Date
Nov. 26, 2024, 6:09 a.m.
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 34.024958] ================================================================== [ 34.025120] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 34.025120] [ 34.025120] Use-after-free read at 0x(____ptrval____) (in kfence-#107): [ 34.025120] test_use_after_free_read+0x12a/0x270 [ 34.025120] kunit_try_run_case+0x1b3/0x490 [ 34.025120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.025120] kthread+0x257/0x310 [ 34.025120] ret_from_fork+0x41/0x80 [ 34.025120] ret_from_fork_asm+0x1a/0x30 [ 34.025120] [ 34.025120] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.025120] [ 34.025120] allocated by task 306 on cpu 0 at 34.024740s (0.000380s ago): [ 34.025120] test_alloc+0x2a7/0x10d0 [ 34.025120] test_use_after_free_read+0xdd/0x270 [ 34.025120] kunit_try_run_case+0x1b3/0x490 [ 34.025120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.025120] kthread+0x257/0x310 [ 34.025120] ret_from_fork+0x41/0x80 [ 34.025120] ret_from_fork_asm+0x1a/0x30 [ 34.025120] [ 34.025120] freed by task 306 on cpu 0 at 34.024831s (0.000288s ago): [ 34.025120] test_use_after_free_read+0xfc/0x270 [ 34.025120] kunit_try_run_case+0x1b3/0x490 [ 34.025120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.025120] kthread+0x257/0x310 [ 34.025120] ret_from_fork+0x41/0x80 [ 34.025120] ret_from_fork_asm+0x1a/0x30 [ 34.025120] [ 34.025120] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.025120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.025120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.025120] ================================================================== [ 33.921126] ================================================================== [ 33.921126] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.921126] [ 33.921126] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 33.921126] test_use_after_free_read+0x12a/0x270 [ 33.921126] kunit_try_run_case+0x1b3/0x490 [ 33.921126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.921126] kthread+0x257/0x310 [ 33.921126] ret_from_fork+0x41/0x80 [ 33.921126] ret_from_fork_asm+0x1a/0x30 [ 33.921126] [ 33.921126] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.921126] [ 33.921126] allocated by task 304 on cpu 0 at 33.920769s (0.000357s ago): [ 33.921126] test_alloc+0x35f/0x10d0 [ 33.921126] test_use_after_free_read+0xdd/0x270 [ 33.921126] kunit_try_run_case+0x1b3/0x490 [ 33.921126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.921126] kthread+0x257/0x310 [ 33.921126] ret_from_fork+0x41/0x80 [ 33.921126] ret_from_fork_asm+0x1a/0x30 [ 33.921126] [ 33.921126] freed by task 304 on cpu 0 at 33.920885s (0.000240s ago): [ 33.921126] test_use_after_free_read+0x1e9/0x270 [ 33.921126] kunit_try_run_case+0x1b3/0x490 [ 33.921126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.921126] kthread+0x257/0x310 [ 33.921126] ret_from_fork+0x41/0x80 [ 33.921126] ret_from_fork_asm+0x1a/0x30 [ 33.921126] [ 33.921126] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.921126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.921126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.921126] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 33.816831] ================================================================== [ 33.817122] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.817122] [ 33.817122] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#105): [ 33.817122] test_out_of_bounds_write+0x10e/0x260 [ 33.817122] kunit_try_run_case+0x1b3/0x490 [ 33.817122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.817122] kthread+0x257/0x310 [ 33.817122] ret_from_fork+0x41/0x80 [ 33.817122] ret_from_fork_asm+0x1a/0x30 [ 33.817122] [ 33.817122] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.817122] [ 33.817122] allocated by task 302 on cpu 1 at 33.816740s (0.000381s ago): [ 33.817122] test_alloc+0x2a7/0x10d0 [ 33.817122] test_out_of_bounds_write+0xd5/0x260 [ 33.817122] kunit_try_run_case+0x1b3/0x490 [ 33.817122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.817122] kthread+0x257/0x310 [ 33.817122] ret_from_fork+0x41/0x80 [ 33.817122] ret_from_fork_asm+0x1a/0x30 [ 33.817122] [ 33.817122] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.817122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.817122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.817122] ================================================================== [ 33.712942] ================================================================== [ 33.713121] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.713121] [ 33.713121] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#104): [ 33.713121] test_out_of_bounds_write+0x10e/0x260 [ 33.713121] kunit_try_run_case+0x1b3/0x490 [ 33.713121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.713121] kthread+0x257/0x310 [ 33.713121] ret_from_fork+0x41/0x80 [ 33.713121] ret_from_fork_asm+0x1a/0x30 [ 33.713121] [ 33.713121] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.713121] [ 33.713121] allocated by task 300 on cpu 0 at 33.712734s (0.000387s ago): [ 33.713121] test_alloc+0x35f/0x10d0 [ 33.713121] test_out_of_bounds_write+0xd5/0x260 [ 33.713121] kunit_try_run_case+0x1b3/0x490 [ 33.713121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.713121] kthread+0x257/0x310 [ 33.713121] ret_from_fork+0x41/0x80 [ 33.713121] ret_from_fork_asm+0x1a/0x30 [ 33.713121] [ 33.713121] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.713121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.713121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.713121] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 222.250270] WARNING: CPU: 1 PID: 2239 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 222.252641] Modules linked in: [ 222.253574] CPU: 1 UID: 0 PID: 2239 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 222.255221] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.255769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.256139] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 222.257699] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.259866] RSP: 0000:ffff888106577ce8 EFLAGS: 00010286 [ 222.261098] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 222.261855] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff93a09674 [ 222.263000] RBP: ffff888106577d10 R08: 0000000000000001 R09: ffffed1020caefa0 [ 222.263811] R10: 0000000000000003 R11: 0000000000000000 R12: ffffffff93a09660 [ 222.264443] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106577da8 [ 222.264699] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 222.265928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.266160] CR2: 00007ffff7ffe000 CR3: 0000000011ab8000 CR4: 00000000000006f0 [ 222.268790] DR0: ffffffff959eb1a0 DR1: ffffffff959eb1a1 DR2: ffffffff959eb1a3 [ 222.269599] DR3: ffffffff959eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.271055] Call Trace: [ 222.271389] <TASK> [ 222.271567] ? show_regs+0x68/0x80 [ 222.272012] ? __warn+0xd5/0x260 [ 222.272791] ? drm_rect_calc_vscale+0x130/0x190 [ 222.273763] ? report_bug+0x278/0x2e0 [ 222.274567] ? handle_bug+0x5c/0xb0 [ 222.275534] ? exc_invalid_op+0x1c/0x50 [ 222.275921] ? asm_exc_invalid_op+0x1f/0x30 [ 222.276773] ? drm_rect_calc_vscale+0x130/0x190 [ 222.277605] ? __pfx_read_hpet+0x10/0x10 [ 222.278738] drm_test_rect_calc_vscale+0x109/0x270 [ 222.279747] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 222.280532] ? __schedule+0xc3e/0x2790 [ 222.281322] ? ktime_get_ts64+0x84/0x230 [ 222.282041] kunit_try_run_case+0x1b3/0x490 [ 222.282700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.283785] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.284535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.285182] ? __kthread_parkme+0x82/0x160 [ 222.286225] ? preempt_count_sub+0x50/0x80 [ 222.286616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.287512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.288011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.288951] kthread+0x257/0x310 [ 222.289834] ? __pfx_kthread+0x10/0x10 [ 222.290396] ret_from_fork+0x41/0x80 [ 222.290828] ? __pfx_kthread+0x10/0x10 [ 222.291118] ret_from_fork_asm+0x1a/0x30 [ 222.291725] </TASK> [ 222.292019] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 222.200752] WARNING: CPU: 1 PID: 2237 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 222.202248] Modules linked in: [ 222.203955] CPU: 1 UID: 0 PID: 2237 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 222.204577] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.205380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.207392] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 222.208435] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.210419] RSP: 0000:ffff8881080dfce8 EFLAGS: 00010286 [ 222.210998] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 222.212526] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff93a0963c [ 222.213054] RBP: ffff8881080dfd10 R08: 0000000000000001 R09: ffffed102101bfa0 [ 222.214102] R10: 0000000000000003 R11: 0000000000000000 R12: ffffffff93a09628 [ 222.214868] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881080dfda8 [ 222.216094] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 222.217479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.218391] CR2: 00007ffff7ffe000 CR3: 0000000011ab8000 CR4: 00000000000006f0 [ 222.219250] DR0: ffffffff959eb1a0 DR1: ffffffff959eb1a1 DR2: ffffffff959eb1a3 [ 222.219987] DR3: ffffffff959eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.220961] Call Trace: [ 222.221618] <TASK> [ 222.221978] ? show_regs+0x68/0x80 [ 222.222461] ? __warn+0xd5/0x260 [ 222.224341] ? drm_rect_calc_vscale+0x130/0x190 [ 222.224757] ? report_bug+0x278/0x2e0 [ 222.225753] ? handle_bug+0x5c/0xb0 [ 222.226133] ? exc_invalid_op+0x1c/0x50 [ 222.226314] ? asm_exc_invalid_op+0x1f/0x30 [ 222.226314] ? drm_rect_calc_vscale+0x130/0x190 [ 222.226314] ? __pfx_read_hpet+0x10/0x10 [ 222.226314] drm_test_rect_calc_vscale+0x109/0x270 [ 222.228587] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 222.229052] ? __schedule+0xc3e/0x2790 [ 222.229637] ? ktime_get_ts64+0x84/0x230 [ 222.230498] kunit_try_run_case+0x1b3/0x490 [ 222.231021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.231878] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.232165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.233358] ? __kthread_parkme+0x82/0x160 [ 222.233882] ? preempt_count_sub+0x50/0x80 [ 222.234570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.235051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.235878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.236815] kthread+0x257/0x310 [ 222.237458] ? __pfx_kthread+0x10/0x10 [ 222.237935] ret_from_fork+0x41/0x80 [ 222.238610] ? __pfx_kthread+0x10/0x10 [ 222.239829] ret_from_fork_asm+0x1a/0x30 [ 222.240286] </TASK> [ 222.240881] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 222.076019] WARNING: CPU: 1 PID: 2225 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 222.077718] Modules linked in: [ 222.078807] CPU: 1 UID: 0 PID: 2225 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 222.080007] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.081529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.082610] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 222.083214] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.085601] RSP: 0000:ffff8881080efce8 EFLAGS: 00010286 [ 222.086426] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 222.087362] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff93a09640 [ 222.088116] RBP: ffff8881080efd10 R08: 0000000000000001 R09: ffffed102101dfa0 [ 222.089799] R10: 0000000000000003 R11: 0000000000000000 R12: ffffffff93a09628 [ 222.090405] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881080efda8 [ 222.091613] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 222.092220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.092945] CR2: 00007ffff7ffe000 CR3: 0000000011ab8000 CR4: 00000000000006f0 [ 222.093752] DR0: ffffffff959eb1a0 DR1: ffffffff959eb1a1 DR2: ffffffff959eb1a3 [ 222.094728] DR3: ffffffff959eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.095579] Call Trace: [ 222.096409] <TASK> [ 222.096731] ? show_regs+0x68/0x80 [ 222.097111] ? __warn+0xd5/0x260 [ 222.097591] ? drm_rect_calc_hscale+0x125/0x190 [ 222.097977] ? report_bug+0x278/0x2e0 [ 222.098938] ? handle_bug+0x5c/0xb0 [ 222.099290] ? exc_invalid_op+0x1c/0x50 [ 222.100186] ? asm_exc_invalid_op+0x1f/0x30 [ 222.101775] ? drm_rect_calc_hscale+0x125/0x190 [ 222.102203] ? __pfx_read_hpet+0x10/0x10 [ 222.103039] drm_test_rect_calc_hscale+0x109/0x270 [ 222.103950] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 222.105262] ? __schedule+0xc3e/0x2790 [ 222.105770] ? ktime_get_ts64+0x84/0x230 [ 222.106948] kunit_try_run_case+0x1b3/0x490 [ 222.107479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.108182] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.108984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.109586] ? __kthread_parkme+0x82/0x160 [ 222.110257] ? preempt_count_sub+0x50/0x80 [ 222.111421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.111949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.112838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.113511] kthread+0x257/0x310 [ 222.114042] ? __pfx_kthread+0x10/0x10 [ 222.115080] ret_from_fork+0x41/0x80 [ 222.115617] ? __pfx_kthread+0x10/0x10 [ 222.116024] ret_from_fork_asm+0x1a/0x30 [ 222.116852] </TASK> [ 222.117142] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 222.125978] WARNING: CPU: 0 PID: 2227 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 222.127939] Modules linked in: [ 222.128718] CPU: 0 UID: 0 PID: 2227 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 222.131472] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.131922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.133578] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 222.134155] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.135953] RSP: 0000:ffff8881060afce8 EFLAGS: 00010286 [ 222.137031] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 222.138429] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff93a09678 [ 222.139064] RBP: ffff8881060afd10 R08: 0000000000000001 R09: ffffed1020c15fa0 [ 222.140319] R10: 0000000000000003 R11: 0000000000000000 R12: ffffffff93a09660 [ 222.141423] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881060afda8 [ 222.142550] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 222.143345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.144387] CR2: 00007ffff7ffe000 CR3: 0000000011ab8000 CR4: 00000000000006f0 [ 222.144970] DR0: ffffffff959eb1a0 DR1: ffffffff959eb1a1 DR2: ffffffff959eb1a2 [ 222.146117] DR3: ffffffff959eb1a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.147284] Call Trace: [ 222.147532] <TASK> [ 222.148534] ? show_regs+0x68/0x80 [ 222.148918] ? __warn+0xd5/0x260 [ 222.149573] ? drm_rect_calc_hscale+0x125/0x190 [ 222.150292] ? report_bug+0x278/0x2e0 [ 222.150659] ? handle_bug+0x5c/0xb0 [ 222.151293] ? exc_invalid_op+0x1c/0x50 [ 222.151740] ? asm_exc_invalid_op+0x1f/0x30 [ 222.152848] ? drm_rect_calc_hscale+0x125/0x190 [ 222.153502] ? __pfx_read_hpet+0x10/0x10 [ 222.153946] drm_test_rect_calc_hscale+0x109/0x270 [ 222.154330] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 222.155265] ? __schedule+0xc3e/0x2790 [ 222.155602] ? ktime_get_ts64+0x84/0x230 [ 222.156668] kunit_try_run_case+0x1b3/0x490 [ 222.157541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.157895] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.158704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.159154] ? __kthread_parkme+0x82/0x160 [ 222.159834] ? preempt_count_sub+0x50/0x80 [ 222.160938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.162092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.162616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.163167] kthread+0x257/0x310 [ 222.163622] ? __pfx_kthread+0x10/0x10 [ 222.163936] ret_from_fork+0x41/0x80 [ 222.165024] ? __pfx_kthread+0x10/0x10 [ 222.165759] ret_from_fork_asm+0x1a/0x30 [ 222.166456] </TASK> [ 222.166808] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 33.297123] ================================================================== [ 33.297123] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 33.297123] [ 33.297123] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#100): [ 33.297123] test_out_of_bounds_read+0x127/0x4e0 [ 33.297123] kunit_try_run_case+0x1b3/0x490 [ 33.297123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.297123] kthread+0x257/0x310 [ 33.297123] ret_from_fork+0x41/0x80 [ 33.297123] ret_from_fork_asm+0x1a/0x30 [ 33.297123] [ 33.297123] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.297123] [ 33.297123] allocated by task 296 on cpu 0 at 33.296711s (0.000411s ago): [ 33.297123] test_alloc+0x35f/0x10d0 [ 33.297123] test_out_of_bounds_read+0xee/0x4e0 [ 33.297123] kunit_try_run_case+0x1b3/0x490 [ 33.297123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.297123] kthread+0x257/0x310 [ 33.297123] ret_from_fork+0x41/0x80 [ 33.297123] ret_from_fork_asm+0x1a/0x30 [ 33.297123] [ 33.297123] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.297123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.297123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.297123] ================================================================== [ 33.608826] ================================================================== [ 33.609122] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.609122] [ 33.609122] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#103): [ 33.609122] test_out_of_bounds_read+0x217/0x4e0 [ 33.609122] kunit_try_run_case+0x1b3/0x490 [ 33.609122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.609122] kthread+0x257/0x310 [ 33.609122] ret_from_fork+0x41/0x80 [ 33.609122] ret_from_fork_asm+0x1a/0x30 [ 33.609122] [ 33.609122] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.609122] [ 33.609122] allocated by task 298 on cpu 1 at 33.608738s (0.000384s ago): [ 33.609122] test_alloc+0x2a7/0x10d0 [ 33.609122] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.609122] kunit_try_run_case+0x1b3/0x490 [ 33.609122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.609122] kthread+0x257/0x310 [ 33.609122] ret_from_fork+0x41/0x80 [ 33.609122] ret_from_fork_asm+0x1a/0x30 [ 33.609122] [ 33.609122] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.609122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.609122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.609122] ================================================================== [ 33.504877] ================================================================== [ 33.505121] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 33.505121] [ 33.505121] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#102): [ 33.505121] test_out_of_bounds_read+0x127/0x4e0 [ 33.505121] kunit_try_run_case+0x1b3/0x490 [ 33.505121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.505121] kthread+0x257/0x310 [ 33.505121] ret_from_fork+0x41/0x80 [ 33.505121] ret_from_fork_asm+0x1a/0x30 [ 33.505121] [ 33.505121] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.505121] [ 33.505121] allocated by task 298 on cpu 1 at 33.504778s (0.000343s ago): [ 33.505121] test_alloc+0x2a7/0x10d0 [ 33.505121] test_out_of_bounds_read+0xee/0x4e0 [ 33.505121] kunit_try_run_case+0x1b3/0x490 [ 33.505121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.505121] kthread+0x257/0x310 [ 33.505121] ret_from_fork+0x41/0x80 [ 33.505121] ret_from_fork_asm+0x1a/0x30 [ 33.505121] [ 33.505121] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.505121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.505121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.505121] ================================================================== [ 33.401120] ================================================================== [ 33.401120] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.401120] [ 33.401120] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#101): [ 33.401120] test_out_of_bounds_read+0x217/0x4e0 [ 33.401120] kunit_try_run_case+0x1b3/0x490 [ 33.401120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.401120] kthread+0x257/0x310 [ 33.401120] ret_from_fork+0x41/0x80 [ 33.401120] ret_from_fork_asm+0x1a/0x30 [ 33.401120] [ 33.401120] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.401120] [ 33.401120] allocated by task 296 on cpu 0 at 33.400801s (0.000319s ago): [ 33.401120] test_alloc+0x35f/0x10d0 [ 33.401120] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.401120] kunit_try_run_case+0x1b3/0x490 [ 33.401120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.401120] kthread+0x257/0x310 [ 33.401120] ret_from_fork+0x41/0x80 [ 33.401120] ret_from_fork_asm+0x1a/0x30 [ 33.401120] [ 33.401120] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.401120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.401120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.401120] ==================================================================
