu 1 at 36.429692s (0.012712s ago): [ 36.443030] test_kmalloc_aligned_oob_write+0x251/0x340 [ 36.444071] kunit_try_run_case+0x1b3/0x490 [ 36.444365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.444908] kthread+0x257/0x310 [ 36.445237] ret_from_fork+0x41/0x80 [ 36.446444] ret_from_fork_asm+0x1a/0x30 [ 36.447164] [ 36.447432] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.448284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.449036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.449727] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 30.606171] ================================================================== [ 30.606833] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 30.606833] [ 30.607439] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#126): [ 30.608044] test_corruption+0x2e1/0x3e0 [ 30.608624] kunit_try_run_case+0x1b3/0x490 [ 30.609049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.609538] kthread+0x257/0x310 [ 30.609803] ret_from_fork+0x41/0x80 [ 30.610228] ret_from_fork_asm+0x1a/0x30 [ 30.610810] [ 30.611011] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.611011] [ 30.611655] allocated by task 318 on cpu 0 at 30.605657s (0.005993s ago): [ 30.612279] test_alloc+0x35f/0x10d0 [ 30.612735] test_corruption+0x1cc/0x3e0 [ 30.613093] kunit_try_run_case+0x1b3/0x490 [ 30.613420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.614112] kthread+0x257/0x310 [ 30.614362] ret_from_fork+0x41/0x80 [ 30.614653] ret_from_fork_asm+0x1a/0x30 [ 30.614935] [ 30.615162] freed by task 318 on cpu 0 at 30.605822s (0.009335s ago): [ 30.616014] test_corruption+0x2e1/0x3e0 [ 30.616447] kunit_try_run_case+0x1b3/0x490 [ 30.617044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.617593] kthread+0x257/0x310 [ 30.617927] ret_from_fork+0x41/0x80 [ 30.618209] ret_from_fork_asm+0x1a/0x30 [ 30.618504] [ 30.618773] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.619629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.620163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.621067] ================================================================== [ 31.333753] ================================================================== [ 31.334327] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 31.334327] [ 31.335075] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#133): [ 31.335629] test_corruption+0x217/0x3e0 [ 31.336002] kunit_try_run_case+0x1b3/0x490 [ 31.336573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.337133] kthread+0x257/0x310 [ 31.337455] ret_from_fork+0x41/0x80 [ 31.337866] ret_from_fork_asm+0x1a/0x30 [ 31.338294] [ 31.338541] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.338541] [ 31.339226] allocated by task 320 on cpu 0 at 31.333538s (0.005682s ago): [ 31.339933] test_alloc+0x2a7/0x10d0 [ 31.340207] test_corruption+0x1cc/0x3e0 [ 31.340510] kunit_try_run_case+0x1b3/0x490 [ 31.340805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.341468] kthread+0x257/0x310 [ 31.341915] ret_from_fork+0x41/0x80 [ 31.342325] ret_from_fork_asm+0x1a/0x30 [ 31.342853] [ 31.343023] freed by task 320 on cpu 0 at 31.333633s (0.009384s ago): [ 31.343402] test_corruption+0x217/0x3e0 [ 31.343946] kunit_try_run_case+0x1b3/0x490 [ 31.344371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.344948] kthread+0x257/0x310 [ 31.345355] ret_from_fork+0x41/0x80 [ 31.345858] ret_from_fork_asm+0x1a/0x30 [ 31.346199] [ 31.346438] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.347129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.347397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.347857] ================================================================== [ 30.397784] ================================================================== [ 30.398202] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 30.398202] [ 30.398532] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#124): [ 30.399916] test_corruption+0x2d4/0x3e0 [ 30.400309] kunit_try_run_case+0x1b3/0x490 [ 30.400665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.400986] kthread+0x257/0x310 [ 30.401248] ret_from_fork+0x41/0x80 [ 30.401761] ret_from_fork_asm+0x1a/0x30 [ 30.402246] [ 30.402516] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.402516] [ 30.403439] allocated by task 318 on cpu 0 at 30.397525s (0.005909s ago): [ 30.404192] test_alloc+0x35f/0x10d0 [ 30.404688] test_corruption+0xe7/0x3e0 [ 30.405059] kunit_try_run_case+0x1b3/0x490 [ 30.405392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.405967] kthread+0x257/0x310 [ 30.406381] ret_from_fork+0x41/0x80 [ 30.406887] ret_from_fork_asm+0x1a/0x30 [ 30.407350] [ 30.407663] freed by task 318 on cpu 0 at 30.397682s (0.009974s ago): [ 30.408334] test_corruption+0x2d4/0x3e0 [ 30.408861] kunit_try_run_case+0x1b3/0x490 [ 30.409341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.409956] kthread+0x257/0x310 [ 30.410240] ret_from_fork+0x41/0x80 [ 30.410534] ret_from_fork_asm+0x1a/0x30 [ 30.411054] [ 30.411344] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.412359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.412881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.413723] ================================================================== [ 31.125772] ================================================================== [ 31.126400] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 31.126400] [ 31.127086] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#131): [ 31.128593] test_corruption+0x132/0x3e0 [ 31.128897] kunit_try_run_case+0x1b3/0x490 [ 31.129248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.129861] kthread+0x257/0x310 [ 31.130179] ret_from_fork+0x41/0x80 [ 31.130548] ret_from_fork_asm+0x1a/0x30 [ 31.131013] [ 31.131235] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.131235] [ 31.132063] allocated by task 320 on cpu 0 at 31.125567s (0.006491s ago): [ 31.132463] test_alloc+0x2a7/0x10d0 [ 31.132924] test_corruption+0xe7/0x3e0 [ 31.133341] kunit_try_run_case+0x1b3/0x490 [ 31.133844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.134195] kthread+0x257/0x310 [ 31.134599] ret_from_fork+0x41/0x80 [ 31.134982] ret_from_fork_asm+0x1a/0x30 [ 31.135431] [ 31.135628] freed by task 320 on cpu 0 at 31.125658s (0.009964s ago): [ 31.136358] test_corruption+0x132/0x3e0 [ 31.136836] kunit_try_run_case+0x1b3/0x490 [ 31.137210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.137562] kthread+0x257/0x310 [ 31.137924] ret_from_fork+0x41/0x80 [ 31.138328] ret_from_fork_asm+0x1a/0x30 [ 31.138702] [ 31.138906] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.139404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.139854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.140923] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 30.189570] ================================================================== [ 30.190247] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 30.190247] [ 30.190960] Invalid free of 0x(____ptrval____) (in kfence-#122): [ 30.191303] test_invalid_addr_free+0x1e3/0x260 [ 30.191793] kunit_try_run_case+0x1b3/0x490 [ 30.192327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.193079] kthread+0x257/0x310 [ 30.193343] ret_from_fork+0x41/0x80 [ 30.193648] ret_from_fork_asm+0x1a/0x30 [ 30.194182] [ 30.194472] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.194472] [ 30.195172] allocated by task 314 on cpu 0 at 30.189384s (0.005782s ago): [ 30.195629] test_alloc+0x35f/0x10d0 [ 30.196119] test_invalid_addr_free+0xdc/0x260 [ 30.196731] kunit_try_run_case+0x1b3/0x490 [ 30.197196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.197616] kthread+0x257/0x310 [ 30.197875] ret_from_fork+0x41/0x80 [ 30.198341] ret_from_fork_asm+0x1a/0x30 [ 30.198814] [ 30.199073] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.200359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.200977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.201722] ================================================================== [ 30.293472] ================================================================== [ 30.294113] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 30.294113] [ 30.294667] Invalid free of 0x(____ptrval____) (in kfence-#123): [ 30.295429] test_invalid_addr_free+0xfc/0x260 [ 30.295820] kunit_try_run_case+0x1b3/0x490 [ 30.296247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.296825] kthread+0x257/0x310 [ 30.297136] ret_from_fork+0x41/0x80 [ 30.297563] ret_from_fork_asm+0x1a/0x30 [ 30.297958] [ 30.298192] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.298192] [ 30.298891] allocated by task 316 on cpu 0 at 30.293364s (0.005521s ago): [ 30.299281] test_alloc+0x2a7/0x10d0 [ 30.299639] test_invalid_addr_free+0xdc/0x260 [ 30.300108] kunit_try_run_case+0x1b3/0x490 [ 30.300580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.301047] kthread+0x257/0x310 [ 30.301414] ret_from_fork+0x41/0x80 [ 30.301836] ret_from_fork_asm+0x1a/0x30 [ 30.302261] [ 30.302511] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.303255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.303566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.304150] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 30.085705] ================================================================== [ 30.086300] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 30.086300] [ 30.087058] Invalid free of 0x(____ptrval____) (in kfence-#121): [ 30.087591] test_double_free+0x113/0x260 [ 30.087995] kunit_try_run_case+0x1b3/0x490 [ 30.088507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.088899] kthread+0x257/0x310 [ 30.089300] ret_from_fork+0x41/0x80 [ 30.089707] ret_from_fork_asm+0x1a/0x30 [ 30.089997] [ 30.090288] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.090288] [ 30.091220] allocated by task 312 on cpu 1 at 30.085446s (0.005769s ago): [ 30.091753] test_alloc+0x2a7/0x10d0 [ 30.092014] test_double_free+0xdc/0x260 [ 30.092426] kunit_try_run_case+0x1b3/0x490 [ 30.093028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.093600] kthread+0x257/0x310 [ 30.093923] ret_from_fork+0x41/0x80 [ 30.094410] ret_from_fork_asm+0x1a/0x30 [ 30.094984] [ 30.095193] freed by task 312 on cpu 1 at 30.085543s (0.009643s ago): [ 30.095770] test_double_free+0xfb/0x260 [ 30.096225] kunit_try_run_case+0x1b3/0x490 [ 30.096689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.097123] kthread+0x257/0x310 [ 30.097422] ret_from_fork+0x41/0x80 [ 30.097925] ret_from_fork_asm+0x1a/0x30 [ 30.098385] [ 30.098610] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.099507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.099995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.100570] ================================================================== [ 29.981873] ================================================================== [ 29.982588] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 29.982588] [ 29.983362] Invalid free of 0x(____ptrval____) (in kfence-#120): [ 29.983869] test_double_free+0x1d5/0x260 [ 29.984192] kunit_try_run_case+0x1b3/0x490 [ 29.984768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.985240] kthread+0x257/0x310 [ 29.985721] ret_from_fork+0x41/0x80 [ 29.986005] ret_from_fork_asm+0x1a/0x30 [ 29.986298] [ 29.986549] kfence-#120: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.986549] [ 29.987468] allocated by task 310 on cpu 0 at 29.981555s (0.005906s ago): [ 29.988346] test_alloc+0x35f/0x10d0 [ 29.988819] test_double_free+0xdc/0x260 [ 29.989325] kunit_try_run_case+0x1b3/0x490 [ 29.989755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.990211] kthread+0x257/0x310 [ 29.990644] ret_from_fork+0x41/0x80 [ 29.991158] ret_from_fork_asm+0x1a/0x30 [ 29.991604] [ 29.991815] freed by task 310 on cpu 0 at 29.981666s (0.010143s ago): [ 29.992297] test_double_free+0x1e2/0x260 [ 29.992777] kunit_try_run_case+0x1b3/0x490 [ 29.993274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.993901] kthread+0x257/0x310 [ 29.994291] ret_from_fork+0x41/0x80 [ 29.994724] ret_from_fork_asm+0x1a/0x30 [ 29.995051] [ 29.995362] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.996186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.996552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.997460] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 29.565936] ================================================================== [ 29.566663] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 29.566663] [ 29.567327] Use-after-free read at 0x(____ptrval____) (in kfence-#116): [ 29.568169] test_use_after_free_read+0x12a/0x270 [ 29.568634] kunit_try_run_case+0x1b3/0x490 [ 29.569243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.569699] kthread+0x257/0x310 [ 29.569968] ret_from_fork+0x41/0x80 [ 29.570405] ret_from_fork_asm+0x1a/0x30 [ 29.570755] [ 29.570993] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.570993] [ 29.571578] allocated by task 302 on cpu 1 at 29.565579s (0.005994s ago): [ 29.572176] test_alloc+0x35f/0x10d0 [ 29.572539] test_use_after_free_read+0xdd/0x270 [ 29.573037] kunit_try_run_case+0x1b3/0x490 [ 29.573360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.574025] kthread+0x257/0x310 [ 29.574319] ret_from_fork+0x41/0x80 [ 29.574795] ret_from_fork_asm+0x1a/0x30 [ 29.575131] [ 29.575302] freed by task 302 on cpu 1 at 29.565693s (0.009601s ago): [ 29.575941] test_use_after_free_read+0x1e9/0x270 [ 29.576425] kunit_try_run_case+0x1b3/0x490 [ 29.577016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.577409] kthread+0x257/0x310 [ 29.577872] ret_from_fork+0x41/0x80 [ 29.578163] ret_from_fork_asm+0x1a/0x30 [ 29.578604] [ 29.578865] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.579403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.579865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.580518] ================================================================== [ 29.669812] ================================================================== [ 29.670452] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 29.670452] [ 29.671261] Use-after-free read at 0x(____ptrval____) (in kfence-#117): [ 29.671653] test_use_after_free_read+0x12a/0x270 [ 29.672170] kunit_try_run_case+0x1b3/0x490 [ 29.672658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.673044] kthread+0x257/0x310 [ 29.673312] ret_from_fork+0x41/0x80 [ 29.673790] ret_from_fork_asm+0x1a/0x30 [ 29.674244] [ 29.674477] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.674477] [ 29.674994] allocated by task 304 on cpu 1 at 29.669570s (0.005419s ago): [ 29.675692] test_alloc+0x2a7/0x10d0 [ 29.676089] test_use_after_free_read+0xdd/0x270 [ 29.676569] kunit_try_run_case+0x1b3/0x490 [ 29.676914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.677244] kthread+0x257/0x310 [ 29.677521] ret_from_fork+0x41/0x80 [ 29.677932] ret_from_fork_asm+0x1a/0x30 [ 29.678497] [ 29.678777] freed by task 304 on cpu 1 at 29.669664s (0.009107s ago): [ 29.679424] test_use_after_free_read+0xfc/0x270 [ 29.679835] kunit_try_run_case+0x1b3/0x490 [ 29.680272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.680655] kthread+0x257/0x310 [ 29.681016] ret_from_fork+0x41/0x80 [ 29.681378] ret_from_fork_asm+0x1a/0x30 [ 29.681914] [ 29.682133] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.682982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.683372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.684316] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 29.254002] ================================================================== [ 29.254466] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 29.254466] [ 29.255231] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#113): [ 29.255653] test_out_of_bounds_write+0x10e/0x260 [ 29.256401] kunit_try_run_case+0x1b3/0x490 [ 29.257281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.257671] kthread+0x257/0x310 [ 29.258261] ret_from_fork+0x41/0x80 [ 29.258754] ret_from_fork_asm+0x1a/0x30 [ 29.259527] [ 29.259841] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.259841] [ 29.260408] allocated by task 298 on cpu 0 at 29.253796s (0.006606s ago): [ 29.260927] test_alloc+0x35f/0x10d0 [ 29.261345] test_out_of_bounds_write+0xd5/0x260 [ 29.261793] kunit_try_run_case+0x1b3/0x490 [ 29.262238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.262635] kthread+0x257/0x310 [ 29.263021] ret_from_fork+0x41/0x80 [ 29.263411] ret_from_fork_asm+0x1a/0x30 [ 29.263922] [ 29.264195] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.264908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.265335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.266029] ================================================================== [ 29.461646] ================================================================== [ 29.462413] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 29.462413] [ 29.463160] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#115): [ 29.463586] test_out_of_bounds_write+0x10e/0x260 [ 29.464727] kunit_try_run_case+0x1b3/0x490 [ 29.465240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.465901] kthread+0x257/0x310 [ 29.466318] ret_from_fork+0x41/0x80 [ 29.466667] ret_from_fork_asm+0x1a/0x30 [ 29.467114] [ 29.467348] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.467348] [ 29.468023] allocated by task 300 on cpu 1 at 29.461548s (0.006470s ago): [ 29.468782] test_alloc+0x2a7/0x10d0 [ 29.469046] test_out_of_bounds_write+0xd5/0x260 [ 29.469338] kunit_try_run_case+0x1b3/0x490 [ 29.469794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.470459] kthread+0x257/0x310 [ 29.471012] ret_from_fork+0x41/0x80 [ 29.471507] ret_from_fork_asm+0x1a/0x30 [ 29.471947] [ 29.472147] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.472926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.473431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.474345] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 28.527129] ================================================================== [ 28.527786] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 28.527786] [ 28.528603] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#106): [ 28.529194] test_out_of_bounds_read+0x127/0x4e0 [ 28.530671] kunit_try_run_case+0x1b3/0x490 [ 28.531126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.531682] kthread+0x257/0x310 [ 28.532152] ret_from_fork+0x41/0x80 [ 28.532571] ret_from_fork_asm+0x1a/0x30 [ 28.533034] [ 28.533210] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.533210] [ 28.534314] allocated by task 294 on cpu 0 at 28.525604s (0.008704s ago): [ 28.535367] test_alloc+0x35f/0x10d0 [ 28.535673] test_out_of_bounds_read+0xee/0x4e0 [ 28.536149] kunit_try_run_case+0x1b3/0x490 [ 28.536589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.537082] kthread+0x257/0x310 [ 28.537402] ret_from_fork+0x41/0x80 [ 28.539027] ret_from_fork_asm+0x1a/0x30 [ 28.539652] [ 28.539994] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.541132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.541888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.542972] ================================================================== [ 28.733924] ================================================================== [ 28.734615] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 28.734615] [ 28.735556] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#108): [ 28.736249] test_out_of_bounds_read+0x217/0x4e0 [ 28.736693] kunit_try_run_case+0x1b3/0x490 [ 28.737134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.737644] kthread+0x257/0x310 [ 28.737950] ret_from_fork+0x41/0x80 [ 28.738326] ret_from_fork_asm+0x1a/0x30 [ 28.738875] [ 28.739060] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.739060] [ 28.739550] allocated by task 294 on cpu 0 at 28.733611s (0.005933s ago): [ 28.740216] test_alloc+0x35f/0x10d0 [ 28.740737] test_out_of_bounds_read+0x1e3/0x4e0 [ 28.741212] kunit_try_run_case+0x1b3/0x490 [ 28.741593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.742119] kthread+0x257/0x310 [ 28.742382] ret_from_fork+0x41/0x80 [ 28.742813] ret_from_fork_asm+0x1a/0x30 [ 28.743273] [ 28.743563] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.744287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.744583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.745412] ================================================================== [ 28.941689] ================================================================== [ 28.942319] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 28.942319] [ 28.943866] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#110): [ 28.944445] test_out_of_bounds_read+0x127/0x4e0 [ 28.945191] kunit_try_run_case+0x1b3/0x490 [ 28.946188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.946645] kthread+0x257/0x310 [ 28.946979] ret_from_fork+0x41/0x80 [ 28.947437] ret_from_fork_asm+0x1a/0x30 [ 28.947917] [ 28.948150] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.948150] [ 28.948874] allocated by task 296 on cpu 1 at 28.941588s (0.007281s ago): [ 28.949511] test_alloc+0x2a7/0x10d0 [ 28.949935] test_out_of_bounds_read+0xee/0x4e0 [ 28.950368] kunit_try_run_case+0x1b3/0x490 [ 28.950774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.951352] kthread+0x257/0x310 [ 28.951860] ret_from_fork+0x41/0x80 [ 28.952196] ret_from_fork_asm+0x1a/0x30 [ 28.952660] [ 28.952949] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.953674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.954031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.954605] ================================================================== [ 29.045680] ================================================================== [ 29.046415] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 29.046415] [ 29.047439] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#111): [ 29.048149] test_out_of_bounds_read+0x217/0x4e0 [ 29.048466] kunit_try_run_case+0x1b3/0x490 [ 29.048750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.048945] kthread+0x257/0x310 [ 29.049082] ret_from_fork+0x41/0x80 [ 29.049227] ret_from_fork_asm+0x1a/0x30 [ 29.049377] [ 29.049462] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.049462] [ 29.050459] allocated by task 296 on cpu 1 at 29.045593s (0.004861s ago): [ 29.051237] test_alloc+0x2a7/0x10d0 [ 29.051781] test_out_of_bounds_read+0x1e3/0x4e0 [ 29.052306] kunit_try_run_case+0x1b3/0x490 [ 29.052868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.053466] kthread+0x257/0x310 [ 29.053986] ret_from_fork+0x41/0x80 [ 29.054521] ret_from_fork_asm+0x1a/0x30 [ 29.055051] [ 29.055386] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.056420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.056966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.057969] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 19.111914] ================================================================== [ 19.112300] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 19.112776] Read of size 1 at addr ffff888102956880 by task kunit_try_catch/143 [ 19.113154] [ 19.113336] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.114368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.115024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.115904] Call Trace: [ 19.116308] <TASK> [ 19.116740] dump_stack_lvl+0x73/0xb0 [ 19.117162] print_report+0xd1/0x640 [ 19.117749] ? __virt_addr_valid+0x1db/0x2d0 [ 19.118231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.118683] kasan_report+0x102/0x140 [ 19.119247] ? kmalloc_oob_right+0x68c/0x7f0 [ 19.119864] ? kmalloc_oob_right+0x68c/0x7f0 [ 19.120333] __asan_report_load1_noabort+0x18/0x20 [ 19.120976] kmalloc_oob_right+0x68c/0x7f0 [ 19.121458] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 19.121945] ? __schedule+0xc3e/0x2790 [ 19.122419] ? __pfx_read_tsc+0x10/0x10 [ 19.122954] ? ktime_get_ts64+0x84/0x230 [ 19.123406] kunit_try_run_case+0x1b3/0x490 [ 19.123932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.124423] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.124914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.125289] ? __kthread_parkme+0x82/0x160 [ 19.125603] ? preempt_count_sub+0x50/0x80 [ 19.126074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.126760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.127444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.128109] kthread+0x257/0x310 [ 19.128655] ? __pfx_kthread+0x10/0x10 [ 19.129097] ret_from_fork+0x41/0x80 [ 19.129556] ? __pfx_kthread+0x10/0x10 [ 19.129895] ret_from_fork_asm+0x1a/0x30 [ 19.130354] </TASK> [ 19.130758] [ 19.130984] Allocated by task 143: [ 19.131424] kasan_save_stack+0x3d/0x60 [ 19.131911] kasan_save_track+0x18/0x40 [ 19.132408] kasan_save_alloc_info+0x3b/0x50 [ 19.132981] __kasan_kmalloc+0xb7/0xc0 [ 19.133340] __kmalloc_cache_noprof+0x184/0x410 [ 19.133801] kmalloc_oob_right+0xaa/0x7f0 [ 19.134262] kunit_try_run_case+0x1b3/0x490 [ 19.134647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.135086] kthread+0x257/0x310 [ 19.135473] ret_from_fork+0x41/0x80 [ 19.135969] ret_from_fork_asm+0x1a/0x30 [ 19.136397] [ 19.136687] The buggy address belongs to the object at ffff888102956800 [ 19.136687] which belongs to the cache kmalloc-128 of size 128 [ 19.137769] The buggy address is located 13 bytes to the right of [ 19.137769] allocated 115-byte region [ffff888102956800, ffff888102956873) [ 19.138957] [ 19.139279] The buggy address belongs to the physical page: [ 19.139897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102956 [ 19.140691] flags: 0x200000000000000(node=0|zone=2) [ 19.141186] page_type: f5(slab) [ 19.141632] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.142314] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.143031] page dumped because: kasan: bad access detected [ 19.143625] [ 19.143885] Memory state around the buggy address: [ 19.144288] ffff888102956780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.145042] ffff888102956800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.145796] >ffff888102956880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.146266] ^ [ 19.146623] ffff888102956900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.147307] ffff888102956980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.148088] ================================================================== [ 19.022570] ================================================================== [ 19.023903] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 19.025118] Write of size 1 at addr ffff888102956873 by task kunit_try_catch/143 [ 19.025995] [ 19.028128] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241126 #1 [ 19.029264] Tainted: [N]=TEST [ 19.029621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.030797] Call Trace: [ 19.031249] <TASK> [ 19.031861] dump_stack_lvl+0x73/0xb0 [ 19.032547] print_report+0xd1/0x640 [ 19.033126] ? __virt_addr_valid+0x1db/0x2d0 [ 19.033424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.034032] kasan_report+0x102/0x140 [ 19.034394] ? kmalloc_oob_right+0x6f2/0x7f0 [ 19.034968] ? kmalloc_oob_right+0x6f2/0x7f0 [ 19.035476] __asan_report_store1_noabort+0x1b/0x30 [ 19.036139] kmalloc_oob_right+0x6f2/0x7f0 [ 19.036527] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 19.036906] ? __schedule+0xc3e/0x2790 [ 19.037377] ? __pfx_read_tsc+0x10/0x10 [ 19.037943] ? ktime_get_ts64+0x84/0x230 [ 19.038261] kunit_try_run_case+0x1b3/0x490 [ 19.038851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.039225] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.039739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.041097] ? __kthread_parkme+0x82/0x160 [ 19.041415] ? preempt_count_sub+0x50/0x80 [ 19.041934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.042391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.042973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.043463] kthread+0x257/0x310 [ 19.043842] ? __pfx_kthread+0x10/0x10 [ 19.044419] ret_from_fork+0x41/0x80 [ 19.045392] ? __pfx_kthread+0x10/0x10 [ 19.045775] ret_from_fork_asm+0x1a/0x30 [ 19.046970] </TASK> [ 19.047372] [ 19.047633] Allocated by task 143: [ 19.048366] kasan_save_stack+0x3d/0x60 [ 19.048853] kasan_save_track+0x18/0x40 [ 19.049430] kasan_save_alloc_info+0x3b/0x50 [ 19.049958] __kasan_kmalloc+0xb7/0xc0 [ 19.050347] __kmalloc_cache_noprof+0x184/0x410 [ 19.050847] kmalloc_oob_right+0xaa/0x7f0 [ 19.051661] kunit_try_run_case+0x1b3/0x490 [ 19.051965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.052354] kthread+0x257/0x310 [ 19.052751] ret_from_fork+0x41/0x80 [ 19.053123] ret_from_fork_asm+0x1a/0x30 [ 19.053623] [ 19.054001] The buggy address belongs to the object at ffff888102956800 [ 19.054001] which belongs to the cache kmalloc-128 of size 128 [ 19.055675] The buggy address is located 0 bytes to the right of [ 19.055675] allocated 115-byte region [ffff888102956800, ffff888102956873) [ 19.057453] [ 19.057972] The buggy address belongs to the physical page: [ 19.059226] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102956 [ 19.060514] flags: 0x200000000000000(node=0|zone=2) [ 19.061605] page_type: f5(slab) [ 19.062828] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.063511] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.064237] page dumped because: kasan: bad access detected [ 19.064625] [ 19.064938] Memory state around the buggy address: [ 19.066217] ffff888102956700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.066881] ffff888102956780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.067541] >ffff888102956800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.068171] ^ [ 19.068971] ffff888102956880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.069673] ffff888102956900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.071017] ================================================================== [ 19.073851] ================================================================== [ 19.074685] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 19.075394] Write of size 1 at addr ffff888102956878 by task kunit_try_catch/143 [ 19.076384] [ 19.076617] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.077474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.077998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.078671] Call Trace: [ 19.078983] <TASK> [ 19.079355] dump_stack_lvl+0x73/0xb0 [ 19.079810] print_report+0xd1/0x640 [ 19.080294] ? __virt_addr_valid+0x1db/0x2d0 [ 19.081291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.081961] kasan_report+0x102/0x140 [ 19.082456] ? kmalloc_oob_right+0x6bf/0x7f0 [ 19.082844] ? kmalloc_oob_right+0x6bf/0x7f0 [ 19.083326] __asan_report_store1_noabort+0x1b/0x30 [ 19.083858] kmalloc_oob_right+0x6bf/0x7f0 [ 19.084212] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 19.084787] ? __schedule+0xc3e/0x2790 [ 19.085105] ? __pfx_read_tsc+0x10/0x10 [ 19.085718] ? ktime_get_ts64+0x84/0x230 [ 19.086092] kunit_try_run_case+0x1b3/0x490 [ 19.086655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.087007] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.087392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.088033] ? __kthread_parkme+0x82/0x160 [ 19.088474] ? preempt_count_sub+0x50/0x80 [ 19.089009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.089324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.090015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.090637] kthread+0x257/0x310 [ 19.091012] ? __pfx_kthread+0x10/0x10 [ 19.091293] ret_from_fork+0x41/0x80 [ 19.091779] ? __pfx_kthread+0x10/0x10 [ 19.092258] ret_from_fork_asm+0x1a/0x30 [ 19.092768] </TASK> [ 19.093050] [ 19.093257] Allocated by task 143: [ 19.093543] kasan_save_stack+0x3d/0x60 [ 19.094027] kasan_save_track+0x18/0x40 [ 19.094473] kasan_save_alloc_info+0x3b/0x50 [ 19.094879] __kasan_kmalloc+0xb7/0xc0 [ 19.095350] __kmalloc_cache_noprof+0x184/0x410 [ 19.095897] kmalloc_oob_right+0xaa/0x7f0 [ 19.096236] kunit_try_run_case+0x1b3/0x490 [ 19.096724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.097239] kthread+0x257/0x310 [ 19.097509] ret_from_fork+0x41/0x80 [ 19.097994] ret_from_fork_asm+0x1a/0x30 [ 19.098434] [ 19.098748] The buggy address belongs to the object at ffff888102956800 [ 19.098748] which belongs to the cache kmalloc-128 of size 128 [ 19.099568] The buggy address is located 5 bytes to the right of [ 19.099568] allocated 115-byte region [ffff888102956800, ffff888102956873) [ 19.100543] [ 19.100856] The buggy address belongs to the physical page: [ 19.101301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102956 [ 19.101956] flags: 0x200000000000000(node=0|zone=2) [ 19.102432] page_type: f5(slab) [ 19.102866] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.103364] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.104057] page dumped because: kasan: bad access detected [ 19.104359] [ 19.104536] Memory state around the buggy address: [ 19.105084] ffff888102956700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.105832] ffff888102956780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.106510] >ffff888102956800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.107084] ^ [ 19.107447] ffff888102956880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.107889] ffff888102956900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.110329] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 211.078543] WARNING: CPU: 1 PID: 2236 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 211.080141] Modules linked in: [ 211.080634] CPU: 1 UID: 0 PID: 2236 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 211.083068] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 211.083333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 211.084212] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 211.085169] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 211.086485] RSP: 0000:ffff888103eb7ce8 EFLAGS: 00010286 [ 211.087287] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 211.087845] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa680963c [ 211.088841] RBP: ffff888103eb7d10 R08: 0000000000000000 R09: ffffed1020e26aa0 [ 211.089734] R10: ffff888107135507 R11: 0000000000000000 R12: ffffffffa6809628 [ 211.090820] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103eb7da8 [ 211.091773] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 211.092579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.093830] CR2: ffffffffffffffff CR3: 000000017c0b8000 CR4: 00000000000006f0 [ 211.094763] DR0: ffffffffa87eb1a0 DR1: ffffffffa87eb1a1 DR2: ffffffffa87eb1a3 [ 211.096092] DR3: ffffffffa87eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 211.096570] Call Trace: [ 211.096765] <TASK> [ 211.097390] ? show_regs+0x68/0x80 [ 211.097833] ? __warn+0xd5/0x260 [ 211.098514] ? drm_rect_calc_vscale+0x130/0x190 [ 211.098995] ? report_bug+0x278/0x2e0 [ 211.099620] ? handle_bug+0x5c/0xb0 [ 211.100107] ? exc_invalid_op+0x1c/0x50 [ 211.100809] ? asm_exc_invalid_op+0x1f/0x30 [ 211.101893] ? drm_rect_calc_vscale+0x130/0x190 [ 211.102238] drm_test_rect_calc_vscale+0x109/0x270 [ 211.103114] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 211.103549] ? __schedule+0xc3e/0x2790 [ 211.104234] ? __pfx_read_tsc+0x10/0x10 [ 211.104761] ? ktime_get_ts64+0x84/0x230 [ 211.105224] kunit_try_run_case+0x1b3/0x490 [ 211.106773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.107514] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 211.107930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 211.108364] ? __kthread_parkme+0x82/0x160 [ 211.109447] ? preempt_count_sub+0x50/0x80 [ 211.109843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.111201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 211.111726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 211.112751] kthread+0x257/0x310 [ 211.113096] ? __pfx_kthread+0x10/0x10 [ 211.113670] ret_from_fork+0x41/0x80 [ 211.114025] ? __pfx_kthread+0x10/0x10 [ 211.114630] ret_from_fork_asm+0x1a/0x30 [ 211.115634] </TASK> [ 211.115917] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 211.123593] WARNING: CPU: 0 PID: 2238 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 211.125927] Modules linked in: [ 211.126551] CPU: 0 UID: 0 PID: 2238 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 211.127358] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 211.128431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 211.129694] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 211.130818] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 211.132413] RSP: 0000:ffff88810562fce8 EFLAGS: 00010286 [ 211.133500] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 211.134573] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa6809674 [ 211.135200] RBP: ffff88810562fd10 R08: 0000000000000000 R09: ffffed1020e26ac0 [ 211.135666] R10: ffff888107135607 R11: 0000000000000000 R12: ffffffffa6809660 [ 211.136265] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810562fda8 [ 211.137366] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 211.139189] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.140058] CR2: 00007ffff7ffe000 CR3: 000000017c0b8000 CR4: 00000000000006f0 [ 211.140839] DR0: ffffffffa87eb1a0 DR1: ffffffffa87eb1a1 DR2: ffffffffa87eb1a2 [ 211.141308] DR3: ffffffffa87eb1a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 211.141996] Call Trace: [ 211.142307] <TASK> [ 211.142886] ? show_regs+0x68/0x80 [ 211.143178] ? __warn+0xd5/0x260 [ 211.143822] ? drm_rect_calc_vscale+0x130/0x190 [ 211.144886] ? report_bug+0x278/0x2e0 [ 211.145468] ? handle_bug+0x5c/0xb0 [ 211.145828] ? exc_invalid_op+0x1c/0x50 [ 211.146317] ? asm_exc_invalid_op+0x1f/0x30 [ 211.146973] ? drm_rect_calc_vscale+0x130/0x190 [ 211.147625] drm_test_rect_calc_vscale+0x109/0x270 [ 211.148382] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 211.148896] ? __schedule+0xc3e/0x2790 [ 211.149517] ? __pfx_read_tsc+0x10/0x10 [ 211.149887] ? ktime_get_ts64+0x84/0x230 [ 211.150526] kunit_try_run_case+0x1b3/0x490 [ 211.151076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.151537] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 211.151951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 211.152871] ? __kthread_parkme+0x82/0x160 [ 211.153338] ? preempt_count_sub+0x50/0x80 [ 211.153671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.154548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 211.155282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 211.155903] kthread+0x257/0x310 [ 211.156287] ? __pfx_kthread+0x10/0x10 [ 211.158253] ret_from_fork+0x41/0x80 [ 211.158570] ? __pfx_kthread+0x10/0x10 [ 211.159108] ret_from_fork_asm+0x1a/0x30 [ 211.159556] </TASK> [ 211.159841] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 210.963011] WARNING: CPU: 0 PID: 2224 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 210.965576] Modules linked in: [ 210.965943] CPU: 0 UID: 0 PID: 2224 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 210.967672] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 210.968419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 210.969475] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 210.969925] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 210.972137] RSP: 0000:ffff888106a27ce8 EFLAGS: 00010286 [ 210.972801] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 210.973712] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa6809640 [ 210.974688] RBP: ffff888106a27d10 R08: 0000000000000000 R09: ffffed1020643b80 [ 210.975977] R10: ffff88810321dc07 R11: 0000000000000000 R12: ffffffffa6809628 [ 210.976814] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106a27da8 [ 210.977839] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 210.979161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.979615] CR2: 00007ffff7ffe000 CR3: 000000017c0b8000 CR4: 00000000000006f0 [ 210.980671] DR0: ffffffffa87eb1a0 DR1: ffffffffa87eb1a1 DR2: ffffffffa87eb1a2 [ 210.981649] DR3: ffffffffa87eb1a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 210.982639] Call Trace: [ 210.983251] <TASK> [ 210.983578] ? show_regs+0x68/0x80 [ 210.983862] ? __warn+0xd5/0x260 [ 210.985107] ? drm_rect_calc_hscale+0x125/0x190 [ 210.985566] ? report_bug+0x278/0x2e0 [ 210.985951] ? handle_bug+0x5c/0xb0 [ 210.986860] ? exc_invalid_op+0x1c/0x50 [ 210.987443] ? asm_exc_invalid_op+0x1f/0x30 [ 210.987845] ? drm_rect_calc_hscale+0x125/0x190 [ 210.988386] drm_test_rect_calc_hscale+0x109/0x270 [ 210.989198] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 210.990283] ? __schedule+0xc3e/0x2790 [ 210.990714] ? __pfx_read_tsc+0x10/0x10 [ 210.991143] ? ktime_get_ts64+0x84/0x230 [ 210.991654] kunit_try_run_case+0x1b3/0x490 [ 210.992279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.992713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 210.993623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 210.994591] ? __kthread_parkme+0x82/0x160 [ 210.995195] ? preempt_count_sub+0x50/0x80 [ 210.995596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.996204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 210.996642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 210.998528] kthread+0x257/0x310 [ 210.999011] ? __pfx_kthread+0x10/0x10 [ 210.999736] ret_from_fork+0x41/0x80 [ 211.000655] ? __pfx_kthread+0x10/0x10 [ 211.001200] ret_from_fork_asm+0x1a/0x30 [ 211.001630] </TASK> [ 211.002309] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 211.010442] WARNING: CPU: 0 PID: 2226 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 211.011439] Modules linked in: [ 211.011801] CPU: 0 UID: 0 PID: 2226 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 211.013475] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 211.014585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 211.015392] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 211.015897] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 211.018008] RSP: 0000:ffff8881073afce8 EFLAGS: 00010286 [ 211.019060] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 211.020382] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa6809678 [ 211.021124] RBP: ffff8881073afd10 R08: 0000000000000000 R09: ffffed1020e90be0 [ 211.021764] R10: ffff888107485f07 R11: 0000000000000000 R12: ffffffffa6809660 [ 211.023341] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881073afda8 [ 211.023859] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 211.024951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.025684] CR2: 00007ffff7ffe000 CR3: 000000017c0b8000 CR4: 00000000000006f0 [ 211.026783] DR0: ffffffffa87eb1a0 DR1: ffffffffa87eb1a1 DR2: ffffffffa87eb1a2 [ 211.027627] DR3: ffffffffa87eb1a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 211.029118] Call Trace: [ 211.029340] <TASK> [ 211.029545] ? show_regs+0x68/0x80 [ 211.030303] ? __warn+0xd5/0x260 [ 211.030590] ? drm_rect_calc_hscale+0x125/0x190 [ 211.031240] ? report_bug+0x278/0x2e0 [ 211.032552] ? handle_bug+0x5c/0xb0 [ 211.033278] ? exc_invalid_op+0x1c/0x50 [ 211.033891] ? asm_exc_invalid_op+0x1f/0x30 [ 211.034652] ? drm_rect_calc_hscale+0x125/0x190 [ 211.035745] drm_test_rect_calc_hscale+0x109/0x270 [ 211.036514] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 211.036986] ? __schedule+0xc3e/0x2790 [ 211.037542] ? __pfx_read_tsc+0x10/0x10 [ 211.038559] ? ktime_get_ts64+0x84/0x230 [ 211.038859] kunit_try_run_case+0x1b3/0x490 [ 211.039872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.040355] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 211.040821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 211.041272] ? __kthread_parkme+0x82/0x160 [ 211.042847] ? preempt_count_sub+0x50/0x80 [ 211.043698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 211.044153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 211.044721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 211.045222] kthread+0x257/0x310 [ 211.045846] ? __pfx_kthread+0x10/0x10 [ 211.046889] ret_from_fork+0x41/0x80 [ 211.047734] ? __pfx_kthread+0x10/0x10 [ 211.048322] ret_from_fork_asm+0x1a/0x30 [ 211.048690] </TASK> [ 211.049087] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 19.330259] ================================================================== [ 19.332365] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x289/0x530 [ 19.332365] [ 19.333089] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#57): [ 19.335598] kmalloc_track_caller_oob_right+0x289/0x530 [ 19.336791] kunit_try_run_case+0x1b3/0x490 [ 19.337510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.338128] kthread+0x257/0x310 [ 19.338752] ret_from_fork+0x41/0x80 [ 19.339226] ret_from_fork_asm+0x1a/0x30 [ 19.339613] [ 19.340093] kfence-#57: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 19.340093] [ 19.341505] allocated by task 149 on cpu 0 at 19.327177s (0.014171s ago): [ 19.342737] kmalloc_track_caller_oob_right+0x19b/0x530 [ 19.343405] kunit_try_run_case+0x1b3/0x490 [ 19.344404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.345037] kthread+0x257/0x310 [ 19.345665] ret_from_fork+0x41/0x80 [ 19.346315] ret_from_fork_asm+0x1a/0x30 [ 19.347186] [ 19.347777] freed by task 149 on cpu 0 at 19.329480s (0.018071s ago): [ 19.348778] kmalloc_track_caller_oob_right+0x289/0x530 [ 19.349588] kunit_try_run_case+0x1b3/0x490 [ 19.350004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.350855] kthread+0x257/0x310 [ 19.351344] ret_from_fork+0x41/0x80 [ 19.351934] ret_from_fork_asm+0x1a/0x30 [ 19.352282] [ 19.352649] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.353940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.354410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.355351] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 27.643820] ================================================================== [ 27.644758] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 27.645370] Write of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.646896] [ 27.647619] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.649286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.649723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.651271] Call Trace: [ 27.651522] <TASK> [ 27.652391] dump_stack_lvl+0x73/0xb0 [ 27.652943] print_report+0xd1/0x640 [ 27.653518] ? __virt_addr_valid+0x1db/0x2d0 [ 27.653967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.654543] kasan_report+0x102/0x140 [ 27.654928] ? strncpy_from_user+0x2e/0x1e0 [ 27.655317] ? strncpy_from_user+0x2e/0x1e0 [ 27.656658] kasan_check_range+0x10c/0x1c0 [ 27.656961] __kasan_check_write+0x18/0x20 [ 27.657415] strncpy_from_user+0x2e/0x1e0 [ 27.657945] ? __kasan_check_read+0x15/0x20 [ 27.658399] copy_user_test_oob+0x761/0x10f0 [ 27.659429] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.660041] ? finish_task_switch.isra.0+0x153/0x700 [ 27.660565] ? __switch_to+0x5d9/0xf60 [ 27.661368] ? __schedule+0xc3e/0x2790 [ 27.661869] ? __pfx_read_tsc+0x10/0x10 [ 27.662617] ? ktime_get_ts64+0x84/0x230 [ 27.663105] kunit_try_run_case+0x1b3/0x490 [ 27.663911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.664311] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.665067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.665559] ? __kthread_parkme+0x82/0x160 [ 27.666349] ? preempt_count_sub+0x50/0x80 [ 27.666978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.667410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.668257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.669028] kthread+0x257/0x310 [ 27.669452] ? __pfx_kthread+0x10/0x10 [ 27.670248] ret_from_fork+0x41/0x80 [ 27.671014] ? __pfx_kthread+0x10/0x10 [ 27.671387] ret_from_fork_asm+0x1a/0x30 [ 27.671821] </TASK> [ 27.672078] [ 27.672254] Allocated by task 292: [ 27.673257] kasan_save_stack+0x3d/0x60 [ 27.673526] kasan_save_track+0x18/0x40 [ 27.674202] kasan_save_alloc_info+0x3b/0x50 [ 27.674921] __kasan_kmalloc+0xb7/0xc0 [ 27.675257] __kmalloc_noprof+0x1c4/0x500 [ 27.675583] kunit_kmalloc_array+0x25/0x60 [ 27.676466] copy_user_test_oob+0xac/0x10f0 [ 27.676924] kunit_try_run_case+0x1b3/0x490 [ 27.677384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.678313] kthread+0x257/0x310 [ 27.678958] ret_from_fork+0x41/0x80 [ 27.679387] ret_from_fork_asm+0x1a/0x30 [ 27.679719] [ 27.680474] The buggy address belongs to the object at ffff8881028cc000 [ 27.680474] which belongs to the cache kmalloc-128 of size 128 [ 27.681339] The buggy address is located 0 bytes inside of [ 27.681339] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.682849] [ 27.683169] The buggy address belongs to the physical page: [ 27.684109] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.684719] flags: 0x200000000000000(node=0|zone=2) [ 27.685310] page_type: f5(slab) [ 27.686107] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.686939] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.687736] page dumped because: kasan: bad access detected [ 27.688032] [ 27.688794] Memory state around the buggy address: [ 27.689129] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.689655] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.690589] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.691214] ^ [ 27.692151] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.692861] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.693403] ================================================================== [ 27.695614] ================================================================== [ 27.696850] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 27.697869] Write of size 1 at addr ffff8881028cc078 by task kunit_try_catch/292 [ 27.698396] [ 27.699024] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.700317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.700709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.701377] Call Trace: [ 27.702130] <TASK> [ 27.702497] dump_stack_lvl+0x73/0xb0 [ 27.703365] print_report+0xd1/0x640 [ 27.704188] ? __virt_addr_valid+0x1db/0x2d0 [ 27.705215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.705674] kasan_report+0x102/0x140 [ 27.706289] ? strncpy_from_user+0x1a7/0x1e0 [ 27.706883] ? strncpy_from_user+0x1a7/0x1e0 [ 27.707383] __asan_report_store1_noabort+0x1b/0x30 [ 27.707923] strncpy_from_user+0x1a7/0x1e0 [ 27.708640] copy_user_test_oob+0x761/0x10f0 [ 27.709087] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.709462] ? finish_task_switch.isra.0+0x153/0x700 [ 27.709810] ? __switch_to+0x5d9/0xf60 [ 27.710137] ? __schedule+0xc3e/0x2790 [ 27.711079] ? __pfx_read_tsc+0x10/0x10 [ 27.711570] ? ktime_get_ts64+0x84/0x230 [ 27.712047] kunit_try_run_case+0x1b3/0x490 [ 27.712542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.713305] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.713936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.714453] ? __kthread_parkme+0x82/0x160 [ 27.715366] ? preempt_count_sub+0x50/0x80 [ 27.716052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.716528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.717223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.717825] kthread+0x257/0x310 [ 27.718171] ? __pfx_kthread+0x10/0x10 [ 27.719382] ret_from_fork+0x41/0x80 [ 27.720124] ? __pfx_kthread+0x10/0x10 [ 27.720503] ret_from_fork_asm+0x1a/0x30 [ 27.720842] </TASK> [ 27.721133] [ 27.721347] Allocated by task 292: [ 27.721733] kasan_save_stack+0x3d/0x60 [ 27.722128] kasan_save_track+0x18/0x40 [ 27.722517] kasan_save_alloc_info+0x3b/0x50 [ 27.722833] __kasan_kmalloc+0xb7/0xc0 [ 27.723107] __kmalloc_noprof+0x1c4/0x500 [ 27.724626] kunit_kmalloc_array+0x25/0x60 [ 27.725085] copy_user_test_oob+0xac/0x10f0 [ 27.725701] kunit_try_run_case+0x1b3/0x490 [ 27.725970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.726836] kthread+0x257/0x310 [ 27.727175] ret_from_fork+0x41/0x80 [ 27.727645] ret_from_fork_asm+0x1a/0x30 [ 27.728034] [ 27.728271] The buggy address belongs to the object at ffff8881028cc000 [ 27.728271] which belongs to the cache kmalloc-128 of size 128 [ 27.729210] The buggy address is located 0 bytes to the right of [ 27.729210] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.730345] [ 27.730538] The buggy address belongs to the physical page: [ 27.731233] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.731952] flags: 0x200000000000000(node=0|zone=2) [ 27.732394] page_type: f5(slab) [ 27.733003] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.733689] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.734332] page dumped because: kasan: bad access detected [ 27.734930] [ 27.735099] Memory state around the buggy address: [ 27.735423] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.736263] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.737219] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.737871] ^ [ 27.738428] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.739341] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.740308] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 27.517691] ================================================================== [ 27.518632] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 27.519043] Read of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.519442] [ 27.519724] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.520899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.521317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.522369] Call Trace: [ 27.522614] <TASK> [ 27.522821] dump_stack_lvl+0x73/0xb0 [ 27.523105] print_report+0xd1/0x640 [ 27.523410] ? __virt_addr_valid+0x1db/0x2d0 [ 27.523978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.524579] kasan_report+0x102/0x140 [ 27.525182] ? copy_user_test_oob+0x4ab/0x10f0 [ 27.525792] ? copy_user_test_oob+0x4ab/0x10f0 [ 27.526330] kasan_check_range+0x10c/0x1c0 [ 27.526895] __kasan_check_read+0x15/0x20 [ 27.527351] copy_user_test_oob+0x4ab/0x10f0 [ 27.527990] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.528383] ? finish_task_switch.isra.0+0x153/0x700 [ 27.528950] ? __switch_to+0x5d9/0xf60 [ 27.529426] ? __schedule+0xc3e/0x2790 [ 27.529944] ? __pfx_read_tsc+0x10/0x10 [ 27.530300] ? ktime_get_ts64+0x84/0x230 [ 27.530894] kunit_try_run_case+0x1b3/0x490 [ 27.531221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.531616] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.532139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.532682] ? __kthread_parkme+0x82/0x160 [ 27.533153] ? preempt_count_sub+0x50/0x80 [ 27.533461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.534011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.534658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.535098] kthread+0x257/0x310 [ 27.535588] ? __pfx_kthread+0x10/0x10 [ 27.536003] ret_from_fork+0x41/0x80 [ 27.536288] ? __pfx_kthread+0x10/0x10 [ 27.536618] ret_from_fork_asm+0x1a/0x30 [ 27.537190] </TASK> [ 27.537642] [ 27.537898] Allocated by task 292: [ 27.538321] kasan_save_stack+0x3d/0x60 [ 27.538793] kasan_save_track+0x18/0x40 [ 27.539076] kasan_save_alloc_info+0x3b/0x50 [ 27.539376] __kasan_kmalloc+0xb7/0xc0 [ 27.539814] __kmalloc_noprof+0x1c4/0x500 [ 27.540287] kunit_kmalloc_array+0x25/0x60 [ 27.540883] copy_user_test_oob+0xac/0x10f0 [ 27.541351] kunit_try_run_case+0x1b3/0x490 [ 27.541940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.542372] kthread+0x257/0x310 [ 27.544504] ret_from_fork+0x41/0x80 [ 27.544943] ret_from_fork_asm+0x1a/0x30 [ 27.545405] [ 27.545666] The buggy address belongs to the object at ffff8881028cc000 [ 27.545666] which belongs to the cache kmalloc-128 of size 128 [ 27.546428] The buggy address is located 0 bytes inside of [ 27.546428] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.549247] [ 27.549881] The buggy address belongs to the physical page: [ 27.550926] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.552220] flags: 0x200000000000000(node=0|zone=2) [ 27.552836] page_type: f5(slab) [ 27.553091] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.553516] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.553924] page dumped because: kasan: bad access detected [ 27.554214] [ 27.554306] Memory state around the buggy address: [ 27.554469] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.555355] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.556228] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.557099] ^ [ 27.557961] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.558887] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.559319] ================================================================== [ 27.604533] ================================================================== [ 27.605226] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 27.605842] Read of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.606438] [ 27.606781] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.607479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.607991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.608720] Call Trace: [ 27.609194] <TASK> [ 27.609504] dump_stack_lvl+0x73/0xb0 [ 27.610060] print_report+0xd1/0x640 [ 27.610358] ? __virt_addr_valid+0x1db/0x2d0 [ 27.610752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.611388] kasan_report+0x102/0x140 [ 27.611898] ? copy_user_test_oob+0x605/0x10f0 [ 27.612387] ? copy_user_test_oob+0x605/0x10f0 [ 27.613076] kasan_check_range+0x10c/0x1c0 [ 27.613637] __kasan_check_read+0x15/0x20 [ 27.614077] copy_user_test_oob+0x605/0x10f0 [ 27.614711] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.615166] ? finish_task_switch.isra.0+0x153/0x700 [ 27.615760] ? __switch_to+0x5d9/0xf60 [ 27.616245] ? __schedule+0xc3e/0x2790 [ 27.616713] ? __pfx_read_tsc+0x10/0x10 [ 27.617035] ? ktime_get_ts64+0x84/0x230 [ 27.617616] kunit_try_run_case+0x1b3/0x490 [ 27.618217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.618753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.619119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.619804] ? __kthread_parkme+0x82/0x160 [ 27.620367] ? preempt_count_sub+0x50/0x80 [ 27.620899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.621432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.621872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.622542] kthread+0x257/0x310 [ 27.622992] ? __pfx_kthread+0x10/0x10 [ 27.623427] ret_from_fork+0x41/0x80 [ 27.623961] ? __pfx_kthread+0x10/0x10 [ 27.624338] ret_from_fork_asm+0x1a/0x30 [ 27.624950] </TASK> [ 27.625276] [ 27.625448] Allocated by task 292: [ 27.625756] kasan_save_stack+0x3d/0x60 [ 27.626055] kasan_save_track+0x18/0x40 [ 27.626360] kasan_save_alloc_info+0x3b/0x50 [ 27.626951] __kasan_kmalloc+0xb7/0xc0 [ 27.627321] __kmalloc_noprof+0x1c4/0x500 [ 27.627682] kunit_kmalloc_array+0x25/0x60 [ 27.627980] copy_user_test_oob+0xac/0x10f0 [ 27.628272] kunit_try_run_case+0x1b3/0x490 [ 27.628880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.629420] kthread+0x257/0x310 [ 27.629925] ret_from_fork+0x41/0x80 [ 27.630351] ret_from_fork_asm+0x1a/0x30 [ 27.630925] [ 27.631192] The buggy address belongs to the object at ffff8881028cc000 [ 27.631192] which belongs to the cache kmalloc-128 of size 128 [ 27.632292] The buggy address is located 0 bytes inside of [ 27.632292] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.633390] [ 27.633751] The buggy address belongs to the physical page: [ 27.634236] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.634981] flags: 0x200000000000000(node=0|zone=2) [ 27.635406] page_type: f5(slab) [ 27.635904] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.636548] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.637193] page dumped because: kasan: bad access detected [ 27.637824] [ 27.638030] Memory state around the buggy address: [ 27.638473] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.639165] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.639613] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.639990] ^ [ 27.640748] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.641405] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.642247] ================================================================== [ 27.560777] ================================================================== [ 27.561321] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 27.562078] Write of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.562924] [ 27.563137] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.564080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.564693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.565329] Call Trace: [ 27.565817] <TASK> [ 27.566200] dump_stack_lvl+0x73/0xb0 [ 27.566701] print_report+0xd1/0x640 [ 27.567265] ? __virt_addr_valid+0x1db/0x2d0 [ 27.567774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.568392] kasan_report+0x102/0x140 [ 27.568907] ? copy_user_test_oob+0x558/0x10f0 [ 27.569252] ? copy_user_test_oob+0x558/0x10f0 [ 27.570065] kasan_check_range+0x10c/0x1c0 [ 27.570561] __kasan_check_write+0x18/0x20 [ 27.572727] copy_user_test_oob+0x558/0x10f0 [ 27.573413] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.573889] ? finish_task_switch.isra.0+0x153/0x700 [ 27.574609] ? __switch_to+0x5d9/0xf60 [ 27.574927] ? __schedule+0xc3e/0x2790 [ 27.575217] ? __pfx_read_tsc+0x10/0x10 [ 27.575586] ? ktime_get_ts64+0x84/0x230 [ 27.576095] kunit_try_run_case+0x1b3/0x490 [ 27.576525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.577096] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.577631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.578158] ? __kthread_parkme+0x82/0x160 [ 27.578736] ? preempt_count_sub+0x50/0x80 [ 27.579277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.579745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.580458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.581108] kthread+0x257/0x310 [ 27.581902] ? __pfx_kthread+0x10/0x10 [ 27.582205] ret_from_fork+0x41/0x80 [ 27.583163] ? __pfx_kthread+0x10/0x10 [ 27.583844] ret_from_fork_asm+0x1a/0x30 [ 27.584199] </TASK> [ 27.584469] [ 27.584634] Allocated by task 292: [ 27.584866] kasan_save_stack+0x3d/0x60 [ 27.585302] kasan_save_track+0x18/0x40 [ 27.585793] kasan_save_alloc_info+0x3b/0x50 [ 27.586203] __kasan_kmalloc+0xb7/0xc0 [ 27.586510] __kmalloc_noprof+0x1c4/0x500 [ 27.586948] kunit_kmalloc_array+0x25/0x60 [ 27.587377] copy_user_test_oob+0xac/0x10f0 [ 27.588258] kunit_try_run_case+0x1b3/0x490 [ 27.588582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.589131] kthread+0x257/0x310 [ 27.589454] ret_from_fork+0x41/0x80 [ 27.589924] ret_from_fork_asm+0x1a/0x30 [ 27.590470] [ 27.591723] The buggy address belongs to the object at ffff8881028cc000 [ 27.591723] which belongs to the cache kmalloc-128 of size 128 [ 27.592682] The buggy address is located 0 bytes inside of [ 27.592682] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.593472] [ 27.594453] The buggy address belongs to the physical page: [ 27.594940] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.595302] flags: 0x200000000000000(node=0|zone=2) [ 27.595516] page_type: f5(slab) [ 27.595757] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.596447] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.597216] page dumped because: kasan: bad access detected [ 27.597830] [ 27.598148] Memory state around the buggy address: [ 27.598631] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.599190] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.599963] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.600462] ^ [ 27.601407] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.602570] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.603214] ================================================================== [ 27.478940] ================================================================== [ 27.479551] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 27.480025] Write of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.480754] [ 27.481018] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.481714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.482195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.482786] Call Trace: [ 27.483141] <TASK> [ 27.483432] dump_stack_lvl+0x73/0xb0 [ 27.483983] print_report+0xd1/0x640 [ 27.484501] ? __virt_addr_valid+0x1db/0x2d0 [ 27.484870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.485442] kasan_report+0x102/0x140 [ 27.485947] ? copy_user_test_oob+0x3fe/0x10f0 [ 27.486283] ? copy_user_test_oob+0x3fe/0x10f0 [ 27.486843] kasan_check_range+0x10c/0x1c0 [ 27.487353] __kasan_check_write+0x18/0x20 [ 27.487759] copy_user_test_oob+0x3fe/0x10f0 [ 27.488165] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.488661] ? finish_task_switch.isra.0+0x153/0x700 [ 27.489066] ? __switch_to+0x5d9/0xf60 [ 27.489545] ? __schedule+0xc3e/0x2790 [ 27.490014] ? __pfx_read_tsc+0x10/0x10 [ 27.490433] ? ktime_get_ts64+0x84/0x230 [ 27.491025] kunit_try_run_case+0x1b3/0x490 [ 27.491442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.491905] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.492407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.492884] ? __kthread_parkme+0x82/0x160 [ 27.493189] ? preempt_count_sub+0x50/0x80 [ 27.493518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.494071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.494701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.495310] kthread+0x257/0x310 [ 27.495762] ? __pfx_kthread+0x10/0x10 [ 27.496215] ret_from_fork+0x41/0x80 [ 27.496614] ? __pfx_kthread+0x10/0x10 [ 27.497087] ret_from_fork_asm+0x1a/0x30 [ 27.497558] </TASK> [ 27.497863] [ 27.498071] Allocated by task 292: [ 27.498444] kasan_save_stack+0x3d/0x60 [ 27.499041] kasan_save_track+0x18/0x40 [ 27.499372] kasan_save_alloc_info+0x3b/0x50 [ 27.499907] __kasan_kmalloc+0xb7/0xc0 [ 27.500326] __kmalloc_noprof+0x1c4/0x500 [ 27.500683] kunit_kmalloc_array+0x25/0x60 [ 27.501150] copy_user_test_oob+0xac/0x10f0 [ 27.501605] kunit_try_run_case+0x1b3/0x490 [ 27.501935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.502569] kthread+0x257/0x310 [ 27.502961] ret_from_fork+0x41/0x80 [ 27.503415] ret_from_fork_asm+0x1a/0x30 [ 27.503964] [ 27.504261] The buggy address belongs to the object at ffff8881028cc000 [ 27.504261] which belongs to the cache kmalloc-128 of size 128 [ 27.505114] The buggy address is located 0 bytes inside of [ 27.505114] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.506166] [ 27.506474] The buggy address belongs to the physical page: [ 27.507211] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.507809] flags: 0x200000000000000(node=0|zone=2) [ 27.508122] page_type: f5(slab) [ 27.508543] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.509395] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.511646] page dumped because: kasan: bad access detected [ 27.511961] [ 27.512116] Memory state around the buggy address: [ 27.512397] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.513320] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.514152] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.514884] ^ [ 27.515595] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.516091] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.516464] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 27.430357] ================================================================== [ 27.431173] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 27.431768] Read of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.432338] [ 27.432577] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.434158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.434850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.435692] Call Trace: [ 27.435892] <TASK> [ 27.436457] dump_stack_lvl+0x73/0xb0 [ 27.436967] print_report+0xd1/0x640 [ 27.437386] ? __virt_addr_valid+0x1db/0x2d0 [ 27.437961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.438355] kasan_report+0x102/0x140 [ 27.438925] ? _copy_to_user+0x4a/0x70 [ 27.439374] ? _copy_to_user+0x4a/0x70 [ 27.439782] kasan_check_range+0x10c/0x1c0 [ 27.440202] __kasan_check_read+0x15/0x20 [ 27.440746] _copy_to_user+0x4a/0x70 [ 27.441174] copy_user_test_oob+0x365/0x10f0 [ 27.441699] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.442111] ? finish_task_switch.isra.0+0x153/0x700 [ 27.442712] ? __switch_to+0x5d9/0xf60 [ 27.443194] ? __schedule+0xc3e/0x2790 [ 27.443526] ? __pfx_read_tsc+0x10/0x10 [ 27.444044] ? ktime_get_ts64+0x84/0x230 [ 27.444535] kunit_try_run_case+0x1b3/0x490 [ 27.444957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.445326] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.445800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.446249] ? __kthread_parkme+0x82/0x160 [ 27.447773] ? preempt_count_sub+0x50/0x80 [ 27.448064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.448875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.449622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.450294] kthread+0x257/0x310 [ 27.451011] ? __pfx_kthread+0x10/0x10 [ 27.451601] ret_from_fork+0x41/0x80 [ 27.451941] ? __pfx_kthread+0x10/0x10 [ 27.452365] ret_from_fork_asm+0x1a/0x30 [ 27.452728] </TASK> [ 27.453019] [ 27.453246] Allocated by task 292: [ 27.453687] kasan_save_stack+0x3d/0x60 [ 27.453975] kasan_save_track+0x18/0x40 [ 27.454424] kasan_save_alloc_info+0x3b/0x50 [ 27.455006] __kasan_kmalloc+0xb7/0xc0 [ 27.455531] __kmalloc_noprof+0x1c4/0x500 [ 27.456015] kunit_kmalloc_array+0x25/0x60 [ 27.456327] copy_user_test_oob+0xac/0x10f0 [ 27.456865] kunit_try_run_case+0x1b3/0x490 [ 27.457366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.457774] kthread+0x257/0x310 [ 27.458178] ret_from_fork+0x41/0x80 [ 27.458696] ret_from_fork_asm+0x1a/0x30 [ 27.459157] [ 27.459416] The buggy address belongs to the object at ffff8881028cc000 [ 27.459416] which belongs to the cache kmalloc-128 of size 128 [ 27.460125] The buggy address is located 0 bytes inside of [ 27.460125] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.461232] [ 27.461504] The buggy address belongs to the physical page: [ 27.462106] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.462669] flags: 0x200000000000000(node=0|zone=2) [ 27.463149] page_type: f5(slab) [ 27.463618] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.464035] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.464801] page dumped because: kasan: bad access detected [ 27.465167] [ 27.465478] Memory state around the buggy address: [ 27.466051] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.466536] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.467144] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.467543] ^ [ 27.467971] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.468719] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.469363] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 27.380322] ================================================================== [ 27.381534] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 27.382424] Write of size 121 at addr ffff8881028cc000 by task kunit_try_catch/292 [ 27.383020] [ 27.383222] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.384248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.384589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.385402] Call Trace: [ 27.385795] <TASK> [ 27.386121] dump_stack_lvl+0x73/0xb0 [ 27.386904] print_report+0xd1/0x640 [ 27.387372] ? __virt_addr_valid+0x1db/0x2d0 [ 27.387999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.388531] kasan_report+0x102/0x140 [ 27.388979] ? _copy_from_user+0x33/0xa0 [ 27.389640] ? _copy_from_user+0x33/0xa0 [ 27.390346] kasan_check_range+0x10c/0x1c0 [ 27.390690] __kasan_check_write+0x18/0x20 [ 27.391411] _copy_from_user+0x33/0xa0 [ 27.391972] copy_user_test_oob+0x2bf/0x10f0 [ 27.392520] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.392957] ? finish_task_switch.isra.0+0x153/0x700 [ 27.393302] ? __switch_to+0x5d9/0xf60 [ 27.393780] ? __schedule+0xc3e/0x2790 [ 27.394236] ? __pfx_read_tsc+0x10/0x10 [ 27.394722] ? ktime_get_ts64+0x84/0x230 [ 27.395104] kunit_try_run_case+0x1b3/0x490 [ 27.395670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.396070] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.396547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.397161] ? __kthread_parkme+0x82/0x160 [ 27.397726] ? preempt_count_sub+0x50/0x80 [ 27.398176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.398531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.399206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.399851] kthread+0x257/0x310 [ 27.400276] ? __pfx_kthread+0x10/0x10 [ 27.400794] ret_from_fork+0x41/0x80 [ 27.401241] ? __pfx_kthread+0x10/0x10 [ 27.401765] ret_from_fork_asm+0x1a/0x30 [ 27.402292] </TASK> [ 27.402666] [ 27.402915] Allocated by task 292: [ 27.403234] kasan_save_stack+0x3d/0x60 [ 27.403550] kasan_save_track+0x18/0x40 [ 27.404057] kasan_save_alloc_info+0x3b/0x50 [ 27.404563] __kasan_kmalloc+0xb7/0xc0 [ 27.405071] __kmalloc_noprof+0x1c4/0x500 [ 27.405646] kunit_kmalloc_array+0x25/0x60 [ 27.406139] copy_user_test_oob+0xac/0x10f0 [ 27.406699] kunit_try_run_case+0x1b3/0x490 [ 27.407182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.407819] kthread+0x257/0x310 [ 27.408236] ret_from_fork+0x41/0x80 [ 27.408667] ret_from_fork_asm+0x1a/0x30 [ 27.409129] [ 27.409359] The buggy address belongs to the object at ffff8881028cc000 [ 27.409359] which belongs to the cache kmalloc-128 of size 128 [ 27.410460] The buggy address is located 0 bytes inside of [ 27.410460] allocated 120-byte region [ffff8881028cc000, ffff8881028cc078) [ 27.411668] [ 27.411931] The buggy address belongs to the physical page: [ 27.412306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cc [ 27.413054] flags: 0x200000000000000(node=0|zone=2) [ 27.413653] page_type: f5(slab) [ 27.414073] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.414868] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.415597] page dumped because: kasan: bad access detected [ 27.416366] [ 27.416713] Memory state around the buggy address: [ 27.417158] ffff8881028cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.418566] ffff8881028cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.419568] >ffff8881028cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.420202] ^ [ 27.421434] ffff8881028cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.422113] ffff8881028cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.423084] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 27.260785] ================================================================== [ 27.262570] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 27.263512] Read of size 8 at addr ffff8881028c8d78 by task kunit_try_catch/288 [ 27.264972] [ 27.265232] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.266318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.266791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.267926] Call Trace: [ 27.268118] <TASK> [ 27.268390] dump_stack_lvl+0x73/0xb0 [ 27.269439] print_report+0xd1/0x640 [ 27.269878] ? __virt_addr_valid+0x1db/0x2d0 [ 27.270297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.270759] kasan_report+0x102/0x140 [ 27.271139] ? copy_to_kernel_nofault+0x225/0x260 [ 27.272143] ? copy_to_kernel_nofault+0x225/0x260 [ 27.272587] __asan_report_load8_noabort+0x18/0x20 [ 27.273622] copy_to_kernel_nofault+0x225/0x260 [ 27.274051] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 27.274509] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 27.275292] ? finish_task_switch.isra.0+0x153/0x700 [ 27.275940] ? __schedule+0xc3e/0x2790 [ 27.276302] ? trace_hardirqs_on+0x37/0xe0 [ 27.276703] ? __pfx_read_tsc+0x10/0x10 [ 27.277017] ? ktime_get_ts64+0x84/0x230 [ 27.277464] kunit_try_run_case+0x1b3/0x490 [ 27.278551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.279308] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.279790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.280524] ? __kthread_parkme+0x82/0x160 [ 27.281089] ? preempt_count_sub+0x50/0x80 [ 27.281794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.282152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.282396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.282885] kthread+0x257/0x310 [ 27.283413] ? __pfx_kthread+0x10/0x10 [ 27.283887] ret_from_fork+0x41/0x80 [ 27.284305] ? __pfx_kthread+0x10/0x10 [ 27.284753] ret_from_fork_asm+0x1a/0x30 [ 27.285230] </TASK> [ 27.285677] [ 27.286249] Allocated by task 288: [ 27.287019] kasan_save_stack+0x3d/0x60 [ 27.287354] kasan_save_track+0x18/0x40 [ 27.287695] kasan_save_alloc_info+0x3b/0x50 [ 27.288064] __kasan_kmalloc+0xb7/0xc0 [ 27.288503] __kmalloc_cache_noprof+0x184/0x410 [ 27.288919] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 27.289414] kunit_try_run_case+0x1b3/0x490 [ 27.290076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.290506] kthread+0x257/0x310 [ 27.291141] ret_from_fork+0x41/0x80 [ 27.291465] ret_from_fork_asm+0x1a/0x30 [ 27.292421] [ 27.292623] The buggy address belongs to the object at ffff8881028c8d00 [ 27.292623] which belongs to the cache kmalloc-128 of size 128 [ 27.293999] The buggy address is located 0 bytes to the right of [ 27.293999] allocated 120-byte region [ffff8881028c8d00, ffff8881028c8d78) [ 27.295065] [ 27.295237] The buggy address belongs to the physical page: [ 27.295828] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c8 [ 27.296459] flags: 0x200000000000000(node=0|zone=2) [ 27.297096] page_type: f5(slab) [ 27.297418] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.298419] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.299576] page dumped because: kasan: bad access detected [ 27.300167] [ 27.300517] Memory state around the buggy address: [ 27.301018] ffff8881028c8c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.301644] ffff8881028c8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.302085] >ffff8881028c8d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.302836] ^ [ 27.303288] ffff8881028c8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.304014] ffff8881028c8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.304700] ================================================================== [ 27.308385] ================================================================== [ 27.309333] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 27.309803] Write of size 8 at addr ffff8881028c8d78 by task kunit_try_catch/288 [ 27.310466] [ 27.311743] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.312440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.313103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.314059] Call Trace: [ 27.314627] <TASK> [ 27.315220] dump_stack_lvl+0x73/0xb0 [ 27.315955] print_report+0xd1/0x640 [ 27.316329] ? __virt_addr_valid+0x1db/0x2d0 [ 27.316770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.317265] kasan_report+0x102/0x140 [ 27.318520] ? copy_to_kernel_nofault+0x99/0x260 [ 27.318850] ? copy_to_kernel_nofault+0x99/0x260 [ 27.319627] kasan_check_range+0x10c/0x1c0 [ 27.320038] __kasan_check_write+0x18/0x20 [ 27.320426] copy_to_kernel_nofault+0x99/0x260 [ 27.320917] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 27.321374] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 27.322356] ? finish_task_switch.isra.0+0x153/0x700 [ 27.322725] ? __schedule+0xc3e/0x2790 [ 27.323752] ? trace_hardirqs_on+0x37/0xe0 [ 27.324242] ? __pfx_read_tsc+0x10/0x10 [ 27.324960] ? ktime_get_ts64+0x84/0x230 [ 27.325566] kunit_try_run_case+0x1b3/0x490 [ 27.326284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.326718] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.327210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.328312] ? __kthread_parkme+0x82/0x160 [ 27.328885] ? preempt_count_sub+0x50/0x80 [ 27.329475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.330105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.330610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.331539] kthread+0x257/0x310 [ 27.332240] ? __pfx_kthread+0x10/0x10 [ 27.332845] ret_from_fork+0x41/0x80 [ 27.333458] ? __pfx_kthread+0x10/0x10 [ 27.334178] ret_from_fork_asm+0x1a/0x30 [ 27.334629] </TASK> [ 27.334861] [ 27.335092] Allocated by task 288: [ 27.335390] kasan_save_stack+0x3d/0x60 [ 27.336392] kasan_save_track+0x18/0x40 [ 27.336809] kasan_save_alloc_info+0x3b/0x50 [ 27.337515] __kasan_kmalloc+0xb7/0xc0 [ 27.337793] __kmalloc_cache_noprof+0x184/0x410 [ 27.338292] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 27.338797] kunit_try_run_case+0x1b3/0x490 [ 27.339992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.340385] kthread+0x257/0x310 [ 27.341039] ret_from_fork+0x41/0x80 [ 27.341625] ret_from_fork_asm+0x1a/0x30 [ 27.342060] [ 27.342783] The buggy address belongs to the object at ffff8881028c8d00 [ 27.342783] which belongs to the cache kmalloc-128 of size 128 [ 27.343861] The buggy address is located 0 bytes to the right of [ 27.343861] allocated 120-byte region [ffff8881028c8d00, ffff8881028c8d78) [ 27.345197] [ 27.345443] The buggy address belongs to the physical page: [ 27.347026] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c8 [ 27.347686] flags: 0x200000000000000(node=0|zone=2) [ 27.348256] page_type: f5(slab) [ 27.348755] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.349433] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.349915] page dumped because: kasan: bad access detected [ 27.350474] [ 27.350769] Memory state around the buggy address: [ 27.351153] ffff8881028c8c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.351818] ffff8881028c8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.352374] >ffff8881028c8d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.353074] ^ [ 27.353518] ffff8881028c8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.354255] ffff8881028c8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.354895] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 26.473282] ================================================================== [ 26.473951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 26.474410] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.475207] [ 26.475631] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.476691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.477154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.478136] Call Trace: [ 26.478543] <TASK> [ 26.478949] dump_stack_lvl+0x73/0xb0 [ 26.479461] print_report+0xd1/0x640 [ 26.480023] ? __virt_addr_valid+0x1db/0x2d0 [ 26.480642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.481290] kasan_report+0x102/0x140 [ 26.481722] ? kasan_atomics_helper+0x1a80/0x5450 [ 26.482251] ? kasan_atomics_helper+0x1a80/0x5450 [ 26.482787] kasan_check_range+0x10c/0x1c0 [ 26.483310] __kasan_check_write+0x18/0x20 [ 26.483823] kasan_atomics_helper+0x1a80/0x5450 [ 26.484320] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.484920] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.485508] ? trace_hardirqs_on+0x37/0xe0 [ 26.486124] ? kasan_atomics+0x153/0x310 [ 26.486715] kasan_atomics+0x1dd/0x310 [ 26.487185] ? __pfx_kasan_atomics+0x10/0x10 [ 26.487751] ? __pfx_kasan_atomics+0x10/0x10 [ 26.488138] kunit_try_run_case+0x1b3/0x490 [ 26.488510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.488965] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.489454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.490973] ? __kthread_parkme+0x82/0x160 [ 26.491352] ? preempt_count_sub+0x50/0x80 [ 