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 24.683132] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 179.570167] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 65.226010] ================================================================== [ 65.226155] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 65.226155] [ 65.226155] Use-after-free read at 0x(____ptrval____) (in kfence-#176): [ 65.226155] test_krealloc+0x6fd/0xbe0 [ 65.226155] kunit_try_run_case+0x1b3/0x490 [ 65.226155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 65.226155] kthread+0x257/0x310 [ 65.226155] ret_from_fork+0x41/0x80 [ 65.226155] ret_from_fork_asm+0x1a/0x30 [ 65.226155] [ 65.226155] kfence-#176: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 65.226155] [ 65.226155] allocated by task 346 on cpu 0 at 65.224880s (0.001275s ago): [ 65.226155] test_alloc+0x35f/0x10d0 [ 65.226155] test_krealloc+0xae/0xbe0 [ 65.226155] kunit_try_run_case+0x1b3/0x490 [ 65.226155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 65.226155] kthread+0x257/0x310 [ 65.226155] ret_from_fork+0x41/0x80 [ 65.226155] ret_from_fork_asm+0x1a/0x30 [ 65.226155] [ 65.226155] freed by task 346 on cpu 0 at 65.225388s (0.000766s ago): [ 65.226155] krealloc_noprof+0x108/0x340 [ 65.226155] test_krealloc+0x227/0xbe0 [ 65.226155] kunit_try_run_case+0x1b3/0x490 [ 65.226155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 65.226155] kthread+0x257/0x310 [ 65.226155] ret_from_fork+0x41/0x80 [ 65.226155] ret_from_fork_asm+0x1a/0x30 [ 65.226155] [ 65.226155] CPU: 0 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 65.226155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.226155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 65.226155] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 65.127625] ================================================================== [ 65.128143] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 65.128143] [ 65.128143] Use-after-free read at 0x(____ptrval____) (in kfence-#175): [ 65.128143] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 65.128143] kunit_try_run_case+0x1b3/0x490 [ 65.128143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 65.128143] kthread+0x257/0x310 [ 65.128143] ret_from_fork+0x41/0x80 [ 65.128143] ret_from_fork_asm+0x1a/0x30 [ 65.128143] [ 65.128143] kfence-#175: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 65.128143] [ 65.128143] allocated by task 344 on cpu 1 at 65.121706s (0.006436s ago): [ 65.128143] test_alloc+0x2a7/0x10d0 [ 65.128143] test_memcache_typesafe_by_rcu+0x170/0x670 [ 65.128143] kunit_try_run_case+0x1b3/0x490 [ 65.128143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 65.128143] kthread+0x257/0x310 [ 65.128143] ret_from_fork+0x41/0x80 [ 65.128143] ret_from_fork_asm+0x1a/0x30 [ 65.128143] [ 65.128143] freed by task 344 on cpu 1 at 65.121919s (0.006223s ago): [ 65.128143] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 65.128143] kunit_try_run_case+0x1b3/0x490 [ 65.128143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 65.128143] kthread+0x257/0x310 [ 65.128143] ret_from_fork+0x41/0x80 [ 65.128143] ret_from_fork_asm+0x1a/0x30 [ 65.128143] [ 65.128143] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 65.128143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.128143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 65.128143] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 40.917374] ================================================================== [ 40.918132] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 40.918132] [ 40.918156] Invalid read at 0x(____ptrval____): [ 40.918156] test_invalid_access+0xf1/0x210 [ 40.918156] kunit_try_run_case+0x1b3/0x490 [ 40.918156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.918156] kthread+0x257/0x310 [ 40.918156] ret_from_fork+0x41/0x80 [ 40.918156] ret_from_fork_asm+0x1a/0x30 [ 40.918156] [ 40.918156] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.918156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.918156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.918156] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 28.094146] ================================================================== [ 28.094634] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] Free of addr ffff888102949801 by task kunit_try_catch/250 [ 28.094634] [ 28.094634] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.094634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.094634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.094634] Call Trace: [ 28.094634] <TASK> [ 28.094634] dump_stack_lvl+0x73/0xb0 [ 28.094634] print_report+0xd1/0x640 [ 28.094634] ? __virt_addr_valid+0x1db/0x2d0 [ 28.094634] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.094634] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] kasan_report_invalid_free+0xc0/0xf0 [ 28.094634] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] check_slab_allocation+0x11f/0x130 [ 28.094634] __kasan_mempool_poison_object+0x91/0x1d0 [ 28.094634] mempool_free+0x2ec/0x380 [ 28.094634] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.094634] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 28.094634] ? read_hpet+0x1f0/0x230 [ 28.094634] ? ktime_get_ts64+0x84/0x230 [ 28.094634] ? trace_hardirqs_on+0x37/0xe0 [ 28.094634] mempool_kmalloc_invalid_free+0xb1/0x100 [ 28.094634] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 28.094634] ? __switch_to+0x5d9/0xf60 [ 28.094634] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.094634] ? __pfx_mempool_kfree+0x10/0x10 [ 28.094634] ? ktime_get_ts64+0x84/0x230 [ 28.094634] kunit_try_run_case+0x1b3/0x490 [ 28.094634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.094634] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.094634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.094634] ? __kthread_parkme+0x82/0x160 [ 28.094634] ? preempt_count_sub+0x50/0x80 [ 28.094634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.094634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.094634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.094634] kthread+0x257/0x310 [ 28.094634] ? __pfx_kthread+0x10/0x10 [ 28.094634] ret_from_fork+0x41/0x80 [ 28.094634] ? __pfx_kthread+0x10/0x10 [ 28.094634] ret_from_fork_asm+0x1a/0x30 [ 28.094634] </TASK> [ 28.094634] [ 28.094634] Allocated by task 250: [ 28.094634] kasan_save_stack+0x3d/0x60 [ 28.094634] kasan_save_track+0x18/0x40 [ 28.094634] kasan_save_alloc_info+0x3b/0x50 [ 28.094634] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 28.094634] remove_element+0x11e/0x190 [ 28.094634] mempool_alloc_preallocated+0x4d/0x90 [ 28.094634] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 28.094634] mempool_kmalloc_invalid_free+0xb1/0x100 [ 28.094634] kunit_try_run_case+0x1b3/0x490 [ 28.094634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.094634] kthread+0x257/0x310 [ 28.094634] ret_from_fork+0x41/0x80 [ 28.094634] ret_from_fork_asm+0x1a/0x30 [ 28.094634] [ 28.094634] The buggy address belongs to the object at ffff888102949800 [ 28.094634] which belongs to the cache kmalloc-128 of size 128 [ 28.094634] The buggy address is located 1 bytes inside of [ 28.094634] 128-byte region [ffff888102949800, ffff888102949880) [ 28.094634] [ 28.094634] The buggy address belongs to the physical page: [ 28.094634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102949 [ 28.094634] flags: 0x200000000000000(node=0|zone=2) [ 28.094634] page_type: f5(slab) [ 28.094634] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.094634] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.094634] page dumped because: kasan: bad access detected [ 28.094634] [ 28.094634] Memory state around the buggy address: [ 28.094634] ffff888102949700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.094634] ffff888102949780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.094634] >ffff888102949800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.094634] ^ [ 28.094634] ffff888102949880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.094634] ffff888102949900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.094634] ================================================================== [ 28.161745] ================================================================== [ 28.162147] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.162147] Free of addr ffff888102b24001 by task kunit_try_catch/252 [ 28.162147] [ 28.162147] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.162147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.162147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.162147] Call Trace: [ 28.162147] <TASK> [ 28.162147] dump_stack_lvl+0x73/0xb0 [ 28.162147] print_report+0xd1/0x640 [ 28.162147] ? __virt_addr_valid+0x1db/0x2d0 [ 28.162147] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.162147] ? kasan_addr_to_slab+0x11/0xa0 [ 28.162147] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.162147] kasan_report_invalid_free+0xc0/0xf0 [ 28.162147] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.162147] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.162147] __kasan_mempool_poison_object+0x102/0x1d0 [ 28.162147] mempool_free+0x2ec/0x380 [ 28.162147] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.162147] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 28.162147] ? read_hpet+0x1f0/0x230 [ 28.162147] ? ktime_get_ts64+0x84/0x230 [ 28.162147] ? trace_hardirqs_on+0x37/0xe0 [ 28.162147] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 28.162147] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 28.162147] ? __switch_to+0x5d9/0xf60 [ 28.162147] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.162147] ? __pfx_mempool_kfree+0x10/0x10 [ 28.162147] ? ktime_get_ts64+0x84/0x230 [ 28.162147] kunit_try_run_case+0x1b3/0x490 [ 28.162147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.162147] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.162147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.162147] ? __kthread_parkme+0x82/0x160 [ 28.162147] ? preempt_count_sub+0x50/0x80 [ 28.162147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.162147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.162147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.162147] kthread+0x257/0x310 [ 28.162147] ? __pfx_kthread+0x10/0x10 [ 28.162147] ret_from_fork+0x41/0x80 [ 28.162147] ? __pfx_kthread+0x10/0x10 [ 28.162147] ret_from_fork_asm+0x1a/0x30 [ 28.162147] </TASK> [ 28.162147] [ 28.162147] The buggy address belongs to the physical page: [ 28.162147] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b24 [ 28.162147] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.162147] flags: 0x200000000000040(head|node=0|zone=2) [ 28.162147] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.162147] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.162147] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.162147] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.162147] head: 0200000000000002 ffffea00040ac901 ffffffffffffffff 0000000000000000 [ 28.162147] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 28.162147] page dumped because: kasan: bad access detected [ 28.162147] [ 28.162147] Memory state around the buggy address: [ 28.162147] ffff888102b23f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.162147] ffff888102b23f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.162147] >ffff888102b24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.162147] ^ [ 28.162147] ffff888102b24080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.162147] ffff888102b24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.162147] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 27.994389] ================================================================== [ 27.995154] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.995154] Free of addr ffff888102b24000 by task kunit_try_catch/246 [ 27.995154] [ 27.995154] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.995154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.995154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.995154] Call Trace: [ 27.995154] <TASK> [ 27.995154] dump_stack_lvl+0x73/0xb0 [ 27.995154] print_report+0xd1/0x640 [ 27.995154] ? __virt_addr_valid+0x1db/0x2d0 [ 27.995154] ? mempool_double_free_helper+0x185/0x370 [ 27.995154] ? kasan_addr_to_slab+0x11/0xa0 [ 27.995154] ? mempool_double_free_helper+0x185/0x370 [ 27.995154] kasan_report_invalid_free+0xc0/0xf0 [ 27.995154] ? mempool_double_free_helper+0x185/0x370 [ 27.995154] ? mempool_double_free_helper+0x185/0x370 [ 27.995154] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 27.995154] mempool_free+0x2ec/0x380 [ 27.995154] mempool_double_free_helper+0x185/0x370 [ 27.995154] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.995154] mempool_kmalloc_large_double_free+0xb1/0x100 [ 27.995154] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 27.995154] ? __switch_to+0x5d9/0xf60 [ 27.995154] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.995154] ? __pfx_mempool_kfree+0x10/0x10 [ 27.995154] ? ktime_get_ts64+0x84/0x230 [ 27.995154] kunit_try_run_case+0x1b3/0x490 [ 27.995154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.995154] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.995154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.995154] ? __kthread_parkme+0x82/0x160 [ 27.995154] ? preempt_count_sub+0x50/0x80 [ 27.995154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.995154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.995154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.995154] kthread+0x257/0x310 [ 27.995154] ? __pfx_kthread+0x10/0x10 [ 27.995154] ret_from_fork+0x41/0x80 [ 27.995154] ? __pfx_kthread+0x10/0x10 [ 27.995154] ret_from_fork_asm+0x1a/0x30 [ 27.995154] </TASK> [ 27.995154] [ 27.995154] The buggy address belongs to the physical page: [ 27.995154] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b24 [ 27.995154] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.995154] flags: 0x200000000000040(head|node=0|zone=2) [ 27.995154] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.995154] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.995154] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.995154] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.995154] head: 0200000000000002 ffffea00040ac901 ffffffffffffffff 0000000000000000 [ 27.995154] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.995154] page dumped because: kasan: bad access detected [ 27.995154] [ 27.995154] Memory state around the buggy address: [ 27.995154] ffff888102b23f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.995154] ffff888102b23f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.995154] >ffff888102b24000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.995154] ^ [ 27.995154] ffff888102b24080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.995154] ffff888102b24100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.995154] ================================================================== [ 28.041822] ================================================================== [ 28.042248] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 28.042248] Free of addr ffff888102b9c000 by task kunit_try_catch/248 [ 28.042248] [ 28.042248] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.042248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.042248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.042248] Call Trace: [ 28.047960] <TASK> [ 28.047960] dump_stack_lvl+0x73/0xb0 [ 28.047960] print_report+0xd1/0x640 [ 28.047960] ? __virt_addr_valid+0x1db/0x2d0 [ 28.047960] ? mempool_double_free_helper+0x185/0x370 [ 28.047960] ? kasan_addr_to_slab+0x11/0xa0 [ 28.047960] ? mempool_double_free_helper+0x185/0x370 [ 28.047960] kasan_report_invalid_free+0xc0/0xf0 [ 28.047960] ? mempool_double_free_helper+0x185/0x370 [ 28.047960] ? mempool_double_free_helper+0x185/0x370 [ 28.047960] __kasan_mempool_poison_pages+0x115/0x130 [ 28.047960] mempool_free+0x290/0x380 [ 28.047960] mempool_double_free_helper+0x185/0x370 [ 28.047960] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 28.047960] ? read_hpet+0x1f0/0x230 [ 28.047960] ? ktime_get_ts64+0x84/0x230 [ 28.047960] ? trace_hardirqs_on+0x37/0xe0 [ 28.047960] mempool_page_alloc_double_free+0xac/0x100 [ 28.047960] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 28.047960] ? __switch_to+0x5d9/0xf60 [ 28.047960] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 28.047960] ? __pfx_mempool_free_pages+0x10/0x10 [ 28.047960] ? ktime_get_ts64+0x84/0x230 [ 28.047960] kunit_try_run_case+0x1b3/0x490 [ 28.047960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.047960] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.047960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.047960] ? __kthread_parkme+0x82/0x160 [ 28.047960] ? preempt_count_sub+0x50/0x80 [ 28.047960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.047960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.047960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.047960] kthread+0x257/0x310 [ 28.047960] ? __pfx_kthread+0x10/0x10 [ 28.047960] ret_from_fork+0x41/0x80 [ 28.047960] ? __pfx_kthread+0x10/0x10 [ 28.047960] ret_from_fork_asm+0x1a/0x30 [ 28.047960] </TASK> [ 28.047960] [ 28.047960] The buggy address belongs to the physical page: [ 28.047960] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9c [ 28.047960] flags: 0x200000000000000(node=0|zone=2) [ 28.047960] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.047960] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.047960] page dumped because: kasan: bad access detected [ 28.047960] [ 28.047960] Memory state around the buggy address: [ 28.047960] ffff888102b9bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.047960] ffff888102b9bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.047960] >ffff888102b9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.047960] ^ [ 28.047960] ffff888102b9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.047960] ffff888102b9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.047960] ================================================================== [ 27.924522] ================================================================== [ 27.925187] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.925187] Free of addr ffff8881028f1100 by task kunit_try_catch/244 [ 27.925187] [ 27.925187] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.925187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.925187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.925187] Call Trace: [ 27.925187] <TASK> [ 27.925187] dump_stack_lvl+0x73/0xb0 [ 27.925187] print_report+0xd1/0x640 [ 27.925187] ? __virt_addr_valid+0x1db/0x2d0 [ 27.925187] ? mempool_double_free_helper+0x185/0x370 [ 27.925187] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.925187] ? mempool_double_free_helper+0x185/0x370 [ 27.925187] kasan_report_invalid_free+0xc0/0xf0 [ 27.925187] ? mempool_double_free_helper+0x185/0x370 [ 27.925187] ? mempool_double_free_helper+0x185/0x370 [ 27.925187] ? mempool_double_free_helper+0x185/0x370 [ 27.925187] check_slab_allocation+0x101/0x130 [ 27.925187] __kasan_mempool_poison_object+0x91/0x1d0 [ 27.925187] mempool_free+0x2ec/0x380 [ 27.925187] mempool_double_free_helper+0x185/0x370 [ 27.925187] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.925187] ? ret_from_fork+0x41/0x80 [ 27.925187] ? kthread+0x257/0x310 [ 27.925187] ? ret_from_fork_asm+0x1a/0x30 [ 27.925187] ? ret_from_fork_asm+0x1a/0x30 [ 27.925187] mempool_kmalloc_double_free+0xb1/0x100 [ 27.925187] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 27.925187] ? __switch_to+0x5d9/0xf60 [ 27.925187] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.925187] ? __pfx_mempool_kfree+0x10/0x10 [ 27.925187] ? ktime_get_ts64+0x84/0x230 [ 27.925187] kunit_try_run_case+0x1b3/0x490 [ 27.925187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.925187] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.925187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.925187] ? __kthread_parkme+0x82/0x160 [ 27.925187] ? preempt_count_sub+0x50/0x80 [ 27.925187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.925187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.925187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.925187] kthread+0x257/0x310 [ 27.925187] ? __pfx_kthread+0x10/0x10 [ 27.925187] ret_from_fork+0x41/0x80 [ 27.925187] ? __pfx_kthread+0x10/0x10 [ 27.925187] ret_from_fork_asm+0x1a/0x30 [ 27.925187] </TASK> [ 27.925187] [ 27.925187] Allocated by task 244: [ 27.925187] kasan_save_stack+0x3d/0x60 [ 27.925187] kasan_save_track+0x18/0x40 [ 27.925187] kasan_save_alloc_info+0x3b/0x50 [ 27.925187] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.925187] remove_element+0x11e/0x190 [ 27.925187] mempool_alloc_preallocated+0x4d/0x90 [ 27.925187] mempool_double_free_helper+0x8b/0x370 [ 27.925187] mempool_kmalloc_double_free+0xb1/0x100 [ 27.925187] kunit_try_run_case+0x1b3/0x490 [ 27.925187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.925187] kthread+0x257/0x310 [ 27.925187] ret_from_fork+0x41/0x80 [ 27.925187] ret_from_fork_asm+0x1a/0x30 [ 27.925187] [ 27.925187] Freed by task 244: [ 27.925187] kasan_save_stack+0x3d/0x60 [ 27.925187] kasan_save_track+0x18/0x40 [ 27.925187] kasan_save_free_info+0x3f/0x60 [ 27.925187] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.925187] mempool_free+0x2ec/0x380 [ 27.925187] mempool_double_free_helper+0x10a/0x370 [ 27.925187] mempool_kmalloc_double_free+0xb1/0x100 [ 27.925187] kunit_try_run_case+0x1b3/0x490 [ 27.925187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.925187] kthread+0x257/0x310 [ 27.925187] ret_from_fork+0x41/0x80 [ 27.925187] ret_from_fork_asm+0x1a/0x30 [ 27.925187] [ 27.925187] The buggy address belongs to the object at ffff8881028f1100 [ 27.925187] which belongs to the cache kmalloc-128 of size 128 [ 27.925187] The buggy address is located 0 bytes inside of [ 27.925187] 128-byte region [ffff8881028f1100, ffff8881028f1180) [ 27.925187] [ 27.925187] The buggy address belongs to the physical page: [ 27.925187] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f1 [ 27.925187] flags: 0x200000000000000(node=0|zone=2) [ 27.925187] page_type: f5(slab) [ 27.925187] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.925187] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.925187] page dumped because: kasan: bad access detected [ 27.925187] [ 27.925187] Memory state around the buggy address: [ 27.925187] ffff8881028f1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.925187] ffff8881028f1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.925187] >ffff8881028f1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.925187] ^ [ 27.925187] ffff8881028f1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.925187] ffff8881028f1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.925187] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 27.877756] ================================================================== [ 27.878156] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.878156] Read of size 1 at addr ffff888102b24000 by task kunit_try_catch/242 [ 27.878156] [ 27.878156] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.878156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.878156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.878156] Call Trace: [ 27.878156] <TASK> [ 27.878156] dump_stack_lvl+0x73/0xb0 [ 27.878156] print_report+0xd1/0x640 [ 27.878156] ? __virt_addr_valid+0x1db/0x2d0 [ 27.878156] ? kasan_addr_to_slab+0x11/0xa0 [ 27.878156] kasan_report+0x102/0x140 [ 27.878156] ? mempool_uaf_helper+0x394/0x400 [ 27.878156] ? mempool_uaf_helper+0x394/0x400 [ 27.878156] __asan_report_load1_noabort+0x18/0x20 [ 27.878156] mempool_uaf_helper+0x394/0x400 [ 27.878156] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.878156] ? read_hpet+0x1f0/0x230 [ 27.878156] ? ktime_get_ts64+0x84/0x230 [ 27.878156] ? trace_hardirqs_on+0x37/0xe0 [ 27.878156] mempool_page_alloc_uaf+0xb1/0x100 [ 27.878156] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 27.878156] ? __switch_to+0x5d9/0xf60 [ 27.878156] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 27.878156] ? __pfx_mempool_free_pages+0x10/0x10 [ 27.878156] ? ktime_get_ts64+0x84/0x230 [ 27.878156] kunit_try_run_case+0x1b3/0x490 [ 27.878156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.878156] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.878156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.878156] ? __kthread_parkme+0x82/0x160 [ 27.878156] ? preempt_count_sub+0x50/0x80 [ 27.878156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.878156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.878156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.878156] kthread+0x257/0x310 [ 27.878156] ? __pfx_kthread+0x10/0x10 [ 27.878156] ret_from_fork+0x41/0x80 [ 27.878156] ? __pfx_kthread+0x10/0x10 [ 27.878156] ret_from_fork_asm+0x1a/0x30 [ 27.878156] </TASK> [ 27.878156] [ 27.878156] The buggy address belongs to the physical page: [ 27.878156] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b24 [ 27.878156] flags: 0x200000000000000(node=0|zone=2) [ 27.878156] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.878156] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.878156] page dumped because: kasan: bad access detected [ 27.878156] [ 27.878156] Memory state around the buggy address: [ 27.878156] ffff888102b23f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.878156] ffff888102b23f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.878156] >ffff888102b24000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.878156] ^ [ 27.878156] ffff888102b24080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.878156] ffff888102b24100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.878156] ================================================================== [ 27.756984] ================================================================== [ 27.757660] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.757660] Read of size 1 at addr ffff888102b24000 by task kunit_try_catch/238 [ 27.757660] [ 27.757660] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.757660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.757660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.757660] Call Trace: [ 27.757660] <TASK> [ 27.757660] dump_stack_lvl+0x73/0xb0 [ 27.757660] print_report+0xd1/0x640 [ 27.757660] ? __virt_addr_valid+0x1db/0x2d0 [ 27.757660] ? kasan_addr_to_slab+0x11/0xa0 [ 27.757660] kasan_report+0x102/0x140 [ 27.757660] ? mempool_uaf_helper+0x394/0x400 [ 27.757660] ? mempool_uaf_helper+0x394/0x400 [ 27.757660] __asan_report_load1_noabort+0x18/0x20 [ 27.757660] mempool_uaf_helper+0x394/0x400 [ 27.757660] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.757660] ? read_hpet+0x1f0/0x230 [ 27.757660] ? ktime_get_ts64+0x84/0x230 [ 27.757660] ? trace_hardirqs_on+0x37/0xe0 [ 27.757660] mempool_kmalloc_large_uaf+0xb3/0x100 [ 27.757660] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 27.757660] ? __switch_to+0x5d9/0xf60 [ 27.757660] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.757660] ? __pfx_mempool_kfree+0x10/0x10 [ 27.757660] ? ktime_get_ts64+0x84/0x230 [ 27.757660] kunit_try_run_case+0x1b3/0x490 [ 27.757660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.757660] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.757660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.757660] ? __kthread_parkme+0x82/0x160 [ 27.757660] ? preempt_count_sub+0x50/0x80 [ 27.757660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.757660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.757660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.757660] kthread+0x257/0x310 [ 27.757660] ? __pfx_kthread+0x10/0x10 [ 27.757660] ret_from_fork+0x41/0x80 [ 27.757660] ? __pfx_kthread+0x10/0x10 [ 27.757660] ret_from_fork_asm+0x1a/0x30 [ 27.757660] </TASK> [ 27.757660] [ 27.757660] The buggy address belongs to the physical page: [ 27.757660] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b24 [ 27.757660] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.757660] flags: 0x200000000000040(head|node=0|zone=2) [ 27.757660] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.757660] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.757660] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.757660] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.757660] head: 0200000000000002 ffffea00040ac901 ffffffffffffffff 0000000000000000 [ 27.757660] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.757660] page dumped because: kasan: bad access detected [ 27.757660] [ 27.757660] Memory state around the buggy address: [ 27.757660] ffff888102b23f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.757660] ffff888102b23f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.757660] >ffff888102b24000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.757660] ^ [ 27.757660] ffff888102b24080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.757660] ffff888102b24100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.757660] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 27.806850] ================================================================== [ 27.807148] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.807148] Read of size 1 at addr ffff8881028f1240 by task kunit_try_catch/240 [ 27.807148] [ 27.807148] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.807148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.807148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.807148] Call Trace: [ 27.807148] <TASK> [ 27.807148] dump_stack_lvl+0x73/0xb0 [ 27.807148] print_report+0xd1/0x640 [ 27.807148] ? __virt_addr_valid+0x1db/0x2d0 [ 27.807148] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.807148] kasan_report+0x102/0x140 [ 27.807148] ? mempool_uaf_helper+0x394/0x400 [ 27.807148] ? mempool_uaf_helper+0x394/0x400 [ 27.807148] __asan_report_load1_noabort+0x18/0x20 [ 27.807148] mempool_uaf_helper+0x394/0x400 [ 27.807148] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.807148] ? ktime_get_ts64+0x84/0x230 [ 27.807148] ? trace_hardirqs_on+0x37/0xe0 [ 27.807148] mempool_slab_uaf+0xae/0x100 [ 27.807148] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 27.807148] ? __switch_to+0x5d9/0xf60 [ 27.807148] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 27.807148] ? __pfx_mempool_free_slab+0x10/0x10 [ 27.807148] ? ktime_get_ts64+0x84/0x230 [ 27.807148] kunit_try_run_case+0x1b3/0x490 [ 27.807148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.807148] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.807148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.807148] ? __kthread_parkme+0x82/0x160 [ 27.807148] ? preempt_count_sub+0x50/0x80 [ 27.807148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.807148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.807148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.807148] kthread+0x257/0x310 [ 27.807148] ? __pfx_kthread+0x10/0x10 [ 27.807148] ret_from_fork+0x41/0x80 [ 27.807148] ? __pfx_kthread+0x10/0x10 [ 27.807148] ret_from_fork_asm+0x1a/0x30 [ 27.807148] </TASK> [ 27.807148] [ 27.807148] Allocated by task 240: [ 27.807148] kasan_save_stack+0x3d/0x60 [ 27.807148] kasan_save_track+0x18/0x40 [ 27.807148] kasan_save_alloc_info+0x3b/0x50 [ 27.807148] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 27.807148] remove_element+0x11e/0x190 [ 27.807148] mempool_alloc_preallocated+0x4d/0x90 [ 27.807148] mempool_uaf_helper+0x97/0x400 [ 27.807148] mempool_slab_uaf+0xae/0x100 [ 27.807148] kunit_try_run_case+0x1b3/0x490 [ 27.807148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.807148] kthread+0x257/0x310 [ 27.807148] ret_from_fork+0x41/0x80 [ 27.807148] ret_from_fork_asm+0x1a/0x30 [ 27.807148] [ 27.807148] Freed by task 240: [ 27.807148] kasan_save_stack+0x3d/0x60 [ 27.807148] kasan_save_track+0x18/0x40 [ 27.807148] kasan_save_free_info+0x3f/0x60 [ 27.807148] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.807148] mempool_free+0x2ec/0x380 [ 27.807148] mempool_uaf_helper+0x11b/0x400 [ 27.807148] mempool_slab_uaf+0xae/0x100 [ 27.807148] kunit_try_run_case+0x1b3/0x490 [ 27.807148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.807148] kthread+0x257/0x310 [ 27.807148] ret_from_fork+0x41/0x80 [ 27.807148] ret_from_fork_asm+0x1a/0x30 [ 27.807148] [ 27.807148] The buggy address belongs to the object at ffff8881028f1240 [ 27.807148] which belongs to the cache test_cache of size 123 [ 27.807148] The buggy address is located 0 bytes inside of [ 27.807148] freed 123-byte region [ffff8881028f1240, ffff8881028f12bb) [ 27.807148] [ 27.807148] The buggy address belongs to the physical page: [ 27.807148] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f1 [ 27.807148] flags: 0x200000000000000(node=0|zone=2) [ 27.807148] page_type: f5(slab) [ 27.807148] raw: 0200000000000000 ffff8881028ee000 dead000000000122 0000000000000000 [ 27.807148] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 27.807148] page dumped because: kasan: bad access detected [ 27.807148] [ 27.807148] Memory state around the buggy address: [ 27.807148] ffff8881028f1100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.807148] ffff8881028f1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.807148] >ffff8881028f1200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 27.807148] ^ [ 27.807148] ffff8881028f1280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.807148] ffff8881028f1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.807148] ================================================================== [ 27.683747] ================================================================== [ 27.684155] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.684155] Read of size 1 at addr ffff8881028e5a00 by task kunit_try_catch/236 [ 27.684155] [ 27.684155] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.684155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.684155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.684155] Call Trace: [ 27.684155] <TASK> [ 27.684155] dump_stack_lvl+0x73/0xb0 [ 27.684155] print_report+0xd1/0x640 [ 27.684155] ? __virt_addr_valid+0x1db/0x2d0 [ 27.684155] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.684155] kasan_report+0x102/0x140 [ 27.684155] ? mempool_uaf_helper+0x394/0x400 [ 27.684155] ? mempool_uaf_helper+0x394/0x400 [ 27.684155] __asan_report_load1_noabort+0x18/0x20 [ 27.684155] mempool_uaf_helper+0x394/0x400 [ 27.684155] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.684155] ? read_hpet+0x1f0/0x230 [ 27.684155] ? ktime_get_ts64+0x84/0x230 [ 27.684155] ? trace_hardirqs_on+0x37/0xe0 [ 27.684155] mempool_kmalloc_uaf+0xb3/0x100 [ 27.684155] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 27.684155] ? __switch_to+0x5d9/0xf60 [ 27.684155] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.684155] ? __pfx_mempool_kfree+0x10/0x10 [ 27.684155] ? ktime_get_ts64+0x84/0x230 [ 27.684155] kunit_try_run_case+0x1b3/0x490 [ 27.684155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.684155] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.684155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.684155] ? __kthread_parkme+0x82/0x160 [ 27.684155] ? preempt_count_sub+0x50/0x80 [ 27.684155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.684155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.684155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.684155] kthread+0x257/0x310 [ 27.684155] ? __pfx_kthread+0x10/0x10 [ 27.684155] ret_from_fork+0x41/0x80 [ 27.684155] ? __pfx_kthread+0x10/0x10 [ 27.684155] ret_from_fork_asm+0x1a/0x30 [ 27.684155] </TASK> [ 27.684155] [ 27.684155] Allocated by task 236: [ 27.684155] kasan_save_stack+0x3d/0x60 [ 27.684155] kasan_save_track+0x18/0x40 [ 27.684155] kasan_save_alloc_info+0x3b/0x50 [ 27.684155] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.684155] remove_element+0x11e/0x190 [ 27.684155] mempool_alloc_preallocated+0x4d/0x90 [ 27.684155] mempool_uaf_helper+0x97/0x400 [ 27.684155] mempool_kmalloc_uaf+0xb3/0x100 [ 27.684155] kunit_try_run_case+0x1b3/0x490 [ 27.684155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.684155] kthread+0x257/0x310 [ 27.684155] ret_from_fork+0x41/0x80 [ 27.684155] ret_from_fork_asm+0x1a/0x30 [ 27.684155] [ 27.684155] Freed by task 236: [ 27.684155] kasan_save_stack+0x3d/0x60 [ 27.684155] kasan_save_track+0x18/0x40 [ 27.684155] kasan_save_free_info+0x3f/0x60 [ 27.684155] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.684155] mempool_free+0x2ec/0x380 [ 27.684155] mempool_uaf_helper+0x11b/0x400 [ 27.684155] mempool_kmalloc_uaf+0xb3/0x100 [ 27.684155] kunit_try_run_case+0x1b3/0x490 [ 27.684155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.684155] kthread+0x257/0x310 [ 27.684155] ret_from_fork+0x41/0x80 [ 27.684155] ret_from_fork_asm+0x1a/0x30 [ 27.684155] [ 27.684155] The buggy address belongs to the object at ffff8881028e5a00 [ 27.684155] which belongs to the cache kmalloc-128 of size 128 [ 27.684155] The buggy address is located 0 bytes inside of [ 27.684155] freed 128-byte region [ffff8881028e5a00, ffff8881028e5a80) [ 27.684155] [ 27.684155] The buggy address belongs to the physical page: [ 27.684155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e5 [ 27.684155] flags: 0x200000000000000(node=0|zone=2) [ 27.684155] page_type: f5(slab) [ 27.684155] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.684155] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.684155] page dumped because: kasan: bad access detected [ 27.684155] [ 27.684155] Memory state around the buggy address: [ 27.684155] ffff8881028e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.684155] ffff8881028e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.684155] >ffff8881028e5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.684155] ^ [ 27.684155] ffff8881028e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.684155] ffff8881028e5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.684155] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 40.681145] ================================================================== [ 40.681145] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.681145] [ 40.681145] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#171): [ 40.681145] test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.681145] kunit_try_run_case+0x1b3/0x490 [ 40.681145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.681145] kthread+0x257/0x310 [ 40.681145] ret_from_fork+0x41/0x80 [ 40.681145] ret_from_fork_asm+0x1a/0x30 [ 40.681145] [ 40.681145] kfence-#171: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 40.681145] [ 40.681145] allocated by task 334 on cpu 1 at 40.680835s (0.000310s ago): [ 40.681145] test_alloc+0x35f/0x10d0 [ 40.681145] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 40.681145] kunit_try_run_case+0x1b3/0x490 [ 40.681145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.681145] kthread+0x257/0x310 [ 40.681145] ret_from_fork+0x41/0x80 [ 40.681145] ret_from_fork_asm+0x1a/0x30 [ 40.681145] [ 40.681145] freed by task 334 on cpu 1 at 40.681081s (0.000064s ago): [ 40.681145] test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.681145] kunit_try_run_case+0x1b3/0x490 [ 40.681145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.681145] kthread+0x257/0x310 [ 40.681145] ret_from_fork+0x41/0x80 [ 40.681145] ret_from_fork_asm+0x1a/0x30 [ 40.681145] [ 40.681145] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.681145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.681145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.681145] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 40.577125] ================================================================== [ 40.577125] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 40.577125] [ 40.577125] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#170): [ 40.577125] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 40.577125] kunit_try_run_case+0x1b3/0x490 [ 40.577125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.577125] kthread+0x257/0x310 [ 40.577125] ret_from_fork+0x41/0x80 [ 40.577125] ret_from_fork_asm+0x1a/0x30 [ 40.577125] [ 40.577125] kfence-#170: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 40.577125] [ 40.577125] allocated by task 332 on cpu 0 at 40.576763s (0.000361s ago): [ 40.577125] test_alloc+0x35f/0x10d0 [ 40.577125] test_kmalloc_aligned_oob_read+0x106/0x570 [ 40.577125] kunit_try_run_case+0x1b3/0x490 [ 40.577125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.577125] kthread+0x257/0x310 [ 40.577125] ret_from_fork+0x41/0x80 [ 40.577125] ret_from_fork_asm+0x1a/0x30 [ 40.577125] [ 40.577125] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.577125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.577125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.577125] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 34.856991] ================================================================== [ 34.857121] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 34.857121] [ 34.857121] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#115): [ 34.857121] test_corruption+0x2d4/0x3e0 [ 34.857121] kunit_try_run_case+0x1b3/0x490 [ 34.857121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.857121] kthread+0x257/0x310 [ 34.857121] ret_from_fork+0x41/0x80 [ 34.857121] ret_from_fork_asm+0x1a/0x30 [ 34.857121] [ 34.857121] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.857121] [ 34.857121] allocated by task 320 on cpu 0 at 34.856716s (0.000404s ago): [ 34.857121] test_alloc+0x35f/0x10d0 [ 34.857121] test_corruption+0xe7/0x3e0 [ 34.857121] kunit_try_run_case+0x1b3/0x490 [ 34.857121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.857121] kthread+0x257/0x310 [ 34.857121] ret_from_fork+0x41/0x80 [ 34.857121] ret_from_fork_asm+0x1a/0x30 [ 34.857121] [ 34.857121] freed by task 320 on cpu 0 at 34.856874s (0.000246s ago): [ 34.857121] test_corruption+0x2d4/0x3e0 [ 34.857121] kunit_try_run_case+0x1b3/0x490 [ 34.857121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.857121] kthread+0x257/0x310 [ 34.857121] ret_from_fork+0x41/0x80 [ 34.857121] ret_from_fork_asm+0x1a/0x30 [ 34.857121] [ 34.857121] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.857121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.857121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.857121] ================================================================== [ 35.273124] ================================================================== [ 35.273124] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 35.273124] [ 35.273124] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#119): [ 35.273124] test_corruption+0x2e1/0x3e0 [ 35.273124] kunit_try_run_case+0x1b3/0x490 [ 35.273124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.273124] kthread+0x257/0x310 [ 35.273124] ret_from_fork+0x41/0x80 [ 35.273124] ret_from_fork_asm+0x1a/0x30 [ 35.273124] [ 35.273124] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.273124] [ 35.273124] allocated by task 320 on cpu 0 at 35.272746s (0.000378s ago): [ 35.273124] test_alloc+0x35f/0x10d0 [ 35.273124] test_corruption+0x1cc/0x3e0 [ 35.273124] kunit_try_run_case+0x1b3/0x490 [ 35.273124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.273124] kthread+0x257/0x310 [ 35.273124] ret_from_fork+0x41/0x80 [ 35.273124] ret_from_fork_asm+0x1a/0x30 [ 35.273124] [ 35.273124] freed by task 320 on cpu 0 at 35.272907s (0.000217s ago): [ 35.273124] test_corruption+0x2e1/0x3e0 [ 35.273124] kunit_try_run_case+0x1b3/0x490 [ 35.273124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.273124] kthread+0x257/0x310 [ 35.273124] ret_from_fork+0x41/0x80 [ 35.273124] ret_from_fork_asm+0x1a/0x30 [ 35.273124] [ 35.273124] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.273124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.273124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.273124] ================================================================== [ 35.480939] ================================================================== [ 35.481122] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 35.481122] [ 35.481122] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#121): [ 35.481122] test_corruption+0x217/0x3e0 [ 35.481122] kunit_try_run_case+0x1b3/0x490 [ 35.481122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.481122] kthread+0x257/0x310 [ 35.481122] ret_from_fork+0x41/0x80 [ 35.481122] ret_from_fork_asm+0x1a/0x30 [ 35.481122] [ 35.481122] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.481122] [ 35.481122] allocated by task 322 on cpu 1 at 35.480714s (0.000407s ago): [ 35.481122] test_alloc+0x2a7/0x10d0 [ 35.481122] test_corruption+0x1cc/0x3e0 [ 35.481122] kunit_try_run_case+0x1b3/0x490 [ 35.481122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.481122] kthread+0x257/0x310 [ 35.481122] ret_from_fork+0x41/0x80 [ 35.481122] ret_from_fork_asm+0x1a/0x30 [ 35.481122] [ 35.481122] freed by task 322 on cpu 1 at 35.480809s (0.000313s ago): [ 35.481122] test_corruption+0x217/0x3e0 [ 35.481122] kunit_try_run_case+0x1b3/0x490 [ 35.481122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.481122] kthread+0x257/0x310 [ 35.481122] ret_from_fork+0x41/0x80 [ 35.481122] ret_from_fork_asm+0x1a/0x30 [ 35.481122] [ 35.481122] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.481122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.481122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.481122] ================================================================== [ 35.376897] ================================================================== [ 35.377120] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 35.377120] [ 35.377120] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#120): [ 35.377120] test_corruption+0x132/0x3e0 [ 35.377120] kunit_try_run_case+0x1b3/0x490 [ 35.377120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.377120] kthread+0x257/0x310 [ 35.377120] ret_from_fork+0x41/0x80 [ 35.377120] ret_from_fork_asm+0x1a/0x30 [ 35.377120] [ 35.377120] kfence-#120: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.377120] [ 35.377120] allocated by task 322 on cpu 1 at 35.376705s (0.000415s ago): [ 35.377120] test_alloc+0x2a7/0x10d0 [ 35.377120] test_corruption+0xe7/0x3e0 [ 35.377120] kunit_try_run_case+0x1b3/0x490 [ 35.377120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.377120] kthread+0x257/0x310 [ 35.377120] ret_from_fork+0x41/0x80 [ 35.377120] ret_from_fork_asm+0x1a/0x30 [ 35.377120] [ 35.377120] freed by task 322 on cpu 1 at 35.376791s (0.000329s ago): [ 35.377120] test_corruption+0x132/0x3e0 [ 35.377120] kunit_try_run_case+0x1b3/0x490 [ 35.377120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.377120] kthread+0x257/0x310 [ 35.377120] ret_from_fork+0x41/0x80 [ 35.377120] ret_from_fork_asm+0x1a/0x30 [ 35.377120] [ 35.377120] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.377120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.377120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.377120] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 34.544928] ================================================================== [ 34.545123] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 34.545123] [ 34.545123] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 34.545123] test_invalid_addr_free+0x1e3/0x260 [ 34.545123] kunit_try_run_case+0x1b3/0x490 [ 34.545123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.545123] kthread+0x257/0x310 [ 34.545123] ret_from_fork+0x41/0x80 [ 34.545123] ret_from_fork_asm+0x1a/0x30 [ 34.545123] [ 34.545123] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.545123] [ 34.545123] allocated by task 316 on cpu 0 at 34.544720s (0.000403s ago): [ 34.545123] test_alloc+0x35f/0x10d0 [ 34.545123] test_invalid_addr_free+0xdc/0x260 [ 34.545123] kunit_try_run_case+0x1b3/0x490 [ 34.545123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.545123] kthread+0x257/0x310 [ 34.545123] ret_from_fork+0x41/0x80 [ 34.545123] ret_from_fork_asm+0x1a/0x30 [ 34.545123] [ 34.545123] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.545123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.545123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.545123] ================================================================== [ 34.648919] ================================================================== [ 34.649125] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 34.649125] [ 34.649125] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 34.649125] test_invalid_addr_free+0xfc/0x260 [ 34.649125] kunit_try_run_case+0x1b3/0x490 [ 34.649125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.649125] kthread+0x257/0x310 [ 34.649125] ret_from_fork+0x41/0x80 [ 34.649125] ret_from_fork_asm+0x1a/0x30 [ 34.649125] [ 34.649125] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.649125] [ 34.649125] allocated by task 318 on cpu 1 at 34.648740s (0.000385s ago): [ 34.649125] test_alloc+0x2a7/0x10d0 [ 34.649125] test_invalid_addr_free+0xdc/0x260 [ 34.649125] kunit_try_run_case+0x1b3/0x490 [ 34.649125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.649125] kthread+0x257/0x310 [ 34.649125] ret_from_fork+0x41/0x80 [ 34.649125] ret_from_fork_asm+0x1a/0x30 [ 34.649125] [ 34.649125] CPU: 1 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.649125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.649125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.649125] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 34.441013] ================================================================== [ 34.441121] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 34.441121] [ 34.441121] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 34.441121] test_double_free+0x113/0x260 [ 34.441121] kunit_try_run_case+0x1b3/0x490 [ 34.441121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.441121] kthread+0x257/0x310 [ 34.441121] ret_from_fork+0x41/0x80 [ 34.441121] ret_from_fork_asm+0x1a/0x30 [ 34.441121] [ 34.441121] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.441121] [ 34.441121] allocated by task 314 on cpu 0 at 34.440728s (0.000393s ago): [ 34.441121] test_alloc+0x2a7/0x10d0 [ 34.441121] test_double_free+0xdc/0x260 [ 34.441121] kunit_try_run_case+0x1b3/0x490 [ 34.441121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.441121] kthread+0x257/0x310 [ 34.441121] ret_from_fork+0x41/0x80 [ 34.441121] ret_from_fork_asm+0x1a/0x30 [ 34.441121] [ 34.441121] freed by task 314 on cpu 0 at 34.440839s (0.000281s ago): [ 34.441121] test_double_free+0xfb/0x260 [ 34.441121] kunit_try_run_case+0x1b3/0x490 [ 34.441121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.441121] kthread+0x257/0x310 [ 34.441121] ret_from_fork+0x41/0x80 [ 34.441121] ret_from_fork_asm+0x1a/0x30 [ 34.441121] [ 34.441121] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.441121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.441121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.441121] ================================================================== [ 34.337121] ================================================================== [ 34.337121] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 34.337121] [ 34.337121] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 34.337121] test_double_free+0x1d5/0x260 [ 34.337121] kunit_try_run_case+0x1b3/0x490 [ 34.337121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.337121] kthread+0x257/0x310 [ 34.337121] ret_from_fork+0x41/0x80 [ 34.337121] ret_from_fork_asm+0x1a/0x30 [ 34.337121] [ 34.337121] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.337121] [ 34.337121] allocated by task 312 on cpu 0 at 34.336734s (0.000387s ago): [ 34.337121] test_alloc+0x35f/0x10d0 [ 34.337121] test_double_free+0xdc/0x260 [ 34.337121] kunit_try_run_case+0x1b3/0x490 [ 34.337121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.337121] kthread+0x257/0x310 [ 34.337121] ret_from_fork+0x41/0x80 [ 34.337121] ret_from_fork_asm+0x1a/0x30 [ 34.337121] [ 34.337121] freed by task 312 on cpu 0 at 34.336855s (0.000266s ago): [ 34.337121] test_double_free+0x1e2/0x260 [ 34.337121] kunit_try_run_case+0x1b3/0x490 [ 34.337121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.337121] kthread+0x257/0x310 [ 34.337121] ret_from_fork+0x41/0x80 [ 34.337121] ret_from_fork_asm+0x1a/0x30 [ 34.337121] [ 34.337121] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.337121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.337121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.337121] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 27.620239] ================================================================== [ 27.621183] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.621183] Read of size 1 at addr ffff8881028ee2bb by task kunit_try_catch/234 [ 27.621183] [ 27.621183] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.621183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.621183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.621183] Call Trace: [ 27.621183] <TASK> [ 27.621183] dump_stack_lvl+0x73/0xb0 [ 27.621183] print_report+0xd1/0x640 [ 27.621183] ? __virt_addr_valid+0x1db/0x2d0 [ 27.621183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.621183] kasan_report+0x102/0x140 [ 27.621183] ? mempool_oob_right_helper+0x31a/0x380 [ 27.621183] ? mempool_oob_right_helper+0x31a/0x380 [ 27.621183] __asan_report_load1_noabort+0x18/0x20 [ 27.621183] mempool_oob_right_helper+0x31a/0x380 [ 27.621183] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.621183] ? ktime_get_ts64+0x84/0x230 [ 27.621183] ? trace_hardirqs_on+0x37/0xe0 [ 27.621183] mempool_slab_oob_right+0xb1/0x100 [ 27.621183] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 27.621183] ? __switch_to+0x5d9/0xf60 [ 27.621183] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 27.621183] ? __pfx_mempool_free_slab+0x10/0x10 [ 27.621183] ? ktime_get_ts64+0x84/0x230 [ 27.621183] kunit_try_run_case+0x1b3/0x490 [ 27.621183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.621183] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.621183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.621183] ? __kthread_parkme+0x82/0x160 [ 27.621183] ? preempt_count_sub+0x50/0x80 [ 27.621183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.621183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.621183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.621183] kthread+0x257/0x310 [ 27.621183] ? __pfx_kthread+0x10/0x10 [ 27.621183] ret_from_fork+0x41/0x80 [ 27.621183] ? __pfx_kthread+0x10/0x10 [ 27.621183] ret_from_fork_asm+0x1a/0x30 [ 27.621183] </TASK> [ 27.621183] [ 27.621183] Allocated by task 234: [ 27.621183] kasan_save_stack+0x3d/0x60 [ 27.621183] kasan_save_track+0x18/0x40 [ 27.621183] kasan_save_alloc_info+0x3b/0x50 [ 27.621183] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 27.621183] remove_element+0x11e/0x190 [ 27.621183] mempool_alloc_preallocated+0x4d/0x90 [ 27.621183] mempool_oob_right_helper+0x8b/0x380 [ 27.621183] mempool_slab_oob_right+0xb1/0x100 [ 27.621183] kunit_try_run_case+0x1b3/0x490 [ 27.621183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.621183] kthread+0x257/0x310 [ 27.621183] ret_from_fork+0x41/0x80 [ 27.621183] ret_from_fork_asm+0x1a/0x30 [ 27.621183] [ 27.621183] The buggy address belongs to the object at ffff8881028ee240 [ 27.621183] which belongs to the cache test_cache of size 123 [ 27.621183] The buggy address is located 0 bytes to the right of [ 27.621183] allocated 123-byte region [ffff8881028ee240, ffff8881028ee2bb) [ 27.621183] [ 27.621183] The buggy address belongs to the physical page: [ 27.621183] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ee [ 27.621183] flags: 0x200000000000000(node=0|zone=2) [ 27.621183] page_type: f5(slab) [ 27.621183] raw: 0200000000000000 ffff888100a2bdc0 dead000000000122 0000000000000000 [ 27.621183] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 27.621183] page dumped because: kasan: bad access detected [ 27.621183] [ 27.621183] Memory state around the buggy address: [ 27.621183] ffff8881028ee180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.621183] ffff8881028ee200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 27.621183] >ffff8881028ee280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 27.621183] ^ [ 27.621183] ffff8881028ee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.621183] ffff8881028ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.621183] ================================================================== [ 27.517373] ================================================================== [ 27.518065] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.518173] Read of size 1 at addr ffff888102945873 by task kunit_try_catch/230 [ 27.518173] [ 27.518173] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.518173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.518173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.518173] Call Trace: [ 27.518173] <TASK> [ 27.518173] dump_stack_lvl+0x73/0xb0 [ 27.518173] print_report+0xd1/0x640 [ 27.518173] ? __virt_addr_valid+0x1db/0x2d0 [ 27.518173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.518173] kasan_report+0x102/0x140 [ 27.518173] ? mempool_oob_right_helper+0x31a/0x380 [ 27.518173] ? mempool_oob_right_helper+0x31a/0x380 [ 27.518173] __asan_report_load1_noabort+0x18/0x20 [ 27.518173] mempool_oob_right_helper+0x31a/0x380 [ 27.518173] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.518173] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.518173] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 27.518173] ? __switch_to+0x5d9/0xf60 [ 27.518173] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.518173] ? __pfx_mempool_kfree+0x10/0x10 [ 27.518173] ? ktime_get_ts64+0x84/0x230 [ 27.518173] kunit_try_run_case+0x1b3/0x490 [ 27.518173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.518173] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.518173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.518173] ? __kthread_parkme+0x82/0x160 [ 27.518173] ? preempt_count_sub+0x50/0x80 [ 27.518173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.518173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.518173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.518173] kthread+0x257/0x310 [ 27.518173] ? __pfx_kthread+0x10/0x10 [ 27.518173] ret_from_fork+0x41/0x80 [ 27.518173] ? __pfx_kthread+0x10/0x10 [ 27.518173] ret_from_fork_asm+0x1a/0x30 [ 27.518173] </TASK> [ 27.518173] [ 27.518173] Allocated by task 230: [ 27.518173] kasan_save_stack+0x3d/0x60 [ 27.518173] kasan_save_track+0x18/0x40 [ 27.518173] kasan_save_alloc_info+0x3b/0x50 [ 27.518173] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.518173] remove_element+0x11e/0x190 [ 27.518173] mempool_alloc_preallocated+0x4d/0x90 [ 27.518173] mempool_oob_right_helper+0x8b/0x380 [ 27.518173] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.518173] kunit_try_run_case+0x1b3/0x490 [ 27.518173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.518173] kthread+0x257/0x310 [ 27.518173] ret_from_fork+0x41/0x80 [ 27.518173] ret_from_fork_asm+0x1a/0x30 [ 27.518173] [ 27.518173] The buggy address belongs to the object at ffff888102945800 [ 27.518173] which belongs to the cache kmalloc-128 of size 128 [ 27.518173] The buggy address is located 0 bytes to the right of [ 27.518173] allocated 115-byte region [ffff888102945800, ffff888102945873) [ 27.518173] [ 27.518173] The buggy address belongs to the physical page: [ 27.518173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102945 [ 27.518173] flags: 0x200000000000000(node=0|zone=2) [ 27.518173] page_type: f5(slab) [ 27.518173] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.518173] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.518173] page dumped because: kasan: bad access detected [ 27.518173] [ 27.518173] Memory state around the buggy address: [ 27.518173] ffff888102945700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.518173] ffff888102945780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.518173] >ffff888102945800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.518173] ^ [ 27.518173] ffff888102945880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.518173] ffff888102945900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.518173] ================================================================== [ 27.571610] ================================================================== [ 27.572173] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.572173] Read of size 1 at addr ffff888102b22001 by task kunit_try_catch/232 [ 27.572173] [ 27.572173] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 27.572173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.572173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.572173] Call Trace: [ 27.572173] <TASK> [ 27.572173] dump_stack_lvl+0x73/0xb0 [ 27.572173] print_report+0xd1/0x640 [ 27.572173] ? __virt_addr_valid+0x1db/0x2d0 [ 27.572173] ? kasan_addr_to_slab+0x11/0xa0 [ 27.572173] kasan_report+0x102/0x140 [ 27.572173] ? mempool_oob_right_helper+0x31a/0x380 [ 27.572173] ? mempool_oob_right_helper+0x31a/0x380 [ 27.572173] __asan_report_load1_noabort+0x18/0x20 [ 27.572173] mempool_oob_right_helper+0x31a/0x380 [ 27.572173] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.572173] ? read_hpet+0x1f0/0x230 [ 27.572173] ? ktime_get_ts64+0x84/0x230 [ 27.572173] ? trace_hardirqs_on+0x37/0xe0 [ 27.572173] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 27.572173] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 27.572173] ? __switch_to+0x5d9/0xf60 [ 27.572173] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.572173] ? __pfx_mempool_kfree+0x10/0x10 [ 27.572173] ? ktime_get_ts64+0x84/0x230 [ 27.572173] kunit_try_run_case+0x1b3/0x490 [ 27.572173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.572173] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.572173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.572173] ? __kthread_parkme+0x82/0x160 [ 27.572173] ? preempt_count_sub+0x50/0x80 [ 27.572173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.572173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.572173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.572173] kthread+0x257/0x310 [ 27.572173] ? __pfx_kthread+0x10/0x10 [ 27.572173] ret_from_fork+0x41/0x80 [ 27.572173] ? __pfx_kthread+0x10/0x10 [ 27.572173] ret_from_fork_asm+0x1a/0x30 [ 27.572173] </TASK> [ 27.572173] [ 27.572173] The buggy address belongs to the physical page: [ 27.572173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 27.572173] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.572173] flags: 0x200000000000040(head|node=0|zone=2) [ 27.572173] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.572173] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.572173] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.572173] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.572173] head: 0200000000000002 ffffea00040ac801 ffffffffffffffff 0000000000000000 [ 27.572173] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.572173] page dumped because: kasan: bad access detected [ 27.572173] [ 27.572173] Memory state around the buggy address: [ 27.572173] ffff888102b21f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.572173] ffff888102b21f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.572173] >ffff888102b22000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.572173] ^ [ 27.572173] ffff888102b22080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.572173] ffff888102b22100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.572173] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 220.445007] WARNING: CPU: 1 PID: 2033 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 220.446159] Modules linked in: [ 220.446738] CPU: 1 UID: 0 PID: 2033 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241126 #1 [ 220.449925] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 220.450552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 220.451659] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 220.452427] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 220.454507] RSP: 0000:ffff88810593fba0 EFLAGS: 00010246 [ 220.455068] RAX: dffffc0000000000 RBX: ffff88810593fc98 RCX: 0000000000000000 [ 220.456040] RDX: 1ffff11020b27f9c RSI: ffff88810593fc98 RDI: ffff88810593fce0 [ 220.456747] RBP: ffff88810593fbe0 R08: ffff888107f76000 R09: ffffed1020b27fa0 [ 220.457584] R10: 0000000000000003 R11: 00000000ffffffff R12: ffff888107f76000 [ 220.458392] R13: ffff888100317b20 R14: ffff88810593fc18 R15: ffff88810593fe28 [ 220.459725] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 220.460883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.461296] CR2: 00007ffff7ffe000 CR3: 0000000011ab8000 CR4: 00000000000006f0 [ 220.462414] DR0: ffffffff959eb1a0 DR1: ffffffff959eb1a1 DR2: ffffffff959eb1a3 [ 220.462966] DR3: ffffffff959eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 220.464263] Call Trace: [ 220.464553] <TASK> [ 220.464944] ? show_regs+0x68/0x80 [ 220.466428] ? __warn+0xd5/0x260 [ 220.466846] ? drm_framebuffer_init+0x44/0x300 [ 220.467119] ? report_bug+0x278/0x2e0 [ 220.467119] ? handle_bug+0x5c/0xb0 [ 220.468648] ? exc_invalid_op+0x1c/0x50 [ 220.469065] ? asm_exc_invalid_op+0x1f/0x30 [ 220.470363] ? drm_framebuffer_init+0x44/0x300 [ 220.470768] ? add_dr+0xc1/0x1d0 [ 220.471190] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 220.471971] ? add_dr+0x148/0x1d0 [ 220.473003] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 220.474118] ? __drmm_add_action+0x1a4/0x280 [ 220.474510] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.475712] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.476156] ? read_hpet+0x1f0/0x230 [ 220.477442] ? ktime_get_ts64+0x84/0x230 [ 220.477905] ? __schedule+0xc3e/0x2790 [ 220.478772] ? ktime_get_ts64+0x84/0x230 [ 220.479162] kunit_try_run_case+0x1b3/0x490 [ 220.479429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.481904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 220.482927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 220.484236] ? __kthread_parkme+0x82/0x160 [ 220.484637] ? preempt_count_sub+0x50/0x80 [ 220.485379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.486815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 220.487789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 220.488264] kthread+0x257/0x310 [ 220.489105] ? __pfx_kthread+0x10/0x10 [ 220.491107] ret_from_fork+0x41/0x80 [ 220.491732] ? __pfx_kthread+0x10/0x10 [ 220.492331] ret_from_fork_asm+0x1a/0x30 [ 220.493085] </TASK> [ 220.493817] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 220.366069] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 220.367409] WARNING: CPU: 0 PID: 2029 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 220.369962] Modules linked in: [ 220.370977] CPU: 0 UID: 0 PID: 2029 Comm: kunit_try_catch Tainted: G B D N 6.12.0-next-20241126 #1 [ 220.371841] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 220.372845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 220.373803] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 220.374266] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 54 1c 80 00 48 c7 c1 00 12 9b 93 4c 89 fa 48 c7 c7 60 12 9b 93 48 89 c6 e8 5b 80 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 220.376711] RSP: 0000:ffff88810593fbd8 EFLAGS: 00010282 [ 220.377160] RAX: 0000000000000000 RBX: ffff88810593fcb0 RCX: 1ffffffff28e42ec [ 220.377581] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 220.378657] RBP: ffff88810593fc00 R08: 0000000000000000 R09: fffffbfff28e42ec [ 220.380027] R10: 0000000000000003 R11: 00000000000263f8 R12: ffff88810593fc88 [ 220.380734] R13: ffff888105796000 R14: ffff888105a6e000 R15: ffff8881051ead80 [ 220.381304] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 220.382179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.383976] CR2: 00007ffff7ffe000 CR3: 0000000011ab8000 CR4: 00000000000006f0 [ 220.384909] DR0: ffffffff959eb1a0 DR1: ffffffff959eb1a1 DR2: ffffffff959eb1a2 [ 220.385426] DR3: ffffffff959eb1a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 220.386824] Call Trace: [ 220.387259] <TASK> [ 220.387656] ? show_regs+0x68/0x80 [ 220.387927] ? __warn+0xd5/0x260 [ 220.388084] ? drm_framebuffer_free+0x136/0x1b0 [ 220.389633] ? report_bug+0x278/0x2e0 [ 220.390126] ? handle_bug+0x5c/0xb0 [ 220.390824] ? exc_invalid_op+0x1c/0x50 [ 220.391557] ? asm_exc_invalid_op+0x1f/0x30 [ 220.391934] ? drm_framebuffer_free+0x136/0x1b0 [ 220.392916] ? drm_framebuffer_free+0x135/0x1b0 [ 220.393929] drm_test_framebuffer_free+0x1ac/0x610 [ 220.394792] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 220.395771] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.396788] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.397881] ? read_hpet+0x1f0/0x230 [ 220.398542] ? ktime_get_ts64+0x84/0x230 [ 220.398924] ? __schedule+0xc3e/0x2790 [ 220.399450] ? ktime_get_ts64+0x84/0x230 [ 220.400360] kunit_try_run_case+0x1b3/0x490 [ 220.401235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.401235] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 220.402897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 220.403439] ? __kthread_parkme+0x82/0x160 [ 220.403624] ? preempt_count_sub+0x50/0x80 [ 220.403927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.404922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 220.406056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 220.406874] kthread+0x257/0x310 [ 220.407198] ? __pfx_kthread+0x10/0x10 [ 220.408052] ret_from_fork+0x41/0x80 [ 220.409260] ? __pfx_kthread+0x10/0x10 [ 220.409754] ret_from_fork_asm+0x1a/0x30 [ 220.410153] </TASK> [ 220.411358] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset
[ 25.541142] ================================================================== [ 25.541142] BUG: KFENCE: memory corruption in kmalloc_oob_memset_8+0x188/0x330 [ 25.541142] [ 25.541142] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#68): [ 25.541142] kmalloc_oob_memset_8+0x188/0x330 [ 25.541142] kunit_try_run_case+0x1b3/0x490 [ 25.541142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.541142] kthread+0x257/0x310 [ 25.541142] ret_from_fork+0x41/0x80 [ 25.541142] ret_from_fork_asm+0x1a/0x30 [ 25.541142] [ 25.541142] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 25.541142] [ 25.541142] allocated by task 185 on cpu 0 at 25.536799s (0.004343s ago): [ 25.541142] kmalloc_oob_memset_8+0xad/0x330 [ 25.541142] kunit_try_run_case+0x1b3/0x490 [ 25.541142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.541142] kthread+0x257/0x310 [ 25.541142] ret_from_fork+0x41/0x80 [ 25.541142] ret_from_fork_asm+0x1a/0x30 [ 25.541142] [ 25.541142] freed by task 185 on cpu 0 at 25.540452s (0.000690s ago): [ 25.541142] kmalloc_oob_memset_8+0x188/0x330 [ 25.541142] kunit_try_run_case+0x1b3/0x490 [ 25.541142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.541142] kthread+0x257/0x310 [ 25.541142] ret_from_fork+0x41/0x80 [ 25.541142] ret_from_fork_asm+0x1a/0x30 [ 25.541142] [ 25.541142] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.541142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.541142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.541142] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 32.951293] ================================================================== [ 32.951902] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 32.952167] Write of size 1 at addr ffff8881028f6c78 by task kunit_try_catch/294 [ 32.952167] [ 32.952167] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.952167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.952167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.952167] Call Trace: [ 32.952167] <TASK> [ 32.952167] dump_stack_lvl+0x73/0xb0 [ 32.952167] print_report+0xd1/0x640 [ 32.952167] ? __virt_addr_valid+0x1db/0x2d0 [ 32.952167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.952167] kasan_report+0x102/0x140 [ 32.952167] ? strncpy_from_user+0x1a7/0x1e0 [ 32.952167] ? strncpy_from_user+0x1a7/0x1e0 [ 32.952167] __asan_report_store1_noabort+0x1b/0x30 [ 32.952167] strncpy_from_user+0x1a7/0x1e0 [ 32.952167] copy_user_test_oob+0x761/0x10f0 [ 32.952167] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.952167] ? __switch_to+0x5d9/0xf60 [ 32.952167] ? __schedule+0xc3e/0x2790 [ 32.952167] ? ktime_get_ts64+0x84/0x230 [ 32.952167] kunit_try_run_case+0x1b3/0x490 [ 32.952167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.952167] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.952167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.952167] ? __kthread_parkme+0x82/0x160 [ 32.952167] ? preempt_count_sub+0x50/0x80 [ 32.952167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.952167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.952167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.952167] kthread+0x257/0x310 [ 32.952167] ? __pfx_kthread+0x10/0x10 [ 32.952167] ret_from_fork+0x41/0x80 [ 32.952167] ? __pfx_kthread+0x10/0x10 [ 32.952167] ret_from_fork_asm+0x1a/0x30 [ 32.952167] </TASK> [ 32.952167] [ 32.952167] Allocated by task 294: [ 32.952167] kasan_save_stack+0x3d/0x60 [ 32.952167] kasan_save_track+0x18/0x40 [ 32.952167] kasan_save_alloc_info+0x3b/0x50 [ 32.952167] __kasan_kmalloc+0xb7/0xc0 [ 32.952167] __kmalloc_noprof+0x1c4/0x500 [ 32.952167] kunit_kmalloc_array+0x25/0x60 [ 32.952167] copy_user_test_oob+0xac/0x10f0 [ 32.952167] kunit_try_run_case+0x1b3/0x490 [ 32.952167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.952167] kthread+0x257/0x310 [ 32.952167] ret_from_fork+0x41/0x80 [ 32.952167] ret_from_fork_asm+0x1a/0x30 [ 32.952167] [ 32.952167] The buggy address belongs to the object at ffff8881028f6c00 [ 32.952167] which belongs to the cache kmalloc-128 of size 128 [ 32.952167] The buggy address is located 0 bytes to the right of [ 32.952167] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.952167] [ 32.952167] The buggy address belongs to the physical page: [ 32.952167] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.952167] flags: 0x200000000000000(node=0|zone=2) [ 32.952167] page_type: f5(slab) [ 32.952167] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.952167] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.952167] page dumped because: kasan: bad access detected [ 32.952167] [ 32.952167] Memory state around the buggy address: [ 32.952167] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.952167] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.952167] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.952167] ^ [ 32.952167] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.952167] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.952167] ================================================================== [ 32.909163] ================================================================== [ 32.909263] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 32.909263] Write of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.909263] [ 32.910304] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.913537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.913537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.913537] Call Trace: [ 32.913537] <TASK> [ 32.913537] dump_stack_lvl+0x73/0xb0 [ 32.913537] print_report+0xd1/0x640 [ 32.913537] ? __virt_addr_valid+0x1db/0x2d0 [ 32.913537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.913537] kasan_report+0x102/0x140 [ 32.913537] ? strncpy_from_user+0x2e/0x1e0 [ 32.913537] ? strncpy_from_user+0x2e/0x1e0 [ 32.913537] kasan_check_range+0x10c/0x1c0 [ 32.913537] __kasan_check_write+0x18/0x20 [ 32.913537] strncpy_from_user+0x2e/0x1e0 [ 32.913537] ? __kasan_check_read+0x15/0x20 [ 32.913537] copy_user_test_oob+0x761/0x10f0 [ 32.913537] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.913537] ? __switch_to+0x5d9/0xf60 [ 32.913537] ? __schedule+0xc3e/0x2790 [ 32.913537] ? ktime_get_ts64+0x84/0x230 [ 32.913537] kunit_try_run_case+0x1b3/0x490 [ 32.913537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.913537] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.913537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.913537] ? __kthread_parkme+0x82/0x160 [ 32.913537] ? preempt_count_sub+0x50/0x80 [ 32.913537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.913537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.913537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.913537] kthread+0x257/0x310 [ 32.913537] ? __pfx_kthread+0x10/0x10 [ 32.913537] ret_from_fork+0x41/0x80 [ 32.913537] ? __pfx_kthread+0x10/0x10 [ 32.913537] ret_from_fork_asm+0x1a/0x30 [ 32.913537] </TASK> [ 32.913537] [ 32.913537] Allocated by task 294: [ 32.913537] kasan_save_stack+0x3d/0x60 [ 32.913537] kasan_save_track+0x18/0x40 [ 32.913537] kasan_save_alloc_info+0x3b/0x50 [ 32.913537] __kasan_kmalloc+0xb7/0xc0 [ 32.913537] __kmalloc_noprof+0x1c4/0x500 [ 32.913537] kunit_kmalloc_array+0x25/0x60 [ 32.913537] copy_user_test_oob+0xac/0x10f0 [ 32.913537] kunit_try_run_case+0x1b3/0x490 [ 32.913537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.913537] kthread+0x257/0x310 [ 32.913537] ret_from_fork+0x41/0x80 [ 32.913537] ret_from_fork_asm+0x1a/0x30 [ 32.913537] [ 32.913537] The buggy address belongs to the object at ffff8881028f6c00 [ 32.913537] which belongs to the cache kmalloc-128 of size 128 [ 32.913537] The buggy address is located 0 bytes inside of [ 32.913537] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.913537] [ 32.913537] The buggy address belongs to the physical page: [ 32.913537] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.913537] flags: 0x200000000000000(node=0|zone=2) [ 32.913537] page_type: f5(slab) [ 32.913537] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.913537] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.913537] page dumped because: kasan: bad access detected [ 32.913537] [ 32.913537] Memory state around the buggy address: [ 32.913537] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.913537] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.913537] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.913537] ^ [ 32.913537] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.913537] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.913537] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 32.788316] ================================================================== [ 32.788828] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 32.788828] Read of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.788828] [ 32.788828] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.788828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.788828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.788828] Call Trace: [ 32.788828] <TASK> [ 32.788828] dump_stack_lvl+0x73/0xb0 [ 32.788828] print_report+0xd1/0x640 [ 32.788828] ? __virt_addr_valid+0x1db/0x2d0 [ 32.788828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.788828] kasan_report+0x102/0x140 [ 32.788828] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.788828] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.788828] kasan_check_range+0x10c/0x1c0 [ 32.788828] __kasan_check_read+0x15/0x20 [ 32.788828] copy_user_test_oob+0x4ab/0x10f0 [ 32.788828] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.788828] ? __switch_to+0x5d9/0xf60 [ 32.788828] ? __schedule+0xc3e/0x2790 [ 32.788828] ? ktime_get_ts64+0x84/0x230 [ 32.788828] kunit_try_run_case+0x1b3/0x490 [ 32.788828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.788828] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.788828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.788828] ? __kthread_parkme+0x82/0x160 [ 32.788828] ? preempt_count_sub+0x50/0x80 [ 32.788828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.788828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.788828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.788828] kthread+0x257/0x310 [ 32.788828] ? __pfx_kthread+0x10/0x10 [ 32.788828] ret_from_fork+0x41/0x80 [ 32.788828] ? __pfx_kthread+0x10/0x10 [ 32.788828] ret_from_fork_asm+0x1a/0x30 [ 32.788828] </TASK> [ 32.788828] [ 32.788828] Allocated by task 294: [ 32.788828] kasan_save_stack+0x3d/0x60 [ 32.788828] kasan_save_track+0x18/0x40 [ 32.788828] kasan_save_alloc_info+0x3b/0x50 [ 32.788828] __kasan_kmalloc+0xb7/0xc0 [ 32.788828] __kmalloc_noprof+0x1c4/0x500 [ 32.788828] kunit_kmalloc_array+0x25/0x60 [ 32.788828] copy_user_test_oob+0xac/0x10f0 [ 32.788828] kunit_try_run_case+0x1b3/0x490 [ 32.788828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.788828] kthread+0x257/0x310 [ 32.788828] ret_from_fork+0x41/0x80 [ 32.788828] ret_from_fork_asm+0x1a/0x30 [ 32.788828] [ 32.788828] The buggy address belongs to the object at ffff8881028f6c00 [ 32.788828] which belongs to the cache kmalloc-128 of size 128 [ 32.788828] The buggy address is located 0 bytes inside of [ 32.788828] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.788828] [ 32.788828] The buggy address belongs to the physical page: [ 32.788828] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.788828] flags: 0x200000000000000(node=0|zone=2) [ 32.788828] page_type: f5(slab) [ 32.788828] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.788828] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.788828] page dumped because: kasan: bad access detected [ 32.788828] [ 32.788828] Memory state around the buggy address: [ 32.788828] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.788828] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.788828] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.788828] ^ [ 32.788828] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.788828] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.788828] ================================================================== [ 32.865825] ================================================================== [ 32.866214] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 32.866214] Read of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.866214] [ 32.866214] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.866403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.866403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.866403] Call Trace: [ 32.866403] <TASK> [ 32.866403] dump_stack_lvl+0x73/0xb0 [ 32.866403] print_report+0xd1/0x640 [ 32.866403] ? __virt_addr_valid+0x1db/0x2d0 [ 32.866403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.866403] kasan_report+0x102/0x140 [ 32.866403] ? copy_user_test_oob+0x605/0x10f0 [ 32.866403] ? copy_user_test_oob+0x605/0x10f0 [ 32.866403] kasan_check_range+0x10c/0x1c0 [ 32.866403] __kasan_check_read+0x15/0x20 [ 32.866403] copy_user_test_oob+0x605/0x10f0 [ 32.866403] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.866403] ? __switch_to+0x5d9/0xf60 [ 32.866403] ? __schedule+0xc3e/0x2790 [ 32.866403] ? ktime_get_ts64+0x84/0x230 [ 32.866403] kunit_try_run_case+0x1b3/0x490 [ 32.866403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.866403] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.866403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.866403] ? __kthread_parkme+0x82/0x160 [ 32.866403] ? preempt_count_sub+0x50/0x80 [ 32.866403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.866403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.866403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.866403] kthread+0x257/0x310 [ 32.866403] ? __pfx_kthread+0x10/0x10 [ 32.866403] ret_from_fork+0x41/0x80 [ 32.866403] ? __pfx_kthread+0x10/0x10 [ 32.866403] ret_from_fork_asm+0x1a/0x30 [ 32.866403] </TASK> [ 32.866403] [ 32.866403] Allocated by task 294: [ 32.866403] kasan_save_stack+0x3d/0x60 [ 32.866403] kasan_save_track+0x18/0x40 [ 32.866403] kasan_save_alloc_info+0x3b/0x50 [ 32.866403] __kasan_kmalloc+0xb7/0xc0 [ 32.866403] __kmalloc_noprof+0x1c4/0x500 [ 32.866403] kunit_kmalloc_array+0x25/0x60 [ 32.866403] copy_user_test_oob+0xac/0x10f0 [ 32.866403] kunit_try_run_case+0x1b3/0x490 [ 32.866403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.866403] kthread+0x257/0x310 [ 32.866403] ret_from_fork+0x41/0x80 [ 32.866403] ret_from_fork_asm+0x1a/0x30 [ 32.866403] [ 32.866403] The buggy address belongs to the object at ffff8881028f6c00 [ 32.866403] which belongs to the cache kmalloc-128 of size 128 [ 32.866403] The buggy address is located 0 bytes inside of [ 32.866403] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.866403] [ 32.866403] The buggy address belongs to the physical page: [ 32.866403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.866403] flags: 0x200000000000000(node=0|zone=2) [ 32.866403] page_type: f5(slab) [ 32.866403] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.866403] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.866403] page dumped because: kasan: bad access detected [ 32.866403] [ 32.866403] Memory state around the buggy address: [ 32.866403] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.866403] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.866403] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.866403] ^ [ 32.866403] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.866403] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.866403] ================================================================== [ 32.829039] ================================================================== [ 32.829517] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 32.829517] Write of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.829517] [ 32.829517] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.830793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.830793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.830793] Call Trace: [ 32.830793] <TASK> [ 32.830793] dump_stack_lvl+0x73/0xb0 [ 32.830793] print_report+0xd1/0x640 [ 32.830793] ? __virt_addr_valid+0x1db/0x2d0 [ 32.830793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.830793] kasan_report+0x102/0x140 [ 32.830793] ? copy_user_test_oob+0x558/0x10f0 [ 32.830793] ? copy_user_test_oob+0x558/0x10f0 [ 32.830793] kasan_check_range+0x10c/0x1c0 [ 32.830793] __kasan_check_write+0x18/0x20 [ 32.830793] copy_user_test_oob+0x558/0x10f0 [ 32.830793] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.830793] ? __switch_to+0x5d9/0xf60 [ 32.830793] ? __schedule+0xc3e/0x2790 [ 32.830793] ? ktime_get_ts64+0x84/0x230 [ 32.830793] kunit_try_run_case+0x1b3/0x490 [ 32.830793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.830793] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.830793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.830793] ? __kthread_parkme+0x82/0x160 [ 32.830793] ? preempt_count_sub+0x50/0x80 [ 32.830793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.830793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.830793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.830793] kthread+0x257/0x310 [ 32.830793] ? __pfx_kthread+0x10/0x10 [ 32.830793] ret_from_fork+0x41/0x80 [ 32.830793] ? __pfx_kthread+0x10/0x10 [ 32.830793] ret_from_fork_asm+0x1a/0x30 [ 32.830793] </TASK> [ 32.830793] [ 32.830793] Allocated by task 294: [ 32.830793] kasan_save_stack+0x3d/0x60 [ 32.830793] kasan_save_track+0x18/0x40 [ 32.830793] kasan_save_alloc_info+0x3b/0x50 [ 32.830793] __kasan_kmalloc+0xb7/0xc0 [ 32.830793] __kmalloc_noprof+0x1c4/0x500 [ 32.830793] kunit_kmalloc_array+0x25/0x60 [ 32.830793] copy_user_test_oob+0xac/0x10f0 [ 32.830793] kunit_try_run_case+0x1b3/0x490 [ 32.830793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.830793] kthread+0x257/0x310 [ 32.830793] ret_from_fork+0x41/0x80 [ 32.830793] ret_from_fork_asm+0x1a/0x30 [ 32.830793] [ 32.830793] The buggy address belongs to the object at ffff8881028f6c00 [ 32.830793] which belongs to the cache kmalloc-128 of size 128 [ 32.830793] The buggy address is located 0 bytes inside of [ 32.830793] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.830793] [ 32.830793] The buggy address belongs to the physical page: [ 32.830793] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.830793] flags: 0x200000000000000(node=0|zone=2) [ 32.830793] page_type: f5(slab) [ 32.830793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.830793] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.830793] page dumped because: kasan: bad access detected [ 32.830793] [ 32.830793] Memory state around the buggy address: [ 32.830793] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.830793] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.830793] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.830793] ^ [ 32.830793] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.830793] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.830793] ================================================================== [ 32.749823] ================================================================== [ 32.750130] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 32.750130] Write of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.750130] [ 32.750130] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.750130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.750130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.750130] Call Trace: [ 32.750130] <TASK> [ 32.750130] dump_stack_lvl+0x73/0xb0 [ 32.750130] print_report+0xd1/0x640 [ 32.750130] ? __virt_addr_valid+0x1db/0x2d0 [ 32.750130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.750130] kasan_report+0x102/0x140 [ 32.750130] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.750130] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.750130] kasan_check_range+0x10c/0x1c0 [ 32.750130] __kasan_check_write+0x18/0x20 [ 32.750130] copy_user_test_oob+0x3fe/0x10f0 [ 32.750130] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.750130] ? __switch_to+0x5d9/0xf60 [ 32.750130] ? __schedule+0xc3e/0x2790 [ 32.750130] ? ktime_get_ts64+0x84/0x230 [ 32.750130] kunit_try_run_case+0x1b3/0x490 [ 32.750130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.750130] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.750130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.750130] ? __kthread_parkme+0x82/0x160 [ 32.750130] ? preempt_count_sub+0x50/0x80 [ 32.750130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.750130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.750130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.750130] kthread+0x257/0x310 [ 32.750130] ? __pfx_kthread+0x10/0x10 [ 32.750130] ret_from_fork+0x41/0x80 [ 32.750130] ? __pfx_kthread+0x10/0x10 [ 32.750130] ret_from_fork_asm+0x1a/0x30 [ 32.750130] </TASK> [ 32.750130] [ 32.750130] Allocated by task 294: [ 32.750130] kasan_save_stack+0x3d/0x60 [ 32.750130] kasan_save_track+0x18/0x40 [ 32.750130] kasan_save_alloc_info+0x3b/0x50 [ 32.750130] __kasan_kmalloc+0xb7/0xc0 [ 32.750130] __kmalloc_noprof+0x1c4/0x500 [ 32.750130] kunit_kmalloc_array+0x25/0x60 [ 32.750130] copy_user_test_oob+0xac/0x10f0 [ 32.750130] kunit_try_run_case+0x1b3/0x490 [ 32.750130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.750130] kthread+0x257/0x310 [ 32.750130] ret_from_fork+0x41/0x80 [ 32.750130] ret_from_fork_asm+0x1a/0x30 [ 32.750130] [ 32.750130] The buggy address belongs to the object at ffff8881028f6c00 [ 32.750130] which belongs to the cache kmalloc-128 of size 128 [ 32.750130] The buggy address is located 0 bytes inside of [ 32.750130] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.750130] [ 32.750130] The buggy address belongs to the physical page: [ 32.750130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.750130] flags: 0x200000000000000(node=0|zone=2) [ 32.750130] page_type: f5(slab) [ 32.750130] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.750130] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.750130] page dumped because: kasan: bad access detected [ 32.750130] [ 32.750130] Memory state around the buggy address: [ 32.750130] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.750130] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.750130] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.750130] ^ [ 32.750130] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.750130] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.750130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 32.704475] ================================================================== [ 32.705122] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 32.705136] Read of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.705136] [ 32.705136] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.705136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.705136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.705136] Call Trace: [ 32.705136] <TASK> [ 32.705136] dump_stack_lvl+0x73/0xb0 [ 32.705136] print_report+0xd1/0x640 [ 32.705136] ? __virt_addr_valid+0x1db/0x2d0 [ 32.705136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.705136] kasan_report+0x102/0x140 [ 32.705136] ? _copy_to_user+0x4a/0x70 [ 32.705136] ? _copy_to_user+0x4a/0x70 [ 32.705136] kasan_check_range+0x10c/0x1c0 [ 32.705136] __kasan_check_read+0x15/0x20 [ 32.705136] _copy_to_user+0x4a/0x70 [ 32.705136] copy_user_test_oob+0x365/0x10f0 [ 32.705136] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.705136] ? __switch_to+0x5d9/0xf60 [ 32.705136] ? __schedule+0xc3e/0x2790 [ 32.705136] ? ktime_get_ts64+0x84/0x230 [ 32.705136] kunit_try_run_case+0x1b3/0x490 [ 32.705136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.705136] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.705136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.705136] ? __kthread_parkme+0x82/0x160 [ 32.705136] ? preempt_count_sub+0x50/0x80 [ 32.705136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.705136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.705136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.705136] kthread+0x257/0x310 [ 32.705136] ? __pfx_kthread+0x10/0x10 [ 32.705136] ret_from_fork+0x41/0x80 [ 32.705136] ? __pfx_kthread+0x10/0x10 [ 32.705136] ret_from_fork_asm+0x1a/0x30 [ 32.705136] </TASK> [ 32.705136] [ 32.705136] Allocated by task 294: [ 32.705136] kasan_save_stack+0x3d/0x60 [ 32.705136] kasan_save_track+0x18/0x40 [ 32.705136] kasan_save_alloc_info+0x3b/0x50 [ 32.705136] __kasan_kmalloc+0xb7/0xc0 [ 32.705136] __kmalloc_noprof+0x1c4/0x500 [ 32.705136] kunit_kmalloc_array+0x25/0x60 [ 32.705136] copy_user_test_oob+0xac/0x10f0 [ 32.705136] kunit_try_run_case+0x1b3/0x490 [ 32.705136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.705136] kthread+0x257/0x310 [ 32.705136] ret_from_fork+0x41/0x80 [ 32.705136] ret_from_fork_asm+0x1a/0x30 [ 32.705136] [ 32.705136] The buggy address belongs to the object at ffff8881028f6c00 [ 32.705136] which belongs to the cache kmalloc-128 of size 128 [ 32.705136] The buggy address is located 0 bytes inside of [ 32.705136] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.705136] [ 32.705136] The buggy address belongs to the physical page: [ 32.705136] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.705136] flags: 0x200000000000000(node=0|zone=2) [ 32.705136] page_type: f5(slab) [ 32.705136] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.705136] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.705136] page dumped because: kasan: bad access detected [ 32.705136] [ 32.705136] Memory state around the buggy address: [ 32.705136] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.705136] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.705136] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.705136] ^ [ 32.705136] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.705136] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.705136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 