26.491806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.492272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.492777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.493211] kthread+0x257/0x310 [ 26.494187] ? __pfx_kthread+0x10/0x10 [ 26.494441] ret_from_fork+0x41/0x80 [ 26.494904] ? __pfx_kthread+0x10/0x10 [ 26.495845] ret_from_fork_asm+0x1a/0x30 [ 26.496232] </TASK> [ 26.496541] [ 26.497288] Allocated by task 272: [ 26.497560] kasan_save_stack+0x3d/0x60 [ 26.498093] kasan_save_track+0x18/0x40 [ 26.498443] kasan_save_alloc_info+0x3b/0x50 [ 26.499116] __kasan_kmalloc+0xb7/0xc0 [ 26.499592] __kmalloc_cache_noprof+0x184/0x410 [ 26.500039] kasan_atomics+0x96/0x310 [ 26.500610] kunit_try_run_case+0x1b3/0x490 [ 26.501275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.502148] kthread+0x257/0x310 [ 26.502613] ret_from_fork+0x41/0x80 [ 26.502998] ret_from_fork_asm+0x1a/0x30 [ 26.503422] [ 26.504245] The buggy address belongs to the object at ffff8881028c7700 [ 26.504245] which belongs to the cache kmalloc-64 of size 64 [ 26.505295] The buggy address is located 0 bytes to the right of [ 26.505295] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.506277] [ 26.506544] The buggy address belongs to the physical page: [ 26.507054] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.507899] flags: 0x200000000000000(node=0|zone=2) [ 26.508775] page_type: f5(slab) [ 26.509187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.510254] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.510837] page dumped because: kasan: bad access detected [ 26.511503] [ 26.511726] Memory state around the buggy address: [ 26.512194] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.513143] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.513999] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.514635] ^ [ 26.514986] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.515739] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.516223] ================================================================== [ 24.820014] ================================================================== [ 24.820690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 24.822160] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.824243] [ 24.825051] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.825723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.826395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.827427] Call Trace: [ 24.827854] <TASK> [ 24.828120] dump_stack_lvl+0x73/0xb0 [ 24.828562] print_report+0xd1/0x640 [ 24.829081] ? __virt_addr_valid+0x1db/0x2d0 [ 24.830178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.830666] kasan_report+0x102/0x140 [ 24.831340] ? kasan_atomics_helper+0x5ff/0x5450 [ 24.832016] ? kasan_atomics_helper+0x5ff/0x5450 [ 24.832554] kasan_check_range+0x10c/0x1c0 [ 24.833112] __kasan_check_write+0x18/0x20 [ 24.833545] kasan_atomics_helper+0x5ff/0x5450 [ 24.833859] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.834465] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.834944] ? trace_hardirqs_on+0x37/0xe0 [ 24.835328] ? kasan_atomics+0x153/0x310 [ 24.835959] kasan_atomics+0x1dd/0x310 [ 24.836480] ? __pfx_kasan_atomics+0x10/0x10 [ 24.836896] ? __pfx_kasan_atomics+0x10/0x10 [ 24.837223] kunit_try_run_case+0x1b3/0x490 [ 24.837762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.838559] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.839182] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.839551] ? __kthread_parkme+0x82/0x160 [ 24.840087] ? preempt_count_sub+0x50/0x80 [ 24.840576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.840903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.841261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.842014] kthread+0x257/0x310 [ 24.842502] ? __pfx_kthread+0x10/0x10 [ 24.843045] ret_from_fork+0x41/0x80 [ 24.843470] ? __pfx_kthread+0x10/0x10 [ 24.844995] ret_from_fork_asm+0x1a/0x30 [ 24.845342] </TASK> [ 24.845852] [ 24.846034] Allocated by task 272: [ 24.846415] kasan_save_stack+0x3d/0x60 [ 24.847308] kasan_save_track+0x18/0x40 [ 24.847882] kasan_save_alloc_info+0x3b/0x50 [ 24.848692] __kasan_kmalloc+0xb7/0xc0 [ 24.849242] __kmalloc_cache_noprof+0x184/0x410 [ 24.849745] kasan_atomics+0x96/0x310 [ 24.850150] kunit_try_run_case+0x1b3/0x490 [ 24.850518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.851755] kthread+0x257/0x310 [ 24.852083] ret_from_fork+0x41/0x80 [ 24.852735] ret_from_fork_asm+0x1a/0x30 [ 24.853146] [ 24.853317] The buggy address belongs to the object at ffff8881028c7700 [ 24.853317] which belongs to the cache kmalloc-64 of size 64 [ 24.854603] The buggy address is located 0 bytes to the right of [ 24.854603] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.855833] [ 24.856414] The buggy address belongs to the physical page: [ 24.857090] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.857972] flags: 0x200000000000000(node=0|zone=2) [ 24.858640] page_type: f5(slab) [ 24.858967] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.859472] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.860073] page dumped because: kasan: bad access detected [ 24.860603] [ 24.860780] Memory state around the buggy address: [ 24.861365] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.861887] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.862472] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.863076] ^ [ 24.863555] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.863988] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.864653] ================================================================== [ 25.284243] ================================================================== [ 25.284843] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 25.285334] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.286028] [ 25.286303] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.287241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.287783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.288782] Call Trace: [ 25.289065] <TASK> [ 25.289341] dump_stack_lvl+0x73/0xb0 [ 25.289700] print_report+0xd1/0x640 [ 25.289990] ? __virt_addr_valid+0x1db/0x2d0 [ 25.290450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.291172] kasan_report+0x102/0x140 [ 25.291638] ? kasan_atomics_helper+0x4a86/0x5450 [ 25.291984] ? kasan_atomics_helper+0x4a86/0x5450 [ 25.292313] __asan_report_load4_noabort+0x18/0x20 [ 25.292865] kasan_atomics_helper+0x4a86/0x5450 [ 25.293378] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.294097] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.294831] ? trace_hardirqs_on+0x37/0xe0 [ 25.295135] ? kasan_atomics+0x153/0x310 [ 25.295476] kasan_atomics+0x1dd/0x310 [ 25.296018] ? __pfx_kasan_atomics+0x10/0x10 [ 25.296543] ? __pfx_kasan_atomics+0x10/0x10 [ 25.297103] kunit_try_run_case+0x1b3/0x490 [ 25.297681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.298240] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.298841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.299389] ? __kthread_parkme+0x82/0x160 [ 25.299937] ? preempt_count_sub+0x50/0x80 [ 25.300432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.301031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.301730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.302345] kthread+0x257/0x310 [ 25.302832] ? __pfx_kthread+0x10/0x10 [ 25.303307] ret_from_fork+0x41/0x80 [ 25.303827] ? __pfx_kthread+0x10/0x10 [ 25.304295] ret_from_fork_asm+0x1a/0x30 [ 25.304863] </TASK> [ 25.305178] [ 25.305470] Allocated by task 272: [ 25.305940] kasan_save_stack+0x3d/0x60 [ 25.306422] kasan_save_track+0x18/0x40 [ 25.306945] kasan_save_alloc_info+0x3b/0x50 [ 25.307447] __kasan_kmalloc+0xb7/0xc0 [ 25.307946] __kmalloc_cache_noprof+0x184/0x410 [ 25.308452] kasan_atomics+0x96/0x310 [ 25.308931] kunit_try_run_case+0x1b3/0x490 [ 25.309213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.309812] kthread+0x257/0x310 [ 25.310203] ret_from_fork+0x41/0x80 [ 25.310544] ret_from_fork_asm+0x1a/0x30 [ 25.310956] [ 25.311174] The buggy address belongs to the object at ffff8881028c7700 [ 25.311174] which belongs to the cache kmalloc-64 of size 64 [ 25.311967] The buggy address is located 0 bytes to the right of [ 25.311967] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.312665] [ 25.312902] The buggy address belongs to the physical page: [ 25.313369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.313966] flags: 0x200000000000000(node=0|zone=2) [ 25.314373] page_type: f5(slab) [ 25.314773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.315379] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.316017] page dumped because: kasan: bad access detected [ 25.316329] [ 25.316517] Memory state around the buggy address: [ 25.317030] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.317738] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.318364] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.318884] ^ [ 25.319179] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.319860] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.320502] ================================================================== [ 26.349731] ================================================================== [ 26.350774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 26.351309] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.351779] [ 26.352040] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.352963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.353381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.354113] Call Trace: [ 26.354342] <TASK> [ 26.354615] dump_stack_lvl+0x73/0xb0 [ 26.355053] print_report+0xd1/0x640 [ 26.355546] ? __virt_addr_valid+0x1db/0x2d0 [ 26.356005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.356359] kasan_report+0x102/0x140 [ 26.356858] ? kasan_atomics_helper+0x18b2/0x5450 [ 26.357355] ? kasan_atomics_helper+0x18b2/0x5450 [ 26.357936] kasan_check_range+0x10c/0x1c0 [ 26.358350] __kasan_check_write+0x18/0x20 [ 26.358774] kasan_atomics_helper+0x18b2/0x5450 [ 26.359213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.359556] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.359919] ? trace_hardirqs_on+0x37/0xe0 [ 26.360215] ? kasan_atomics+0x153/0x310 [ 26.360541] kasan_atomics+0x1dd/0x310 [ 26.361037] ? __pfx_kasan_atomics+0x10/0x10 [ 26.361534] ? __pfx_kasan_atomics+0x10/0x10 [ 26.362076] kunit_try_run_case+0x1b3/0x490 [ 26.362610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.363117] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.363654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.364167] ? __kthread_parkme+0x82/0x160 [ 26.364688] ? preempt_count_sub+0x50/0x80 [ 26.365142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.365730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.366220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.366670] kthread+0x257/0x310 [ 26.367063] ? __pfx_kthread+0x10/0x10 [ 26.367497] ret_from_fork+0x41/0x80 [ 26.367965] ? __pfx_kthread+0x10/0x10 [ 26.368312] ret_from_fork_asm+0x1a/0x30 [ 26.370564] </TASK> [ 26.370802] [ 26.370963] Allocated by task 272: [ 26.371199] kasan_save_stack+0x3d/0x60 [ 26.371530] kasan_save_track+0x18/0x40 [ 26.371982] kasan_save_alloc_info+0x3b/0x50 [ 26.372443] __kasan_kmalloc+0xb7/0xc0 [ 26.372884] __kmalloc_cache_noprof+0x184/0x410 [ 26.373346] kasan_atomics+0x96/0x310 [ 26.373857] kunit_try_run_case+0x1b3/0x490 [ 26.374322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.374918] kthread+0x257/0x310 [ 26.375319] ret_from_fork+0x41/0x80 [ 26.375662] ret_from_fork_asm+0x1a/0x30 [ 26.375949] [ 26.376114] The buggy address belongs to the object at ffff8881028c7700 [ 26.376114] which belongs to the cache kmalloc-64 of size 64 [ 26.377177] The buggy address is located 0 bytes to the right of [ 26.377177] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.378296] [ 26.378553] The buggy address belongs to the physical page: [ 26.379038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.379704] flags: 0x200000000000000(node=0|zone=2) [ 26.380186] page_type: f5(slab) [ 26.380436] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.380909] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.381631] page dumped because: kasan: bad access detected [ 26.382158] [ 26.382385] Memory state around the buggy address: [ 26.382910] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.383543] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.384077] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.384511] ^ [ 26.385015] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.385645] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.386308] ================================================================== [ 25.563709] ================================================================== [ 25.564658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 25.565131] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.566468] [ 25.566689] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.567593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.568003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.568616] Call Trace: [ 25.568931] <TASK> [ 25.569250] dump_stack_lvl+0x73/0xb0 [ 25.569739] print_report+0xd1/0x640 [ 25.570110] ? __virt_addr_valid+0x1db/0x2d0 [ 25.570669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.571159] kasan_report+0x102/0x140 [ 25.571619] ? kasan_atomics_helper+0x107a/0x5450 [ 25.572025] ? kasan_atomics_helper+0x107a/0x5450 [ 25.572365] kasan_check_range+0x10c/0x1c0 [ 25.572707] __kasan_check_write+0x18/0x20 [ 25.573203] kasan_atomics_helper+0x107a/0x5450 [ 25.573728] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.574398] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.575035] ? trace_hardirqs_on+0x37/0xe0 [ 25.575539] ? kasan_atomics+0x153/0x310 [ 25.576241] kasan_atomics+0x1dd/0x310 [ 25.576584] ? __pfx_kasan_atomics+0x10/0x10 [ 25.577775] ? __pfx_kasan_atomics+0x10/0x10 [ 25.578318] kunit_try_run_case+0x1b3/0x490 [ 25.578850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.579359] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.579802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.580331] ? __kthread_parkme+0x82/0x160 [ 25.580675] ? preempt_count_sub+0x50/0x80 [ 25.581127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.581563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.584061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.584419] kthread+0x257/0x310 [ 25.586183] ? __pfx_kthread+0x10/0x10 [ 25.586657] ret_from_fork+0x41/0x80 [ 25.587094] ? __pfx_kthread+0x10/0x10 [ 25.587549] ret_from_fork_asm+0x1a/0x30 [ 25.587956] </TASK> [ 25.588266] [ 25.588551] Allocated by task 272: [ 25.588887] kasan_save_stack+0x3d/0x60 [ 25.589172] kasan_save_track+0x18/0x40 [ 25.589649] kasan_save_alloc_info+0x3b/0x50 [ 25.590128] __kasan_kmalloc+0xb7/0xc0 [ 25.590594] __kmalloc_cache_noprof+0x184/0x410 [ 25.591067] kasan_atomics+0x96/0x310 [ 25.591520] kunit_try_run_case+0x1b3/0x490 [ 25.591974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.592322] kthread+0x257/0x310 [ 25.592673] ret_from_fork+0x41/0x80 [ 25.593179] ret_from_fork_asm+0x1a/0x30 [ 25.593651] [ 25.594686] The buggy address belongs to the object at ffff8881028c7700 [ 25.594686] which belongs to the cache kmalloc-64 of size 64 [ 25.595376] The buggy address is located 0 bytes to the right of [ 25.595376] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.596246] [ 25.596539] The buggy address belongs to the physical page: [ 25.597175] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.598106] flags: 0x200000000000000(node=0|zone=2) [ 25.598652] page_type: f5(slab) [ 25.599063] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.599554] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.600249] page dumped because: kasan: bad access detected [ 25.600714] [ 25.600960] Memory state around the buggy address: [ 25.601433] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.602171] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.602681] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.603436] ^ [ 25.603824] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.604576] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.605051] ================================================================== [ 27.100197] ================================================================== [ 27.101187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 27.101676] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 27.102184] [ 27.102434] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.103351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.103829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.104393] Call Trace: [ 27.104779] <TASK> [ 27.105008] dump_stack_lvl+0x73/0xb0 [ 27.105377] print_report+0xd1/0x640 [ 27.105879] ? __virt_addr_valid+0x1db/0x2d0 [ 27.106295] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.106831] kasan_report+0x102/0x140 [ 27.107134] ? kasan_atomics_helper+0x4fa7/0x5450 [ 27.107661] ? kasan_atomics_helper+0x4fa7/0x5450 [ 27.108178] __asan_report_load8_noabort+0x18/0x20 [ 27.108531] kasan_atomics_helper+0x4fa7/0x5450 [ 27.109037] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.109562] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.110098] ? trace_hardirqs_on+0x37/0xe0 [ 27.110417] ? kasan_atomics+0x153/0x310 [ 27.110801] kasan_atomics+0x1dd/0x310 [ 27.111230] ? __pfx_kasan_atomics+0x10/0x10 [ 27.111747] ? __pfx_kasan_atomics+0x10/0x10 [ 27.112221] kunit_try_run_case+0x1b3/0x490 [ 27.112741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.113213] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.113765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.114132] ? __kthread_parkme+0x82/0x160 [ 27.114637] ? preempt_count_sub+0x50/0x80 [ 27.114975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.115650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.116148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.117104] kthread+0x257/0x310 [ 27.117386] ? __pfx_kthread+0x10/0x10 [ 27.117753] ret_from_fork+0x41/0x80 [ 27.118037] ? __pfx_kthread+0x10/0x10 [ 27.118342] ret_from_fork_asm+0x1a/0x30 [ 27.119867] </TASK> [ 27.120161] [ 27.120380] Allocated by task 272: [ 27.120779] kasan_save_stack+0x3d/0x60 [ 27.121200] kasan_save_track+0x18/0x40 [ 27.122215] kasan_save_alloc_info+0x3b/0x50 [ 27.122875] __kasan_kmalloc+0xb7/0xc0 [ 27.123338] __kmalloc_cache_noprof+0x184/0x410 [ 27.123904] kasan_atomics+0x96/0x310 [ 27.125002] kunit_try_run_case+0x1b3/0x490 [ 27.125514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.126699] kthread+0x257/0x310 [ 27.127080] ret_from_fork+0x41/0x80 [ 27.127468] ret_from_fork_asm+0x1a/0x30 [ 27.128285] [ 27.128545] The buggy address belongs to the object at ffff8881028c7700 [ 27.128545] which belongs to the cache kmalloc-64 of size 64 [ 27.129856] The buggy address is located 0 bytes to the right of [ 27.129856] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 27.130661] [ 27.130894] The buggy address belongs to the physical page: [ 27.131291] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 27.131978] flags: 0x200000000000000(node=0|zone=2) [ 27.132416] page_type: f5(slab) [ 27.132725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.133395] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.134033] page dumped because: kasan: bad access detected [ 27.134535] [ 27.134800] Memory state around the buggy address: [ 27.135218] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.135825] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.136232] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.136756] ^ [ 27.137221] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.137923] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.138450] ================================================================== [ 25.247636] ================================================================== [ 25.248455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 25.249162] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.249820] [ 25.250067] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.251976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.252236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.252683] Call Trace: [ 25.252873] <TASK> [ 25.253054] dump_stack_lvl+0x73/0xb0 [ 25.253554] print_report+0xd1/0x640 [ 25.253997] ? __virt_addr_valid+0x1db/0x2d0 [ 25.254402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.254822] kasan_report+0x102/0x140 [ 25.255112] ? kasan_atomics_helper+0xc71/0x5450 [ 25.255506] ? kasan_atomics_helper+0xc71/0x5450 [ 25.256077] kasan_check_range+0x10c/0x1c0 [ 25.256539] __kasan_check_write+0x18/0x20 [ 25.257026] kasan_atomics_helper+0xc71/0x5450 [ 25.257539] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.258113] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.258666] ? trace_hardirqs_on+0x37/0xe0 [ 25.259123] ? kasan_atomics+0x153/0x310 [ 25.259634] kasan_atomics+0x1dd/0x310 [ 25.259967] ? __pfx_kasan_atomics+0x10/0x10 [ 25.260281] ? __pfx_kasan_atomics+0x10/0x10 [ 25.260821] kunit_try_run_case+0x1b3/0x490 [ 25.261293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.261852] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.262309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.262759] ? __kthread_parkme+0x82/0x160 [ 25.263204] ? preempt_count_sub+0x50/0x80 [ 25.263724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.264132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.264652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.265122] kthread+0x257/0x310 [ 25.265620] ? __pfx_kthread+0x10/0x10 [ 25.266073] ret_from_fork+0x41/0x80 [ 25.266505] ? __pfx_kthread+0x10/0x10 [ 25.266836] ret_from_fork_asm+0x1a/0x30 [ 25.267154] </TASK> [ 25.267352] [ 25.267535] Allocated by task 272: [ 25.267957] kasan_save_stack+0x3d/0x60 [ 25.268381] kasan_save_track+0x18/0x40 [ 25.268862] kasan_save_alloc_info+0x3b/0x50 [ 25.269328] __kasan_kmalloc+0xb7/0xc0 [ 25.269801] __kmalloc_cache_noprof+0x184/0x410 [ 25.270283] kasan_atomics+0x96/0x310 [ 25.270753] kunit_try_run_case+0x1b3/0x490 [ 25.271191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.271702] kthread+0x257/0x310 [ 25.272085] ret_from_fork+0x41/0x80 [ 25.272383] ret_from_fork_asm+0x1a/0x30 [ 25.272875] [ 25.273068] The buggy address belongs to the object at ffff8881028c7700 [ 25.273068] which belongs to the cache kmalloc-64 of size 64 [ 25.273842] The buggy address is located 0 bytes to the right of [ 25.273842] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.274444] [ 25.274757] The buggy address belongs to the physical page: [ 25.275316] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.276063] flags: 0x200000000000000(node=0|zone=2) [ 25.276611] page_type: f5(slab) [ 25.276984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.277731] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.278299] page dumped because: kasan: bad access detected [ 25.278856] [ 25.279032] Memory state around the buggy address: [ 25.279467] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.280016] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.280806] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.281221] ^ [ 25.281760] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.282272] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.282895] ================================================================== [ 26.006993] ================================================================== [ 26.007794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 26.008206] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.008865] [ 26.009061] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.010714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.011232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.012064] Call Trace: [ 26.012334] <TASK> [ 26.012623] dump_stack_lvl+0x73/0xb0 [ 26.012996] print_report+0xd1/0x640 [ 26.013359] ? __virt_addr_valid+0x1db/0x2d0 [ 26.014409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.015161] kasan_report+0x102/0x140 [ 26.015792] ? kasan_atomics_helper+0x1468/0x5450 [ 26.016409] ? kasan_atomics_helper+0x1468/0x5450 [ 26.017111] kasan_check_range+0x10c/0x1c0 [ 26.017727] __kasan_check_write+0x18/0x20 [ 26.018330] kasan_atomics_helper+0x1468/0x5450 [ 26.018872] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.019283] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.019738] ? trace_hardirqs_on+0x37/0xe0 [ 26.020149] ? kasan_atomics+0x153/0x310 [ 26.021192] kasan_atomics+0x1dd/0x310 [ 26.021570] ? __pfx_kasan_atomics+0x10/0x10 [ 26.022201] ? __pfx_kasan_atomics+0x10/0x10 [ 26.022891] kunit_try_run_case+0x1b3/0x490 [ 26.023506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.024202] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.024807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.025512] ? __kthread_parkme+0x82/0x160 [ 26.025856] ? preempt_count_sub+0x50/0x80 [ 26.026281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.027148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.027844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.028523] kthread+0x257/0x310 [ 26.029129] ? __pfx_kthread+0x10/0x10 [ 26.029517] ret_from_fork+0x41/0x80 [ 26.030194] ? __pfx_kthread+0x10/0x10 [ 26.030912] ret_from_fork_asm+0x1a/0x30 [ 26.031354] </TASK> [ 26.031593] [ 26.031810] Allocated by task 272: [ 26.032109] kasan_save_stack+0x3d/0x60 [ 26.033195] kasan_save_track+0x18/0x40 [ 26.033579] kasan_save_alloc_info+0x3b/0x50 [ 26.034318] __kasan_kmalloc+0xb7/0xc0 [ 26.034646] __kmalloc_cache_noprof+0x184/0x410 [ 26.035120] kasan_atomics+0x96/0x310 [ 26.036048] kunit_try_run_case+0x1b3/0x490 [ 26.036443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.037111] kthread+0x257/0x310 [ 26.037663] ret_from_fork+0x41/0x80 [ 26.037941] ret_from_fork_asm+0x1a/0x30 [ 26.038475] [ 26.038719] The buggy address belongs to the object at ffff8881028c7700 [ 26.038719] which belongs to the cache kmalloc-64 of size 64 [ 26.039723] The buggy address is located 0 bytes to the right of [ 26.039723] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.041304] [ 26.041452] The buggy address belongs to the physical page: [ 26.042146] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.043608] flags: 0x200000000000000(node=0|zone=2) [ 26.044176] page_type: f5(slab) [ 26.044544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.045455] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.046006] page dumped because: kasan: bad access detected [ 26.046250] [ 26.046341] Memory state around the buggy address: [ 26.046539] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.046913] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.047625] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.048426] ^ [ 26.049192] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.050010] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.050600] ================================================================== [ 25.441720] ================================================================== [ 25.442446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 25.444208] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.445414] [ 25.445740] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.446653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.447075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.447854] Call Trace: [ 25.448083] <TASK> [ 25.448373] dump_stack_lvl+0x73/0xb0 [ 25.448740] print_report+0xd1/0x640 [ 25.449148] ? __virt_addr_valid+0x1db/0x2d0 [ 25.449646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.450115] kasan_report+0x102/0x140 [ 25.450559] ? kasan_atomics_helper+0xf11/0x5450 [ 25.451069] ? kasan_atomics_helper+0xf11/0x5450 [ 25.451422] kasan_check_range+0x10c/0x1c0 [ 25.451948] __kasan_check_write+0x18/0x20 [ 25.452311] kasan_atomics_helper+0xf11/0x5450 [ 25.452820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.453308] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.453718] ? trace_hardirqs_on+0x37/0xe0 [ 25.454157] ? kasan_atomics+0x153/0x310 [ 25.454672] kasan_atomics+0x1dd/0x310 [ 25.455039] ? __pfx_kasan_atomics+0x10/0x10 [ 25.455391] ? __pfx_kasan_atomics+0x10/0x10 [ 25.455782] kunit_try_run_case+0x1b3/0x490 [ 25.456100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.456421] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.456980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.457522] ? __kthread_parkme+0x82/0x160 [ 25.458019] ? preempt_count_sub+0x50/0x80 [ 25.458512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.459052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.459711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.460253] kthread+0x257/0x310 [ 25.460700] ? __pfx_kthread+0x10/0x10 [ 25.461136] ret_from_fork+0x41/0x80 [ 25.461569] ? __pfx_kthread+0x10/0x10 [ 25.462050] ret_from_fork_asm+0x1a/0x30 [ 25.462523] </TASK> [ 25.462850] [ 25.463077] Allocated by task 272: [ 25.463327] kasan_save_stack+0x3d/0x60 [ 25.463688] kasan_save_track+0x18/0x40 [ 25.464092] kasan_save_alloc_info+0x3b/0x50 [ 25.464609] __kasan_kmalloc+0xb7/0xc0 [ 25.465023] __kmalloc_cache_noprof+0x184/0x410 [ 25.465547] kasan_atomics+0x96/0x310 [ 25.466001] kunit_try_run_case+0x1b3/0x490 [ 25.466461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.466939] kthread+0x257/0x310 [ 25.467308] ret_from_fork+0x41/0x80 [ 25.467646] ret_from_fork_asm+0x1a/0x30 [ 25.467940] [ 25.468104] The buggy address belongs to the object at ffff8881028c7700 [ 25.468104] which belongs to the cache kmalloc-64 of size 64 [ 25.468855] The buggy address is located 0 bytes to the right of [ 25.468855] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.469967] [ 25.470215] The buggy address belongs to the physical page: [ 25.470797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.471471] flags: 0x200000000000000(node=0|zone=2) [ 25.472013] page_type: f5(slab) [ 25.472325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.472974] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.473417] page dumped because: kasan: bad access detected [ 25.473960] [ 25.474138] Memory state around the buggy address: [ 25.474418] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.475117] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.475842] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.476387] ^ [ 25.476759] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.477136] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.477658] ================================================================== [ 24.948340] ================================================================== [ 24.949104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 24.949788] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.950194] [ 24.950444] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.951350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.951887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.952271] Call Trace: [ 24.952780] <TASK> [ 24.953039] dump_stack_lvl+0x73/0xb0 [ 24.953414] print_report+0xd1/0x640 [ 24.953784] ? __virt_addr_valid+0x1db/0x2d0 [ 24.954169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.954778] kasan_report+0x102/0x140 [ 24.955205] ? kasan_atomics_helper+0x7c8/0x5450 [ 24.955759] ? kasan_atomics_helper+0x7c8/0x5450 [ 24.956267] kasan_check_range+0x10c/0x1c0 [ 24.956772] __kasan_check_write+0x18/0x20 [ 24.957108] kasan_atomics_helper+0x7c8/0x5450 [ 24.957568] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.957952] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.958296] ? trace_hardirqs_on+0x37/0xe0 [ 24.958730] ? kasan_atomics+0x153/0x310 [ 24.959179] kasan_atomics+0x1dd/0x310 [ 24.959691] ? __pfx_kasan_atomics+0x10/0x10 [ 24.960171] ? __pfx_kasan_atomics+0x10/0x10 [ 24.960721] kunit_try_run_case+0x1b3/0x490 [ 24.961193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.961537] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.961992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.962543] ? __kthread_parkme+0x82/0x160 [ 24.963035] ? preempt_count_sub+0x50/0x80 [ 24.963520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.964053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.964419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.965037] kthread+0x257/0x310 [ 24.965473] ? __pfx_kthread+0x10/0x10 [ 24.965966] ret_from_fork+0x41/0x80 [ 24.966382] ? __pfx_kthread+0x10/0x10 [ 24.966819] ret_from_fork_asm+0x1a/0x30 [ 24.967149] </TASK> [ 24.967342] [ 24.967569] Allocated by task 272: [ 24.967970] kasan_save_stack+0x3d/0x60 [ 24.968398] kasan_save_track+0x18/0x40 [ 24.968888] kasan_save_alloc_info+0x3b/0x50 [ 24.969268] __kasan_kmalloc+0xb7/0xc0 [ 24.969567] __kmalloc_cache_noprof+0x184/0x410 [ 24.970100] kasan_atomics+0x96/0x310 [ 24.970526] kunit_try_run_case+0x1b3/0x490 [ 24.971026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.971472] kthread+0x257/0x310 [ 24.971800] ret_from_fork+0x41/0x80 [ 24.972077] ret_from_fork_asm+0x1a/0x30 [ 24.972359] [ 24.972932] The buggy address belongs to the object at ffff8881028c7700 [ 24.972932] which belongs to the cache kmalloc-64 of size 64 [ 24.974643] The buggy address is located 0 bytes to the right of [ 24.974643] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.976899] [ 24.977785] The buggy address belongs to the physical page: [ 24.978937] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.980384] flags: 0x200000000000000(node=0|zone=2) [ 24.981319] page_type: f5(slab) [ 24.982104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.982533] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.983986] page dumped because: kasan: bad access detected [ 24.984476] [ 24.984641] Memory state around the buggy address: [ 24.985040] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.985752] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.986348] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.986914] ^ [ 24.987421] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.987924] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.988597] ================================================================== [ 25.205905] ================================================================== [ 25.206677] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 25.207175] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.207930] [ 25.208129] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.209214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.209561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.210251] Call Trace: [ 25.210531] <TASK> [ 25.210872] dump_stack_lvl+0x73/0xb0 [ 25.211288] print_report+0xd1/0x640 [ 25.211667] ? __virt_addr_valid+0x1db/0x2d0 [ 25.211991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.212557] kasan_report+0x102/0x140 [ 25.213132] ? kasan_atomics_helper+0xb6b/0x5450 [ 25.216027] ? kasan_atomics_helper+0xb6b/0x5450 [ 25.216529] kasan_check_range+0x10c/0x1c0 [ 25.216845] __kasan_check_write+0x18/0x20 [ 25.217135] kasan_atomics_helper+0xb6b/0x5450 [ 25.217439] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.218030] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.218560] ? trace_hardirqs_on+0x37/0xe0 [ 25.220202] ? kasan_atomics+0x153/0x310 [ 25.221071] kasan_atomics+0x1dd/0x310 [ 25.221541] ? __pfx_kasan_atomics+0x10/0x10 [ 25.222798] ? __pfx_kasan_atomics+0x10/0x10 [ 25.223658] kunit_try_run_case+0x1b3/0x490 [ 25.224226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.224793] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.225337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.225871] ? __kthread_parkme+0x82/0x160 [ 25.226187] ? preempt_count_sub+0x50/0x80 [ 25.226707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.227202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.227819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.228168] kthread+0x257/0x310 [ 25.228902] ? __pfx_kthread+0x10/0x10 [ 25.229343] ret_from_fork+0x41/0x80 [ 25.229828] ? __pfx_kthread+0x10/0x10 [ 25.230270] ret_from_fork_asm+0x1a/0x30 [ 25.230657] </TASK> [ 25.230960] [ 25.231184] Allocated by task 272: [ 25.231460] kasan_save_stack+0x3d/0x60 [ 25.231817] kasan_save_track+0x18/0x40 [ 25.232246] kasan_save_alloc_info+0x3b/0x50 [ 25.232758] __kasan_kmalloc+0xb7/0xc0 [ 25.233182] __kmalloc_cache_noprof+0x184/0x410 [ 25.233699] kasan_atomics+0x96/0x310 [ 25.234037] kunit_try_run_case+0x1b3/0x490 [ 25.234518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.235042] kthread+0x257/0x310 [ 25.235466] ret_from_fork+0x41/0x80 [ 25.235845] ret_from_fork_asm+0x1a/0x30 [ 25.236281] [ 25.236473] The buggy address belongs to the object at ffff8881028c7700 [ 25.236473] which belongs to the cache kmalloc-64 of size 64 [ 25.237095] The buggy address is located 0 bytes to the right of [ 25.237095] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.238123] [ 25.238360] The buggy address belongs to the physical page: [ 25.238938] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.239704] flags: 0x200000000000000(node=0|zone=2) [ 25.240115] page_type: f5(slab) [ 25.240433] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.241063] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.241447] page dumped because: kasan: bad access detected [ 25.242003] [ 25.242243] Memory state around the buggy address: [ 25.242779] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.243362] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.243817] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.244191] ^ [ 25.244643] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.245324] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.246028] ================================================================== [ 24.991391] ================================================================== [ 24.992564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 24.993529] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.994034] [ 24.994302] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.995324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.996335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.996979] Call Trace: [ 24.997318] <TASK> [ 24.997644] dump_stack_lvl+0x73/0xb0 [ 24.998050] print_report+0xd1/0x640 [ 24.998505] ? __virt_addr_valid+0x1db/0x2d0 [ 24.998986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.999582] kasan_report+0x102/0x140 [ 24.999879] ? kasan_atomics_helper+0x861/0x5450 [ 25.000401] ? kasan_atomics_helper+0x861/0x5450 [ 25.001246] kasan_check_range+0x10c/0x1c0 [ 25.001779] __kasan_check_write+0x18/0x20 [ 25.002101] kasan_atomics_helper+0x861/0x5450 [ 25.003268] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.003621] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.004502] ? trace_hardirqs_on+0x37/0xe0 [ 25.005098] ? kasan_atomics+0x153/0x310 [ 25.005780] kasan_atomics+0x1dd/0x310 [ 25.006163] ? __pfx_kasan_atomics+0x10/0x10 [ 25.006563] ? __pfx_kasan_atomics+0x10/0x10 [ 25.006968] kunit_try_run_case+0x1b3/0x490 [ 25.007342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.007886] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.008274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.008938] ? __kthread_parkme+0x82/0x160 [ 25.009316] ? preempt_count_sub+0x50/0x80 [ 25.009892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.010411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.010860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.011628] kthread+0x257/0x310 [ 25.012116] ? __pfx_kthread+0x10/0x10 [ 25.012571] ret_from_fork+0x41/0x80 [ 25.013118] ? __pfx_kthread+0x10/0x10 [ 25.013633] ret_from_fork_asm+0x1a/0x30 [ 25.014209] </TASK> [ 25.014523] [ 25.014798] Allocated by task 272: [ 25.015068] kasan_save_stack+0x3d/0x60 [ 25.015637] kasan_save_track+0x18/0x40 [ 25.016144] kasan_save_alloc_info+0x3b/0x50 [ 25.016691] __kasan_kmalloc+0xb7/0xc0 [ 25.017142] __kmalloc_cache_noprof+0x184/0x410 [ 25.017606] kasan_atomics+0x96/0x310 [ 25.018123] kunit_try_run_case+0x1b3/0x490 [ 25.018669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.019176] kthread+0x257/0x310 [ 25.019548] ret_from_fork+0x41/0x80 [ 25.020090] ret_from_fork_asm+0x1a/0x30 [ 25.020562] [ 25.020889] The buggy address belongs to the object at ffff8881028c7700 [ 25.020889] which belongs to the cache kmalloc-64 of size 64 [ 25.021699] The buggy address is located 0 bytes to the right of [ 25.021699] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.022734] [ 25.022976] The buggy address belongs to the physical page: [ 25.023511] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.024235] flags: 0x200000000000000(node=0|zone=2) [ 25.024864] page_type: f5(slab) [ 25.025276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.025977] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.026811] page dumped because: kasan: bad access detected [ 25.027318] [ 25.027878] Memory state around the buggy address: [ 25.028983] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.029526] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.030114] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.030560] ^ [ 25.030901] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.031592] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.032403] ================================================================== [ 25.403356] ================================================================== [ 25.404160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 25.405508] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.406392] [ 25.406718] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.407468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.407954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.408649] Call Trace: [ 25.408953] <TASK> [ 25.409219] dump_stack_lvl+0x73/0xb0 [ 25.409665] print_report+0xd1/0x640 [ 25.410105] ? __virt_addr_valid+0x1db/0x2d0 [ 25.410638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.411188] kasan_report+0x102/0x140 [ 25.411674] ? kasan_atomics_helper+0xe79/0x5450 [ 25.412174] ? kasan_atomics_helper+0xe79/0x5450 [ 25.412768] kasan_check_range+0x10c/0x1c0 [ 25.413281] __kasan_check_write+0x18/0x20 [ 25.413810] kasan_atomics_helper+0xe79/0x5450 [ 25.414361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.414975] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.415522] ? trace_hardirqs_on+0x37/0xe0 [ 25.415872] ? kasan_atomics+0x153/0x310 [ 25.416175] kasan_atomics+0x1dd/0x310 [ 25.416510] ? __pfx_kasan_atomics+0x10/0x10 [ 25.416842] ? __pfx_kasan_atomics+0x10/0x10 [ 25.417164] kunit_try_run_case+0x1b3/0x490 [ 25.417560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.418101] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.418645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.419171] ? __kthread_parkme+0x82/0x160 [ 25.419668] ? preempt_count_sub+0x50/0x80 [ 25.420031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.420530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.420973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.421328] kthread+0x257/0x310 [ 25.421743] ? __pfx_kthread+0x10/0x10 [ 25.422164] ret_from_fork+0x41/0x80 [ 25.422643] ? __pfx_kthread+0x10/0x10 [ 25.423073] ret_from_fork_asm+0x1a/0x30 [ 25.423560] </TASK> [ 25.423817] [ 25.423979] Allocated by task 272: [ 25.424215] kasan_save_stack+0x3d/0x60 [ 25.424709] kasan_save_track+0x18/0x40 [ 25.425121] kasan_save_alloc_info+0x3b/0x50 [ 25.425658] __kasan_kmalloc+0xb7/0xc0 [ 25.426098] __kmalloc_cache_noprof+0x184/0x410 [ 25.426618] kasan_atomics+0x96/0x310 [ 25.427028] kunit_try_run_case+0x1b3/0x490 [ 25.427333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.427892] kthread+0x257/0x310 [ 25.428262] ret_from_fork+0x41/0x80 [ 25.428739] ret_from_fork_asm+0x1a/0x30 [ 25.429044] [ 25.429214] The buggy address belongs to the object at ffff8881028c7700 [ 25.429214] which belongs to the cache kmalloc-64 of size 64 [ 25.429848] The buggy address is located 0 bytes to the right of [ 25.429848] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.430450] [ 25.430756] The buggy address belongs to the physical page: [ 25.431274] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.432022] flags: 0x200000000000000(node=0|zone=2) [ 25.432515] page_type: f5(slab) [ 25.432928] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.433657] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.434241] page dumped because: kasan: bad access detected [ 25.434738] [ 25.434969] Memory state around the buggy address: [ 25.435348] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.437864] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.438264] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.438661] ^ [ 25.438957] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.439332] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.439984] ================================================================== [ 24.905564] ================================================================== [ 24.907235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 24.908282] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.909104] [ 24.909304] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.913133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.913639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.914537] Call Trace: [ 24.914948] <TASK> [ 24.915306] dump_stack_lvl+0x73/0xb0 [ 24.915850] print_report+0xd1/0x640 [ 24.916316] ? __virt_addr_valid+0x1db/0x2d0 [ 24.916897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.917371] kasan_report+0x102/0x140 [ 24.917821] ? kasan_atomics_helper+0x730/0x5450 [ 24.918402] ? kasan_atomics_helper+0x730/0x5450 [ 24.919065] kasan_check_range+0x10c/0x1c0 [ 24.919659] __kasan_check_write+0x18/0x20 [ 24.920198] kasan_atomics_helper+0x730/0x5450 [ 24.920807] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.921375] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.921983] ? trace_hardirqs_on+0x37/0xe0 [ 24.922343] ? kasan_atomics+0x153/0x310 [ 24.922694] kasan_atomics+0x1dd/0x310 [ 24.923041] ? __pfx_kasan_atomics+0x10/0x10 [ 24.923560] ? __pfx_kasan_atomics+0x10/0x10 [ 24.924020] kunit_try_run_case+0x1b3/0x490 [ 24.924337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.924809] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.925395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.926023] ? __kthread_parkme+0x82/0x160 [ 24.926546] ? preempt_count_sub+0x50/0x80 [ 24.927091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.927695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.928348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.929013] kthread+0x257/0x310 [ 24.929455] ? __pfx_kthread+0x10/0x10 [ 24.929978] ret_from_fork+0x41/0x80 [ 24.930440] ? __pfx_kthread+0x10/0x10 [ 24.930965] ret_from_fork_asm+0x1a/0x30 [ 24.931474] </TASK> [ 24.931856] [ 24.932096] Allocated by task 272: [ 24.932515] kasan_save_stack+0x3d/0x60 [ 24.933019] kasan_save_track+0x18/0x40 [ 24.933478] kasan_save_alloc_info+0x3b/0x50 [ 24.934031] __kasan_kmalloc+0xb7/0xc0 [ 24.934520] __kmalloc_cache_noprof+0x184/0x410 [ 24.934913] kasan_atomics+0x96/0x310 [ 24.935188] kunit_try_run_case+0x1b3/0x490 [ 24.935587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.936026] kthread+0x257/0x310 [ 24.936386] ret_from_fork+0x41/0x80 [ 24.936718] ret_from_fork_asm+0x1a/0x30 [ 24.937003] [ 24.937226] The buggy address belongs to the object at ffff8881028c7700 [ 24.937226] which belongs to the cache kmalloc-64 of size 64 [ 24.938183] The buggy address is located 0 bytes to the right of [ 24.938183] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.939116] [ 24.939294] The buggy address belongs to the physical page: [ 24.939870] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.940322] flags: 0x200000000000000(node=0|zone=2) [ 24.940873] page_type: f5(slab) [ 24.941236] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.941715] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.942388] page dumped because: kasan: bad access detected [ 24.942960] [ 24.943180] Memory state around the buggy address: [ 24.943612] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.944060] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.944677] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.945247] ^ [ 24.945622] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.946255] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.946956] ================================================================== [ 26.555922] ================================================================== [ 26.556663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 26.557349] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.557933] [ 26.558212] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.559048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.559312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.560140] Call Trace: [ 26.560572] <TASK> [ 26.561041] dump_stack_lvl+0x73/0xb0 [ 26.561441] print_report+0xd1/0x640 [ 26.561776] ? __virt_addr_valid+0x1db/0x2d0 [ 26.562263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.562897] kasan_report+0x102/0x140 [ 26.563235] ? kasan_atomics_helper+0x1c19/0x5450 [ 26.563624] ? kasan_atomics_helper+0x1c19/0x5450 [ 26.564061] kasan_check_range+0x10c/0x1c0 [ 26.564560] __kasan_check_write+0x18/0x20 [ 26.565058] kasan_atomics_helper+0x1c19/0x5450 [ 26.565653] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.566216] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.566784] ? trace_hardirqs_on+0x37/0xe0 [ 26.567193] ? kasan_atomics+0x153/0x310 [ 26.567746] kasan_atomics+0x1dd/0x310 [ 26.568184] ? __pfx_kasan_atomics+0x10/0x10 [ 26.568727] ? __pfx_kasan_atomics+0x10/0x10 [ 26.569138] kunit_try_run_case+0x1b3/0x490 [ 26.569701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.570058] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.570654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.571099] ? __kthread_parkme+0x82/0x160 [ 26.571558] ? preempt_count_sub+0x50/0x80 [ 26.572063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.572476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.572925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.573282] kthread+0x257/0x310 [ 26.573622] ? __pfx_kthread+0x10/0x10 [ 26.574118] ret_from_fork+0x41/0x80 [ 26.574561] ? __pfx_kthread+0x10/0x10 [ 26.575039] ret_from_fork_asm+0x1a/0x30 [ 26.575565] </TASK> [ 26.575912] [ 26.576189] Allocated by task 272: [ 26.576648] kasan_save_stack+0x3d/0x60 [ 26.577102] kasan_save_track+0x18/0x40 [ 26.577652] kasan_save_alloc_info+0x3b/0x50 [ 26.578138] __kasan_kmalloc+0xb7/0xc0 [ 26.578416] __kmalloc_cache_noprof+0x184/0x410 [ 26.578976] kasan_atomics+0x96/0x310 [ 26.579439] kunit_try_run_case+0x1b3/0x490 [ 26.579955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.580291] kthread+0x257/0x310 [ 26.580628] ret_from_fork+0x41/0x80 [ 26.581073] ret_from_fork_asm+0x1a/0x30 [ 26.581521] [ 26.581831] The buggy address belongs to the object at ffff8881028c7700 [ 26.581831] which belongs to the cache kmalloc-64 of size 64 [ 26.582876] The buggy address is located 0 bytes to the right of [ 26.582876] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.583474] [ 26.583780] The buggy address belongs to the physical page: [ 26.584297] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.585088] flags: 0x200000000000000(node=0|zone=2) [ 26.585659] page_type: f5(slab) [ 26.586026] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.586749] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.587317] page dumped because: kasan: bad access detected [ 26.587828] [ 26.587993] Memory state around the buggy address: [ 26.588271] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.588867] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.589638] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.590332] ^ [ 26.590906] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.591471] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.591982] ================================================================== [ 25.685926] ================================================================== [ 25.686294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 25.687216] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.689957] [ 25.690263] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.691459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.692280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.694152] Call Trace: [ 25.694499] <TASK> [ 25.694814] dump_stack_lvl+0x73/0xb0 [ 25.695291] print_report+0xd1/0x640 [ 25.696866] ? __virt_addr_valid+0x1db/0x2d0 [ 25.698141] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.698866] kasan_report+0x102/0x140 [ 25.699319] ? kasan_atomics_helper+0x4a04/0x5450 [ 25.699867] ? kasan_atomics_helper+0x4a04/0x5450 [ 25.700559] __asan_report_load4_noabort+0x18/0x20 [ 25.701156] kasan_atomics_helper+0x4a04/0x5450 [ 25.701746] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.702581] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.702946] ? trace_hardirqs_on+0x37/0xe0 [ 25.703126] ? kasan_atomics+0x153/0x310 [ 25.703291] kasan_atomics+0x1dd/0x310 [ 25.703445] ? __pfx_kasan_atomics+0x10/0x10 [ 25.703877] ? __pfx_kasan_atomics+0x10/0x10 [ 25.704912] kunit_try_run_case+0x1b3/0x490 [ 25.705567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.706151] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.706799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.707401] ? __kthread_parkme+0x82/0x160 [ 25.708003] ? preempt_count_sub+0x50/0x80 [ 25.708523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.708826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.709407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.710392] kthread+0x257/0x310 [ 25.711048] ? __pfx_kthread+0x10/0x10 [ 25.711724] ret_from_fork+0x41/0x80 [ 25.712115] ? __pfx_kthread+0x10/0x10 [ 25.712751] ret_from_fork_asm+0x1a/0x30 [ 25.713042] </TASK> [ 25.713638] [ 25.713875] Allocated by task 272: [ 25.714428] kasan_save_stack+0x3d/0x60 [ 25.715263] kasan_save_track+0x18/0x40 [ 25.715560] kasan_save_alloc_info+0x3b/0x50 [ 25.716583] __kasan_kmalloc+0xb7/0xc0 [ 25.717118] __kmalloc_cache_noprof+0x184/0x410 [ 25.717562] kasan_atomics+0x96/0x310 [ 25.717941] kunit_try_run_case+0x1b3/0x490 [ 25.718336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.719474] kthread+0x257/0x310 [ 25.720339] ret_from_fork+0x41/0x80 [ 25.720922] ret_from_fork_asm+0x1a/0x30 [ 25.721759] [ 25.721956] The buggy address belongs to the object at ffff8881028c7700 [ 25.721956] which belongs to the cache kmalloc-64 of size 64 [ 25.723067] The buggy address is located 0 bytes to the right of [ 25.723067] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.724299] [ 25.724560] The buggy address belongs to the physical page: [ 25.725474] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.726441] flags: 0x200000000000000(node=0|zone=2) [ 25.726880] page_type: f5(slab) [ 25.727257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.727859] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.728811] page dumped because: kasan: bad access detected [ 25.729243] [ 25.729407] Memory state around the buggy address: [ 25.729773] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.730403] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.731072] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.732302] ^ [ 25.732643] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.733274] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.733929] ================================================================== [ 25.033777] ================================================================== [ 25.034826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 25.036110] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.036870] [ 25.037076] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.037623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.038082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.038978] Call Trace: [ 25.039253] <TASK> [ 25.039547] dump_stack_lvl+0x73/0xb0 [ 25.040036] print_report+0xd1/0x640 [ 25.040474] ? __virt_addr_valid+0x1db/0x2d0 [ 25.040991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.041436] kasan_report+0x102/0x140 [ 25.041923] ? kasan_atomics_helper+0x8fa/0x5450 [ 25.042422] ? kasan_atomics_helper+0x8fa/0x5450 [ 25.043069] kasan_check_range+0x10c/0x1c0 [ 25.043625] __kasan_check_write+0x18/0x20 [ 25.043943] kasan_atomics_helper+0x8fa/0x5450 [ 25.044260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.044912] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.045457] ? trace_hardirqs_on+0x37/0xe0 [ 25.045983] ? kasan_atomics+0x153/0x310 [ 25.047217] kasan_atomics+0x1dd/0x310 [ 25.047904] ? __pfx_kasan_atomics+0x10/0x10 [ 25.048221] ? __pfx_kasan_atomics+0x10/0x10 [ 25.048567] kunit_try_run_case+0x1b3/0x490 [ 25.049184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.049873] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.050514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.051125] ? __kthread_parkme+0x82/0x160 [ 25.051826] ? preempt_count_sub+0x50/0x80 [ 25.052429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.053106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.053808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.054368] kthread+0x257/0x310 [ 25.054847] ? __pfx_kthread+0x10/0x10 [ 25.055297] ret_from_fork+0x41/0x80 [ 25.055789] ? __pfx_kthread+0x10/0x10 [ 25.056157] ret_from_fork_asm+0x1a/0x30 [ 25.056645] </TASK> [ 25.056960] [ 25.057224] Allocated by task 272: [ 25.057531] kasan_save_stack+0x3d/0x60 [ 25.057986] kasan_save_track+0x18/0x40 [ 25.058460] kasan_save_alloc_info+0x3b/0x50 [ 25.059318] __kasan_kmalloc+0xb7/0xc0 [ 25.060316] __kmalloc_cache_noprof+0x184/0x410 [ 25.060858] kasan_atomics+0x96/0x310 [ 25.061153] kunit_try_run_case+0x1b3/0x490 [ 25.061447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.061804] kthread+0x257/0x310 [ 25.062187] ret_from_fork+0x41/0x80 [ 25.062727] ret_from_fork_asm+0x1a/0x30 [ 25.063327] [ 25.063804] The buggy address belongs to the object at ffff8881028c7700 [ 25.063804] which belongs to the cache kmalloc-64 of size 64 [ 25.065736] The buggy address is located 0 bytes to the right of [ 25.065736] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.066967] [ 25.067211] The buggy address belongs to the physical page: [ 25.067692] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.068566] flags: 0x200000000000000(node=0|zone=2) [ 25.069198] page_type: f5(slab) [ 25.069712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.070554] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.071028] page dumped because: kasan: bad access detected [ 25.071522] [ 25.071845] Memory state around the buggy address: [ 25.072162] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.072942] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.073380] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.074258] ^ [ 25.074696] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.075149] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.076203] ================================================================== [ 25.736524] ================================================================== [ 25.736939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 25.738680] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.739694] [ 25.740172] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.741156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.741445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.742338] Call Trace: [ 25.743283] <TASK> [ 25.743602] dump_stack_lvl+0x73/0xb0 [ 25.744043] print_report+0xd1/0x640 [ 25.744440] ? __virt_addr_valid+0x1db/0x2d0 [ 25.744808] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.745160] kasan_report+0x102/0x140 [ 25.746325] ? kasan_atomics_helper+0x1218/0x5450 [ 25.746826] ? kasan_atomics_helper+0x1218/0x5450 [ 25.747274] kasan_check_range+0x10c/0x1c0 [ 25.748696] __kasan_check_write+0x18/0x20 [ 25.749266] kasan_atomics_helper+0x1218/0x5450 [ 25.749704] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.750187] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.750659] ? trace_hardirqs_on+0x37/0xe0 [ 25.751080] ? kasan_atomics+0x153/0x310 [ 25.751467] kasan_atomics+0x1dd/0x310 [ 25.752417] ? __pfx_kasan_atomics+0x10/0x10 [ 25.752920] ? __pfx_kasan_atomics+0x10/0x10 [ 25.753576] kunit_try_run_case+0x1b3/0x490 [ 25.754097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.754551] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.755443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.755890] ? __kthread_parkme+0x82/0x160 [ 25.756347] ? preempt_count_sub+0x50/0x80 [ 25.756844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.757174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.757803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.758633] kthread+0x257/0x310 [ 25.759070] ? __pfx_kthread+0x10/0x10 [ 25.759513] ret_from_fork+0x41/0x80 [ 25.759929] ? __pfx_kthread+0x10/0x10 [ 25.760296] ret_from_fork_asm+0x1a/0x30 [ 25.761582] </TASK> [ 25.761979] [ 25.762576] Allocated by task 272: [ 25.762834] kasan_save_stack+0x3d/0x60 [ 25.763265] kasan_save_track+0x18/0x40 [ 25.763699] kasan_save_alloc_info+0x3b/0x50 [ 25.764194] __kasan_kmalloc+0xb7/0xc0 [ 25.764551] __kmalloc_cache_noprof+0x184/0x410 [ 25.765064] kasan_atomics+0x96/0x310 [ 25.765395] kunit_try_run_case+0x1b3/0x490 [ 25.766127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.766616] kthread+0x257/0x310 [ 25.767002] ret_from_fork+0x41/0x80 [ 25.767357] ret_from_fork_asm+0x1a/0x30 [ 25.768756] [ 25.768925] The buggy address belongs to the object at ffff8881028c7700 [ 25.768925] which belongs to the cache kmalloc-64 of size 64 [ 25.770367] The buggy address is located 0 bytes to the right of [ 25.770367] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.771426] [ 25.771861] The buggy address belongs to the physical page: [ 25.772359] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.773430] flags: 0x200000000000000(node=0|zone=2) [ 25.774231] page_type: f5(slab) [ 25.774572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.775248] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.776606] page dumped because: kasan: bad access detected [ 25.777291] [ 25.777478] Memory state around the buggy address: [ 25.778396] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.779411] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.780209] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.780855] ^ [ 25.781260] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.781902] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.782843] ================================================================== [ 25.784765] ================================================================== [ 25.785637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 25.786340] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.786987] [ 25.787194] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.789185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.790566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.791222] Call Trace: [ 25.791790] <TASK> [ 25.791979] dump_stack_lvl+0x73/0xb0 [ 25.792745] print_report+0xd1/0x640 [ 25.793250] ? __virt_addr_valid+0x1db/0x2d0 [ 25.793868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.794441] kasan_report+0x102/0x140 [ 25.794748] ? kasan_atomics_helper+0x49ea/0x5450 [ 25.795252] ? kasan_atomics_helper+0x49ea/0x5450 [ 25.795789] __asan_report_load4_noabort+0x18/0x20 [ 25.796820] kasan_atomics_helper+0x49ea/0x5450 [ 25.798008] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.798437] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.798874] ? trace_hardirqs_on+0x37/0xe0 [ 25.799344] ? kasan_atomics+0x153/0x310 [ 25.800234] kasan_atomics+0x1dd/0x310 [ 25.800908] ? __pfx_kasan_atomics+0x10/0x10 [ 25.801224] ? __pfx_kasan_atomics+0x10/0x10 [ 25.801974] kunit_try_run_case+0x1b3/0x490 [ 25.802642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.803263] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.803962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.804664] ? __kthread_parkme+0x82/0x160 [ 25.805259] ? preempt_count_sub+0x50/0x80 [ 25.805757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.806477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.806824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.807718] kthread+0x257/0x310 [ 25.808317] ? __pfx_kthread+0x10/0x10 [ 25.808854] ret_from_fork+0x41/0x80 [ 25.809229] ? __pfx_kthread+0x10/0x10 [ 25.810122] ret_from_fork_asm+0x1a/0x30 [ 25.810524] </TASK> [ 25.810791] [ 25.811291] Allocated by task 272: [ 25.811688] kasan_save_stack+0x3d/0x60 [ 25.812056] kasan_save_track+0x18/0x40 [ 25.812504] kasan_save_alloc_info+0x3b/0x50 [ 25.813469] __kasan_kmalloc+0xb7/0xc0 [ 25.813921] __kmalloc_cache_noprof+0x184/0x410 [ 25.814790] kasan_atomics+0x96/0x310 [ 25.815453] kunit_try_run_case+0x1b3/0x490 [ 25.815948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.816540] kthread+0x257/0x310 [ 25.816988] ret_from_fork+0x41/0x80 [ 25.817690] ret_from_fork_asm+0x1a/0x30 [ 25.818017] [ 25.818712] The buggy address belongs to the object at ffff8881028c7700 [ 25.818712] which belongs to the cache kmalloc-64 of size 64 [ 25.819559] The buggy address is located 0 bytes to the right of [ 25.819559] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.820331] [ 25.821179] The buggy address belongs to the physical page: [ 25.821893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.822835] flags: 0x200000000000000(node=0|zone=2) [ 25.823028] page_type: f5(slab) [ 25.823165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.823391] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.823716] page dumped because: kasan: bad access detected [ 25.824025] [ 25.825050] Memory state around the buggy address: [ 25.825566] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.826216] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.827580] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.828097] ^ [ 25.828676] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.829263] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.830050] ================================================================== [ 26.722587] ================================================================== [ 26.722994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 26.723394] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.724074] [ 26.724356] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.725614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.725887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.726570] Call Trace: [ 26.726863] <TASK> [ 26.727179] dump_stack_lvl+0x73/0xb0 [ 26.727660] print_report+0xd1/0x640 [ 26.727991] ? __virt_addr_valid+0x1db/0x2d0 [ 26.728352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.728909] kasan_report+0x102/0x140 [ 26.729445] ? kasan_atomics_helper+0x1e13/0x5450 [ 26.730061] ? kasan_atomics_helper+0x1e13/0x5450 [ 26.730601] kasan_check_range+0x10c/0x1c0 [ 26.730929] __kasan_check_write+0x18/0x20 [ 26.731504] kasan_atomics_helper+0x1e13/0x5450 [ 26.732022] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.732422] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.733019] ? trace_hardirqs_on+0x37/0xe0 [ 26.733344] ? kasan_atomics+0x153/0x310 [ 26.733677] kasan_atomics+0x1dd/0x310 [ 26.734128] ? __pfx_kasan_atomics+0x10/0x10 [ 26.734716] ? __pfx_kasan_atomics+0x10/0x10 [ 26.735203] kunit_try_run_case+0x1b3/0x490 [ 26.735688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.736049] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.736375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.736907] ? __kthread_parkme+0x82/0x160 [ 26.737360] ? preempt_count_sub+0x50/0x80 [ 26.739518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.740025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.740648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.741002] kthread+0x257/0x310 [ 26.741265] ? __pfx_kthread+0x10/0x10 [ 26.742770] ret_from_fork+0x41/0x80 [ 26.743208] ? __pfx_kthread+0x10/0x10 [ 26.743855] ret_from_fork_asm+0x1a/0x30 [ 26.744910] </TASK> [ 26.745169] [ 26.745336] Allocated by task 272: [ 26.745587] kasan_save_stack+0x3d/0x60 [ 26.746158] kasan_save_track+0x18/0x40 [ 26.747187] kasan_save_alloc_info+0x3b/0x50 [ 26.747522] __kasan_kmalloc+0xb7/0xc0 [ 26.748384] __kmalloc_cache_noprof+0x184/0x410 [ 26.748900] kasan_atomics+0x96/0x310 [ 26.749542] kunit_try_run_case+0x1b3/0x490 [ 26.750364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.751108] kthread+0x257/0x310 [ 26.752131] ret_from_fork+0x41/0x80 [ 26.752498] ret_from_fork_asm+0x1a/0x30 [ 26.753105] [ 26.753330] The buggy address belongs to the object at ffff8881028c7700 [ 26.753330] which belongs to the cache kmalloc-64 of size 64 [ 26.754894] The buggy address is located 0 bytes to the right of [ 26.754894] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.755755] [ 26.756425] The buggy address belongs to the physical page: [ 26.756860] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.757863] flags: 0x200000000000000(node=0|zone=2) [ 26.758591] page_type: f5(slab) [ 26.759055] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.759724] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.760273] page dumped because: kasan: bad access detected [ 26.761261] [ 26.761454] Memory state around the buggy address: [ 26.761956] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.762964] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.763647] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.764453] ^ [ 26.765070] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.765905] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.766620] ================================================================== [ 25.479192] ================================================================== [ 25.480042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 25.480743] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.481306] [ 25.482184] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.482834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.483102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.483566] Call Trace: [ 25.483924] <TASK> [ 25.484216] dump_stack_lvl+0x73/0xb0 [ 25.484719] print_report+0xd1/0x640 [ 25.485154] ? __virt_addr_valid+0x1db/0x2d0 [ 25.485736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.486302] kasan_report+0x102/0x140 [ 25.486792] ? kasan_atomics_helper+0xfaa/0x5450 [ 25.487290] ? kasan_atomics_helper+0xfaa/0x5450 [ 25.487751] kasan_check_range+0x10c/0x1c0 [ 25.488061] __kasan_check_write+0x18/0x20 [ 25.488352] kasan_atomics_helper+0xfaa/0x5450 [ 25.488861] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.489381] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.489928] ? trace_hardirqs_on+0x37/0xe0 [ 25.490387] ? kasan_atomics+0x153/0x310 [ 25.490917] kasan_atomics+0x1dd/0x310 [ 25.491358] ? __pfx_kasan_atomics+0x10/0x10 [ 25.491898] ? __pfx_kasan_atomics+0x10/0x10 [ 25.492345] kunit_try_run_case+0x1b3/0x490 [ 25.492735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.493060] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.493377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.493957] ? __kthread_parkme+0x82/0x160 [ 25.494421] ? preempt_count_sub+0x50/0x80 [ 25.494952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.495506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.496141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.496788] kthread+0x257/0x310 [ 25.497176] ? __pfx_kthread+0x10/0x10 [ 25.497564] ret_from_fork+0x41/0x80 [ 25.498031] ? __pfx_kthread+0x10/0x10 [ 25.498381] ret_from_fork_asm+0x1a/0x30 [ 25.498922] </TASK> [ 25.499135] [ 25.499357] Allocated by task 272: [ 25.499767] kasan_save_stack+0x3d/0x60 [ 25.500049] kasan_save_track+0x18/0x40 [ 25.500317] kasan_save_alloc_info+0x3b/0x50 [ 25.500687] __kasan_kmalloc+0xb7/0xc0 [ 25.500958] __kmalloc_cache_noprof+0x184/0x410 [ 25.501451] kasan_atomics+0x96/0x310 [ 25.501936] kunit_try_run_case+0x1b3/0x490 [ 25.502387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.502981] kthread+0x257/0x310 [ 25.503363] ret_from_fork+0x41/0x80 [ 25.503836] ret_from_fork_asm+0x1a/0x30 [ 25.504269] [ 25.504510] The buggy address belongs to the object at ffff8881028c7700 [ 25.504510] which belongs to the cache kmalloc-64 of size 64 [ 25.505630] The buggy address is located 0 bytes to the right of [ 25.505630] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.506431] [ 25.506747] The buggy address belongs to the physical page: [ 25.507259] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.507855] flags: 0x200000000000000(node=0|zone=2) [ 25.508165] page_type: f5(slab) [ 25.508526] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.510070] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.510567] page dumped because: kasan: bad access detected [ 25.510893] [ 25.511049] Memory state around the buggy address: [ 25.511327] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.512318] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.513012] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.513690] ^ [ 25.514155] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.514842] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.515314] ================================================================== [ 24.608646] ================================================================== [ 24.609141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 24.610519] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.611250] [ 24.611563] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.613558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.614166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.614983] Call Trace: [ 24.615358] <TASK> [ 24.615754] dump_stack_lvl+0x73/0xb0 [ 24.616200] print_report+0xd1/0x640 [ 24.616741] ? __virt_addr_valid+0x1db/0x2d0 [ 24.617235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.618621] kasan_report+0x102/0x140 [ 24.618911] ? kasan_atomics_helper+0x3e0/0x5450 [ 24.619222] ? kasan_atomics_helper+0x3e0/0x5450 [ 24.619569] kasan_check_range+0x10c/0x1c0 [ 24.619991] __kasan_check_read+0x15/0x20 [ 24.620439] kasan_atomics_helper+0x3e0/0x5450 [ 24.622231] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.622992] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.623898] ? trace_hardirqs_on+0x37/0xe0 [ 24.624295] ? kasan_atomics+0x153/0x310 [ 24.625077] kasan_atomics+0x1dd/0x310 [ 24.625993] ? __pfx_kasan_atomics+0x10/0x10 [ 24.626200] ? __pfx_kasan_atomics+0x10/0x10 [ 24.626373] kunit_try_run_case+0x1b3/0x490 [ 24.626630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.626938] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.627638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.628202] ? __kthread_parkme+0x82/0x160 [ 24.629223] ? preempt_count_sub+0x50/0x80 [ 24.629687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.630174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.630961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.631599] kthread+0x257/0x310 [ 24.632066] ? __pfx_kthread+0x10/0x10 [ 24.632548] ret_from_fork+0x41/0x80 [ 24.633036] ? __pfx_kthread+0x10/0x10 [ 24.633522] ret_from_fork_asm+0x1a/0x30 [ 24.634073] </TASK> [ 24.634386] [ 24.634690] Allocated by task 272: [ 24.635099] kasan_save_stack+0x3d/0x60 [ 24.635670] kasan_save_track+0x18/0x40 [ 24.636127] kasan_save_alloc_info+0x3b/0x50 [ 24.636667] __kasan_kmalloc+0xb7/0xc0 [ 24.637148] __kmalloc_cache_noprof+0x184/0x410 [ 24.637713] kasan_atomics+0x96/0x310 [ 24.638167] kunit_try_run_case+0x1b3/0x490 [ 24.638712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.639290] kthread+0x257/0x310 [ 24.639756] ret_from_fork+0x41/0x80 [ 24.640202] ret_from_fork_asm+0x1a/0x30 [ 24.640719] [ 24.640964] The buggy address belongs to the object at ffff8881028c7700 [ 24.640964] which belongs to the cache kmalloc-64 of size 64 [ 24.642101] The buggy address is located 0 bytes to the right of [ 24.642101] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.642892] [ 24.643122] The buggy address belongs to the physical page: [ 24.643567] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.644073] flags: 0x200000000000000(node=0|zone=2) [ 24.644553] page_type: f5(slab) [ 24.644927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.645619] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.646185] page dumped because: kasan: bad access detected [ 24.646730] [ 24.646948] Memory state around the buggy address: [ 24.647319] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.647930] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.648457] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.649058] ^ [ 24.649347] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.650001] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.650708] ================================================================== [ 24.483088] ================================================================== [ 24.484339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 24.485057] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.486073] [ 24.486332] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.487184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.487703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.488376] Call Trace: [ 24.488742] <TASK> [ 24.489077] dump_stack_lvl+0x73/0xb0 [ 24.489436] print_report+0xd1/0x640 [ 24.489932] ? __virt_addr_valid+0x1db/0x2d0 [ 24.490310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.490958] kasan_report+0x102/0x140 [ 24.491284] ? kasan_atomics_helper+0x4ba4/0x5450 [ 24.492008] ? kasan_atomics_helper+0x4ba4/0x5450 [ 24.492626] __asan_report_store4_noabort+0x1b/0x30 [ 24.493171] kasan_atomics_helper+0x4ba4/0x5450 [ 24.493685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.494136] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.494696] ? trace_hardirqs_on+0x37/0xe0 [ 24.495092] ? kasan_atomics+0x153/0x310 [ 24.495735] kasan_atomics+0x1dd/0x310 [ 24.496110] ? __pfx_kasan_atomics+0x10/0x10 [ 24.496676] ? __pfx_kasan_atomics+0x10/0x10 [ 24.497095] kunit_try_run_case+0x1b3/0x490 [ 24.497665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.498007] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.498516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.499099] ? __kthread_parkme+0x82/0x160 [ 24.499571] ? preempt_count_sub+0x50/0x80 [ 24.500043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.500620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.501113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.501776] kthread+0x257/0x310 [ 24.502200] ? __pfx_kthread+0x10/0x10 [ 24.503436] ret_from_fork+0x41/0x80 [ 24.503820] ? __pfx_kthread+0x10/0x10 [ 24.504176] ret_from_fork_asm+0x1a/0x30 [ 24.504660] </TASK> [ 24.504934] [ 24.505153] Allocated by task 272: [ 24.505470] kasan_save_stack+0x3d/0x60 [ 24.506830] kasan_save_track+0x18/0x40 [ 24.507123] kasan_save_alloc_info+0x3b/0x50 [ 24.507415] __kasan_kmalloc+0xb7/0xc0 [ 24.507993] __kmalloc_cache_noprof+0x184/0x410 [ 24.508609] kasan_atomics+0x96/0x310 [ 24.509149] kunit_try_run_case+0x1b3/0x490 [ 24.510278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.510915] kthread+0x257/0x310 [ 24.511361] ret_from_fork+0x41/0x80 [ 24.512233] ret_from_fork_asm+0x1a/0x30 [ 24.513164] [ 24.513419] The buggy address belongs to the object at ffff8881028c7700 [ 24.513419] which belongs to the cache kmalloc-64 of size 64 [ 24.514376] The buggy address is located 0 bytes to the right of [ 24.514376] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.515362] [ 24.515562] The buggy address belongs to the physical page: [ 24.516059] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.517392] flags: 0x200000000000000(node=0|zone=2) [ 24.518189] page_type: f5(slab) [ 24.518541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.519100] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.520267] page dumped because: kasan: bad access detected [ 24.520637] [ 24.520826] Memory state around the buggy address: [ 24.521247] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.521881] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.522548] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.522914] ^ [ 24.523202] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.524520] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.525143] ================================================================== [ 26.677716] ================================================================== [ 26.678691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 26.679267] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.680871] [ 26.681107] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.681958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.682241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.682752] Call Trace: [ 26.683073] <TASK> [ 26.683686] dump_stack_lvl+0x73/0xb0 [ 26.684143] print_report+0xd1/0x640 [ 26.684678] ? __virt_addr_valid+0x1db/0x2d0 [ 26.685170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.685795] kasan_report+0x102/0x140 [ 26.686213] ? kasan_atomics_helper+0x1d7b/0x5450 [ 26.686807] ? kasan_atomics_helper+0x1d7b/0x5450 [ 26.687221] kasan_check_range+0x10c/0x1c0 [ 26.687560] __kasan_check_write+0x18/0x20 [ 26.687963] kasan_atomics_helper+0x1d7b/0x5450 [ 26.688513] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.689332] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.690880] ? trace_hardirqs_on+0x37/0xe0 [ 26.691884] ? kasan_atomics+0x153/0x310 [ 26.693000] kasan_atomics+0x1dd/0x310 [ 26.693957] ? __pfx_kasan_atomics+0x10/0x10 [ 26.694428] ? __pfx_kasan_atomics+0x10/0x10 [ 26.694943] kunit_try_run_case+0x1b3/0x490 [ 26.695234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.696013] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.696849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.697516] ? __kthread_parkme+0x82/0x160 [ 26.698098] ? preempt_count_sub+0x50/0x80 [ 26.698478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.699381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.700521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.701141] kthread+0x257/0x310 [ 26.701563] ? __pfx_kthread+0x10/0x10 [ 26.701856] ret_from_fork+0x41/0x80 [ 26.702282] ? __pfx_kthread+0x10/0x10 [ 26.702759] ret_from_fork_asm+0x1a/0x30 [ 26.703151] </TASK> [ 26.703382] [ 26.703662] Allocated by task 272: [ 26.703909] kasan_save_stack+0x3d/0x60 [ 26.704346] kasan_save_track+0x18/0x40 [ 26.704798] kasan_save_alloc_info+0x3b/0x50 [ 26.705902] __kasan_kmalloc+0xb7/0xc0 [ 26.706870] __kmalloc_cache_noprof+0x184/0x410 [ 26.707389] kasan_atomics+0x96/0x310 [ 26.707710] kunit_try_run_case+0x1b3/0x490 [ 26.708163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.708872] kthread+0x257/0x310 [ 26.709285] ret_from_fork+0x41/0x80 [ 26.709831] ret_from_fork_asm+0x1a/0x30 [ 26.710225] [ 26.710430] The buggy address belongs to the object at ffff8881028c7700 [ 26.710430] which belongs to the cache kmalloc-64 of size 64 [ 26.711607] The buggy address is located 0 bytes to the right of [ 26.711607] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.712931] [ 26.713184] The buggy address belongs to the physical page: [ 26.713822] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.714324] flags: 0x200000000000000(node=0|zone=2) [ 26.715060] page_type: f5(slab) [ 26.716646] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.717146] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.717624] page dumped because: kasan: bad access detected [ 26.718145] [ 26.718438] Memory state around the buggy address: [ 26.718805] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.719253] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.719703] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.720072] ^ [ 26.720361] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.720792] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.721165] ================================================================== [ 25.165646] ================================================================== [ 25.167057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 25.167757] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.168703] [ 25.169029] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.169571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.170086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.171043] Call Trace: [ 25.171438] <TASK> [ 25.171902] dump_stack_lvl+0x73/0xb0 [ 25.172430] print_report+0xd1/0x640 [ 25.173015] ? __virt_addr_valid+0x1db/0x2d0 [ 25.173592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.174275] kasan_report+0x102/0x140 [ 25.174878] ? kasan_atomics_helper+0xac8/0x5450 [ 25.175530] ? kasan_atomics_helper+0xac8/0x5450 [ 25.176225] kasan_check_range+0x10c/0x1c0 [ 25.176833] __kasan_check_write+0x18/0x20 [ 25.177386] kasan_atomics_helper+0xac8/0x5450 [ 25.178015] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.178698] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.179226] ? trace_hardirqs_on+0x37/0xe0 [ 25.179556] ? kasan_atomics+0x153/0x310 [ 25.180104] kasan_atomics+0x1dd/0x310 [ 25.180515] ? __pfx_kasan_atomics+0x10/0x10 [ 25.181015] ? __pfx_kasan_atomics+0x10/0x10 [ 25.181466] kunit_try_run_case+0x1b3/0x490 [ 25.181925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.182323] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.182726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.183160] ? __kthread_parkme+0x82/0x160 [ 25.183693] ? preempt_count_sub+0x50/0x80 [ 25.184149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.184728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.185354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.185793] kthread+0x257/0x310 [ 25.186192] ? __pfx_kthread+0x10/0x10 [ 25.186668] ret_from_fork+0x41/0x80 [ 25.187086] ? __pfx_kthread+0x10/0x10 [ 25.187548] ret_from_fork_asm+0x1a/0x30 [ 25.188688] </TASK> [ 25.188940] [ 25.189123] Allocated by task 272: [ 25.189418] kasan_save_stack+0x3d/0x60 [ 25.189881] kasan_save_track+0x18/0x40 [ 25.190264] kasan_save_alloc_info+0x3b/0x50 [ 25.191197] __kasan_kmalloc+0xb7/0xc0 [ 25.191605] __kmalloc_cache_noprof+0x184/0x410 [ 25.192066] kasan_atomics+0x96/0x310 [ 25.192478] kunit_try_run_case+0x1b3/0x490 [ 25.192908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.193238] kthread+0x257/0x310 [ 25.193513] ret_from_fork+0x41/0x80 [ 25.193968] ret_from_fork_asm+0x1a/0x30 [ 25.194405] [ 25.194696] The buggy address belongs to the object at ffff8881028c7700 [ 25.194696] which belongs to the cache kmalloc-64 of size 64 [ 25.195822] The buggy address is located 0 bytes to the right of [ 25.195822] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.196465] [ 25.196776] The buggy address belongs to the physical page: [ 25.197283] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.197998] flags: 0x200000000000000(node=0|zone=2) [ 25.198333] page_type: f5(slab) [ 25.198643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.199291] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.200011] page dumped because: kasan: bad access detected [ 25.200527] [ 25.200807] Memory state around the buggy address: [ 25.201271] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.201781] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.202321] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.202766] ^ [ 25.203224] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.203921] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.204460] ================================================================== [ 26.428439] ================================================================== [ 26.429267] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 26.430111] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.430438] [ 26.430758] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.431835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.432268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.432975] Call Trace: [ 26.433334] <TASK> [ 26.433687] dump_stack_lvl+0x73/0xb0 [ 26.434081] print_report+0xd1/0x640 [ 26.434373] ? __virt_addr_valid+0x1db/0x2d0 [ 26.435035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.435697] kasan_report+0x102/0x140 [ 26.436199] ? kasan_atomics_helper+0x19e4/0x5450 [ 26.436780] ? kasan_atomics_helper+0x19e4/0x5450 [ 26.437350] kasan_check_range+0x10c/0x1c0 [ 26.437888] __kasan_check_write+0x18/0x20 [ 26.438207] kasan_atomics_helper+0x19e4/0x5450 [ 26.438731] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.439317] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.439953] ? trace_hardirqs_on+0x37/0xe0 [ 26.440424] ? kasan_atomics+0x153/0x310 [ 26.441017] kasan_atomics+0x1dd/0x310 [ 26.441442] ? __pfx_kasan_atomics+0x10/0x10 [ 26.441998] ? __pfx_kasan_atomics+0x10/0x10 [ 26.442730] kunit_try_run_case+0x1b3/0x490 [ 26.443227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.443618] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.444191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.444833] ? __kthread_parkme+0x82/0x160 [ 26.445302] ? preempt_count_sub+0x50/0x80 [ 26.445948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.446513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.447172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.447808] kthread+0x257/0x310 [ 26.448224] ? __pfx_kthread+0x10/0x10 [ 26.448659] ret_from_fork+0x41/0x80 [ 26.449084] ? __pfx_kthread+0x10/0x10 [ 26.449436] ret_from_fork_asm+0x1a/0x30 [ 26.450035] </TASK> [ 26.450415] [ 26.450712] Allocated by task 272: [ 26.451042] kasan_save_stack+0x3d/0x60 [ 26.451567] kasan_save_track+0x18/0x40 [ 26.452074] kasan_save_alloc_info+0x3b/0x50 [ 26.452674] __kasan_kmalloc+0xb7/0xc0 [ 26.452989] __kmalloc_cache_noprof+0x184/0x410 [ 26.453519] kasan_atomics+0x96/0x310 [ 26.454060] kunit_try_run_case+0x1b3/0x490 [ 26.454519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.455137] kthread+0x257/0x310 [ 26.455566] ret_from_fork+0x41/0x80 [ 26.456021] ret_from_fork_asm+0x1a/0x30 [ 26.456420] [ 26.456724] The buggy address belongs to the object at ffff8881028c7700 [ 26.456724] which belongs to the cache kmalloc-64 of size 64 [ 26.457815] The buggy address is located 0 bytes to the right of [ 26.457815] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.458848] [ 26.459041] The buggy address belongs to the physical page: [ 26.459532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.460874] flags: 0x200000000000000(node=0|zone=2) [ 26.461186] page_type: f5(slab) [ 26.461433] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.463196] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.463987] page dumped because: kasan: bad access detected [ 26.465202] [ 26.466224] Memory state around the buggy address: [ 26.467425] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.468631] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.469389] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.470243] ^ [ 26.470734] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.471656] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.472282] ================================================================== [ 27.022272] ================================================================== [ 27.023878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 27.024559] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 27.025214] [ 27.025437] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.026308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.027099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.027591] Call Trace: [ 27.027808] <TASK> [ 27.028010] dump_stack_lvl+0x73/0xb0 [ 27.028446] print_report+0xd1/0x640 [ 27.028968] ? __virt_addr_valid+0x1db/0x2d0 [ 27.029447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.030057] kasan_report+0x102/0x140 [ 27.030507] ? kasan_atomics_helper+0x4fb4/0x5450 [ 27.031044] ? kasan_atomics_helper+0x4fb4/0x5450 [ 27.031413] __asan_report_load8_noabort+0x18/0x20 [ 27.031990] kasan_atomics_helper+0x4fb4/0x5450 [ 27.032456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.032859] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.033182] ? trace_hardirqs_on+0x37/0xe0 [ 27.033691] ? kasan_atomics+0x153/0x310 [ 27.034172] kasan_atomics+0x1dd/0x310 [ 27.034665] ? __pfx_kasan_atomics+0x10/0x10 [ 27.035145] ? __pfx_kasan_atomics+0x10/0x10 [ 27.035660] kunit_try_run_case+0x1b3/0x490 [ 27.036137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.036527] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.036898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.037225] ? __kthread_parkme+0x82/0x160 [ 27.037533] ? preempt_count_sub+0x50/0x80 [ 27.038037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.038569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.039196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.039799] kthread+0x257/0x310 [ 27.040199] ? __pfx_kthread+0x10/0x10 [ 27.040696] ret_from_fork+0x41/0x80 [ 27.041103] ? __pfx_kthread+0x10/0x10 [ 27.041529] ret_from_fork_asm+0x1a/0x30 [ 27.041907] </TASK> [ 27.042202] [ 27.042424] Allocated by task 272: [ 27.042766] kasan_save_stack+0x3d/0x60 [ 27.043181] kasan_save_track+0x18/0x40 [ 27.043517] kasan_save_alloc_info+0x3b/0x50 [ 27.044013] __kasan_kmalloc+0xb7/0xc0 [ 27.044320] __kmalloc_cache_noprof+0x184/0x410 [ 27.044691] kasan_atomics+0x96/0x310 [ 27.044963] kunit_try_run_case+0x1b3/0x490 [ 27.045274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.045760] kthread+0x257/0x310 [ 27.046159] ret_from_fork+0x41/0x80 [ 27.046630] ret_from_fork_asm+0x1a/0x30 [ 27.047076] [ 27.047297] The buggy address belongs to the object at ffff8881028c7700 [ 27.047297] which belongs to the cache kmalloc-64 of size 64 [ 27.048350] The buggy address is located 0 bytes to the right of [ 27.048350] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 27.049447] [ 27.049697] The buggy address belongs to the physical page: [ 27.050004] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 27.050426] flags: 0x200000000000000(node=0|zone=2) [ 27.050844] page_type: f5(slab) [ 27.051201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.051939] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.052645] page dumped because: kasan: bad access detected [ 27.053164] [ 27.053384] Memory state around the buggy address: [ 27.054412] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.055106] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.055663] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.056037] ^ [ 27.056328] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.059003] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.059724] ================================================================== [ 26.904361] ================================================================== [ 26.905421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 26.906067] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.906756] [ 26.906969] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.907992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.909197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.909870] Call Trace: [ 26.910106] <TASK> [ 26.910299] dump_stack_lvl+0x73/0xb0 [ 26.910720] print_report+0xd1/0x640 [ 26.911155] ? __virt_addr_valid+0x1db/0x2d0 [ 26.912034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.912401] kasan_report+0x102/0x140 [ 26.912740] ? kasan_atomics_helper+0x2007/0x5450 [ 26.913184] ? kasan_atomics_helper+0x2007/0x5450 [ 26.913691] kasan_check_range+0x10c/0x1c0 [ 26.914174] __kasan_check_write+0x18/0x20 [ 26.914619] kasan_atomics_helper+0x2007/0x5450 [ 26.915085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.915417] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.915981] ? trace_hardirqs_on+0x37/0xe0 [ 26.916440] ? kasan_atomics+0x153/0x310 [ 26.916966] kasan_atomics+0x1dd/0x310 [ 26.917334] ? __pfx_kasan_atomics+0x10/0x10 [ 26.917862] ? __pfx_kasan_atomics+0x10/0x10 [ 26.918223] kunit_try_run_case+0x1b3/0x490 [ 26.918757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.919171] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.919635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.920006] ? __kthread_parkme+0x82/0x160 [ 26.920435] ? preempt_count_sub+0x50/0x80 [ 26.920892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.921264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.921900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.922405] kthread+0x257/0x310 [ 26.922797] ? __pfx_kthread+0x10/0x10 [ 26.923088] ret_from_fork+0x41/0x80 [ 26.923521] ? __pfx_kthread+0x10/0x10 [ 26.923991] ret_from_fork_asm+0x1a/0x30 [ 26.924463] </TASK> [ 26.924746] [ 26.924974] Allocated by task 272: [ 26.925221] kasan_save_stack+0x3d/0x60 [ 26.925703] kasan_save_track+0x18/0x40 [ 26.926008] kasan_save_alloc_info+0x3b/0x50 [ 26.926412] __kasan_kmalloc+0xb7/0xc0 [ 26.926909] __kmalloc_cache_noprof+0x184/0x410 [ 26.928127] kasan_atomics+0x96/0x310 [ 26.928514] kunit_try_run_case+0x1b3/0x490 [ 26.928916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.929450] kthread+0x257/0x310 [ 26.930617] ret_from_fork+0x41/0x80 [ 26.931532] ret_from_fork_asm+0x1a/0x30 [ 26.932048] [ 26.932226] The buggy address belongs to the object at ffff8881028c7700 [ 26.932226] which belongs to the cache kmalloc-64 of size 64 [ 26.933191] The buggy address is located 0 bytes to the right of [ 26.933191] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.934388] [ 26.934716] The buggy address belongs to the physical page: [ 26.935298] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.936084] flags: 0x200000000000000(node=0|zone=2) [ 26.936817] page_type: f5(slab) [ 26.937063] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.937644] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.938256] page dumped because: kasan: bad access detected [ 26.938632] [ 26.938864] Memory state around the buggy address: [ 26.939317] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.939786] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.940388] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.940914] ^ [ 26.941388] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.941953] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.942627] ================================================================== [ 25.321768] ================================================================== [ 25.322240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 25.322837] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.323425] [ 25.323672] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.324434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.324840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.325327] Call Trace: [ 25.325565] <TASK> [ 25.325991] dump_stack_lvl+0x73/0xb0 [ 25.326466] print_report+0xd1/0x640 [ 25.326958] ? __virt_addr_valid+0x1db/0x2d0 [ 25.327425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.328028] kasan_report+0x102/0x140 [ 25.328463] ? kasan_atomics_helper+0xd48/0x5450 [ 25.328871] ? kasan_atomics_helper+0xd48/0x5450 [ 25.329205] kasan_check_range+0x10c/0x1c0 [ 25.329733] __kasan_check_write+0x18/0x20 [ 25.330188] kasan_atomics_helper+0xd48/0x5450 [ 25.330723] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.331241] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.331628] ? trace_hardirqs_on+0x37/0xe0 [ 25.332001] ? kasan_atomics+0x153/0x310 [ 25.332438] kasan_atomics+0x1dd/0x310 [ 25.332932] ? __pfx_kasan_atomics+0x10/0x10 [ 25.333403] ? __pfx_kasan_atomics+0x10/0x10 [ 25.333831] kunit_try_run_case+0x1b3/0x490 [ 25.334295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.334746] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.335266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.335844] ? __kthread_parkme+0x82/0x160 [ 25.336159] ? preempt_count_sub+0x50/0x80 [ 25.336675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.337092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.337566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.338125] kthread+0x257/0x310 [ 25.338542] ? __pfx_kthread+0x10/0x10 [ 25.338953] ret_from_fork+0x41/0x80 [ 25.339310] ? __pfx_kthread+0x10/0x10 [ 25.339661] ret_from_fork_asm+0x1a/0x30 [ 25.339988] </TASK> [ 25.340184] [ 25.340341] Allocated by task 272: [ 25.340704] kasan_save_stack+0x3d/0x60 [ 25.341129] kasan_save_track+0x18/0x40 [ 25.341610] kasan_save_alloc_info+0x3b/0x50 [ 25.342090] __kasan_kmalloc+0xb7/0xc0 [ 25.342538] __kmalloc_cache_noprof+0x184/0x410 [ 25.343055] kasan_atomics+0x96/0x310 [ 25.343468] kunit_try_run_case+0x1b3/0x490 [ 25.345873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.346228] kthread+0x257/0x310 [ 25.346477] ret_from_fork+0x41/0x80 [ 25.347459] ret_from_fork_asm+0x1a/0x30 [ 25.348964] [ 25.349200] The buggy address belongs to the object at ffff8881028c7700 [ 25.349200] which belongs to the cache kmalloc-64 of size 64 [ 25.350259] The buggy address is located 0 bytes to the right of [ 25.350259] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.351350] [ 25.351638] The buggy address belongs to the physical page: [ 25.352106] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.352675] flags: 0x200000000000000(node=0|zone=2) [ 25.352987] page_type: f5(slab) [ 25.353234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.353800] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.354500] page dumped because: kasan: bad access detected [ 25.355046] [ 25.355310] Memory state around the buggy address: [ 25.355825] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.356467] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.357139] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.357694] ^ [ 25.358073] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.358690] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.359060] ================================================================== [ 24.687730] ================================================================== [ 24.688392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 24.689408] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.689989] [ 24.690256] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.691933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.692191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.692987] Call Trace: [ 24.693289] <TASK> [ 24.693632] dump_stack_lvl+0x73/0xb0 [ 24.694082] print_report+0xd1/0x640 [ 24.694454] ? __virt_addr_valid+0x1db/0x2d0 [ 24.694942] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.695340] kasan_report+0x102/0x140 [ 24.695694] ? kasan_atomics_helper+0x4a1/0x5450 [ 24.696006] ? kasan_atomics_helper+0x4a1/0x5450 [ 24.696520] kasan_check_range+0x10c/0x1c0 [ 24.697859] __kasan_check_write+0x18/0x20 [ 24.698319] kasan_atomics_helper+0x4a1/0x5450 [ 24.698870] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.699374] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.699930] ? trace_hardirqs_on+0x37/0xe0 [ 24.700375] ? kasan_atomics+0x153/0x310 [ 24.700896] kasan_atomics+0x1dd/0x310 [ 24.701331] ? __pfx_kasan_atomics+0x10/0x10 [ 24.701719] ? __pfx_kasan_atomics+0x10/0x10 [ 24.702038] kunit_try_run_case+0x1b3/0x490 [ 24.702356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.703207] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.703773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.704366] ? __kthread_parkme+0x82/0x160 [ 24.704885] ? preempt_count_sub+0x50/0x80 [ 24.705397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.705799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.706189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.706561] kthread+0x257/0x310 [ 24.706881] ? __pfx_kthread+0x10/0x10 [ 24.707277] ret_from_fork+0x41/0x80 [ 24.707760] ? __pfx_kthread+0x10/0x10 [ 24.708196] ret_from_fork_asm+0x1a/0x30 [ 24.708729] </TASK> [ 24.709009] [ 24.709224] Allocated by task 272: [ 24.709656] kasan_save_stack+0x3d/0x60 [ 24.710105] kasan_save_track+0x18/0x40 [ 24.710537] kasan_save_alloc_info+0x3b/0x50 [ 24.711039] __kasan_kmalloc+0xb7/0xc0 [ 24.711458] __kmalloc_cache_noprof+0x184/0x410 [ 24.711992] kasan_atomics+0x96/0x310 [ 24.712364] kunit_try_run_case+0x1b3/0x490 [ 24.712868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.713312] kthread+0x257/0x310 [ 24.713630] ret_from_fork+0x41/0x80 [ 24.713906] ret_from_fork_asm+0x1a/0x30 [ 24.714351] [ 24.714629] The buggy address belongs to the object at ffff8881028c7700 [ 24.714629] which belongs to the cache kmalloc-64 of size 64 [ 24.715620] The buggy address is located 0 bytes to the right of [ 24.715620] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.716215] [ 24.716383] The buggy address belongs to the physical page: [ 24.716757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.717177] flags: 0x200000000000000(node=0|zone=2) [ 24.717507] page_type: f5(slab) [ 24.717930] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.718676] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.719350] page dumped because: kasan: bad access detected [ 24.719905] [ 24.720137] Memory state around the buggy address: [ 24.720635] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.721275] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.721931] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.724617] ^ [ 24.725105] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.727093] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.727801] ================================================================== [ 25.958502] ================================================================== [ 25.960556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 25.961127] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.961882] [ 25.962751] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.963776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.964092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.964998] Call Trace: [ 25.965780] <TASK> [ 25.966049] dump_stack_lvl+0x73/0xb0 [ 25.966417] print_report+0xd1/0x640 [ 25.966835] ? __virt_addr_valid+0x1db/0x2d0 [ 25.967891] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.968387] kasan_report+0x102/0x140 [ 25.969070] ? kasan_atomics_helper+0x4eb0/0x5450 [ 25.969718] ? kasan_atomics_helper+0x4eb0/0x5450 [ 25.970432] __asan_report_load8_noabort+0x18/0x20 [ 25.971071] kasan_atomics_helper+0x4eb0/0x5450 [ 25.971571] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.972409] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.972913] ? trace_hardirqs_on+0x37/0xe0 [ 25.973297] ? kasan_atomics+0x153/0x310 [ 25.974227] kasan_atomics+0x1dd/0x310 [ 25.974761] ? __pfx_kasan_atomics+0x10/0x10 [ 25.975335] ? __pfx_kasan_atomics+0x10/0x10 [ 25.975810] kunit_try_run_case+0x1b3/0x490 [ 25.976193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.976722] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.977155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.978175] ? __kthread_parkme+0x82/0x160 [ 25.978464] ? preempt_count_sub+0x50/0x80 [ 25.979340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.979715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.980554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.981292] kthread+0x257/0x310 [ 25.981949] ? __pfx_kthread+0x10/0x10 [ 25.982519] ret_from_fork+0x41/0x80 [ 25.983232] ? __pfx_kthread+0x10/0x10 [ 25.983644] ret_from_fork_asm+0x1a/0x30 [ 25.984545] </TASK> [ 25.984965] [ 25.985204] Allocated by task 272: [ 25.985581] kasan_save_stack+0x3d/0x60 [ 25.986017] kasan_save_track+0x18/0x40 [ 25.986400] kasan_save_alloc_info+0x3b/0x50 [ 25.987521] __kasan_kmalloc+0xb7/0xc0 [ 25.988131] __kmalloc_cache_noprof+0x184/0x410 [ 25.988556] kasan_atomics+0x96/0x310 [ 25.988974] kunit_try_run_case+0x1b3/0x490 [ 25.989357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.989913] kthread+0x257/0x310 [ 25.990341] ret_from_fork+0x41/0x80 [ 25.990897] ret_from_fork_asm+0x1a/0x30 [ 25.991225] [ 25.991472] The buggy address belongs to the object at ffff8881028c7700 [ 25.991472] which belongs to the cache kmalloc-64 of size 64 [ 25.992145] The buggy address is located 0 bytes to the right of [ 25.992145] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.994294] [ 25.994838] The buggy address belongs to the physical page: [ 25.995168] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.996062] flags: 0x200000000000000(node=0|zone=2) [ 25.996404] page_type: f5(slab) [ 25.996968] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.997852] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.998527] page dumped because: kasan: bad access detected [ 25.999163] [ 25.999389] Memory state around the buggy address: [ 26.000477] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.001142] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.001778] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.002273] ^ [ 26.003246] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.003746] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.004579] ================================================================== [ 26.090868] ================================================================== [ 26.091311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 26.091743] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.092341] [ 26.092642] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.093617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.094178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.094665] Call Trace: [ 26.094980] <TASK> [ 26.095297] dump_stack_lvl+0x73/0xb0 [ 26.095755] print_report+0xd1/0x640 [ 26.097343] ? __virt_addr_valid+0x1db/0x2d0 [ 26.097826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.100070] kasan_report+0x102/0x140 [ 26.100374] ? kasan_atomics_helper+0x151e/0x5450 [ 26.100886] ? kasan_atomics_helper+0x151e/0x5450 [ 26.101400] kasan_check_range+0x10c/0x1c0 [ 26.101857] __kasan_check_write+0x18/0x20 [ 26.102213] kasan_atomics_helper+0x151e/0x5450 [ 26.102584] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.103169] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.103694] ? trace_hardirqs_on+0x37/0xe0 [ 26.104564] ? kasan_atomics+0x153/0x310 [ 26.104938] kasan_atomics+0x1dd/0x310 [ 26.105281] ? __pfx_kasan_atomics+0x10/0x10 [ 26.105805] ? __pfx_kasan_atomics+0x10/0x10 [ 26.106303] kunit_try_run_case+0x1b3/0x490 [ 26.107370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.108417] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.109077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.109761] ? __kthread_parkme+0x82/0x160 [ 26.110249] ? preempt_count_sub+0x50/0x80 [ 26.110860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.111477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.112238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.112952] kthread+0x257/0x310 [ 26.113419] ? __pfx_kthread+0x10/0x10 [ 26.114001] ret_from_fork+0x41/0x80 [ 26.114540] ? __pfx_kthread+0x10/0x10 [ 26.115033] ret_from_fork_asm+0x1a/0x30 [ 26.115406] </TASK> [ 26.115755] [ 26.115929] Allocated by task 272: [ 26.116184] kasan_save_stack+0x3d/0x60 [ 26.116693] kasan_save_track+0x18/0x40 [ 26.117019] kasan_save_alloc_info+0x3b/0x50 [ 26.117548] __kasan_kmalloc+0xb7/0xc0 [ 26.117896] __kmalloc_cache_noprof+0x184/0x410 [ 26.118444] kasan_atomics+0x96/0x310 [ 26.118808] kunit_try_run_case+0x1b3/0x490 [ 26.119103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.119727] kthread+0x257/0x310 [ 26.120117] ret_from_fork+0x41/0x80 [ 26.120617] ret_from_fork_asm+0x1a/0x30 [ 26.121081] [ 26.121314] The buggy address belongs to the object at ffff8881028c7700 [ 26.121314] which belongs to the cache kmalloc-64 of size 64 [ 26.122005] The buggy address is located 0 bytes to the right of [ 26.122005] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.123164] [ 26.123402] The buggy address belongs to the physical page: [ 26.123964] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.124519] flags: 0x200000000000000(node=0|zone=2) [ 26.125085] page_type: f5(slab) [ 26.125361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.126023] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.126424] page dumped because: kasan: bad access detected [ 26.126810] [ 26.127043] Memory state around the buggy address: [ 26.127604] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.128251] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.128856] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.129439] ^ [ 26.129885] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.130428] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.130871] ================================================================== [ 26.051865] ================================================================== [ 26.052306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 26.053097] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.053428] [ 26.053618] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.054378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.054825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.055651] Call Trace: [ 26.056061] <TASK> [ 26.056375] dump_stack_lvl+0x73/0xb0 [ 26.056754] print_report+0xd1/0x640 [ 26.057222] ? __virt_addr_valid+0x1db/0x2d0 [ 26.057735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.058219] kasan_report+0x102/0x140 [ 26.058828] ? kasan_atomics_helper+0x50d6/0x5450 [ 26.059207] ? kasan_atomics_helper+0x50d6/0x5450 [ 26.059574] __asan_report_store8_noabort+0x1b/0x30 [ 26.059907] kasan_atomics_helper+0x50d6/0x5450 [ 26.060226] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.060731] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.061196] ? trace_hardirqs_on+0x37/0xe0 [ 26.061771] ? kasan_atomics+0x153/0x310 [ 26.062272] kasan_atomics+0x1dd/0x310 [ 26.062634] ? __pfx_kasan_atomics+0x10/0x10 [ 26.063119] ? __pfx_kasan_atomics+0x10/0x10 [ 26.063525] kunit_try_run_case+0x1b3/0x490 [ 26.064041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.064582] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.065121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.065535] ? __kthread_parkme+0x82/0x160 [ 26.066073] ? preempt_count_sub+0x50/0x80 [ 26.066586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.067074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.067533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.068132] kthread+0x257/0x310 [ 26.068456] ? __pfx_kthread+0x10/0x10 [ 26.069069] ret_from_fork+0x41/0x80 [ 26.069526] ? __pfx_kthread+0x10/0x10 [ 26.069957] ret_from_fork_asm+0x1a/0x30 [ 26.070326] </TASK> [ 26.070556] [ 26.070724] Allocated by task 272: [ 26.070963] kasan_save_stack+0x3d/0x60 [ 26.071446] kasan_save_track+0x18/0x40 [ 26.071909] kasan_save_alloc_info+0x3b/0x50 [ 26.072376] __kasan_kmalloc+0xb7/0xc0 [ 26.072810] __kmalloc_cache_noprof+0x184/0x410 [ 26.073423] kasan_atomics+0x96/0x310 [ 26.075123] kunit_try_run_case+0x1b3/0x490 [ 26.075530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.076064] kthread+0x257/0x310 [ 26.076451] ret_from_fork+0x41/0x80 [ 26.078868] ret_from_fork_asm+0x1a/0x30 [ 26.079187] [ 26.079347] The buggy address belongs to the object at ffff8881028c7700 [ 26.079347] which belongs to the cache kmalloc-64 of size 64 [ 26.080585] The buggy address is located 0 bytes to the right of [ 26.080585] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.081375] [ 26.081657] The buggy address belongs to the physical page: [ 26.082122] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.082630] flags: 0x200000000000000(node=0|zone=2) [ 26.083152] page_type: f5(slab) [ 26.083505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.083992] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.084382] page dumped because: kasan: bad access detected [ 26.084916] [ 26.085174] Memory state around the buggy address: [ 26.085814] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.086467] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.087364] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.088021] ^ [ 26.088557] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.088941] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.089589] ================================================================== [ 26.632542] ================================================================== [ 26.633232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 26.633963] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.634761] [ 26.635027] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.635985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.636407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.637182] Call Trace: [ 26.637524] <TASK> [ 26.637868] dump_stack_lvl+0x73/0xb0 [ 26.638447] print_report+0xd1/0x640 [ 26.638969] ? __virt_addr_valid+0x1db/0x2d0 [ 26.639452] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.639962] kasan_report+0x102/0x140 [ 26.640539] ? kasan_atomics_helper+0x1ce2/0x5450 [ 26.641161] ? kasan_atomics_helper+0x1ce2/0x5450 [ 26.641823] kasan_check_range+0x10c/0x1c0 [ 26.642315] __kasan_check_write+0x18/0x20 [ 26.642688] kasan_atomics_helper+0x1ce2/0x5450 [ 26.643258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.643957] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.644441] ? trace_hardirqs_on+0x37/0xe0 [ 26.645020] ? kasan_atomics+0x153/0x310 [ 26.645620] kasan_atomics+0x1dd/0x310 [ 26.645976] ? __pfx_kasan_atomics+0x10/0x10 [ 26.646303] ? __pfx_kasan_atomics+0x10/0x10 [ 26.646877] kunit_try_run_case+0x1b3/0x490 [ 26.647391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.648103] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.648769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.649451] ? __kthread_parkme+0x82/0x160 [ 26.650082] ? preempt_count_sub+0x50/0x80 [ 26.650773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.651374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.652272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.653048] kthread+0x257/0x310 [ 26.653615] ? __pfx_kthread+0x10/0x10 [ 26.654230] ret_from_fork+0x41/0x80 [ 26.654821] ? __pfx_kthread+0x10/0x10 [ 26.655449] ret_from_fork_asm+0x1a/0x30 [ 26.656064] </TASK> [ 26.656273] [ 26.656433] Allocated by task 272: [ 26.656950] kasan_save_stack+0x3d/0x60 [ 26.657426] kasan_save_track+0x18/0x40 [ 26.658126] kasan_save_alloc_info+0x3b/0x50 [ 26.658853] __kasan_kmalloc+0xb7/0xc0 [ 26.659314] __kmalloc_cache_noprof+0x184/0x410 [ 26.659945] kasan_atomics+0x96/0x310 [ 26.660460] kunit_try_run_case+0x1b3/0x490 [ 26.661144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.661896] kthread+0x257/0x310 [ 26.662380] ret_from_fork+0x41/0x80 [ 26.662963] ret_from_fork_asm+0x1a/0x30 [ 26.663626] [ 26.663956] The buggy address belongs to the object at ffff8881028c7700 [ 26.663956] which belongs to the cache kmalloc-64 of size 64 [ 26.665052] The buggy address is located 0 bytes to the right of [ 26.665052] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.665922] [ 26.666188] The buggy address belongs to the physical page: [ 26.666871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.667805] flags: 0x200000000000000(node=0|zone=2) [ 26.668477] page_type: f5(slab) [ 26.669072] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.669996] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.670904] page dumped because: kasan: bad access detected [ 26.671637] [ 26.671970] Memory state around the buggy address: [ 26.672568] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.673458] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.674280] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.674771] ^ [ 26.675059] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.675563] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.676236] ================================================================== [ 27.139446] ================================================================== [ 27.140415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 27.141066] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 27.141465] [ 27.141791] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.142518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.142954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.143413] Call Trace: [ 27.143710] <TASK> [ 27.144011] dump_stack_lvl+0x73/0xb0 [ 27.144450] print_report+0xd1/0x640 [ 27.144949] ? __virt_addr_valid+0x1db/0x2d0 [ 27.145462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.146067] kasan_report+0x102/0x140 [ 27.146629] ? kasan_atomics_helper+0x224d/0x5450 [ 27.147084] ? kasan_atomics_helper+0x224d/0x5450 [ 27.147722] kasan_check_range+0x10c/0x1c0 [ 27.148177] __kasan_check_write+0x18/0x20 [ 27.148652] kasan_atomics_helper+0x224d/0x5450 [ 27.149154] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.149511] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.150059] ? trace_hardirqs_on+0x37/0xe0 [ 27.150356] ? kasan_atomics+0x153/0x310 [ 27.150744] kasan_atomics+0x1dd/0x310 [ 27.151050] ? __pfx_kasan_atomics+0x10/0x10 [ 27.151361] ? __pfx_kasan_atomics+0x10/0x10 [ 27.151895] kunit_try_run_case+0x1b3/0x490 [ 27.152370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.152920] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.153410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.154001] ? __kthread_parkme+0x82/0x160 [ 27.154465] ? preempt_count_sub+0x50/0x80 [ 27.154990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.155525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.156161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.156705] kthread+0x257/0x310 [ 27.156979] ? __pfx_kthread+0x10/0x10 [ 27.157252] ret_from_fork+0x41/0x80 [ 27.157544] ? __pfx_kthread+0x10/0x10 [ 27.158019] ret_from_fork_asm+0x1a/0x30 [ 27.158517] </TASK> [ 27.158848] [ 27.159076] Allocated by task 272: [ 27.159435] kasan_save_stack+0x3d/0x60 [ 27.159928] kasan_save_track+0x18/0x40 [ 27.160355] kasan_save_alloc_info+0x3b/0x50 [ 27.160878] __kasan_kmalloc+0xb7/0xc0 [ 27.161265] __kmalloc_cache_noprof+0x184/0x410 [ 27.161631] kasan_atomics+0x96/0x310 [ 27.161910] kunit_try_run_case+0x1b3/0x490 [ 27.162207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.162716] kthread+0x257/0x310 [ 27.163072] ret_from_fork+0x41/0x80 [ 27.163498] ret_from_fork_asm+0x1a/0x30 [ 27.163972] [ 27.164202] The buggy address belongs to the object at ffff8881028c7700 [ 27.164202] which belongs to the cache kmalloc-64 of size 64 [ 27.165284] The buggy address is located 0 bytes to the right of [ 27.165284] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 27.166284] [ 27.166453] The buggy address belongs to the physical page: [ 27.166833] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 27.167242] flags: 0x200000000000000(node=0|zone=2) [ 27.167776] page_type: f5(slab) [ 27.168149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.168886] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.169561] page dumped because: kasan: bad access detected [ 27.170099] [ 27.170330] Memory state around the buggy address: [ 27.170847] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.171479] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.171924] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.172567] ^ [ 27.173078] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.173568] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.174097] ================================================================== [ 24.731116] ================================================================== [ 24.731783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 24.732139] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.732595] [ 24.733124] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.734579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.735003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.735915] Call Trace: [ 24.736140] <TASK> [ 24.736339] dump_stack_lvl+0x73/0xb0 [ 24.736838] print_report+0xd1/0x640 [ 24.737267] ? __virt_addr_valid+0x1db/0x2d0 [ 24.737856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.738452] kasan_report+0x102/0x140 [ 24.739015] ? kasan_atomics_helper+0x4b3c/0x5450 [ 24.739346] ? kasan_atomics_helper+0x4b3c/0x5450 [ 24.739701] __asan_report_store4_noabort+0x1b/0x30 [ 24.740022] kasan_atomics_helper+0x4b3c/0x5450 [ 24.740558] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.741127] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.741846] ? trace_hardirqs_on+0x37/0xe0 [ 24.742341] ? kasan_atomics+0x153/0x310 [ 24.742963] kasan_atomics+0x1dd/0x310 [ 24.743407] ? __pfx_kasan_atomics+0x10/0x10 [ 24.744050] ? __pfx_kasan_atomics+0x10/0x10 [ 24.744470] kunit_try_run_case+0x1b3/0x490 [ 24.745072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.746725] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.747377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.747806] ? __kthread_parkme+0x82/0x160 [ 24.748436] ? preempt_count_sub+0x50/0x80 [ 24.749052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.749670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.750136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.750731] kthread+0x257/0x310 [ 24.751132] ? __pfx_kthread+0x10/0x10 [ 24.751553] ret_from_fork+0x41/0x80 [ 24.752010] ? __pfx_kthread+0x10/0x10 [ 24.752625] ret_from_fork_asm+0x1a/0x30 [ 24.753224] </TASK> [ 24.753665] [ 24.754004] Allocated by task 272: [ 24.754511] kasan_save_stack+0x3d/0x60 [ 24.755085] kasan_save_track+0x18/0x40 [ 24.755687] kasan_save_alloc_info+0x3b/0x50 [ 24.755963] __kasan_kmalloc+0xb7/0xc0 [ 24.756626] __kmalloc_cache_noprof+0x184/0x410 [ 24.757222] kasan_atomics+0x96/0x310 [ 24.757719] kunit_try_run_case+0x1b3/0x490 [ 24.758223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.758873] kthread+0x257/0x310 [ 24.759314] ret_from_fork+0x41/0x80 [ 24.759711] ret_from_fork_asm+0x1a/0x30 [ 24.760263] [ 24.760549] The buggy address belongs to the object at ffff8881028c7700 [ 24.760549] which belongs to the cache kmalloc-64 of size 64 [ 24.761769] The buggy address is located 0 bytes to the right of [ 24.761769] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.762792] [ 24.763031] The buggy address belongs to the physical page: [ 24.763383] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.764036] flags: 0x200000000000000(node=0|zone=2) [ 24.764540] page_type: f5(slab) [ 24.764918] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.765415] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.766195] page dumped because: kasan: bad access detected [ 24.766719] [ 24.767024] Memory state around the buggy address: [ 24.767457] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.768270] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.768903] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.769694] ^ [ 24.770148] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.770947] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.771537] ================================================================== [ 26.308653] ================================================================== [ 26.309667] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 26.310515] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.311173] [ 26.311433] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.312084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.312411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.313264] Call Trace: [ 26.313663] <TASK> [ 26.314049] dump_stack_lvl+0x73/0xb0 [ 26.314622] print_report+0xd1/0x640 [ 26.315222] ? __virt_addr_valid+0x1db/0x2d0 [ 26.315874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.316706] kasan_report+0x102/0x140 [ 26.317236] ? kasan_atomics_helper+0x1819/0x5450 [ 26.317889] ? kasan_atomics_helper+0x1819/0x5450 [ 26.318462] kasan_check_range+0x10c/0x1c0 [ 26.318983] __kasan_check_write+0x18/0x20 [ 26.319433] kasan_atomics_helper+0x1819/0x5450 [ 26.320171] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.320787] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.321356] ? trace_hardirqs_on+0x37/0xe0 [ 26.321900] ? kasan_atomics+0x153/0x310 [ 26.322443] kasan_atomics+0x1dd/0x310 [ 26.322854] ? __pfx_kasan_atomics+0x10/0x10 [ 26.323434] ? __pfx_kasan_atomics+0x10/0x10 [ 26.324162] kunit_try_run_case+0x1b3/0x490 [ 26.324653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.325215] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.326009] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.326691] ? __kthread_parkme+0x82/0x160 [ 26.327213] ? preempt_count_sub+0x50/0x80 [ 26.327682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.328120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.328561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.328959] kthread+0x257/0x310 [ 26.329357] ? __pfx_kthread+0x10/0x10 [ 26.329879] ret_from_fork+0x41/0x80 [ 26.330255] ? __pfx_kthread+0x10/0x10 [ 26.330648] ret_from_fork_asm+0x1a/0x30 [ 26.331116] </TASK> [ 26.331407] [ 26.331651] Allocated by task 272: [ 26.331920] kasan_save_stack+0x3d/0x60 [ 26.332205] kasan_save_track+0x18/0x40 [ 26.332691] kasan_save_alloc_info+0x3b/0x50 [ 26.333146] __kasan_kmalloc+0xb7/0xc0 [ 26.333618] __kmalloc_cache_noprof+0x184/0x410 [ 26.334105] kasan_atomics+0x96/0x310 [ 26.334523] kunit_try_run_case+0x1b3/0x490 [ 26.334866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.335197] kthread+0x257/0x310 [ 26.335632] ret_from_fork+0x41/0x80 [ 26.336039] ret_from_fork_asm+0x1a/0x30 [ 26.336475] [ 26.336778] The buggy address belongs to the object at ffff8881028c7700 [ 26.336778] which belongs to the cache kmalloc-64 of size 64 [ 26.338630] The buggy address is located 0 bytes to the right of [ 26.338630] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.340083] [ 26.340324] The buggy address belongs to the physical page: [ 26.341375] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.342150] flags: 0x200000000000000(node=0|zone=2) [ 26.342635] page_type: f5(slab) [ 26.342973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.343404] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.344060] page dumped because: kasan: bad access detected [ 26.344705] [ 26.344885] Memory state around the buggy address: [ 26.345378] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.345845] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.346474] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.347152] ^ [ 26.347507] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.348153] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.348564] ================================================================== [ 25.645513] ================================================================== [ 25.646000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 25.647500] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.648128] [ 25.648321] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.649604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.649868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.651248] Call Trace: [ 25.651474] <TASK> [ 25.651711] dump_stack_lvl+0x73/0xb0 [ 25.652005] print_report+0xd1/0x640 [ 25.652295] ? __virt_addr_valid+0x1db/0x2d0 [ 25.653199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.653775] kasan_report+0x102/0x140 [ 25.654333] ? kasan_atomics_helper+0x1149/0x5450 [ 25.654944] ? kasan_atomics_helper+0x1149/0x5450 [ 25.655516] kasan_check_range+0x10c/0x1c0 [ 25.656026] __kasan_check_write+0x18/0x20 [ 25.656393] kasan_atomics_helper+0x1149/0x5450 [ 25.657026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.657421] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.658020] ? trace_hardirqs_on+0x37/0xe0 [ 25.658510] ? kasan_atomics+0x153/0x310 [ 25.658962] kasan_atomics+0x1dd/0x310 [ 25.659259] ? __pfx_kasan_atomics+0x10/0x10 [ 25.659647] ? __pfx_kasan_atomics+0x10/0x10 [ 25.660191] kunit_try_run_case+0x1b3/0x490 [ 25.660836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.661336] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.662015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.662445] ? __kthread_parkme+0x82/0x160 [ 25.663075] ? preempt_count_sub+0x50/0x80 [ 25.663520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.664030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.664629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.665385] kthread+0x257/0x310 [ 25.665778] ? __pfx_kthread+0x10/0x10 [ 25.666074] ret_from_fork+0x41/0x80 [ 25.666358] ? __pfx_kthread+0x10/0x10 [ 25.666766] ret_from_fork_asm+0x1a/0x30 [ 25.667381] </TASK> [ 25.667756] [ 25.667991] Allocated by task 272: [ 25.668389] kasan_save_stack+0x3d/0x60 [ 25.668931] kasan_save_track+0x18/0x40 [ 25.669357] kasan_save_alloc_info+0x3b/0x50 [ 25.669894] __kasan_kmalloc+0xb7/0xc0 [ 25.670291] __kmalloc_cache_noprof+0x184/0x410 [ 25.670620] kasan_atomics+0x96/0x310 [ 25.670893] kunit_try_run_case+0x1b3/0x490 [ 25.671397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.671975] kthread+0x257/0x310 [ 25.672397] ret_from_fork+0x41/0x80 [ 25.672973] ret_from_fork_asm+0x1a/0x30 [ 25.673350] [ 25.673596] The buggy address belongs to the object at ffff8881028c7700 [ 25.673596] which belongs to the cache kmalloc-64 of size 64 [ 25.674696] The buggy address is located 0 bytes to the right of [ 25.674696] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.675331] [ 25.675557] The buggy address belongs to the physical page: [ 25.676082] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.676922] flags: 0x200000000000000(node=0|zone=2) [ 25.677456] page_type: f5(slab) [ 25.677927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.678466] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.679163] page dumped because: kasan: bad access detected [ 25.679605] [ 25.679833] Memory state around the buggy address: [ 25.680200] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.680800] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.681519] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.682390] ^ [ 25.683170] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.683888] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.684852] ================================================================== [ 26.216790] ================================================================== [ 26.217639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 26.218304] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.219456] [ 26.219766] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.220636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.221047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.222930] Call Trace: [ 26.223200] <TASK> [ 26.223392] dump_stack_lvl+0x73/0xb0 [ 26.223902] print_report+0xd1/0x640 [ 26.224319] ? __virt_addr_valid+0x1db/0x2d0 [ 26.225318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.225876] kasan_report+0x102/0x140 [ 26.226276] ? kasan_atomics_helper+0x16e8/0x5450 [ 26.227214] ? kasan_atomics_helper+0x16e8/0x5450 [ 26.227634] kasan_check_range+0x10c/0x1c0 [ 26.228358] __kasan_check_write+0x18/0x20 [ 26.229265] kasan_atomics_helper+0x16e8/0x5450 [ 26.229698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.230401] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.230818] ? trace_hardirqs_on+0x37/0xe0 [ 26.231200] ? kasan_atomics+0x153/0x310 [ 26.231594] kasan_atomics+0x1dd/0x310 [ 26.232032] ? __pfx_kasan_atomics+0x10/0x10 [ 26.232392] ? __pfx_kasan_atomics+0x10/0x10 [ 26.233017] kunit_try_run_case+0x1b3/0x490 [ 26.234125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.235362] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.235867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.236338] ? __kthread_parkme+0x82/0x160 [ 26.237335] ? preempt_count_sub+0x50/0x80 [ 26.238031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.238633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.239347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.240070] kthread+0x257/0x310 [ 26.240467] ? __pfx_kthread+0x10/0x10 [ 26.240985] ret_from_fork+0x41/0x80 [ 26.241308] ? __pfx_kthread+0x10/0x10 [ 26.242404] ret_from_fork_asm+0x1a/0x30 [ 26.242823] </TASK> [ 26.243113] [ 26.243616] Allocated by task 272: [ 26.244245] kasan_save_stack+0x3d/0x60 [ 26.244671] kasan_save_track+0x18/0x40 [ 26.245044] kasan_save_alloc_info+0x3b/0x50 [ 26.245396] __kasan_kmalloc+0xb7/0xc0 [ 26.246753] __kmalloc_cache_noprof+0x184/0x410 [ 26.247304] kasan_atomics+0x96/0x310 [ 26.247739] kunit_try_run_case+0x1b3/0x490 [ 26.248604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.249107] kthread+0x257/0x310 [ 26.249426] ret_from_fork+0x41/0x80 [ 26.249794] ret_from_fork_asm+0x1a/0x30 [ 26.250181] [ 26.250359] The buggy address belongs to the object at ffff8881028c7700 [ 26.250359] which belongs to the cache kmalloc-64 of size 64 [ 26.252538] The buggy address is located 0 bytes to the right of [ 26.252538] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.253809] [ 26.253981] The buggy address belongs to the physical page: [ 26.255024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.255915] flags: 0x200000000000000(node=0|zone=2) [ 26.256335] page_type: f5(slab) [ 26.256720] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.257896] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.258637] page dumped because: kasan: bad access detected [ 26.259440] [ 26.259705] Memory state around the buggy address: [ 26.260413] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.260924] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.261531] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.262038] ^ [ 26.262439] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.263615] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264394] ================================================================== [ 26.943522] ================================================================== [ 26.944535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 26.945030] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.946557] [ 26.946795] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.947300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.947781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.948568] Call Trace: [ 26.948929] <TASK> [ 26.949214] dump_stack_lvl+0x73/0xb0 [ 26.949621] print_report+0xd1/0x640 [ 26.950060] ? __virt_addr_valid+0x1db/0x2d0 [ 26.950515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.951085] kasan_report+0x102/0x140 [ 26.951538] ? kasan_atomics_helper+0x4f9a/0x5450 [ 26.951930] ? kasan_atomics_helper+0x4f9a/0x5450 [ 26.952440] __asan_report_load8_noabort+0x18/0x20 [ 26.952847] kasan_atomics_helper+0x4f9a/0x5450 [ 26.953345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.953884] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.954382] ? trace_hardirqs_on+0x37/0xe0 [ 26.954840] ? kasan_atomics+0x153/0x310 [ 26.955317] kasan_atomics+0x1dd/0x310 [ 26.955744] ? __pfx_kasan_atomics+0x10/0x10 [ 26.956175] ? __pfx_kasan_atomics+0x10/0x10 [ 26.956698] kunit_try_run_case+0x1b3/0x490 [ 26.957169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.957522] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.958025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.958613] ? __kthread_parkme+0x82/0x160 [ 26.959017] ? preempt_count_sub+0x50/0x80 [ 26.959355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.959849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.960218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.961946] kthread+0x257/0x310 [ 26.962387] ? __pfx_kthread+0x10/0x10 [ 26.962896] ret_from_fork+0x41/0x80 [ 26.963337] ? __pfx_kthread+0x10/0x10 [ 26.963829] ret_from_fork_asm+0x1a/0x30 [ 26.964302] </TASK> [ 26.964650] [ 26.964885] Allocated by task 272: [ 26.965280] kasan_save_stack+0x3d/0x60 [ 26.965670] kasan_save_track+0x18/0x40 [ 26.965955] kasan_save_alloc_info+0x3b/0x50 [ 26.966259] __kasan_kmalloc+0xb7/0xc0 [ 26.966544] __kmalloc_cache_noprof+0x184/0x410 [ 26.967066] kasan_atomics+0x96/0x310 [ 26.967506] kunit_try_run_case+0x1b3/0x490 [ 26.968021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.968650] kthread+0x257/0x310 [ 26.969035] ret_from_fork+0x41/0x80 [ 26.969507] ret_from_fork_asm+0x1a/0x30 [ 26.969980] [ 26.970269] The buggy address belongs to the object at ffff8881028c7700 [ 26.970269] which belongs to the cache kmalloc-64 of size 64 [ 26.971182] The buggy address is located 0 bytes to the right of [ 26.971182] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.972085] [ 26.972335] The buggy address belongs to the physical page: [ 26.972789] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.973390] flags: 0x200000000000000(node=0|zone=2) [ 26.973966] page_type: f5(slab) [ 26.974357] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.975001] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.975659] page dumped because: kasan: bad access detected [ 26.976186] [ 26.976362] Memory state around the buggy address: [ 26.976923] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.977316] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.977763] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.978149] ^ [ 26.978438] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.979175] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.981424] ================================================================== [ 26.265634] ================================================================== [ 26.267100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 26.268221] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.269024] [ 26.269803] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.270633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.271162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.272018] Call Trace: [ 26.272153] <TASK> [ 26.272265] dump_stack_lvl+0x73/0xb0 [ 26.272432] print_report+0xd1/0x640 [ 26.272687] ? __virt_addr_valid+0x1db/0x2d0 [ 26.273234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.273810] kasan_report+0x102/0x140 [ 26.274241] ? kasan_atomics_helper+0x1780/0x5450 [ 26.274595] ? kasan_atomics_helper+0x1780/0x5450 [ 26.275113] kasan_check_range+0x10c/0x1c0 [ 26.275732] __kasan_check_write+0x18/0x20 [ 26.276276] kasan_atomics_helper+0x1780/0x5450 [ 26.276714] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.277043] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.277354] ? trace_hardirqs_on+0x37/0xe0 [ 26.277860] ? kasan_atomics+0x153/0x310 [ 26.278633] kasan_atomics+0x1dd/0x310 [ 26.279206] ? __pfx_kasan_atomics+0x10/0x10 [ 26.279778] ? __pfx_kasan_atomics+0x10/0x10 [ 26.280295] kunit_try_run_case+0x1b3/0x490 [ 26.280974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.281365] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.282011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.282453] ? __kthread_parkme+0x82/0x160 [ 26.283065] ? preempt_count_sub+0x50/0x80 [ 26.283458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.284098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.284660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.285190] kthread+0x257/0x310 [ 26.285761] ? __pfx_kthread+0x10/0x10 [ 26.286130] ret_from_fork+0x41/0x80 [ 26.286687] ? __pfx_kthread+0x10/0x10 [ 26.287104] ret_from_fork_asm+0x1a/0x30 [ 26.287614] </TASK> [ 26.287941] [ 26.288164] Allocated by task 272: [ 26.288422] kasan_save_stack+0x3d/0x60 [ 26.288897] kasan_save_track+0x18/0x40 [ 26.289425] kasan_save_alloc_info+0x3b/0x50 [ 26.289912] __kasan_kmalloc+0xb7/0xc0 [ 26.290204] __kmalloc_cache_noprof+0x184/0x410 [ 26.290518] kasan_atomics+0x96/0x310 [ 26.290976] kunit_try_run_case+0x1b3/0x490 [ 26.291658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.292271] kthread+0x257/0x310 [ 26.292672] ret_from_fork+0x41/0x80 [ 26.293220] ret_from_fork_asm+0x1a/0x30 [ 26.293699] [ 26.293932] The buggy address belongs to the object at ffff8881028c7700 [ 26.293932] which belongs to the cache kmalloc-64 of size 64 [ 26.294552] The buggy address is located 0 bytes to the right of [ 26.294552] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.295873] [ 26.296168] The buggy address belongs to the physical page: [ 26.296501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.297305] flags: 0x200000000000000(node=0|zone=2) [ 26.297979] page_type: f5(slab) [ 26.298424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.299164] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.299906] page dumped because: kasan: bad access detected [ 26.300330] [ 26.300681] Memory state around the buggy address: [ 26.301340] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.302618] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.303716] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.304120] ^ [ 26.304410] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.305149] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.306709] ================================================================== [ 26.133279] ================================================================== [ 26.134516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 26.135267] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.135992] [ 26.136294] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.137064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.137417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.138114] Call Trace: [ 26.138475] <TASK> [ 26.138840] dump_stack_lvl+0x73/0xb0 [ 26.139287] print_report+0xd1/0x640 [ 26.140293] ? __virt_addr_valid+0x1db/0x2d0 [ 26.140866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.141435] kasan_report+0x102/0x140 [ 26.141994] ? kasan_atomics_helper+0x15b7/0x5450 [ 26.142471] ? kasan_atomics_helper+0x15b7/0x5450 [ 26.143106] kasan_check_range+0x10c/0x1c0 [ 26.143542] __kasan_check_write+0x18/0x20 [ 26.144118] kasan_atomics_helper+0x15b7/0x5450 [ 26.144742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.145313] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.145860] ? trace_hardirqs_on+0x37/0xe0 [ 26.146284] ? kasan_atomics+0x153/0x310 [ 26.146837] kasan_atomics+0x1dd/0x310 [ 26.147190] ? __pfx_kasan_atomics+0x10/0x10 [ 26.147525] ? __pfx_kasan_atomics+0x10/0x10 [ 26.147857] kunit_try_run_case+0x1b3/0x490 [ 26.148245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.148864] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.149437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.150050] ? __kthread_parkme+0x82/0x160 [ 26.150696] ? preempt_count_sub+0x50/0x80 [ 26.151172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.151719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.152082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.152433] kthread+0x257/0x310 [ 26.153006] ? __pfx_kthread+0x10/0x10 [ 26.153619] ret_from_fork+0x41/0x80 [ 26.154121] ? __pfx_kthread+0x10/0x10 [ 26.154610] ret_from_fork_asm+0x1a/0x30 [ 26.155213] </TASK> [ 26.155547] [ 26.155819] Allocated by task 272: [ 26.156252] kasan_save_stack+0x3d/0x60 [ 26.156807] kasan_save_track+0x18/0x40 [ 26.157301] kasan_save_alloc_info+0x3b/0x50 [ 26.157841] __kasan_kmalloc+0xb7/0xc0 [ 26.158348] __kmalloc_cache_noprof+0x184/0x410 [ 26.158856] kasan_atomics+0x96/0x310 [ 26.159338] kunit_try_run_case+0x1b3/0x490 [ 26.159808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.160146] kthread+0x257/0x310 [ 26.160388] ret_from_fork+0x41/0x80 [ 26.160718] ret_from_fork_asm+0x1a/0x30 [ 26.160998] [ 26.161290] The buggy address belongs to the object at ffff8881028c7700 [ 26.161290] which belongs to the cache kmalloc-64 of size 64 [ 26.162564] The buggy address is located 0 bytes to the right of [ 26.162564] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.163776] [ 26.164064] The buggy address belongs to the physical page: [ 26.164632] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.165373] flags: 0x200000000000000(node=0|zone=2) [ 26.165967] page_type: f5(slab) [ 26.166419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.166935] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.167660] page dumped because: kasan: bad access detected [ 26.168305] [ 26.168561] Memory state around the buggy address: [ 26.169097] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.169556] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.170266] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.170998] ^ [ 26.171508] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.172100] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.172807] ================================================================== [ 24.440467] ================================================================== [ 24.441764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 24.442417] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.442954] [ 24.443208] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.443915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.444324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.445721] Call Trace: [ 24.446020] <TASK> [ 24.446249] dump_stack_lvl+0x73/0xb0 [ 24.446685] print_report+0xd1/0x640 [ 24.447055] ? __virt_addr_valid+0x1db/0x2d0 [ 24.447905] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.448508] kasan_report+0x102/0x140 [ 24.449035] ? kasan_atomics_helper+0x4bbe/0x5450 [ 24.449359] ? kasan_atomics_helper+0x4bbe/0x5450 [ 24.449878] __asan_report_load4_noabort+0x18/0x20 [ 24.450305] kasan_atomics_helper+0x4bbe/0x5450 [ 24.450838] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.451180] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.451680] ? trace_hardirqs_on+0x37/0xe0 [ 24.451995] ? kasan_atomics+0x153/0x310 [ 24.453010] kasan_atomics+0x1dd/0x310 [ 24.453455] ? __pfx_kasan_atomics+0x10/0x10 [ 24.453815] ? __pfx_kasan_atomics+0x10/0x10 [ 24.454323] kunit_try_run_case+0x1b3/0x490 [ 24.454877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.455399] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.455744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.456249] ? __kthread_parkme+0x82/0x160 [ 24.456727] ? preempt_count_sub+0x50/0x80 [ 24.457040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.457540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.458619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.459178] kthread+0x257/0x310 [ 24.459573] ? __pfx_kthread+0x10/0x10 [ 24.460333] ret_from_fork+0x41/0x80 [ 24.460649] ? __pfx_kthread+0x10/0x10 [ 24.461276] ret_from_fork_asm+0x1a/0x30 [ 24.461896] </TASK> [ 24.462189] [ 24.462369] Allocated by task 272: [ 24.463150] kasan_save_stack+0x3d/0x60 [ 24.464091] kasan_save_track+0x18/0x40 [ 24.464641] kasan_save_alloc_info+0x3b/0x50 [ 24.465046] __kasan_kmalloc+0xb7/0xc0 [ 24.465429] __kmalloc_cache_noprof+0x184/0x410 [ 24.466070] kasan_atomics+0x96/0x310 [ 24.466615] kunit_try_run_case+0x1b3/0x490 [ 24.466939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.467545] kthread+0x257/0x310 [ 24.468133] ret_from_fork+0x41/0x80 [ 24.468564] ret_from_fork_asm+0x1a/0x30 [ 24.469042] [ 24.469232] The buggy address belongs to the object at ffff8881028c7700 [ 24.469232] which belongs to the cache kmalloc-64 of size 64 [ 24.470345] The buggy address is located 0 bytes to the right of [ 24.470345] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.471615] [ 24.471790] The buggy address belongs to the physical page: [ 24.472652] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.473651] flags: 0x200000000000000(node=0|zone=2) [ 24.474164] page_type: f5(slab) [ 24.474549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.475341] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.476360] page dumped because: kasan: bad access detected [ 24.477011] [ 24.477175] Memory state around the buggy address: [ 24.477663] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.478313] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.478933] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.479559] ^ [ 24.480118] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.480513] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.480922] ================================================================== [ 25.870562] ================================================================== [ 25.871897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 25.872671] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.873728] [ 25.874038] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.874687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.874974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.875810] Call Trace: [ 25.876164] <TASK> [ 25.876517] dump_stack_lvl+0x73/0xb0 [ 25.877010] print_report+0xd1/0x640 [ 25.877469] ? __virt_addr_valid+0x1db/0x2d0 [ 25.877937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.878551] kasan_report+0x102/0x140 [ 25.879029] ? kasan_atomics_helper+0x49d0/0x5450 [ 25.879376] ? kasan_atomics_helper+0x49d0/0x5450 [ 25.879793] __asan_report_load4_noabort+0x18/0x20 [ 25.880351] kasan_atomics_helper+0x49d0/0x5450 [ 25.880926] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.881503] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.882081] ? trace_hardirqs_on+0x37/0xe0 [ 25.882517] ? kasan_atomics+0x153/0x310 [ 25.883032] kasan_atomics+0x1dd/0x310 [ 25.883534] ? __pfx_kasan_atomics+0x10/0x10 [ 25.883940] ? __pfx_kasan_atomics+0x10/0x10 [ 25.884470] kunit_try_run_case+0x1b3/0x490 [ 25.884961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.885335] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.885925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.886369] ? __kthread_parkme+0x82/0x160 [ 25.886750] ? preempt_count_sub+0x50/0x80 [ 25.887133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.887702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.888340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.888988] kthread+0x257/0x310 [ 25.889390] ? __pfx_kthread+0x10/0x10 [ 25.889748] ret_from_fork+0x41/0x80 [ 25.890030] ? __pfx_kthread+0x10/0x10 [ 25.890318] ret_from_fork_asm+0x1a/0x30 [ 25.890702] </TASK> [ 25.890908] [ 25.891065] Allocated by task 272: [ 25.891301] kasan_save_stack+0x3d/0x60 [ 25.891810] kasan_save_track+0x18/0x40 [ 25.892276] kasan_save_alloc_info+0x3b/0x50 [ 25.892810] __kasan_kmalloc+0xb7/0xc0 [ 25.893234] __kmalloc_cache_noprof+0x184/0x410 [ 25.893762] kasan_atomics+0x96/0x310 [ 25.894192] kunit_try_run_case+0x1b3/0x490 [ 25.894740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.895287] kthread+0x257/0x310 [ 25.895776] ret_from_fork+0x41/0x80 [ 25.896232] ret_from_fork_asm+0x1a/0x30 [ 25.896755] [ 25.896987] The buggy address belongs to the object at ffff8881028c7700 [ 25.896987] which belongs to the cache kmalloc-64 of size 64 [ 25.897937] The buggy address is located 0 bytes to the right of [ 25.897937] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.898630] [ 25.898807] The buggy address belongs to the physical page: [ 25.899374] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.900151] flags: 0x200000000000000(node=0|zone=2) [ 25.900747] page_type: f5(slab) [ 25.901125] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.901936] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.902682] page dumped because: kasan: bad access detected [ 25.903126] [ 25.903330] Memory state around the buggy address: [ 25.903903] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.904402] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.905047] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.905474] ^ [ 25.906033] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.906548] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.907164] ================================================================== [ 25.360722] ================================================================== [ 25.362818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 25.364292] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.365037] [ 25.365337] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.366037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.366463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.368124] Call Trace: [ 25.368449] <TASK> [ 25.368712] dump_stack_lvl+0x73/0xb0 [ 25.369121] print_report+0xd1/0x640 [ 25.370690] ? __virt_addr_valid+0x1db/0x2d0 [ 25.371148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.371539] kasan_report+0x102/0x140 [ 25.372020] ? kasan_atomics_helper+0xde1/0x5450 [ 25.372455] ? kasan_atomics_helper+0xde1/0x5450 [ 25.373977] kasan_check_range+0x10c/0x1c0 [ 25.374306] __kasan_check_write+0x18/0x20 [ 25.374862] kasan_atomics_helper+0xde1/0x5450 [ 25.375373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.376000] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.376537] ? trace_hardirqs_on+0x37/0xe0 [ 25.377043] ? kasan_atomics+0x153/0x310 [ 25.377477] kasan_atomics+0x1dd/0x310 [ 25.377925] ? __pfx_kasan_atomics+0x10/0x10 [ 25.378318] ? __pfx_kasan_atomics+0x10/0x10 [ 25.378923] kunit_try_run_case+0x1b3/0x490 [ 25.379404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.379961] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.380457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.381071] ? __kthread_parkme+0x82/0x160 [ 25.381553] ? preempt_count_sub+0x50/0x80 [ 25.382103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.382556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.382976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.383317] kthread+0x257/0x310 [ 25.383725] ? __pfx_kthread+0x10/0x10 [ 25.384215] ret_from_fork+0x41/0x80 [ 25.384776] ? __pfx_kthread+0x10/0x10 [ 25.385299] ret_from_fork_asm+0x1a/0x30 [ 25.385871] </TASK> [ 25.386215] [ 25.386437] Allocated by task 272: [ 25.386902] kasan_save_stack+0x3d/0x60 [ 25.387339] kasan_save_track+0x18/0x40 [ 25.387866] kasan_save_alloc_info+0x3b/0x50 [ 25.388331] __kasan_kmalloc+0xb7/0xc0 [ 25.388761] __kmalloc_cache_noprof+0x184/0x410 [ 25.389180] kasan_atomics+0x96/0x310 [ 25.389537] kunit_try_run_case+0x1b3/0x490 [ 25.390051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.390624] kthread+0x257/0x310 [ 25.391009] ret_from_fork+0x41/0x80 [ 25.391413] ret_from_fork_asm+0x1a/0x30 [ 25.391946] [ 25.392180] The buggy address belongs to the object at ffff8881028c7700 [ 25.392180] which belongs to the cache kmalloc-64 of size 64 [ 25.393112] The buggy address is located 0 bytes to the right of [ 25.393112] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.393994] [ 25.394279] The buggy address belongs to the physical page: [ 25.394925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.395702] flags: 0x200000000000000(node=0|zone=2) [ 25.396013] page_type: f5(slab) [ 25.396411] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.397171] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.397824] page dumped because: kasan: bad access detected [ 25.398247] [ 25.398498] Memory state around the buggy address: [ 25.398976] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.399355] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.399800] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.400168] ^ [ 25.400455] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.401213] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.401901] ================================================================== [ 24.528159] ================================================================== [ 24.528879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 24.529382] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.530142] [ 24.530401] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.531147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.531593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.532200] Call Trace: [ 24.532536] <TASK> [ 24.532867] dump_stack_lvl+0x73/0xb0 [ 24.533508] print_report+0xd1/0x640 [ 24.533865] ? __virt_addr_valid+0x1db/0x2d0 [ 24.534269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.535109] kasan_report+0x102/0x140 [ 24.535587] ? kasan_atomics_helper+0x4b8a/0x5450 [ 24.536146] ? kasan_atomics_helper+0x4b8a/0x5450 [ 24.536653] __asan_report_load4_noabort+0x18/0x20 [ 24.537147] kasan_atomics_helper+0x4b8a/0x5450 [ 24.537808] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.538335] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.538759] ? trace_hardirqs_on+0x37/0xe0 [ 24.539050] ? kasan_atomics+0x153/0x310 [ 24.539623] kasan_atomics+0x1dd/0x310 [ 24.540110] ? __pfx_kasan_atomics+0x10/0x10 [ 24.540623] ? __pfx_kasan_atomics+0x10/0x10 [ 24.541119] kunit_try_run_case+0x1b3/0x490 [ 24.541720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.542133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.542777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.543173] ? __kthread_parkme+0x82/0x160 [ 24.543690] ? preempt_count_sub+0x50/0x80 [ 24.544131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.544643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.545464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.546056] kthread+0x257/0x310 [ 24.546466] ? __pfx_kthread+0x10/0x10 [ 24.546934] ret_from_fork+0x41/0x80 [ 24.547213] ? __pfx_kthread+0x10/0x10 [ 24.547775] ret_from_fork_asm+0x1a/0x30 [ 24.548322] </TASK> [ 24.548726] [ 24.548950] Allocated by task 272: [ 24.549274] kasan_save_stack+0x3d/0x60 [ 24.549679] kasan_save_track+0x18/0x40 [ 24.550183] kasan_save_alloc_info+0x3b/0x50 [ 24.550664] __kasan_kmalloc+0xb7/0xc0 [ 24.551014] __kmalloc_cache_noprof+0x184/0x410 [ 24.551567] kasan_atomics+0x96/0x310 [ 24.552026] kunit_try_run_case+0x1b3/0x490 [ 24.552557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.553082] kthread+0x257/0x310 [ 24.553408] ret_from_fork+0x41/0x80 [ 24.554031] ret_from_fork_asm+0x1a/0x30 [ 24.554367] [ 24.554556] The buggy address belongs to the object at ffff8881028c7700 [ 24.554556] which belongs to the cache kmalloc-64 of size 64 [ 24.555116] The buggy address is located 0 bytes to the right of [ 24.555116] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.556104] [ 24.556342] The buggy address belongs to the physical page: [ 24.556928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.557688] flags: 0x200000000000000(node=0|zone=2) [ 24.558187] page_type: f5(slab) [ 24.558692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.559470] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.560176] page dumped because: kasan: bad access detected [ 24.560819] [ 24.560985] Memory state around the buggy address: [ 24.561258] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.561890] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.562738] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.563342] ^ [ 24.563702] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.564461] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.565157] ================================================================== [ 25.078820] ================================================================== [ 25.079421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 25.080356] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.081199] [ 25.082034] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.082722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.083161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.083800] Call Trace: [ 25.084368] <TASK> [ 25.084709] dump_stack_lvl+0x73/0xb0 [ 25.085177] print_report+0xd1/0x640 [ 25.085658] ? __virt_addr_valid+0x1db/0x2d0 [ 25.086144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.086632] kasan_report+0x102/0x140 [ 25.087073] ? kasan_atomics_helper+0x993/0x5450 [ 25.087534] ? kasan_atomics_helper+0x993/0x5450 [ 25.087983] kasan_check_range+0x10c/0x1c0 [ 25.088508] __kasan_check_write+0x18/0x20 [ 25.088967] kasan_atomics_helper+0x993/0x5450 [ 25.089459] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.090021] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.090549] ? trace_hardirqs_on+0x37/0xe0 [ 25.091037] ? kasan_atomics+0x153/0x310 [ 25.091515] kasan_atomics+0x1dd/0x310 [ 25.091966] ? __pfx_kasan_atomics+0x10/0x10 [ 25.092443] ? __pfx_kasan_atomics+0x10/0x10 [ 25.092890] kunit_try_run_case+0x1b3/0x490 [ 25.093350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.093882] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.094431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.095132] ? __kthread_parkme+0x82/0x160 [ 25.095671] ? preempt_count_sub+0x50/0x80 [ 25.096011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.096400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.097092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.097647] kthread+0x257/0x310 [ 25.098097] ? __pfx_kthread+0x10/0x10 [ 25.098450] ret_from_fork+0x41/0x80 [ 25.098995] ? __pfx_kthread+0x10/0x10 [ 25.099331] ret_from_fork_asm+0x1a/0x30 [ 25.099898] </TASK> [ 25.100161] [ 25.100387] Allocated by task 272: [ 25.100902] kasan_save_stack+0x3d/0x60 [ 25.101331] kasan_save_track+0x18/0x40 [ 25.101775] kasan_save_alloc_info+0x3b/0x50 [ 25.102380] __kasan_kmalloc+0xb7/0xc0 [ 25.102845] __kmalloc_cache_noprof+0x184/0x410 [ 25.103213] kasan_atomics+0x96/0x310 [ 25.103518] kunit_try_run_case+0x1b3/0x490 [ 25.103967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.104640] kthread+0x257/0x310 [ 25.105079] ret_from_fork+0x41/0x80 [ 25.105605] ret_from_fork_asm+0x1a/0x30 [ 25.106097] [ 25.106343] The buggy address belongs to the object at ffff8881028c7700 [ 25.106343] which belongs to the cache kmalloc-64 of size 64 [ 25.107279] The buggy address is located 0 bytes to the right of [ 25.107279] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.108291] [ 25.108467] The buggy address belongs to the physical page: [ 25.108953] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.109787] flags: 0x200000000000000(node=0|zone=2) [ 25.110344] page_type: f5(slab) [ 25.110787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.111270] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.111791] page dumped because: kasan: bad access detected [ 25.112183] [ 25.112427] Memory state around the buggy address: [ 25.112929] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.113606] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.114372] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.115195] ^ [ 25.115792] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.116438] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.117094] ================================================================== [ 25.516320] ================================================================== [ 25.517534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 