32.659303] ================================================================== [ 32.660130] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 32.660130] Write of size 121 at addr ffff8881028f6c00 by task kunit_try_catch/294 [ 32.660130] [ 32.660130] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.660130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.660130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.660130] Call Trace: [ 32.660130] <TASK> [ 32.660130] dump_stack_lvl+0x73/0xb0 [ 32.660130] print_report+0xd1/0x640 [ 32.660130] ? __virt_addr_valid+0x1db/0x2d0 [ 32.660130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.660130] kasan_report+0x102/0x140 [ 32.660130] ? _copy_from_user+0x33/0xa0 [ 32.660130] ? _copy_from_user+0x33/0xa0 [ 32.660130] kasan_check_range+0x10c/0x1c0 [ 32.660130] __kasan_check_write+0x18/0x20 [ 32.660130] _copy_from_user+0x33/0xa0 [ 32.660130] copy_user_test_oob+0x2bf/0x10f0 [ 32.660130] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.660130] ? __switch_to+0x5d9/0xf60 [ 32.660130] ? __schedule+0xc3e/0x2790 [ 32.660130] ? ktime_get_ts64+0x84/0x230 [ 32.660130] kunit_try_run_case+0x1b3/0x490 [ 32.660130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.660130] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.660130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.660130] ? __kthread_parkme+0x82/0x160 [ 32.660130] ? preempt_count_sub+0x50/0x80 [ 32.660130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.660130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.660130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.660130] kthread+0x257/0x310 [ 32.660130] ? __pfx_kthread+0x10/0x10 [ 32.660130] ret_from_fork+0x41/0x80 [ 32.660130] ? __pfx_kthread+0x10/0x10 [ 32.660130] ret_from_fork_asm+0x1a/0x30 [ 32.660130] </TASK> [ 32.660130] [ 32.660130] Allocated by task 294: [ 32.660130] kasan_save_stack+0x3d/0x60 [ 32.660130] kasan_save_track+0x18/0x40 [ 32.660130] kasan_save_alloc_info+0x3b/0x50 [ 32.660130] __kasan_kmalloc+0xb7/0xc0 [ 32.660130] __kmalloc_noprof+0x1c4/0x500 [ 32.660130] kunit_kmalloc_array+0x25/0x60 [ 32.660130] copy_user_test_oob+0xac/0x10f0 [ 32.660130] kunit_try_run_case+0x1b3/0x490 [ 32.660130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.660130] kthread+0x257/0x310 [ 32.660130] ret_from_fork+0x41/0x80 [ 32.660130] ret_from_fork_asm+0x1a/0x30 [ 32.660130] [ 32.660130] The buggy address belongs to the object at ffff8881028f6c00 [ 32.660130] which belongs to the cache kmalloc-128 of size 128 [ 32.660130] The buggy address is located 0 bytes inside of [ 32.660130] allocated 120-byte region [ffff8881028f6c00, ffff8881028f6c78) [ 32.660130] [ 32.660130] The buggy address belongs to the physical page: [ 32.660130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028f6 [ 32.660130] flags: 0x200000000000000(node=0|zone=2) [ 32.660130] page_type: f5(slab) [ 32.660130] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.660130] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.660130] page dumped because: kasan: bad access detected [ 32.660130] [ 32.660130] Memory state around the buggy address: [ 32.660130] ffff8881028f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.660130] ffff8881028f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.660130] >ffff8881028f6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.660130] ^ [ 32.660130] ffff8881028f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.660130] ffff8881028f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.660130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 32.552991] ================================================================== [ 32.553258] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 32.553258] Read of size 8 at addr ffff88810294dd78 by task kunit_try_catch/290 [ 32.553258] [ 32.553258] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.553258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.553258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.553258] Call Trace: [ 32.553258] <TASK> [ 32.553258] dump_stack_lvl+0x73/0xb0 [ 32.553258] print_report+0xd1/0x640 [ 32.553258] ? __virt_addr_valid+0x1db/0x2d0 [ 32.553258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.553258] kasan_report+0x102/0x140 [ 32.553258] ? copy_to_kernel_nofault+0x225/0x260 [ 32.553258] ? copy_to_kernel_nofault+0x225/0x260 [ 32.553258] __asan_report_load8_noabort+0x18/0x20 [ 32.553258] copy_to_kernel_nofault+0x225/0x260 [ 32.553258] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 32.553258] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.553258] ? trace_hardirqs_on+0x37/0xe0 [ 32.553258] ? read_hpet+0x1f0/0x230 [ 32.553258] ? __pfx_read_hpet+0x10/0x10 [ 32.553258] ? ktime_get_ts64+0x84/0x230 [ 32.553258] kunit_try_run_case+0x1b3/0x490 [ 32.553258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.553258] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.553258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.553258] ? __kthread_parkme+0x82/0x160 [ 32.553258] ? preempt_count_sub+0x50/0x80 [ 32.553258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.553258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.553258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.553258] kthread+0x257/0x310 [ 32.553258] ? __pfx_kthread+0x10/0x10 [ 32.553258] ret_from_fork+0x41/0x80 [ 32.553258] ? __pfx_kthread+0x10/0x10 [ 32.553258] ret_from_fork_asm+0x1a/0x30 [ 32.553258] </TASK> [ 32.553258] [ 32.553258] Allocated by task 290: [ 32.553258] kasan_save_stack+0x3d/0x60 [ 32.553258] kasan_save_track+0x18/0x40 [ 32.553258] kasan_save_alloc_info+0x3b/0x50 [ 32.553258] __kasan_kmalloc+0xb7/0xc0 [ 32.553258] __kmalloc_cache_noprof+0x184/0x410 [ 32.553258] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.553258] kunit_try_run_case+0x1b3/0x490 [ 32.553258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.553258] kthread+0x257/0x310 [ 32.553258] ret_from_fork+0x41/0x80 [ 32.553258] ret_from_fork_asm+0x1a/0x30 [ 32.553258] [ 32.553258] The buggy address belongs to the object at ffff88810294dd00 [ 32.553258] which belongs to the cache kmalloc-128 of size 128 [ 32.553258] The buggy address is located 0 bytes to the right of [ 32.553258] allocated 120-byte region [ffff88810294dd00, ffff88810294dd78) [ 32.553258] [ 32.553258] The buggy address belongs to the physical page: [ 32.553258] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294d [ 32.553258] flags: 0x200000000000000(node=0|zone=2) [ 32.553258] page_type: f5(slab) [ 32.553258] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.553258] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.553258] page dumped because: kasan: bad access detected [ 32.553258] [ 32.553258] Memory state around the buggy address: [ 32.553258] ffff88810294dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.553258] ffff88810294dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.553258] >ffff88810294dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.553258] ^ [ 32.553258] ffff88810294dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.553258] ffff88810294de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.553258] ================================================================== [ 32.592191] ================================================================== [ 32.592191] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 32.592191] Write of size 8 at addr ffff88810294dd78 by task kunit_try_catch/290 [ 32.592191] [ 32.592191] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.592191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.592191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.592191] Call Trace: [ 32.592191] <TASK> [ 32.592191] dump_stack_lvl+0x73/0xb0 [ 32.592191] print_report+0xd1/0x640 [ 32.592191] ? __virt_addr_valid+0x1db/0x2d0 [ 32.592191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.592191] kasan_report+0x102/0x140 [ 32.592191] ? copy_to_kernel_nofault+0x99/0x260 [ 32.592191] ? copy_to_kernel_nofault+0x99/0x260 [ 32.592191] kasan_check_range+0x10c/0x1c0 [ 32.592191] __kasan_check_write+0x18/0x20 [ 32.592191] copy_to_kernel_nofault+0x99/0x260 [ 32.592191] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 32.592191] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.592191] ? trace_hardirqs_on+0x37/0xe0 [ 32.592191] ? read_hpet+0x1f0/0x230 [ 32.592191] ? __pfx_read_hpet+0x10/0x10 [ 32.592191] ? ktime_get_ts64+0x84/0x230 [ 32.592191] kunit_try_run_case+0x1b3/0x490 [ 32.592191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.592191] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.592191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.592191] ? __kthread_parkme+0x82/0x160 [ 32.592191] ? preempt_count_sub+0x50/0x80 [ 32.592191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.592191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.592191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.592191] kthread+0x257/0x310 [ 32.592191] ? __pfx_kthread+0x10/0x10 [ 32.592191] ret_from_fork+0x41/0x80 [ 32.592191] ? __pfx_kthread+0x10/0x10 [ 32.592191] ret_from_fork_asm+0x1a/0x30 [ 32.592191] </TASK> [ 32.592191] [ 32.592191] Allocated by task 290: [ 32.592191] kasan_save_stack+0x3d/0x60 [ 32.592191] kasan_save_track+0x18/0x40 [ 32.592191] kasan_save_alloc_info+0x3b/0x50 [ 32.592191] __kasan_kmalloc+0xb7/0xc0 [ 32.592191] __kmalloc_cache_noprof+0x184/0x410 [ 32.592191] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.592191] kunit_try_run_case+0x1b3/0x490 [ 32.592191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.592191] kthread+0x257/0x310 [ 32.592191] ret_from_fork+0x41/0x80 [ 32.592191] ret_from_fork_asm+0x1a/0x30 [ 32.592191] [ 32.592191] The buggy address belongs to the object at ffff88810294dd00 [ 32.592191] which belongs to the cache kmalloc-128 of size 128 [ 32.592191] The buggy address is located 0 bytes to the right of [ 32.592191] allocated 120-byte region [ffff88810294dd00, ffff88810294dd78) [ 32.592191] [ 32.592191] The buggy address belongs to the physical page: [ 32.592191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294d [ 32.592191] flags: 0x200000000000000(node=0|zone=2) [ 32.592191] page_type: f5(slab) [ 32.592191] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.592191] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.592191] page dumped because: kasan: bad access detected [ 32.592191] [ 32.592191] Memory state around the buggy address: [ 32.592191] ffff88810294dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.592191] ffff88810294dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.592191] >ffff88810294dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.592191] ^ [ 32.592191] ffff88810294dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.592191] ffff88810294de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.592191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 31.908355] ================================================================== [ 31.908706] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 31.910734] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.910734] [ 31.910734] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.910734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.910734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.910734] Call Trace: [ 31.910734] <TASK> [ 31.910734] dump_stack_lvl+0x73/0xb0 [ 31.910734] print_report+0xd1/0x640 [ 31.910734] ? __virt_addr_valid+0x1db/0x2d0 [ 31.910734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.910734] kasan_report+0x102/0x140 [ 31.910734] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.910734] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.910734] kasan_check_range+0x10c/0x1c0 [ 31.910734] __kasan_check_write+0x18/0x20 [ 31.910734] kasan_atomics_helper+0x1ce2/0x5450 [ 31.910734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.910734] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.910734] ? trace_hardirqs_on+0x37/0xe0 [ 31.910734] ? kasan_atomics+0x153/0x310 [ 31.910734] kasan_atomics+0x1dd/0x310 [ 31.910734] ? __pfx_kasan_atomics+0x10/0x10 [ 31.910734] ? __pfx_kasan_atomics+0x10/0x10 [ 31.910734] kunit_try_run_case+0x1b3/0x490 [ 31.910734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.910734] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.910734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.910734] ? __kthread_parkme+0x82/0x160 [ 31.910734] ? preempt_count_sub+0x50/0x80 [ 31.910734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.910734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.910734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.910734] kthread+0x257/0x310 [ 31.910734] ? __pfx_kthread+0x10/0x10 [ 31.910734] ret_from_fork+0x41/0x80 [ 31.910734] ? __pfx_kthread+0x10/0x10 [ 31.910734] ret_from_fork_asm+0x1a/0x30 [ 31.910734] </TASK> [ 31.910734] [ 31.910734] Allocated by task 274: [ 31.910734] kasan_save_stack+0x3d/0x60 [ 31.910734] kasan_save_track+0x18/0x40 [ 31.910734] kasan_save_alloc_info+0x3b/0x50 [ 31.910734] __kasan_kmalloc+0xb7/0xc0 [ 31.910734] __kmalloc_cache_noprof+0x184/0x410 [ 31.910734] kasan_atomics+0x96/0x310 [ 31.910734] kunit_try_run_case+0x1b3/0x490 [ 31.910734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.910734] kthread+0x257/0x310 [ 31.910734] ret_from_fork+0x41/0x80 [ 31.910734] ret_from_fork_asm+0x1a/0x30 [ 31.910734] [ 31.910734] The buggy address belongs to the object at ffff88810294b780 [ 31.910734] which belongs to the cache kmalloc-64 of size 64 [ 31.910734] The buggy address is located 0 bytes to the right of [ 31.910734] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.910734] [ 31.910734] The buggy address belongs to the physical page: [ 31.910734] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.910734] flags: 0x200000000000000(node=0|zone=2) [ 31.910734] page_type: f5(slab) [ 31.910734] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.910734] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.910734] page dumped because: kasan: bad access detected [ 31.910734] [ 31.910734] Memory state around the buggy address: [ 31.910734] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.910734] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.910734] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.910734] ^ [ 31.910734] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.910734] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.910734] ================================================================== [ 30.395289] ================================================================== [ 30.395351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 30.395351] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.395351] [ 30.395351] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.395351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.395351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.395351] Call Trace: [ 30.395351] <TASK> [ 30.395351] dump_stack_lvl+0x73/0xb0 [ 30.395351] print_report+0xd1/0x640 [ 30.395351] ? __virt_addr_valid+0x1db/0x2d0 [ 30.395351] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.395351] kasan_report+0x102/0x140 [ 30.395351] ? kasan_atomics_helper+0xac8/0x5450 [ 30.395351] ? kasan_atomics_helper+0xac8/0x5450 [ 30.395351] kasan_check_range+0x10c/0x1c0 [ 30.395351] __kasan_check_write+0x18/0x20 [ 30.395351] kasan_atomics_helper+0xac8/0x5450 [ 30.395351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.395351] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.395351] ? trace_hardirqs_on+0x37/0xe0 [ 30.395351] ? kasan_atomics+0x153/0x310 [ 30.395351] kasan_atomics+0x1dd/0x310 [ 30.395351] ? __pfx_kasan_atomics+0x10/0x10 [ 30.395351] ? __pfx_kasan_atomics+0x10/0x10 [ 30.395351] kunit_try_run_case+0x1b3/0x490 [ 30.395351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.395351] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.395351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.395351] ? __kthread_parkme+0x82/0x160 [ 30.395351] ? preempt_count_sub+0x50/0x80 [ 30.395351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.395351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.395351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.395351] kthread+0x257/0x310 [ 30.395351] ? __pfx_kthread+0x10/0x10 [ 30.395351] ret_from_fork+0x41/0x80 [ 30.395351] ? __pfx_kthread+0x10/0x10 [ 30.395351] ret_from_fork_asm+0x1a/0x30 [ 30.395351] </TASK> [ 30.395351] [ 30.395351] Allocated by task 274: [ 30.395351] kasan_save_stack+0x3d/0x60 [ 30.395351] kasan_save_track+0x18/0x40 [ 30.395351] kasan_save_alloc_info+0x3b/0x50 [ 30.395351] __kasan_kmalloc+0xb7/0xc0 [ 30.395351] __kmalloc_cache_noprof+0x184/0x410 [ 30.395351] kasan_atomics+0x96/0x310 [ 30.395351] kunit_try_run_case+0x1b3/0x490 [ 30.395351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.395351] kthread+0x257/0x310 [ 30.395351] ret_from_fork+0x41/0x80 [ 30.395351] ret_from_fork_asm+0x1a/0x30 [ 30.395351] [ 30.395351] The buggy address belongs to the object at ffff88810294b780 [ 30.395351] which belongs to the cache kmalloc-64 of size 64 [ 30.395351] The buggy address is located 0 bytes to the right of [ 30.395351] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.395351] [ 30.395351] The buggy address belongs to the physical page: [ 30.395351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.395351] flags: 0x200000000000000(node=0|zone=2) [ 30.395351] page_type: f5(slab) [ 30.395351] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.395351] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.395351] page dumped because: kasan: bad access detected [ 30.395351] [ 30.395351] Memory state around the buggy address: [ 30.395351] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.395351] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.395351] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.395351] ^ [ 30.395351] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.395351] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.395351] ================================================================== [ 31.831481] ================================================================== [ 31.832082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 31.832337] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.832337] [ 31.832337] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.832337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.832337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.832337] Call Trace: [ 31.832337] <TASK> [ 31.832337] dump_stack_lvl+0x73/0xb0 [ 31.832337] print_report+0xd1/0x640 [ 31.837287] ? __virt_addr_valid+0x1db/0x2d0 [ 31.837287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.837287] kasan_report+0x102/0x140 [ 31.837287] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.837287] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.837287] kasan_check_range+0x10c/0x1c0 [ 31.837287] __kasan_check_write+0x18/0x20 [ 31.837287] kasan_atomics_helper+0x1c19/0x5450 [ 31.837287] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.837287] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.837287] ? trace_hardirqs_on+0x37/0xe0 [ 31.837287] ? kasan_atomics+0x153/0x310 [ 31.837287] kasan_atomics+0x1dd/0x310 [ 31.837287] ? __pfx_kasan_atomics+0x10/0x10 [ 31.837287] ? __pfx_kasan_atomics+0x10/0x10 [ 31.837287] kunit_try_run_case+0x1b3/0x490 [ 31.837287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.837287] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.837287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.837287] ? __kthread_parkme+0x82/0x160 [ 31.837287] ? preempt_count_sub+0x50/0x80 [ 31.837287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.837287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.837287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.837287] kthread+0x257/0x310 [ 31.837287] ? __pfx_kthread+0x10/0x10 [ 31.837287] ret_from_fork+0x41/0x80 [ 31.837287] ? __pfx_kthread+0x10/0x10 [ 31.837287] ret_from_fork_asm+0x1a/0x30 [ 31.837287] </TASK> [ 31.837287] [ 31.837287] Allocated by task 274: [ 31.837287] kasan_save_stack+0x3d/0x60 [ 31.837287] kasan_save_track+0x18/0x40 [ 31.837287] kasan_save_alloc_info+0x3b/0x50 [ 31.837287] __kasan_kmalloc+0xb7/0xc0 [ 31.837287] __kmalloc_cache_noprof+0x184/0x410 [ 31.837287] kasan_atomics+0x96/0x310 [ 31.837287] kunit_try_run_case+0x1b3/0x490 [ 31.837287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.837287] kthread+0x257/0x310 [ 31.837287] ret_from_fork+0x41/0x80 [ 31.837287] ret_from_fork_asm+0x1a/0x30 [ 31.837287] [ 31.837287] The buggy address belongs to the object at ffff88810294b780 [ 31.837287] which belongs to the cache kmalloc-64 of size 64 [ 31.837287] The buggy address is located 0 bytes to the right of [ 31.837287] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.837287] [ 31.837287] The buggy address belongs to the physical page: [ 31.837287] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.837287] flags: 0x200000000000000(node=0|zone=2) [ 31.837287] page_type: f5(slab) [ 31.837287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.837287] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.837287] page dumped because: kasan: bad access detected [ 31.837287] [ 31.837287] Memory state around the buggy address: [ 31.837287] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.837287] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.837287] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.837287] ^ [ 31.837287] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.837287] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.837287] ================================================================== [ 31.870865] ================================================================== [ 31.871579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 31.871579] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.871579] [ 31.871579] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.871579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.871579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.871579] Call Trace: [ 31.871579] <TASK> [ 31.871579] dump_stack_lvl+0x73/0xb0 [ 31.871579] print_report+0xd1/0x640 [ 31.871579] ? __virt_addr_valid+0x1db/0x2d0 [ 31.871579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.871579] kasan_report+0x102/0x140 [ 31.871579] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.871579] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.871579] __asan_report_load8_noabort+0x18/0x20 [ 31.871579] kasan_atomics_helper+0x4f32/0x5450 [ 31.871579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.871579] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.871579] ? trace_hardirqs_on+0x37/0xe0 [ 31.871579] ? kasan_atomics+0x153/0x310 [ 31.871579] kasan_atomics+0x1dd/0x310 [ 31.871579] ? __pfx_kasan_atomics+0x10/0x10 [ 31.871579] ? __pfx_kasan_atomics+0x10/0x10 [ 31.871579] kunit_try_run_case+0x1b3/0x490 [ 31.871579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.871579] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.871579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.871579] ? __kthread_parkme+0x82/0x160 [ 31.871579] ? preempt_count_sub+0x50/0x80 [ 31.871579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.871579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.871579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.871579] kthread+0x257/0x310 [ 31.871579] ? __pfx_kthread+0x10/0x10 [ 31.871579] ret_from_fork+0x41/0x80 [ 31.871579] ? __pfx_kthread+0x10/0x10 [ 31.871579] ret_from_fork_asm+0x1a/0x30 [ 31.871579] </TASK> [ 31.871579] [ 31.871579] Allocated by task 274: [ 31.871579] kasan_save_stack+0x3d/0x60 [ 31.871579] kasan_save_track+0x18/0x40 [ 31.871579] kasan_save_alloc_info+0x3b/0x50 [ 31.871579] __kasan_kmalloc+0xb7/0xc0 [ 31.871579] __kmalloc_cache_noprof+0x184/0x410 [ 31.871579] kasan_atomics+0x96/0x310 [ 31.871579] kunit_try_run_case+0x1b3/0x490 [ 31.871579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.871579] kthread+0x257/0x310 [ 31.871579] ret_from_fork+0x41/0x80 [ 31.871579] ret_from_fork_asm+0x1a/0x30 [ 31.871579] [ 31.871579] The buggy address belongs to the object at ffff88810294b780 [ 31.871579] which belongs to the cache kmalloc-64 of size 64 [ 31.871579] The buggy address is located 0 bytes to the right of [ 31.871579] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.871579] [ 31.871579] The buggy address belongs to the physical page: [ 31.871579] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.871579] flags: 0x200000000000000(node=0|zone=2) [ 31.871579] page_type: f5(slab) [ 31.871579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.871579] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.871579] page dumped because: kasan: bad access detected [ 31.871579] [ 31.871579] Memory state around the buggy address: [ 31.871579] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.871579] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.871579] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.871579] ^ [ 31.871579] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.871579] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.871579] ================================================================== [ 31.542010] ================================================================== [ 31.543477] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 31.543477] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.543477] [ 31.543477] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.543477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.543477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.543477] Call Trace: [ 31.543477] <TASK> [ 31.543477] dump_stack_lvl+0x73/0xb0 [ 31.543477] print_report+0xd1/0x640 [ 31.543477] ? __virt_addr_valid+0x1db/0x2d0 [ 31.543477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.543477] kasan_report+0x102/0x140 [ 31.543477] ? kasan_atomics_helper+0x1780/0x5450 [ 31.543477] ? kasan_atomics_helper+0x1780/0x5450 [ 31.543477] kasan_check_range+0x10c/0x1c0 [ 31.543477] __kasan_check_write+0x18/0x20 [ 31.543477] kasan_atomics_helper+0x1780/0x5450 [ 31.543477] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.543477] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.543477] ? trace_hardirqs_on+0x37/0xe0 [ 31.543477] ? kasan_atomics+0x153/0x310 [ 31.543477] kasan_atomics+0x1dd/0x310 [ 31.543477] ? __pfx_kasan_atomics+0x10/0x10 [ 31.543477] ? __pfx_kasan_atomics+0x10/0x10 [ 31.543477] kunit_try_run_case+0x1b3/0x490 [ 31.543477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.543477] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.543477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.543477] ? __kthread_parkme+0x82/0x160 [ 31.543477] ? preempt_count_sub+0x50/0x80 [ 31.543477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.543477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.543477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.543477] kthread+0x257/0x310 [ 31.543477] ? __pfx_kthread+0x10/0x10 [ 31.543477] ret_from_fork+0x41/0x80 [ 31.543477] ? __pfx_kthread+0x10/0x10 [ 31.543477] ret_from_fork_asm+0x1a/0x30 [ 31.543477] </TASK> [ 31.543477] [ 31.543477] Allocated by task 274: [ 31.543477] kasan_save_stack+0x3d/0x60 [ 31.543477] kasan_save_track+0x18/0x40 [ 31.543477] kasan_save_alloc_info+0x3b/0x50 [ 31.543477] __kasan_kmalloc+0xb7/0xc0 [ 31.543477] __kmalloc_cache_noprof+0x184/0x410 [ 31.543477] kasan_atomics+0x96/0x310 [ 31.543477] kunit_try_run_case+0x1b3/0x490 [ 31.543477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.543477] kthread+0x257/0x310 [ 31.543477] ret_from_fork+0x41/0x80 [ 31.543477] ret_from_fork_asm+0x1a/0x30 [ 31.543477] [ 31.543477] The buggy address belongs to the object at ffff88810294b780 [ 31.543477] which belongs to the cache kmalloc-64 of size 64 [ 31.543477] The buggy address is located 0 bytes to the right of [ 31.543477] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.543477] [ 31.543477] The buggy address belongs to the physical page: [ 31.543477] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.543477] flags: 0x200000000000000(node=0|zone=2) [ 31.543477] page_type: f5(slab) [ 31.543477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.543477] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.543477] page dumped because: kasan: bad access detected [ 31.543477] [ 31.543477] Memory state around the buggy address: [ 31.543477] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.543477] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.543477] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.543477] ^ [ 31.543477] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.543477] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.543477] ================================================================== [ 32.285995] ================================================================== [ 32.288408] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 32.288408] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.288408] [ 32.288408] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.288408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.288408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.288408] Call Trace: [ 32.288408] <TASK> [ 32.288408] dump_stack_lvl+0x73/0xb0 [ 32.288408] print_report+0xd1/0x640 [ 32.288408] ? __virt_addr_valid+0x1db/0x2d0 [ 32.288408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.288408] kasan_report+0x102/0x140 [ 32.288408] ? kasan_atomics_helper+0x4fb4/0x5450 [ 32.288408] ? kasan_atomics_helper+0x4fb4/0x5450 [ 32.288408] __asan_report_load8_noabort+0x18/0x20 [ 32.288408] kasan_atomics_helper+0x4fb4/0x5450 [ 32.288408] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.288408] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.288408] ? trace_hardirqs_on+0x37/0xe0 [ 32.288408] ? kasan_atomics+0x153/0x310 [ 32.288408] kasan_atomics+0x1dd/0x310 [ 32.288408] ? __pfx_kasan_atomics+0x10/0x10 [ 32.288408] ? __pfx_kasan_atomics+0x10/0x10 [ 32.288408] kunit_try_run_case+0x1b3/0x490 [ 32.288408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.288408] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.288408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.288408] ? __kthread_parkme+0x82/0x160 [ 32.288408] ? preempt_count_sub+0x50/0x80 [ 32.288408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.288408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.288408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.288408] kthread+0x257/0x310 [ 32.288408] ? __pfx_kthread+0x10/0x10 [ 32.288408] ret_from_fork+0x41/0x80 [ 32.288408] ? __pfx_kthread+0x10/0x10 [ 32.288408] ret_from_fork_asm+0x1a/0x30 [ 32.288408] </TASK> [ 32.288408] [ 32.288408] Allocated by task 274: [ 32.288408] kasan_save_stack+0x3d/0x60 [ 32.288408] kasan_save_track+0x18/0x40 [ 32.288408] kasan_save_alloc_info+0x3b/0x50 [ 32.288408] __kasan_kmalloc+0xb7/0xc0 [ 32.288408] __kmalloc_cache_noprof+0x184/0x410 [ 32.288408] kasan_atomics+0x96/0x310 [ 32.288408] kunit_try_run_case+0x1b3/0x490 [ 32.288408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.288408] kthread+0x257/0x310 [ 32.288408] ret_from_fork+0x41/0x80 [ 32.288408] ret_from_fork_asm+0x1a/0x30 [ 32.288408] [ 32.288408] The buggy address belongs to the object at ffff88810294b780 [ 32.288408] which belongs to the cache kmalloc-64 of size 64 [ 32.288408] The buggy address is located 0 bytes to the right of [ 32.288408] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.288408] [ 32.288408] The buggy address belongs to the physical page: [ 32.288408] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.288408] flags: 0x200000000000000(node=0|zone=2) [ 32.288408] page_type: f5(slab) [ 32.288408] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.288408] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.288408] page dumped because: kasan: bad access detected [ 32.288408] [ 32.288408] Memory state around the buggy address: [ 32.288408] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.288408] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.288408] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.288408] ^ [ 32.288408] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.288408] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.288408] ================================================================== [ 31.093479] ================================================================== [ 31.093905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 31.094312] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.094312] [ 31.094312] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.094312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.094312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.094312] Call Trace: [ 31.094312] <TASK> [ 31.094312] dump_stack_lvl+0x73/0xb0 [ 31.094312] print_report+0xd1/0x640 [ 31.094312] ? __virt_addr_valid+0x1db/0x2d0 [ 31.094312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.094312] kasan_report+0x102/0x140 [ 31.094312] ? kasan_atomics_helper+0x12e7/0x5450 [ 31.094312] ? kasan_atomics_helper+0x12e7/0x5450 [ 31.094312] kasan_check_range+0x10c/0x1c0 [ 31.094312] __kasan_check_write+0x18/0x20 [ 31.094312] kasan_atomics_helper+0x12e7/0x5450 [ 31.094312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.094312] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.094312] ? trace_hardirqs_on+0x37/0xe0 [ 31.094312] ? kasan_atomics+0x153/0x310 [ 31.094312] kasan_atomics+0x1dd/0x310 [ 31.094312] ? __pfx_kasan_atomics+0x10/0x10 [ 31.094312] ? __pfx_kasan_atomics+0x10/0x10 [ 31.094312] kunit_try_run_case+0x1b3/0x490 [ 31.094312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.094312] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.094312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.094312] ? __kthread_parkme+0x82/0x160 [ 31.094312] ? preempt_count_sub+0x50/0x80 [ 31.094312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.094312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.094312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.094312] kthread+0x257/0x310 [ 31.094312] ? __pfx_kthread+0x10/0x10 [ 31.094312] ret_from_fork+0x41/0x80 [ 31.094312] ? __pfx_kthread+0x10/0x10 [ 31.094312] ret_from_fork_asm+0x1a/0x30 [ 31.094312] </TASK> [ 31.094312] [ 31.094312] Allocated by task 274: [ 31.094312] kasan_save_stack+0x3d/0x60 [ 31.094312] kasan_save_track+0x18/0x40 [ 31.094312] kasan_save_alloc_info+0x3b/0x50 [ 31.094312] __kasan_kmalloc+0xb7/0xc0 [ 31.094312] __kmalloc_cache_noprof+0x184/0x410 [ 31.094312] kasan_atomics+0x96/0x310 [ 31.094312] kunit_try_run_case+0x1b3/0x490 [ 31.094312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.094312] kthread+0x257/0x310 [ 31.094312] ret_from_fork+0x41/0x80 [ 31.094312] ret_from_fork_asm+0x1a/0x30 [ 31.094312] [ 31.094312] The buggy address belongs to the object at ffff88810294b780 [ 31.094312] which belongs to the cache kmalloc-64 of size 64 [ 31.094312] The buggy address is located 0 bytes to the right of [ 31.094312] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.094312] [ 31.094312] The buggy address belongs to the physical page: [ 31.094312] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.094312] flags: 0x200000000000000(node=0|zone=2) [ 31.094312] page_type: f5(slab) [ 31.094312] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.094312] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.094312] page dumped because: kasan: bad access detected [ 31.094312] [ 31.094312] Memory state around the buggy address: [ 31.094312] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.094312] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.094312] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.094312] ^ [ 31.094312] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.094312] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.094312] ================================================================== [ 29.842180] ================================================================== [ 29.842332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 29.842332] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.842332] [ 29.842332] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.842332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.842332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.842332] Call Trace: [ 29.842332] <TASK> [ 29.842332] dump_stack_lvl+0x73/0xb0 [ 29.842332] print_report+0xd1/0x640 [ 29.842332] ? __virt_addr_valid+0x1db/0x2d0 [ 29.842332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.842332] kasan_report+0x102/0x140 [ 29.842332] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.842332] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.842332] kasan_check_range+0x10c/0x1c0 [ 29.842332] __kasan_check_read+0x15/0x20 [ 29.842332] kasan_atomics_helper+0x3e0/0x5450 [ 29.842332] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.842332] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.842332] ? trace_hardirqs_on+0x37/0xe0 [ 29.842332] ? kasan_atomics+0x153/0x310 [ 29.842332] kasan_atomics+0x1dd/0x310 [ 29.842332] ? __pfx_kasan_atomics+0x10/0x10 [ 29.842332] ? __pfx_kasan_atomics+0x10/0x10 [ 29.842332] kunit_try_run_case+0x1b3/0x490 [ 29.842332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.842332] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.842332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.842332] ? __kthread_parkme+0x82/0x160 [ 29.842332] ? preempt_count_sub+0x50/0x80 [ 29.842332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.842332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.842332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.842332] kthread+0x257/0x310 [ 29.842332] ? __pfx_kthread+0x10/0x10 [ 29.842332] ret_from_fork+0x41/0x80 [ 29.842332] ? __pfx_kthread+0x10/0x10 [ 29.842332] ret_from_fork_asm+0x1a/0x30 [ 29.842332] </TASK> [ 29.842332] [ 29.842332] Allocated by task 274: [ 29.842332] kasan_save_stack+0x3d/0x60 [ 29.842332] kasan_save_track+0x18/0x40 [ 29.842332] kasan_save_alloc_info+0x3b/0x50 [ 29.842332] __kasan_kmalloc+0xb7/0xc0 [ 29.842332] __kmalloc_cache_noprof+0x184/0x410 [ 29.842332] kasan_atomics+0x96/0x310 [ 29.842332] kunit_try_run_case+0x1b3/0x490 [ 29.842332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.842332] kthread+0x257/0x310 [ 29.842332] ret_from_fork+0x41/0x80 [ 29.842332] ret_from_fork_asm+0x1a/0x30 [ 29.842332] [ 29.842332] The buggy address belongs to the object at ffff88810294b780 [ 29.842332] which belongs to the cache kmalloc-64 of size 64 [ 29.842332] The buggy address is located 0 bytes to the right of [ 29.842332] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.842332] [ 29.842332] The buggy address belongs to the physical page: [ 29.842332] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.842332] flags: 0x200000000000000(node=0|zone=2) [ 29.842332] page_type: f5(slab) [ 29.842332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.842332] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.842332] page dumped because: kasan: bad access detected [ 29.842332] [ 29.842332] Memory state around the buggy address: [ 29.842332] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.842332] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.842332] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.842332] ^ [ 29.842332] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.842332] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.842332] ================================================================== [ 31.133602] ================================================================== [ 31.134761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 31.134761] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.134761] [ 31.134761] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.134761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.134761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.134761] Call Trace: [ 31.134761] <TASK> [ 31.134761] dump_stack_lvl+0x73/0xb0 [ 31.134761] print_report+0xd1/0x640 [ 31.134761] ? __virt_addr_valid+0x1db/0x2d0 [ 31.134761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.134761] kasan_report+0x102/0x140 [ 31.134761] ? kasan_atomics_helper+0x49d0/0x5450 [ 31.134761] ? kasan_atomics_helper+0x49d0/0x5450 [ 31.134761] __asan_report_load4_noabort+0x18/0x20 [ 31.134761] kasan_atomics_helper+0x49d0/0x5450 [ 31.134761] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.134761] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.134761] ? trace_hardirqs_on+0x37/0xe0 [ 31.134761] ? kasan_atomics+0x153/0x310 [ 31.134761] kasan_atomics+0x1dd/0x310 [ 31.134761] ? __pfx_kasan_atomics+0x10/0x10 [ 31.134761] ? __pfx_kasan_atomics+0x10/0x10 [ 31.134761] kunit_try_run_case+0x1b3/0x490 [ 31.134761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.134761] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.134761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.134761] ? __kthread_parkme+0x82/0x160 [ 31.134761] ? preempt_count_sub+0x50/0x80 [ 31.134761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.134761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.134761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.134761] kthread+0x257/0x310 [ 31.134761] ? __pfx_kthread+0x10/0x10 [ 31.134761] ret_from_fork+0x41/0x80 [ 31.134761] ? __pfx_kthread+0x10/0x10 [ 31.134761] ret_from_fork_asm+0x1a/0x30 [ 31.134761] </TASK> [ 31.134761] [ 31.134761] Allocated by task 274: [ 31.134761] kasan_save_stack+0x3d/0x60 [ 31.134761] kasan_save_track+0x18/0x40 [ 31.134761] kasan_save_alloc_info+0x3b/0x50 [ 31.134761] __kasan_kmalloc+0xb7/0xc0 [ 31.134761] __kmalloc_cache_noprof+0x184/0x410 [ 31.134761] kasan_atomics+0x96/0x310 [ 31.134761] kunit_try_run_case+0x1b3/0x490 [ 31.134761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.134761] kthread+0x257/0x310 [ 31.134761] ret_from_fork+0x41/0x80 [ 31.134761] ret_from_fork_asm+0x1a/0x30 [ 31.134761] [ 31.134761] The buggy address belongs to the object at ffff88810294b780 [ 31.134761] which belongs to the cache kmalloc-64 of size 64 [ 31.134761] The buggy address is located 0 bytes to the right of [ 31.134761] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.134761] [ 31.134761] The buggy address belongs to the physical page: [ 31.134761] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.134761] flags: 0x200000000000000(node=0|zone=2) [ 31.134761] page_type: f5(slab) [ 31.134761] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.134761] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.134761] page dumped because: kasan: bad access detected [ 31.134761] [ 31.134761] Memory state around the buggy address: [ 31.134761] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.134761] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.134761] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.134761] ^ [ 31.134761] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.134761] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.134761] ================================================================== [ 31.707881] ================================================================== [ 31.708148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 31.708148] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.708148] [ 31.708148] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.708148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.708148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.708148] Call Trace: [ 31.708148] <TASK> [ 31.708148] dump_stack_lvl+0x73/0xb0 [ 31.708148] print_report+0xd1/0x640 [ 31.708148] ? __virt_addr_valid+0x1db/0x2d0 [ 31.708148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.708148] kasan_report+0x102/0x140 [ 31.708148] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.708148] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.708148] kasan_check_range+0x10c/0x1c0 [ 31.708148] __kasan_check_write+0x18/0x20 [ 31.708148] kasan_atomics_helper+0x19e4/0x5450 [ 31.708148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.708148] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.708148] ? trace_hardirqs_on+0x37/0xe0 [ 31.708148] ? kasan_atomics+0x153/0x310 [ 31.708148] kasan_atomics+0x1dd/0x310 [ 31.708148] ? __pfx_kasan_atomics+0x10/0x10 [ 31.708148] ? __pfx_kasan_atomics+0x10/0x10 [ 31.708148] kunit_try_run_case+0x1b3/0x490 [ 31.708148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.708148] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.708148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.708148] ? __kthread_parkme+0x82/0x160 [ 31.708148] ? preempt_count_sub+0x50/0x80 [ 31.708148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.708148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.708148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.708148] kthread+0x257/0x310 [ 31.708148] ? __pfx_kthread+0x10/0x10 [ 31.708148] ret_from_fork+0x41/0x80 [ 31.708148] ? __pfx_kthread+0x10/0x10 [ 31.708148] ret_from_fork_asm+0x1a/0x30 [ 31.708148] </TASK> [ 31.708148] [ 31.708148] Allocated by task 274: [ 31.708148] kasan_save_stack+0x3d/0x60 [ 31.708148] kasan_save_track+0x18/0x40 [ 31.708148] kasan_save_alloc_info+0x3b/0x50 [ 31.708148] __kasan_kmalloc+0xb7/0xc0 [ 31.708148] __kmalloc_cache_noprof+0x184/0x410 [ 31.708148] kasan_atomics+0x96/0x310 [ 31.708148] kunit_try_run_case+0x1b3/0x490 [ 31.708148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.708148] kthread+0x257/0x310 [ 31.708148] ret_from_fork+0x41/0x80 [ 31.708148] ret_from_fork_asm+0x1a/0x30 [ 31.708148] [ 31.708148] The buggy address belongs to the object at ffff88810294b780 [ 31.708148] which belongs to the cache kmalloc-64 of size 64 [ 31.708148] The buggy address is located 0 bytes to the right of [ 31.708148] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.708148] [ 31.708148] The buggy address belongs to the physical page: [ 31.708148] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.708148] flags: 0x200000000000000(node=0|zone=2) [ 31.708148] page_type: f5(slab) [ 31.708148] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.708148] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.708148] page dumped because: kasan: bad access detected [ 31.708148] [ 31.708148] Memory state around the buggy address: [ 31.708148] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.708148] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.708148] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.708148] ^ [ 31.708148] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.708148] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.708148] ================================================================== [ 29.925675] ================================================================== [ 29.926214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 