25.518242] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.518711] [ 25.518904] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.519819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.520169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.520807] Call Trace: [ 25.521126] <TASK> [ 25.521372] dump_stack_lvl+0x73/0xb0 [ 25.521866] print_report+0xd1/0x640 [ 25.522197] ? __virt_addr_valid+0x1db/0x2d0 [ 25.522539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.523131] kasan_report+0x102/0x140 [ 25.523625] ? kasan_atomics_helper+0x4a38/0x5450 [ 25.524132] ? kasan_atomics_helper+0x4a38/0x5450 [ 25.524710] __asan_report_load4_noabort+0x18/0x20 [ 25.525058] kasan_atomics_helper+0x4a38/0x5450 [ 25.525424] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.525837] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.526174] ? trace_hardirqs_on+0x37/0xe0 [ 25.526470] ? kasan_atomics+0x153/0x310 [ 25.526999] kasan_atomics+0x1dd/0x310 [ 25.527439] ? __pfx_kasan_atomics+0x10/0x10 [ 25.527976] ? __pfx_kasan_atomics+0x10/0x10 [ 25.528459] kunit_try_run_case+0x1b3/0x490 [ 25.528996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.529606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.531051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.532535] ? __kthread_parkme+0x82/0x160 [ 25.533030] ? preempt_count_sub+0x50/0x80 [ 25.534635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.535157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.536628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.536948] kthread+0x257/0x310 [ 25.537194] ? __pfx_kthread+0x10/0x10 [ 25.537896] ret_from_fork+0x41/0x80 [ 25.538219] ? __pfx_kthread+0x10/0x10 [ 25.538525] ret_from_fork_asm+0x1a/0x30 [ 25.540036] </TASK> [ 25.540329] [ 25.541680] Allocated by task 272: [ 25.543842] kasan_save_stack+0x3d/0x60 [ 25.544275] kasan_save_track+0x18/0x40 [ 25.544770] kasan_save_alloc_info+0x3b/0x50 [ 25.545265] __kasan_kmalloc+0xb7/0xc0 [ 25.546808] __kmalloc_cache_noprof+0x184/0x410 [ 25.547193] kasan_atomics+0x96/0x310 [ 25.547681] kunit_try_run_case+0x1b3/0x490 [ 25.548168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.548678] kthread+0x257/0x310 [ 25.549090] ret_from_fork+0x41/0x80 [ 25.549560] ret_from_fork_asm+0x1a/0x30 [ 25.550095] [ 25.550354] The buggy address belongs to the object at ffff8881028c7700 [ 25.550354] which belongs to the cache kmalloc-64 of size 64 [ 25.551234] The buggy address is located 0 bytes to the right of [ 25.551234] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.552278] [ 25.552555] The buggy address belongs to the physical page: [ 25.553158] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.553979] flags: 0x200000000000000(node=0|zone=2) [ 25.554544] page_type: f5(slab) [ 25.554986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.556154] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.557685] page dumped because: kasan: bad access detected [ 25.558013] [ 25.558197] Memory state around the buggy address: [ 25.558561] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.559042] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.559898] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.560393] ^ [ 25.560928] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.561412] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.561975] ================================================================== [ 25.831508] ================================================================== [ 25.832041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 25.832610] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.833471] [ 25.834071] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.835641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.835980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.836746] Call Trace: [ 25.837021] <TASK> [ 25.837251] dump_stack_lvl+0x73/0xb0 [ 25.837519] print_report+0xd1/0x640 [ 25.837993] ? __virt_addr_valid+0x1db/0x2d0 [ 25.838450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.840097] kasan_report+0x102/0x140 [ 25.840428] ? kasan_atomics_helper+0x12e7/0x5450 [ 25.841326] ? kasan_atomics_helper+0x12e7/0x5450 [ 25.841953] kasan_check_range+0x10c/0x1c0 [ 25.842600] __kasan_check_write+0x18/0x20 [ 25.843186] kasan_atomics_helper+0x12e7/0x5450 [ 25.843819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.844083] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.844272] ? trace_hardirqs_on+0x37/0xe0 [ 25.844456] ? kasan_atomics+0x153/0x310 [ 25.844885] kasan_atomics+0x1dd/0x310 [ 25.845400] ? __pfx_kasan_atomics+0x10/0x10 [ 25.845986] ? __pfx_kasan_atomics+0x10/0x10 [ 25.846439] kunit_try_run_case+0x1b3/0x490 [ 25.847025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.847654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.848227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.848867] ? __kthread_parkme+0x82/0x160 [ 25.849162] ? preempt_count_sub+0x50/0x80 [ 25.849652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.850380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.850904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.851364] kthread+0x257/0x310 [ 25.851738] ? __pfx_kthread+0x10/0x10 [ 25.852140] ret_from_fork+0x41/0x80 [ 25.852637] ? __pfx_kthread+0x10/0x10 [ 25.853064] ret_from_fork_asm+0x1a/0x30 [ 25.853385] </TASK> [ 25.853733] [ 25.853993] Allocated by task 272: [ 25.854380] kasan_save_stack+0x3d/0x60 [ 25.854903] kasan_save_track+0x18/0x40 [ 25.855331] kasan_save_alloc_info+0x3b/0x50 [ 25.855774] __kasan_kmalloc+0xb7/0xc0 [ 25.856201] __kmalloc_cache_noprof+0x184/0x410 [ 25.856652] kasan_atomics+0x96/0x310 [ 25.857068] kunit_try_run_case+0x1b3/0x490 [ 25.857549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.857933] kthread+0x257/0x310 [ 25.858200] ret_from_fork+0x41/0x80 [ 25.858715] ret_from_fork_asm+0x1a/0x30 [ 25.859164] [ 25.859394] The buggy address belongs to the object at ffff8881028c7700 [ 25.859394] which belongs to the cache kmalloc-64 of size 64 [ 25.860464] The buggy address is located 0 bytes to the right of [ 25.860464] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.861364] [ 25.861660] The buggy address belongs to the physical page: [ 25.862182] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.862742] flags: 0x200000000000000(node=0|zone=2) [ 25.863276] page_type: f5(slab) [ 25.863746] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.864268] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.864871] page dumped because: kasan: bad access detected [ 25.865361] [ 25.865647] Memory state around the buggy address: [ 25.866064] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.866708] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.867306] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.867767] ^ [ 25.868067] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.868521] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.869200] ================================================================== [ 25.118604] ================================================================== [ 25.120078] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 25.121518] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.122073] [ 25.122341] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.123745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.124068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.124629] Call Trace: [ 25.124989] <TASK> [ 25.125342] dump_stack_lvl+0x73/0xb0 [ 25.125835] print_report+0xd1/0x640 [ 25.126284] ? __virt_addr_valid+0x1db/0x2d0 [ 25.126834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.127662] kasan_report+0x102/0x140 [ 25.128389] ? kasan_atomics_helper+0xa2c/0x5450 [ 25.129150] ? kasan_atomics_helper+0xa2c/0x5450 [ 25.129724] kasan_check_range+0x10c/0x1c0 [ 25.130217] __kasan_check_write+0x18/0x20 [ 25.130840] kasan_atomics_helper+0xa2c/0x5450 [ 25.131170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.131511] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.131834] ? trace_hardirqs_on+0x37/0xe0 [ 25.132122] ? kasan_atomics+0x153/0x310 [ 25.132411] kasan_atomics+0x1dd/0x310 [ 25.133512] ? __pfx_kasan_atomics+0x10/0x10 [ 25.134060] ? __pfx_kasan_atomics+0x10/0x10 [ 25.134759] kunit_try_run_case+0x1b3/0x490 [ 25.135357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.136029] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.136533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.137152] ? __kthread_parkme+0x82/0x160 [ 25.137664] ? preempt_count_sub+0x50/0x80 [ 25.138105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.138620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.139135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.139525] kthread+0x257/0x310 [ 25.139923] ? __pfx_kthread+0x10/0x10 [ 25.140425] ret_from_fork+0x41/0x80 [ 25.140963] ? __pfx_kthread+0x10/0x10 [ 25.141397] ret_from_fork_asm+0x1a/0x30 [ 25.141851] </TASK> [ 25.142070] [ 25.142229] Allocated by task 272: [ 25.142465] kasan_save_stack+0x3d/0x60 [ 25.143001] kasan_save_track+0x18/0x40 [ 25.143639] kasan_save_alloc_info+0x3b/0x50 [ 25.144186] __kasan_kmalloc+0xb7/0xc0 [ 25.144654] __kmalloc_cache_noprof+0x184/0x410 [ 25.145173] kasan_atomics+0x96/0x310 [ 25.145765] kunit_try_run_case+0x1b3/0x490 [ 25.146124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.146467] kthread+0x257/0x310 [ 25.146985] ret_from_fork+0x41/0x80 [ 25.147439] ret_from_fork_asm+0x1a/0x30 [ 25.147949] [ 25.148224] The buggy address belongs to the object at ffff8881028c7700 [ 25.148224] which belongs to the cache kmalloc-64 of size 64 [ 25.149391] The buggy address is located 0 bytes to the right of [ 25.149391] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.150173] [ 25.150404] The buggy address belongs to the physical page: [ 25.151086] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.151796] flags: 0x200000000000000(node=0|zone=2) [ 25.152444] page_type: f5(slab) [ 25.153015] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.156895] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.157500] page dumped because: kasan: bad access detected [ 25.158180] [ 25.158534] Memory state around the buggy address: [ 25.159969] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.160942] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.161478] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.162435] ^ [ 25.163303] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.163820] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.164725] ================================================================== [ 24.772817] ================================================================== [ 24.773792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 24.774552] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.775258] [ 24.775655] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.776289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.776618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.777457] Call Trace: [ 24.777920] <TASK> [ 24.778378] dump_stack_lvl+0x73/0xb0 [ 24.778895] print_report+0xd1/0x640 [ 24.779329] ? __virt_addr_valid+0x1db/0x2d0 [ 24.779721] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.780335] kasan_report+0x102/0x140 [ 24.780889] ? kasan_atomics_helper+0x566/0x5450 [ 24.781385] ? kasan_atomics_helper+0x566/0x5450 [ 24.781970] kasan_check_range+0x10c/0x1c0 [ 24.782450] __kasan_check_write+0x18/0x20 [ 24.782895] kasan_atomics_helper+0x566/0x5450 [ 24.783429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.784077] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.784621] ? trace_hardirqs_on+0x37/0xe0 [ 24.785095] ? kasan_atomics+0x153/0x310 [ 24.785611] kasan_atomics+0x1dd/0x310 [ 24.786134] ? __pfx_kasan_atomics+0x10/0x10 [ 24.786716] ? __pfx_kasan_atomics+0x10/0x10 [ 24.787202] kunit_try_run_case+0x1b3/0x490 [ 24.787731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.788248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.789196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.791385] ? __kthread_parkme+0x82/0x160 [ 24.791860] ? preempt_count_sub+0x50/0x80 [ 24.792979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.793358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.794274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.794705] kthread+0x257/0x310 [ 24.795338] ? __pfx_kthread+0x10/0x10 [ 24.795910] ret_from_fork+0x41/0x80 [ 24.796295] ? __pfx_kthread+0x10/0x10 [ 24.797281] ret_from_fork_asm+0x1a/0x30 [ 24.797978] </TASK> [ 24.798528] [ 24.798818] Allocated by task 272: [ 24.799093] kasan_save_stack+0x3d/0x60 [ 24.799882] kasan_save_track+0x18/0x40 [ 24.800500] kasan_save_alloc_info+0x3b/0x50 [ 24.801013] __kasan_kmalloc+0xb7/0xc0 [ 24.801385] __kmalloc_cache_noprof+0x184/0x410 [ 24.802258] kasan_atomics+0x96/0x310 [ 24.802922] kunit_try_run_case+0x1b3/0x490 [ 24.803314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.804160] kthread+0x257/0x310 [ 24.804782] ret_from_fork+0x41/0x80 [ 24.805361] ret_from_fork_asm+0x1a/0x30 [ 24.806165] [ 24.806338] The buggy address belongs to the object at ffff8881028c7700 [ 24.806338] which belongs to the cache kmalloc-64 of size 64 [ 24.807450] The buggy address is located 0 bytes to the right of [ 24.807450] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.808456] [ 24.809378] The buggy address belongs to the physical page: [ 24.809882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.810858] flags: 0x200000000000000(node=0|zone=2) [ 24.811440] page_type: f5(slab) [ 24.811862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.812506] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.813174] page dumped because: kasan: bad access detected [ 24.813883] [ 24.814251] Memory state around the buggy address: [ 24.814805] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.815355] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.816261] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.816896] ^ [ 24.817278] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.818292] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.818907] ================================================================== [ 27.061755] ================================================================== [ 27.062416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 27.063269] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 27.063980] [ 27.064236] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.064852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.065118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.065989] Call Trace: [ 27.066319] <TASK> [ 27.066670] dump_stack_lvl+0x73/0xb0 [ 27.067096] print_report+0xd1/0x640 [ 27.067401] ? __virt_addr_valid+0x1db/0x2d0 [ 27.067794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.068228] kasan_report+0x102/0x140 [ 27.068723] ? kasan_atomics_helper+0x218b/0x5450 [ 27.069214] ? kasan_atomics_helper+0x218b/0x5450 [ 27.069787] kasan_check_range+0x10c/0x1c0 [ 27.070264] __kasan_check_write+0x18/0x20 [ 27.070755] kasan_atomics_helper+0x218b/0x5450 [ 27.071144] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.071471] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.071905] ? trace_hardirqs_on+0x37/0xe0 [ 27.072338] ? kasan_atomics+0x153/0x310 [ 27.072863] kasan_atomics+0x1dd/0x310 [ 27.073300] ? __pfx_kasan_atomics+0x10/0x10 [ 27.073840] ? __pfx_kasan_atomics+0x10/0x10 [ 27.074329] kunit_try_run_case+0x1b3/0x490 [ 27.074721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.075041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.075632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.076138] ? __kthread_parkme+0x82/0x160 [ 27.076651] ? preempt_count_sub+0x50/0x80 [ 27.077093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.077412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.078054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.078658] kthread+0x257/0x310 [ 27.079046] ? __pfx_kthread+0x10/0x10 [ 27.079478] ret_from_fork+0x41/0x80 [ 27.079932] ? __pfx_kthread+0x10/0x10 [ 27.080220] ret_from_fork_asm+0x1a/0x30 [ 27.080553] </TASK> [ 27.080880] [ 27.081104] Allocated by task 272: [ 27.081469] kasan_save_stack+0x3d/0x60 [ 27.081952] kasan_save_track+0x18/0x40 [ 27.082334] kasan_save_alloc_info+0x3b/0x50 [ 27.082748] __kasan_kmalloc+0xb7/0xc0 [ 27.083024] __kmalloc_cache_noprof+0x184/0x410 [ 27.083324] kasan_atomics+0x96/0x310 [ 27.083786] kunit_try_run_case+0x1b3/0x490 [ 27.084231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.085196] kthread+0x257/0x310 [ 27.086051] ret_from_fork+0x41/0x80 [ 27.086464] ret_from_fork_asm+0x1a/0x30 [ 27.087612] [ 27.087852] The buggy address belongs to the object at ffff8881028c7700 [ 27.087852] which belongs to the cache kmalloc-64 of size 64 [ 27.088817] The buggy address is located 0 bytes to the right of [ 27.088817] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 27.090693] [ 27.090930] The buggy address belongs to the physical page: [ 27.091374] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 27.092961] flags: 0x200000000000000(node=0|zone=2) [ 27.093328] page_type: f5(slab) [ 27.093694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.094280] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.094888] page dumped because: kasan: bad access detected [ 27.095346] [ 27.095532] Memory state around the buggy address: [ 27.096039] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.096631] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.097017] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.097710] ^ [ 27.098195] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.098881] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.099268] ================================================================== [ 26.814807] ================================================================== [ 26.815356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 26.815728] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.816946] [ 26.817207] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.818006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.818422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.819972] Call Trace: [ 26.820637] <TASK> [ 26.820851] dump_stack_lvl+0x73/0xb0 [ 26.821111] print_report+0xd1/0x640 [ 26.821913] ? __virt_addr_valid+0x1db/0x2d0 [ 26.822266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.823088] kasan_report+0x102/0x140 [ 26.823628] ? kasan_atomics_helper+0x1f44/0x5450 [ 26.824140] ? kasan_atomics_helper+0x1f44/0x5450 [ 26.824573] kasan_check_range+0x10c/0x1c0 [ 26.825356] __kasan_check_write+0x18/0x20 [ 26.825802] kasan_atomics_helper+0x1f44/0x5450 [ 26.826518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.826969] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.827409] ? trace_hardirqs_on+0x37/0xe0 [ 26.827816] ? kasan_atomics+0x153/0x310 [ 26.828165] kasan_atomics+0x1dd/0x310 [ 26.829126] ? __pfx_kasan_atomics+0x10/0x10 [ 26.829431] ? __pfx_kasan_atomics+0x10/0x10 [ 26.830171] kunit_try_run_case+0x1b3/0x490 [ 26.830862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.831371] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.832007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.832619] ? __kthread_parkme+0x82/0x160 [ 26.832807] ? preempt_count_sub+0x50/0x80 [ 26.832971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.833143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.833343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.833615] kthread+0x257/0x310 [ 26.834756] ? __pfx_kthread+0x10/0x10 [ 26.835574] ret_from_fork+0x41/0x80 [ 26.836319] ? __pfx_kthread+0x10/0x10 [ 26.836687] ret_from_fork_asm+0x1a/0x30 [ 26.837022] </TASK> [ 26.837297] [ 26.837532] Allocated by task 272: [ 26.838028] kasan_save_stack+0x3d/0x60 [ 26.838341] kasan_save_track+0x18/0x40 [ 26.838776] kasan_save_alloc_info+0x3b/0x50 [ 26.839143] __kasan_kmalloc+0xb7/0xc0 [ 26.839429] __kmalloc_cache_noprof+0x184/0x410 [ 26.839911] kasan_atomics+0x96/0x310 [ 26.840200] kunit_try_run_case+0x1b3/0x490 [ 26.840650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.841060] kthread+0x257/0x310 [ 26.841439] ret_from_fork+0x41/0x80 [ 26.841824] ret_from_fork_asm+0x1a/0x30 [ 26.842121] [ 26.842289] The buggy address belongs to the object at ffff8881028c7700 [ 26.842289] which belongs to the cache kmalloc-64 of size 64 [ 26.843559] The buggy address is located 0 bytes to the right of [ 26.843559] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.844412] [ 26.844610] The buggy address belongs to the physical page: [ 26.844917] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.845791] flags: 0x200000000000000(node=0|zone=2) [ 26.846297] page_type: f5(slab) [ 26.846801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.847474] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.848364] page dumped because: kasan: bad access detected [ 26.848850] [ 26.849045] Memory state around the buggy address: [ 26.849334] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.849835] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.850609] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.851247] ^ [ 26.852934] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.853476] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.854140] ================================================================== [ 26.855545] ================================================================== [ 26.857611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 26.858265] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.858915] [ 26.859118] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.861432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.862156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.862999] Call Trace: [ 26.863263] <TASK> [ 26.863526] dump_stack_lvl+0x73/0xb0 [ 26.864040] print_report+0xd1/0x640 [ 26.864638] ? __virt_addr_valid+0x1db/0x2d0 [ 26.865347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.866065] kasan_report+0x102/0x140 [ 26.866686] ? kasan_atomics_helper+0x4f73/0x5450 [ 26.867313] ? kasan_atomics_helper+0x4f73/0x5450 [ 26.867726] __asan_report_load8_noabort+0x18/0x20 [ 26.868366] kasan_atomics_helper+0x4f73/0x5450 [ 26.868996] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.869461] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.869883] ? trace_hardirqs_on+0x37/0xe0 [ 26.870657] ? kasan_atomics+0x153/0x310 [ 26.871396] kasan_atomics+0x1dd/0x310 [ 26.871912] ? __pfx_kasan_atomics+0x10/0x10 [ 26.872361] ? __pfx_kasan_atomics+0x10/0x10 [ 26.873057] kunit_try_run_case+0x1b3/0x490 [ 26.873378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.873971] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.874569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.875202] ? __kthread_parkme+0x82/0x160 [ 26.875842] ? preempt_count_sub+0x50/0x80 [ 26.876126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.877030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.877622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.878289] kthread+0x257/0x310 [ 26.879312] ? __pfx_kthread+0x10/0x10 [ 26.880073] ret_from_fork+0x41/0x80 [ 26.880438] ? __pfx_kthread+0x10/0x10 [ 26.880695] ret_from_fork_asm+0x1a/0x30 [ 26.881428] </TASK> [ 26.882217] [ 26.882354] Allocated by task 272: [ 26.883108] kasan_save_stack+0x3d/0x60 [ 26.883515] kasan_save_track+0x18/0x40 [ 26.884224] kasan_save_alloc_info+0x3b/0x50 [ 26.885023] __kasan_kmalloc+0xb7/0xc0 [ 26.885948] __kmalloc_cache_noprof+0x184/0x410 [ 26.886438] kasan_atomics+0x96/0x310 [ 26.887289] kunit_try_run_case+0x1b3/0x490 [ 26.888052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.888401] kthread+0x257/0x310 [ 26.888790] ret_from_fork+0x41/0x80 [ 26.889172] ret_from_fork_asm+0x1a/0x30 [ 26.889555] [ 26.889834] The buggy address belongs to the object at ffff8881028c7700 [ 26.889834] which belongs to the cache kmalloc-64 of size 64 [ 26.891537] The buggy address is located 0 bytes to the right of [ 26.891537] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.892888] [ 26.893589] The buggy address belongs to the physical page: [ 26.893898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.894771] flags: 0x200000000000000(node=0|zone=2) [ 26.895320] page_type: f5(slab) [ 26.896214] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.897075] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.898115] page dumped because: kasan: bad access detected [ 26.898918] [ 26.899359] Memory state around the buggy address: [ 26.899847] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.900397] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.900986] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.901539] ^ [ 26.902071] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.902730] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.903133] ================================================================== [ 24.568431] ================================================================== [ 24.569001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 24.569394] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.570551] [ 24.570919] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.571915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.572418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.573202] Call Trace: [ 24.573653] <TASK> [ 24.573943] dump_stack_lvl+0x73/0xb0 [ 24.574356] print_report+0xd1/0x640 [ 24.574713] ? __virt_addr_valid+0x1db/0x2d0 [ 24.575272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.575985] kasan_report+0x102/0x140 [ 24.576502] ? kasan_atomics_helper+0x4b70/0x5450 [ 24.577112] ? kasan_atomics_helper+0x4b70/0x5450 [ 24.577734] __asan_report_store4_noabort+0x1b/0x30 [ 24.578288] kasan_atomics_helper+0x4b70/0x5450 [ 24.578888] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.579386] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.580001] ? trace_hardirqs_on+0x37/0xe0 [ 24.580419] ? kasan_atomics+0x153/0x310 [ 24.581015] kasan_atomics+0x1dd/0x310 [ 24.581500] ? __pfx_kasan_atomics+0x10/0x10 [ 24.582099] ? __pfx_kasan_atomics+0x10/0x10 [ 24.582550] kunit_try_run_case+0x1b3/0x490 [ 24.583078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.583637] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.584140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.584662] ? __kthread_parkme+0x82/0x160 [ 24.585190] ? preempt_count_sub+0x50/0x80 [ 24.585833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.586304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.586933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.587568] kthread+0x257/0x310 [ 24.588049] ? __pfx_kthread+0x10/0x10 [ 24.588399] ret_from_fork+0x41/0x80 [ 24.588934] ? __pfx_kthread+0x10/0x10 [ 24.589415] ret_from_fork_asm+0x1a/0x30 [ 24.589862] </TASK> [ 24.590256] [ 24.590527] Allocated by task 272: [ 24.590874] kasan_save_stack+0x3d/0x60 [ 24.591153] kasan_save_track+0x18/0x40 [ 24.591420] kasan_save_alloc_info+0x3b/0x50 [ 24.592024] __kasan_kmalloc+0xb7/0xc0 [ 24.592469] __kmalloc_cache_noprof+0x184/0x410 [ 24.593143] kasan_atomics+0x96/0x310 [ 24.593643] kunit_try_run_case+0x1b3/0x490 [ 24.594170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.594797] kthread+0x257/0x310 [ 24.595149] ret_from_fork+0x41/0x80 [ 24.595747] ret_from_fork_asm+0x1a/0x30 [ 24.596138] [ 24.596464] The buggy address belongs to the object at ffff8881028c7700 [ 24.596464] which belongs to the cache kmalloc-64 of size 64 [ 24.597372] The buggy address is located 0 bytes to the right of [ 24.597372] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.598569] [ 24.598860] The buggy address belongs to the physical page: [ 24.599188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.600075] flags: 0x200000000000000(node=0|zone=2) [ 24.600567] page_type: f5(slab) [ 24.601009] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.601698] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.602225] page dumped because: kasan: bad access detected [ 24.602840] [ 24.603140] Memory state around the buggy address: [ 24.603621] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.604082] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.604913] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.605675] ^ [ 24.606097] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.606806] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.607355] ================================================================== [ 26.176175] ================================================================== [ 26.176725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 26.177203] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.177958] [ 26.178279] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.179325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.179630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.180074] Call Trace: [ 26.180288] <TASK> [ 26.180473] dump_stack_lvl+0x73/0xb0 [ 26.181881] print_report+0xd1/0x640 [ 26.182392] ? __virt_addr_valid+0x1db/0x2d0 [ 26.183281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.184140] kasan_report+0x102/0x140 [ 26.184716] ? kasan_atomics_helper+0x1650/0x5450 [ 26.185355] ? kasan_atomics_helper+0x1650/0x5450 [ 26.186210] kasan_check_range+0x10c/0x1c0 [ 26.186746] __kasan_check_write+0x18/0x20 [ 26.187472] kasan_atomics_helper+0x1650/0x5450 [ 26.188013] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.188372] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.188979] ? trace_hardirqs_on+0x37/0xe0 [ 26.189297] ? kasan_atomics+0x153/0x310 [ 26.189850] kasan_atomics+0x1dd/0x310 [ 26.190375] ? __pfx_kasan_atomics+0x10/0x10 [ 26.190998] ? __pfx_kasan_atomics+0x10/0x10 [ 26.191554] kunit_try_run_case+0x1b3/0x490 [ 26.192105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.192705] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.193237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.193850] ? __kthread_parkme+0x82/0x160 [ 26.194199] ? preempt_count_sub+0x50/0x80 [ 26.194541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.195080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.195513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.196014] kthread+0x257/0x310 [ 26.196413] ? __pfx_kthread+0x10/0x10 [ 26.196867] ret_from_fork+0x41/0x80 [ 26.197274] ? __pfx_kthread+0x10/0x10 [ 26.197625] ret_from_fork_asm+0x1a/0x30 [ 26.198107] </TASK> [ 26.198402] [ 26.198655] Allocated by task 272: [ 26.198933] kasan_save_stack+0x3d/0x60 [ 26.199360] kasan_save_track+0x18/0x40 [ 26.199752] kasan_save_alloc_info+0x3b/0x50 [ 26.200184] __kasan_kmalloc+0xb7/0xc0 [ 26.200649] __kmalloc_cache_noprof+0x184/0x410 [ 26.201048] kasan_atomics+0x96/0x310 [ 26.201340] kunit_try_run_case+0x1b3/0x490 [ 26.201905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.202302] kthread+0x257/0x310 [ 26.203627] ret_from_fork+0x41/0x80 [ 26.204031] ret_from_fork_asm+0x1a/0x30 [ 26.204392] [ 26.204637] The buggy address belongs to the object at ffff8881028c7700 [ 26.204637] which belongs to the cache kmalloc-64 of size 64 [ 26.205443] The buggy address is located 0 bytes to the right of [ 26.205443] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.207512] [ 26.207751] The buggy address belongs to the physical page: [ 26.208187] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.208772] flags: 0x200000000000000(node=0|zone=2) [ 26.209232] page_type: f5(slab) [ 26.209916] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.210462] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.210942] page dumped because: kasan: bad access detected [ 26.211251] [ 26.211410] Memory state around the buggy address: [ 26.211953] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.212641] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.213142] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.213728] ^ [ 26.214022] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.214736] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.215399] ================================================================== [ 26.387768] ================================================================== [ 26.388422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 26.389165] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.389672] [ 26.389875] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.390447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.390942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.391790] Call Trace: [ 26.392108] <TASK> [ 26.392388] dump_stack_lvl+0x73/0xb0 [ 26.392892] print_report+0xd1/0x640 [ 26.393311] ? __virt_addr_valid+0x1db/0x2d0 [ 26.393834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.394253] kasan_report+0x102/0x140 [ 26.394743] ? kasan_atomics_helper+0x194b/0x5450 [ 26.395123] ? kasan_atomics_helper+0x194b/0x5450 [ 26.395705] kasan_check_range+0x10c/0x1c0 [ 26.396165] __kasan_check_write+0x18/0x20 [ 26.396511] kasan_atomics_helper+0x194b/0x5450 [ 26.397035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.397542] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.397923] ? trace_hardirqs_on+0x37/0xe0 [ 26.398387] ? kasan_atomics+0x153/0x310 [ 26.398818] kasan_atomics+0x1dd/0x310 [ 26.399122] ? __pfx_kasan_atomics+0x10/0x10 [ 26.399434] ? __pfx_kasan_atomics+0x10/0x10 [ 26.401581] kunit_try_run_case+0x1b3/0x490 [ 26.402088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.402612] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.403100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.404039] ? __kthread_parkme+0x82/0x160 [ 26.404763] ? preempt_count_sub+0x50/0x80 [ 26.405953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.406859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.408165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.408805] kthread+0x257/0x310 [ 26.409163] ? __pfx_kthread+0x10/0x10 [ 26.409610] ret_from_fork+0x41/0x80 [ 26.410073] ? __pfx_kthread+0x10/0x10 [ 26.410547] ret_from_fork_asm+0x1a/0x30 [ 26.411084] </TASK> [ 26.411364] [ 26.411553] Allocated by task 272: [ 26.411852] kasan_save_stack+0x3d/0x60 [ 26.412307] kasan_save_track+0x18/0x40 [ 26.412832] kasan_save_alloc_info+0x3b/0x50 [ 26.413299] __kasan_kmalloc+0xb7/0xc0 [ 26.413700] __kmalloc_cache_noprof+0x184/0x410 [ 26.414218] kasan_atomics+0x96/0x310 [ 26.414678] kunit_try_run_case+0x1b3/0x490 [ 26.414977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.415390] kthread+0x257/0x310 [ 26.415886] ret_from_fork+0x41/0x80 [ 26.416302] ret_from_fork_asm+0x1a/0x30 [ 26.416762] [ 26.416929] The buggy address belongs to the object at ffff8881028c7700 [ 26.416929] which belongs to the cache kmalloc-64 of size 64 [ 26.417885] The buggy address is located 0 bytes to the right of [ 26.417885] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.418943] [ 26.419118] The buggy address belongs to the physical page: [ 26.419527] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.420306] flags: 0x200000000000000(node=0|zone=2) [ 26.420857] page_type: f5(slab) [ 26.421231] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.421808] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.422322] page dumped because: kasan: bad access detected [ 26.422810] [ 26.423039] Memory state around the buggy address: [ 26.423526] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.424155] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.424558] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.425236] ^ [ 26.425786] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.426374] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.426818] ================================================================== [ 25.606373] ================================================================== [ 25.607569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 25.608109] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.608648] [ 25.608831] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.609788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.610111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.611023] Call Trace: [ 25.611283] <TASK> [ 25.611647] dump_stack_lvl+0x73/0xb0 [ 25.612008] print_report+0xd1/0x640 [ 25.612515] ? __virt_addr_valid+0x1db/0x2d0 [ 25.612941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.613381] kasan_report+0x102/0x140 [ 25.613981] ? kasan_atomics_helper+0x4a1e/0x5450 [ 25.614423] ? kasan_atomics_helper+0x4a1e/0x5450 [ 25.615079] __asan_report_load4_noabort+0x18/0x20 [ 25.615551] kasan_atomics_helper+0x4a1e/0x5450 [ 25.616133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.616704] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.617090] ? trace_hardirqs_on+0x37/0xe0 [ 25.617614] ? kasan_atomics+0x153/0x310 [ 25.618005] kasan_atomics+0x1dd/0x310 [ 25.618426] ? __pfx_kasan_atomics+0x10/0x10 [ 25.618889] ? __pfx_kasan_atomics+0x10/0x10 [ 25.619214] kunit_try_run_case+0x1b3/0x490 [ 25.621556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.622087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.622621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.622960] ? __kthread_parkme+0x82/0x160 [ 25.623809] ? preempt_count_sub+0x50/0x80 [ 25.625430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.625876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.626255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.626656] kthread+0x257/0x310 [ 25.627050] ? __pfx_kthread+0x10/0x10 [ 25.627469] ret_from_fork+0x41/0x80 [ 25.627914] ? __pfx_kthread+0x10/0x10 [ 25.628335] ret_from_fork_asm+0x1a/0x30 [ 25.628886] </TASK> [ 25.629092] [ 25.629249] Allocated by task 272: [ 25.629654] kasan_save_stack+0x3d/0x60 [ 25.630089] kasan_save_track+0x18/0x40 [ 25.630378] kasan_save_alloc_info+0x3b/0x50 [ 25.630981] __kasan_kmalloc+0xb7/0xc0 [ 25.631275] __kmalloc_cache_noprof+0x184/0x410 [ 25.631795] kasan_atomics+0x96/0x310 [ 25.632093] kunit_try_run_case+0x1b3/0x490 [ 25.632388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.632855] kthread+0x257/0x310 [ 25.633277] ret_from_fork+0x41/0x80 [ 25.633725] ret_from_fork_asm+0x1a/0x30 [ 25.634170] [ 25.634392] The buggy address belongs to the object at ffff8881028c7700 [ 25.634392] which belongs to the cache kmalloc-64 of size 64 [ 25.635582] The buggy address is located 0 bytes to the right of [ 25.635582] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.636405] [ 25.636602] The buggy address belongs to the physical page: [ 25.636909] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.637645] flags: 0x200000000000000(node=0|zone=2) [ 25.638134] page_type: f5(slab) [ 25.638522] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.639211] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.639630] page dumped because: kasan: bad access detected [ 25.639940] [ 25.640162] Memory state around the buggy address: [ 25.640619] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.641287] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.642153] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.642596] ^ [ 25.643117] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.643547] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.644172] ================================================================== [ 26.517328] ================================================================== [ 26.518100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 26.518766] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.519367] [ 26.519727] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.520380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.520886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.521551] Call Trace: [ 26.521828] <TASK> [ 26.522036] dump_stack_lvl+0x73/0xb0 [ 26.522686] print_report+0xd1/0x640 [ 26.523125] ? __virt_addr_valid+0x1db/0x2d0 [ 26.524439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.525046] kasan_report+0x102/0x140 [ 26.525620] ? kasan_atomics_helper+0x1b23/0x5450 [ 26.526135] ? kasan_atomics_helper+0x1b23/0x5450 [ 26.526551] kasan_check_range+0x10c/0x1c0 [ 26.526917] __kasan_check_write+0x18/0x20 [ 26.527408] kasan_atomics_helper+0x1b23/0x5450 [ 26.527976] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.528547] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.528939] ? trace_hardirqs_on+0x37/0xe0 [ 26.529444] ? kasan_atomics+0x153/0x310 [ 26.529925] kasan_atomics+0x1dd/0x310 [ 26.530406] ? __pfx_kasan_atomics+0x10/0x10 [ 26.530882] ? __pfx_kasan_atomics+0x10/0x10 [ 26.531207] kunit_try_run_case+0x1b3/0x490 [ 26.531759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.532264] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.532828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.533386] ? __kthread_parkme+0x82/0x160 [ 26.533900] ? preempt_count_sub+0x50/0x80 [ 26.534378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.534979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.535628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.536112] kthread+0x257/0x310 [ 26.536437] ? __pfx_kthread+0x10/0x10 [ 26.536964] ret_from_fork+0x41/0x80 [ 26.537290] ? __pfx_kthread+0x10/0x10 [ 26.537827] ret_from_fork_asm+0x1a/0x30 [ 26.538196] </TASK> [ 26.538533] [ 26.538806] Allocated by task 272: [ 26.539131] kasan_save_stack+0x3d/0x60 [ 26.539639] kasan_save_track+0x18/0x40 [ 26.539954] kasan_save_alloc_info+0x3b/0x50 [ 26.540459] __kasan_kmalloc+0xb7/0xc0 [ 26.540806] __kmalloc_cache_noprof+0x184/0x410 [ 26.541107] kasan_atomics+0x96/0x310 [ 26.541385] kunit_try_run_case+0x1b3/0x490 [ 26.541908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.542457] kthread+0x257/0x310 [ 26.542939] ret_from_fork+0x41/0x80 [ 26.543350] ret_from_fork_asm+0x1a/0x30 [ 26.543869] [ 26.544099] The buggy address belongs to the object at ffff8881028c7700 [ 26.544099] which belongs to the cache kmalloc-64 of size 64 [ 26.545056] The buggy address is located 0 bytes to the right of [ 26.545056] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.546030] [ 26.546314] The buggy address belongs to the physical page: [ 26.546926] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.547569] flags: 0x200000000000000(node=0|zone=2) [ 26.548101] page_type: f5(slab) [ 26.548531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.549140] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.549724] page dumped because: kasan: bad access detected [ 26.550143] [ 26.550417] Memory state around the buggy address: [ 26.550903] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.551521] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.552179] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.552734] ^ [ 26.553246] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.553916] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.554393] ================================================================== [ 24.866136] ================================================================== [ 24.866581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 24.867189] Write of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.867943] [ 24.868201] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.868987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.869249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.870091] Call Trace: [ 24.870537] <TASK> [ 24.870931] dump_stack_lvl+0x73/0xb0 [ 24.871568] print_report+0xd1/0x640 [ 24.872537] ? __virt_addr_valid+0x1db/0x2d0 [ 24.873057] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.873523] kasan_report+0x102/0x140 [ 24.873960] ? kasan_atomics_helper+0x698/0x5450 [ 24.874382] ? kasan_atomics_helper+0x698/0x5450 [ 24.875043] kasan_check_range+0x10c/0x1c0 [ 24.875458] __kasan_check_write+0x18/0x20 [ 24.875973] kasan_atomics_helper+0x698/0x5450 [ 24.876462] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.876834] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.877354] ? trace_hardirqs_on+0x37/0xe0 [ 24.877679] ? kasan_atomics+0x153/0x310 [ 24.878017] kasan_atomics+0x1dd/0x310 [ 24.878447] ? __pfx_kasan_atomics+0x10/0x10 [ 24.879129] ? __pfx_kasan_atomics+0x10/0x10 [ 24.879810] kunit_try_run_case+0x1b3/0x490 [ 24.880140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.880460] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.881102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.881882] ? __kthread_parkme+0x82/0x160 [ 24.882428] ? preempt_count_sub+0x50/0x80 [ 24.883004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.883447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.884067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.884420] kthread+0x257/0x310 [ 24.884897] ? __pfx_kthread+0x10/0x10 [ 24.885307] ret_from_fork+0x41/0x80 [ 24.885861] ? __pfx_kthread+0x10/0x10 [ 24.886450] ret_from_fork_asm+0x1a/0x30 [ 24.887045] </TASK> [ 24.887401] [ 24.887653] Allocated by task 272: [ 24.888069] kasan_save_stack+0x3d/0x60 [ 24.888437] kasan_save_track+0x18/0x40 [ 24.888966] kasan_save_alloc_info+0x3b/0x50 [ 24.889435] __kasan_kmalloc+0xb7/0xc0 [ 24.889990] __kmalloc_cache_noprof+0x184/0x410 [ 24.890513] kasan_atomics+0x96/0x310 [ 24.890947] kunit_try_run_case+0x1b3/0x490 [ 24.891403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.892158] kthread+0x257/0x310 [ 24.892564] ret_from_fork+0x41/0x80 [ 24.892999] ret_from_fork_asm+0x1a/0x30 [ 24.893530] [ 24.893807] The buggy address belongs to the object at ffff8881028c7700 [ 24.893807] which belongs to the cache kmalloc-64 of size 64 [ 24.894891] The buggy address is located 0 bytes to the right of [ 24.894891] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.895511] [ 24.895805] The buggy address belongs to the physical page: [ 24.896373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.897288] flags: 0x200000000000000(node=0|zone=2) [ 24.897898] page_type: f5(slab) [ 24.898185] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.898613] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.899004] page dumped because: kasan: bad access detected [ 24.899601] [ 24.899877] Memory state around the buggy address: [ 24.900328] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.901131] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.901860] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.902332] ^ [ 24.902800] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.903539] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.904296] ================================================================== [ 26.982563] ================================================================== [ 26.984446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 26.985154] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.985868] [ 26.986132] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.986783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.987210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.987952] Call Trace: [ 26.988257] <TASK> [ 26.988542] dump_stack_lvl+0x73/0xb0 [ 26.988929] print_report+0xd1/0x640 [ 26.989219] ? __virt_addr_valid+0x1db/0x2d0 [ 26.989759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.990309] kasan_report+0x102/0x140 [ 26.990811] ? kasan_atomics_helper+0x20c9/0x5450 [ 26.991220] ? kasan_atomics_helper+0x20c9/0x5450 [ 26.992552] kasan_check_range+0x10c/0x1c0 [ 26.993072] __kasan_check_write+0x18/0x20 [ 26.993983] kasan_atomics_helper+0x20c9/0x5450 [ 26.994685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.995270] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.995843] ? trace_hardirqs_on+0x37/0xe0 [ 26.996258] ? kasan_atomics+0x153/0x310 [ 26.996662] kasan_atomics+0x1dd/0x310 [ 26.997085] ? __pfx_kasan_atomics+0x10/0x10 [ 26.997661] ? __pfx_kasan_atomics+0x10/0x10 [ 26.998173] kunit_try_run_case+0x1b3/0x490 [ 26.998640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.999012] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.999469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.000049] ? __kthread_parkme+0x82/0x160 [ 27.000395] ? preempt_count_sub+0x50/0x80 [ 27.000918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.001367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.001944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.002455] kthread+0x257/0x310 [ 27.002800] ? __pfx_kthread+0x10/0x10 [ 27.003229] ret_from_fork+0x41/0x80 [ 27.003725] ? __pfx_kthread+0x10/0x10 [ 27.004134] ret_from_fork_asm+0x1a/0x30 [ 27.004655] </TASK> [ 27.004943] [ 27.005160] Allocated by task 272: [ 27.005473] kasan_save_stack+0x3d/0x60 [ 27.005898] kasan_save_track+0x18/0x40 [ 27.006188] kasan_save_alloc_info+0x3b/0x50 [ 27.006509] __kasan_kmalloc+0xb7/0xc0 [ 27.006973] __kmalloc_cache_noprof+0x184/0x410 [ 27.007441] kasan_atomics+0x96/0x310 [ 27.007906] kunit_try_run_case+0x1b3/0x490 [ 27.008362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.008955] kthread+0x257/0x310 [ 27.009287] ret_from_fork+0x41/0x80 [ 27.009750] ret_from_fork_asm+0x1a/0x30 [ 27.010071] [ 27.010299] The buggy address belongs to the object at ffff8881028c7700 [ 27.010299] which belongs to the cache kmalloc-64 of size 64 [ 27.011123] The buggy address is located 0 bytes to the right of [ 27.011123] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 27.011910] [ 27.012129] The buggy address belongs to the physical page: [ 27.012688] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 27.013375] flags: 0x200000000000000(node=0|zone=2) [ 27.013917] page_type: f5(slab) [ 27.014182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.014854] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.015277] page dumped because: kasan: bad access detected [ 27.015853] [ 27.016081] Memory state around the buggy address: [ 27.016553] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.017095] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.017782] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.018219] ^ [ 27.018528] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.019193] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.019873] ================================================================== [ 27.175782] ================================================================== [ 27.176478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 27.177980] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 27.178566] [ 27.180792] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.181531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.181988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.182683] Call Trace: [ 27.182906] <TASK> [ 27.183106] dump_stack_lvl+0x73/0xb0 [ 27.183406] print_report+0xd1/0x640 [ 27.183888] ? __virt_addr_valid+0x1db/0x2d0 [ 27.184374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.184993] kasan_report+0x102/0x140 [ 27.185453] ? kasan_atomics_helper+0x5117/0x5450 [ 27.186015] ? kasan_atomics_helper+0x5117/0x5450 [ 27.186371] __asan_report_load8_noabort+0x18/0x20 [ 27.186932] kasan_atomics_helper+0x5117/0x5450 [ 27.187420] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.187997] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.188415] ? trace_hardirqs_on+0x37/0xe0 [ 27.188791] ? kasan_atomics+0x153/0x310 [ 27.189097] kasan_atomics+0x1dd/0x310 [ 27.189525] ? __pfx_kasan_atomics+0x10/0x10 [ 27.190037] ? __pfx_kasan_atomics+0x10/0x10 [ 27.190540] kunit_try_run_case+0x1b3/0x490 [ 27.191056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.191560] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.192088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.192423] ? __kthread_parkme+0x82/0x160 [ 27.192796] ? preempt_count_sub+0x50/0x80 [ 27.193106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.193423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.194085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.194704] kthread+0x257/0x310 [ 27.195105] ? __pfx_kthread+0x10/0x10 [ 27.195627] ret_from_fork+0x41/0x80 [ 27.196059] ? __pfx_kthread+0x10/0x10 [ 27.196500] ret_from_fork_asm+0x1a/0x30 [ 27.197001] </TASK> [ 27.197289] [ 27.197528] Allocated by task 272: [ 27.197941] kasan_save_stack+0x3d/0x60 [ 27.198371] kasan_save_track+0x18/0x40 [ 27.198849] kasan_save_alloc_info+0x3b/0x50 [ 27.199160] __kasan_kmalloc+0xb7/0xc0 [ 27.199628] __kmalloc_cache_noprof+0x184/0x410 [ 27.199995] kasan_atomics+0x96/0x310 [ 27.200409] kunit_try_run_case+0x1b3/0x490 [ 27.200820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.201224] kthread+0x257/0x310 [ 27.201646] ret_from_fork+0x41/0x80 [ 27.202024] ret_from_fork_asm+0x1a/0x30 [ 27.202465] [ 27.202737] The buggy address belongs to the object at ffff8881028c7700 [ 27.202737] which belongs to the cache kmalloc-64 of size 64 [ 27.203605] The buggy address is located 0 bytes to the right of [ 27.203605] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 27.204286] [ 27.204535] The buggy address belongs to the physical page: [ 27.205089] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 27.205873] flags: 0x200000000000000(node=0|zone=2) [ 27.206306] page_type: f5(slab) [ 27.206619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.207259] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.207968] page dumped because: kasan: bad access detected [ 27.208380] [ 27.210630] Memory state around the buggy address: [ 27.211105] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.211764] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.212368] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.214768] ^ [ 27.215230] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.215983] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.217666] ================================================================== [ 26.767698] ================================================================== [ 26.768085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 26.769836] Write of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.770317] [ 26.770535] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.772170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.772686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.772965] Call Trace: [ 26.773081] <TASK> [ 26.773188] dump_stack_lvl+0x73/0xb0 [ 26.773347] print_report+0xd1/0x640 [ 26.774303] ? __virt_addr_valid+0x1db/0x2d0 [ 26.775175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.775883] kasan_report+0x102/0x140 [ 26.776387] ? kasan_atomics_helper+0x1eab/0x5450 [ 26.777060] ? kasan_atomics_helper+0x1eab/0x5450 [ 26.777673] kasan_check_range+0x10c/0x1c0 [ 26.778207] __kasan_check_write+0x18/0x20 [ 26.778614] kasan_atomics_helper+0x1eab/0x5450 [ 26.779109] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.779652] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.780140] ? trace_hardirqs_on+0x37/0xe0 [ 26.781116] ? kasan_atomics+0x153/0x310 [ 26.781540] kasan_atomics+0x1dd/0x310 [ 26.782334] ? __pfx_kasan_atomics+0x10/0x10 [ 26.782928] ? __pfx_kasan_atomics+0x10/0x10 [ 26.783338] kunit_try_run_case+0x1b3/0x490 [ 26.783879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.784268] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.785755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.786216] ? __kthread_parkme+0x82/0x160 [ 26.786854] ? preempt_count_sub+0x50/0x80 [ 26.787515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.788154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.789182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.789844] kthread+0x257/0x310 [ 26.790153] ? __pfx_kthread+0x10/0x10 [ 26.790594] ret_from_fork+0x41/0x80 [ 26.791055] ? __pfx_kthread+0x10/0x10 [ 26.791376] ret_from_fork_asm+0x1a/0x30 [ 26.792379] </TASK> [ 26.792841] [ 26.793256] Allocated by task 272: [ 26.793620] kasan_save_stack+0x3d/0x60 [ 26.794277] kasan_save_track+0x18/0x40 [ 26.794721] kasan_save_alloc_info+0x3b/0x50 [ 26.795393] __kasan_kmalloc+0xb7/0xc0 [ 26.796036] __kmalloc_cache_noprof+0x184/0x410 [ 26.796636] kasan_atomics+0x96/0x310 [ 26.797036] kunit_try_run_case+0x1b3/0x490 [ 26.797407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.797959] kthread+0x257/0x310 [ 26.798279] ret_from_fork+0x41/0x80 [ 26.799272] ret_from_fork_asm+0x1a/0x30 [ 26.799587] [ 26.800265] The buggy address belongs to the object at ffff8881028c7700 [ 26.800265] which belongs to the cache kmalloc-64 of size 64 [ 26.801569] The buggy address is located 0 bytes to the right of [ 26.801569] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.802588] [ 26.802812] The buggy address belongs to the physical page: [ 26.803294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.804371] flags: 0x200000000000000(node=0|zone=2) [ 26.805168] page_type: f5(slab) [ 26.805636] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.806473] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.807013] page dumped because: kasan: bad access detected [ 26.807463] [ 26.808194] Memory state around the buggy address: [ 26.808671] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.809377] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.810232] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.811057] ^ [ 26.811461] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.812458] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.813125] ================================================================== [ 24.652897] ================================================================== [ 24.653647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 24.654321] Read of size 4 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 24.654749] [ 24.655000] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.655900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.656318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.657010] Call Trace: [ 24.657248] <TASK> [ 24.657676] dump_stack_lvl+0x73/0xb0 [ 24.658068] print_report+0xd1/0x640 [ 24.658502] ? __virt_addr_valid+0x1db/0x2d0 [ 24.658886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.659378] kasan_report+0x102/0x140 [ 24.659738] ? kasan_atomics_helper+0x4b56/0x5450 [ 24.660062] ? kasan_atomics_helper+0x4b56/0x5450 [ 24.660619] __asan_report_load4_noabort+0x18/0x20 [ 24.661123] kasan_atomics_helper+0x4b56/0x5450 [ 24.661671] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.662192] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.662640] ? trace_hardirqs_on+0x37/0xe0 [ 24.662934] ? kasan_atomics+0x153/0x310 [ 24.663375] kasan_atomics+0x1dd/0x310 [ 24.663881] ? __pfx_kasan_atomics+0x10/0x10 [ 24.664349] ? __pfx_kasan_atomics+0x10/0x10 [ 24.664791] kunit_try_run_case+0x1b3/0x490 [ 24.665182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.665786] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.666201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.666625] ? __kthread_parkme+0x82/0x160 [ 24.667085] ? preempt_count_sub+0x50/0x80 [ 24.667462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.668016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.668396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.669005] kthread+0x257/0x310 [ 24.669396] ? __pfx_kthread+0x10/0x10 [ 24.669804] ret_from_fork+0x41/0x80 [ 24.670177] ? __pfx_kthread+0x10/0x10 [ 24.670467] ret_from_fork_asm+0x1a/0x30 [ 24.670852] </TASK> [ 24.671048] [ 24.671264] Allocated by task 272: [ 24.671692] kasan_save_stack+0x3d/0x60 [ 24.672122] kasan_save_track+0x18/0x40 [ 24.672555] kasan_save_alloc_info+0x3b/0x50 [ 24.673055] __kasan_kmalloc+0xb7/0xc0 [ 24.673464] __kmalloc_cache_noprof+0x184/0x410 [ 24.673977] kasan_atomics+0x96/0x310 [ 24.674386] kunit_try_run_case+0x1b3/0x490 [ 24.674891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.675372] kthread+0x257/0x310 [ 24.675697] ret_from_fork+0x41/0x80 [ 24.675968] ret_from_fork_asm+0x1a/0x30 [ 24.676242] [ 24.676401] The buggy address belongs to the object at ffff8881028c7700 [ 24.676401] which belongs to the cache kmalloc-64 of size 64 [ 24.677472] The buggy address is located 0 bytes to the right of [ 24.677472] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 24.678630] [ 24.678858] The buggy address belongs to the physical page: [ 24.679366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 24.680034] flags: 0x200000000000000(node=0|zone=2) [ 24.680525] page_type: f5(slab) [ 24.680827] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.681403] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.681857] page dumped because: kasan: bad access detected [ 24.682171] [ 24.682386] Memory state around the buggy address: [ 24.682893] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.683522] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.684183] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.684859] ^ [ 24.685358] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.685973] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.686383] ================================================================== [ 26.592863] ================================================================== [ 26.593657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 26.594358] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 26.595207] [ 26.595540] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.596180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.596442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.597228] Call Trace: [ 26.597642] <TASK> [ 26.597990] dump_stack_lvl+0x73/0xb0 [ 26.598444] print_report+0xd1/0x640 [ 26.598977] ? __virt_addr_valid+0x1db/0x2d0 [ 26.599476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.600007] kasan_report+0x102/0x140 [ 26.600383] ? kasan_atomics_helper+0x4f32/0x5450 [ 26.600978] ? kasan_atomics_helper+0x4f32/0x5450 [ 26.601524] __asan_report_load8_noabort+0x18/0x20 [ 26.602108] kasan_atomics_helper+0x4f32/0x5450 [ 26.602671] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.603179] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.603822] ? trace_hardirqs_on+0x37/0xe0 [ 26.604165] ? kasan_atomics+0x153/0x310 [ 26.604540] kasan_atomics+0x1dd/0x310 [ 26.605097] ? __pfx_kasan_atomics+0x10/0x10 [ 26.605663] ? __pfx_kasan_atomics+0x10/0x10 [ 26.606161] kunit_try_run_case+0x1b3/0x490 [ 26.606472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.607154] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.607779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.608379] ? __kthread_parkme+0x82/0x160 [ 26.608910] ? preempt_count_sub+0x50/0x80 [ 26.609441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.609995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.610384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.610806] kthread+0x257/0x310 [ 26.611272] ? __pfx_kthread+0x10/0x10 [ 26.611908] ret_from_fork+0x41/0x80 [ 26.612334] ? __pfx_kthread+0x10/0x10 [ 26.612904] ret_from_fork_asm+0x1a/0x30 [ 26.613437] </TASK> [ 26.613856] [ 26.614146] Allocated by task 272: [ 26.614554] kasan_save_stack+0x3d/0x60 [ 26.615114] kasan_save_track+0x18/0x40 [ 26.615699] kasan_save_alloc_info+0x3b/0x50 [ 26.616092] __kasan_kmalloc+0xb7/0xc0 [ 26.616431] __kmalloc_cache_noprof+0x184/0x410 [ 26.617044] kasan_atomics+0x96/0x310 [ 26.617475] kunit_try_run_case+0x1b3/0x490 [ 26.618002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.618564] kthread+0x257/0x310 [ 26.619068] ret_from_fork+0x41/0x80 [ 26.619459] ret_from_fork_asm+0x1a/0x30 [ 26.619950] [ 26.620204] The buggy address belongs to the object at ffff8881028c7700 [ 26.620204] which belongs to the cache kmalloc-64 of size 64 [ 26.621156] The buggy address is located 0 bytes to the right of [ 26.621156] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 26.622197] [ 26.622402] The buggy address belongs to the physical page: [ 26.623043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 26.623667] flags: 0x200000000000000(node=0|zone=2) [ 26.624218] page_type: f5(slab) [ 26.624724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.625403] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.625998] page dumped because: kasan: bad access detected [ 26.626673] [ 26.626946] Memory state around the buggy address: [ 26.627242] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.627825] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.628502] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.629158] ^ [ 26.629702] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.630426] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.631068] ================================================================== [ 25.908863] ================================================================== [ 25.910365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 25.910934] Read of size 8 at addr ffff8881028c7730 by task kunit_try_catch/272 [ 25.911327] [ 25.911542] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.912156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.912647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.913423] Call Trace: [ 25.913822] <TASK> [ 25.914164] dump_stack_lvl+0x73/0xb0 [ 25.914700] print_report+0xd1/0x640 [ 25.915141] ? __virt_addr_valid+0x1db/0x2d0 [ 25.915714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.916233] kasan_report+0x102/0x140 [ 25.916882] ? kasan_atomics_helper+0x13b6/0x5450 [ 25.917225] ? kasan_atomics_helper+0x13b6/0x5450 [ 25.918702] kasan_check_range+0x10c/0x1c0 [ 25.919249] __kasan_check_read+0x15/0x20 [ 25.919740] kasan_atomics_helper+0x13b6/0x5450 [ 25.920243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.921369] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.921988] ? trace_hardirqs_on+0x37/0xe0 [ 25.922446] ? kasan_atomics+0x153/0x310 [ 25.922995] kasan_atomics+0x1dd/0x310 [ 25.923439] ? __pfx_kasan_atomics+0x10/0x10 [ 25.925941] ? __pfx_kasan_atomics+0x10/0x10 [ 25.926324] kunit_try_run_case+0x1b3/0x490 [ 25.926834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.927278] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.928165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.928912] ? __kthread_parkme+0x82/0x160 [ 25.929443] ? preempt_count_sub+0x50/0x80 [ 25.930066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.930663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.931406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.932141] kthread+0x257/0x310 [ 25.932992] ? __pfx_kthread+0x10/0x10 [ 25.933392] ret_from_fork+0x41/0x80 [ 25.933846] ? __pfx_kthread+0x10/0x10 [ 25.934723] ret_from_fork_asm+0x1a/0x30 [ 25.935396] </TASK> [ 25.935870] [ 25.936012] Allocated by task 272: [ 25.936575] kasan_save_stack+0x3d/0x60 [ 25.937143] kasan_save_track+0x18/0x40 [ 25.937591] kasan_save_alloc_info+0x3b/0x50 [ 25.938510] __kasan_kmalloc+0xb7/0xc0 [ 25.939114] __kmalloc_cache_noprof+0x184/0x410 [ 25.939409] kasan_atomics+0x96/0x310 [ 25.939820] kunit_try_run_case+0x1b3/0x490 [ 25.940690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.941031] kthread+0x257/0x310 [ 25.941522] ret_from_fork+0x41/0x80 [ 25.942055] ret_from_fork_asm+0x1a/0x30 [ 25.942610] [ 25.942881] The buggy address belongs to the object at ffff8881028c7700 [ 25.942881] which belongs to the cache kmalloc-64 of size 64 [ 25.944228] The buggy address is located 0 bytes to the right of [ 25.944228] allocated 48-byte region [ffff8881028c7700, ffff8881028c7730) [ 25.945640] [ 25.945930] The buggy address belongs to the physical page: [ 25.946654] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c7 [ 25.947520] flags: 0x200000000000000(node=0|zone=2) [ 25.948343] page_type: f5(slab) [ 25.948713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.949657] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.950269] page dumped because: kasan: bad access detected [ 25.950886] [ 25.951053] Memory state around the buggy address: [ 25.951728] ffff8881028c7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.952653] ffff8881028c7680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.953553] >ffff8881028c7700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.954203] ^ [ 25.954964] ffff8881028c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.955450] ffff8881028c7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.956388] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 24.293921] ================================================================== [ 24.295130] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 24.296073] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.296826] [ 24.297083] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.298065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.298536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.299274] Call Trace: [ 24.299544] <TASK> [ 24.299914] dump_stack_lvl+0x73/0xb0 [ 24.300326] print_report+0xd1/0x640 [ 24.300808] ? __virt_addr_valid+0x1db/0x2d0 [ 24.301318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.301814] kasan_report+0x102/0x140 [ 24.302256] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 24.302763] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 24.303163] kasan_check_range+0x10c/0x1c0 [ 24.303690] __kasan_check_write+0x18/0x20 [ 24.304190] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 24.304857] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.305622] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.306169] ? trace_hardirqs_on+0x37/0xe0 [ 24.306641] ? kasan_bitops_generic+0x93/0x1c0 [ 24.306973] kasan_bitops_generic+0x122/0x1c0 [ 24.307479] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.308079] ? __pfx_read_tsc+0x10/0x10 [ 24.308447] ? ktime_get_ts64+0x84/0x230 [ 24.309004] kunit_try_run_case+0x1b3/0x490 [ 24.309501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.309947] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.310413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.310959] ? __kthread_parkme+0x82/0x160 [ 24.311411] ? preempt_count_sub+0x50/0x80 [ 24.311973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.312347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.312950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.313513] kthread+0x257/0x310 [ 24.313952] ? __pfx_kthread+0x10/0x10 [ 24.314390] ret_from_fork+0x41/0x80 [ 24.314781] ? __pfx_kthread+0x10/0x10 [ 24.315067] ret_from_fork_asm+0x1a/0x30 [ 24.315678] </TASK> [ 24.315961] [ 24.316181] Allocated by task 268: [ 24.316554] kasan_save_stack+0x3d/0x60 [ 24.317021] kasan_save_track+0x18/0x40 [ 24.317289] kasan_save_alloc_info+0x3b/0x50 [ 24.317647] __kasan_kmalloc+0xb7/0xc0 [ 24.317923] __kmalloc_cache_noprof+0x184/0x410 [ 24.318228] kasan_bitops_generic+0x93/0x1c0 [ 24.318539] kunit_try_run_case+0x1b3/0x490 [ 24.319053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.319669] kthread+0x257/0x310 [ 24.320050] ret_from_fork+0x41/0x80 [ 24.320449] ret_from_fork_asm+0x1a/0x30 [ 24.321266] [ 24.321508] The buggy address belongs to the object at ffff8881028a7080 [ 24.321508] which belongs to the cache kmalloc-16 of size 16 [ 24.324334] The buggy address is located 8 bytes inside of [ 24.324334] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.325443] [ 24.326568] The buggy address belongs to the physical page: [ 24.327008] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.327658] flags: 0x200000000000000(node=0|zone=2) [ 24.328181] page_type: f5(slab) [ 24.328452] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.329122] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.329816] page dumped because: kasan: bad access detected [ 24.330263] [ 24.330541] Memory state around the buggy address: [ 24.330923] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.331453] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.332060] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.332523] ^ [ 24.332976] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.333663] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.334141] ================================================================== [ 24.250994] ================================================================== [ 24.251689] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 24.252469] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.254065] [ 24.254305] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.254956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.255403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.255986] Call Trace: [ 24.256208] <TASK> [ 24.256414] dump_stack_lvl+0x73/0xb0 [ 24.256920] print_report+0xd1/0x640 [ 24.257341] ? __virt_addr_valid+0x1db/0x2d0 [ 24.257917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.258503] kasan_report+0x102/0x140 [ 24.260252] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 24.261033] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 24.261613] kasan_check_range+0x10c/0x1c0 [ 24.262074] __kasan_check_write+0x18/0x20 [ 24.262527] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 24.263184] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.263672] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.264193] ? trace_hardirqs_on+0x37/0xe0 [ 24.264669] ? kasan_bitops_generic+0x93/0x1c0 [ 24.265166] kasan_bitops_generic+0x122/0x1c0 [ 24.265709] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.266172] ? __pfx_read_tsc+0x10/0x10 [ 24.266632] ? ktime_get_ts64+0x84/0x230 [ 24.267123] kunit_try_run_case+0x1b3/0x490 [ 24.267635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.267957] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.268279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.268748] ? __kthread_parkme+0x82/0x160 [ 24.269250] ? preempt_count_sub+0x50/0x80 [ 24.269768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.270270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.270935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.271504] kthread+0x257/0x310 [ 24.271973] ? __pfx_kthread+0x10/0x10 [ 24.272404] ret_from_fork+0x41/0x80 [ 24.272899] ? __pfx_kthread+0x10/0x10 [ 24.273187] ret_from_fork_asm+0x1a/0x30 [ 24.273533] </TASK> [ 24.273894] [ 24.274169] Allocated by task 268: [ 24.274557] kasan_save_stack+0x3d/0x60 [ 24.275043] kasan_save_track+0x18/0x40 [ 24.275470] kasan_save_alloc_info+0x3b/0x50 [ 24.275987] __kasan_kmalloc+0xb7/0xc0 [ 24.276442] __kmalloc_cache_noprof+0x184/0x410 [ 24.276911] kasan_bitops_generic+0x93/0x1c0 [ 24.277207] kunit_try_run_case+0x1b3/0x490 [ 24.277517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.277893] kthread+0x257/0x310 [ 24.278155] ret_from_fork+0x41/0x80 [ 24.278661] ret_from_fork_asm+0x1a/0x30 [ 24.279096] [ 24.279317] The buggy address belongs to the object at ffff8881028a7080 [ 24.279317] which belongs to the cache kmalloc-16 of size 16 [ 24.280391] The buggy address is located 8 bytes inside of [ 24.280391] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.281511] [ 24.281789] The buggy address belongs to the physical page: [ 24.282229] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.282964] flags: 0x200000000000000(node=0|zone=2) [ 24.283503] page_type: f5(slab) [ 24.283797] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.284187] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.284654] page dumped because: kasan: bad access detected [ 24.285162] [ 24.285430] Memory state around the buggy address: [ 24.285958] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.286729] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.287403] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.288096] ^ [ 24.288747] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.290249] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.291232] ================================================================== [ 24.083937] ================================================================== [ 24.085282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 24.085854] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.086299] [ 24.086555] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.087442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.087928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.088406] Call Trace: [ 24.088783] <TASK> [ 24.089072] dump_stack_lvl+0x73/0xb0 [ 24.089507] print_report+0xd1/0x640 [ 24.089891] ? __virt_addr_valid+0x1db/0x2d0 [ 24.090282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.090863] kasan_report+0x102/0x140 [ 24.091276] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 24.093157] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 24.093585] kasan_check_range+0x10c/0x1c0 [ 24.094052] __kasan_check_write+0x18/0x20 [ 24.095521] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 24.096323] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.097126] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.097924] ? trace_hardirqs_on+0x37/0xe0 [ 24.098567] ? kasan_bitops_generic+0x93/0x1c0 [ 24.099224] kasan_bitops_generic+0x122/0x1c0 [ 24.099964] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.100563] ? __pfx_read_tsc+0x10/0x10 [ 24.101260] ? ktime_get_ts64+0x84/0x230 [ 24.101658] kunit_try_run_case+0x1b3/0x490 [ 24.102056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.102466] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.103425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.104126] ? __kthread_parkme+0x82/0x160 [ 24.104793] ? preempt_count_sub+0x50/0x80 [ 24.105103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.105873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.106405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.107344] kthread+0x257/0x310 [ 24.107996] ? __pfx_kthread+0x10/0x10 [ 24.108533] ret_from_fork+0x41/0x80 [ 24.109149] ? __pfx_kthread+0x10/0x10 [ 24.109501] ret_from_fork_asm+0x1a/0x30 [ 24.110111] </TASK> [ 24.110403] [ 24.110976] Allocated by task 268: [ 24.111326] kasan_save_stack+0x3d/0x60 [ 24.112158] kasan_save_track+0x18/0x40 [ 24.112536] kasan_save_alloc_info+0x3b/0x50 [ 24.113172] __kasan_kmalloc+0xb7/0xc0 [ 24.113609] __kmalloc_cache_noprof+0x184/0x410 [ 24.114215] kasan_bitops_generic+0x93/0x1c0 [ 24.114672] kunit_try_run_case+0x1b3/0x490 [ 24.115346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.115669] kthread+0x257/0x310 [ 24.116343] ret_from_fork+0x41/0x80 [ 24.116823] ret_from_fork_asm+0x1a/0x30 [ 24.117192] [ 24.117418] The buggy address belongs to the object at ffff8881028a7080 [ 24.117418] which belongs to the cache kmalloc-16 of size 16 [ 24.118148] The buggy address is located 8 bytes inside of [ 24.118148] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.119241] [ 24.119506] The buggy address belongs to the physical page: [ 24.119865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.120443] flags: 0x200000000000000(node=0|zone=2) [ 24.120931] page_type: f5(slab) [ 24.121392] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.122024] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.122416] page dumped because: kasan: bad access detected [ 24.122946] [ 24.123237] Memory state around the buggy address: [ 24.123664] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.124178] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.124979] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.125419] ^ [ 24.125832] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.126400] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.126789] ================================================================== [ 24.041734] ================================================================== [ 24.042325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 24.044531] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.045172] [ 24.045428] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.046259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.046633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.047216] Call Trace: [ 24.047551] <TASK> [ 24.048399] dump_stack_lvl+0x73/0xb0 [ 24.048957] print_report+0xd1/0x640 [ 24.049389] ? __virt_addr_valid+0x1db/0x2d0 [ 24.049940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.050472] kasan_report+0x102/0x140 [ 24.050760] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 24.051414] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 24.052015] kasan_check_range+0x10c/0x1c0 [ 24.052509] __kasan_check_write+0x18/0x20 [ 24.052817] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 24.053508] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.054121] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.054657] ? trace_hardirqs_on+0x37/0xe0 [ 24.055017] ? kasan_bitops_generic+0x93/0x1c0 [ 24.055579] kasan_bitops_generic+0x122/0x1c0 [ 24.056107] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.056442] ? __pfx_read_tsc+0x10/0x10 [ 24.056959] ? ktime_get_ts64+0x84/0x230 [ 24.057408] kunit_try_run_case+0x1b3/0x490 [ 24.058080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.058423] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.058937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.059652] ? __kthread_parkme+0x82/0x160 [ 24.060031] ? preempt_count_sub+0x50/0x80 [ 24.060335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.060678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.061275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.061956] kthread+0x257/0x310 [ 24.062366] ? __pfx_kthread+0x10/0x10 [ 24.062926] ret_from_fork+0x41/0x80 [ 24.063345] ? __pfx_kthread+0x10/0x10 [ 24.063787] ret_from_fork_asm+0x1a/0x30 [ 24.064292] </TASK> [ 24.064599] [ 24.064768] Allocated by task 268: [ 24.065146] kasan_save_stack+0x3d/0x60 [ 24.065578] kasan_save_track+0x18/0x40 [ 24.066011] kasan_save_alloc_info+0x3b/0x50 [ 24.066317] __kasan_kmalloc+0xb7/0xc0 [ 24.066651] __kmalloc_cache_noprof+0x184/0x410 [ 24.067117] kasan_bitops_generic+0x93/0x1c0 [ 24.067646] kunit_try_run_case+0x1b3/0x490 [ 24.068136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.068545] kthread+0x257/0x310 [ 24.068799] ret_from_fork+0x41/0x80 [ 24.069054] ret_from_fork_asm+0x1a/0x30 [ 24.069469] [ 24.069806] The buggy address belongs to the object at ffff8881028a7080 [ 24.069806] which belongs to the cache kmalloc-16 of size 16 [ 24.072126] The buggy address is located 8 bytes inside of [ 24.072126] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.072996] [ 24.073223] The buggy address belongs to the physical page: [ 24.073914] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.075716] flags: 0x200000000000000(node=0|zone=2) [ 24.076458] page_type: f5(slab) [ 24.076935] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.077408] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.077958] page dumped because: kasan: bad access detected [ 24.078423] [ 24.078731] Memory state around the buggy address: [ 24.079094] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.079781] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.080225] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.080786] ^ [ 24.081025] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.081682] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.082239] ================================================================== [ 24.172900] ================================================================== [ 24.173352] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 24.174919] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.175884] [ 24.176205] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.177562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.177979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.178830] Call Trace: [ 24.179052] <TASK> [ 24.179324] dump_stack_lvl+0x73/0xb0 [ 24.179787] print_report+0xd1/0x640 [ 24.180197] ? __virt_addr_valid+0x1db/0x2d0 [ 24.180551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.181163] kasan_report+0x102/0x140 [ 24.181465] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 24.182078] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 24.182676] kasan_check_range+0x10c/0x1c0 [ 24.183142] __kasan_check_write+0x18/0x20 [ 24.183553] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 24.184189] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.184693] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.185179] ? trace_hardirqs_on+0x37/0xe0 [ 24.185608] ? kasan_bitops_generic+0x93/0x1c0 [ 24.186100] kasan_bitops_generic+0x122/0x1c0 [ 24.186620] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.187043] ? __pfx_read_tsc+0x10/0x10 [ 24.187323] ? ktime_get_ts64+0x84/0x230 [ 24.187833] kunit_try_run_case+0x1b3/0x490 [ 24.188298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.188843] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.189235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.189652] ? __kthread_parkme+0x82/0x160 [ 24.190114] ? preempt_count_sub+0x50/0x80 [ 24.190559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.190984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.191529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.191922] kthread+0x257/0x310 [ 24.192191] ? __pfx_kthread+0x10/0x10 [ 24.192673] ret_from_fork+0x41/0x80 [ 24.193081] ? __pfx_kthread+0x10/0x10 [ 24.193524] ret_from_fork_asm+0x1a/0x30 [ 24.194025] </TASK> [ 24.194309] [ 24.194546] Allocated by task 268: [ 24.194950] kasan_save_stack+0x3d/0x60 [ 24.195395] kasan_save_track+0x18/0x40 [ 24.196684] kasan_save_alloc_info+0x3b/0x50 [ 24.197039] __kasan_kmalloc+0xb7/0xc0 [ 24.197303] __kmalloc_cache_noprof+0x184/0x410 [ 24.197762] kasan_bitops_generic+0x93/0x1c0 [ 24.198204] kunit_try_run_case+0x1b3/0x490 [ 24.198685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.199193] kthread+0x257/0x310 [ 24.199622] ret_from_fork+0x41/0x80 [ 24.200022] ret_from_fork_asm+0x1a/0x30 [ 24.200332] [ 24.200512] The buggy address belongs to the object at ffff8881028a7080 [ 24.200512] which belongs to the cache kmalloc-16 of size 16 [ 24.201480] The buggy address is located 8 bytes inside of [ 24.201480] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.202116] [ 24.202281] The buggy address belongs to the physical page: [ 24.202694] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.203380] flags: 0x200000000000000(node=0|zone=2) [ 24.203929] page_type: f5(slab) [ 24.204285] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.205021] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.205775] page dumped because: kasan: bad access detected [ 24.206285] [ 24.206527] Memory state around the buggy address: [ 24.206969] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.207402] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.207996] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.208357] ^ [ 24.208739] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.209377] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.210056] ================================================================== [ 24.335861] ================================================================== [ 24.337569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 24.338408] Read of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.338912] [ 24.339193] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.340048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.340465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.341091] Call Trace: [ 24.341448] <TASK> [ 24.341785] dump_stack_lvl+0x73/0xb0 [ 24.342244] print_report+0xd1/0x640 [ 24.342554] ? __virt_addr_valid+0x1db/0x2d0 [ 24.343118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.343737] kasan_report+0x102/0x140 [ 24.344126] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 24.344875] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 24.345539] kasan_check_range+0x10c/0x1c0 [ 24.346889] __kasan_check_read+0x15/0x20 [ 24.347317] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 24.347997] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.348415] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.349007] ? trace_hardirqs_on+0x37/0xe0 [ 24.349467] ? kasan_bitops_generic+0x93/0x1c0 [ 24.350065] kasan_bitops_generic+0x122/0x1c0 [ 24.350398] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.351353] ? __pfx_read_tsc+0x10/0x10 [ 24.352369] ? ktime_get_ts64+0x84/0x230 [ 24.353216] kunit_try_run_case+0x1b3/0x490 [ 24.353881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.354380] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.355178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.355671] ? __kthread_parkme+0x82/0x160 [ 24.356415] ? preempt_count_sub+0x50/0x80 [ 24.357078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.357607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.358436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.359173] kthread+0x257/0x310 [ 24.359577] ? __pfx_kthread+0x10/0x10 [ 24.360221] ret_from_fork+0x41/0x80 [ 24.360944] ? __pfx_kthread+0x10/0x10 [ 24.361604] ret_from_fork_asm+0x1a/0x30 [ 24.362091] </TASK> [ 24.362669] [ 24.362825] Allocated by task 268: [ 24.363193] kasan_save_stack+0x3d/0x60 [ 24.363997] kasan_save_track+0x18/0x40 [ 24.364365] kasan_save_alloc_info+0x3b/0x50 [ 24.364927] __kasan_kmalloc+0xb7/0xc0 [ 24.365280] __kmalloc_cache_noprof+0x184/0x410 [ 24.366420] kasan_bitops_generic+0x93/0x1c0 [ 24.366982] kunit_try_run_case+0x1b3/0x490 [ 24.367897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.368458] kthread+0x257/0x310 [ 24.369178] ret_from_fork+0x41/0x80 [ 24.369560] ret_from_fork_asm+0x1a/0x30 [ 24.370455] [ 24.370954] The buggy address belongs to the object at ffff8881028a7080 [ 24.370954] which belongs to the cache kmalloc-16 of size 16 [ 24.372092] The buggy address is located 8 bytes inside of [ 24.372092] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.373447] [ 24.373783] The buggy address belongs to the physical page: [ 24.374749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.375428] flags: 0x200000000000000(node=0|zone=2) [ 24.376202] page_type: f5(slab) [ 24.376625] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.377547] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.378180] page dumped because: kasan: bad access detected [ 24.379043] [ 24.379263] Memory state around the buggy address: [ 24.380128] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.380666] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.381538] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.382217] ^ [ 24.382551] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.383288] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.384051] ================================================================== [ 24.212438] ================================================================== [ 24.213318] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 24.214127] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.214757] [ 24.214959] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.215610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.215877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.216709] Call Trace: [ 24.217021] <TASK> [ 24.217305] dump_stack_lvl+0x73/0xb0 [ 24.217694] print_report+0xd1/0x640 [ 24.218131] ? __virt_addr_valid+0x1db/0x2d0 [ 24.218553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.218946] kasan_report+0x102/0x140 [ 24.219217] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 24.219662] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 24.220252] kasan_check_range+0x10c/0x1c0 [ 24.220765] __kasan_check_write+0x18/0x20 [ 24.221204] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 24.221863] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.222524] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.223051] ? trace_hardirqs_on+0x37/0xe0 [ 24.223498] ? kasan_bitops_generic+0x93/0x1c0 [ 24.223889] kasan_bitops_generic+0x122/0x1c0 [ 24.224202] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.224745] ? __pfx_read_tsc+0x10/0x10 [ 24.225162] ? ktime_get_ts64+0x84/0x230 [ 24.225713] kunit_try_run_case+0x1b3/0x490 [ 24.226191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.226791] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.227274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.227750] ? __kthread_parkme+0x82/0x160 [ 24.228045] ? preempt_count_sub+0x50/0x80 [ 24.228342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.230196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.231090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.231961] kthread+0x257/0x310 [ 24.232350] ? __pfx_kthread+0x10/0x10 [ 24.233147] ret_from_fork+0x41/0x80 [ 24.233601] ? __pfx_kthread+0x10/0x10 [ 24.234016] ret_from_fork_asm+0x1a/0x30 [ 24.234531] </TASK> [ 24.234850] [ 24.235065] Allocated by task 268: [ 24.235333] kasan_save_stack+0x3d/0x60 [ 24.235810] kasan_save_track+0x18/0x40 [ 24.236233] kasan_save_alloc_info+0x3b/0x50 [ 24.236757] __kasan_kmalloc+0xb7/0xc0 [ 24.237082] __kmalloc_cache_noprof+0x184/0x410 [ 24.237394] kasan_bitops_generic+0x93/0x1c0 [ 24.237891] kunit_try_run_case+0x1b3/0x490 [ 24.238346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.238834] kthread+0x257/0x310 [ 24.239187] ret_from_fork+0x41/0x80 [ 24.239626] ret_from_fork_asm+0x1a/0x30 [ 24.240062] [ 24.240270] The buggy address belongs to the object at ffff8881028a7080 [ 24.240270] which belongs to the cache kmalloc-16 of size 16 [ 24.241027] The buggy address is located 8 bytes inside of [ 24.241027] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.241852] [ 24.242080] The buggy address belongs to the physical page: [ 24.242642] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.243069] flags: 0x200000000000000(node=0|zone=2) [ 24.243566] page_type: f5(slab) [ 24.243971] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.244380] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.244840] page dumped because: kasan: bad access detected [ 24.245147] [ 24.245351] Memory state around the buggy address: [ 24.245881] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.246541] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.247214] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.247897] ^ [ 24.248253] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.248786] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.249404] ================================================================== [ 24.127817] ================================================================== [ 24.130371] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 24.130920] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.131610] [ 24.131814] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.133662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.134102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.134874] Call Trace: [ 24.135127] <TASK> [ 24.135378] dump_stack_lvl+0x73/0xb0 [ 24.136742] print_report+0xd1/0x640 [ 24.137389] ? __virt_addr_valid+0x1db/0x2d0 [ 24.137979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.138479] kasan_report+0x102/0x140 [ 24.138924] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 24.139313] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 24.140010] kasan_check_range+0x10c/0x1c0 [ 24.140569] __kasan_check_write+0x18/0x20 [ 24.140998] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 24.141707] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.142266] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.142986] ? trace_hardirqs_on+0x37/0xe0 [ 24.143567] ? kasan_bitops_generic+0x93/0x1c0 [ 24.144026] kasan_bitops_generic+0x122/0x1c0 [ 24.144432] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.144962] ? __pfx_read_tsc+0x10/0x10 [ 24.145369] ? ktime_get_ts64+0x84/0x230 [ 24.145832] kunit_try_run_case+0x1b3/0x490 [ 24.146393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.146923] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.147414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.148021] ? __kthread_parkme+0x82/0x160 [ 24.148542] ? preempt_count_sub+0x50/0x80 [ 24.148942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.149425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.150095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.150744] kthread+0x257/0x310 [ 24.151071] ? __pfx_kthread+0x10/0x10 [ 24.151471] ret_from_fork+0x41/0x80 [ 24.151950] ? __pfx_kthread+0x10/0x10 [ 24.152374] ret_from_fork_asm+0x1a/0x30 [ 24.152847] </TASK> [ 24.153038] [ 24.153249] Allocated by task 268: [ 24.153716] kasan_save_stack+0x3d/0x60 [ 24.154182] kasan_save_track+0x18/0x40 [ 24.154547] kasan_save_alloc_info+0x3b/0x50 [ 24.154999] __kasan_kmalloc+0xb7/0xc0 [ 24.155423] __kmalloc_cache_noprof+0x184/0x410 [ 24.155969] kasan_bitops_generic+0x93/0x1c0 [ 24.156430] kunit_try_run_case+0x1b3/0x490 [ 24.156947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.157476] kthread+0x257/0x310 [ 24.157942] ret_from_fork+0x41/0x80 [ 24.158355] ret_from_fork_asm+0x1a/0x30 [ 24.158884] [ 24.159054] The buggy address belongs to the object at ffff8881028a7080 [ 24.159054] which belongs to the cache kmalloc-16 of size 16 [ 24.159765] The buggy address is located 8 bytes inside of [ 24.159765] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.160814] [ 24.161045] The buggy address belongs to the physical page: [ 24.161570] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.162274] flags: 0x200000000000000(node=0|zone=2) [ 24.162863] page_type: f5(slab) [ 24.163100] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.163878] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.164383] page dumped because: kasan: bad access detected [ 24.165720] [ 24.165934] Memory state around the buggy address: [ 24.166397] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.167044] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.168358] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.169329] ^ [ 24.169715] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.170342] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.170967] ================================================================== [ 24.386983] ================================================================== [ 24.387637] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 24.388595] Read of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.389444] [ 24.389748] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.390838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.391144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.391976] Call Trace: [ 24.392327] <TASK> [ 24.392570] dump_stack_lvl+0x73/0xb0 [ 24.393093] print_report+0xd1/0x640 [ 24.393552] ? __virt_addr_valid+0x1db/0x2d0 [ 24.393867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.394580] kasan_report+0x102/0x140 [ 24.395003] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 24.395715] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 24.396713] __asan_report_load8_noabort+0x18/0x20 [ 24.397264] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 24.398019] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 24.398661] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.399104] ? trace_hardirqs_on+0x37/0xe0 [ 24.399521] ? kasan_bitops_generic+0x93/0x1c0 [ 24.400021] kasan_bitops_generic+0x122/0x1c0 [ 24.400460] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.400979] ? __pfx_read_tsc+0x10/0x10 [ 24.401367] ? ktime_get_ts64+0x84/0x230 [ 24.401833] kunit_try_run_case+0x1b3/0x490 [ 24.402302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.402797] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.403114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.403427] ? __kthread_parkme+0x82/0x160 [ 24.403928] ? preempt_count_sub+0x50/0x80 [ 24.404423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.405079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.405751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.406346] kthread+0x257/0x310 [ 24.406841] ? __pfx_kthread+0x10/0x10 [ 24.407170] ret_from_fork+0x41/0x80 [ 24.407695] ? __pfx_kthread+0x10/0x10 [ 24.408090] ret_from_fork_asm+0x1a/0x30 [ 24.408404] </TASK> [ 24.408662] [ 24.408819] Allocated by task 268: [ 24.409171] kasan_save_stack+0x3d/0x60 [ 24.409738] kasan_save_track+0x18/0x40 [ 24.410211] kasan_save_alloc_info+0x3b/0x50 [ 24.410794] __kasan_kmalloc+0xb7/0xc0 [ 24.411211] __kmalloc_cache_noprof+0x184/0x410 [ 24.411779] kasan_bitops_generic+0x93/0x1c0 [ 24.412271] kunit_try_run_case+0x1b3/0x490 [ 24.412695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.413191] kthread+0x257/0x310 [ 24.413642] ret_from_fork+0x41/0x80 [ 24.414057] ret_from_fork_asm+0x1a/0x30 [ 24.414502] [ 24.414730] The buggy address belongs to the object at ffff8881028a7080 [ 24.414730] which belongs to the cache kmalloc-16 of size 16 [ 24.415461] The buggy address is located 8 bytes inside of [ 24.415461] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.416694] [ 24.416909] The buggy address belongs to the physical page: [ 24.417211] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.417672] flags: 0x200000000000000(node=0|zone=2) [ 24.418001] page_type: f5(slab) [ 24.418412] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.419131] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.420650] page dumped because: kasan: bad access detected [ 24.421185] [ 24.421410] Memory state around the buggy address: [ 24.422004] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.422718] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.423336] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.423774] ^ [ 24.424015] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.424477] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.425343] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 23.870079] ================================================================== [ 23.871611] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 23.872233] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.872662] [ 23.873272] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.874543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.874917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.875930] Call Trace: [ 23.876411] <TASK> [ 23.876929] dump_stack_lvl+0x73/0xb0 [ 23.877456] print_report+0xd1/0x640 [ 23.878101] ? __virt_addr_valid+0x1db/0x2d0 [ 23.878737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.879433] kasan_report+0x102/0x140 [ 23.880061] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 23.880591] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 23.881420] kasan_check_range+0x10c/0x1c0 [ 23.882105] __kasan_check_write+0x18/0x20 [ 23.882718] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 23.883221] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.884176] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.884846] ? trace_hardirqs_on+0x37/0xe0 [ 23.885426] ? kasan_bitops_generic+0x93/0x1c0 [ 23.886175] kasan_bitops_generic+0x117/0x1c0 [ 23.886706] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.887303] ? __pfx_read_tsc+0x10/0x10 [ 23.887732] ? ktime_get_ts64+0x84/0x230 [ 23.888110] kunit_try_run_case+0x1b3/0x490 [ 23.889281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.889712] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.890417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.890939] ? __kthread_parkme+0x82/0x160 [ 23.891331] ? preempt_count_sub+0x50/0x80 [ 23.891847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.892266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.892785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.893332] kthread+0x257/0x310 [ 23.893782] ? __pfx_kthread+0x10/0x10 [ 23.894199] ret_from_fork+0x41/0x80 [ 23.894475] ? __pfx_kthread+0x10/0x10 [ 23.894963] ret_from_fork_asm+0x1a/0x30 [ 23.895520] </TASK> [ 23.895857] [ 23.896039] Allocated by task 268: [ 23.896270] kasan_save_stack+0x3d/0x60 [ 23.896668] kasan_save_track+0x18/0x40 [ 23.897193] kasan_save_alloc_info+0x3b/0x50 [ 23.897674] __kasan_kmalloc+0xb7/0xc0 [ 23.897945] __kmalloc_cache_noprof+0x184/0x410 [ 23.898238] kasan_bitops_generic+0x93/0x1c0 [ 23.898741] kunit_try_run_case+0x1b3/0x490 [ 23.899347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.899997] kthread+0x257/0x310 [ 23.900342] ret_from_fork+0x41/0x80 [ 23.900764] ret_from_fork_asm+0x1a/0x30 [ 23.901042] [ 23.901199] The buggy address belongs to the object at ffff8881028a7080 [ 23.901199] which belongs to the cache kmalloc-16 of size 16 [ 23.902059] The buggy address is located 8 bytes inside of [ 23.902059] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.903057] [ 23.903223] The buggy address belongs to the physical page: [ 23.903533] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.904257] flags: 0x200000000000000(node=0|zone=2) [ 23.904817] page_type: f5(slab) [ 23.905222] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.905921] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.906321] page dumped because: kasan: bad access detected [ 23.906867] [ 23.907149] Memory state around the buggy address: [ 23.907591] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.908139] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.908535] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.909186] ^ [ 23.909631] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.910357] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.910892] ================================================================== [ 23.696676] ================================================================== [ 23.697849] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 23.698537] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.699971] [ 23.700248] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.701316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.701751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.702840] Call Trace: [ 23.703176] <TASK> [ 23.703766] dump_stack_lvl+0x73/0xb0 [ 23.704077] print_report+0xd1/0x640 [ 23.704872] ? __virt_addr_valid+0x1db/0x2d0 [ 23.705285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.706211] kasan_report+0x102/0x140 [ 23.707030] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 23.707509] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 23.708035] kasan_check_range+0x10c/0x1c0 [ 23.708776] __kasan_check_write+0x18/0x20 [ 23.709234] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 23.710084] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.710843] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.711259] ? trace_hardirqs_on+0x37/0xe0 [ 23.712016] ? kasan_bitops_generic+0x93/0x1c0 [ 23.713045] kasan_bitops_generic+0x117/0x1c0 [ 23.713461] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.714215] ? __pfx_read_tsc+0x10/0x10 [ 23.714599] ? ktime_get_ts64+0x84/0x230 [ 23.715518] kunit_try_run_case+0x1b3/0x490 [ 23.715941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.716560] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.716936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.717348] ? __kthread_parkme+0x82/0x160 [ 23.718285] ? preempt_count_sub+0x50/0x80 [ 23.718662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.719469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.720231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.721238] kthread+0x257/0x310 [ 23.721585] ? __pfx_kthread+0x10/0x10 [ 23.722134] ret_from_fork+0x41/0x80 [ 23.722570] ? __pfx_kthread+0x10/0x10 [ 23.722874] ret_from_fork_asm+0x1a/0x30 [ 23.723280] </TASK> [ 23.724149] [ 23.724311] Allocated by task 268: [ 23.724917] kasan_save_stack+0x3d/0x60 [ 23.725437] kasan_save_track+0x18/0x40 [ 23.725967] kasan_save_alloc_info+0x3b/0x50 [ 23.726466] __kasan_kmalloc+0xb7/0xc0 [ 23.726983] __kmalloc_cache_noprof+0x184/0x410 [ 23.727503] kasan_bitops_generic+0x93/0x1c0 [ 23.727979] kunit_try_run_case+0x1b3/0x490 [ 23.728438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.728852] kthread+0x257/0x310 [ 23.729199] ret_from_fork+0x41/0x80 [ 23.729632] ret_from_fork_asm+0x1a/0x30 [ 23.729958] [ 23.730174] The buggy address belongs to the object at ffff8881028a7080 [ 23.730174] which belongs to the cache kmalloc-16 of size 16 [ 23.731125] The buggy address is located 8 bytes inside of [ 23.731125] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.731896] [ 23.732131] The buggy address belongs to the physical page: [ 23.732711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.733235] flags: 0x200000000000000(node=0|zone=2) [ 23.733621] page_type: f5(slab) [ 23.733983] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.734658] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.735147] page dumped because: kasan: bad access detected [ 23.735749] [ 23.735911] Memory state around the buggy address: [ 23.736194] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.736661] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.737287] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.737957] ^ [ 23.738346] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.739027] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.739453] ================================================================== [ 23.826899] ================================================================== [ 23.827674] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 23.828537] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.829304] [ 23.829694] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.831122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.831603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.832698] Call Trace: [ 23.832982] <TASK> [ 23.833239] dump_stack_lvl+0x73/0xb0 [ 23.833804] print_report+0xd1/0x640 [ 23.834051] ? __virt_addr_valid+0x1db/0x2d0 [ 23.834233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.834419] kasan_report+0x102/0x140 [ 23.834857] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 23.835386] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 23.836196] kasan_check_range+0x10c/0x1c0 [ 23.836531] __kasan_check_write+0x18/0x20 [ 23.836974] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 23.837553] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.838480] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.839507] ? trace_hardirqs_on+0x37/0xe0 [ 23.840045] ? kasan_bitops_generic+0x93/0x1c0 [ 23.840445] kasan_bitops_generic+0x117/0x1c0 [ 23.840830] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.841209] ? __pfx_read_tsc+0x10/0x10 [ 23.841521] ? ktime_get_ts64+0x84/0x230 [ 23.841965] kunit_try_run_case+0x1b3/0x490 [ 23.842444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.842985] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.843327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.843897] ? __kthread_parkme+0x82/0x160 [ 23.844567] ? preempt_count_sub+0x50/0x80 [ 23.845085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.845445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.846122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.846639] kthread+0x257/0x310 [ 23.847028] ? __pfx_kthread+0x10/0x10 [ 23.847427] ret_from_fork+0x41/0x80 [ 23.848145] ? __pfx_kthread+0x10/0x10 [ 23.848626] ret_from_fork_asm+0x1a/0x30 [ 23.849249] </TASK> [ 23.849687] [ 23.849931] Allocated by task 268: [ 23.850392] kasan_save_stack+0x3d/0x60 [ 23.851004] kasan_save_track+0x18/0x40 [ 23.851559] kasan_save_alloc_info+0x3b/0x50 [ 23.852131] __kasan_kmalloc+0xb7/0xc0 [ 23.852546] __kmalloc_cache_noprof+0x184/0x410 [ 23.853254] kasan_bitops_generic+0x93/0x1c0 [ 23.853802] kunit_try_run_case+0x1b3/0x490 [ 23.854652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.855118] kthread+0x257/0x310 [ 23.855445] ret_from_fork+0x41/0x80 [ 23.856330] ret_from_fork_asm+0x1a/0x30 [ 23.856661] [ 23.857105] The buggy address belongs to the object at ffff8881028a7080 [ 23.857105] which belongs to the cache kmalloc-16 of size 16 [ 23.858247] The buggy address is located 8 bytes inside of [ 23.858247] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.859097] [ 23.859334] The buggy address belongs to the physical page: [ 23.859885] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.860294] flags: 0x200000000000000(node=0|zone=2) [ 23.860835] page_type: f5(slab) [ 23.861274] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.862017] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.862804] page dumped because: kasan: bad access detected [ 23.863362] [ 23.863733] Memory state around the buggy address: [ 23.864328] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.865152] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.865998] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.866829] ^ [ 23.867127] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.867852] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.868415] ================================================================== [ 23.781540] ================================================================== [ 23.782941] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 23.783707] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.784189] [ 23.784378] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.785321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.785868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.786538] Call Trace: [ 23.786941] <TASK> [ 23.787228] dump_stack_lvl+0x73/0xb0 [ 23.787709] print_report+0xd1/0x640 [ 23.788167] ? __virt_addr_valid+0x1db/0x2d0 [ 23.788641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.788991] kasan_report+0x102/0x140 [ 23.789275] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 23.789793] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 23.790408] kasan_check_range+0x10c/0x1c0 [ 23.790949] __kasan_check_write+0x18/0x20 [ 23.791404] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 23.792048] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.792558] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.792981] ? trace_hardirqs_on+0x37/0xe0 [ 23.793477] ? kasan_bitops_generic+0x93/0x1c0 [ 23.793913] kasan_bitops_generic+0x117/0x1c0 [ 23.794452] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.794914] ? __pfx_read_tsc+0x10/0x10 [ 23.795467] ? ktime_get_ts64+0x84/0x230 [ 23.795855] kunit_try_run_case+0x1b3/0x490 [ 23.796160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.797546] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.798931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.800182] ? __kthread_parkme+0x82/0x160 [ 23.800694] ? preempt_count_sub+0x50/0x80 [ 23.801004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.801510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.802353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.803348] kthread+0x257/0x310 [ 23.803812] ? __pfx_kthread+0x10/0x10 [ 23.804662] ret_from_fork+0x41/0x80 [ 23.805271] ? __pfx_kthread+0x10/0x10 [ 23.806186] ret_from_fork_asm+0x1a/0x30 [ 23.806676] </TASK> [ 23.806920] [ 23.807092] Allocated by task 268: [ 23.807405] kasan_save_stack+0x3d/0x60 [ 23.807795] kasan_save_track+0x18/0x40 [ 23.808162] kasan_save_alloc_info+0x3b/0x50 [ 23.809718] __kasan_kmalloc+0xb7/0xc0 [ 23.810271] __kmalloc_cache_noprof+0x184/0x410 [ 23.810797] kasan_bitops_generic+0x93/0x1c0 [ 23.811149] kunit_try_run_case+0x1b3/0x490 [ 23.811799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.812153] kthread+0x257/0x310 [ 23.812593] ret_from_fork+0x41/0x80 [ 23.812932] ret_from_fork_asm+0x1a/0x30 [ 23.813377] [ 23.813793] The buggy address belongs to the object at ffff8881028a7080 [ 23.813793] which belongs to the cache kmalloc-16 of size 16 [ 23.814733] The buggy address is located 8 bytes inside of [ 23.814733] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.815443] [ 23.815984] The buggy address belongs to the physical page: [ 23.816508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.818328] flags: 0x200000000000000(node=0|zone=2) [ 23.818831] page_type: f5(slab) [ 23.819284] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.820020] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.820754] page dumped because: kasan: bad access detected [ 23.821369] [ 23.821613] Memory state around the buggy address: [ 23.822297] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.823386] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.823810] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.824035] ^ [ 23.824167] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.824376] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.824684] ================================================================== [ 23.741701] ================================================================== [ 23.742397] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 23.743715] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.744267] [ 23.744455] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.745374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.745746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.747366] Call Trace: [ 23.747714] <TASK> [ 23.747922] dump_stack_lvl+0x73/0xb0 [ 23.748215] print_report+0xd1/0x640 [ 23.748521] ? __virt_addr_valid+0x1db/0x2d0 [ 23.749040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.749659] kasan_report+0x102/0x140 [ 23.750110] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 23.750733] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 23.751295] kasan_check_range+0x10c/0x1c0 [ 23.751824] __kasan_check_write+0x18/0x20 [ 23.752247] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 23.752745] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.753321] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.753766] ? trace_hardirqs_on+0x37/0xe0 [ 23.754076] ? kasan_bitops_generic+0x93/0x1c0 [ 23.754399] kasan_bitops_generic+0x117/0x1c0 [ 23.754783] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.755350] ? __pfx_read_tsc+0x10/0x10 [ 23.755850] ? ktime_get_ts64+0x84/0x230 [ 23.756303] kunit_try_run_case+0x1b3/0x490 [ 23.756826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.757315] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.757872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.758387] ? __kthread_parkme+0x82/0x160 [ 23.758895] ? preempt_count_sub+0x50/0x80 [ 23.759312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.759694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.760284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.760890] kthread+0x257/0x310 [ 23.761285] ? __pfx_kthread+0x10/0x10 [ 23.761761] ret_from_fork+0x41/0x80 [ 23.762070] ? __pfx_kthread+0x10/0x10 [ 23.762468] ret_from_fork_asm+0x1a/0x30 [ 23.762846] </TASK> [ 23.763132] [ 23.763342] Allocated by task 268: [ 23.763765] kasan_save_stack+0x3d/0x60 [ 23.764180] kasan_save_track+0x18/0x40 [ 23.764616] kasan_save_alloc_info+0x3b/0x50 [ 23.764941] __kasan_kmalloc+0xb7/0xc0 [ 23.765256] __kmalloc_cache_noprof+0x184/0x410 [ 23.765654] kasan_bitops_generic+0x93/0x1c0 [ 23.766108] kunit_try_run_case+0x1b3/0x490 [ 23.766608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.767143] kthread+0x257/0x310 [ 23.767431] ret_from_fork+0x41/0x80 [ 23.767771] ret_from_fork_asm+0x1a/0x30 [ 23.768043] [ 23.768265] The buggy address belongs to the object at ffff8881028a7080 [ 23.768265] which belongs to the cache kmalloc-16 of size 16 [ 23.769325] The buggy address is located 8 bytes inside of [ 23.769325] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.770287] [ 23.770478] The buggy address belongs to the physical page: [ 23.771053] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.771531] flags: 0x200000000000000(node=0|zone=2) [ 23.772009] page_type: f5(slab) [ 23.772372] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.773106] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.773542] page dumped because: kasan: bad access detected [ 23.774105] [ 23.774325] Memory state around the buggy address: [ 23.774729] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.775106] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.775833] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.776446] ^ [ 23.776888] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.777462] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.780147] ================================================================== [ 23.949474] ================================================================== [ 23.951865] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 23.952641] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.954621] [ 23.954898] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.955460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.955978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.958285] Call Trace: [ 23.958630] <TASK> [ 23.958915] dump_stack_lvl+0x73/0xb0 [ 23.959345] print_report+0xd1/0x640 [ 23.960980] ? __virt_addr_valid+0x1db/0x2d0 [ 23.962790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.963109] kasan_report+0x102/0x140 [ 23.963365] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 23.964869] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 23.965542] kasan_check_range+0x10c/0x1c0 [ 23.966425] __kasan_check_write+0x18/0x20 [ 23.966900] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 23.967470] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.968150] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.968506] ? trace_hardirqs_on+0x37/0xe0 [ 23.969039] ? kasan_bitops_generic+0x93/0x1c0 [ 23.969551] kasan_bitops_generic+0x117/0x1c0 [ 23.970179] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.970935] ? __pfx_read_tsc+0x10/0x10 [ 23.971316] ? ktime_get_ts64+0x84/0x230 [ 23.971817] kunit_try_run_case+0x1b3/0x490 [ 23.972263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.972789] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.973107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.973426] ? __kthread_parkme+0x82/0x160 [ 23.973799] ? preempt_count_sub+0x50/0x80 [ 23.974276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.975168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.975902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.976545] kthread+0x257/0x310 [ 23.976917] ? __pfx_kthread+0x10/0x10 [ 23.977275] ret_from_fork+0x41/0x80 [ 23.977651] ? __pfx_kthread+0x10/0x10 [ 23.978066] ret_from_fork_asm+0x1a/0x30 [ 23.978633] </TASK> [ 23.978862] [ 23.979018] Allocated by task 268: [ 23.979241] kasan_save_stack+0x3d/0x60 [ 23.979755] kasan_save_track+0x18/0x40 [ 23.980200] kasan_save_alloc_info+0x3b/0x50 [ 23.980723] __kasan_kmalloc+0xb7/0xc0 [ 23.981180] __kmalloc_cache_noprof+0x184/0x410 [ 23.981512] kasan_bitops_generic+0x93/0x1c0 [ 23.982062] kunit_try_run_case+0x1b3/0x490 [ 23.982559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.983018] kthread+0x257/0x310 [ 23.983399] ret_from_fork+0x41/0x80 [ 23.983830] ret_from_fork_asm+0x1a/0x30 [ 23.984297] [ 23.984534] The buggy address belongs to the object at ffff8881028a7080 [ 23.984534] which belongs to the cache kmalloc-16 of size 16 [ 23.985364] The buggy address is located 8 bytes inside of [ 23.985364] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.986263] [ 23.986431] The buggy address belongs to the physical page: [ 23.986797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.987450] flags: 0x200000000000000(node=0|zone=2) [ 23.988011] page_type: f5(slab) [ 23.988408] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.989156] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.989845] page dumped because: kasan: bad access detected [ 23.990164] [ 23.990318] Memory state around the buggy address: [ 23.990725] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.991364] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.992126] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.992827] ^ [ 23.993207] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.994161] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.995375] ================================================================== [ 23.913030] ================================================================== [ 23.913850] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 23.914693] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 23.915175] [ 23.915364] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.916307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.916784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.917620] Call Trace: [ 23.917916] <TASK> [ 23.918129] dump_stack_lvl+0x73/0xb0 [ 23.918419] print_report+0xd1/0x640 [ 23.918880] ? __virt_addr_valid+0x1db/0x2d0 [ 23.919505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.920093] kasan_report+0x102/0x140 [ 23.920577] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 23.921198] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 23.921648] kasan_check_range+0x10c/0x1c0 [ 23.922153] __kasan_check_write+0x18/0x20 [ 23.922593] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 23.923107] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.923466] ? __kmalloc_cache_noprof+0x184/0x410 [ 23.923978] ? trace_hardirqs_on+0x37/0xe0 [ 23.924610] ? kasan_bitops_generic+0x93/0x1c0 [ 23.925111] kasan_bitops_generic+0x117/0x1c0 [ 23.925503] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.926050] ? __pfx_read_tsc+0x10/0x10 [ 23.926441] ? ktime_get_ts64+0x84/0x230 [ 23.927011] kunit_try_run_case+0x1b3/0x490 [ 23.927354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.927939] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.928308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.928883] ? __kthread_parkme+0x82/0x160 [ 23.929272] ? preempt_count_sub+0x50/0x80 [ 23.929595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.929902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.930281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.930751] kthread+0x257/0x310 [ 23.931144] ? __pfx_kthread+0x10/0x10 [ 23.931588] ret_from_fork+0x41/0x80 [ 23.932121] ? __pfx_kthread+0x10/0x10 [ 23.932582] ret_from_fork_asm+0x1a/0x30 [ 23.933072] </TASK> [ 23.933346] [ 23.933621] Allocated by task 268: [ 23.933984] kasan_save_stack+0x3d/0x60 [ 23.934415] kasan_save_track+0x18/0x40 [ 23.934987] kasan_save_alloc_info+0x3b/0x50 [ 23.935386] __kasan_kmalloc+0xb7/0xc0 [ 23.935782] __kmalloc_cache_noprof+0x184/0x410 [ 23.936276] kasan_bitops_generic+0x93/0x1c0 [ 23.936603] kunit_try_run_case+0x1b3/0x490 [ 23.937090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.937447] kthread+0x257/0x310 [ 23.937903] ret_from_fork+0x41/0x80 [ 23.938339] ret_from_fork_asm+0x1a/0x30 [ 23.938851] [ 23.939049] The buggy address belongs to the object at ffff8881028a7080 [ 23.939049] which belongs to the cache kmalloc-16 of size 16 [ 23.939638] The buggy address is located 8 bytes inside of [ 23.939638] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 23.940705] [ 23.940966] The buggy address belongs to the physical page: [ 23.941659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 23.942172] flags: 0x200000000000000(node=0|zone=2) [ 23.942503] page_type: f5(slab) [ 23.942727] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.943073] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.943411] page dumped because: kasan: bad access detected [ 23.943702] [ 23.943840] Memory state around the buggy address: [ 23.944083] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.944422] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.944814] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.945306] ^ [ 23.945706] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.946388] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.947131] ================================================================== [ 23.997453] ================================================================== [ 23.999276] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 24.000690] Write of size 8 at addr ffff8881028a7088 by task kunit_try_catch/268 [ 24.001310] [ 24.001536] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.002053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.002443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.003330] Call Trace: [ 24.004403] <TASK> [ 24.004661] dump_stack_lvl+0x73/0xb0 [ 24.004949] print_report+0xd1/0x640 [ 24.005226] ? __virt_addr_valid+0x1db/0x2d0 [ 24.005727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.006236] kasan_report+0x102/0x140 [ 24.007725] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 24.008278] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 24.009023] kasan_check_range+0x10c/0x1c0 [ 24.009427] __kasan_check_write+0x18/0x20 [ 24.010095] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 24.010785] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.011439] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.011824] ? trace_hardirqs_on+0x37/0xe0 [ 24.012257] ? kasan_bitops_generic+0x93/0x1c0 [ 24.012805] kasan_bitops_generic+0x117/0x1c0 [ 24.013431] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.014117] ? __pfx_read_tsc+0x10/0x10 [ 24.014655] ? ktime_get_ts64+0x84/0x230 [ 24.015253] kunit_try_run_case+0x1b3/0x490 [ 24.015901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.016455] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.016894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.017321] ? __kthread_parkme+0x82/0x160 [ 24.017810] ? preempt_count_sub+0x50/0x80 [ 24.018202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.018732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.019293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.019825] kthread+0x257/0x310 [ 24.020327] ? __pfx_kthread+0x10/0x10 [ 24.020901] ret_from_fork+0x41/0x80 [ 24.021403] ? __pfx_kthread+0x10/0x10 [ 24.021867] ret_from_fork_asm+0x1a/0x30 [ 24.022425] </TASK> [ 24.022758] [ 24.022917] Allocated by task 268: [ 24.023191] kasan_save_stack+0x3d/0x60 [ 24.023797] kasan_save_track+0x18/0x40 [ 24.024256] kasan_save_alloc_info+0x3b/0x50 [ 24.024844] __kasan_kmalloc+0xb7/0xc0 [ 24.025296] __kmalloc_cache_noprof+0x184/0x410 [ 24.025907] kasan_bitops_generic+0x93/0x1c0 [ 24.026306] kunit_try_run_case+0x1b3/0x490 [ 24.026843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.027409] kthread+0x257/0x310 [ 24.027858] ret_from_fork+0x41/0x80 [ 24.028347] ret_from_fork_asm+0x1a/0x30 [ 24.028815] [ 24.029071] The buggy address belongs to the object at ffff8881028a7080 [ 24.029071] which belongs to the cache kmalloc-16 of size 16 [ 24.029832] The buggy address is located 8 bytes inside of [ 24.029832] allocated 9-byte region [ffff8881028a7080, ffff8881028a7089) [ 24.030870] [ 24.031177] The buggy address belongs to the physical page: [ 24.031733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 24.032399] flags: 0x200000000000000(node=0|zone=2) [ 24.032925] page_type: f5(slab) [ 24.033273] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.034008] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.034846] page dumped because: kasan: bad access detected [ 24.035390] [ 24.035751] Memory state around the buggy address: [ 24.036073] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.036446] ffff8881028a7000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.037229] >ffff8881028a7080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.037922] ^ [ 24.038313] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.038973] ffff8881028a7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.040665] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 23.644285] ================================================================== [ 23.645278] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 23.645712] Read of size 1 at addr ffff8881028c9250 by task kunit_try_catch/266 [ 23.646240] [ 23.646548] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.647478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.647928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.648816] Call Trace: [ 23.649174] <TASK> [ 23.649412] dump_stack_lvl+0x73/0xb0 [ 23.649950] print_report+0xd1/0x640 [ 23.650291] ? __virt_addr_valid+0x1db/0x2d0 [ 23.650674] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.651030] kasan_report+0x102/0x140 [ 23.651310] ? strnlen+0x73/0x80 [ 23.651703] ? strnlen+0x73/0x80 [ 23.652109] __asan_report_load1_noabort+0x18/0x20 [ 23.652709] strnlen+0x73/0x80 [ 23.653115] kasan_strings+0x4cc/0xb60 [ 23.653612] ? __pfx_kasan_strings+0x10/0x10 [ 23.654134] ? __schedule+0xc3e/0x2790 [ 23.654637] ? __pfx_read_tsc+0x10/0x10 [ 23.655094] ? ktime_get_ts64+0x84/0x230 [ 23.655530] kunit_try_run_case+0x1b3/0x490 [ 23.656088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.656429] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.657007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.657459] ? __kthread_parkme+0x82/0x160 [ 23.658001] ? preempt_count_sub+0x50/0x80 [ 23.658395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.658978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.659515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.660132] kthread+0x257/0x310 [ 23.660425] ? __pfx_kthread+0x10/0x10 [ 23.660952] ret_from_fork+0x41/0x80 [ 23.661262] ? __pfx_kthread+0x10/0x10 [ 23.661756] ret_from_fork_asm+0x1a/0x30 [ 23.662152] </TASK> [ 23.662447] [ 23.662741] Allocated by task 266: [ 23.663041] kasan_save_stack+0x3d/0x60 [ 23.663318] kasan_save_track+0x18/0x40 [ 23.663706] kasan_save_alloc_info+0x3b/0x50 [ 23.664200] __kasan_kmalloc+0xb7/0xc0 [ 23.664648] __kmalloc_cache_noprof+0x184/0x410 [ 23.665177] kasan_strings+0xb3/0xb60 [ 23.665708] kunit_try_run_case+0x1b3/0x490 [ 23.666075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.666405] kthread+0x257/0x310 [ 23.666837] ret_from_fork+0x41/0x80 [ 23.667276] ret_from_fork_asm+0x1a/0x30 [ 23.667800] [ 23.668051] Freed by task 266: [ 23.668386] kasan_save_stack+0x3d/0x60 [ 23.668807] kasan_save_track+0x18/0x40 [ 23.669077] kasan_save_free_info+0x3f/0x60 [ 23.669352] __kasan_slab_free+0x56/0x70 [ 23.669787] kfree+0x123/0x3f0 [ 23.670166] kasan_strings+0x13a/0xb60 [ 23.670691] kunit_try_run_case+0x1b3/0x490 [ 23.671163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.671763] kthread+0x257/0x310 [ 23.672184] ret_from_fork+0x41/0x80 [ 23.672528] ret_from_fork_asm+0x1a/0x30 [ 23.672858] [ 23.673013] The buggy address belongs to the object at ffff8881028c9240 [ 23.673013] which belongs to the cache kmalloc-32 of size 32 [ 23.673879] The buggy address is located 16 bytes inside of [ 23.673879] freed 32-byte region [ffff8881028c9240, ffff8881028c9260) [ 23.674941] [ 23.675173] The buggy address belongs to the physical page: [ 23.675805] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.676308] flags: 0x200000000000000(node=0|zone=2) [ 23.676713] page_type: f5(slab) [ 23.677081] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.677879] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.678464] page dumped because: kasan: bad access detected [ 23.678905] [ 23.679133] Memory state around the buggy address: [ 23.679557] ffff8881028c9100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.680110] ffff8881028c9180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.680750] >ffff8881028c9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.681327] ^ [ 23.681881] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.682471] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.682905] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 23.603795] ================================================================== [ 23.604547] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 23.605170] Read of size 1 at addr ffff8881028c9250 by task kunit_try_catch/266 [ 23.606189] [ 23.606387] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.607011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.607458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.608300] Call Trace: [ 23.608560] <TASK> [ 23.608815] dump_stack_lvl+0x73/0xb0 [ 23.609116] print_report+0xd1/0x640 [ 23.609639] ? __virt_addr_valid+0x1db/0x2d0 [ 23.610169] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.610798] kasan_report+0x102/0x140 [ 23.611231] ? strlen+0x8f/0xb0 [ 23.611689] ? strlen+0x8f/0xb0 [ 23.612115] __asan_report_load1_noabort+0x18/0x20 [ 23.612448] strlen+0x8f/0xb0 [ 23.612773] kasan_strings+0x432/0xb60 [ 23.613201] ? __pfx_kasan_strings+0x10/0x10 [ 23.613791] ? __schedule+0xc3e/0x2790 [ 23.614245] ? __pfx_read_tsc+0x10/0x10 [ 23.614780] ? ktime_get_ts64+0x84/0x230 [ 23.615293] kunit_try_run_case+0x1b3/0x490 [ 23.615831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.616345] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.616749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.617299] ? __kthread_parkme+0x82/0x160 [ 23.617803] ? preempt_count_sub+0x50/0x80 [ 23.618291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.618814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.619392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.619801] kthread+0x257/0x310 [ 23.620070] ? __pfx_kthread+0x10/0x10 [ 23.620347] ret_from_fork+0x41/0x80 [ 23.620853] ? __pfx_kthread+0x10/0x10 [ 23.621285] ret_from_fork_asm+0x1a/0x30 [ 23.621810] </TASK> [ 23.622107] [ 23.622326] Allocated by task 266: [ 23.622759] kasan_save_stack+0x3d/0x60 [ 23.623175] kasan_save_track+0x18/0x40 [ 23.623703] kasan_save_alloc_info+0x3b/0x50 [ 23.624205] __kasan_kmalloc+0xb7/0xc0 [ 23.624693] __kmalloc_cache_noprof+0x184/0x410 [ 23.624988] kasan_strings+0xb3/0xb60 [ 23.625315] kunit_try_run_case+0x1b3/0x490 [ 23.625862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.626404] kthread+0x257/0x310 [ 23.626878] ret_from_fork+0x41/0x80 [ 23.627287] ret_from_fork_asm+0x1a/0x30 [ 23.627639] [ 23.627903] Freed by task 266: [ 23.628171] kasan_save_stack+0x3d/0x60 [ 23.628432] kasan_save_track+0x18/0x40 [ 23.628768] kasan_save_free_info+0x3f/0x60 [ 23.629058] __kasan_slab_free+0x56/0x70 [ 23.629330] kfree+0x123/0x3f0 [ 23.629709] kasan_strings+0x13a/0xb60 [ 23.630146] kunit_try_run_case+0x1b3/0x490 [ 23.630650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.631173] kthread+0x257/0x310 [ 23.631646] ret_from_fork+0x41/0x80 [ 23.632054] ret_from_fork_asm+0x1a/0x30 [ 23.632525] [ 23.632795] The buggy address belongs to the object at ffff8881028c9240 [ 23.632795] which belongs to the cache kmalloc-32 of size 32 [ 23.633948] The buggy address is located 16 bytes inside of [ 23.633948] freed 32-byte region [ffff8881028c9240, ffff8881028c9260) [ 23.634902] [ 23.635066] The buggy address belongs to the physical page: [ 23.635421] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.636155] flags: 0x200000000000000(node=0|zone=2) [ 23.636764] page_type: f5(slab) [ 23.637169] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.637940] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.638387] page dumped because: kasan: bad access detected [ 23.638951] [ 23.639208] Memory state around the buggy address: [ 23.639745] ffff8881028c9100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.640294] ffff8881028c9180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.640786] >ffff8881028c9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.641153] ^ [ 23.641546] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.642269] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.642989] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 23.559830] ================================================================== [ 23.560578] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 23.561385] Read of size 1 at addr ffff8881028c9250 by task kunit_try_catch/266 [ 23.562076] [ 23.562344] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.562947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.563203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.563713] Call Trace: [ 23.563928] <TASK> [ 23.564123] dump_stack_lvl+0x73/0xb0 [ 23.564414] print_report+0xd1/0x640 [ 23.564931] ? __virt_addr_valid+0x1db/0x2d0 [ 23.565520] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.566128] kasan_report+0x102/0x140 [ 23.566636] ? kasan_strings+0xa0f/0xb60 [ 23.567111] ? kasan_strings+0xa0f/0xb60 [ 23.567620] __asan_report_load1_noabort+0x18/0x20 [ 23.568176] kasan_strings+0xa0f/0xb60 [ 23.568885] ? __pfx_kasan_strings+0x10/0x10 [ 23.569357] ? __schedule+0xc3e/0x2790 [ 23.570980] ? __pfx_read_tsc+0x10/0x10 [ 23.571421] ? ktime_get_ts64+0x84/0x230 [ 23.571970] kunit_try_run_case+0x1b3/0x490 [ 23.572504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.573018] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.573526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.574098] ? __kthread_parkme+0x82/0x160 [ 23.574639] ? preempt_count_sub+0x50/0x80 [ 23.574978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.575557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.576167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.576536] kthread+0x257/0x310 [ 23.576984] ? __pfx_kthread+0x10/0x10 [ 23.577447] ret_from_fork+0x41/0x80 [ 23.577931] ? __pfx_kthread+0x10/0x10 [ 23.578401] ret_from_fork_asm+0x1a/0x30 [ 23.578820] </TASK> [ 23.579021] [ 23.579174] Allocated by task 266: [ 23.579408] kasan_save_stack+0x3d/0x60 [ 23.579904] kasan_save_track+0x18/0x40 [ 23.580347] kasan_save_alloc_info+0x3b/0x50 [ 23.580858] __kasan_kmalloc+0xb7/0xc0 [ 23.581273] __kmalloc_cache_noprof+0x184/0x410 [ 23.581838] kasan_strings+0xb3/0xb60 [ 23.582218] kunit_try_run_case+0x1b3/0x490 [ 23.582523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.582902] kthread+0x257/0x310 [ 23.583154] ret_from_fork+0x41/0x80 [ 23.583616] ret_from_fork_asm+0x1a/0x30 [ 23.584054] [ 23.584273] Freed by task 266: [ 23.584674] kasan_save_stack+0x3d/0x60 [ 23.585145] kasan_save_track+0x18/0x40 [ 23.585702] kasan_save_free_info+0x3f/0x60 [ 23.586159] __kasan_slab_free+0x56/0x70 [ 23.586618] kfree+0x123/0x3f0 [ 23.586994] kasan_strings+0x13a/0xb60 [ 23.587315] kunit_try_run_case+0x1b3/0x490 [ 23.589130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.590344] kthread+0x257/0x310 [ 23.590927] ret_from_fork+0x41/0x80 [ 23.591197] ret_from_fork_asm+0x1a/0x30 [ 23.591463] [ 23.591696] The buggy address belongs to the object at ffff8881028c9240 [ 23.591696] which belongs to the cache kmalloc-32 of size 32 [ 23.592272] The buggy address is located 16 bytes inside of [ 23.592272] freed 32-byte region [ffff8881028c9240, ffff8881028c9260) [ 23.593313] [ 23.593647] The buggy address belongs to the physical page: [ 23.594180] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.594971] flags: 0x200000000000000(node=0|zone=2) [ 23.595568] page_type: f5(slab) [ 23.595989] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.596771] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.597439] page dumped because: kasan: bad access detected [ 23.598004] [ 23.598206] Memory state around the buggy address: [ 23.598512] ffff8881028c9100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.598935] ffff8881028c9180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.599666] >ffff8881028c9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.600305] ^ [ 23.600915] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.601479] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.602120] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 23.515878] ================================================================== [ 23.516392] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 23.516933] Read of size 1 at addr ffff8881028c9250 by task kunit_try_catch/266 [ 23.518286] [ 23.518623] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.519501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.519956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.520437] Call Trace: [ 23.520821] <TASK> [ 23.521103] dump_stack_lvl+0x73/0xb0 [ 23.521561] print_report+0xd1/0x640 [ 23.522036] ? __virt_addr_valid+0x1db/0x2d0 [ 23.522429] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.522852] kasan_report+0x102/0x140 [ 23.523131] ? strcmp+0xb0/0xc0 [ 23.523392] ? strcmp+0xb0/0xc0 [ 23.523831] __asan_report_load1_noabort+0x18/0x20 [ 23.524324] strcmp+0xb0/0xc0 [ 23.524779] kasan_strings+0x2e9/0xb60 [ 23.525268] ? __pfx_kasan_strings+0x10/0x10 [ 23.527280] ? __schedule+0xc3e/0x2790 [ 23.527723] ? __pfx_read_tsc+0x10/0x10 [ 23.528165] ? ktime_get_ts64+0x84/0x230 [ 23.529281] kunit_try_run_case+0x1b3/0x490 [ 23.529829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.530185] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.530517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.530914] ? __kthread_parkme+0x82/0x160 [ 23.531334] ? preempt_count_sub+0x50/0x80 [ 23.531833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.532161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.532544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.533148] kthread+0x257/0x310 [ 23.533567] ? __pfx_kthread+0x10/0x10 [ 23.534030] ret_from_fork+0x41/0x80 [ 23.534457] ? __pfx_kthread+0x10/0x10 [ 23.534859] ret_from_fork_asm+0x1a/0x30 [ 23.535369] </TASK> [ 23.535632] [ 23.535864] Allocated by task 266: [ 23.536238] kasan_save_stack+0x3d/0x60 [ 23.536623] kasan_save_track+0x18/0x40 [ 23.536909] kasan_save_alloc_info+0x3b/0x50 [ 23.537198] __kasan_kmalloc+0xb7/0xc0 [ 23.537667] __kmalloc_cache_noprof+0x184/0x410 [ 23.538144] kasan_strings+0xb3/0xb60 [ 23.538555] kunit_try_run_case+0x1b3/0x490 [ 23.539048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.539619] kthread+0x257/0x310 [ 23.539996] ret_from_fork+0x41/0x80 [ 23.540391] ret_from_fork_asm+0x1a/0x30 [ 23.540753] [ 23.540969] Freed by task 266: [ 23.541300] kasan_save_stack+0x3d/0x60 [ 23.541644] kasan_save_track+0x18/0x40 [ 23.541921] kasan_save_free_info+0x3f/0x60 [ 23.542338] __kasan_slab_free+0x56/0x70 [ 23.542821] kfree+0x123/0x3f0 [ 23.543185] kasan_strings+0x13a/0xb60 [ 23.543662] kunit_try_run_case+0x1b3/0x490 [ 23.544110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.544707] kthread+0x257/0x310 [ 23.545084] ret_from_fork+0x41/0x80 [ 23.545429] ret_from_fork_asm+0x1a/0x30 [ 23.545794] [ 23.546010] The buggy address belongs to the object at ffff8881028c9240 [ 23.546010] which belongs to the cache kmalloc-32 of size 32 [ 23.547097] The buggy address is located 16 bytes inside of [ 23.547097] freed 32-byte region [ffff8881028c9240, ffff8881028c9260) [ 23.547828] [ 23.547995] The buggy address belongs to the physical page: [ 23.548299] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.548982] flags: 0x200000000000000(node=0|zone=2) [ 23.549469] page_type: f5(slab) [ 23.549907] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.550655] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.551312] page dumped because: kasan: bad access detected [ 23.551867] [ 23.552086] Memory state around the buggy address: [ 23.552388] ffff8881028c9100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.553030] ffff8881028c9180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.553400] >ffff8881028c9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.554097] ^ [ 23.554680] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.555323] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.555812] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 23.472356] ================================================================== [ 23.473832] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 23.474369] Read of size 1 at addr ffff8881028c9250 by task kunit_try_catch/266 [ 23.475039] [ 23.475338] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.476331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.476872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.477426] Call Trace: [ 23.477763] <TASK> [ 23.478442] dump_stack_lvl+0x73/0xb0 [ 23.479256] print_report+0xd1/0x640 [ 23.479596] ? __virt_addr_valid+0x1db/0x2d0 [ 23.479910] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.480317] kasan_report+0x102/0x140 [ 23.480864] ? strrchr+0x64/0x70 [ 23.481162] ? strrchr+0x64/0x70 [ 23.481499] __asan_report_load1_noabort+0x18/0x20 [ 23.482096] strrchr+0x64/0x70 [ 23.482547] kasan_strings+0x24c/0xb60 [ 23.483029] ? __pfx_kasan_strings+0x10/0x10 [ 23.483338] ? __schedule+0xc3e/0x2790 [ 23.483863] ? __pfx_read_tsc+0x10/0x10 [ 23.484285] ? ktime_get_ts64+0x84/0x230 [ 23.484819] kunit_try_run_case+0x1b3/0x490 [ 23.485243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.485633] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.486164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.486825] ? __kthread_parkme+0x82/0x160 [ 23.487347] ? preempt_count_sub+0x50/0x80 [ 23.487872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.488404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.488865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.489472] kthread+0x257/0x310 [ 23.489934] ? __pfx_kthread+0x10/0x10 [ 23.490278] ret_from_fork+0x41/0x80 [ 23.490625] ? __pfx_kthread+0x10/0x10 [ 23.490977] ret_from_fork_asm+0x1a/0x30 [ 23.491512] </TASK> [ 23.491841] [ 23.492064] Allocated by task 266: [ 23.492427] kasan_save_stack+0x3d/0x60 [ 23.492947] kasan_save_track+0x18/0x40 [ 23.493312] kasan_save_alloc_info+0x3b/0x50 [ 23.493875] __kasan_kmalloc+0xb7/0xc0 [ 23.494219] __kmalloc_cache_noprof+0x184/0x410 [ 23.494556] kasan_strings+0xb3/0xb60 [ 23.495030] kunit_try_run_case+0x1b3/0x490 [ 23.495720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.496335] kthread+0x257/0x310 [ 23.496830] ret_from_fork+0x41/0x80 [ 23.497304] ret_from_fork_asm+0x1a/0x30 [ 23.497850] [ 23.498144] Freed by task 266: [ 23.498569] kasan_save_stack+0x3d/0x60 [ 23.499046] kasan_save_track+0x18/0x40 [ 23.499320] kasan_save_free_info+0x3f/0x60 [ 23.499736] __kasan_slab_free+0x56/0x70 [ 23.500093] kfree+0x123/0x3f0 [ 23.500412] kasan_strings+0x13a/0xb60 [ 23.500794] kunit_try_run_case+0x1b3/0x490 [ 23.501090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.501665] kthread+0x257/0x310 [ 23.502050] ret_from_fork+0x41/0x80 [ 23.502454] ret_from_fork_asm+0x1a/0x30 [ 23.502929] [ 23.503122] The buggy address belongs to the object at ffff8881028c9240 [ 23.503122] which belongs to the cache kmalloc-32 of size 32 [ 23.503931] The buggy address is located 16 bytes inside of [ 23.503931] freed 32-byte region [ffff8881028c9240, ffff8881028c9260) [ 23.504894] [ 23.505076] The buggy address belongs to the physical page: [ 23.505427] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.506159] flags: 0x200000000000000(node=0|zone=2) [ 23.506684] page_type: f5(slab) [ 23.506930] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.507322] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.507952] page dumped because: kasan: bad access detected [ 23.508471] [ 23.508760] Memory state around the buggy address: [ 23.510434] ffff8881028c9100: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 23.511108] ffff8881028c9180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.511644] >ffff8881028c9200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.512124] ^ [ 23.512753] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.513132] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.513806] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 23.425314] ================================================================== [ 23.426113] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 23.426993] Read of size 1 at addr ffff8881028c9250 by task kunit_try_catch/266 [ 23.428160] [ 23.428368] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.429342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.430169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.430947] Call Trace: [ 23.431321] <TASK> [ 23.431668] dump_stack_lvl+0x73/0xb0 [ 23.432538] print_report+0xd1/0x640 [ 23.433103] ? __virt_addr_valid+0x1db/0x2d0 [ 23.433720] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.434177] kasan_report+0x102/0x140 [ 23.434809] ? strchr+0x9c/0xc0 [ 23.435232] ? strchr+0x9c/0xc0 [ 23.435538] __asan_report_load1_noabort+0x18/0x20 [ 23.436259] strchr+0x9c/0xc0 [ 23.436748] kasan_strings+0x1b1/0xb60 [ 23.437244] ? __pfx_kasan_strings+0x10/0x10 [ 23.437824] ? __schedule+0xc3e/0x2790 [ 23.438267] ? __pfx_read_tsc+0x10/0x10 [ 23.438831] ? ktime_get_ts64+0x84/0x230 [ 23.439126] kunit_try_run_case+0x1b3/0x490 [ 23.439794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.440409] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.441069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.441473] ? __kthread_parkme+0x82/0x160 [ 23.442108] ? preempt_count_sub+0x50/0x80 [ 23.442817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.443229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.443981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.444345] kthread+0x257/0x310 [ 23.444756] ? __pfx_kthread+0x10/0x10 [ 23.445039] ret_from_fork+0x41/0x80 [ 23.445406] ? __pfx_kthread+0x10/0x10 [ 23.446032] ret_from_fork_asm+0x1a/0x30 [ 23.446650] </TASK> [ 23.446943] [ 23.447233] Allocated by task 266: [ 23.447617] kasan_save_stack+0x3d/0x60 [ 23.448095] kasan_save_track+0x18/0x40 [ 23.448647] kasan_save_alloc_info+0x3b/0x50 [ 23.449017] __kasan_kmalloc+0xb7/0xc0 [ 23.449538] __kmalloc_cache_noprof+0x184/0x410 [ 23.450002] kasan_strings+0xb3/0xb60 [ 23.450396] kunit_try_run_case+0x1b3/0x490 [ 23.450948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.451481] kthread+0x257/0x310 [ 23.451991] ret_from_fork+0x41/0x80 [ 23.452379] ret_from_fork_asm+0x1a/0x30 [ 23.452916] [ 23.453224] Freed by task 266: [ 23.453552] kasan_save_stack+0x3d/0x60 [ 23.454224] kasan_save_track+0x18/0x40 [ 23.454629] kasan_save_free_info+0x3f/0x60 [ 23.455022] __kasan_slab_free+0x56/0x70 [ 23.455341] kfree+0x123/0x3f0 [ 23.456442] kasan_strings+0x13a/0xb60 [ 23.456741] kunit_try_run_case+0x1b3/0x490 [ 23.457017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.457324] kthread+0x257/0x310 [ 23.457865] ret_from_fork+0x41/0x80 [ 23.458320] ret_from_fork_asm+0x1a/0x30 [ 23.458906] [ 23.459148] The buggy address belongs to the object at ffff8881028c9240 [ 23.459148] which belongs to the cache kmalloc-32 of size 32 [ 23.460393] The buggy address is located 16 bytes inside of [ 23.460393] freed 32-byte region [ffff8881028c9240, ffff8881028c9260) [ 23.461635] [ 23.461966] The buggy address belongs to the physical page: [ 23.462616] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.463367] flags: 0x200000000000000(node=0|zone=2) [ 23.464025] page_type: f5(slab) [ 23.464470] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.465162] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.465802] page dumped because: kasan: bad access detected [ 23.466358] [ 23.466658] Memory state around the buggy address: [ 23.467159] ffff8881028c9100: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 23.467554] ffff8881028c9180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.468277] >ffff8881028c9200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.469022] ^ [ 23.469663] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.470400] ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.470850] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 23.370845] ================================================================== [ 23.372010] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 23.373017] Read of size 1 at addr ffff8881028c9198 by task kunit_try_catch/264 [ 23.373534] [ 23.373736] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.375439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.375692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.376808] Call Trace: [ 23.377126] <TASK> [ 23.377427] dump_stack_lvl+0x73/0xb0 [ 23.377875] print_report+0xd1/0x640 [ 23.378231] ? __virt_addr_valid+0x1db/0x2d0 [ 23.378742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.379113] kasan_report+0x102/0x140 [ 23.379537] ? memcmp+0x1b4/0x1d0 [ 23.379960] ? memcmp+0x1b4/0x1d0 [ 23.381280] __asan_report_load1_noabort+0x18/0x20 [ 23.381702] memcmp+0x1b4/0x1d0 [ 23.382382] kasan_memcmp+0x190/0x390 [ 23.382784] ? trace_hardirqs_on+0x37/0xe0 [ 23.383829] ? __pfx_kasan_memcmp+0x10/0x10 [ 23.384188] ? finish_task_switch.isra.0+0x153/0x700 [ 23.384898] ? __switch_to+0x5d9/0xf60 [ 23.385394] ? __pfx_read_tsc+0x10/0x10 [ 23.386315] ? ktime_get_ts64+0x84/0x230 [ 23.386731] kunit_try_run_case+0x1b3/0x490 [ 23.387058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.387523] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.389307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.389733] ? __kthread_parkme+0x82/0x160 [ 23.390105] ? preempt_count_sub+0x50/0x80 [ 23.391282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.391986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.392329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.392906] kthread+0x257/0x310 [ 23.393272] ? __pfx_kthread+0x10/0x10 [ 23.393851] ret_from_fork+0x41/0x80 [ 23.394185] ? __pfx_kthread+0x10/0x10 [ 23.394793] ret_from_fork_asm+0x1a/0x30 [ 23.395280] </TASK> [ 23.395478] [ 23.396202] Allocated by task 264: [ 23.397179] kasan_save_stack+0x3d/0x60 [ 23.397732] kasan_save_track+0x18/0x40 [ 23.398355] kasan_save_alloc_info+0x3b/0x50 [ 23.398920] __kasan_kmalloc+0xb7/0xc0 [ 23.399624] __kmalloc_cache_noprof+0x184/0x410 [ 23.400634] kasan_memcmp+0xb8/0x390 [ 23.401164] kunit_try_run_case+0x1b3/0x490 [ 23.401611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.402360] kthread+0x257/0x310 [ 23.402813] ret_from_fork+0x41/0x80 [ 23.403121] ret_from_fork_asm+0x1a/0x30 [ 23.403830] [ 23.404528] The buggy address belongs to the object at ffff8881028c9180 [ 23.404528] which belongs to the cache kmalloc-32 of size 32 [ 23.405382] The buggy address is located 0 bytes to the right of [ 23.405382] allocated 24-byte region [ffff8881028c9180, ffff8881028c9198) [ 23.406758] [ 23.407174] The buggy address belongs to the physical page: [ 23.407656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9 [ 23.408398] flags: 0x200000000000000(node=0|zone=2) [ 23.409298] page_type: f5(slab) [ 23.409913] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.410617] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.411461] page dumped because: kasan: bad access detected [ 23.412403] [ 23.412719] Memory state around the buggy address: [ 23.413391] ffff8881028c9080: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 23.414277] ffff8881028c9100: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 23.414737] >ffff8881028c9180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.415428] ^ [ 23.416556] ffff8881028c9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.417227] ffff8881028c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.417696] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 23.317239] ================================================================== [ 23.318089] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 23.319558] Read of size 1 at addr ffff888102ba3f18 by task kunit_try_catch/262 [ 23.319927] [ 23.320611] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.321532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.321996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.322763] Call Trace: [ 23.322973] <TASK> [ 23.323273] dump_stack_lvl+0x73/0xb0 [ 23.323732] print_report+0xd1/0x640 [ 23.324294] ? __virt_addr_valid+0x1db/0x2d0 [ 23.325378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.326141] kasan_report+0x102/0x140 [ 23.326508] ? memchr+0x79/0x90 [ 23.327252] ? memchr+0x79/0x90 [ 23.327550] __asan_report_load1_noabort+0x18/0x20 [ 23.328051] memchr+0x79/0x90 [ 23.328427] kasan_memchr+0x163/0x320 [ 23.329459] ? __pfx_kasan_memchr+0x10/0x10 [ 23.329966] ? __schedule+0xc3e/0x2790 [ 23.331064] ? __pfx_read_tsc+0x10/0x10 [ 23.331415] ? ktime_get_ts64+0x84/0x230 [ 23.331826] kunit_try_run_case+0x1b3/0x490 [ 23.332933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.333550] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.334577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.335174] ? __kthread_parkme+0x82/0x160 [ 23.335613] ? preempt_count_sub+0x50/0x80 [ 23.336133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.337510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.338381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.339178] kthread+0x257/0x310 [ 23.339512] ? __pfx_kthread+0x10/0x10 [ 23.340370] ret_from_fork+0x41/0x80 [ 23.341010] ? __pfx_kthread+0x10/0x10 [ 23.341582] ret_from_fork_asm+0x1a/0x30 [ 23.342407] </TASK> [ 23.342735] [ 23.342931] Allocated by task 262: [ 23.343364] kasan_save_stack+0x3d/0x60 [ 23.344560] kasan_save_track+0x18/0x40 [ 23.345059] kasan_save_alloc_info+0x3b/0x50 [ 23.345809] __kasan_kmalloc+0xb7/0xc0 [ 23.346302] __kmalloc_cache_noprof+0x184/0x410 [ 23.346649] kasan_memchr+0xad/0x320 [ 23.347223] kunit_try_run_case+0x1b3/0x490 [ 23.347757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.348572] kthread+0x257/0x310 [ 23.349054] ret_from_fork+0x41/0x80 [ 23.349319] ret_from_fork_asm+0x1a/0x30 [ 23.349876] [ 23.350144] The buggy address belongs to the object at ffff888102ba3f00 [ 23.350144] which belongs to the cache kmalloc-32 of size 32 [ 23.351321] The buggy address is located 0 bytes to the right of [ 23.351321] allocated 24-byte region [ffff888102ba3f00, ffff888102ba3f18) [ 23.352858] [ 23.353675] The buggy address belongs to the physical page: [ 23.354354] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba3 [ 23.355253] flags: 0x200000000000000(node=0|zone=2) [ 23.355943] page_type: f5(slab) [ 23.356341] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.357295] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 23.357965] page dumped because: kasan: bad access detected [ 23.358638] [ 23.358987] Memory state around the buggy address: [ 23.359630] ffff888102ba3e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 23.360322] ffff888102ba3e80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 23.361033] >ffff888102ba3f00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.361765] ^ [ 23.362029] ffff888102ba3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.362876] ffff888102ba4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.363407] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 23.274319] ================================================================== [ 23.275377] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 23.276416] Read of size 1 at addr ffff888102a67caa by task kunit_try_catch/260 [ 23.277572] [ 23.277790] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.279239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.279788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.280583] Call Trace: [ 23.280839] <TASK> [ 23.281117] dump_stack_lvl+0x73/0xb0 [ 23.281537] print_report+0xd1/0x640 [ 23.282327] ? __virt_addr_valid+0x1db/0x2d0 [ 23.282631] ? kasan_addr_to_slab+0x11/0xa0 [ 23.283477] kasan_report+0x102/0x140 [ 23.283968] ? kasan_alloca_oob_right+0x328/0x390 [ 23.284764] ? kasan_alloca_oob_right+0x328/0x390 [ 23.285225] __asan_report_load1_noabort+0x18/0x20 [ 23.285680] kasan_alloca_oob_right+0x328/0x390 [ 23.286100] ? irqentry_exit+0x2a/0x60 [ 23.286458] ? insn_get_modrm_rm_off+0x70/0x180 [ 23.287503] ? trace_hardirqs_on+0x37/0xe0 [ 23.288262] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 23.288928] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 23.289593] kunit_try_run_case+0x1b3/0x490 [ 23.290233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.290895] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.291304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.291715] ? __kthread_parkme+0x82/0x160 [ 23.292102] ? preempt_count_sub+0x50/0x80 [ 23.293090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.293543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.294331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.295314] kthread+0x257/0x310 [ 23.295928] ? __pfx_kthread+0x10/0x10 [ 23.296467] ret_from_fork+0x41/0x80 [ 23.297205] ? __pfx_kthread+0x10/0x10 [ 23.297651] ret_from_fork_asm+0x1a/0x30 [ 23.298084] </TASK> [ 23.298336] [ 23.299158] The buggy address belongs to stack of task kunit_try_catch/260 [ 23.300062] [ 23.300225] The buggy address belongs to the physical page: [ 23.300581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a67 [ 23.301324] flags: 0x200000000000000(node=0|zone=2) [ 23.301857] raw: 0200000000000000 ffffea00040a99c8 ffffea00040a99c8 0000000000000000 [ 23.303102] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 23.303618] page dumped because: kasan: bad access detected [ 23.304135] [ 23.305077] Memory state around the buggy address: [ 23.305476] ffff888102a67b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.306314] ffff888102a67c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.307068] >ffff888102a67c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 23.308180] ^ [ 23.308605] ffff888102a67d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 23.309463] ffff888102a67d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 23.310263] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 209.440193] WARNING: CPU: 0 PID: 2032 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 209.440810] Modules linked in: [ 209.441663] CPU: 0 UID: 0 PID: 2032 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 209.444269] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 209.444772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 209.445771] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 209.446096] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 209.448460] RSP: 0000:ffff8881069b7ba0 EFLAGS: 00010246 [ 209.448970] RAX: dffffc0000000000 RBX: ffff8881069b7c98 RCX: 0000000000000000 [ 209.450170] RDX: 1ffff11020d36f9c RSI: ffff8881069b7c98 RDI: ffff8881069b7ce0 [ 209.450890] RBP: ffff8881069b7be0 R08: ffff88810644a000 R09: ffffffffa67b6200 [ 209.451519] R10: 0000000000000003 R11: 00000000ffffffff R12: ffff88810644a000 [ 209.452470] R13: ffff888100317b20 R14: ffff8881069b7c18 R15: ffff8881069b7e28 [ 209.453478] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 209.454347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.454849] CR2: 00007ffff7ffe000 CR3: 000000017c0b8000 CR4: 00000000000006f0 [ 209.455734] DR0: ffffffffa87eb1a0 DR1: ffffffffa87eb1a1 DR2: ffffffffa87eb1a2 [ 209.456745] DR3: ffffffffa87eb1a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 209.457656] Call Trace: [ 209.458503] <TASK> [ 209.458753] ? show_regs+0x68/0x80 [ 209.459045] ? __warn+0xd5/0x260 [ 209.459845] ? drm_framebuffer_init+0x44/0x300 [ 209.460283] ? report_bug+0x278/0x2e0 [ 209.461243] ? handle_bug+0x5c/0xb0 [ 209.462556] ? exc_invalid_op+0x1c/0x50 [ 209.463243] ? asm_exc_invalid_op+0x1f/0x30 [ 209.463851] ? drm_framebuffer_init+0x44/0x300 [ 209.464727] ? add_dr+0xc1/0x1d0 [ 209.465459] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 209.466588] ? add_dr+0x148/0x1d0 [ 209.467324] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 209.468257] ? __drmm_add_action+0x1a4/0x280 [ 209.468595] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 209.469264] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 209.470728] ? __drmm_add_action_or_reset+0x22/0x50 [ 209.471652] ? __schedule+0xc3e/0x2790 [ 209.472339] ? __pfx_read_tsc+0x10/0x10 [ 209.473332] ? ktime_get_ts64+0x84/0x230 [ 209.473794] kunit_try_run_case+0x1b3/0x490 [ 209.474571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 209.475502] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 209.475957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 209.476573] ? __kthread_parkme+0x82/0x160 [ 209.477800] ? preempt_count_sub+0x50/0x80 [ 209.478086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 209.479387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 209.479905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 209.480780] kthread+0x257/0x310 [ 209.481895] ? __pfx_kthread+0x10/0x10 [ 209.482354] ret_from_fork+0x41/0x80 [ 209.482829] ? __pfx_kthread+0x10/0x10 [ 209.484701] ret_from_fork_asm+0x1a/0x30 [ 209.485073] </TASK> [ 209.485868] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 209.364939] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 209.366091] WARNING: CPU: 1 PID: 2028 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 209.369149] Modules linked in: [ 209.369985] CPU: 1 UID: 0 PID: 2028 Comm: kunit_try_catch Tainted: G B D N 6.12.0-next-20241126 #1 [ 209.371738] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 209.372572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 209.373622] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 209.374471] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 54 1c 80 00 48 c7 c1 00 12 7b a6 4c 89 fa 48 c7 c7 60 12 7b a6 48 89 c6 e8 5b 80 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 209.376130] RSP: 0000:ffff8881065f7bd8 EFLAGS: 00010282 [ 209.376822] RAX: 0000000000000000 RBX: ffff8881065f7cb0 RCX: 1ffffffff4ea42ec [ 209.377449] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 209.378123] RBP: ffff8881065f7c00 R08: 0000000000000000 R09: fffffbfff4ea42ec [ 209.378889] R10: 0000000000000003 R11: 0000000000027328 R12: ffff8881065f7c88 [ 209.379937] R13: ffff888106889800 R14: ffff8881051e0000 R15: ffff888106979e00 [ 209.380765] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 209.381275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.382118] CR2: ffffffffffffffff CR3: 000000017c0b8000 CR4: 00000000000006f0 [ 209.382691] DR0: ffffffffa87eb1a0 DR1: ffffffffa87eb1a1 DR2: ffffffffa87eb1a3 [ 209.383993] DR3: ffffffffa87eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 209.384367] Call Trace: [ 209.384926] <TASK> [ 209.385483] ? show_regs+0x68/0x80 [ 209.385921] ? __warn+0xd5/0x260 [ 209.386253] ? drm_framebuffer_free+0x136/0x1b0 [ 209.387465] ? report_bug+0x278/0x2e0 [ 209.387952] ? handle_bug+0x5c/0xb0 [ 209.388502] ? exc_invalid_op+0x1c/0x50 [ 209.388952] ? asm_exc_invalid_op+0x1f/0x30 [ 209.389700] ? drm_framebuffer_free+0x136/0x1b0 [ 209.390223] ? drm_framebuffer_free+0x135/0x1b0 [ 209.390736] drm_test_framebuffer_free+0x1ac/0x610 [ 209.392163] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 209.392694] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 209.393342] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 209.394285] ? __drmm_add_action_or_reset+0x22/0x50 [ 209.395393] ? __schedule+0xc3e/0x2790 [ 209.396314] ? __pfx_read_tsc+0x10/0x10 [ 209.396810] ? ktime_get_ts64+0x84/0x230 [ 209.397706] kunit_try_run_case+0x1b3/0x490 [ 209.398098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 209.398909] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 209.399980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 209.400355] ? __kthread_parkme+0x82/0x160 [ 209.400932] ? preempt_count_sub+0x50/0x80 [ 209.401729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 209.402352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 209.403449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 209.404417] kthread+0x257/0x310 [ 209.405228] ? __pfx_kthread+0x10/0x10 [ 209.405612] ret_from_fork+0x41/0x80 [ 209.406074] ? __pfx_kthread+0x10/0x10 [ 209.406890] ret_from_fork_asm+0x1a/0x30 [ 209.407424] </TASK> [ 209.407695] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 23.228819] ================================================================== [ 23.230029] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 23.231115] Read of size 1 at addr ffff888102b37c9f by task kunit_try_catch/258 [ 23.231823] [ 23.232078] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.233067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.233323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.235064] Call Trace: [ 23.235626] <TASK> [ 23.236114] dump_stack_lvl+0x73/0xb0 [ 23.236656] print_report+0xd1/0x640 [ 23.237269] ? __virt_addr_valid+0x1db/0x2d0 [ 23.237619] ? kasan_addr_to_slab+0x11/0xa0 [ 23.238085] kasan_report+0x102/0x140 [ 23.239708] ? kasan_alloca_oob_left+0x31f/0x380 [ 23.240758] ? kasan_alloca_oob_left+0x31f/0x380 [ 23.241236] __asan_report_load1_noabort+0x18/0x20 [ 23.241967] kasan_alloca_oob_left+0x31f/0x380 [ 23.242333] ? __pfx_trace_event_raw_event_ipi_raise+0x10/0x10 [ 23.243103] ? __schedule+0xc3e/0x2790 [ 23.243626] ? trace_hardirqs_on+0x37/0xe0 [ 23.243936] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 23.244903] ? __schedule+0xc3e/0x2790 [ 23.245790] ? __pfx_read_tsc+0x10/0x10 [ 23.246237] ? ktime_get_ts64+0x84/0x230 [ 23.246711] kunit_try_run_case+0x1b3/0x490 [ 23.247180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.247687] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.248259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.248656] ? __kthread_parkme+0x82/0x160 [ 23.249115] ? preempt_count_sub+0x50/0x80 [ 23.249985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.250800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.251587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.252842] kthread+0x257/0x310 [ 23.253636] ? __pfx_kthread+0x10/0x10 [ 23.254092] ret_from_fork+0x41/0x80 [ 23.255135] ? __pfx_kthread+0x10/0x10 [ 23.255584] ret_from_fork_asm+0x1a/0x30 [ 23.256223] </TASK> [ 23.256413] [ 23.256658] The buggy address belongs to stack of task kunit_try_catch/258 [ 23.257261] [ 23.257465] The buggy address belongs to the physical page: [ 23.257976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b37 [ 23.259991] flags: 0x200000000000000(node=0|zone=2) [ 23.260454] raw: 0200000000000000 ffffea00040acdc8 ffffea00040acdc8 0000000000000000 [ 23.261559] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 23.262233] page dumped because: kasan: bad access detected [ 23.263338] [ 23.263569] Memory state around the buggy address: [ 23.264568] ffff888102b37b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.265596] ffff888102b37c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.265882] >ffff888102b37c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 23.266108] ^ [ 23.266253] ffff888102b37d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 23.266462] ffff888102b37d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 23.267550] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 23.177847] ================================================================== [ 23.179182] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 23.179875] Read of size 1 at addr ffff8881029e7d72 by task kunit_try_catch/256 [ 23.180379] [ 23.180930] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.182585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.182997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.184323] Call Trace: [ 23.184767] <TASK> [ 23.185064] dump_stack_lvl+0x73/0xb0 [ 23.185378] print_report+0xd1/0x640 [ 23.185682] ? __virt_addr_valid+0x1db/0x2d0 [ 23.186696] ? kasan_addr_to_slab+0x11/0xa0 [ 23.187310] kasan_report+0x102/0x140 [ 23.187794] ? kasan_stack_oob+0x2ae/0x300 [ 23.188465] ? kasan_stack_oob+0x2ae/0x300 [ 23.189227] __asan_report_load1_noabort+0x18/0x20 [ 23.189708] kasan_stack_oob+0x2ae/0x300 [ 23.190786] ? __pfx_kasan_stack_oob+0x10/0x10 [ 23.191341] ? finish_task_switch.isra.0+0x153/0x700 [ 23.191918] ? __switch_to+0x5d9/0xf60 [ 23.192455] ? __schedule+0xc3e/0x2790 [ 23.192809] ? __pfx_read_tsc+0x10/0x10 [ 23.193173] ? ktime_get_ts64+0x84/0x230 [ 23.193822] kunit_try_run_case+0x1b3/0x490 [ 23.194781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.195412] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.196164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.196669] ? __kthread_parkme+0x82/0x160 [ 23.197344] ? preempt_count_sub+0x50/0x80 [ 23.197714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.198749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.199255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.200199] kthread+0x257/0x310 [ 23.200619] ? __pfx_kthread+0x10/0x10 [ 23.201264] ret_from_fork+0x41/0x80 [ 23.201746] ? __pfx_kthread+0x10/0x10 [ 23.202534] ret_from_fork_asm+0x1a/0x30 [ 23.203022] </TASK> [ 23.203656] [ 23.204234] The buggy address belongs to stack of task kunit_try_catch/256 [ 23.205308] and is located at offset 138 in frame: [ 23.205816] kasan_stack_oob+0x0/0x300 [ 23.206954] [ 23.207246] This frame has 4 objects: [ 23.207883] [48, 49) '__assertion' [ 23.207985] [64, 72) 'array' [ 23.208655] [96, 112) '__assertion' [ 23.209278] [128, 138) 'stack_array' [ 23.209836] [ 23.210862] The buggy address belongs to the physical page: [ 23.211607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e7 [ 23.212455] flags: 0x200000000000000(node=0|zone=2) [ 23.213244] raw: 0200000000000000 ffffea00040a79c8 ffffea00040a79c8 0000000000000000 [ 23.213914] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 23.214900] page dumped because: kasan: bad access detected [ 23.215389] [ 23.215899] Memory state around the buggy address: [ 23.216394] ffff8881029e7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.217317] ffff8881029e7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 23.217938] >ffff8881029e7d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 23.219044] ^ [ 23.219560] ffff8881029e7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 23.220198] ffff8881029e7e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 23.221123] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 23.133381] ================================================================== [ 23.134459] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 23.135360] Read of size 1 at addr ffffffffa87fcc2d by task kunit_try_catch/252 [ 23.135846] [ 23.136142] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.136889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.137387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.138277] Call Trace: [ 23.138509] <TASK> [ 23.138851] dump_stack_lvl+0x73/0xb0 [ 23.140194] print_report+0xd1/0x640 [ 23.140852] ? __virt_addr_valid+0x1db/0x2d0 [ 23.141245] ? kasan_addr_to_slab+0x11/0xa0 [ 23.141971] kasan_report+0x102/0x140 [ 23.142569] ? kasan_global_oob_right+0x288/0x2d0 [ 23.143318] ? kasan_global_oob_right+0x288/0x2d0 [ 23.144025] __asan_report_load1_noabort+0x18/0x20 [ 23.144426] kasan_global_oob_right+0x288/0x2d0 [ 23.145133] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 23.145839] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 23.146457] kunit_try_run_case+0x1b3/0x490 [ 23.146941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.147348] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.148275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.148894] ? __kthread_parkme+0x82/0x160 [ 23.149512] ? preempt_count_sub+0x50/0x80 [ 23.150221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.150728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.151234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.152111] kthread+0x257/0x310 [ 23.152441] ? __pfx_kthread+0x10/0x10 [ 23.153144] ret_from_fork+0x41/0x80 [ 23.154010] ? __pfx_kthread+0x10/0x10 [ 23.154360] ret_from_fork_asm+0x1a/0x30 [ 23.154969] </TASK> [ 23.155181] [ 23.155477] The buggy address belongs to the variable: [ 23.156057] global_array+0xd/0x40 [ 23.156421] [ 23.157260] The buggy address belongs to the physical page: [ 23.157601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x17d3fc [ 23.158642] flags: 0x200000000002000(reserved|node=0|zone=2) [ 23.159355] raw: 0200000000002000 ffffea0005f4ff08 ffffea0005f4ff08 0000000000000000 [ 23.160186] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.161088] page dumped because: kasan: bad access detected [ 23.161438] [ 23.162000] Memory state around the buggy address: [ 23.162346] ffffffffa87fcb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.163018] ffffffffa87fcb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.163549] >ffffffffa87fcc00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 23.164613] ^ [ 23.165311] ffffffffa87fcc80: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 23.165877] ffffffffa87fcd00: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 23.166914] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 23.090257] ================================================================== [ 23.091112] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.091822] Free of addr ffff888102ad8001 by task kunit_try_catch/250 [ 23.092467] [ 23.092991] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.093977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.094535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.094939] Call Trace: [ 23.095250] <TASK> [ 23.095526] dump_stack_lvl+0x73/0xb0 [ 23.096176] print_report+0xd1/0x640 [ 23.096641] ? __virt_addr_valid+0x1db/0x2d0 [ 23.097161] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.097757] ? kasan_addr_to_slab+0x11/0xa0 [ 23.098443] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.099139] kasan_report_invalid_free+0xc0/0xf0 [ 23.099565] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.100034] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.100519] __kasan_mempool_poison_object+0x102/0x1d0 [ 23.101055] mempool_free+0x2ec/0x380 [ 23.101549] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.101989] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 23.102709] ? finish_task_switch.isra.0+0x153/0x700 [ 23.103229] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 23.103706] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 23.104340] ? __switch_to+0x5d9/0xf60 [ 23.104808] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.105221] ? __pfx_mempool_kfree+0x10/0x10 [ 23.105550] ? __pfx_read_tsc+0x10/0x10 [ 23.106074] ? ktime_get_ts64+0x84/0x230 [ 23.106540] kunit_try_run_case+0x1b3/0x490 [ 23.107051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.107639] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.108072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.108676] ? __kthread_parkme+0x82/0x160 [ 23.109057] ? preempt_count_sub+0x50/0x80 [ 23.109365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.109929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.110559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.111122] kthread+0x257/0x310 [ 23.111636] ? __pfx_kthread+0x10/0x10 [ 23.112009] ret_from_fork+0x41/0x80 [ 23.112404] ? __pfx_kthread+0x10/0x10 [ 23.112925] ret_from_fork_asm+0x1a/0x30 [ 23.113323] </TASK> [ 23.113677] [ 23.113887] The buggy address belongs to the physical page: [ 23.114342] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad8 [ 23.114943] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.115538] flags: 0x200000000000040(head|node=0|zone=2) [ 23.116172] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.116794] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.117381] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.118097] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.118756] head: 0200000000000002 ffffea00040ab601 ffffffffffffffff 0000000000000000 [ 23.119379] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.120127] page dumped because: kasan: bad access detected [ 23.120432] [ 23.120647] Memory state around the buggy address: [ 23.121111] ffff888102ad7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.121831] ffff888102ad7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.122525] >ffff888102ad8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.123102] ^ [ 23.123342] ffff888102ad8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.123789] ffff888102ad8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.124325] ================================================================== [ 23.025707] ================================================================== [ 23.026910] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.027839] Free of addr ffff8881028c3b01 by task kunit_try_catch/248 [ 23.028443] [ 23.028655] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.030054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.030473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.032056] Call Trace: [ 23.032638] <TASK> [ 23.032818] dump_stack_lvl+0x73/0xb0 [ 23.034131] print_report+0xd1/0x640 [ 23.034512] ? __virt_addr_valid+0x1db/0x2d0 [ 23.034992] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.035453] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.036071] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.037409] kasan_report_invalid_free+0xc0/0xf0 [ 23.037903] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.038638] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.039257] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.039826] check_slab_allocation+0x11f/0x130 [ 23.041302] __kasan_mempool_poison_object+0x91/0x1d0 [ 23.041730] mempool_free+0x2ec/0x380 [ 23.042076] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 23.042769] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 23.043461] ? irqentry_exit+0x2a/0x60 [ 23.044115] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 23.044478] ? trace_hardirqs_on+0x37/0xe0 [ 23.045041] mempool_kmalloc_invalid_free+0xb1/0x100 [ 23.045781] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 23.046505] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.047237] ? __pfx_mempool_kfree+0x10/0x10 [ 23.047466] ? ktime_get_ts64+0xf6/0x230 [ 23.047746] ? ktime_get_ts64+0x84/0x230 [ 23.048033] kunit_try_run_case+0x1b3/0x490 [ 23.048331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.048875] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.049539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.051117] ? __kthread_parkme+0x82/0x160 [ 23.051607] ? preempt_count_sub+0x50/0x80 [ 23.052242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.052907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.053570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.054198] kthread+0x257/0x310 [ 23.054468] ? __pfx_kthread+0x10/0x10 [ 23.054998] ret_from_fork+0x41/0x80 [ 23.055374] ? __pfx_kthread+0x10/0x10 [ 23.056418] ret_from_fork_asm+0x1a/0x30 [ 23.057174] </TASK> [ 23.057406] [ 23.057664] Allocated by task 248: [ 23.058075] kasan_save_stack+0x3d/0x60 [ 23.058721] kasan_save_track+0x18/0x40 [ 23.059185] kasan_save_alloc_info+0x3b/0x50 [ 23.060100] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 23.060891] remove_element+0x11e/0x190 [ 23.061390] mempool_alloc_preallocated+0x4d/0x90 [ 23.062067] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 23.062643] mempool_kmalloc_invalid_free+0xb1/0x100 [ 23.063129] kunit_try_run_case+0x1b3/0x490 [ 23.063653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.064074] kthread+0x257/0x310 [ 23.064480] ret_from_fork+0x41/0x80 [ 23.064918] ret_from_fork_asm+0x1a/0x30 [ 23.065287] [ 23.065473] The buggy address belongs to the object at ffff8881028c3b00 [ 23.065473] which belongs to the cache kmalloc-128 of size 128 [ 23.066840] The buggy address is located 1 bytes inside of [ 23.066840] 128-byte region [ffff8881028c3b00, ffff8881028c3b80) [ 23.068438] [ 23.068759] The buggy address belongs to the physical page: [ 23.069657] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c3 [ 23.070649] flags: 0x200000000000000(node=0|zone=2) [ 23.071720] page_type: f5(slab) [ 23.072618] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.073976] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.075254] page dumped because: kasan: bad access detected [ 23.075826] [ 23.076775] Memory state around the buggy address: [ 23.077510] ffff8881028c3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.078205] ffff8881028c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.078929] >ffff8881028c3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.079458] ^ [ 23.080567] ffff8881028c3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.081581] ffff8881028c3c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.082153] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 22.921870] ================================================================== [ 22.922810] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 22.924024] Free of addr ffff888102a30000 by task kunit_try_catch/244 [ 22.924647] [ 22.924842] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.926195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.926873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.928254] Call Trace: [ 22.928504] <TASK> [ 22.928879] dump_stack_lvl+0x73/0xb0 [ 22.929298] print_report+0xd1/0x640 [ 22.929923] ? __virt_addr_valid+0x1db/0x2d0 [ 22.931002] ? mempool_double_free_helper+0x185/0x370 [ 22.931514] ? kasan_addr_to_slab+0x11/0xa0 [ 22.932010] ? mempool_double_free_helper+0x185/0x370 [ 22.932713] kasan_report_invalid_free+0xc0/0xf0 [ 22.933473] ? mempool_double_free_helper+0x185/0x370 [ 22.933889] ? mempool_double_free_helper+0x185/0x370 [ 22.934716] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 22.935159] mempool_free+0x2ec/0x380 [ 22.936506] mempool_double_free_helper+0x185/0x370 [ 22.937025] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 22.937625] ? finish_task_switch.isra.0+0x153/0x700 [ 22.938382] mempool_kmalloc_large_double_free+0xb1/0x100 [ 22.939249] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 22.939952] ? __switch_to+0x5d9/0xf60 [ 22.940366] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.941371] ? __pfx_mempool_kfree+0x10/0x10 [ 22.941800] ? __pfx_read_tsc+0x10/0x10 [ 22.942570] ? ktime_get_ts64+0x84/0x230 [ 22.943434] kunit_try_run_case+0x1b3/0x490 [ 22.944171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.945404] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.946463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.946950] ? __kthread_parkme+0x82/0x160 [ 22.947563] ? preempt_count_sub+0x50/0x80 [ 22.948069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.948861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.949442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.949942] kthread+0x257/0x310 [ 22.950305] ? __pfx_kthread+0x10/0x10 [ 22.951813] ret_from_fork+0x41/0x80 [ 22.952273] ? __pfx_kthread+0x10/0x10 [ 22.952577] ret_from_fork_asm+0x1a/0x30 [ 22.953754] </TASK> [ 22.954178] [ 22.954660] The buggy address belongs to the physical page: [ 22.955406] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 22.956659] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.957559] flags: 0x200000000000040(head|node=0|zone=2) [ 22.958847] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.959332] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.960007] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.960811] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.961502] head: 0200000000000002 ffffea00040a8c01 ffffffffffffffff 0000000000000000 [ 22.962061] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.963506] page dumped because: kasan: bad access detected [ 22.964558] [ 22.964761] Memory state around the buggy address: [ 22.965070] ffff888102a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.966335] ffff888102a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.967187] >ffff888102a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.967809] ^ [ 22.968115] ffff888102a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.969517] ffff888102a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.970132] ================================================================== [ 22.977735] ================================================================== [ 22.978562] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 22.979406] Free of addr ffff888102ad8000 by task kunit_try_catch/246 [ 22.980417] [ 22.980647] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.981434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.983032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.983874] Call Trace: [ 22.984244] <TASK> [ 22.984476] dump_stack_lvl+0x73/0xb0 [ 22.985036] print_report+0xd1/0x640 [ 22.985630] ? __virt_addr_valid+0x1db/0x2d0 [ 22.986687] ? mempool_double_free_helper+0x185/0x370 [ 22.987425] ? kasan_addr_to_slab+0x11/0xa0 [ 22.987726] ? mempool_double_free_helper+0x185/0x370 [ 22.988974] kasan_report_invalid_free+0xc0/0xf0 [ 22.989794] ? mempool_double_free_helper+0x185/0x370 [ 22.990503] ? mempool_double_free_helper+0x185/0x370 [ 22.991534] __kasan_mempool_poison_pages+0x115/0x130 [ 22.992370] mempool_free+0x290/0x380 [ 22.993246] mempool_double_free_helper+0x185/0x370 [ 22.993811] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 22.994364] ? finish_task_switch.isra.0+0x153/0x700 [ 22.995390] mempool_page_alloc_double_free+0xac/0x100 [ 22.996541] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 22.997251] ? __switch_to+0x5d9/0xf60 [ 22.998249] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 22.998619] ? __pfx_mempool_free_pages+0x10/0x10 [ 22.999811] ? __pfx_read_tsc+0x10/0x10 [ 23.000173] ? ktime_get_ts64+0x84/0x230 [ 23.001055] kunit_try_run_case+0x1b3/0x490 [ 23.001438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.001967] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.002909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.003453] ? __kthread_parkme+0x82/0x160 [ 23.004043] ? preempt_count_sub+0x50/0x80 [ 23.004626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.004881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.005093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.005326] kthread+0x257/0x310 [ 23.005466] ? __pfx_kthread+0x10/0x10 [ 23.005728] ret_from_fork+0x41/0x80 [ 23.006000] ? __pfx_kthread+0x10/0x10 [ 23.006401] ret_from_fork_asm+0x1a/0x30 [ 23.007068] </TASK> [ 23.007349] [ 23.007647] The buggy address belongs to the physical page: [ 23.008283] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad8 [ 23.009109] flags: 0x200000000000000(node=0|zone=2) [ 23.009713] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.010710] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.011246] page dumped because: kasan: bad access detected [ 23.011715] [ 23.011968] Memory state around the buggy address: [ 23.012689] ffff888102ad7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.013118] ffff888102ad7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.013514] >ffff888102ad8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.014250] ^ [ 23.014832] ffff888102ad8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.015836] ffff888102ad8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.016281] ================================================================== [ 22.852925] ================================================================== [ 22.854146] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 22.855129] Free of addr ffff888102ba4b00 by task kunit_try_catch/242 [ 22.856373] [ 22.856637] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.857373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.857833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.858422] Call Trace: [ 22.858815] <TASK> [ 22.859103] dump_stack_lvl+0x73/0xb0 [ 22.859665] print_report+0xd1/0x640 [ 22.860510] ? __virt_addr_valid+0x1db/0x2d0 [ 22.860892] ? mempool_double_free_helper+0x185/0x370 [ 22.861446] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.862145] ? mempool_double_free_helper+0x185/0x370 [ 22.862682] kasan_report_invalid_free+0xc0/0xf0 [ 22.863266] ? mempool_double_free_helper+0x185/0x370 [ 22.863884] ? mempool_double_free_helper+0x185/0x370 [ 22.864890] ? mempool_double_free_helper+0x185/0x370 [ 22.865436] check_slab_allocation+0x101/0x130 [ 22.866006] __kasan_mempool_poison_object+0x91/0x1d0 [ 22.866719] mempool_free+0x2ec/0x380 [ 22.867167] mempool_double_free_helper+0x185/0x370 [ 22.867736] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 22.868332] ? finish_task_switch.isra.0+0x153/0x700 [ 22.868891] mempool_kmalloc_double_free+0xb1/0x100 [ 22.871169] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 22.872014] ? __switch_to+0x5d9/0xf60 [ 22.872412] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.872884] ? __pfx_mempool_kfree+0x10/0x10 [ 22.873269] ? __pfx_read_tsc+0x10/0x10 [ 22.873735] ? ktime_get_ts64+0x84/0x230 [ 22.874155] kunit_try_run_case+0x1b3/0x490 [ 22.874782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.875056] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.875543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.875870] ? __kthread_parkme+0x82/0x160 [ 22.876430] ? preempt_count_sub+0x50/0x80 [ 22.877151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.878361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.878983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.880233] kthread+0x257/0x310 [ 22.880747] ? __pfx_kthread+0x10/0x10 [ 22.881316] ret_from_fork+0x41/0x80 [ 22.882005] ? __pfx_kthread+0x10/0x10 [ 22.882574] ret_from_fork_asm+0x1a/0x30 [ 22.883264] </TASK> [ 22.883668] [ 22.883924] Allocated by task 242: [ 22.884388] kasan_save_stack+0x3d/0x60 [ 22.885247] kasan_save_track+0x18/0x40 [ 22.885766] kasan_save_alloc_info+0x3b/0x50 [ 22.886366] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 22.887003] remove_element+0x11e/0x190 [ 22.887547] mempool_alloc_preallocated+0x4d/0x90 [ 22.888201] mempool_double_free_helper+0x8b/0x370 [ 22.888745] mempool_kmalloc_double_free+0xb1/0x100 [ 22.889345] kunit_try_run_case+0x1b3/0x490 [ 22.889722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.890402] kthread+0x257/0x310 [ 22.891513] ret_from_fork+0x41/0x80 [ 22.891859] ret_from_fork_asm+0x1a/0x30 [ 22.892315] [ 22.892527] Freed by task 242: [ 22.893241] kasan_save_stack+0x3d/0x60 [ 22.893913] kasan_save_track+0x18/0x40 [ 22.894466] kasan_save_free_info+0x3f/0x60 [ 22.895114] __kasan_mempool_poison_object+0x131/0x1d0 [ 22.895999] mempool_free+0x2ec/0x380 [ 22.896354] mempool_double_free_helper+0x10a/0x370 [ 22.897051] mempool_kmalloc_double_free+0xb1/0x100 [ 22.897961] kunit_try_run_case+0x1b3/0x490 [ 22.898363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.899168] kthread+0x257/0x310 [ 22.899665] ret_from_fork+0x41/0x80 [ 22.900379] ret_from_fork_asm+0x1a/0x30 [ 22.900655] [ 22.901395] The buggy address belongs to the object at ffff888102ba4b00 [ 22.901395] which belongs to the cache kmalloc-128 of size 128 [ 22.902303] The buggy address is located 0 bytes inside of [ 22.902303] 128-byte region [ffff888102ba4b00, ffff888102ba4b80) [ 22.902855] [ 22.903065] The buggy address belongs to the physical page: [ 22.904520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba4 [ 22.905563] flags: 0x200000000000000(node=0|zone=2) [ 22.905941] page_type: f5(slab) [ 22.906343] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.907247] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.908110] page dumped because: kasan: bad access detected [ 22.908636] [ 22.909088] Memory state around the buggy address: [ 22.909510] ffff888102ba4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.910691] ffff888102ba4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.911154] >ffff888102ba4b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.911877] ^ [ 22.912154] ffff888102ba4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.913441] ffff888102ba4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.913884] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 22.813394] ================================================================== [ 22.814112] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 22.815441] Read of size 1 at addr ffff888102ad8000 by task kunit_try_catch/240 [ 22.816561] [ 22.816775] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.818071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.818502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.819523] Call Trace: [ 22.820010] <TASK> [ 22.820528] dump_stack_lvl+0x73/0xb0 [ 22.821266] print_report+0xd1/0x640 [ 22.821662] ? __virt_addr_valid+0x1db/0x2d0 [ 22.822099] ? kasan_addr_to_slab+0x11/0xa0 [ 22.822600] kasan_report+0x102/0x140 [ 22.823033] ? mempool_uaf_helper+0x394/0x400 [ 22.823606] ? mempool_uaf_helper+0x394/0x400 [ 22.824018] __asan_report_load1_noabort+0x18/0x20 [ 22.824349] mempool_uaf_helper+0x394/0x400 [ 22.824737] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 22.825290] ? update_curr+0x7d/0x5a0 [ 22.825672] mempool_page_alloc_uaf+0xb1/0x100 [ 22.826170] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 22.826560] ? schedule+0x7c/0x310 [ 22.826996] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 22.827321] ? __pfx_mempool_free_pages+0x10/0x10 [ 22.827878] ? __pfx_read_tsc+0x10/0x10 [ 22.828239] ? ktime_get_ts64+0x84/0x230 [ 22.828741] kunit_try_run_case+0x1b3/0x490 [ 22.829123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.829642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.830120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.830467] ? __kthread_parkme+0x82/0x160 [ 22.830980] ? preempt_count_sub+0x50/0x80 [ 22.831370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.831770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.832137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.832620] kthread+0x257/0x310 [ 22.833020] ? __pfx_kthread+0x10/0x10 [ 22.833447] ret_from_fork+0x41/0x80 [ 22.833926] ? __pfx_kthread+0x10/0x10 [ 22.834335] ret_from_fork_asm+0x1a/0x30 [ 22.834870] </TASK> [ 22.835099] [ 22.835378] The buggy address belongs to the physical page: [ 22.835942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad8 [ 22.836410] flags: 0x200000000000000(node=0|zone=2) [ 22.836992] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.837649] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.838238] page dumped because: kasan: bad access detected [ 22.838620] [ 22.838842] Memory state around the buggy address: [ 22.839302] ffff888102ad7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.839927] ffff888102ad7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.840572] >ffff888102ad8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.841105] ^ [ 22.841363] ffff888102ad8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.841806] ffff888102ad8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.842326] ================================================================== [ 22.691882] ================================================================== [ 22.692732] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 22.693080] Read of size 1 at addr ffff888102a30000 by task kunit_try_catch/236 [ 22.693713] [ 22.693976] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.696047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.696900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.698177] Call Trace: [ 22.698438] <TASK> [ 22.698753] dump_stack_lvl+0x73/0xb0 [ 22.699128] print_report+0xd1/0x640 [ 22.699759] ? __virt_addr_valid+0x1db/0x2d0 [ 22.700145] ? kasan_addr_to_slab+0x11/0xa0 [ 22.700445] kasan_report+0x102/0x140 [ 22.701514] ? mempool_uaf_helper+0x394/0x400 [ 22.702060] ? mempool_uaf_helper+0x394/0x400 [ 22.702571] __asan_report_load1_noabort+0x18/0x20 [ 22.703267] mempool_uaf_helper+0x394/0x400 [ 22.703640] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 22.704248] ? finish_task_switch.isra.0+0x153/0x700 [ 22.705346] mempool_kmalloc_large_uaf+0xb3/0x100 [ 22.706016] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 22.706323] ? __switch_to+0x5d9/0xf60 [ 22.707412] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.708522] ? __pfx_mempool_kfree+0x10/0x10 [ 22.708939] ? __pfx_read_tsc+0x10/0x10 [ 22.709733] ? ktime_get_ts64+0x84/0x230 [ 22.710137] kunit_try_run_case+0x1b3/0x490 [ 22.711282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.711661] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.712175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.713285] ? __kthread_parkme+0x82/0x160 [ 22.714017] ? preempt_count_sub+0x50/0x80 [ 22.714520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.714934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.715711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.716309] kthread+0x257/0x310 [ 22.717229] ? __pfx_kthread+0x10/0x10 [ 22.717936] ret_from_fork+0x41/0x80 [ 22.718546] ? __pfx_kthread+0x10/0x10 [ 22.718895] ret_from_fork_asm+0x1a/0x30 [ 22.719637] </TASK> [ 22.719886] [ 22.720127] The buggy address belongs to the physical page: [ 22.720474] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 22.721133] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.721630] flags: 0x200000000000040(head|node=0|zone=2) [ 22.722278] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.723038] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.723456] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.724357] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.724974] head: 0200000000000002 ffffea00040a8c01 ffffffffffffffff 0000000000000000 [ 22.726441] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.726874] page dumped because: kasan: bad access detected [ 22.727182] [ 22.728315] Memory state around the buggy address: [ 22.728847] ffff888102a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.729665] ffff888102a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.730900] >ffff888102a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.731378] ^ [ 22.731811] ffff888102a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.732546] ffff888102a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.733334] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 22.742234] ================================================================== [ 22.743305] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 22.744028] Read of size 1 at addr ffff8881028c6240 by task kunit_try_catch/238 [ 22.744686] [ 22.745089] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.745864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.746508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.747381] Call Trace: [ 22.747716] <TASK> [ 22.748526] dump_stack_lvl+0x73/0xb0 [ 22.748912] print_report+0xd1/0x640 [ 22.749527] ? __virt_addr_valid+0x1db/0x2d0 [ 22.750876] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.751366] kasan_report+0x102/0x140 [ 22.751714] ? mempool_uaf_helper+0x394/0x400 [ 22.752363] ? mempool_uaf_helper+0x394/0x400 [ 22.753289] __asan_report_load1_noabort+0x18/0x20 [ 22.753672] mempool_uaf_helper+0x394/0x400 [ 22.754120] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 22.754580] ? irqentry_exit+0x2a/0x60 [ 22.754947] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 22.755359] mempool_slab_uaf+0xae/0x100 [ 22.756816] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 22.757688] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 22.758298] ? __pfx_mempool_free_slab+0x10/0x10 [ 22.758760] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 22.759740] kunit_try_run_case+0x1b3/0x490 [ 22.760787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.761341] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.762222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.762848] ? __kthread_parkme+0x82/0x160 [ 22.763608] ? preempt_count_sub+0x50/0x80 [ 22.764159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.765050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.765775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.766393] kthread+0x257/0x310 [ 22.766832] ? __pfx_kthread+0x10/0x10 [ 22.767550] ret_from_fork+0x41/0x80 [ 22.768166] ? __pfx_kthread+0x10/0x10 [ 22.768737] ret_from_fork_asm+0x1a/0x30 [ 22.769157] </TASK> [ 22.769699] [ 22.769986] Allocated by task 238: [ 22.770351] kasan_save_stack+0x3d/0x60 [ 22.771071] kasan_save_track+0x18/0x40 [ 22.771735] kasan_save_alloc_info+0x3b/0x50 [ 22.772470] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 22.773319] remove_element+0x11e/0x190 [ 22.773990] mempool_alloc_preallocated+0x4d/0x90 [ 22.774423] mempool_uaf_helper+0x97/0x400 [ 22.774875] mempool_slab_uaf+0xae/0x100 [ 22.775750] kunit_try_run_case+0x1b3/0x490 [ 22.776320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.776913] kthread+0x257/0x310 [ 22.777877] ret_from_fork+0x41/0x80 [ 22.778637] ret_from_fork_asm+0x1a/0x30 [ 22.779316] [ 22.779565] Freed by task 238: [ 22.779992] kasan_save_stack+0x3d/0x60 [ 22.780540] kasan_save_track+0x18/0x40 [ 22.780888] kasan_save_free_info+0x3f/0x60 [ 22.781307] __kasan_mempool_poison_object+0x131/0x1d0 [ 22.782404] mempool_free+0x2ec/0x380 [ 22.782759] mempool_uaf_helper+0x11b/0x400 [ 22.783048] mempool_slab_uaf+0xae/0x100 [ 22.783466] kunit_try_run_case+0x1b3/0x490 [ 22.783931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.784964] kthread+0x257/0x310 [ 22.785343] ret_from_fork+0x41/0x80 [ 22.785800] ret_from_fork_asm+0x1a/0x30 [ 22.786454] [ 22.787344] The buggy address belongs to the object at ffff8881028c6240 [ 22.787344] which belongs to the cache test_cache of size 123 [ 22.788865] The buggy address is located 0 bytes inside of [ 22.788865] freed 123-byte region [ffff8881028c6240, ffff8881028c62bb) [ 22.790255] [ 22.790519] The buggy address belongs to the physical page: [ 22.791338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c6 [ 22.791972] flags: 0x200000000000000(node=0|zone=2) [ 22.792310] page_type: f5(slab) [ 22.792910] raw: 0200000000000000 ffff888101b1ea00 dead000000000122 0000000000000000 [ 22.794319] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 22.794817] page dumped because: kasan: bad access detected [ 22.795508] [ 22.795752] Memory state around the buggy address: [ 22.796037] ffff8881028c6100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.796866] ffff8881028c6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.797335] >ffff8881028c6200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 22.797902] ^ [ 22.798506] ffff8881028c6280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.799281] ffff8881028c6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.799668] ================================================================== [ 22.624868] ================================================================== [ 22.625816] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 22.626242] Read of size 1 at addr ffff8881028c3300 by task kunit_try_catch/234 [ 22.627167] [ 22.627335] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.628266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.629255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.630824] Call Trace: [ 22.631129] <TASK> [ 22.631416] dump_stack_lvl+0x73/0xb0 [ 22.631895] print_report+0xd1/0x640 [ 22.632330] ? __virt_addr_valid+0x1db/0x2d0 [ 22.633756] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.634877] kasan_report+0x102/0x140 [ 22.635151] ? mempool_uaf_helper+0x394/0x400 [ 22.636051] ? mempool_uaf_helper+0x394/0x400 [ 22.636842] __asan_report_load1_noabort+0x18/0x20 [ 22.637844] mempool_uaf_helper+0x394/0x400 [ 22.638414] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 22.638955] ? finish_task_switch.isra.0+0x153/0x700 [ 22.639679] mempool_kmalloc_uaf+0xb3/0x100 [ 22.640172] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 22.640735] ? __switch_to+0x5d9/0xf60 [ 22.641592] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.642073] ? __pfx_mempool_kfree+0x10/0x10 [ 22.642520] ? __pfx_read_tsc+0x10/0x10 [ 22.643196] ? ktime_get_ts64+0x84/0x230 [ 22.643804] kunit_try_run_case+0x1b3/0x490 [ 22.644325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.644824] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.645831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.646477] ? __kthread_parkme+0x82/0x160 [ 22.647381] ? preempt_count_sub+0x50/0x80 [ 22.647771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.648516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.649676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.650269] kthread+0x257/0x310 [ 22.650630] ? __pfx_kthread+0x10/0x10 [ 22.650941] ret_from_fork+0x41/0x80 [ 22.651358] ? __pfx_kthread+0x10/0x10 [ 22.652038] ret_from_fork_asm+0x1a/0x30 [ 22.652583] </TASK> [ 22.652857] [ 22.653549] Allocated by task 234: [ 22.653963] kasan_save_stack+0x3d/0x60 [ 22.654756] kasan_save_track+0x18/0x40 [ 22.655036] kasan_save_alloc_info+0x3b/0x50 [ 22.655542] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 22.656040] remove_element+0x11e/0x190 [ 22.656405] mempool_alloc_preallocated+0x4d/0x90 [ 22.656816] mempool_uaf_helper+0x97/0x400 [ 22.657122] mempool_kmalloc_uaf+0xb3/0x100 [ 22.657579] kunit_try_run_case+0x1b3/0x490 [ 22.658027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.659034] kthread+0x257/0x310 [ 22.659404] ret_from_fork+0x41/0x80 [ 22.660582] ret_from_fork_asm+0x1a/0x30 [ 22.661559] [ 22.662013] Freed by task 234: [ 22.662545] kasan_save_stack+0x3d/0x60 [ 22.663078] kasan_save_track+0x18/0x40 [ 22.663738] kasan_save_free_info+0x3f/0x60 [ 22.664262] __kasan_mempool_poison_object+0x131/0x1d0 [ 22.664920] mempool_free+0x2ec/0x380 [ 22.665366] mempool_uaf_helper+0x11b/0x400 [ 22.665940] mempool_kmalloc_uaf+0xb3/0x100 [ 22.666689] kunit_try_run_case+0x1b3/0x490 [ 22.667585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.668381] kthread+0x257/0x310 [ 22.668733] ret_from_fork+0x41/0x80 [ 22.669519] ret_from_fork_asm+0x1a/0x30 [ 22.670037] [ 22.670305] The buggy address belongs to the object at ffff8881028c3300 [ 22.670305] which belongs to the cache kmalloc-128 of size 128 [ 22.671709] The buggy address is located 0 bytes inside of [ 22.671709] freed 128-byte region [ffff8881028c3300, ffff8881028c3380) [ 22.672404] [ 22.672652] The buggy address belongs to the physical page: [ 22.673173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c3 [ 22.674380] flags: 0x200000000000000(node=0|zone=2) [ 22.674924] page_type: f5(slab) [ 22.675742] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.676704] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.677372] page dumped because: kasan: bad access detected [ 22.678351] [ 22.678638] Memory state around the buggy address: [ 22.679333] ffff8881028c3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.680167] ffff8881028c3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.680755] >ffff8881028c3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.681327] ^ [ 22.682140] ffff8881028c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.683378] ffff8881028c3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.684228] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 22.512667] ================================================================== [ 22.513782] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 22.514793] Read of size 1 at addr ffff888102a32001 by task kunit_try_catch/230 [ 22.515403] [ 22.515745] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.517279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.517876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.518415] Call Trace: [ 22.519361] <TASK> [ 22.520030] dump_stack_lvl+0x73/0xb0 [ 22.520732] print_report+0xd1/0x640 [ 22.521341] ? __virt_addr_valid+0x1db/0x2d0 [ 22.521868] ? kasan_addr_to_slab+0x11/0xa0 [ 22.522767] kasan_report+0x102/0x140 [ 22.523382] ? mempool_oob_right_helper+0x31a/0x380 [ 22.523774] ? mempool_oob_right_helper+0x31a/0x380 [ 22.524312] __asan_report_load1_noabort+0x18/0x20 [ 22.524763] mempool_oob_right_helper+0x31a/0x380 [ 22.525420] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 22.526444] ? finish_task_switch.isra.0+0x153/0x700 [ 22.527161] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 22.527992] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 22.528656] ? __switch_to+0x5d9/0xf60 [ 22.529036] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.529431] ? __pfx_mempool_kfree+0x10/0x10 [ 22.529855] ? __pfx_read_tsc+0x10/0x10 [ 22.530216] ? ktime_get_ts64+0x84/0x230 [ 22.531148] kunit_try_run_case+0x1b3/0x490 [ 22.531828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.532479] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.533243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.533863] ? __kthread_parkme+0x82/0x160 [ 22.534655] ? preempt_count_sub+0x50/0x80 [ 22.535318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.535821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.536515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.537092] kthread+0x257/0x310 [ 22.537445] ? __pfx_kthread+0x10/0x10 [ 22.537871] ret_from_fork+0x41/0x80 [ 22.538309] ? __pfx_kthread+0x10/0x10 [ 22.539080] ret_from_fork_asm+0x1a/0x30 [ 22.539427] </TASK> [ 22.539738] [ 22.539957] The buggy address belongs to the physical page: [ 22.540378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 22.541359] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.541888] flags: 0x200000000000040(head|node=0|zone=2) [ 22.542916] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.543793] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.544669] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.545692] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.546415] head: 0200000000000002 ffffea00040a8c01 ffffffffffffffff 0000000000000000 [ 22.547236] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.547942] page dumped because: kasan: bad access detected [ 22.548263] [ 22.548517] Memory state around the buggy address: [ 22.549146] ffff888102a31f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.549829] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.550238] >ffff888102a32000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.551566] ^ [ 22.552160] ffff888102a32080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.553403] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.554308] ================================================================== [ 22.455915] ================================================================== [ 22.456801] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 22.458338] Read of size 1 at addr ffff8881028bfb73 by task kunit_try_catch/228 [ 22.458882] [ 22.459397] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.460139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.460550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.461508] Call Trace: [ 22.462103] <TASK> [ 22.462529] dump_stack_lvl+0x73/0xb0 [ 22.463315] print_report+0xd1/0x640 [ 22.463924] ? __virt_addr_valid+0x1db/0x2d0 [ 22.464511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.465034] kasan_report+0x102/0x140 [ 22.465397] ? mempool_oob_right_helper+0x31a/0x380 [ 22.466069] ? mempool_oob_right_helper+0x31a/0x380 [ 22.466717] __asan_report_load1_noabort+0x18/0x20 [ 22.467131] mempool_oob_right_helper+0x31a/0x380 [ 22.467722] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 22.468710] ? finish_task_switch.isra.0+0x153/0x700 [ 22.469828] mempool_kmalloc_oob_right+0xb6/0x100 [ 22.470594] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 22.471097] ? __switch_to+0x5d9/0xf60 [ 22.471996] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.472512] ? __pfx_mempool_kfree+0x10/0x10 [ 22.472999] ? __pfx_read_tsc+0x10/0x10 [ 22.473429] ? ktime_get_ts64+0x84/0x230 [ 22.474285] kunit_try_run_case+0x1b3/0x490 [ 22.474878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.475578] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.476371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.477227] ? __kthread_parkme+0x82/0x160 [ 22.477744] ? preempt_count_sub+0x50/0x80 [ 22.478480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.478924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.479780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.480425] kthread+0x257/0x310 [ 22.480891] ? __pfx_kthread+0x10/0x10 [ 22.481167] ret_from_fork+0x41/0x80 [ 22.481821] ? __pfx_kthread+0x10/0x10 [ 22.482420] ret_from_fork_asm+0x1a/0x30 [ 22.482936] </TASK> [ 22.483465] [ 22.483786] Allocated by task 228: [ 22.484287] kasan_save_stack+0x3d/0x60 [ 22.484772] kasan_save_track+0x18/0x40 [ 22.485362] kasan_save_alloc_info+0x3b/0x50 [ 22.485882] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 22.486535] remove_element+0x11e/0x190 [ 22.486984] mempool_alloc_preallocated+0x4d/0x90 [ 22.487787] mempool_oob_right_helper+0x8b/0x380 [ 22.488202] mempool_kmalloc_oob_right+0xb6/0x100 [ 22.488897] kunit_try_run_case+0x1b3/0x490 [ 22.489549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.490262] kthread+0x257/0x310 [ 22.490543] ret_from_fork+0x41/0x80 [ 22.491012] ret_from_fork_asm+0x1a/0x30 [ 22.491692] [ 22.491934] The buggy address belongs to the object at ffff8881028bfb00 [ 22.491934] which belongs to the cache kmalloc-128 of size 128 [ 22.493101] The buggy address is located 0 bytes to the right of [ 22.493101] allocated 115-byte region [ffff8881028bfb00, ffff8881028bfb73) [ 22.494324] [ 22.494568] The buggy address belongs to the physical page: [ 22.495151] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028bf [ 22.496236] flags: 0x200000000000000(node=0|zone=2) [ 22.496704] page_type: f5(slab) [ 22.497290] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.497804] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.498747] page dumped because: kasan: bad access detected [ 22.499437] [ 22.499687] Memory state around the buggy address: [ 22.500358] ffff8881028bfa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.500959] ffff8881028bfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.501835] >ffff8881028bfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.502625] ^ [ 22.503468] ffff8881028bfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.504185] ffff8881028bfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.504919] ================================================================== [ 22.564184] ================================================================== [ 22.565262] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 22.565919] Read of size 1 at addr ffff888102bab2bb by task kunit_try_catch/232 [ 22.567307] [ 22.567717] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 22.569108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.569632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.570306] Call Trace: [ 22.570600] <TASK> [ 22.570918] dump_stack_lvl+0x73/0xb0 [ 22.571371] print_report+0xd1/0x640 [ 22.571772] ? __virt_addr_valid+0x1db/0x2d0 [ 22.572139] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.572797] kasan_report+0x102/0x140 [ 22.573088] ? mempool_oob_right_helper+0x31a/0x380 [ 22.573413] ? mempool_oob_right_helper+0x31a/0x380 [ 22.574609] __asan_report_load1_noabort+0x18/0x20 [ 22.575476] mempool_oob_right_helper+0x31a/0x380 [ 22.576027] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 22.576737] ? finish_task_switch.isra.0+0x153/0x700 [ 22.577894] mempool_slab_oob_right+0xb1/0x100 [ 22.578511] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 22.579077] ? __switch_to+0x5d9/0xf60 [ 22.579372] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 22.579910] ? __pfx_mempool_free_slab+0x10/0x10 [ 22.580397] ? __pfx_read_tsc+0x10/0x10 [ 22.580811] ? ktime_get_ts64+0x84/0x230 [ 22.581400] kunit_try_run_case+0x1b3/0x490 [ 22.581800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.582324] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.582996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.583513] ? __kthread_parkme+0x82/0x160 [ 22.583989] ? preempt_count_sub+0x50/0x80 [ 22.584772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.585261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.585667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.586033] kthread+0x257/0x310 [ 22.586447] ? __pfx_kthread+0x10/0x10 [ 22.586956] ret_from_fork+0x41/0x80 [ 22.587238] ? __pfx_kthread+0x10/0x10 [ 22.587798] ret_from_fork_asm+0x1a/0x30 [ 22.588333] </TASK> [ 22.588726] [ 22.589043] Allocated by task 232: [ 22.589402] kasan_save_stack+0x3d/0x60 [ 22.589892] kasan_save_track+0x18/0x40 [ 22.590244] kasan_save_alloc_info+0x3b/0x50 [ 22.590568] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 22.591219] remove_element+0x11e/0x190 [ 22.591789] mempool_alloc_preallocated+0x4d/0x90 [ 22.593138] mempool_oob_right_helper+0x8b/0x380 [ 22.594539] mempool_slab_oob_right+0xb1/0x100 [ 22.595268] kunit_try_run_case+0x1b3/0x490 [ 22.595959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.596330] kthread+0x257/0x310 [ 22.596792] ret_from_fork+0x41/0x80 [ 22.597785] ret_from_fork_asm+0x1a/0x30 [ 22.598435] [ 22.598619] The buggy address belongs to the object at ffff888102bab240 [ 22.598619] which belongs to the cache test_cache of size 123 [ 22.600296] The buggy address is located 0 bytes to the right of [ 22.600296] allocated 123-byte region [ffff888102bab240, ffff888102bab2bb) [ 22.601544] [ 22.601817] The buggy address belongs to the physical page: [ 22.602782] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bab [ 22.603445] flags: 0x200000000000000(node=0|zone=2) [ 22.604172] page_type: f5(slab) [ 22.604832] raw: 0200000000000000 ffff888102ba5280 dead000000000122 0000000000000000 [ 22.605866] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 22.606694] page dumped because: kasan: bad access detected [ 22.607192] [ 22.607411] Memory state around the buggy address: [ 22.607762] ffff888102bab180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.608370] ffff888102bab200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 22.609294] >ffff888102bab280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 22.610115] ^ [ 22.610603] ffff888102bab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.611076] ffff888102bab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.611684] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 21.845736] ================================================================== [ 21.846902] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 21.847859] Read of size 1 at addr ffff888101b1e8c0 by task kunit_try_catch/222 [ 21.848625] [ 21.848813] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.850350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.850619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.851664] Call Trace: [ 21.851912] <TASK> [ 21.852180] dump_stack_lvl+0x73/0xb0 [ 21.852556] print_report+0xd1/0x640 [ 21.853032] ? __virt_addr_valid+0x1db/0x2d0 [ 21.854127] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.854547] kasan_report+0x102/0x140 [ 21.854990] ? kmem_cache_double_destroy+0x1bd/0x380 [ 21.855636] ? kmem_cache_double_destroy+0x1bd/0x380 [ 21.856062] ? kmem_cache_double_destroy+0x1bd/0x380 [ 21.856548] __kasan_check_byte+0x3d/0x50 [ 21.857159] kmem_cache_destroy+0x25/0x1d0 [ 21.857623] kmem_cache_double_destroy+0x1bd/0x380 [ 21.858169] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 21.858668] ? finish_task_switch.isra.0+0x153/0x700 [ 21.859241] ? __switch_to+0x5d9/0xf60 [ 21.859650] ? __pfx_empty_cache_ctor+0x10/0x10 [ 21.860138] ? __pfx_read_tsc+0x10/0x10 [ 21.860650] ? ktime_get_ts64+0x84/0x230 [ 21.861145] kunit_try_run_case+0x1b3/0x490 [ 21.861477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.861904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.862438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.863054] ? __kthread_parkme+0x82/0x160 [ 21.863530] ? preempt_count_sub+0x50/0x80 [ 21.863883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.864432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.865097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.865619] kthread+0x257/0x310 [ 21.866067] ? __pfx_kthread+0x10/0x10 [ 21.866564] ret_from_fork+0x41/0x80 [ 21.866975] ? __pfx_kthread+0x10/0x10 [ 21.867254] ret_from_fork_asm+0x1a/0x30 [ 21.867666] </TASK> [ 21.867961] [ 21.868180] Allocated by task 222: [ 21.868613] kasan_save_stack+0x3d/0x60 [ 21.869053] kasan_save_track+0x18/0x40 [ 21.869398] kasan_save_alloc_info+0x3b/0x50 [ 21.869766] __kasan_slab_alloc+0x91/0xa0 [ 21.870179] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.870740] __kmem_cache_create_args+0x177/0x250 [ 21.871228] kmem_cache_double_destroy+0xd3/0x380 [ 21.871779] kunit_try_run_case+0x1b3/0x490 [ 21.872242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.872789] kthread+0x257/0x310 [ 21.873035] ret_from_fork+0x41/0x80 [ 21.873285] ret_from_fork_asm+0x1a/0x30 [ 21.873742] [ 21.874013] Freed by task 222: [ 21.874400] kasan_save_stack+0x3d/0x60 [ 21.874875] kasan_save_track+0x18/0x40 [ 21.875357] kasan_save_free_info+0x3f/0x60 [ 21.875874] __kasan_slab_free+0x56/0x70 [ 21.876312] kmem_cache_free+0x120/0x420 [ 21.876798] slab_kmem_cache_release+0x2e/0x40 [ 21.877212] kmem_cache_release+0x16/0x20 [ 21.877615] kobject_put+0x181/0x450 [ 21.878074] sysfs_slab_release+0x16/0x20 [ 21.878461] kmem_cache_destroy+0xf0/0x1d0 [ 21.878918] kmem_cache_double_destroy+0x14c/0x380 [ 21.879436] kunit_try_run_case+0x1b3/0x490 [ 21.879885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.880418] kthread+0x257/0x310 [ 21.880874] ret_from_fork+0x41/0x80 [ 21.881237] ret_from_fork_asm+0x1a/0x30 [ 21.881757] [ 21.881936] The buggy address belongs to the object at ffff888101b1e8c0 [ 21.881936] which belongs to the cache kmem_cache of size 208 [ 21.882909] The buggy address is located 0 bytes inside of [ 21.882909] freed 208-byte region [ffff888101b1e8c0, ffff888101b1e990) [ 21.883555] [ 21.883774] The buggy address belongs to the physical page: [ 21.884082] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1e [ 21.886466] flags: 0x200000000000000(node=0|zone=2) [ 21.887040] page_type: f5(slab) [ 21.887402] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 21.888089] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 21.888819] page dumped because: kasan: bad access detected [ 21.889330] [ 21.889558] Memory state around the buggy address: [ 21.889913] ffff888101b1e780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.890298] ffff888101b1e800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 21.890968] >ffff888101b1e880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.891653] ^ [ 21.892155] ffff888101b1e900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.892647] ffff888101b1e980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.893272] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 21.764353] ================================================================== [ 21.765054] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 21.765973] Read of size 1 at addr ffff888102ba3000 by task kunit_try_catch/220 [ 21.766841] [ 21.767140] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.768051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.768305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.768941] Call Trace: [ 21.769254] <TASK> [ 21.770069] dump_stack_lvl+0x73/0xb0 [ 21.770626] print_report+0xd1/0x640 [ 21.771125] ? __virt_addr_valid+0x1db/0x2d0 [ 21.771629] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.772013] kasan_report+0x102/0x140 [ 21.772470] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 21.773085] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 21.773425] __asan_report_load1_noabort+0x18/0x20 [ 21.774098] kmem_cache_rcu_uaf+0x3e5/0x510 [ 21.774628] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 21.775107] ? finish_task_switch.isra.0+0x153/0x700 [ 21.775435] ? __switch_to+0x5d9/0xf60 [ 21.776000] ? __pfx_read_tsc+0x10/0x10 [ 21.776464] ? ktime_get_ts64+0x84/0x230 [ 21.777073] kunit_try_run_case+0x1b3/0x490 [ 21.777471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.777942] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.778563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.778968] ? __kthread_parkme+0x82/0x160 [ 21.779379] ? preempt_count_sub+0x50/0x80 [ 21.779949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.780275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.780659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.781228] kthread+0x257/0x310 [ 21.781778] ? __pfx_kthread+0x10/0x10 [ 21.782255] ret_from_fork+0x41/0x80 [ 21.782740] ? __pfx_kthread+0x10/0x10 [ 21.783195] ret_from_fork_asm+0x1a/0x30 [ 21.783556] </TASK> [ 21.783754] [ 21.783905] Allocated by task 220: [ 21.784263] kasan_save_stack+0x3d/0x60 [ 21.784843] kasan_save_track+0x18/0x40 [ 21.785985] kasan_save_alloc_info+0x3b/0x50 [ 21.786517] __kasan_slab_alloc+0x91/0xa0 [ 21.787032] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.787680] kmem_cache_rcu_uaf+0x156/0x510 [ 21.788211] kunit_try_run_case+0x1b3/0x490 [ 21.788763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.789408] kthread+0x257/0x310 [ 21.789899] ret_from_fork+0x41/0x80 [ 21.790368] ret_from_fork_asm+0x1a/0x30 [ 21.790663] [ 21.790944] Freed by task 0: [ 21.791337] kasan_save_stack+0x3d/0x60 [ 21.791903] kasan_save_track+0x18/0x40 [ 21.792372] kasan_save_free_info+0x3f/0x60 [ 21.792970] __kasan_slab_free+0x56/0x70 [ 21.793335] slab_free_after_rcu_debug+0xe4/0x310 [ 21.793955] rcu_core+0x680/0x1d70 [ 21.794431] rcu_core_si+0x12/0x20 [ 21.794924] handle_softirqs+0x209/0x720 [ 21.795321] __irq_exit_rcu+0xc9/0x110 [ 21.795859] irq_exit_rcu+0x12/0x20 [ 21.796183] sysvec_apic_timer_interrupt+0x81/0x90 [ 21.796802] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 21.797354] [ 21.797593] Last potentially related work creation: [ 21.797920] kasan_save_stack+0x3d/0x60 [ 21.798420] __kasan_record_aux_stack+0xae/0xc0 [ 21.798867] kasan_record_aux_stack_noalloc+0xf/0x20 [ 21.799281] kmem_cache_free+0x276/0x420 [ 21.799817] kmem_cache_rcu_uaf+0x195/0x510 [ 21.800218] kunit_try_run_case+0x1b3/0x490 [ 21.800729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.801216] kthread+0x257/0x310 [ 21.801557] ret_from_fork+0x41/0x80 [ 21.801972] ret_from_fork_asm+0x1a/0x30 [ 21.802390] [ 21.802609] The buggy address belongs to the object at ffff888102ba3000 [ 21.802609] which belongs to the cache test_cache of size 200 [ 21.803557] The buggy address is located 0 bytes inside of [ 21.803557] freed 200-byte region [ffff888102ba3000, ffff888102ba30c8) [ 21.804256] [ 21.804503] The buggy address belongs to the physical page: [ 21.805073] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba3 [ 21.805696] flags: 0x200000000000000(node=0|zone=2) [ 21.806231] page_type: f5(slab) [ 21.806528] raw: 0200000000000000 ffff8881010f4dc0 dead000000000122 0000000000000000 [ 21.807096] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 21.807558] page dumped because: kasan: bad access detected [ 21.808109] [ 21.808334] Memory state around the buggy address: [ 21.808854] ffff888102ba2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.809295] ffff888102ba2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.809929] >ffff888102ba3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.810307] ^ [ 21.810562] ffff888102ba3080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 21.811277] ffff888102ba3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.811959] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 21.670122] ================================================================== [ 21.671450] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 21.672691] Free of addr ffff8881028c2001 by task kunit_try_catch/218 [ 21.673533] [ 21.673774] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.675141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.675408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.676166] Call Trace: [ 21.676426] <TASK> [ 21.677456] dump_stack_lvl+0x73/0xb0 [ 21.678517] print_report+0xd1/0x640 [ 21.678931] ? __virt_addr_valid+0x1db/0x2d0 [ 21.679527] ? kmem_cache_invalid_free+0x1d9/0x470 [ 21.679971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.680620] ? kmem_cache_invalid_free+0x1d9/0x470 [ 21.681470] kasan_report_invalid_free+0xc0/0xf0 [ 21.682466] ? kmem_cache_invalid_free+0x1d9/0x470 [ 21.683004] ? kmem_cache_invalid_free+0x1d9/0x470 [ 21.683521] check_slab_allocation+0x11f/0x130 [ 21.684481] __kasan_slab_pre_free+0x28/0x40 [ 21.684983] kmem_cache_free+0xee/0x420 [ 21.685342] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.685888] ? kmem_cache_invalid_free+0x1d9/0x470 [ 21.686281] kmem_cache_invalid_free+0x1d9/0x470 [ 21.686978] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 21.687805] ? finish_task_switch.isra.0+0x153/0x700 [ 21.688843] ? __switch_to+0x5d9/0xf60 [ 21.689222] ? __pfx_read_tsc+0x10/0x10 [ 21.689832] ? ktime_get_ts64+0x84/0x230 [ 21.690540] kunit_try_run_case+0x1b3/0x490 [ 21.691099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.691573] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.692179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.692850] ? __kthread_parkme+0x82/0x160 [ 21.693510] ? preempt_count_sub+0x50/0x80 [ 21.693821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.694894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.695700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.696547] kthread+0x257/0x310 [ 21.697028] ? __pfx_kthread+0x10/0x10 [ 21.697813] ret_from_fork+0x41/0x80 [ 21.698145] ? __pfx_kthread+0x10/0x10 [ 21.698614] ret_from_fork_asm+0x1a/0x30 [ 21.699152] </TASK> [ 21.699478] [ 21.699737] Allocated by task 218: [ 21.700569] kasan_save_stack+0x3d/0x60 [ 21.700900] kasan_save_track+0x18/0x40 [ 21.701728] kasan_save_alloc_info+0x3b/0x50 [ 21.702025] __kasan_slab_alloc+0x91/0xa0 [ 21.702278] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.702596] kmem_cache_invalid_free+0x158/0x470 [ 21.703074] kunit_try_run_case+0x1b3/0x490 [ 21.703640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.704225] kthread+0x257/0x310 [ 21.704745] ret_from_fork+0x41/0x80 [ 21.705151] ret_from_fork_asm+0x1a/0x30 [ 21.705835] [ 21.706137] The buggy address belongs to the object at ffff8881028c2000 [ 21.706137] which belongs to the cache test_cache of size 200 [ 21.706926] The buggy address is located 1 bytes inside of [ 21.706926] 200-byte region [ffff8881028c2000, ffff8881028c20c8) [ 21.708299] [ 21.708534] The buggy address belongs to the physical page: [ 21.709021] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c2 [ 21.709803] flags: 0x200000000000000(node=0|zone=2) [ 21.710460] page_type: f5(slab) [ 21.710874] raw: 0200000000000000 ffff888101b1e780 dead000000000122 0000000000000000 [ 21.711370] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 21.712056] page dumped because: kasan: bad access detected [ 21.712707] [ 21.712863] Memory state around the buggy address: [ 21.713141] ffff8881028c1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.713525] ffff8881028c1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.714357] >ffff8881028c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.715101] ^ [ 21.715526] ffff8881028c2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 21.716273] ffff8881028c2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.716886] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 21.603759] ================================================================== [ 21.604738] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 21.605506] Free of addr ffff888102ba1000 by task kunit_try_catch/216 [ 21.606269] [ 21.606626] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.607506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.608101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.609864] Call Trace: [ 21.610269] <TASK> [ 21.610853] dump_stack_lvl+0x73/0xb0 [ 21.611445] print_report+0xd1/0x640 [ 21.612024] ? __virt_addr_valid+0x1db/0x2d0 [ 21.612364] ? kmem_cache_double_free+0x1e6/0x490 [ 21.612716] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.613281] ? kmem_cache_double_free+0x1e6/0x490 [ 21.613862] kasan_report_invalid_free+0xc0/0xf0 [ 21.615225] ? kmem_cache_double_free+0x1e6/0x490 [ 21.615919] ? kmem_cache_double_free+0x1e6/0x490 [ 21.616634] check_slab_allocation+0x101/0x130 [ 21.617509] __kasan_slab_pre_free+0x28/0x40 [ 21.618294] kmem_cache_free+0xee/0x420 [ 21.618652] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.619275] ? kmem_cache_double_free+0x1e6/0x490 [ 21.619866] kmem_cache_double_free+0x1e6/0x490 [ 21.620670] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 21.621532] ? finish_task_switch.isra.0+0x153/0x700 [ 21.622231] ? __switch_to+0x5d9/0xf60 [ 21.622626] ? __pfx_read_tsc+0x10/0x10 [ 21.622947] ? ktime_get_ts64+0x84/0x230 [ 21.623299] kunit_try_run_case+0x1b3/0x490 [ 21.623788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.624224] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.624670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.625111] ? __kthread_parkme+0x82/0x160 [ 21.625774] ? preempt_count_sub+0x50/0x80 [ 21.626292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.626815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.627232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.627770] kthread+0x257/0x310 [ 21.628129] ? __pfx_kthread+0x10/0x10 [ 21.628425] ret_from_fork+0x41/0x80 [ 21.628896] ? __pfx_kthread+0x10/0x10 [ 21.629393] ret_from_fork_asm+0x1a/0x30 [ 21.629777] </TASK> [ 21.630024] [ 21.630264] Allocated by task 216: [ 21.630737] kasan_save_stack+0x3d/0x60 [ 21.631197] kasan_save_track+0x18/0x40 [ 21.631708] kasan_save_alloc_info+0x3b/0x50 [ 21.632018] __kasan_slab_alloc+0x91/0xa0 [ 21.632621] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.633045] kmem_cache_double_free+0x150/0x490 [ 21.633350] kunit_try_run_case+0x1b3/0x490 [ 21.633656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.633980] kthread+0x257/0x310 [ 21.634325] ret_from_fork+0x41/0x80 [ 21.634870] ret_from_fork_asm+0x1a/0x30 [ 21.635436] [ 21.635718] Freed by task 216: [ 21.636169] kasan_save_stack+0x3d/0x60 [ 21.636631] kasan_save_track+0x18/0x40 [ 21.637105] kasan_save_free_info+0x3f/0x60 [ 21.637436] __kasan_slab_free+0x56/0x70 [ 21.637777] kmem_cache_free+0x120/0x420 [ 21.638180] kmem_cache_double_free+0x16b/0x490 [ 21.638691] kunit_try_run_case+0x1b3/0x490 [ 21.639135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.639749] kthread+0x257/0x310 [ 21.640165] ret_from_fork+0x41/0x80 [ 21.640502] ret_from_fork_asm+0x1a/0x30 [ 21.640989] [ 21.641219] The buggy address belongs to the object at ffff888102ba1000 [ 21.641219] which belongs to the cache test_cache of size 200 [ 21.641857] The buggy address is located 0 bytes inside of [ 21.641857] 200-byte region [ffff888102ba1000, ffff888102ba10c8) [ 21.642777] [ 21.643012] The buggy address belongs to the physical page: [ 21.643567] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba1 [ 21.644412] flags: 0x200000000000000(node=0|zone=2) [ 21.645106] page_type: f5(slab) [ 21.645403] raw: 0200000000000000 ffff8881010f4c80 dead000000000122 0000000000000000 [ 21.645869] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 21.646733] page dumped because: kasan: bad access detected [ 21.647253] [ 21.647465] Memory state around the buggy address: [ 21.647976] ffff888102ba0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.648521] ffff888102ba0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.649099] >ffff888102ba1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.649697] ^ [ 21.650030] ffff888102ba1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 21.650717] ffff888102ba1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.651356] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 21.533710] ================================================================== [ 21.534505] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 21.535258] Read of size 1 at addr ffff888102af70c8 by task kunit_try_catch/214 [ 21.535796] [ 21.536054] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.536816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.537368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.538467] Call Trace: [ 21.538851] <TASK> [ 21.539197] dump_stack_lvl+0x73/0xb0 [ 21.539607] print_report+0xd1/0x640 [ 21.540061] ? __virt_addr_valid+0x1db/0x2d0 [ 21.541093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.542390] kasan_report+0x102/0x140 [ 21.542946] ? kmem_cache_oob+0x404/0x530 [ 21.543694] ? kmem_cache_oob+0x404/0x530 [ 21.544324] __asan_report_load1_noabort+0x18/0x20 [ 21.544832] kmem_cache_oob+0x404/0x530 [ 21.545393] ? trace_hardirqs_on+0x37/0xe0 [ 21.545784] ? __pfx_kmem_cache_oob+0x10/0x10 [ 21.546340] ? finish_task_switch.isra.0+0x153/0x700 [ 21.547592] ? __switch_to+0x5d9/0xf60 [ 21.548188] ? __pfx_read_tsc+0x10/0x10 [ 21.548858] ? ktime_get_ts64+0x84/0x230 [ 21.549197] kunit_try_run_case+0x1b3/0x490 [ 21.549770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.550298] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.550897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.551441] ? __kthread_parkme+0x82/0x160 [ 21.552050] ? preempt_count_sub+0x50/0x80 [ 21.552329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.553139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.553746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.554434] kthread+0x257/0x310 [ 21.554941] ? __pfx_kthread+0x10/0x10 [ 21.555517] ret_from_fork+0x41/0x80 [ 21.556083] ? __pfx_kthread+0x10/0x10 [ 21.556542] ret_from_fork_asm+0x1a/0x30 [ 21.557180] </TASK> [ 21.557791] [ 21.557971] Allocated by task 214: [ 21.558570] kasan_save_stack+0x3d/0x60 [ 21.559296] kasan_save_track+0x18/0x40 [ 21.559838] kasan_save_alloc_info+0x3b/0x50 [ 21.560592] __kasan_slab_alloc+0x91/0xa0 [ 21.560955] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 21.561810] kmem_cache_oob+0x158/0x530 [ 21.562343] kunit_try_run_case+0x1b3/0x490 [ 21.562916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.563685] kthread+0x257/0x310 [ 21.564056] ret_from_fork+0x41/0x80 [ 21.565166] ret_from_fork_asm+0x1a/0x30 [ 21.565700] [ 21.565876] The buggy address belongs to the object at ffff888102af7000 [ 21.565876] which belongs to the cache test_cache of size 200 [ 21.567451] The buggy address is located 0 bytes to the right of [ 21.567451] allocated 200-byte region [ffff888102af7000, ffff888102af70c8) [ 21.568163] [ 21.568833] The buggy address belongs to the physical page: [ 21.569801] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 21.570410] flags: 0x200000000000000(node=0|zone=2) [ 21.570882] page_type: f5(slab) [ 21.571347] raw: 0200000000000000 ffff8881010f4b40 dead000000000122 0000000000000000 [ 21.572450] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 21.573034] page dumped because: kasan: bad access detected [ 21.573883] [ 21.574089] Memory state around the buggy address: [ 21.574663] ffff888102af6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.575406] ffff888102af7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.576381] >ffff888102af7080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 21.577641] ^ [ 21.578511] ffff888102af7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.579067] ffff888102af7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.579724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 21.459691] ================================================================== [ 21.461382] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 21.462179] Read of size 8 at addr ffff8881028b8f00 by task kunit_try_catch/207 [ 21.462604] [ 21.463511] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.464382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.464801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.466286] Call Trace: [ 21.466518] <TASK> [ 21.466785] dump_stack_lvl+0x73/0xb0 [ 21.467104] print_report+0xd1/0x640 [ 21.467394] ? __virt_addr_valid+0x1db/0x2d0 [ 21.467724] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.468220] kasan_report+0x102/0x140 [ 21.469182] ? workqueue_uaf+0x4d8/0x560 [ 21.469690] ? workqueue_uaf+0x4d8/0x560 [ 21.470329] __asan_report_load8_noabort+0x18/0x20 [ 21.470897] workqueue_uaf+0x4d8/0x560 [ 21.471464] ? __pfx_workqueue_uaf+0x10/0x10 [ 21.471931] ? __schedule+0xc3e/0x2790 [ 21.472523] ? __pfx_read_tsc+0x10/0x10 [ 21.472893] ? ktime_get_ts64+0x84/0x230 [ 21.473791] kunit_try_run_case+0x1b3/0x490 [ 21.474410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.474869] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.475569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.476267] ? __kthread_parkme+0x82/0x160 [ 21.476607] ? preempt_count_sub+0x50/0x80 [ 21.477247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.477729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.478685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.479116] kthread+0x257/0x310 [ 21.479515] ? __pfx_kthread+0x10/0x10 [ 21.479908] ret_from_fork+0x41/0x80 [ 21.480250] ? __pfx_kthread+0x10/0x10 [ 21.480874] ret_from_fork_asm+0x1a/0x30 [ 21.481426] </TASK> [ 21.481775] [ 21.482163] Allocated by task 207: [ 21.482478] kasan_save_stack+0x3d/0x60 [ 21.482827] kasan_save_track+0x18/0x40 [ 21.483390] kasan_save_alloc_info+0x3b/0x50 [ 21.483747] __kasan_kmalloc+0xb7/0xc0 [ 21.484016] __kmalloc_cache_noprof+0x184/0x410 [ 21.484301] workqueue_uaf+0x153/0x560 [ 21.485351] kunit_try_run_case+0x1b3/0x490 [ 21.485853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.486552] kthread+0x257/0x310 [ 21.487113] ret_from_fork+0x41/0x80 [ 21.487532] ret_from_fork_asm+0x1a/0x30 [ 21.488132] [ 21.488316] Freed by task 8: [ 21.488644] kasan_save_stack+0x3d/0x60 [ 21.489508] kasan_save_track+0x18/0x40 [ 21.489782] kasan_save_free_info+0x3f/0x60 [ 21.490118] __kasan_slab_free+0x56/0x70 [ 21.490720] kfree+0x123/0x3f0 [ 21.491223] workqueue_uaf_work+0x12/0x20 [ 21.491778] process_one_work+0x5ee/0xf60 [ 21.493537] worker_thread+0x720/0x1300 [ 21.493927] kthread+0x257/0x310 [ 21.494240] ret_from_fork+0x41/0x80 [ 21.494909] ret_from_fork_asm+0x1a/0x30 [ 21.495416] [ 21.495691] Last potentially related work creation: [ 21.496053] kasan_save_stack+0x3d/0x60 [ 21.496464] __kasan_record_aux_stack+0xae/0xc0 [ 21.496861] kasan_record_aux_stack_noalloc+0xf/0x20 [ 21.497278] __queue_work+0x67e/0xf70 [ 21.497683] queue_work_on+0x74/0xa0 [ 21.498131] workqueue_uaf+0x26e/0x560 [ 21.498476] kunit_try_run_case+0x1b3/0x490 [ 21.498786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.499158] kthread+0x257/0x310 [ 21.499618] ret_from_fork+0x41/0x80 [ 21.500100] ret_from_fork_asm+0x1a/0x30 [ 21.500532] [ 21.500796] The buggy address belongs to the object at ffff8881028b8f00 [ 21.500796] which belongs to the cache kmalloc-32 of size 32 [ 21.501842] The buggy address is located 0 bytes inside of [ 21.501842] freed 32-byte region [ffff8881028b8f00, ffff8881028b8f20) [ 21.502730] [ 21.502959] The buggy address belongs to the physical page: [ 21.503532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b8 [ 21.503947] flags: 0x200000000000000(node=0|zone=2) [ 21.504417] page_type: f5(slab) [ 21.504908] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.505322] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 21.505985] page dumped because: kasan: bad access detected [ 21.506349] [ 21.506598] Memory state around the buggy address: [ 21.507062] ffff8881028b8e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.507741] ffff8881028b8e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.508310] >ffff8881028b8f00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 21.508795] ^ [ 21.509138] ffff8881028b8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.509993] ffff8881028b9000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.510476] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 21.379223] ================================================================== [ 21.379846] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 21.380581] Read of size 4 at addr ffff8881028b8e40 by task swapper/0/0 [ 21.381698] [ 21.381965] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.12.0-next-20241126 #1 [ 21.383195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.384540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.385033] Call Trace: [ 21.385992] <IRQ> [ 21.386381] dump_stack_lvl+0x73/0xb0 [ 21.387135] print_report+0xd1/0x640 [ 21.387772] ? __virt_addr_valid+0x1db/0x2d0 [ 21.388357] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.389553] kasan_report+0x102/0x140 [ 21.390091] ? rcu_uaf_reclaim+0x50/0x60 [ 21.390568] ? rcu_uaf_reclaim+0x50/0x60 [ 21.391130] __asan_report_load4_noabort+0x18/0x20 [ 21.391723] rcu_uaf_reclaim+0x50/0x60 [ 21.392250] rcu_core+0x680/0x1d70 [ 21.392751] ? __pfx_rcu_core+0x10/0x10 [ 21.393283] ? ktime_get+0x69/0x150 [ 21.393789] ? handle_softirqs+0x18e/0x720 [ 21.394350] rcu_core_si+0x12/0x20 [ 21.394847] handle_softirqs+0x209/0x720 [ 21.395386] ? hrtimer_interrupt+0x2fe/0x780 [ 21.395981] ? __pfx_handle_softirqs+0x10/0x10 [ 21.397003] __irq_exit_rcu+0xc9/0x110 [ 21.397744] irq_exit_rcu+0x12/0x20 [ 21.398171] sysvec_apic_timer_interrupt+0x81/0x90 [ 21.398709] </IRQ> [ 21.399562] <TASK> [ 21.399768] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 21.401035] RIP: 0010:default_idle+0xf/0x20 [ 21.401792] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 13 e0 34 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 21.403177] RSP: 0000:ffffffffa7407df0 EFLAGS: 00010202 [ 21.403872] RAX: ffff888154a00000 RBX: ffffffffa741a680 RCX: ffffffffa610c925 [ 21.404822] RDX: ffffed102a946b23 RSI: 0000000000000004 RDI: 000000000001de74 [ 21.405441] RBP: ffffffffa7407df8 R08: 0000000000000001 R09: ffffed102a946b22 [ 21.406339] R10: ffff888154a35913 R11: ffff888102b2f6b0 R12: 0000000000000000 [ 21.407055] R13: fffffbfff4e834d0 R14: ffffffffa7f72c90 R15: 0000000000000000 [ 21.407602] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 21.408204] ? arch_cpu_idle+0xd/0x20 [ 21.408996] default_idle_call+0x48/0x80 [ 21.409409] do_idle+0x310/0x3c0 [ 21.410126] ? __pfx_do_idle+0x10/0x10 [ 21.410581] ? trace_preempt_on+0x20/0xc0 [ 21.411343] ? schedule+0x86/0x310 [ 21.411887] ? preempt_count_sub+0x50/0x80 [ 21.412352] cpu_startup_entry+0x5c/0x70 [ 21.412725] rest_init+0x11a/0x140 [ 21.413125] start_kernel+0x320/0x400 [ 21.413781] x86_64_start_reservations+0x1c/0x30 [ 21.414430] x86_64_start_kernel+0xcf/0xe0 [ 21.414877] common_startup_64+0x12c/0x138 [ 21.415468] </TASK> [ 21.415982] [ 21.416267] Allocated by task 205: [ 21.416726] kasan_save_stack+0x3d/0x60 [ 21.417307] kasan_save_track+0x18/0x40 [ 21.417772] kasan_save_alloc_info+0x3b/0x50 [ 21.418345] __kasan_kmalloc+0xb7/0xc0 [ 21.418869] __kmalloc_cache_noprof+0x184/0x410 [ 21.419269] rcu_uaf+0xb1/0x330 [ 21.419846] kunit_try_run_case+0x1b3/0x490 [ 21.420421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.420925] kthread+0x257/0x310 [ 21.421778] ret_from_fork+0x41/0x80 [ 21.422562] ret_from_fork_asm+0x1a/0x30 [ 21.422869] [ 21.423047] Freed by task 0: [ 21.423370] kasan_save_stack+0x3d/0x60 [ 21.423743] kasan_save_track+0x18/0x40 [ 21.424089] kasan_save_free_info+0x3f/0x60 [ 21.424374] __kasan_slab_free+0x56/0x70 [ 21.425335] kfree+0x123/0x3f0 [ 21.425752] rcu_uaf_reclaim+0x1f/0x60 [ 21.426345] rcu_core+0x680/0x1d70 [ 21.426798] rcu_core_si+0x12/0x20 [ 21.427345] handle_softirqs+0x209/0x720 [ 21.427830] __irq_exit_rcu+0xc9/0x110 [ 21.428243] irq_exit_rcu+0x12/0x20 [ 21.428535] sysvec_apic_timer_interrupt+0x81/0x90 [ 21.428893] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 21.429391] [ 21.430270] Last potentially related work creation: [ 21.431623] kasan_save_stack+0x3d/0x60 [ 21.432052] __kasan_record_aux_stack+0xae/0xc0 [ 21.432416] kasan_record_aux_stack_noalloc+0xf/0x20 [ 21.432934] __call_rcu_common.constprop.0+0x72/0xaa0 [ 21.433328] call_rcu+0x12/0x20 [ 21.434314] rcu_uaf+0x169/0x330 [ 21.434741] kunit_try_run_case+0x1b3/0x490 [ 21.435210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.435790] kthread+0x257/0x310 [ 21.436305] ret_from_fork+0x41/0x80 [ 21.436722] ret_from_fork_asm+0x1a/0x30 [ 21.437555] [ 21.437823] The buggy address belongs to the object at ffff8881028b8e40 [ 21.437823] which belongs to the cache kmalloc-32 of size 32 [ 21.438780] The buggy address is located 0 bytes inside of [ 21.438780] freed 32-byte region [ffff8881028b8e40, ffff8881028b8e60) [ 21.439920] [ 21.440313] The buggy address belongs to the physical page: [ 21.440882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b8 [ 21.441902] flags: 0x200000000000000(node=0|zone=2) [ 21.442412] page_type: f5(slab) [ 21.442816] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.443398] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 21.443859] page dumped because: kasan: bad access detected [ 21.444345] [ 21.444800] Memory state around the buggy address: [ 21.445560] ffff8881028b8d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.446418] ffff8881028b8d80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 21.447149] >ffff8881028b8e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.447833] ^ [ 21.448512] ffff8881028b8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.449399] ffff8881028b8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.450116] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 21.208205] ================================================================== [ 21.209258] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 21.210179] Read of size 1 at addr ffff888102961500 by task kunit_try_catch/203 [ 21.210936] [ 21.211130] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.213004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.213655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.214655] Call Trace: [ 21.214886] <TASK> [ 21.215173] dump_stack_lvl+0x73/0xb0 [ 21.215957] print_report+0xd1/0x640 [ 21.216461] ? __virt_addr_valid+0x1db/0x2d0 [ 21.217551] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.218517] kasan_report+0x102/0x140 [ 21.218944] ? ksize_uaf+0x19e/0x6c0 [ 21.219611] ? ksize_uaf+0x19e/0x6c0 [ 21.220092] ? ksize_uaf+0x19e/0x6c0 [ 21.220481] __kasan_check_byte+0x3d/0x50 [ 21.220972] ksize+0x20/0x60 [ 21.221348] ksize_uaf+0x19e/0x6c0 [ 21.221734] ? __pfx_ksize_uaf+0x10/0x10 [ 21.222023] ? __schedule+0xc3e/0x2790 [ 21.222460] ? __pfx_read_tsc+0x10/0x10 [ 21.223345] ? ktime_get_ts64+0x84/0x230 [ 21.223917] kunit_try_run_case+0x1b3/0x490 [ 21.224433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.224923] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.225543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.226544] ? __kthread_parkme+0x82/0x160 [ 21.226985] ? preempt_count_sub+0x50/0x80 [ 21.227293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.228360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.229612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.230448] kthread+0x257/0x310 [ 21.230918] ? __pfx_kthread+0x10/0x10 [ 21.231508] ret_from_fork+0x41/0x80 [ 21.231847] ? __pfx_kthread+0x10/0x10 [ 21.232222] ret_from_fork_asm+0x1a/0x30 [ 21.232871] </TASK> [ 21.233154] [ 21.233544] Allocated by task 203: [ 21.233805] kasan_save_stack+0x3d/0x60 [ 21.234100] kasan_save_track+0x18/0x40 [ 21.235034] kasan_save_alloc_info+0x3b/0x50 [ 21.235658] __kasan_kmalloc+0xb7/0xc0 [ 21.235998] __kmalloc_cache_noprof+0x184/0x410 [ 21.236585] ksize_uaf+0xab/0x6c0 [ 21.237529] kunit_try_run_case+0x1b3/0x490 [ 21.238070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.238535] kthread+0x257/0x310 [ 21.238881] ret_from_fork+0x41/0x80 [ 21.239397] ret_from_fork_asm+0x1a/0x30 [ 21.239891] [ 21.240967] Freed by task 203: [ 21.241198] kasan_save_stack+0x3d/0x60 [ 21.242107] kasan_save_track+0x18/0x40 [ 21.242512] kasan_save_free_info+0x3f/0x60 [ 21.242936] __kasan_slab_free+0x56/0x70 [ 21.244173] kfree+0x123/0x3f0 [ 21.244551] ksize_uaf+0x12d/0x6c0 [ 21.245113] kunit_try_run_case+0x1b3/0x490 [ 21.246399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.246886] kthread+0x257/0x310 [ 21.247635] ret_from_fork+0x41/0x80 [ 21.248257] ret_from_fork_asm+0x1a/0x30 [ 21.248931] [ 21.249309] The buggy address belongs to the object at ffff888102961500 [ 21.249309] which belongs to the cache kmalloc-128 of size 128 [ 21.250592] The buggy address is located 0 bytes inside of [ 21.250592] freed 128-byte region [ffff888102961500, ffff888102961580) [ 21.252354] [ 21.252682] The buggy address belongs to the physical page: [ 21.253257] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102961 [ 21.253917] flags: 0x200000000000000(node=0|zone=2) [ 21.254451] page_type: f5(slab) [ 21.254943] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.255749] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.256534] page dumped because: kasan: bad access detected [ 21.256952] [ 21.257185] Memory state around the buggy address: [ 21.258038] ffff888102961400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.258601] ffff888102961480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.259924] >ffff888102961500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.260710] ^ [ 21.261045] ffff888102961580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.261574] ffff888102961600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.262097] ================================================================== [ 21.311625] ================================================================== [ 21.312233] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 21.312823] Read of size 1 at addr ffff888102961578 by task kunit_try_catch/203 [ 21.313423] [ 21.314146] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.315045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.315807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.316876] Call Trace: [ 21.317122] <TASK> [ 21.317329] dump_stack_lvl+0x73/0xb0 [ 21.317745] print_report+0xd1/0x640 [ 21.318181] ? __virt_addr_valid+0x1db/0x2d0 [ 21.318892] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.319639] kasan_report+0x102/0x140 [ 21.320270] ? ksize_uaf+0x5e6/0x6c0 [ 21.320758] ? ksize_uaf+0x5e6/0x6c0 [ 21.321397] __asan_report_load1_noabort+0x18/0x20 [ 21.322792] ksize_uaf+0x5e6/0x6c0 [ 21.323255] ? __pfx_ksize_uaf+0x10/0x10 [ 21.323878] ? __schedule+0xc3e/0x2790 [ 21.324623] ? __pfx_read_tsc+0x10/0x10 [ 21.325319] ? ktime_get_ts64+0x84/0x230 [ 21.325840] kunit_try_run_case+0x1b3/0x490 [ 21.326315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.327480] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.328187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.328662] ? __kthread_parkme+0x82/0x160 [ 21.329218] ? preempt_count_sub+0x50/0x80 [ 21.329703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.330356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.331126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.331745] kthread+0x257/0x310 [ 21.332645] ? __pfx_kthread+0x10/0x10 [ 21.333296] ret_from_fork+0x41/0x80 [ 21.333807] ? __pfx_kthread+0x10/0x10 [ 21.334258] ret_from_fork_asm+0x1a/0x30 [ 21.334967] </TASK> [ 21.335502] [ 21.335811] Allocated by task 203: [ 21.336285] kasan_save_stack+0x3d/0x60 [ 21.336815] kasan_save_track+0x18/0x40 [ 21.337766] kasan_save_alloc_info+0x3b/0x50 [ 21.338297] __kasan_kmalloc+0xb7/0xc0 [ 21.338604] __kmalloc_cache_noprof+0x184/0x410 [ 21.338896] ksize_uaf+0xab/0x6c0 [ 21.339136] kunit_try_run_case+0x1b3/0x490 [ 21.339850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.340570] kthread+0x257/0x310 [ 21.341154] ret_from_fork+0x41/0x80 [ 21.341644] ret_from_fork_asm+0x1a/0x30 [ 21.342262] [ 21.342543] Freed by task 203: [ 21.342922] kasan_save_stack+0x3d/0x60 [ 21.343870] kasan_save_track+0x18/0x40 [ 21.344634] kasan_save_free_info+0x3f/0x60 [ 21.345323] __kasan_slab_free+0x56/0x70 [ 21.345760] kfree+0x123/0x3f0 [ 21.346170] ksize_uaf+0x12d/0x6c0 [ 21.346618] kunit_try_run_case+0x1b3/0x490 [ 21.347185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.347900] kthread+0x257/0x310 [ 21.348912] ret_from_fork+0x41/0x80 [ 21.349471] ret_from_fork_asm+0x1a/0x30 [ 21.350099] [ 21.350377] The buggy address belongs to the object at ffff888102961500 [ 21.350377] which belongs to the cache kmalloc-128 of size 128 [ 21.351289] The buggy address is located 120 bytes inside of [ 21.351289] freed 128-byte region [ffff888102961500, ffff888102961580) [ 21.352520] [ 21.352795] The buggy address belongs to the physical page: [ 21.353865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102961 [ 21.354837] flags: 0x200000000000000(node=0|zone=2) [ 21.355540] page_type: f5(slab) [ 21.355831] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.356370] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.357243] page dumped because: kasan: bad access detected [ 21.357783] [ 21.358006] Memory state around the buggy address: [ 21.358482] ffff888102961400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.359867] ffff888102961480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.360699] >ffff888102961500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.361372] ^ [ 21.362217] ffff888102961580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.362862] ffff888102961600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.363892] ================================================================== [ 21.265807] ================================================================== [ 21.266705] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 21.267656] Read of size 1 at addr ffff888102961500 by task kunit_try_catch/203 [ 21.268351] [ 21.268913] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.270322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.270630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.271591] Call Trace: [ 21.272169] <TASK> [ 21.272674] dump_stack_lvl+0x73/0xb0 [ 21.273290] print_report+0xd1/0x640 [ 21.273746] ? __virt_addr_valid+0x1db/0x2d0 [ 21.274205] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.275162] kasan_report+0x102/0x140 [ 21.275782] ? ksize_uaf+0x600/0x6c0 [ 21.275965] ? ksize_uaf+0x600/0x6c0 [ 21.277189] __asan_report_load1_noabort+0x18/0x20 [ 21.277616] ksize_uaf+0x600/0x6c0 [ 21.278091] ? __pfx_ksize_uaf+0x10/0x10 [ 21.278646] ? __schedule+0xc3e/0x2790 [ 21.279269] ? __pfx_read_tsc+0x10/0x10 [ 21.279817] ? ktime_get_ts64+0x84/0x230 [ 21.280403] kunit_try_run_case+0x1b3/0x490 [ 21.280919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.282159] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.283021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.283754] ? __kthread_parkme+0x82/0x160 [ 21.284193] ? preempt_count_sub+0x50/0x80 [ 21.284858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.285628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.286085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.286682] kthread+0x257/0x310 [ 21.287087] ? __pfx_kthread+0x10/0x10 [ 21.287699] ret_from_fork+0x41/0x80 [ 21.287972] ? __pfx_kthread+0x10/0x10 [ 21.288307] ret_from_fork_asm+0x1a/0x30 [ 21.288775] </TASK> [ 21.289052] [ 21.289256] Allocated by task 203: [ 21.289478] kasan_save_stack+0x3d/0x60 [ 21.289928] kasan_save_track+0x18/0x40 [ 21.290398] kasan_save_alloc_info+0x3b/0x50 [ 21.291049] __kasan_kmalloc+0xb7/0xc0 [ 21.291301] __kmalloc_cache_noprof+0x184/0x410 [ 21.291759] ksize_uaf+0xab/0x6c0 [ 21.292317] kunit_try_run_case+0x1b3/0x490 [ 21.292672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.293343] kthread+0x257/0x310 [ 21.293719] ret_from_fork+0x41/0x80 [ 21.294238] ret_from_fork_asm+0x1a/0x30 [ 21.294719] [ 21.294935] Freed by task 203: [ 21.295396] kasan_save_stack+0x3d/0x60 [ 21.295733] kasan_save_track+0x18/0x40 [ 21.296006] kasan_save_free_info+0x3f/0x60 [ 21.296288] __kasan_slab_free+0x56/0x70 [ 21.296774] kfree+0x123/0x3f0 [ 21.297288] ksize_uaf+0x12d/0x6c0 [ 21.297708] kunit_try_run_case+0x1b3/0x490 [ 21.298189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.298752] kthread+0x257/0x310 [ 21.299227] ret_from_fork+0x41/0x80 [ 21.299770] ret_from_fork_asm+0x1a/0x30 [ 21.300242] [ 21.300541] The buggy address belongs to the object at ffff888102961500 [ 21.300541] which belongs to the cache kmalloc-128 of size 128 [ 21.301463] The buggy address is located 0 bytes inside of [ 21.301463] freed 128-byte region [ffff888102961500, ffff888102961580) [ 21.302090] [ 21.302368] The buggy address belongs to the physical page: [ 21.302926] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102961 [ 21.303752] flags: 0x200000000000000(node=0|zone=2) [ 21.304395] page_type: f5(slab) [ 21.304842] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.305537] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.306064] page dumped because: kasan: bad access detected [ 21.306368] [ 21.306558] Memory state around the buggy address: [ 21.307097] ffff888102961400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.307768] ffff888102961480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.308421] >ffff888102961500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.308989] ^ [ 21.309341] ffff888102961580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.309845] ffff888102961600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.310547] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 21.156426] ================================================================== [ 21.157069] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 21.158323] Read of size 1 at addr ffff88810296147f by task kunit_try_catch/201 [ 21.158888] [ 21.159231] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.160114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.160560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.161516] Call Trace: [ 21.161870] <TASK> [ 21.162755] dump_stack_lvl+0x73/0xb0 [ 21.163088] print_report+0xd1/0x640 [ 21.163583] ? __virt_addr_valid+0x1db/0x2d0 [ 21.164236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.164852] kasan_report+0x102/0x140 [ 21.165511] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 21.166011] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 21.166392] __asan_report_load1_noabort+0x18/0x20 [ 21.166917] ksize_unpoisons_memory+0x7b8/0x9b0 [ 21.167306] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 21.167817] ? finish_task_switch.isra.0+0x153/0x700 [ 21.168285] ? __switch_to+0x5d9/0xf60 [ 21.168792] ? __schedule+0xc3e/0x2790 [ 21.169885] ? __pfx_read_tsc+0x10/0x10 [ 21.170473] ? ktime_get_ts64+0x84/0x230 [ 21.170915] kunit_try_run_case+0x1b3/0x490 [ 21.171451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.171846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.172478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.173196] ? __kthread_parkme+0x82/0x160 [ 21.173708] ? preempt_count_sub+0x50/0x80 [ 21.174714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.175421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.176220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.176724] kthread+0x257/0x310 [ 21.177155] ? __pfx_kthread+0x10/0x10 [ 21.177587] ret_from_fork+0x41/0x80 [ 21.178204] ? __pfx_kthread+0x10/0x10 [ 21.178650] ret_from_fork_asm+0x1a/0x30 [ 21.179053] </TASK> [ 21.179324] [ 21.179566] Allocated by task 201: [ 21.179924] kasan_save_stack+0x3d/0x60 [ 21.180266] kasan_save_track+0x18/0x40 [ 21.181388] kasan_save_alloc_info+0x3b/0x50 [ 21.181913] __kasan_kmalloc+0xb7/0xc0 [ 21.182515] __kmalloc_cache_noprof+0x184/0x410 [ 21.183151] ksize_unpoisons_memory+0xc8/0x9b0 [ 21.183502] kunit_try_run_case+0x1b3/0x490 [ 21.184122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.184639] kthread+0x257/0x310 [ 21.185546] ret_from_fork+0x41/0x80 [ 21.185895] ret_from_fork_asm+0x1a/0x30 [ 21.186529] [ 21.187632] The buggy address belongs to the object at ffff888102961400 [ 21.187632] which belongs to the cache kmalloc-128 of size 128 [ 21.188401] The buggy address is located 12 bytes to the right of [ 21.188401] allocated 115-byte region [ffff888102961400, ffff888102961473) [ 21.189304] [ 21.190189] The buggy address belongs to the physical page: [ 21.191023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102961 [ 21.191825] flags: 0x200000000000000(node=0|zone=2) [ 21.192259] page_type: f5(slab) [ 21.192756] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.193505] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.194406] page dumped because: kasan: bad access detected [ 21.194769] [ 21.194924] Memory state around the buggy address: [ 21.195433] ffff888102961300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.196419] ffff888102961380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.196886] >ffff888102961400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.197738] ^ [ 21.199289] ffff888102961480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200079] ffff888102961500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200758] ================================================================== [ 21.109900] ================================================================== [ 21.110783] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 21.111415] Read of size 1 at addr ffff888102961478 by task kunit_try_catch/201 [ 21.112256] [ 21.112522] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.113306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.113772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.114897] Call Trace: [ 21.115328] <TASK> [ 21.115642] dump_stack_lvl+0x73/0xb0 [ 21.116273] print_report+0xd1/0x640 [ 21.116746] ? __virt_addr_valid+0x1db/0x2d0 [ 21.117223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.117769] kasan_report+0x102/0x140 [ 21.118171] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 21.119625] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 21.121080] __asan_report_load1_noabort+0x18/0x20 [ 21.121456] ksize_unpoisons_memory+0x7eb/0x9b0 [ 21.122396] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 21.123216] ? finish_task_switch.isra.0+0x153/0x700 [ 21.123694] ? __switch_to+0x5d9/0xf60 [ 21.123996] ? __schedule+0xc3e/0x2790 [ 21.124437] ? __pfx_read_tsc+0x10/0x10 [ 21.124750] ? ktime_get_ts64+0x84/0x230 [ 21.125382] kunit_try_run_case+0x1b3/0x490 [ 21.125967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.126803] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.127091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.128151] ? __kthread_parkme+0x82/0x160 [ 21.128626] ? preempt_count_sub+0x50/0x80 [ 21.130221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.130658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.131236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.131872] kthread+0x257/0x310 [ 21.132304] ? __pfx_kthread+0x10/0x10 [ 21.132782] ret_from_fork+0x41/0x80 [ 21.133306] ? __pfx_kthread+0x10/0x10 [ 21.133780] ret_from_fork_asm+0x1a/0x30 [ 21.134788] </TASK> [ 21.135119] [ 21.135404] Allocated by task 201: [ 21.136082] kasan_save_stack+0x3d/0x60 [ 21.136531] kasan_save_track+0x18/0x40 [ 21.136987] kasan_save_alloc_info+0x3b/0x50 [ 21.137301] __kasan_kmalloc+0xb7/0xc0 [ 21.137592] __kmalloc_cache_noprof+0x184/0x410 [ 21.138072] ksize_unpoisons_memory+0xc8/0x9b0 [ 21.138717] kunit_try_run_case+0x1b3/0x490 [ 21.139305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.139744] kthread+0x257/0x310 [ 21.140658] ret_from_fork+0x41/0x80 [ 21.141193] ret_from_fork_asm+0x1a/0x30 [ 21.141474] [ 21.141771] The buggy address belongs to the object at ffff888102961400 [ 21.141771] which belongs to the cache kmalloc-128 of size 128 [ 21.143082] The buggy address is located 5 bytes to the right of [ 21.143082] allocated 115-byte region [ffff888102961400, ffff888102961473) [ 21.144163] [ 21.144368] The buggy address belongs to the physical page: [ 21.144712] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102961 [ 21.145453] flags: 0x200000000000000(node=0|zone=2) [ 21.146864] page_type: f5(slab) [ 21.147384] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.148249] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.148774] page dumped because: kasan: bad access detected [ 21.149229] [ 21.149459] Memory state around the buggy address: [ 21.150125] ffff888102961300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.150823] ffff888102961380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.152326] >ffff888102961400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.153131] ^ [ 21.153811] ffff888102961480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.154635] ffff888102961500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.155146] ================================================================== [ 21.064400] ================================================================== [ 21.065619] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 21.066312] Read of size 1 at addr ffff888102961473 by task kunit_try_catch/201 [ 21.067052] [ 21.067833] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.069155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.069697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.070751] Call Trace: [ 21.070881] <TASK> [ 21.070993] dump_stack_lvl+0x73/0xb0 [ 21.071158] print_report+0xd1/0x640 [ 21.071306] ? __virt_addr_valid+0x1db/0x2d0 [ 21.071473] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.072573] kasan_report+0x102/0x140 [ 21.073379] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 21.074159] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 21.074782] __asan_report_load1_noabort+0x18/0x20 [ 21.075504] ksize_unpoisons_memory+0x81e/0x9b0 [ 21.076553] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 21.077091] ? finish_task_switch.isra.0+0x153/0x700 [ 21.078140] ? __switch_to+0x5d9/0xf60 [ 21.078750] ? __schedule+0xc3e/0x2790 [ 21.079442] ? __pfx_read_tsc+0x10/0x10 [ 21.080205] ? ktime_get_ts64+0x84/0x230 [ 21.080687] kunit_try_run_case+0x1b3/0x490 [ 21.081333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.081718] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.082620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.083196] ? __kthread_parkme+0x82/0x160 [ 21.083706] ? preempt_count_sub+0x50/0x80 [ 21.084211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.085070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.085886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.086933] kthread+0x257/0x310 [ 21.087664] ? __pfx_kthread+0x10/0x10 [ 21.087991] ret_from_fork+0x41/0x80 [ 21.088469] ? __pfx_kthread+0x10/0x10 [ 21.088822] ret_from_fork_asm+0x1a/0x30 [ 21.089474] </TASK> [ 21.089850] [ 21.090245] Allocated by task 201: [ 21.090699] kasan_save_stack+0x3d/0x60 [ 21.091672] kasan_save_track+0x18/0x40 [ 21.092166] kasan_save_alloc_info+0x3b/0x50 [ 21.092842] __kasan_kmalloc+0xb7/0xc0 [ 21.093326] __kmalloc_cache_noprof+0x184/0x410 [ 21.093715] ksize_unpoisons_memory+0xc8/0x9b0 [ 21.094339] kunit_try_run_case+0x1b3/0x490 [ 21.094715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.095412] kthread+0x257/0x310 [ 21.095767] ret_from_fork+0x41/0x80 [ 21.096641] ret_from_fork_asm+0x1a/0x30 [ 21.096996] [ 21.097160] The buggy address belongs to the object at ffff888102961400 [ 21.097160] which belongs to the cache kmalloc-128 of size 128 [ 21.098193] The buggy address is located 0 bytes to the right of [ 21.098193] allocated 115-byte region [ffff888102961400, ffff888102961473) [ 21.099201] [ 21.099436] The buggy address belongs to the physical page: [ 21.100130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102961 [ 21.100892] flags: 0x200000000000000(node=0|zone=2) [ 21.101481] page_type: f5(slab) [ 21.101908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.103194] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.103633] page dumped because: kasan: bad access detected [ 21.104129] [ 21.104310] Memory state around the buggy address: [ 21.104766] ffff888102961300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.105227] ffff888102961380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.105881] >ffff888102961400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.106622] ^ [ 21.107364] ffff888102961480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.107840] ffff888102961500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.108627] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 20.998985] ================================================================== [ 21.000363] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 21.001001] Free of addr ffff8881011ae2e0 by task kunit_try_catch/199 [ 21.001956] [ 21.002527] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 21.003838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.004530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.005347] Call Trace: [ 21.005713] <TASK> [ 21.006212] dump_stack_lvl+0x73/0xb0 [ 21.007227] print_report+0xd1/0x640 [ 21.007590] ? __virt_addr_valid+0x1db/0x2d0 [ 21.008284] ? kfree_sensitive+0x2e/0x90 [ 21.009082] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.009933] ? kfree_sensitive+0x2e/0x90 [ 21.010654] kasan_report_invalid_free+0xc0/0xf0 [ 21.011374] ? kfree_sensitive+0x2e/0x90 [ 21.012265] ? kfree_sensitive+0x2e/0x90 [ 21.012719] check_slab_allocation+0x101/0x130 [ 21.012996] __kasan_slab_pre_free+0x28/0x40 [ 21.013862] kfree+0xf1/0x3f0 [ 21.014863] ? kfree_sensitive+0x2e/0x90 [ 21.015572] kfree_sensitive+0x2e/0x90 [ 21.016031] kmalloc_double_kzfree+0x19d/0x360 [ 21.016425] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 21.017067] ? __schedule+0xc3e/0x2790 [ 21.017965] ? __pfx_read_tsc+0x10/0x10 [ 21.019014] ? ktime_get_ts64+0x84/0x230 [ 21.019451] kunit_try_run_case+0x1b3/0x490 [ 21.020126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.020831] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.021594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.022388] ? __kthread_parkme+0x82/0x160 [ 21.023002] ? preempt_count_sub+0x50/0x80 [ 21.023369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.024203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.025117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.025920] kthread+0x257/0x310 [ 21.026354] ? __pfx_kthread+0x10/0x10 [ 21.026860] ret_from_fork+0x41/0x80 [ 21.027262] ? __pfx_kthread+0x10/0x10 [ 21.027933] ret_from_fork_asm+0x1a/0x30 [ 21.028339] </TASK> [ 21.028675] [ 21.028896] Allocated by task 199: [ 21.029254] kasan_save_stack+0x3d/0x60 [ 21.029586] kasan_save_track+0x18/0x40 [ 21.030580] kasan_save_alloc_info+0x3b/0x50 [ 21.031433] __kasan_kmalloc+0xb7/0xc0 [ 21.031908] __kmalloc_cache_noprof+0x184/0x410 [ 21.032447] kmalloc_double_kzfree+0xaa/0x360 [ 21.033465] kunit_try_run_case+0x1b3/0x490 [ 21.034262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.034809] kthread+0x257/0x310 [ 21.035240] ret_from_fork+0x41/0x80 [ 21.035768] ret_from_fork_asm+0x1a/0x30 [ 21.036196] [ 21.036440] Freed by task 199: [ 21.036828] kasan_save_stack+0x3d/0x60 [ 21.037364] kasan_save_track+0x18/0x40 [ 21.037700] kasan_save_free_info+0x3f/0x60 [ 21.038132] __kasan_slab_free+0x56/0x70 [ 21.038715] kfree+0x123/0x3f0 [ 21.038934] kfree_sensitive+0x67/0x90 [ 21.039422] kmalloc_double_kzfree+0x12c/0x360 [ 21.039967] kunit_try_run_case+0x1b3/0x490 [ 21.040421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.041143] kthread+0x257/0x310 [ 21.041407] ret_from_fork+0x41/0x80 [ 21.041983] ret_from_fork_asm+0x1a/0x30 [ 21.042402] [ 21.042672] The buggy address belongs to the object at ffff8881011ae2e0 [ 21.042672] which belongs to the cache kmalloc-16 of size 16 [ 21.043682] The buggy address is located 0 bytes inside of [ 21.043682] 16-byte region [ffff8881011ae2e0, ffff8881011ae2f0) [ 21.044743] [ 21.045025] The buggy address belongs to the physical page: [ 21.045426] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011ae [ 21.046124] flags: 0x200000000000000(node=0|zone=2) [ 21.046758] page_type: f5(slab) [ 21.047000] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.047349] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.048022] page dumped because: kasan: bad access detected [ 21.048646] [ 21.048909] Memory state around the buggy address: [ 21.049439] ffff8881011ae180: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 21.049990] ffff8881011ae200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 21.050379] >ffff8881011ae280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.050900] ^ [ 21.051651] ffff8881011ae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.053184] ffff8881011ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.054867] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 20.944931] ================================================================== [ 20.945958] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 20.946464] Read of size 1 at addr ffff8881011ae2e0 by task kunit_try_catch/199 [ 20.947109] [ 20.947295] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.948408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.948893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.949759] Call Trace: [ 20.950225] <TASK> [ 20.950529] dump_stack_lvl+0x73/0xb0 [ 20.950949] print_report+0xd1/0x640 [ 20.951869] ? __virt_addr_valid+0x1db/0x2d0 [ 20.952438] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.953123] kasan_report+0x102/0x140 [ 20.953572] ? kmalloc_double_kzfree+0x19d/0x360 [ 20.953958] ? kmalloc_double_kzfree+0x19d/0x360 [ 20.954332] ? kmalloc_double_kzfree+0x19d/0x360 [ 20.954841] __kasan_check_byte+0x3d/0x50 [ 20.955340] kfree_sensitive+0x22/0x90 [ 20.956093] kmalloc_double_kzfree+0x19d/0x360 [ 20.956542] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 20.957405] ? __schedule+0xc3e/0x2790 [ 20.957917] ? __pfx_read_tsc+0x10/0x10 [ 20.958546] ? ktime_get_ts64+0x84/0x230 [ 20.959178] kunit_try_run_case+0x1b3/0x490 [ 20.959640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.960269] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.960821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.961429] ? __kthread_parkme+0x82/0x160 [ 20.961840] ? preempt_count_sub+0x50/0x80 [ 20.962741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.963378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.963895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.964605] kthread+0x257/0x310 [ 20.964978] ? __pfx_kthread+0x10/0x10 [ 20.965386] ret_from_fork+0x41/0x80 [ 20.965823] ? __pfx_kthread+0x10/0x10 [ 20.966252] ret_from_fork_asm+0x1a/0x30 [ 20.966780] </TASK> [ 20.967217] [ 20.967420] Allocated by task 199: [ 20.967845] kasan_save_stack+0x3d/0x60 [ 20.968693] kasan_save_track+0x18/0x40 [ 20.969168] kasan_save_alloc_info+0x3b/0x50 [ 20.969524] __kasan_kmalloc+0xb7/0xc0 [ 20.970120] __kmalloc_cache_noprof+0x184/0x410 [ 20.970837] kmalloc_double_kzfree+0xaa/0x360 [ 20.971283] kunit_try_run_case+0x1b3/0x490 [ 20.972478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.973538] kthread+0x257/0x310 [ 20.973898] ret_from_fork+0x41/0x80 [ 20.974221] ret_from_fork_asm+0x1a/0x30 [ 20.974899] [ 20.975063] Freed by task 199: [ 20.975282] kasan_save_stack+0x3d/0x60 [ 20.976128] kasan_save_track+0x18/0x40 [ 20.976801] kasan_save_free_info+0x3f/0x60 [ 20.977308] __kasan_slab_free+0x56/0x70 [ 20.977742] kfree+0x123/0x3f0 [ 20.978028] kfree_sensitive+0x67/0x90 [ 20.978439] kmalloc_double_kzfree+0x12c/0x360 [ 20.979876] kunit_try_run_case+0x1b3/0x490 [ 20.980318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.980906] kthread+0x257/0x310 [ 20.981563] ret_from_fork+0x41/0x80 [ 20.981988] ret_from_fork_asm+0x1a/0x30 [ 20.982433] [ 20.982683] The buggy address belongs to the object at ffff8881011ae2e0 [ 20.982683] which belongs to the cache kmalloc-16 of size 16 [ 20.984235] The buggy address is located 0 bytes inside of [ 20.984235] freed 16-byte region [ffff8881011ae2e0, ffff8881011ae2f0) [ 20.986110] [ 20.986368] The buggy address belongs to the physical page: [ 20.986883] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011ae [ 20.987858] flags: 0x200000000000000(node=0|zone=2) [ 20.988440] page_type: f5(slab) [ 20.989219] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.990124] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 20.990815] page dumped because: kasan: bad access detected [ 20.991153] [ 20.991306] Memory state around the buggy address: [ 20.992635] ffff8881011ae180: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 20.993080] ffff8881011ae200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 20.993971] >ffff8881011ae280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.994524] ^ [ 20.995396] ffff8881011ae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.995900] ffff8881011ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.997002] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 20.830722] ================================================================== [ 20.831586] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 20.832183] Write of size 33 at addr ffff88810295cf00 by task kunit_try_catch/193 [ 20.832856] [ 20.833153] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.833799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.834294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.835082] Call Trace: [ 20.835293] <TASK> [ 20.835769] dump_stack_lvl+0x73/0xb0 [ 20.836205] print_report+0xd1/0x640 [ 20.836595] ? __virt_addr_valid+0x1db/0x2d0 [ 20.837276] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.837806] kasan_report+0x102/0x140 [ 20.838102] ? kmalloc_uaf_memset+0x1a4/0x360 [ 20.838459] ? kmalloc_uaf_memset+0x1a4/0x360 [ 20.839031] kasan_check_range+0x10c/0x1c0 [ 20.839676] __asan_memset+0x27/0x50 [ 20.840096] kmalloc_uaf_memset+0x1a4/0x360 [ 20.840656] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 20.841071] ? __schedule+0x1ba9/0x2790 [ 20.841362] ? __pfx_read_tsc+0x10/0x10 [ 20.841697] ? ktime_get_ts64+0x84/0x230 [ 20.842198] kunit_try_run_case+0x1b3/0x490 [ 20.842752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.843247] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.843818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.844323] ? __kthread_parkme+0x82/0x160 [ 20.844846] ? preempt_count_sub+0x50/0x80 [ 20.845169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.845504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.846168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.846797] kthread+0x257/0x310 [ 20.847062] ? __pfx_kthread+0x10/0x10 [ 20.847370] ret_from_fork+0x41/0x80 [ 20.847966] ? __pfx_kthread+0x10/0x10 [ 20.848913] ret_from_fork_asm+0x1a/0x30 [ 20.849380] </TASK> [ 20.850254] [ 20.850482] Allocated by task 193: [ 20.850878] kasan_save_stack+0x3d/0x60 [ 20.851301] kasan_save_track+0x18/0x40 [ 20.851806] kasan_save_alloc_info+0x3b/0x50 [ 20.852155] __kasan_kmalloc+0xb7/0xc0 [ 20.852657] __kmalloc_cache_noprof+0x184/0x410 [ 20.853001] kmalloc_uaf_memset+0xaa/0x360 [ 20.853500] kunit_try_run_case+0x1b3/0x490 [ 20.853887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.854225] kthread+0x257/0x310 [ 20.854656] ret_from_fork+0x41/0x80 [ 20.855099] ret_from_fork_asm+0x1a/0x30 [ 20.855552] [ 20.855861] Freed by task 193: [ 20.856199] kasan_save_stack+0x3d/0x60 [ 20.856646] kasan_save_track+0x18/0x40 [ 20.856922] kasan_save_free_info+0x3f/0x60 [ 20.857239] __kasan_slab_free+0x56/0x70 [ 20.857744] kfree+0x123/0x3f0 [ 20.858150] kmalloc_uaf_memset+0x12c/0x360 [ 20.858648] kunit_try_run_case+0x1b3/0x490 [ 20.859134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.859725] kthread+0x257/0x310 [ 20.859990] ret_from_fork+0x41/0x80 [ 20.860257] ret_from_fork_asm+0x1a/0x30 [ 20.860542] [ 20.860827] The buggy address belongs to the object at ffff88810295cf00 [ 20.860827] which belongs to the cache kmalloc-64 of size 64 [ 20.861951] The buggy address is located 0 bytes inside of [ 20.861951] freed 64-byte region [ffff88810295cf00, ffff88810295cf40) [ 20.862908] [ 20.863147] The buggy address belongs to the physical page: [ 20.863546] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295c [ 20.864001] flags: 0x200000000000000(node=0|zone=2) [ 20.864298] page_type: f5(slab) [ 20.864724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.865424] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 20.866205] page dumped because: kasan: bad access detected [ 20.866808] [ 20.867034] Memory state around the buggy address: [ 20.867427] ffff88810295ce00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.868000] ffff88810295ce80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.868469] >ffff88810295cf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.869078] ^ [ 20.869501] ffff88810295cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.870064] ffff88810295d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.870428] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 20.724871] ================================================================== [ 20.725698] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 20.727078] Read of size 64 at addr ffff88810295ce84 by task kunit_try_catch/189 [ 20.728012] [ 20.728446] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.729837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.730366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.731100] Call Trace: [ 20.731414] <TASK> [ 20.731772] dump_stack_lvl+0x73/0xb0 [ 20.732385] print_report+0xd1/0x640 [ 20.732753] ? __virt_addr_valid+0x1db/0x2d0 [ 20.733731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.734257] kasan_report+0x102/0x140 [ 20.734709] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 20.735082] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 20.735816] kasan_check_range+0x10c/0x1c0 [ 20.736337] __asan_memmove+0x27/0x70 [ 20.736823] kmalloc_memmove_invalid_size+0x170/0x330 [ 20.737742] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 20.738334] ? __schedule+0xc3e/0x2790 [ 20.738826] ? __pfx_read_tsc+0x10/0x10 [ 20.739409] ? ktime_get_ts64+0x84/0x230 [ 20.739897] kunit_try_run_case+0x1b3/0x490 [ 20.740559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.741796] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.742139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.742813] ? __kthread_parkme+0x82/0x160 [ 20.743190] ? preempt_count_sub+0x50/0x80 [ 20.743600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.744036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.744773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.745773] kthread+0x257/0x310 [ 20.746305] ? __pfx_kthread+0x10/0x10 [ 20.746786] ret_from_fork+0x41/0x80 [ 20.747362] ? __pfx_kthread+0x10/0x10 [ 20.747754] ret_from_fork_asm+0x1a/0x30 [ 20.748389] </TASK> [ 20.748729] [ 20.749391] Allocated by task 189: [ 20.749701] kasan_save_stack+0x3d/0x60 [ 20.750265] kasan_save_track+0x18/0x40 [ 20.750564] kasan_save_alloc_info+0x3b/0x50 [ 20.751214] __kasan_kmalloc+0xb7/0xc0 [ 20.751647] __kmalloc_cache_noprof+0x184/0x410 [ 20.752318] kmalloc_memmove_invalid_size+0xad/0x330 [ 20.752798] kunit_try_run_case+0x1b3/0x490 [ 20.753689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.754191] kthread+0x257/0x310 [ 20.754569] ret_from_fork+0x41/0x80 [ 20.754887] ret_from_fork_asm+0x1a/0x30 [ 20.755253] [ 20.755477] The buggy address belongs to the object at ffff88810295ce80 [ 20.755477] which belongs to the cache kmalloc-64 of size 64 [ 20.756567] The buggy address is located 4 bytes inside of [ 20.756567] allocated 64-byte region [ffff88810295ce80, ffff88810295cec0) [ 20.757906] [ 20.758353] The buggy address belongs to the physical page: [ 20.758928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295c [ 20.759604] flags: 0x200000000000000(node=0|zone=2) [ 20.760103] page_type: f5(slab) [ 20.760413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.762265] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 20.762787] page dumped because: kasan: bad access detected [ 20.763276] [ 20.763475] Memory state around the buggy address: [ 20.764481] ffff88810295cd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.765384] ffff88810295ce00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.766287] >ffff88810295ce80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 20.766843] ^ [ 20.768137] ffff88810295cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.768863] ffff88810295cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.769611] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 20.670551] ================================================================== [ 20.671610] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 20.672004] Read of size 18446744073709551614 at addr ffff8881028b9184 by task kunit_try_catch/187 [ 20.673399] [ 20.673698] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.674448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.674825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.675673] Call Trace: [ 20.676770] <TASK> [ 20.677201] dump_stack_lvl+0x73/0xb0 [ 20.677481] print_report+0xd1/0x640 [ 20.678311] ? __virt_addr_valid+0x1db/0x2d0 [ 20.678886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.680030] kasan_report+0x102/0x140 [ 20.680801] ? kmalloc_memmove_negative_size+0x172/0x330 [ 20.681386] ? kmalloc_memmove_negative_size+0x172/0x330 [ 20.681885] kasan_check_range+0x10c/0x1c0 [ 20.682290] __asan_memmove+0x27/0x70 [ 20.683411] kmalloc_memmove_negative_size+0x172/0x330 [ 20.684326] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 20.685104] ? __schedule+0x1ba9/0x2790 [ 20.685730] ? __pfx_read_tsc+0x10/0x10 [ 20.686378] ? ktime_get_ts64+0x84/0x230 [ 20.686831] kunit_try_run_case+0x1b3/0x490 [ 20.687546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.688282] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.688748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.689144] ? __kthread_parkme+0x82/0x160 [ 20.689777] ? preempt_count_sub+0x50/0x80 [ 20.690369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.690913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.691791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.692524] kthread+0x257/0x310 [ 20.692901] ? __pfx_kthread+0x10/0x10 [ 20.693453] ret_from_fork+0x41/0x80 [ 20.693918] ? __pfx_kthread+0x10/0x10 [ 20.694429] ret_from_fork_asm+0x1a/0x30 [ 20.695354] </TASK> [ 20.695723] [ 20.695920] Allocated by task 187: [ 20.696311] kasan_save_stack+0x3d/0x60 [ 20.696853] kasan_save_track+0x18/0x40 [ 20.697399] kasan_save_alloc_info+0x3b/0x50 [ 20.698008] __kasan_kmalloc+0xb7/0xc0 [ 20.698419] __kmalloc_cache_noprof+0x184/0x410 [ 20.699694] kmalloc_memmove_negative_size+0xad/0x330 [ 20.699992] kunit_try_run_case+0x1b3/0x490 [ 20.700850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.701609] kthread+0x257/0x310 [ 20.702217] ret_from_fork+0x41/0x80 [ 20.702750] ret_from_fork_asm+0x1a/0x30 [ 20.703645] [ 20.703863] The buggy address belongs to the object at ffff8881028b9180 [ 20.703863] which belongs to the cache kmalloc-64 of size 64 [ 20.704645] The buggy address is located 4 bytes inside of [ 20.704645] 64-byte region [ffff8881028b9180, ffff8881028b91c0) [ 20.706266] [ 20.706531] The buggy address belongs to the physical page: [ 20.707174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b9 [ 20.708523] flags: 0x200000000000000(node=0|zone=2) [ 20.709236] page_type: f5(slab) [ 20.709829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.710719] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 20.711830] page dumped because: kasan: bad access detected [ 20.712287] [ 20.712451] Memory state around the buggy address: [ 20.712819] ffff8881028b9080: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 20.713376] ffff8881028b9100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.714107] >ffff8881028b9180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 20.714889] ^ [ 20.715353] ffff8881028b9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.715876] ffff8881028b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.716296] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 20.511746] ================================================================== [ 20.513172] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 20.513852] Write of size 4 at addr ffff88810295eb75 by task kunit_try_catch/181 [ 20.515445] [ 20.516112] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.516990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.517219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.517630] Call Trace: [ 20.517807] <TASK> [ 20.517981] dump_stack_lvl+0x73/0xb0 [ 20.518271] print_report+0xd1/0x640 [ 20.518624] ? __virt_addr_valid+0x1db/0x2d0 [ 20.520400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.521377] kasan_report+0x102/0x140 [ 20.522621] ? kmalloc_oob_memset_4+0x167/0x330 [ 20.523043] ? kmalloc_oob_memset_4+0x167/0x330 [ 20.523336] kasan_check_range+0x10c/0x1c0 [ 20.523794] __asan_memset+0x27/0x50 [ 20.524362] kmalloc_oob_memset_4+0x167/0x330 [ 20.526315] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 20.527221] ? __schedule+0xc3e/0x2790 [ 20.527934] ? __pfx_read_tsc+0x10/0x10 [ 20.528733] ? ktime_get_ts64+0x84/0x230 [ 20.529244] kunit_try_run_case+0x1b3/0x490 [ 20.530017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.530335] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.530645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.531008] ? __kthread_parkme+0x82/0x160 [ 20.531688] ? preempt_count_sub+0x50/0x80 [ 20.532013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.532422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.533631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.534001] kthread+0x257/0x310 [ 20.534321] ? __pfx_kthread+0x10/0x10 [ 20.535234] ret_from_fork+0x41/0x80 [ 20.535724] ? __pfx_kthread+0x10/0x10 [ 20.536294] ret_from_fork_asm+0x1a/0x30 [ 20.536754] </TASK> [ 20.537292] [ 20.537545] Allocated by task 181: [ 20.538040] kasan_save_stack+0x3d/0x60 [ 20.538506] kasan_save_track+0x18/0x40 [ 20.538792] kasan_save_alloc_info+0x3b/0x50 [ 20.539244] __kasan_kmalloc+0xb7/0xc0 [ 20.540500] __kmalloc_cache_noprof+0x184/0x410 [ 20.541066] kmalloc_oob_memset_4+0xad/0x330 [ 20.541756] kunit_try_run_case+0x1b3/0x490 [ 20.542471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.543172] kthread+0x257/0x310 [ 20.543567] ret_from_fork+0x41/0x80 [ 20.543990] ret_from_fork_asm+0x1a/0x30 [ 20.544587] [ 20.545144] The buggy address belongs to the object at ffff88810295eb00 [ 20.545144] which belongs to the cache kmalloc-128 of size 128 [ 20.546142] The buggy address is located 117 bytes inside of [ 20.546142] allocated 120-byte region [ffff88810295eb00, ffff88810295eb78) [ 20.548160] [ 20.548586] The buggy address belongs to the physical page: [ 20.549117] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295e [ 20.549514] flags: 0x200000000000000(node=0|zone=2) [ 20.550186] page_type: f5(slab) [ 20.551106] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.552312] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.553341] page dumped because: kasan: bad access detected [ 20.553968] [ 20.554204] Memory state around the buggy address: [ 20.554538] ffff88810295ea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.555878] ffff88810295ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.556615] >ffff88810295eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.557005] ^ [ 20.557604] ffff88810295eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.558659] ffff88810295ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.559420] ================================================================== [ 20.566738] ================================================================== [ 20.567629] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 20.568544] Write of size 8 at addr ffff8881028b7c71 by task kunit_try_catch/183 [ 20.569440] [ 20.569737] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.570602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.570947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.571908] Call Trace: [ 20.572332] <TASK> [ 20.572661] dump_stack_lvl+0x73/0xb0 [ 20.573235] print_report+0xd1/0x640 [ 20.573806] ? __virt_addr_valid+0x1db/0x2d0 [ 20.575384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.575915] kasan_report+0x102/0x140 [ 20.576406] ? kmalloc_oob_memset_8+0x167/0x330 [ 20.576976] ? kmalloc_oob_memset_8+0x167/0x330 [ 20.578152] kasan_check_range+0x10c/0x1c0 [ 20.578503] __asan_memset+0x27/0x50 [ 20.579311] kmalloc_oob_memset_8+0x167/0x330 [ 20.579833] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 20.580393] ? __schedule+0xc3e/0x2790 [ 20.581446] ? __pfx_read_tsc+0x10/0x10 [ 20.582388] ? ktime_get_ts64+0x84/0x230 [ 20.582754] kunit_try_run_case+0x1b3/0x490 [ 20.583161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.584044] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.584468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.585436] ? __kthread_parkme+0x82/0x160 [ 20.586127] ? preempt_count_sub+0x50/0x80 [ 20.586747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.587420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.588199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.588815] kthread+0x257/0x310 [ 20.589354] ? __pfx_kthread+0x10/0x10 [ 20.589915] ret_from_fork+0x41/0x80 [ 20.590534] ? __pfx_kthread+0x10/0x10 [ 20.591022] ret_from_fork_asm+0x1a/0x30 [ 20.591620] </TASK> [ 20.591885] [ 20.592156] Allocated by task 183: [ 20.592614] kasan_save_stack+0x3d/0x60 [ 20.593217] kasan_save_track+0x18/0x40 [ 20.593732] kasan_save_alloc_info+0x3b/0x50 [ 20.594360] __kasan_kmalloc+0xb7/0xc0 [ 20.594899] __kmalloc_cache_noprof+0x184/0x410 [ 20.595480] kmalloc_oob_memset_8+0xad/0x330 [ 20.595963] kunit_try_run_case+0x1b3/0x490 [ 20.596538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.597376] kthread+0x257/0x310 [ 20.598143] ret_from_fork+0x41/0x80 [ 20.598672] ret_from_fork_asm+0x1a/0x30 [ 20.599263] [ 20.599523] The buggy address belongs to the object at ffff8881028b7c00 [ 20.599523] which belongs to the cache kmalloc-128 of size 128 [ 20.600632] The buggy address is located 113 bytes inside of [ 20.600632] allocated 120-byte region [ffff8881028b7c00, ffff8881028b7c78) [ 20.602766] [ 20.603033] The buggy address belongs to the physical page: [ 20.603794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b7 [ 20.604393] flags: 0x200000000000000(node=0|zone=2) [ 20.604823] page_type: f5(slab) [ 20.605234] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.605667] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.606379] page dumped because: kasan: bad access detected [ 20.607465] [ 20.607665] Memory state around the buggy address: [ 20.608197] ffff8881028b7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 20.608834] ffff8881028b7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.609383] >ffff8881028b7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.610153] ^ [ 20.611319] ffff8881028b7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.611893] ffff8881028b7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.612455] ================================================================== [ 20.620738] ================================================================== [ 20.621592] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 20.622160] Write of size 16 at addr ffff8881028b7e69 by task kunit_try_catch/185 [ 20.622992] [ 20.623186] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.624050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.624457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.625780] Call Trace: [ 20.626310] <TASK> [ 20.626663] dump_stack_lvl+0x73/0xb0 [ 20.627195] print_report+0xd1/0x640 [ 20.627659] ? __virt_addr_valid+0x1db/0x2d0 [ 20.628502] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.629238] kasan_report+0x102/0x140 [ 20.629677] ? kmalloc_oob_memset_16+0x167/0x330 [ 20.630333] ? kmalloc_oob_memset_16+0x167/0x330 [ 20.630898] kasan_check_range+0x10c/0x1c0 [ 20.631382] __asan_memset+0x27/0x50 [ 20.631861] kmalloc_oob_memset_16+0x167/0x330 [ 20.632592] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 20.633161] ? __schedule+0xc3e/0x2790 [ 20.633734] ? __pfx_read_tsc+0x10/0x10 [ 20.634080] ? ktime_get_ts64+0x84/0x230 [ 20.634442] kunit_try_run_case+0x1b3/0x490 [ 20.634921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.635445] ? irqentry_exit+0x2a/0x60 [ 20.636476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.637162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.637517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.638244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.638676] kthread+0x257/0x310 [ 20.639341] ? __pfx_kthread+0x10/0x10 [ 20.639821] ret_from_fork+0x41/0x80 [ 20.640671] ? __pfx_kthread+0x10/0x10 [ 20.641256] ret_from_fork_asm+0x1a/0x30 [ 20.641722] </TASK> [ 20.641994] [ 20.642527] Allocated by task 185: [ 20.643362] kasan_save_stack+0x3d/0x60 [ 20.643773] kasan_save_track+0x18/0x40 [ 20.644177] kasan_save_alloc_info+0x3b/0x50 [ 20.644570] __kasan_kmalloc+0xb7/0xc0 [ 20.644974] __kmalloc_cache_noprof+0x184/0x410 [ 20.645450] kmalloc_oob_memset_16+0xad/0x330 [ 20.645888] kunit_try_run_case+0x1b3/0x490 [ 20.646744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.647526] kthread+0x257/0x310 [ 20.647935] ret_from_fork+0x41/0x80 [ 20.648505] ret_from_fork_asm+0x1a/0x30 [ 20.649116] [ 20.649349] The buggy address belongs to the object at ffff8881028b7e00 [ 20.649349] which belongs to the cache kmalloc-128 of size 128 [ 20.650578] The buggy address is located 105 bytes inside of [ 20.650578] allocated 120-byte region [ffff8881028b7e00, ffff8881028b7e78) [ 20.651834] [ 20.652179] The buggy address belongs to the physical page: [ 20.652768] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b7 [ 20.653708] flags: 0x200000000000000(node=0|zone=2) [ 20.654747] page_type: f5(slab) [ 20.655420] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.656161] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.656909] page dumped because: kasan: bad access detected [ 20.657661] [ 20.657873] Memory state around the buggy address: [ 20.658712] ffff8881028b7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 20.659547] ffff8881028b7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.660399] >ffff8881028b7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.661177] ^ [ 20.661824] ffff8881028b7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.662743] ffff8881028b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.663116] ================================================================== [ 20.459210] ================================================================== [ 20.460171] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 20.461217] Write of size 2 at addr ffff88810295ea77 by task kunit_try_catch/179 [ 20.462620] [ 20.462859] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.464220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.464966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.465840] Call Trace: [ 20.466077] <TASK> [ 20.466376] dump_stack_lvl+0x73/0xb0 [ 20.466951] print_report+0xd1/0x640 [ 20.467573] ? __virt_addr_valid+0x1db/0x2d0 [ 20.468181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.470210] kasan_report+0x102/0x140 [ 20.471307] ? kmalloc_oob_memset_2+0x167/0x330 [ 20.471841] ? kmalloc_oob_memset_2+0x167/0x330 [ 20.472151] kasan_check_range+0x10c/0x1c0 [ 20.472445] __asan_memset+0x27/0x50 [ 20.474680] kmalloc_oob_memset_2+0x167/0x330 [ 20.475842] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 20.476812] ? __schedule+0xc3e/0x2790 [ 20.477318] ? __pfx_read_tsc+0x10/0x10 [ 20.478352] ? ktime_get_ts64+0x84/0x230 [ 20.478853] kunit_try_run_case+0x1b3/0x490 [ 20.479738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.480087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.480575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.480947] ? __kthread_parkme+0x82/0x160 [ 20.481398] ? preempt_count_sub+0x50/0x80 [ 20.482076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.482395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.482771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.483319] kthread+0x257/0x310 [ 20.483662] ? __pfx_kthread+0x10/0x10 [ 20.483942] ret_from_fork+0x41/0x80 [ 20.484367] ? __pfx_kthread+0x10/0x10 [ 20.484722] ret_from_fork_asm+0x1a/0x30 [ 20.485249] </TASK> [ 20.486377] [ 20.486612] Allocated by task 179: [ 20.486927] kasan_save_stack+0x3d/0x60 [ 20.487353] kasan_save_track+0x18/0x40 [ 20.488297] kasan_save_alloc_info+0x3b/0x50 [ 20.488996] __kasan_kmalloc+0xb7/0xc0 [ 20.489185] __kmalloc_cache_noprof+0x184/0x410 [ 20.489347] kmalloc_oob_memset_2+0xad/0x330 [ 20.489531] kunit_try_run_case+0x1b3/0x490 [ 20.489800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.490132] kthread+0x257/0x310 [ 20.490558] ret_from_fork+0x41/0x80 [ 20.490891] ret_from_fork_asm+0x1a/0x30 [ 20.491469] [ 20.491763] The buggy address belongs to the object at ffff88810295ea00 [ 20.491763] which belongs to the cache kmalloc-128 of size 128 [ 20.492694] The buggy address is located 119 bytes inside of [ 20.492694] allocated 120-byte region [ffff88810295ea00, ffff88810295ea78) [ 20.494525] [ 20.494816] The buggy address belongs to the physical page: [ 20.495532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295e [ 20.496213] flags: 0x200000000000000(node=0|zone=2) [ 20.496792] page_type: f5(slab) [ 20.497330] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.498059] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.498561] page dumped because: kasan: bad access detected [ 20.499069] [ 20.499257] Memory state around the buggy address: [ 20.499734] ffff88810295e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.501100] ffff88810295e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.501679] >ffff88810295ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.502513] ^ [ 20.503190] ffff88810295ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.503874] ffff88810295eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.504550] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 20.405805] ================================================================== [ 20.406800] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 20.407863] Write of size 128 at addr ffff8881028b7600 by task kunit_try_catch/177 [ 20.408340] [ 20.408620] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.409477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.410016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.410785] Call Trace: [ 20.411103] <TASK> [ 20.411849] dump_stack_lvl+0x73/0xb0 [ 20.412335] print_report+0xd1/0x640 [ 20.412743] ? __virt_addr_valid+0x1db/0x2d0 [ 20.413549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.414037] kasan_report+0x102/0x140 [ 20.414335] ? kmalloc_oob_in_memset+0x160/0x320 [ 20.415403] ? kmalloc_oob_in_memset+0x160/0x320 [ 20.415934] kasan_check_range+0x10c/0x1c0 [ 20.416679] __asan_memset+0x27/0x50 [ 20.417091] kmalloc_oob_in_memset+0x160/0x320 [ 20.417766] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 20.418284] ? __schedule+0xc3e/0x2790 [ 20.419867] ? __pfx_read_tsc+0x10/0x10 [ 20.420547] ? ktime_get_ts64+0x84/0x230 [ 20.421007] kunit_try_run_case+0x1b3/0x490 [ 20.421321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.421926] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.422463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.423070] ? __kthread_parkme+0x82/0x160 [ 20.423617] ? preempt_count_sub+0x50/0x80 [ 20.424348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.425314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.426603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.427242] kthread+0x257/0x310 [ 20.427636] ? __pfx_kthread+0x10/0x10 [ 20.427922] ret_from_fork+0x41/0x80 [ 20.428322] ? __pfx_kthread+0x10/0x10 [ 20.429133] ret_from_fork_asm+0x1a/0x30 [ 20.429757] </TASK> [ 20.430012] [ 20.430214] Allocated by task 177: [ 20.430548] kasan_save_stack+0x3d/0x60 [ 20.431265] kasan_save_track+0x18/0x40 [ 20.431859] kasan_save_alloc_info+0x3b/0x50 [ 20.432345] __kasan_kmalloc+0xb7/0xc0 [ 20.432940] __kmalloc_cache_noprof+0x184/0x410 [ 20.433346] kmalloc_oob_in_memset+0xad/0x320 [ 20.434351] kunit_try_run_case+0x1b3/0x490 [ 20.434796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.435530] kthread+0x257/0x310 [ 20.436133] ret_from_fork+0x41/0x80 [ 20.436608] ret_from_fork_asm+0x1a/0x30 [ 20.437269] [ 20.437773] The buggy address belongs to the object at ffff8881028b7600 [ 20.437773] which belongs to the cache kmalloc-128 of size 128 [ 20.439967] The buggy address is located 0 bytes inside of [ 20.439967] allocated 120-byte region [ffff8881028b7600, ffff8881028b7678) [ 20.441082] [ 20.441312] The buggy address belongs to the physical page: [ 20.441713] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b7 [ 20.442304] flags: 0x200000000000000(node=0|zone=2) [ 20.443298] page_type: f5(slab) [ 20.443652] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.444550] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.445283] page dumped because: kasan: bad access detected [ 20.445812] [ 20.446293] Memory state around the buggy address: [ 20.446856] ffff8881028b7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.447550] ffff8881028b7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.448121] >ffff8881028b7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.448707] ^ [ 20.449786] ffff8881028b7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.450707] ffff8881028b7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.451825] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 20.879651] ================================================================== [ 20.880737] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 20.881425] Read of size 1 at addr ffff88810295cfa8 by task kunit_try_catch/195 [ 20.881798] [ 20.881985] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.882945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.883791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.884571] Call Trace: [ 20.884780] <TASK> [ 20.884978] dump_stack_lvl+0x73/0xb0 [ 20.885629] print_report+0xd1/0x640 [ 20.886434] ? __virt_addr_valid+0x1db/0x2d0 [ 20.886906] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.888355] kasan_report+0x102/0x140 [ 20.888959] ? kmalloc_uaf2+0x4aa/0x520 [ 20.889611] ? kmalloc_uaf2+0x4aa/0x520 [ 20.890286] __asan_report_load1_noabort+0x18/0x20 [ 20.890987] kmalloc_uaf2+0x4aa/0x520 [ 20.891798] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 20.892366] ? irqentry_exit+0x2a/0x60 [ 20.892916] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.893504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.894220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.895051] ? __pfx_read_tsc+0x10/0x10 [ 20.895394] ? ktime_get_ts64+0x84/0x230 [ 20.895829] kunit_try_run_case+0x1b3/0x490 [ 20.896261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.897438] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.897848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.898986] ? __kthread_parkme+0x82/0x160 [ 20.899684] ? preempt_count_sub+0x50/0x80 [ 20.900397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.901269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.901797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.902187] kthread+0x257/0x310 [ 20.902892] ? __pfx_kthread+0x10/0x10 [ 20.903317] ret_from_fork+0x41/0x80 [ 20.903870] ? __pfx_kthread+0x10/0x10 [ 20.904195] ret_from_fork_asm+0x1a/0x30 [ 20.904600] </TASK> [ 20.904885] [ 20.905107] Allocated by task 195: [ 20.905473] kasan_save_stack+0x3d/0x60 [ 20.906418] kasan_save_track+0x18/0x40 [ 20.906856] kasan_save_alloc_info+0x3b/0x50 [ 20.907672] __kasan_kmalloc+0xb7/0xc0 [ 20.908002] __kmalloc_cache_noprof+0x184/0x410 [ 20.908590] kmalloc_uaf2+0xc7/0x520 [ 20.909424] kunit_try_run_case+0x1b3/0x490 [ 20.909930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.910275] kthread+0x257/0x310 [ 20.910640] ret_from_fork+0x41/0x80 [ 20.911868] ret_from_fork_asm+0x1a/0x30 [ 20.912455] [ 20.912701] Freed by task 195: [ 20.913116] kasan_save_stack+0x3d/0x60 [ 20.913553] kasan_save_track+0x18/0x40 [ 20.914288] kasan_save_free_info+0x3f/0x60 [ 20.915134] __kasan_slab_free+0x56/0x70 [ 20.915661] kfree+0x123/0x3f0 [ 20.915904] kmalloc_uaf2+0x14d/0x520 [ 20.916157] kunit_try_run_case+0x1b3/0x490 [ 20.916654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.917635] kthread+0x257/0x310 [ 20.918127] ret_from_fork+0x41/0x80 [ 20.919161] ret_from_fork_asm+0x1a/0x30 [ 20.919739] [ 20.920068] The buggy address belongs to the object at ffff88810295cf80 [ 20.920068] which belongs to the cache kmalloc-64 of size 64 [ 20.921593] The buggy address is located 40 bytes inside of [ 20.921593] freed 64-byte region [ffff88810295cf80, ffff88810295cfc0) [ 20.922388] [ 20.922752] The buggy address belongs to the physical page: [ 20.923399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295c [ 20.924337] flags: 0x200000000000000(node=0|zone=2) [ 20.925650] page_type: f5(slab) [ 20.925933] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.926710] raw: 0000000000000000 0000000000200020 00000001f5000000 0000000000000000 [ 20.927093] page dumped because: kasan: bad access detected [ 20.927434] [ 20.928161] Memory state around the buggy address: [ 20.928994] ffff88810295ce80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.929759] ffff88810295cf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.930383] >ffff88810295cf80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.931344] ^ [ 20.931844] ffff88810295d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.932575] ffff88810295d080: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.933400] ================================================================== [ 20.776677] ================================================================== [ 20.777809] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 20.778382] Read of size 1 at addr ffff8881011ae2c8 by task kunit_try_catch/191 [ 20.778839] [ 20.779097] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.780867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.781327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.782091] Call Trace: [ 20.782343] <TASK> [ 20.782590] dump_stack_lvl+0x73/0xb0 [ 20.783347] print_report+0xd1/0x640 [ 20.783806] ? __virt_addr_valid+0x1db/0x2d0 [ 20.784285] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.785129] kasan_report+0x102/0x140 [ 20.785827] ? kmalloc_uaf+0x322/0x380 [ 20.786502] ? kmalloc_uaf+0x322/0x380 [ 20.787222] __asan_report_load1_noabort+0x18/0x20 [ 20.787737] kmalloc_uaf+0x322/0x380 [ 20.788686] ? __pfx_kmalloc_uaf+0x10/0x10 [ 20.789098] ? __schedule+0xc3e/0x2790 [ 20.789807] ? __pfx_read_tsc+0x10/0x10 [ 20.790295] ? ktime_get_ts64+0x84/0x230 [ 20.790882] kunit_try_run_case+0x1b3/0x490 [ 20.791431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.792050] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.792526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.793051] ? __kthread_parkme+0x82/0x160 [ 20.793450] ? preempt_count_sub+0x50/0x80 [ 20.794016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.794705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.795345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.795849] kthread+0x257/0x310 [ 20.796320] ? __pfx_kthread+0x10/0x10 [ 20.796794] ret_from_fork+0x41/0x80 [ 20.797270] ? __pfx_kthread+0x10/0x10 [ 20.797834] ret_from_fork_asm+0x1a/0x30 [ 20.798321] </TASK> [ 20.798706] [ 20.798965] Allocated by task 191: [ 20.799334] kasan_save_stack+0x3d/0x60 [ 20.799813] kasan_save_track+0x18/0x40 [ 20.800188] kasan_save_alloc_info+0x3b/0x50 [ 20.800761] __kasan_kmalloc+0xb7/0xc0 [ 20.801192] __kmalloc_cache_noprof+0x184/0x410 [ 20.801801] kmalloc_uaf+0xab/0x380 [ 20.802179] kunit_try_run_case+0x1b3/0x490 [ 20.802750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.803165] kthread+0x257/0x310 [ 20.803560] ret_from_fork+0x41/0x80 [ 20.804081] ret_from_fork_asm+0x1a/0x30 [ 20.804470] [ 20.804664] Freed by task 191: [ 20.804879] kasan_save_stack+0x3d/0x60 [ 20.805252] kasan_save_track+0x18/0x40 [ 20.805807] kasan_save_free_info+0x3f/0x60 [ 20.806277] __kasan_slab_free+0x56/0x70 [ 20.806721] kfree+0x123/0x3f0 [ 20.806960] kmalloc_uaf+0x12d/0x380 [ 20.807275] kunit_try_run_case+0x1b3/0x490 [ 20.807936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.808563] kthread+0x257/0x310 [ 20.809035] ret_from_fork+0x41/0x80 [ 20.809551] ret_from_fork_asm+0x1a/0x30 [ 20.809881] [ 20.810118] The buggy address belongs to the object at ffff8881011ae2c0 [ 20.810118] which belongs to the cache kmalloc-16 of size 16 [ 20.811320] The buggy address is located 8 bytes inside of [ 20.811320] freed 16-byte region [ffff8881011ae2c0, ffff8881011ae2d0) [ 20.812322] [ 20.812508] The buggy address belongs to the physical page: [ 20.813117] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011ae [ 20.813881] flags: 0x200000000000000(node=0|zone=2) [ 20.814408] page_type: f5(slab) [ 20.814722] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.815516] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 20.816157] page dumped because: kasan: bad access detected [ 20.817008] [ 20.817462] Memory state around the buggy address: [ 20.818591] ffff8881011ae180: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 20.820109] ffff8881011ae200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 20.820530] >ffff8881011ae280: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 20.821154] ^ [ 20.821835] ffff8881011ae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.822380] ffff8881011ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.823108] ================================================================== [ 20.345845] ================================================================== [ 20.346739] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 20.347677] Read of size 16 at addr ffff8881011ae2a0 by task kunit_try_catch/175 [ 20.348275] [ 20.349272] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.350373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.351208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.351776] Call Trace: [ 20.351989] <TASK> [ 20.352522] dump_stack_lvl+0x73/0xb0 [ 20.353422] print_report+0xd1/0x640 [ 20.353892] ? __virt_addr_valid+0x1db/0x2d0 [ 20.354368] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.354902] kasan_report+0x102/0x140 [ 20.355256] ? kmalloc_uaf_16+0x47d/0x4c0 [ 20.355656] ? kmalloc_uaf_16+0x47d/0x4c0 [ 20.356194] __asan_report_load16_noabort+0x18/0x20 [ 20.356784] kmalloc_uaf_16+0x47d/0x4c0 [ 20.357141] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 20.357447] ? __schedule+0xc3e/0x2790 [ 20.358015] ? __pfx_read_tsc+0x10/0x10 [ 20.359066] ? ktime_get_ts64+0x84/0x230 [ 20.359628] kunit_try_run_case+0x1b3/0x490 [ 20.360680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.361233] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.361642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.362553] ? __kthread_parkme+0x82/0x160 [ 20.363564] ? preempt_count_sub+0x50/0x80 [ 20.364076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.364540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.365198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.365745] kthread+0x257/0x310 [ 20.366323] ? __pfx_kthread+0x10/0x10 [ 20.366736] ret_from_fork+0x41/0x80 [ 20.367179] ? __pfx_kthread+0x10/0x10 [ 20.368063] ret_from_fork_asm+0x1a/0x30 [ 20.368565] </TASK> [ 20.368895] [ 20.369335] Allocated by task 175: [ 20.369652] kasan_save_stack+0x3d/0x60 [ 20.370269] kasan_save_track+0x18/0x40 [ 20.370793] kasan_save_alloc_info+0x3b/0x50 [ 20.371434] __kasan_kmalloc+0xb7/0xc0 [ 20.371808] __kmalloc_cache_noprof+0x184/0x410 [ 20.372472] kmalloc_uaf_16+0x15c/0x4c0 [ 20.372870] kunit_try_run_case+0x1b3/0x490 [ 20.373256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.374377] kthread+0x257/0x310 [ 20.374698] ret_from_fork+0x41/0x80 [ 20.375443] ret_from_fork_asm+0x1a/0x30 [ 20.376204] [ 20.376432] Freed by task 175: [ 20.376825] kasan_save_stack+0x3d/0x60 [ 20.377529] kasan_save_track+0x18/0x40 [ 20.378500] kasan_save_free_info+0x3f/0x60 [ 20.379166] __kasan_slab_free+0x56/0x70 [ 20.379610] kfree+0x123/0x3f0 [ 20.380342] kmalloc_uaf_16+0x1d7/0x4c0 [ 20.380687] kunit_try_run_case+0x1b3/0x490 [ 20.381140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.382109] kthread+0x257/0x310 [ 20.382515] ret_from_fork+0x41/0x80 [ 20.383592] ret_from_fork_asm+0x1a/0x30 [ 20.384261] [ 20.384421] The buggy address belongs to the object at ffff8881011ae2a0 [ 20.384421] which belongs to the cache kmalloc-16 of size 16 [ 20.385560] The buggy address is located 0 bytes inside of [ 20.385560] freed 16-byte region [ffff8881011ae2a0, ffff8881011ae2b0) [ 20.387217] [ 20.387442] The buggy address belongs to the physical page: [ 20.387919] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011ae [ 20.389475] flags: 0x200000000000000(node=0|zone=2) [ 20.390462] page_type: f5(slab) [ 20.390910] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.391661] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 20.392287] page dumped because: kasan: bad access detected [ 20.392744] [ 20.393129] Memory state around the buggy address: [ 20.393805] ffff8881011ae180: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 20.394977] ffff8881011ae200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 20.395843] >ffff8881011ae280: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 20.396562] ^ [ 20.397129] ffff8881011ae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397882] ffff8881011ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.398458] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 20.294745] ================================================================== [ 20.295586] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 20.295983] Write of size 16 at addr ffff8881028a7040 by task kunit_try_catch/173 [ 20.296537] [ 20.297167] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.298919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.299522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.300617] Call Trace: [ 20.300816] <TASK> [ 20.301467] dump_stack_lvl+0x73/0xb0 [ 20.302357] print_report+0xd1/0x640 [ 20.302849] ? __virt_addr_valid+0x1db/0x2d0 [ 20.303379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.304190] kasan_report+0x102/0x140 [ 20.304700] ? kmalloc_oob_16+0x454/0x4a0 [ 20.305220] ? kmalloc_oob_16+0x454/0x4a0 [ 20.305686] __asan_report_store16_noabort+0x1b/0x30 [ 20.306831] kmalloc_oob_16+0x454/0x4a0 [ 20.307216] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 20.307803] ? __schedule+0xc3e/0x2790 [ 20.308611] ? __pfx_read_tsc+0x10/0x10 [ 20.309193] ? ktime_get_ts64+0x84/0x230 [ 20.309634] kunit_try_run_case+0x1b3/0x490 [ 20.310172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.310599] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.311153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.312123] ? __kthread_parkme+0x82/0x160 [ 20.312883] ? preempt_count_sub+0x50/0x80 [ 20.313466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.314029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.314733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.315178] kthread+0x257/0x310 [ 20.315820] ? __pfx_kthread+0x10/0x10 [ 20.316462] ret_from_fork+0x41/0x80 [ 20.317203] ? __pfx_kthread+0x10/0x10 [ 20.317448] ret_from_fork_asm+0x1a/0x30 [ 20.318271] </TASK> [ 20.318613] [ 20.318843] Allocated by task 173: [ 20.319378] kasan_save_stack+0x3d/0x60 [ 20.319867] kasan_save_track+0x18/0x40 [ 20.320616] kasan_save_alloc_info+0x3b/0x50 [ 20.321077] __kasan_kmalloc+0xb7/0xc0 [ 20.321785] __kmalloc_cache_noprof+0x184/0x410 [ 20.322407] kmalloc_oob_16+0xa9/0x4a0 [ 20.322974] kunit_try_run_case+0x1b3/0x490 [ 20.323308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.323855] kthread+0x257/0x310 [ 20.324147] ret_from_fork+0x41/0x80 [ 20.324861] ret_from_fork_asm+0x1a/0x30 [ 20.325347] [ 20.325531] The buggy address belongs to the object at ffff8881028a7040 [ 20.325531] which belongs to the cache kmalloc-16 of size 16 [ 20.326847] The buggy address is located 0 bytes inside of [ 20.326847] allocated 13-byte region [ffff8881028a7040, ffff8881028a704d) [ 20.327844] [ 20.328308] The buggy address belongs to the physical page: [ 20.329200] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 20.329888] flags: 0x200000000000000(node=0|zone=2) [ 20.330631] page_type: f5(slab) [ 20.330946] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.331908] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 20.332546] page dumped because: kasan: bad access detected [ 20.333268] [ 20.333519] Memory state around the buggy address: [ 20.334312] ffff8881028a6f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.335215] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.335717] >ffff8881028a7000: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 20.336576] ^ [ 20.336939] ffff8881028a7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.338131] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.338773] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 20.169948] ================================================================== [ 20.170971] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 20.171623] Read of size 1 at addr ffff888100a23000 by task kunit_try_catch/171 [ 20.172568] [ 20.172819] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.173866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.174386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.175477] Call Trace: [ 20.175866] <TASK> [ 20.176575] dump_stack_lvl+0x73/0xb0 [ 20.177438] print_report+0xd1/0x640 [ 20.178385] ? __virt_addr_valid+0x1db/0x2d0 [ 20.179054] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.179858] kasan_report+0x102/0x140 [ 20.180462] ? krealloc_uaf+0x1b9/0x5e0 [ 20.181445] ? krealloc_uaf+0x1b9/0x5e0 [ 20.181842] ? krealloc_uaf+0x1b9/0x5e0 [ 20.182379] __kasan_check_byte+0x3d/0x50 [ 20.182868] krealloc_noprof+0x3f/0x340 [ 20.183519] krealloc_uaf+0x1b9/0x5e0 [ 20.183930] ? __pfx_krealloc_uaf+0x10/0x10 [ 20.184549] ? finish_task_switch.isra.0+0x153/0x700 [ 20.185237] ? __switch_to+0x5d9/0xf60 [ 20.185562] ? __schedule+0xc3e/0x2790 [ 20.186544] ? __pfx_read_tsc+0x10/0x10 [ 20.186925] ? ktime_get_ts64+0x84/0x230 [ 20.187329] kunit_try_run_case+0x1b3/0x490 [ 20.187754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.188245] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.188878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.189544] ? __kthread_parkme+0x82/0x160 [ 20.190109] ? preempt_count_sub+0x50/0x80 [ 20.190670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.191309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.192464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.192966] kthread+0x257/0x310 [ 20.193573] ? __pfx_kthread+0x10/0x10 [ 20.194194] ret_from_fork+0x41/0x80 [ 20.194579] ? __pfx_kthread+0x10/0x10 [ 20.194958] ret_from_fork_asm+0x1a/0x30 [ 20.195664] </TASK> [ 20.196098] [ 20.196334] Allocated by task 171: [ 20.196627] kasan_save_stack+0x3d/0x60 [ 20.197609] kasan_save_track+0x18/0x40 [ 20.198241] kasan_save_alloc_info+0x3b/0x50 [ 20.198715] __kasan_kmalloc+0xb7/0xc0 [ 20.199305] __kmalloc_cache_noprof+0x184/0x410 [ 20.199710] krealloc_uaf+0xbc/0x5e0 [ 20.200314] kunit_try_run_case+0x1b3/0x490 [ 20.200863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.201517] kthread+0x257/0x310 [ 20.201903] ret_from_fork+0x41/0x80 [ 20.202956] ret_from_fork_asm+0x1a/0x30 [ 20.203316] [ 20.203608] Freed by task 171: [ 20.203905] kasan_save_stack+0x3d/0x60 [ 20.204525] kasan_save_track+0x18/0x40 [ 20.204841] kasan_save_free_info+0x3f/0x60 [ 20.205427] __kasan_slab_free+0x56/0x70 [ 20.205930] kfree+0x123/0x3f0 [ 20.206503] krealloc_uaf+0x13e/0x5e0 [ 20.207083] kunit_try_run_case+0x1b3/0x490 [ 20.207469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.208628] kthread+0x257/0x310 [ 20.208908] ret_from_fork+0x41/0x80 [ 20.209554] ret_from_fork_asm+0x1a/0x30 [ 20.209972] [ 20.210214] The buggy address belongs to the object at ffff888100a23000 [ 20.210214] which belongs to the cache kmalloc-256 of size 256 [ 20.211459] The buggy address is located 0 bytes inside of [ 20.211459] freed 256-byte region [ffff888100a23000, ffff888100a23100) [ 20.212532] [ 20.212840] The buggy address belongs to the physical page: [ 20.213934] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 20.214724] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.215533] flags: 0x200000000000040(head|node=0|zone=2) [ 20.215936] page_type: f5(slab) [ 20.216291] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.217367] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.218131] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.219113] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.219683] head: 0200000000000001 ffffea0004028881 ffffffffffffffff 0000000000000000 [ 20.220434] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.221252] page dumped because: kasan: bad access detected [ 20.221738] [ 20.222120] Memory state around the buggy address: [ 20.222669] ffff888100a22f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.223804] ffff888100a22f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.224416] >ffff888100a23000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.225305] ^ [ 20.225728] ffff888100a23080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.226504] ffff888100a23100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.227262] ================================================================== [ 20.230297] ================================================================== [ 20.231045] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 20.232141] Read of size 1 at addr ffff888100a23000 by task kunit_try_catch/171 [ 20.232773] [ 20.233033] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.234184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.234649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.235570] Call Trace: [ 20.235867] <TASK> [ 20.236803] dump_stack_lvl+0x73/0xb0 [ 20.237200] print_report+0xd1/0x640 [ 20.237605] ? __virt_addr_valid+0x1db/0x2d0 [ 20.237924] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.238348] kasan_report+0x102/0x140 [ 20.239320] ? krealloc_uaf+0x53e/0x5e0 [ 20.239860] ? krealloc_uaf+0x53e/0x5e0 [ 20.240541] __asan_report_load1_noabort+0x18/0x20 [ 20.241382] krealloc_uaf+0x53e/0x5e0 [ 20.241797] ? __pfx_krealloc_uaf+0x10/0x10 [ 20.242983] ? finish_task_switch.isra.0+0x153/0x700 [ 20.243742] ? __switch_to+0x5d9/0xf60 [ 20.244422] ? __schedule+0xc3e/0x2790 [ 20.244919] ? __pfx_read_tsc+0x10/0x10 [ 20.245533] ? ktime_get_ts64+0x84/0x230 [ 20.246013] kunit_try_run_case+0x1b3/0x490 [ 20.246826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.247819] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.248501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.249282] ? __kthread_parkme+0x82/0x160 [ 20.249463] ? preempt_count_sub+0x50/0x80 [ 20.249777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.250774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.251437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.251843] kthread+0x257/0x310 [ 20.252232] ? __pfx_kthread+0x10/0x10 [ 20.252880] ret_from_fork+0x41/0x80 [ 20.253752] ? __pfx_kthread+0x10/0x10 [ 20.254583] ret_from_fork_asm+0x1a/0x30 [ 20.255176] </TASK> [ 20.255447] [ 20.256024] Allocated by task 171: [ 20.256575] kasan_save_stack+0x3d/0x60 [ 20.257028] kasan_save_track+0x18/0x40 [ 20.257424] kasan_save_alloc_info+0x3b/0x50 [ 20.258614] __kasan_kmalloc+0xb7/0xc0 [ 20.259233] __kmalloc_cache_noprof+0x184/0x410 [ 20.259781] krealloc_uaf+0xbc/0x5e0 [ 20.260098] kunit_try_run_case+0x1b3/0x490 [ 20.261214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.261796] kthread+0x257/0x310 [ 20.262575] ret_from_fork+0x41/0x80 [ 20.262997] ret_from_fork_asm+0x1a/0x30 [ 20.263885] [ 20.264073] Freed by task 171: [ 20.264443] kasan_save_stack+0x3d/0x60 [ 20.265329] kasan_save_track+0x18/0x40 [ 20.265750] kasan_save_free_info+0x3f/0x60 [ 20.266414] __kasan_slab_free+0x56/0x70 [ 20.266942] kfree+0x123/0x3f0 [ 20.267543] krealloc_uaf+0x13e/0x5e0 [ 20.268402] kunit_try_run_case+0x1b3/0x490 [ 20.269008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.269700] kthread+0x257/0x310 [ 20.270229] ret_from_fork+0x41/0x80 [ 20.270691] ret_from_fork_asm+0x1a/0x30 [ 20.271308] [ 20.271551] The buggy address belongs to the object at ffff888100a23000 [ 20.271551] which belongs to the cache kmalloc-256 of size 256 [ 20.272544] The buggy address is located 0 bytes inside of [ 20.272544] freed 256-byte region [ffff888100a23000, ffff888100a23100) [ 20.273417] [ 20.274619] The buggy address belongs to the physical page: [ 20.275204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 20.275824] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.276256] flags: 0x200000000000040(head|node=0|zone=2) [ 20.277201] page_type: f5(slab) [ 20.277480] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.278415] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.279354] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.280569] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.281293] head: 0200000000000001 ffffea0004028881 ffffffffffffffff 0000000000000000 [ 20.281720] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.282393] page dumped because: kasan: bad access detected [ 20.283340] [ 20.283546] Memory state around the buggy address: [ 20.284224] ffff888100a22f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.285117] ffff888100a22f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.285671] >ffff888100a23000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.286826] ^ [ 20.287353] ffff888100a23080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.288041] ffff888100a23100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.288533] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 20.031318] ================================================================== [ 20.031748] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 20.032450] Write of size 1 at addr ffff888102a1e0d0 by task kunit_try_catch/169 [ 20.033191] [ 20.033718] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.034600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.035015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.035790] Call Trace: [ 20.035967] <TASK> [ 20.036238] dump_stack_lvl+0x73/0xb0 [ 20.036991] print_report+0xd1/0x640 [ 20.038058] ? __virt_addr_valid+0x1db/0x2d0 [ 20.038417] ? kasan_addr_to_slab+0x11/0xa0 [ 20.038820] kasan_report+0x102/0x140 [ 20.039099] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 20.039422] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 20.040004] __asan_report_store1_noabort+0x1b/0x30 [ 20.040611] krealloc_less_oob_helper+0xe25/0x11d0 [ 20.041169] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.041809] ? finish_task_switch.isra.0+0x153/0x700 [ 20.042350] ? __switch_to+0x5d9/0xf60 [ 20.042908] ? __schedule+0xc3e/0x2790 [ 20.043385] ? __pfx_read_tsc+0x10/0x10 [ 20.043774] krealloc_large_less_oob+0x1c/0x30 [ 20.044322] kunit_try_run_case+0x1b3/0x490 [ 20.044786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.045281] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.045848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.046196] ? __kthread_parkme+0x82/0x160 [ 20.046509] ? preempt_count_sub+0x50/0x80 [ 20.047047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.047650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.048267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.048792] kthread+0x257/0x310 [ 20.049225] ? __pfx_kthread+0x10/0x10 [ 20.049623] ret_from_fork+0x41/0x80 [ 20.049909] ? __pfx_kthread+0x10/0x10 [ 20.050191] ret_from_fork_asm+0x1a/0x30 [ 20.050763] </TASK> [ 20.051090] [ 20.051343] The buggy address belongs to the physical page: [ 20.051947] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 20.052743] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.053308] flags: 0x200000000000040(head|node=0|zone=2) [ 20.053882] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.054292] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.054910] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.055704] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.056390] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 20.057099] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.057716] page dumped because: kasan: bad access detected [ 20.058260] [ 20.058429] Memory state around the buggy address: [ 20.058947] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.059318] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.059981] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.060695] ^ [ 20.061196] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.061748] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.062127] ================================================================== [ 19.775340] ================================================================== [ 19.776157] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 19.776972] Write of size 1 at addr ffff8881003976da by task kunit_try_catch/165 [ 19.778581] [ 19.778836] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.779446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.779974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.780414] Call Trace: [ 19.780724] <TASK> [ 19.781080] dump_stack_lvl+0x73/0xb0 [ 19.781523] print_report+0xd1/0x640 [ 19.781952] ? __virt_addr_valid+0x1db/0x2d0 [ 19.782379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.783068] kasan_report+0x102/0x140 [ 19.783407] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 19.783762] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 19.784096] __asan_report_store1_noabort+0x1b/0x30 [ 19.784430] krealloc_less_oob_helper+0xec8/0x11d0 [ 19.784957] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 19.785703] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.786229] ? __pfx_krealloc_less_oob+0x10/0x10 [ 19.786758] krealloc_less_oob+0x1c/0x30 [ 19.787198] kunit_try_run_case+0x1b3/0x490 [ 19.787622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.788011] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.788321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.788716] ? __kthread_parkme+0x82/0x160 [ 19.789149] ? preempt_count_sub+0x50/0x80 [ 19.789634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.790134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.790782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.791311] kthread+0x257/0x310 [ 19.791602] ? __pfx_kthread+0x10/0x10 [ 19.792047] ret_from_fork+0x41/0x80 [ 19.792442] ? __pfx_kthread+0x10/0x10 [ 19.792917] ret_from_fork_asm+0x1a/0x30 [ 19.793334] </TASK> [ 19.793552] [ 19.793710] Allocated by task 165: [ 19.794018] kasan_save_stack+0x3d/0x60 [ 19.794465] kasan_save_track+0x18/0x40 [ 19.794959] kasan_save_alloc_info+0x3b/0x50 [ 19.795446] __kasan_krealloc+0x190/0x1f0 [ 19.796005] krealloc_noprof+0xf3/0x340 [ 19.796316] krealloc_less_oob_helper+0x1ab/0x11d0 [ 19.796845] krealloc_less_oob+0x1c/0x30 [ 19.797115] kunit_try_run_case+0x1b3/0x490 [ 19.797396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.797738] kthread+0x257/0x310 [ 19.797981] ret_from_fork+0x41/0x80 [ 19.798400] ret_from_fork_asm+0x1a/0x30 [ 19.798843] [ 19.799120] The buggy address belongs to the object at ffff888100397600 [ 19.799120] which belongs to the cache kmalloc-256 of size 256 [ 19.800361] The buggy address is located 17 bytes to the right of [ 19.800361] allocated 201-byte region [ffff888100397600, ffff8881003976c9) [ 19.801796] [ 19.801970] The buggy address belongs to the physical page: [ 19.802264] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 19.803049] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.803474] flags: 0x200000000000040(head|node=0|zone=2) [ 19.804030] page_type: f5(slab) [ 19.804381] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.805204] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.805635] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.806027] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.806433] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 19.807246] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.808065] page dumped because: kasan: bad access detected [ 19.808609] [ 19.808832] Memory state around the buggy address: [ 19.809284] ffff888100397580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.810061] ffff888100397600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.812766] >ffff888100397680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.813210] ^ [ 19.813563] ffff888100397700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814200] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817006] ================================================================== [ 19.822398] ================================================================== [ 19.823206] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 19.824369] Write of size 1 at addr ffff8881003976ea by task kunit_try_catch/165 [ 19.825123] [ 19.825427] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.826260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.826587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.827236] Call Trace: [ 19.827455] <TASK> [ 19.827721] dump_stack_lvl+0x73/0xb0 [ 19.828175] print_report+0xd1/0x640 [ 19.828628] ? __virt_addr_valid+0x1db/0x2d0 [ 19.829097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.829441] kasan_report+0x102/0x140 [ 19.829978] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 19.830507] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 19.830969] __asan_report_store1_noabort+0x1b/0x30 [ 19.831458] krealloc_less_oob_helper+0xe92/0x11d0 [ 19.831995] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 19.832439] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.832896] ? __pfx_krealloc_less_oob+0x10/0x10 [ 19.833442] krealloc_less_oob+0x1c/0x30 [ 19.833886] kunit_try_run_case+0x1b3/0x490 [ 19.834231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.834757] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.835224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.835583] ? __kthread_parkme+0x82/0x160 [ 19.836058] ? preempt_count_sub+0x50/0x80 [ 19.836541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.837046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.837477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.837848] kthread+0x257/0x310 [ 19.838125] ? __pfx_kthread+0x10/0x10 [ 19.838402] ret_from_fork+0x41/0x80 [ 19.838834] ? __pfx_kthread+0x10/0x10 [ 19.839257] ret_from_fork_asm+0x1a/0x30 [ 19.839880] </TASK> [ 19.840151] [ 19.840370] Allocated by task 165: [ 19.840749] kasan_save_stack+0x3d/0x60 [ 19.841173] kasan_save_track+0x18/0x40 [ 19.841614] kasan_save_alloc_info+0x3b/0x50 [ 19.842074] __kasan_krealloc+0x190/0x1f0 [ 19.845307] krealloc_noprof+0xf3/0x340 [ 19.845857] krealloc_less_oob_helper+0x1ab/0x11d0 [ 19.846272] krealloc_less_oob+0x1c/0x30 [ 19.846572] kunit_try_run_case+0x1b3/0x490 [ 19.847017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.848523] kthread+0x257/0x310 [ 19.849540] ret_from_fork+0x41/0x80 [ 19.850007] ret_from_fork_asm+0x1a/0x30 [ 19.850450] [ 19.851273] The buggy address belongs to the object at ffff888100397600 [ 19.851273] which belongs to the cache kmalloc-256 of size 256 [ 19.852482] The buggy address is located 33 bytes to the right of [ 19.852482] allocated 201-byte region [ffff888100397600, ffff8881003976c9) [ 19.854195] [ 19.854356] The buggy address belongs to the physical page: [ 19.854870] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 19.855560] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.856590] flags: 0x200000000000040(head|node=0|zone=2) [ 19.857163] page_type: f5(slab) [ 19.857552] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.858152] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.858677] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.859702] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.860465] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 19.861008] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.861387] page dumped because: kasan: bad access detected [ 19.861951] [ 19.862186] Memory state around the buggy address: [ 19.862532] ffff888100397580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.863059] ffff888100397600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.863639] >ffff888100397680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.864423] ^ [ 19.865089] ffff888100397700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.866374] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.866880] ================================================================== [ 20.098941] ================================================================== [ 20.099360] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 20.100614] Write of size 1 at addr ffff888102a1e0ea by task kunit_try_catch/169 [ 20.101257] [ 20.101525] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.102289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.102563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.103428] Call Trace: [ 20.103829] <TASK> [ 20.104131] dump_stack_lvl+0x73/0xb0 [ 20.104641] print_report+0xd1/0x640 [ 20.105108] ? __virt_addr_valid+0x1db/0x2d0 [ 20.105714] ? kasan_addr_to_slab+0x11/0xa0 [ 20.106222] kasan_report+0x102/0x140 [ 20.106743] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 20.107297] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 20.108019] __asan_report_store1_noabort+0x1b/0x30 [ 20.108615] krealloc_less_oob_helper+0xe92/0x11d0 [ 20.109237] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.109681] ? finish_task_switch.isra.0+0x153/0x700 [ 20.110236] ? __switch_to+0x5d9/0xf60 [ 20.110761] ? __schedule+0xc3e/0x2790 [ 20.111220] ? __pfx_read_tsc+0x10/0x10 [ 20.111754] krealloc_large_less_oob+0x1c/0x30 [ 20.112102] kunit_try_run_case+0x1b3/0x490 [ 20.112387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.112704] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.113179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.113608] ? __kthread_parkme+0x82/0x160 [ 20.114074] ? preempt_count_sub+0x50/0x80 [ 20.114448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.114884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.115390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.115992] kthread+0x257/0x310 [ 20.116298] ? __pfx_kthread+0x10/0x10 [ 20.116771] ret_from_fork+0x41/0x80 [ 20.117160] ? __pfx_kthread+0x10/0x10 [ 20.117452] ret_from_fork_asm+0x1a/0x30 [ 20.117972] </TASK> [ 20.118202] [ 20.118359] The buggy address belongs to the physical page: [ 20.118730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 20.119283] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.119990] flags: 0x200000000000040(head|node=0|zone=2) [ 20.120547] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.121075] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.121709] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.122229] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.122842] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 20.123409] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.124121] page dumped because: kasan: bad access detected [ 20.124422] [ 20.124691] Memory state around the buggy address: [ 20.125801] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.126358] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.127067] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.127429] ^ [ 20.128047] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.128771] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.129401] ================================================================== [ 19.868356] ================================================================== [ 19.869103] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 19.869744] Write of size 1 at addr ffff8881003976eb by task kunit_try_catch/165 [ 19.870977] [ 19.871237] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.872739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.873159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.873738] Call Trace: [ 19.874065] <TASK> [ 19.874329] dump_stack_lvl+0x73/0xb0 [ 19.875184] print_report+0xd1/0x640 [ 19.875671] ? __virt_addr_valid+0x1db/0x2d0 [ 19.876546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.877309] kasan_report+0x102/0x140 [ 19.877944] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 19.878406] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 19.879260] __asan_report_store1_noabort+0x1b/0x30 [ 19.879837] krealloc_less_oob_helper+0xd49/0x11d0 [ 19.880284] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 19.880755] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.881211] ? __pfx_krealloc_less_oob+0x10/0x10 [ 19.881770] krealloc_less_oob+0x1c/0x30 [ 19.882241] kunit_try_run_case+0x1b3/0x490 [ 19.882612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.883090] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.883695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.884154] ? __kthread_parkme+0x82/0x160 [ 19.884710] ? preempt_count_sub+0x50/0x80 [ 19.885203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.885758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.886295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.886884] kthread+0x257/0x310 [ 19.887294] ? __pfx_kthread+0x10/0x10 [ 19.887854] ret_from_fork+0x41/0x80 [ 19.888201] ? __pfx_kthread+0x10/0x10 [ 19.888676] ret_from_fork_asm+0x1a/0x30 [ 19.889144] </TASK> [ 19.889463] [ 19.889753] Allocated by task 165: [ 19.890091] kasan_save_stack+0x3d/0x60 [ 19.890534] kasan_save_track+0x18/0x40 [ 19.890941] kasan_save_alloc_info+0x3b/0x50 [ 19.891450] __kasan_krealloc+0x190/0x1f0 [ 19.891941] krealloc_noprof+0xf3/0x340 [ 19.892360] krealloc_less_oob_helper+0x1ab/0x11d0 [ 19.892918] krealloc_less_oob+0x1c/0x30 [ 19.893394] kunit_try_run_case+0x1b3/0x490 [ 19.893899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.894329] kthread+0x257/0x310 [ 19.894716] ret_from_fork+0x41/0x80 [ 19.895224] ret_from_fork_asm+0x1a/0x30 [ 19.895732] [ 19.895957] The buggy address belongs to the object at ffff888100397600 [ 19.895957] which belongs to the cache kmalloc-256 of size 256 [ 19.897038] The buggy address is located 34 bytes to the right of [ 19.897038] allocated 201-byte region [ffff888100397600, ffff8881003976c9) [ 19.897992] [ 19.898251] The buggy address belongs to the physical page: [ 19.898775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 19.899185] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.899668] flags: 0x200000000000040(head|node=0|zone=2) [ 19.900260] page_type: f5(slab) [ 19.900698] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.901400] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.902169] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.902848] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.903367] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 19.904126] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.904735] page dumped because: kasan: bad access detected [ 19.905329] [ 19.905561] Memory state around the buggy address: [ 19.905970] ffff888100397580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.906450] ffff888100397600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.906976] >ffff888100397680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.907658] ^ [ 19.908235] ffff888100397700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.908931] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.909573] ================================================================== [ 20.063331] ================================================================== [ 20.065370] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 20.066162] Write of size 1 at addr ffff888102a1e0da by task kunit_try_catch/169 [ 20.066906] [ 20.067163] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.068111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.068558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.069189] Call Trace: [ 20.069528] <TASK> [ 20.069835] dump_stack_lvl+0x73/0xb0 [ 20.070276] print_report+0xd1/0x640 [ 20.070796] ? __virt_addr_valid+0x1db/0x2d0 [ 20.071223] ? kasan_addr_to_slab+0x11/0xa0 [ 20.071747] kasan_report+0x102/0x140 [ 20.072135] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 20.073258] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 20.074282] __asan_report_store1_noabort+0x1b/0x30 [ 20.074795] krealloc_less_oob_helper+0xec8/0x11d0 [ 20.075290] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.076033] ? finish_task_switch.isra.0+0x153/0x700 [ 20.076388] ? __switch_to+0x5d9/0xf60 [ 20.076919] ? __schedule+0xc3e/0x2790 [ 20.077281] ? __pfx_read_tsc+0x10/0x10 [ 20.077644] krealloc_large_less_oob+0x1c/0x30 [ 20.077962] kunit_try_run_case+0x1b3/0x490 [ 20.078455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.079022] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.079526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.080114] ? __kthread_parkme+0x82/0x160 [ 20.080620] ? preempt_count_sub+0x50/0x80 [ 20.081123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.081670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.082171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.082809] kthread+0x257/0x310 [ 20.083106] ? __pfx_kthread+0x10/0x10 [ 20.083632] ret_from_fork+0x41/0x80 [ 20.083931] ? __pfx_kthread+0x10/0x10 [ 20.084208] ret_from_fork_asm+0x1a/0x30 [ 20.084770] </TASK> [ 20.085055] [ 20.085366] The buggy address belongs to the physical page: [ 20.085980] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 20.086627] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.087082] flags: 0x200000000000040(head|node=0|zone=2) [ 20.087752] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.088231] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.088963] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.089635] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.090153] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 20.090570] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.091000] page dumped because: kasan: bad access detected [ 20.091302] [ 20.091455] Memory state around the buggy address: [ 20.092008] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.092694] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.093328] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.093967] ^ [ 20.096053] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.096777] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.097328] ================================================================== [ 19.684572] ================================================================== [ 19.685593] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 19.686442] Write of size 1 at addr ffff8881003976c9 by task kunit_try_catch/165 [ 19.687122] [ 19.687409] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.688439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.688925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.690012] Call Trace: [ 19.690288] <TASK> [ 19.690559] dump_stack_lvl+0x73/0xb0 [ 19.690864] print_report+0xd1/0x640 [ 19.691333] ? __virt_addr_valid+0x1db/0x2d0 [ 19.691836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.693176] kasan_report+0x102/0x140 [ 19.693644] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 19.694307] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 19.694822] __asan_report_store1_noabort+0x1b/0x30 [ 19.695756] krealloc_less_oob_helper+0xd72/0x11d0 [ 19.696270] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 19.696821] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.697781] ? __pfx_krealloc_less_oob+0x10/0x10 [ 19.698523] krealloc_less_oob+0x1c/0x30 [ 19.698975] kunit_try_run_case+0x1b3/0x490 [ 19.700127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.700441] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.701291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.701605] ? __kthread_parkme+0x82/0x160 [ 19.702066] ? preempt_count_sub+0x50/0x80 [ 19.702535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.702858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.704209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.704682] kthread+0x257/0x310 [ 19.705032] ? __pfx_kthread+0x10/0x10 [ 19.705419] ret_from_fork+0x41/0x80 [ 19.705723] ? __pfx_kthread+0x10/0x10 [ 19.706147] ret_from_fork_asm+0x1a/0x30 [ 19.706802] </TASK> [ 19.707267] [ 19.707644] Allocated by task 165: [ 19.708237] kasan_save_stack+0x3d/0x60 [ 19.708814] kasan_save_track+0x18/0x40 [ 19.709441] kasan_save_alloc_info+0x3b/0x50 [ 19.710266] __kasan_krealloc+0x190/0x1f0 [ 19.710844] krealloc_noprof+0xf3/0x340 [ 19.711503] krealloc_less_oob_helper+0x1ab/0x11d0 [ 19.712294] krealloc_less_oob+0x1c/0x30 [ 19.712847] kunit_try_run_case+0x1b3/0x490 [ 19.713557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.714409] kthread+0x257/0x310 [ 19.714910] ret_from_fork+0x41/0x80 [ 19.715591] ret_from_fork_asm+0x1a/0x30 [ 19.716285] [ 19.716609] The buggy address belongs to the object at ffff888100397600 [ 19.716609] which belongs to the cache kmalloc-256 of size 256 [ 19.718699] The buggy address is located 0 bytes to the right of [ 19.718699] allocated 201-byte region [ffff888100397600, ffff8881003976c9) [ 19.719929] [ 19.720430] The buggy address belongs to the physical page: [ 19.721761] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 19.722770] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.723724] flags: 0x200000000000040(head|node=0|zone=2) [ 19.724059] page_type: f5(slab) [ 19.724584] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.726031] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.726864] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.727629] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.728314] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 19.729017] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.730088] page dumped because: kasan: bad access detected [ 19.730523] [ 19.730948] Memory state around the buggy address: [ 19.731406] ffff888100397580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.731973] ffff888100397600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.732564] >ffff888100397680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.733278] ^ [ 19.734329] ffff888100397700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.734773] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.735193] ================================================================== [ 19.738837] ================================================================== [ 19.739766] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 19.740248] Write of size 1 at addr ffff8881003976d0 by task kunit_try_catch/165 [ 19.740907] [ 19.741138] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.741816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.742277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.742965] Call Trace: [ 19.743269] <TASK> [ 19.743475] dump_stack_lvl+0x73/0xb0 [ 19.743950] print_report+0xd1/0x640 [ 19.744354] ? __virt_addr_valid+0x1db/0x2d0 [ 19.744697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.745040] kasan_report+0x102/0x140 [ 19.745624] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 19.746139] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 19.746689] __asan_report_store1_noabort+0x1b/0x30 [ 19.747178] krealloc_less_oob_helper+0xe25/0x11d0 [ 19.747585] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 19.748109] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.748634] ? __pfx_krealloc_less_oob+0x10/0x10 [ 19.748974] krealloc_less_oob+0x1c/0x30 [ 19.749266] kunit_try_run_case+0x1b3/0x490 [ 19.749601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.750101] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.750696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.751192] ? __kthread_parkme+0x82/0x160 [ 19.751661] ? preempt_count_sub+0x50/0x80 [ 19.752113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.752473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.753030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.753372] kthread+0x257/0x310 [ 19.753653] ? __pfx_kthread+0x10/0x10 [ 19.754082] ret_from_fork+0x41/0x80 [ 19.754476] ? __pfx_kthread+0x10/0x10 [ 19.754904] ret_from_fork_asm+0x1a/0x30 [ 19.755396] </TASK> [ 19.755643] [ 19.755863] Allocated by task 165: [ 19.756216] kasan_save_stack+0x3d/0x60 [ 19.756652] kasan_save_track+0x18/0x40 [ 19.756952] kasan_save_alloc_info+0x3b/0x50 [ 19.757382] __kasan_krealloc+0x190/0x1f0 [ 19.757901] krealloc_noprof+0xf3/0x340 [ 19.758187] krealloc_less_oob_helper+0x1ab/0x11d0 [ 19.758507] krealloc_less_oob+0x1c/0x30 [ 19.758815] kunit_try_run_case+0x1b3/0x490 [ 19.759254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.759791] kthread+0x257/0x310 [ 19.760110] ret_from_fork+0x41/0x80 [ 19.760427] ret_from_fork_asm+0x1a/0x30 [ 19.760955] [ 19.761122] The buggy address belongs to the object at ffff888100397600 [ 19.761122] which belongs to the cache kmalloc-256 of size 256 [ 19.762243] The buggy address is located 7 bytes to the right of [ 19.762243] allocated 201-byte region [ffff888100397600, ffff8881003976c9) [ 19.762832] [ 19.762997] The buggy address belongs to the physical page: [ 19.763293] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 19.763915] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.764598] flags: 0x200000000000040(head|node=0|zone=2) [ 19.765323] page_type: f5(slab) [ 19.765729] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.766416] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.767296] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.767839] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.768387] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 19.769045] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.769653] page dumped because: kasan: bad access detected [ 19.769950] [ 19.770110] Memory state around the buggy address: [ 19.770560] ffff888100397580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.771282] ffff888100397600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.772036] >ffff888100397680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.772509] ^ [ 19.773230] ffff888100397700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.773625] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.773986] ================================================================== [ 20.130388] ================================================================== [ 20.131849] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 20.132809] Write of size 1 at addr ffff888102a1e0eb by task kunit_try_catch/169 [ 20.133427] [ 20.133681] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 20.134388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.134893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.135751] Call Trace: [ 20.136096] <TASK> [ 20.136385] dump_stack_lvl+0x73/0xb0 [ 20.136828] print_report+0xd1/0x640 [ 20.137253] ? __virt_addr_valid+0x1db/0x2d0 [ 20.137713] ? kasan_addr_to_slab+0x11/0xa0 [ 20.138018] kasan_report+0x102/0x140 [ 20.138312] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 20.138915] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 20.139450] __asan_report_store1_noabort+0x1b/0x30 [ 20.140014] krealloc_less_oob_helper+0xd49/0x11d0 [ 20.140617] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.141137] ? finish_task_switch.isra.0+0x153/0x700 [ 20.141707] ? __switch_to+0x5d9/0xf60 [ 20.142006] ? __schedule+0xc3e/0x2790 [ 20.142441] ? __pfx_read_tsc+0x10/0x10 [ 20.142991] krealloc_large_less_oob+0x1c/0x30 [ 20.143525] kunit_try_run_case+0x1b3/0x490 [ 20.143949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.144266] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.144669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.145245] ? __kthread_parkme+0x82/0x160 [ 20.145773] ? preempt_count_sub+0x50/0x80 [ 20.146236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.146827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.147392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.147814] kthread+0x257/0x310 [ 20.148243] ? __pfx_kthread+0x10/0x10 [ 20.148753] ret_from_fork+0x41/0x80 [ 20.149169] ? __pfx_kthread+0x10/0x10 [ 20.149697] ret_from_fork_asm+0x1a/0x30 [ 20.150187] </TASK> [ 20.150379] [ 20.150559] The buggy address belongs to the physical page: [ 20.151148] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 20.151860] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.152383] flags: 0x200000000000040(head|node=0|zone=2) [ 20.152971] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.153686] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.154091] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.154658] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.155074] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 20.156894] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.157586] page dumped because: kasan: bad access detected [ 20.158105] [ 20.158324] Memory state around the buggy address: [ 20.158892] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.159617] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.160179] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.160566] ^ [ 20.160980] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.161721] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.162410] ================================================================== [ 19.995842] ================================================================== [ 19.996748] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 19.997425] Write of size 1 at addr ffff888102a1e0c9 by task kunit_try_catch/169 [ 19.997952] [ 19.998406] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.999439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.999684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.000376] Call Trace: [ 20.000721] <TASK> [ 20.001012] dump_stack_lvl+0x73/0xb0 [ 20.001374] print_report+0xd1/0x640 [ 20.001867] ? __virt_addr_valid+0x1db/0x2d0 [ 20.002393] ? kasan_addr_to_slab+0x11/0xa0 [ 20.002977] kasan_report+0x102/0x140 [ 20.003323] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 20.003910] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 20.004430] __asan_report_store1_noabort+0x1b/0x30 [ 20.005085] krealloc_less_oob_helper+0xd72/0x11d0 [ 20.006155] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.007511] ? finish_task_switch.isra.0+0x153/0x700 [ 20.008054] ? __switch_to+0x5d9/0xf60 [ 20.008405] ? __schedule+0xc3e/0x2790 [ 20.008858] ? __pfx_read_tsc+0x10/0x10 [ 20.009297] krealloc_large_less_oob+0x1c/0x30 [ 20.009862] kunit_try_run_case+0x1b3/0x490 [ 20.010249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.010781] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.011151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.011674] ? __kthread_parkme+0x82/0x160 [ 20.012023] ? preempt_count_sub+0x50/0x80 [ 20.012321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.012763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.013350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.014037] kthread+0x257/0x310 [ 20.014435] ? __pfx_kthread+0x10/0x10 [ 20.014910] ret_from_fork+0x41/0x80 [ 20.015186] ? __pfx_kthread+0x10/0x10 [ 20.015709] ret_from_fork_asm+0x1a/0x30 [ 20.016172] </TASK> [ 20.016449] [ 20.016733] The buggy address belongs to the physical page: [ 20.017371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 20.018964] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.020173] flags: 0x200000000000040(head|node=0|zone=2) [ 20.020865] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.021729] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.022329] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.023217] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.023791] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 20.024651] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.025061] page dumped because: kasan: bad access detected [ 20.025636] [ 20.026279] Memory state around the buggy address: [ 20.026698] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.027448] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.028254] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.028904] ^ [ 20.029529] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.030061] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.030288] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 19.633342] ================================================================== [ 19.634085] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 19.634717] Write of size 1 at addr ffff888100a22ef0 by task kunit_try_catch/163 [ 19.635450] [ 19.635777] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.636354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.636855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.637553] Call Trace: [ 19.637912] <TASK> [ 19.638251] dump_stack_lvl+0x73/0xb0 [ 19.639744] print_report+0xd1/0x640 [ 19.640031] ? __virt_addr_valid+0x1db/0x2d0 [ 19.640433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.641080] kasan_report+0x102/0x140 [ 19.641522] ? krealloc_more_oob_helper+0x7ed/0x930 [ 19.642120] ? krealloc_more_oob_helper+0x7ed/0x930 [ 19.642671] __asan_report_store1_noabort+0x1b/0x30 [ 19.643189] krealloc_more_oob_helper+0x7ed/0x930 [ 19.643697] ? __schedule+0xc3e/0x2790 [ 19.644169] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 19.644653] ? finish_task_switch.isra.0+0x153/0x700 [ 19.645097] ? __switch_to+0x5d9/0xf60 [ 19.645548] ? __schedule+0xc3e/0x2790 [ 19.646064] ? __pfx_read_tsc+0x10/0x10 [ 19.646477] krealloc_more_oob+0x1c/0x30 [ 19.646981] kunit_try_run_case+0x1b3/0x490 [ 19.647408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.647799] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.648112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.648690] ? __kthread_parkme+0x82/0x160 [ 19.649170] ? preempt_count_sub+0x50/0x80 [ 19.649679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.650178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.650822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.651409] kthread+0x257/0x310 [ 19.651887] ? __pfx_kthread+0x10/0x10 [ 19.652350] ret_from_fork+0x41/0x80 [ 19.653066] ? __pfx_kthread+0x10/0x10 [ 19.654271] ret_from_fork_asm+0x1a/0x30 [ 19.654998] </TASK> [ 19.655334] [ 19.656081] Allocated by task 163: [ 19.656780] kasan_save_stack+0x3d/0x60 [ 19.657123] kasan_save_track+0x18/0x40 [ 19.657516] kasan_save_alloc_info+0x3b/0x50 [ 19.657846] __kasan_krealloc+0x190/0x1f0 [ 19.658136] krealloc_noprof+0xf3/0x340 [ 19.658445] krealloc_more_oob_helper+0x1aa/0x930 [ 19.659007] krealloc_more_oob+0x1c/0x30 [ 19.659432] kunit_try_run_case+0x1b3/0x490 [ 19.659935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.660313] kthread+0x257/0x310 [ 19.660621] ret_from_fork+0x41/0x80 [ 19.661027] ret_from_fork_asm+0x1a/0x30 [ 19.661432] [ 19.661713] The buggy address belongs to the object at ffff888100a22e00 [ 19.661713] which belongs to the cache kmalloc-256 of size 256 [ 19.662739] The buggy address is located 5 bytes to the right of [ 19.662739] allocated 235-byte region [ffff888100a22e00, ffff888100a22eeb) [ 19.663545] [ 19.663817] The buggy address belongs to the physical page: [ 19.664280] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 19.664940] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.665564] flags: 0x200000000000040(head|node=0|zone=2) [ 19.666140] page_type: f5(slab) [ 19.666432] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.667078] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.667742] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.668201] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.668715] head: 0200000000000001 ffffea0004028881 ffffffffffffffff 0000000000000000 [ 19.669386] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.670089] page dumped because: kasan: bad access detected [ 19.670450] [ 19.670673] Memory state around the buggy address: [ 19.671121] ffff888100a22d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.671812] ffff888100a22e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.672280] >ffff888100a22e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.672975] ^ [ 19.673344] ffff888100a22f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.673986] ffff888100a22f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.674546] ================================================================== [ 19.590635] ================================================================== [ 19.591541] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 19.592184] Write of size 1 at addr ffff888100a22eeb by task kunit_try_catch/163 [ 19.592728] [ 19.592924] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.593956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.594413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.595120] Call Trace: [ 19.595609] <TASK> [ 19.595944] dump_stack_lvl+0x73/0xb0 [ 19.596470] print_report+0xd1/0x640 [ 19.596987] ? __virt_addr_valid+0x1db/0x2d0 [ 19.597181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.597370] kasan_report+0x102/0x140 [ 19.597571] ? krealloc_more_oob_helper+0x823/0x930 [ 19.598173] ? krealloc_more_oob_helper+0x823/0x930 [ 19.598634] __asan_report_store1_noabort+0x1b/0x30 [ 19.599202] krealloc_more_oob_helper+0x823/0x930 [ 19.599648] ? __schedule+0xc3e/0x2790 [ 19.600118] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 19.600754] ? finish_task_switch.isra.0+0x153/0x700 [ 19.601088] ? __switch_to+0x5d9/0xf60 [ 19.601383] ? __schedule+0xc3e/0x2790 [ 19.601909] ? __pfx_read_tsc+0x10/0x10 [ 19.602365] krealloc_more_oob+0x1c/0x30 [ 19.602877] kunit_try_run_case+0x1b3/0x490 [ 19.603391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.603934] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.604370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.604947] ? __kthread_parkme+0x82/0x160 [ 19.605481] ? preempt_count_sub+0x50/0x80 [ 19.605835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.606168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.606765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.607302] kthread+0x257/0x310 [ 19.607802] ? __pfx_kthread+0x10/0x10 [ 19.608230] ret_from_fork+0x41/0x80 [ 19.608685] ? __pfx_kthread+0x10/0x10 [ 19.608967] ret_from_fork_asm+0x1a/0x30 [ 19.609317] </TASK> [ 19.609656] [ 19.609893] Allocated by task 163: [ 19.610300] kasan_save_stack+0x3d/0x60 [ 19.610791] kasan_save_track+0x18/0x40 [ 19.611249] kasan_save_alloc_info+0x3b/0x50 [ 19.611804] __kasan_krealloc+0x190/0x1f0 [ 19.612187] krealloc_noprof+0xf3/0x340 [ 19.612455] krealloc_more_oob_helper+0x1aa/0x930 [ 19.612823] krealloc_more_oob+0x1c/0x30 [ 19.613325] kunit_try_run_case+0x1b3/0x490 [ 19.613857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.614399] kthread+0x257/0x310 [ 19.614858] ret_from_fork+0x41/0x80 [ 19.615260] ret_from_fork_asm+0x1a/0x30 [ 19.615758] [ 19.615922] The buggy address belongs to the object at ffff888100a22e00 [ 19.615922] which belongs to the cache kmalloc-256 of size 256 [ 19.616812] The buggy address is located 0 bytes to the right of [ 19.616812] allocated 235-byte region [ffff888100a22e00, ffff888100a22eeb) [ 19.617925] [ 19.618134] The buggy address belongs to the physical page: [ 19.618432] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 19.618918] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.619300] flags: 0x200000000000040(head|node=0|zone=2) [ 19.619909] page_type: f5(slab) [ 19.620280] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.621005] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.621760] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.622452] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.624367] head: 0200000000000001 ffffea0004028881 ffffffffffffffff 0000000000000000 [ 19.625087] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 19.625889] page dumped because: kasan: bad access detected [ 19.626968] [ 19.627191] Memory state around the buggy address: [ 19.627716] ffff888100a22d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.628296] ffff888100a22e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.628913] >ffff888100a22e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.629518] ^ [ 19.629960] ffff888100a22f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.630686] ffff888100a22f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.631145] ================================================================== [ 19.920320] ================================================================== [ 19.921128] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 19.922063] Write of size 1 at addr ffff888102a1e0eb by task kunit_try_catch/167 [ 19.922586] [ 19.922907] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.923922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.924336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.925386] Call Trace: [ 19.925747] <TASK> [ 19.926154] dump_stack_lvl+0x73/0xb0 [ 19.926663] print_report+0xd1/0x640 [ 19.927197] ? __virt_addr_valid+0x1db/0x2d0 [ 19.927782] ? kasan_addr_to_slab+0x11/0xa0 [ 19.928453] kasan_report+0x102/0x140 [ 19.928973] ? krealloc_more_oob_helper+0x823/0x930 [ 19.929612] ? krealloc_more_oob_helper+0x823/0x930 [ 19.930232] __asan_report_store1_noabort+0x1b/0x30 [ 19.930962] krealloc_more_oob_helper+0x823/0x930 [ 19.931587] ? __schedule+0xc3e/0x2790 [ 19.932092] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 19.933041] ? finish_task_switch.isra.0+0x153/0x700 [ 19.933859] ? __switch_to+0x5d9/0xf60 [ 19.934295] ? __schedule+0xc3e/0x2790 [ 19.934672] ? __pfx_read_tsc+0x10/0x10 [ 19.935394] krealloc_large_more_oob+0x1c/0x30 [ 19.935857] kunit_try_run_case+0x1b3/0x490 [ 19.936412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.936849] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.937537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.938144] ? __kthread_parkme+0x82/0x160 [ 19.938570] ? preempt_count_sub+0x50/0x80 [ 19.939117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.939703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.940330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.940982] kthread+0x257/0x310 [ 19.941321] ? __pfx_kthread+0x10/0x10 [ 19.941670] ret_from_fork+0x41/0x80 [ 19.942099] ? __pfx_kthread+0x10/0x10 [ 19.942404] ret_from_fork_asm+0x1a/0x30 [ 19.942945] </TASK> [ 19.943154] [ 19.943315] The buggy address belongs to the physical page: [ 19.943819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 19.944594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.945343] flags: 0x200000000000040(head|node=0|zone=2) [ 19.946005] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.946779] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.947264] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.947835] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.948370] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 19.948985] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.949558] page dumped because: kasan: bad access detected [ 19.950052] [ 19.950266] Memory state around the buggy address: [ 19.950612] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.951058] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.951736] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.952135] ^ [ 19.952762] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.953379] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.953932] ================================================================== [ 19.955328] ================================================================== [ 19.955897] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 19.957215] Write of size 1 at addr ffff888102a1e0f0 by task kunit_try_catch/167 [ 19.958152] [ 19.958363] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.958949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.959347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.960158] Call Trace: [ 19.960370] <TASK> [ 19.960645] dump_stack_lvl+0x73/0xb0 [ 19.961080] print_report+0xd1/0x640 [ 19.961512] ? __virt_addr_valid+0x1db/0x2d0 [ 19.962025] ? kasan_addr_to_slab+0x11/0xa0 [ 19.962420] kasan_report+0x102/0x140 [ 19.962776] ? krealloc_more_oob_helper+0x7ed/0x930 [ 19.963294] ? krealloc_more_oob_helper+0x7ed/0x930 [ 19.963805] __asan_report_store1_noabort+0x1b/0x30 [ 19.964310] krealloc_more_oob_helper+0x7ed/0x930 [ 19.964753] ? __schedule+0xc3e/0x2790 [ 19.965041] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 19.965382] ? finish_task_switch.isra.0+0x153/0x700 [ 19.966787] ? __switch_to+0x5d9/0xf60 [ 19.967217] ? __schedule+0xc3e/0x2790 [ 19.967649] ? __pfx_read_tsc+0x10/0x10 [ 19.968072] krealloc_large_more_oob+0x1c/0x30 [ 19.968644] kunit_try_run_case+0x1b3/0x490 [ 19.969117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.969644] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.970147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.970645] ? __kthread_parkme+0x82/0x160 [ 19.970987] ? preempt_count_sub+0x50/0x80 [ 19.971282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.971719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.972296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.972890] kthread+0x257/0x310 [ 19.973287] ? __pfx_kthread+0x10/0x10 [ 19.973729] ret_from_fork+0x41/0x80 [ 19.974073] ? __pfx_kthread+0x10/0x10 [ 19.974352] ret_from_fork_asm+0x1a/0x30 [ 19.974822] </TASK> [ 19.975109] [ 19.975328] The buggy address belongs to the physical page: [ 19.975889] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 19.976537] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.976962] flags: 0x200000000000040(head|node=0|zone=2) [ 19.977304] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.977970] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.978713] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.979387] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.980105] head: 0200000000000002 ffffea00040a8701 ffffffffffffffff 0000000000000000 [ 19.980752] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.981134] page dumped because: kasan: bad access detected [ 19.981431] [ 19.981643] Memory state around the buggy address: [ 19.982054] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.982727] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.983352] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.984039] ^ [ 19.984702] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.985311] ffff888102a1e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.985973] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.549600] ================================================================== [ 19.550944] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 19.551956] Read of size 1 at addr ffff888102b00000 by task kunit_try_catch/161 [ 19.552658] [ 19.553336] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.554003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.554654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.555663] Call Trace: [ 19.556138] <TASK> [ 19.556672] dump_stack_lvl+0x73/0xb0 [ 19.557035] print_report+0xd1/0x640 [ 19.557460] ? __virt_addr_valid+0x1db/0x2d0 [ 19.557935] ? kasan_addr_to_slab+0x11/0xa0 [ 19.558377] kasan_report+0x102/0x140 [ 19.559821] ? page_alloc_uaf+0x358/0x3d0 [ 19.560437] ? page_alloc_uaf+0x358/0x3d0 [ 19.561102] __asan_report_load1_noabort+0x18/0x20 [ 19.561476] page_alloc_uaf+0x358/0x3d0 [ 19.562164] ? __pfx_page_alloc_uaf+0x10/0x10 [ 19.562524] ? __schedule+0xc3e/0x2790 [ 19.563354] ? __pfx_read_tsc+0x10/0x10 [ 19.563793] ? ktime_get_ts64+0x84/0x230 [ 19.564102] kunit_try_run_case+0x1b3/0x490 [ 19.564582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.565036] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.565478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.566401] ? __kthread_parkme+0x82/0x160 [ 19.566920] ? preempt_count_sub+0x50/0x80 [ 19.567804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.568327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.569101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.569500] kthread+0x257/0x310 [ 19.569964] ? __pfx_kthread+0x10/0x10 [ 19.570372] ret_from_fork+0x41/0x80 [ 19.570671] ? __pfx_kthread+0x10/0x10 [ 19.571091] ret_from_fork_asm+0x1a/0x30 [ 19.572037] </TASK> [ 19.572510] [ 19.573172] The buggy address belongs to the physical page: [ 19.574097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b00 [ 19.574755] flags: 0x200000000000000(node=0|zone=2) [ 19.575206] page_type: f0(buddy) [ 19.576148] raw: 0200000000000000 ffff88817fffd5c0 ffff88817fffd5c0 0000000000000000 [ 19.576792] raw: 0000000000000000 0000000000000008 00000000f0000000 0000000000000000 [ 19.577453] page dumped because: kasan: bad access detected [ 19.578118] [ 19.578356] Memory state around the buggy address: [ 19.578852] ffff888102afff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.579858] ffff888102afff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.580320] >ffff888102b00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.580983] ^ [ 19.581320] ffff888102b00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.582134] ffff888102b00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.582801] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 19.495897] ================================================================== [ 19.496668] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 19.497310] Free of addr ffff888102a18001 by task kunit_try_catch/157 [ 19.497753] [ 19.498018] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.499068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.499365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.501255] Call Trace: [ 19.501817] <TASK> [ 19.502204] dump_stack_lvl+0x73/0xb0 [ 19.502651] print_report+0xd1/0x640 [ 19.503451] ? __virt_addr_valid+0x1db/0x2d0 [ 19.504017] ? kfree+0x271/0x3f0 [ 19.504878] ? kasan_addr_to_slab+0x11/0xa0 [ 19.505627] ? kfree+0x271/0x3f0 [ 19.506360] kasan_report_invalid_free+0xc0/0xf0 [ 19.507162] ? kfree+0x271/0x3f0 [ 19.507451] ? kfree+0x271/0x3f0 [ 19.507979] __kasan_kfree_large+0x86/0xd0 [ 19.508888] free_large_kmalloc+0x3b/0xd0 [ 19.509481] kfree+0x271/0x3f0 [ 19.510304] kmalloc_large_invalid_free+0x121/0x2b0 [ 19.510900] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 19.511647] ? __schedule+0xc3e/0x2790 [ 19.512167] ? __pfx_read_tsc+0x10/0x10 [ 19.512613] ? ktime_get_ts64+0x84/0x230 [ 19.512943] kunit_try_run_case+0x1b3/0x490 [ 19.513388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.514268] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.514608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.515212] ? __kthread_parkme+0x82/0x160 [ 19.515917] ? preempt_count_sub+0x50/0x80 [ 19.516847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.517446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.518767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.519272] kthread+0x257/0x310 [ 19.519554] ? __pfx_kthread+0x10/0x10 [ 19.520568] ret_from_fork+0x41/0x80 [ 19.521142] ? __pfx_kthread+0x10/0x10 [ 19.521990] ret_from_fork_asm+0x1a/0x30 [ 19.522457] </TASK> [ 19.523101] [ 19.523514] The buggy address belongs to the physical page: [ 19.524125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 19.524530] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.525021] flags: 0x200000000000040(head|node=0|zone=2) [ 19.525446] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.525923] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.526708] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.527245] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.527906] head: 0200000000000002 ffffea00040a8601 ffffffffffffffff 0000000000000000 [ 19.529682] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.530740] page dumped because: kasan: bad access detected [ 19.531393] [ 19.531926] Memory state around the buggy address: [ 19.532413] ffff888102a17f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.533010] ffff888102a17f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.533660] >ffff888102a18000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.534637] ^ [ 19.534990] ffff888102a18080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.535410] ffff888102a18100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.536704] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 19.456819] ================================================================== [ 19.457928] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 19.458527] Read of size 1 at addr ffff888102abc000 by task kunit_try_catch/155 [ 19.459094] [ 19.459315] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.460224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.460731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.461744] Call Trace: [ 19.462518] <TASK> [ 19.462841] dump_stack_lvl+0x73/0xb0 [ 19.463449] print_report+0xd1/0x640 [ 19.464086] ? __virt_addr_valid+0x1db/0x2d0 [ 19.464671] ? kasan_addr_to_slab+0x11/0xa0 [ 19.465334] kasan_report+0x102/0x140 [ 19.465710] ? kmalloc_large_uaf+0x2f3/0x340 [ 19.466369] ? kmalloc_large_uaf+0x2f3/0x340 [ 19.466968] __asan_report_load1_noabort+0x18/0x20 [ 19.467913] kmalloc_large_uaf+0x2f3/0x340 [ 19.468398] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 19.468715] ? __schedule+0xc3e/0x2790 [ 19.468996] ? __pfx_read_tsc+0x10/0x10 [ 19.469547] ? ktime_get_ts64+0x84/0x230 [ 19.470456] kunit_try_run_case+0x1b3/0x490 [ 19.471008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.471769] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.472357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.472927] ? __kthread_parkme+0x82/0x160 [ 19.473278] ? preempt_count_sub+0x50/0x80 [ 19.474219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.475327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.475727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.476460] kthread+0x257/0x310 [ 19.477101] ? __pfx_kthread+0x10/0x10 [ 19.477425] ret_from_fork+0x41/0x80 [ 19.477913] ? __pfx_kthread+0x10/0x10 [ 19.478675] ret_from_fork_asm+0x1a/0x30 [ 19.479063] </TASK> [ 19.479480] [ 19.479791] The buggy address belongs to the physical page: [ 19.480512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abc [ 19.481441] flags: 0x200000000000000(node=0|zone=2) [ 19.481920] raw: 0200000000000000 ffffea00040ab008 ffff888154a3f000 0000000000000000 [ 19.482676] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.483130] page dumped because: kasan: bad access detected [ 19.484215] [ 19.484436] Memory state around the buggy address: [ 19.484885] ffff888102abbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.485535] ffff888102abbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.486290] >ffff888102abc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.486931] ^ [ 19.487445] ffff888102abc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.488417] ffff888102abc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.489073] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 19.413593] ================================================================== [ 19.414833] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 19.415675] Write of size 1 at addr ffff888102a1a00a by task kunit_try_catch/153 [ 19.416280] [ 19.416470] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.418239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.418805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.419398] Call Trace: [ 19.419743] <TASK> [ 19.420405] dump_stack_lvl+0x73/0xb0 [ 19.420817] print_report+0xd1/0x640 [ 19.421247] ? __virt_addr_valid+0x1db/0x2d0 [ 19.421590] ? kasan_addr_to_slab+0x11/0xa0 [ 19.422281] kasan_report+0x102/0x140 [ 19.422985] ? kmalloc_large_oob_right+0x2eb/0x340 [ 19.423716] ? kmalloc_large_oob_right+0x2eb/0x340 [ 19.424414] __asan_report_store1_noabort+0x1b/0x30 [ 19.424865] kmalloc_large_oob_right+0x2eb/0x340 [ 19.425304] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 19.425692] ? __pfx_read_tsc+0x10/0x10 [ 19.426375] ? ktime_get_ts64+0x84/0x230 [ 19.426909] kunit_try_run_case+0x1b3/0x490 [ 19.427625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.428366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.428882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.429294] ? __kthread_parkme+0x82/0x160 [ 19.429618] ? preempt_count_sub+0x50/0x80 [ 19.430066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.430673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.431352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.432136] kthread+0x257/0x310 [ 19.432538] ? __pfx_kthread+0x10/0x10 [ 19.432869] ret_from_fork+0x41/0x80 [ 19.433444] ? __pfx_kthread+0x10/0x10 [ 19.433940] ret_from_fork_asm+0x1a/0x30 [ 19.434471] </TASK> [ 19.434806] [ 19.435236] The buggy address belongs to the physical page: [ 19.435740] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 19.436480] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.437248] flags: 0x200000000000040(head|node=0|zone=2) [ 19.437858] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.438519] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.439375] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.440165] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.440823] head: 0200000000000002 ffffea00040a8601 ffffffffffffffff 0000000000000000 [ 19.441600] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.442433] page dumped because: kasan: bad access detected [ 19.442884] [ 19.443048] Memory state around the buggy address: [ 19.443437] ffff888102a19f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.444018] ffff888102a19f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.445372] >ffff888102a1a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.446182] ^ [ 19.446610] ffff888102a1a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.447378] ffff888102a1a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.447806] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 19.361519] ================================================================== [ 19.362679] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 19.363362] Write of size 1 at addr ffff888102a99f00 by task kunit_try_catch/151 [ 19.364091] [ 19.364435] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.365200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.365781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.366907] Call Trace: [ 19.367297] <TASK> [ 19.367529] dump_stack_lvl+0x73/0xb0 [ 19.368198] print_report+0xd1/0x640 [ 19.368996] ? __virt_addr_valid+0x1db/0x2d0 [ 19.369661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.370436] kasan_report+0x102/0x140 [ 19.371002] ? kmalloc_big_oob_right+0x318/0x370 [ 19.371623] ? kmalloc_big_oob_right+0x318/0x370 [ 19.372547] __asan_report_store1_noabort+0x1b/0x30 [ 19.373121] kmalloc_big_oob_right+0x318/0x370 [ 19.373629] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 19.374353] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 19.375034] kunit_try_run_case+0x1b3/0x490 [ 19.375742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.376268] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.376530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.376901] ? __kthread_parkme+0x82/0x160 [ 19.377918] ? preempt_count_sub+0x50/0x80 [ 19.378574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.378999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.379444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.379821] kthread+0x257/0x310 [ 19.380203] ? __pfx_kthread+0x10/0x10 [ 19.380847] ret_from_fork+0x41/0x80 [ 19.381292] ? __pfx_kthread+0x10/0x10 [ 19.381774] ret_from_fork_asm+0x1a/0x30 [ 19.382371] </TASK> [ 19.382630] [ 19.382861] Allocated by task 151: [ 19.383684] kasan_save_stack+0x3d/0x60 [ 19.384225] kasan_save_track+0x18/0x40 [ 19.384698] kasan_save_alloc_info+0x3b/0x50 [ 19.385147] __kasan_kmalloc+0xb7/0xc0 [ 19.385570] __kmalloc_cache_noprof+0x184/0x410 [ 19.386213] kmalloc_big_oob_right+0xaa/0x370 [ 19.386639] kunit_try_run_case+0x1b3/0x490 [ 19.387003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.387476] kthread+0x257/0x310 [ 19.387774] ret_from_fork+0x41/0x80 [ 19.388166] ret_from_fork_asm+0x1a/0x30 [ 19.388532] [ 19.388697] The buggy address belongs to the object at ffff888102a98000 [ 19.388697] which belongs to the cache kmalloc-8k of size 8192 [ 19.389823] The buggy address is located 0 bytes to the right of [ 19.389823] allocated 7936-byte region [ffff888102a98000, ffff888102a99f00) [ 19.391376] [ 19.391693] The buggy address belongs to the physical page: [ 19.392360] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a98 [ 19.393611] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.395428] flags: 0x200000000000040(head|node=0|zone=2) [ 19.395965] page_type: f5(slab) [ 19.396360] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 19.397030] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 19.397566] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 19.398251] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 19.399269] head: 0200000000000003 ffffea00040aa601 ffffffffffffffff 0000000000000000 [ 19.399812] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 19.400468] page dumped because: kasan: bad access detected [ 19.400945] [ 19.401146] Memory state around the buggy address: [ 19.401821] ffff888102a99e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.402746] ffff888102a99e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.403536] >ffff888102a99f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.404267] ^ [ 19.404640] ffff888102a99f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.405330] ffff888102a9a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406097] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 19.281634] ================================================================== [ 19.282898] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 19.283773] Write of size 1 at addr ffff8881028b4778 by task kunit_try_catch/149 [ 19.284721] [ 19.284964] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.286698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.286998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.287775] Call Trace: [ 19.288077] <TASK> [ 19.288367] dump_stack_lvl+0x73/0xb0 [ 19.288938] print_report+0xd1/0x640 [ 19.289406] ? __virt_addr_valid+0x1db/0x2d0 [ 19.289906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.290358] kasan_report+0x102/0x140 [ 19.290927] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 19.291674] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 19.292390] __asan_report_store1_noabort+0x1b/0x30 [ 19.293079] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 19.293637] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 19.294424] ? __schedule+0xc3e/0x2790 [ 19.294854] ? __pfx_read_tsc+0x10/0x10 [ 19.295354] ? ktime_get_ts64+0x84/0x230 [ 19.295770] kunit_try_run_case+0x1b3/0x490 [ 19.296140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.296816] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.297437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.297913] ? __kthread_parkme+0x82/0x160 [ 19.298543] ? preempt_count_sub+0x50/0x80 [ 19.299232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.299671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.300432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.300867] kthread+0x257/0x310 [ 19.301411] ? __pfx_kthread+0x10/0x10 [ 19.301850] ret_from_fork+0x41/0x80 [ 19.302267] ? __pfx_kthread+0x10/0x10 [ 19.302588] ret_from_fork_asm+0x1a/0x30 [ 19.303050] </TASK> [ 19.303329] [ 19.303518] Allocated by task 149: [ 19.303878] kasan_save_stack+0x3d/0x60 [ 19.304446] kasan_save_track+0x18/0x40 [ 19.304842] kasan_save_alloc_info+0x3b/0x50 [ 19.305406] __kasan_kmalloc+0xb7/0xc0 [ 19.305890] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 19.306509] kmalloc_track_caller_oob_right+0x9a/0x530 [ 19.307203] kunit_try_run_case+0x1b3/0x490 [ 19.307512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.308218] kthread+0x257/0x310 [ 19.308617] ret_from_fork+0x41/0x80 [ 19.308998] ret_from_fork_asm+0x1a/0x30 [ 19.309567] [ 19.309765] The buggy address belongs to the object at ffff8881028b4700 [ 19.309765] which belongs to the cache kmalloc-128 of size 128 [ 19.310610] The buggy address is located 0 bytes to the right of [ 19.310610] allocated 120-byte region [ffff8881028b4700, ffff8881028b4778) [ 19.311296] [ 19.311461] The buggy address belongs to the physical page: [ 19.312043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b4 [ 19.314006] flags: 0x200000000000000(node=0|zone=2) [ 19.315166] page_type: f5(slab) [ 19.315558] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.316201] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.317150] page dumped because: kasan: bad access detected [ 19.317725] [ 19.318089] Memory state around the buggy address: [ 19.318619] ffff8881028b4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 19.319400] ffff8881028b4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320762] >ffff8881028b4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.321568] ^ [ 19.322327] ffff8881028b4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.322781] ffff8881028b4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.323409] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 19.223721] ================================================================== [ 19.224574] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 19.225829] Read of size 1 at addr ffff88810296d000 by task kunit_try_catch/147 [ 19.226931] [ 19.227511] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.228793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.229174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.230696] Call Trace: [ 19.230909] <TASK> [ 19.231240] dump_stack_lvl+0x73/0xb0 [ 19.232074] print_report+0xd1/0x640 [ 19.232512] ? __virt_addr_valid+0x1db/0x2d0 [ 19.233557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.234363] kasan_report+0x102/0x140 [ 19.234821] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 19.235264] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 19.235644] __asan_report_load1_noabort+0x18/0x20 [ 19.236650] kmalloc_node_oob_right+0x36b/0x3d0 [ 19.237454] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 19.238217] ? __schedule+0xc3e/0x2790 [ 19.238747] ? __pfx_read_tsc+0x10/0x10 [ 19.239032] ? ktime_get_ts64+0x84/0x230 [ 19.239633] kunit_try_run_case+0x1b3/0x490 [ 19.240682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.241230] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.241613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.242184] ? __kthread_parkme+0x82/0x160 [ 19.242713] ? preempt_count_sub+0x50/0x80 [ 19.243235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.243661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.244249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.244670] kthread+0x257/0x310 [ 19.245059] ? __pfx_kthread+0x10/0x10 [ 19.245468] ret_from_fork+0x41/0x80 [ 19.246161] ? __pfx_kthread+0x10/0x10 [ 19.246569] ret_from_fork_asm+0x1a/0x30 [ 19.247805] </TASK> [ 19.248308] [ 19.248552] Allocated by task 147: [ 19.249101] kasan_save_stack+0x3d/0x60 [ 19.249426] kasan_save_track+0x18/0x40 [ 19.249907] kasan_save_alloc_info+0x3b/0x50 [ 19.250682] __kasan_kmalloc+0xb7/0xc0 [ 19.251098] __kmalloc_cache_node_noprof+0x183/0x420 [ 19.251430] kmalloc_node_oob_right+0xac/0x3d0 [ 19.252147] kunit_try_run_case+0x1b3/0x490 [ 19.252620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.253190] kthread+0x257/0x310 [ 19.253578] ret_from_fork+0x41/0x80 [ 19.253967] ret_from_fork_asm+0x1a/0x30 [ 19.254401] [ 19.255218] The buggy address belongs to the object at ffff88810296c000 [ 19.255218] which belongs to the cache kmalloc-4k of size 4096 [ 19.256196] The buggy address is located 0 bytes to the right of [ 19.256196] allocated 4096-byte region [ffff88810296c000, ffff88810296d000) [ 19.257418] [ 19.257712] The buggy address belongs to the physical page: [ 19.258754] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102968 [ 19.259867] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.260787] flags: 0x200000000000040(head|node=0|zone=2) [ 19.261740] page_type: f5(slab) [ 19.262100] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 19.262783] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 19.263311] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 19.264556] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 19.265391] head: 0200000000000003 ffffea00040a5a01 ffffffffffffffff 0000000000000000 [ 19.266221] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 19.266807] page dumped because: kasan: bad access detected [ 19.267892] [ 19.268379] Memory state around the buggy address: [ 19.268874] ffff88810296cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.270128] ffff88810296cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.270564] >ffff88810296d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.271356] ^ [ 19.272415] ffff88810296d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.273471] ffff88810296d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.273842] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 19.159946] ================================================================== [ 19.160880] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 19.161651] Read of size 1 at addr ffff8881028a701f by task kunit_try_catch/145 [ 19.162380] [ 19.163111] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 19.163964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.164533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.165053] Call Trace: [ 19.165415] <TASK> [ 19.165784] dump_stack_lvl+0x73/0xb0 [ 19.166188] print_report+0xd1/0x640 [ 19.166677] ? __virt_addr_valid+0x1db/0x2d0 [ 19.167021] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.167536] kasan_report+0x102/0x140 [ 19.167903] ? kmalloc_oob_left+0x363/0x3c0 [ 19.168284] ? kmalloc_oob_left+0x363/0x3c0 [ 19.168794] __asan_report_load1_noabort+0x18/0x20 [ 19.169307] kmalloc_oob_left+0x363/0x3c0 [ 19.169905] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 19.170281] ? __schedule+0xc3e/0x2790 [ 19.170777] ? __pfx_read_tsc+0x10/0x10 [ 19.171140] ? ktime_get_ts64+0x84/0x230 [ 19.171441] kunit_try_run_case+0x1b3/0x490 [ 19.171945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.172471] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.173070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.173430] ? __kthread_parkme+0x82/0x160 [ 19.173985] ? preempt_count_sub+0x50/0x80 [ 19.174461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.175620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.176133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.176507] kthread+0x257/0x310 [ 19.176935] ? __pfx_kthread+0x10/0x10 [ 19.177382] ret_from_fork+0x41/0x80 [ 19.177755] ? __pfx_kthread+0x10/0x10 [ 19.178504] ret_from_fork_asm+0x1a/0x30 [ 19.178995] </TASK> [ 19.179379] [ 19.179889] Allocated by task 1: [ 19.180350] kasan_save_stack+0x3d/0x60 [ 19.180661] kasan_save_track+0x18/0x40 [ 19.180968] kasan_save_alloc_info+0x3b/0x50 [ 19.181509] __kasan_kmalloc+0xb7/0xc0 [ 19.182237] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 19.183095] kvasprintf+0xc6/0x150 [ 19.183463] __kthread_create_on_node+0x18c/0x3a0 [ 19.184182] kthread_create_on_node+0xa8/0xe0 [ 19.184687] cryptomgr_notify+0x704/0x9f0 [ 19.184975] notifier_call_chain+0xcb/0x250 [ 19.185298] blocking_notifier_call_chain+0x64/0x90 [ 19.185782] crypto_alg_mod_lookup+0x214/0x420 [ 19.186337] crypto_alloc_tfm_node+0xc5/0x1f0 [ 19.187468] crypto_alloc_sig+0x23/0x30 [ 19.188310] public_key_verify_signature+0x1b1/0x990 [ 19.188983] x509_check_for_self_signed+0x2cb/0x480 [ 19.189645] x509_cert_parse+0x59c/0x830 [ 19.190167] x509_key_preparse+0x68/0x8a0 [ 19.190666] asymmetric_key_preparse+0xb1/0x160 [ 19.191180] __key_create_or_update+0x407/0xc90 [ 19.191703] key_create_or_update+0x17/0x20 [ 19.192259] x509_load_certificate_list+0x174/0x200 [ 19.192857] regulatory_init_db+0xee/0x3a0 [ 19.193282] do_one_initcall+0xb5/0x370 [ 19.193824] kernel_init_freeable+0x425/0x6f0 [ 19.194248] kernel_init+0x23/0x1e0 [ 19.194697] ret_from_fork+0x41/0x80 [ 19.195182] ret_from_fork_asm+0x1a/0x30 [ 19.195751] [ 19.196033] Freed by task 0: [ 19.196448] kasan_save_stack+0x3d/0x60 [ 19.197105] kasan_save_track+0x18/0x40 [ 19.197551] kasan_save_free_info+0x3f/0x60 [ 19.198387] __kasan_slab_free+0x56/0x70 [ 19.198973] kfree+0x123/0x3f0 [ 19.199396] free_kthread_struct+0xeb/0x150 [ 19.199985] free_task+0xf3/0x130 [ 19.200440] __put_task_struct+0x1c8/0x480 [ 19.201020] delayed_put_task_struct+0x10a/0x150 [ 19.201468] rcu_core+0x680/0x1d70 [ 19.201922] rcu_core_si+0x12/0x20 [ 19.202277] handle_softirqs+0x209/0x720 [ 19.202799] __irq_exit_rcu+0xc9/0x110 [ 19.203201] irq_exit_rcu+0x12/0x20 [ 19.203678] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.204163] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.204644] [ 19.204848] The buggy address belongs to the object at ffff8881028a7000 [ 19.204848] which belongs to the cache kmalloc-16 of size 16 [ 19.205928] The buggy address is located 15 bytes to the right of [ 19.205928] allocated 16-byte region [ffff8881028a7000, ffff8881028a7010) [ 19.206828] [ 19.207104] The buggy address belongs to the physical page: [ 19.207524] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a7 [ 19.207983] flags: 0x200000000000000(node=0|zone=2) [ 19.208506] page_type: f5(slab) [ 19.208944] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.209674] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 19.210278] page dumped because: kasan: bad access detected [ 19.210667] [ 19.210932] Memory state around the buggy address: [ 19.211432] ffff8881028a6f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.212118] ffff8881028a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.212620] >ffff8881028a7000: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 19.212991] ^ [ 19.213403] ffff8881028a7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214128] ffff8881028a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214820] ==================================================================
Failure - kunit - _kasan
_kasan fail