29.926214] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.926214] [ 29.926214] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.926214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.926214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.926214] Call Trace: [ 29.926214] <TASK> [ 29.926214] dump_stack_lvl+0x73/0xb0 [ 29.926214] print_report+0xd1/0x640 [ 29.926214] ? __virt_addr_valid+0x1db/0x2d0 [ 29.926214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.926214] kasan_report+0x102/0x140 [ 29.926214] ? kasan_atomics_helper+0x4a1/0x5450 [ 29.926214] ? kasan_atomics_helper+0x4a1/0x5450 [ 29.926214] kasan_check_range+0x10c/0x1c0 [ 29.926214] __kasan_check_write+0x18/0x20 [ 29.926214] kasan_atomics_helper+0x4a1/0x5450 [ 29.926214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.926214] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.926214] ? trace_hardirqs_on+0x37/0xe0 [ 29.926214] ? kasan_atomics+0x153/0x310 [ 29.926214] kasan_atomics+0x1dd/0x310 [ 29.926214] ? __pfx_kasan_atomics+0x10/0x10 [ 29.926214] ? __pfx_kasan_atomics+0x10/0x10 [ 29.926214] kunit_try_run_case+0x1b3/0x490 [ 29.926214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.926214] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.926214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.926214] ? __kthread_parkme+0x82/0x160 [ 29.926214] ? preempt_count_sub+0x50/0x80 [ 29.926214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.926214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.926214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.926214] kthread+0x257/0x310 [ 29.926214] ? __pfx_kthread+0x10/0x10 [ 29.926214] ret_from_fork+0x41/0x80 [ 29.926214] ? __pfx_kthread+0x10/0x10 [ 29.926214] ret_from_fork_asm+0x1a/0x30 [ 29.926214] </TASK> [ 29.926214] [ 29.926214] Allocated by task 274: [ 29.926214] kasan_save_stack+0x3d/0x60 [ 29.926214] kasan_save_track+0x18/0x40 [ 29.926214] kasan_save_alloc_info+0x3b/0x50 [ 29.926214] __kasan_kmalloc+0xb7/0xc0 [ 29.926214] __kmalloc_cache_noprof+0x184/0x410 [ 29.926214] kasan_atomics+0x96/0x310 [ 29.926214] kunit_try_run_case+0x1b3/0x490 [ 29.926214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.926214] kthread+0x257/0x310 [ 29.926214] ret_from_fork+0x41/0x80 [ 29.926214] ret_from_fork_asm+0x1a/0x30 [ 29.926214] [ 29.926214] The buggy address belongs to the object at ffff88810294b780 [ 29.926214] which belongs to the cache kmalloc-64 of size 64 [ 29.926214] The buggy address is located 0 bytes to the right of [ 29.926214] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.926214] [ 29.926214] The buggy address belongs to the physical page: [ 29.926214] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.926214] flags: 0x200000000000000(node=0|zone=2) [ 29.926214] page_type: f5(slab) [ 29.926214] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.926214] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.926214] page dumped because: kasan: bad access detected [ 29.926214] [ 29.926214] Memory state around the buggy address: [ 29.926214] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.926214] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.926214] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.926214] ^ [ 29.926214] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.926214] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.926214] ================================================================== [ 30.748121] ================================================================== [ 30.748601] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 30.751229] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.751229] [ 30.751229] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.751229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.751229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.751229] Call Trace: [ 30.751229] <TASK> [ 30.751229] dump_stack_lvl+0x73/0xb0 [ 30.751229] print_report+0xd1/0x640 [ 30.751229] ? __virt_addr_valid+0x1db/0x2d0 [ 30.751229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.751229] kasan_report+0x102/0x140 [ 30.751229] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.751229] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.751229] kasan_check_range+0x10c/0x1c0 [ 30.751229] __kasan_check_write+0x18/0x20 [ 30.751229] kasan_atomics_helper+0xfaa/0x5450 [ 30.751229] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.751229] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.751229] ? trace_hardirqs_on+0x37/0xe0 [ 30.751229] ? kasan_atomics+0x153/0x310 [ 30.751229] kasan_atomics+0x1dd/0x310 [ 30.751229] ? __pfx_kasan_atomics+0x10/0x10 [ 30.751229] ? __pfx_kasan_atomics+0x10/0x10 [ 30.751229] kunit_try_run_case+0x1b3/0x490 [ 30.751229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.751229] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.751229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.751229] ? __kthread_parkme+0x82/0x160 [ 30.751229] ? preempt_count_sub+0x50/0x80 [ 30.751229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.751229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.751229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.751229] kthread+0x257/0x310 [ 30.751229] ? __pfx_kthread+0x10/0x10 [ 30.751229] ret_from_fork+0x41/0x80 [ 30.751229] ? __pfx_kthread+0x10/0x10 [ 30.751229] ret_from_fork_asm+0x1a/0x30 [ 30.751229] </TASK> [ 30.751229] [ 30.751229] Allocated by task 274: [ 30.751229] kasan_save_stack+0x3d/0x60 [ 30.751229] kasan_save_track+0x18/0x40 [ 30.751229] kasan_save_alloc_info+0x3b/0x50 [ 30.751229] __kasan_kmalloc+0xb7/0xc0 [ 30.751229] __kmalloc_cache_noprof+0x184/0x410 [ 30.751229] kasan_atomics+0x96/0x310 [ 30.751229] kunit_try_run_case+0x1b3/0x490 [ 30.751229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.751229] kthread+0x257/0x310 [ 30.751229] ret_from_fork+0x41/0x80 [ 30.751229] ret_from_fork_asm+0x1a/0x30 [ 30.751229] [ 30.751229] The buggy address belongs to the object at ffff88810294b780 [ 30.751229] which belongs to the cache kmalloc-64 of size 64 [ 30.751229] The buggy address is located 0 bytes to the right of [ 30.751229] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.751229] [ 30.751229] The buggy address belongs to the physical page: [ 30.751229] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.751229] flags: 0x200000000000000(node=0|zone=2) [ 30.751229] page_type: f5(slab) [ 30.751229] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.751229] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.751229] page dumped because: kasan: bad access detected [ 30.751229] [ 30.751229] Memory state around the buggy address: [ 30.751229] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.751229] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.751229] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.751229] ^ [ 30.751229] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.751229] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.751229] ================================================================== [ 29.879969] ================================================================== [ 29.880528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 29.880528] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.880528] [ 29.880528] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.880528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.880528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.880528] Call Trace: [ 29.880528] <TASK> [ 29.880528] dump_stack_lvl+0x73/0xb0 [ 29.880528] print_report+0xd1/0x640 [ 29.880528] ? __virt_addr_valid+0x1db/0x2d0 [ 29.880528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.880528] kasan_report+0x102/0x140 [ 29.880528] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.880528] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.880528] __asan_report_load4_noabort+0x18/0x20 [ 29.880528] kasan_atomics_helper+0x4b56/0x5450 [ 29.880528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.880528] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.880528] ? trace_hardirqs_on+0x37/0xe0 [ 29.880528] ? kasan_atomics+0x153/0x310 [ 29.880528] kasan_atomics+0x1dd/0x310 [ 29.880528] ? __pfx_kasan_atomics+0x10/0x10 [ 29.880528] ? __pfx_kasan_atomics+0x10/0x10 [ 29.880528] kunit_try_run_case+0x1b3/0x490 [ 29.880528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.880528] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.880528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.880528] ? __kthread_parkme+0x82/0x160 [ 29.880528] ? preempt_count_sub+0x50/0x80 [ 29.880528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.880528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.880528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.880528] kthread+0x257/0x310 [ 29.880528] ? __pfx_kthread+0x10/0x10 [ 29.880528] ret_from_fork+0x41/0x80 [ 29.880528] ? __pfx_kthread+0x10/0x10 [ 29.880528] ret_from_fork_asm+0x1a/0x30 [ 29.880528] </TASK> [ 29.880528] [ 29.880528] Allocated by task 274: [ 29.880528] kasan_save_stack+0x3d/0x60 [ 29.880528] kasan_save_track+0x18/0x40 [ 29.880528] kasan_save_alloc_info+0x3b/0x50 [ 29.880528] __kasan_kmalloc+0xb7/0xc0 [ 29.880528] __kmalloc_cache_noprof+0x184/0x410 [ 29.880528] kasan_atomics+0x96/0x310 [ 29.880528] kunit_try_run_case+0x1b3/0x490 [ 29.880528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.880528] kthread+0x257/0x310 [ 29.880528] ret_from_fork+0x41/0x80 [ 29.880528] ret_from_fork_asm+0x1a/0x30 [ 29.880528] [ 29.880528] The buggy address belongs to the object at ffff88810294b780 [ 29.880528] which belongs to the cache kmalloc-64 of size 64 [ 29.880528] The buggy address is located 0 bytes to the right of [ 29.880528] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.880528] [ 29.880528] The buggy address belongs to the physical page: [ 29.880528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.880528] flags: 0x200000000000000(node=0|zone=2) [ 29.880528] page_type: f5(slab) [ 29.880528] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.880528] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.880528] page dumped because: kasan: bad access detected [ 29.880528] [ 29.880528] Memory state around the buggy address: [ 29.880528] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.880528] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.880528] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.880528] ^ [ 29.880528] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.880528] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.880528] ================================================================== [ 32.370541] ================================================================== [ 32.371146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 32.372364] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.372364] [ 32.372364] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.372364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.372364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.372364] Call Trace: [ 32.372364] <TASK> [ 32.372364] dump_stack_lvl+0x73/0xb0 [ 32.372364] print_report+0xd1/0x640 [ 32.372364] ? __virt_addr_valid+0x1db/0x2d0 [ 32.372364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.372364] kasan_report+0x102/0x140 [ 32.372364] ? kasan_atomics_helper+0x4fa7/0x5450 [ 32.372364] ? kasan_atomics_helper+0x4fa7/0x5450 [ 32.372364] __asan_report_load8_noabort+0x18/0x20 [ 32.372364] kasan_atomics_helper+0x4fa7/0x5450 [ 32.372364] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.372364] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.372364] ? trace_hardirqs_on+0x37/0xe0 [ 32.372364] ? kasan_atomics+0x153/0x310 [ 32.372364] kasan_atomics+0x1dd/0x310 [ 32.372364] ? __pfx_kasan_atomics+0x10/0x10 [ 32.372364] ? __pfx_kasan_atomics+0x10/0x10 [ 32.372364] kunit_try_run_case+0x1b3/0x490 [ 32.372364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.372364] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.372364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.372364] ? __kthread_parkme+0x82/0x160 [ 32.372364] ? preempt_count_sub+0x50/0x80 [ 32.372364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.372364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.372364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.372364] kthread+0x257/0x310 [ 32.372364] ? __pfx_kthread+0x10/0x10 [ 32.372364] ret_from_fork+0x41/0x80 [ 32.372364] ? __pfx_kthread+0x10/0x10 [ 32.372364] ret_from_fork_asm+0x1a/0x30 [ 32.372364] </TASK> [ 32.372364] [ 32.372364] Allocated by task 274: [ 32.372364] kasan_save_stack+0x3d/0x60 [ 32.372364] kasan_save_track+0x18/0x40 [ 32.372364] kasan_save_alloc_info+0x3b/0x50 [ 32.372364] __kasan_kmalloc+0xb7/0xc0 [ 32.372364] __kmalloc_cache_noprof+0x184/0x410 [ 32.372364] kasan_atomics+0x96/0x310 [ 32.372364] kunit_try_run_case+0x1b3/0x490 [ 32.372364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.372364] kthread+0x257/0x310 [ 32.372364] ret_from_fork+0x41/0x80 [ 32.372364] ret_from_fork_asm+0x1a/0x30 [ 32.372364] [ 32.372364] The buggy address belongs to the object at ffff88810294b780 [ 32.372364] which belongs to the cache kmalloc-64 of size 64 [ 32.372364] The buggy address is located 0 bytes to the right of [ 32.372364] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.372364] [ 32.372364] The buggy address belongs to the physical page: [ 32.372364] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.372364] flags: 0x200000000000000(node=0|zone=2) [ 32.372364] page_type: f5(slab) [ 32.372364] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.372364] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.372364] page dumped because: kasan: bad access detected [ 32.372364] [ 32.372364] Memory state around the buggy address: [ 32.372364] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.372364] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.372364] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.372364] ^ [ 32.372364] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.372364] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.372364] ================================================================== [ 30.263091] ================================================================== [ 30.263556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 30.263556] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.263556] [ 30.263556] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.263556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.263556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.263556] Call Trace: [ 30.263556] <TASK> [ 30.263556] dump_stack_lvl+0x73/0xb0 [ 30.263556] print_report+0xd1/0x640 [ 30.263556] ? __virt_addr_valid+0x1db/0x2d0 [ 30.263556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.263556] kasan_report+0x102/0x140 [ 30.263556] ? kasan_atomics_helper+0x8fa/0x5450 [ 30.263556] ? kasan_atomics_helper+0x8fa/0x5450 [ 30.263556] kasan_check_range+0x10c/0x1c0 [ 30.263556] __kasan_check_write+0x18/0x20 [ 30.263556] kasan_atomics_helper+0x8fa/0x5450 [ 30.263556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.263556] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.263556] ? trace_hardirqs_on+0x37/0xe0 [ 30.263556] ? kasan_atomics+0x153/0x310 [ 30.263556] kasan_atomics+0x1dd/0x310 [ 30.263556] ? __pfx_kasan_atomics+0x10/0x10 [ 30.263556] ? __pfx_kasan_atomics+0x10/0x10 [ 30.263556] kunit_try_run_case+0x1b3/0x490 [ 30.263556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.263556] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.263556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.263556] ? __kthread_parkme+0x82/0x160 [ 30.263556] ? preempt_count_sub+0x50/0x80 [ 30.263556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.263556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.263556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.263556] kthread+0x257/0x310 [ 30.263556] ? __pfx_kthread+0x10/0x10 [ 30.263556] ret_from_fork+0x41/0x80 [ 30.263556] ? __pfx_kthread+0x10/0x10 [ 30.263556] ret_from_fork_asm+0x1a/0x30 [ 30.263556] </TASK> [ 30.263556] [ 30.263556] Allocated by task 274: [ 30.263556] kasan_save_stack+0x3d/0x60 [ 30.263556] kasan_save_track+0x18/0x40 [ 30.263556] kasan_save_alloc_info+0x3b/0x50 [ 30.263556] __kasan_kmalloc+0xb7/0xc0 [ 30.263556] __kmalloc_cache_noprof+0x184/0x410 [ 30.263556] kasan_atomics+0x96/0x310 [ 30.263556] kunit_try_run_case+0x1b3/0x490 [ 30.263556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.263556] kthread+0x257/0x310 [ 30.263556] ret_from_fork+0x41/0x80 [ 30.263556] ret_from_fork_asm+0x1a/0x30 [ 30.263556] [ 30.263556] The buggy address belongs to the object at ffff88810294b780 [ 30.263556] which belongs to the cache kmalloc-64 of size 64 [ 30.263556] The buggy address is located 0 bytes to the right of [ 30.263556] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.263556] [ 30.263556] The buggy address belongs to the physical page: [ 30.263556] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.263556] flags: 0x200000000000000(node=0|zone=2) [ 30.263556] page_type: f5(slab) [ 30.263556] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.263556] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.263556] page dumped because: kasan: bad access detected [ 30.263556] [ 30.263556] Memory state around the buggy address: [ 30.263556] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.263556] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.263556] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.263556] ^ [ 30.263556] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.263556] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.263556] ================================================================== [ 30.526565] ================================================================== [ 30.527294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 30.527294] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.527294] [ 30.527294] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.527294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.527294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.527294] Call Trace: [ 30.527294] <TASK> [ 30.527294] dump_stack_lvl+0x73/0xb0 [ 30.527294] print_report+0xd1/0x640 [ 30.527294] ? __virt_addr_valid+0x1db/0x2d0 [ 30.527294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.527294] kasan_report+0x102/0x140 [ 30.527294] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.527294] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.527294] __asan_report_load4_noabort+0x18/0x20 [ 30.527294] kasan_atomics_helper+0x4a86/0x5450 [ 30.527294] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.527294] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.527294] ? trace_hardirqs_on+0x37/0xe0 [ 30.527294] ? kasan_atomics+0x153/0x310 [ 30.527294] kasan_atomics+0x1dd/0x310 [ 30.527294] ? __pfx_kasan_atomics+0x10/0x10 [ 30.527294] ? __pfx_kasan_atomics+0x10/0x10 [ 30.527294] kunit_try_run_case+0x1b3/0x490 [ 30.527294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.527294] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.527294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.527294] ? __kthread_parkme+0x82/0x160 [ 30.527294] ? preempt_count_sub+0x50/0x80 [ 30.527294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.527294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.527294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.527294] kthread+0x257/0x310 [ 30.527294] ? __pfx_kthread+0x10/0x10 [ 30.527294] ret_from_fork+0x41/0x80 [ 30.527294] ? __pfx_kthread+0x10/0x10 [ 30.527294] ret_from_fork_asm+0x1a/0x30 [ 30.527294] </TASK> [ 30.527294] [ 30.527294] Allocated by task 274: [ 30.527294] kasan_save_stack+0x3d/0x60 [ 30.527294] kasan_save_track+0x18/0x40 [ 30.527294] kasan_save_alloc_info+0x3b/0x50 [ 30.527294] __kasan_kmalloc+0xb7/0xc0 [ 30.527294] __kmalloc_cache_noprof+0x184/0x410 [ 30.527294] kasan_atomics+0x96/0x310 [ 30.527294] kunit_try_run_case+0x1b3/0x490 [ 30.527294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.527294] kthread+0x257/0x310 [ 30.527294] ret_from_fork+0x41/0x80 [ 30.527294] ret_from_fork_asm+0x1a/0x30 [ 30.527294] [ 30.527294] The buggy address belongs to the object at ffff88810294b780 [ 30.527294] which belongs to the cache kmalloc-64 of size 64 [ 30.527294] The buggy address is located 0 bytes to the right of [ 30.527294] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.527294] [ 30.527294] The buggy address belongs to the physical page: [ 30.527294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.527294] flags: 0x200000000000000(node=0|zone=2) [ 30.527294] page_type: f5(slab) [ 30.527294] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.527294] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.527294] page dumped because: kasan: bad access detected [ 30.527294] [ 30.527294] Memory state around the buggy address: [ 30.527294] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.527294] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.527294] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.527294] ^ [ 30.527294] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.527294] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.527294] ================================================================== [ 29.717064] ================================================================== [ 29.717643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 29.717643] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.717643] [ 29.717643] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.717643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.717643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.717643] Call Trace: [ 29.717643] <TASK> [ 29.717643] dump_stack_lvl+0x73/0xb0 [ 29.717643] print_report+0xd1/0x640 [ 29.717643] ? __virt_addr_valid+0x1db/0x2d0 [ 29.717643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.717643] kasan_report+0x102/0x140 [ 29.717643] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.717643] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.717643] __asan_report_store4_noabort+0x1b/0x30 [ 29.717643] kasan_atomics_helper+0x4ba4/0x5450 [ 29.717643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.717643] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.717643] ? trace_hardirqs_on+0x37/0xe0 [ 29.717643] ? kasan_atomics+0x153/0x310 [ 29.717643] kasan_atomics+0x1dd/0x310 [ 29.717643] ? __pfx_kasan_atomics+0x10/0x10 [ 29.717643] ? __pfx_kasan_atomics+0x10/0x10 [ 29.717643] kunit_try_run_case+0x1b3/0x490 [ 29.717643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.717643] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.717643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.717643] ? __kthread_parkme+0x82/0x160 [ 29.717643] ? preempt_count_sub+0x50/0x80 [ 29.717643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.717643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.717643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.717643] kthread+0x257/0x310 [ 29.717643] ? __pfx_kthread+0x10/0x10 [ 29.717643] ret_from_fork+0x41/0x80 [ 29.717643] ? __pfx_kthread+0x10/0x10 [ 29.717643] ret_from_fork_asm+0x1a/0x30 [ 29.717643] </TASK> [ 29.717643] [ 29.717643] Allocated by task 274: [ 29.717643] kasan_save_stack+0x3d/0x60 [ 29.717643] kasan_save_track+0x18/0x40 [ 29.717643] kasan_save_alloc_info+0x3b/0x50 [ 29.717643] __kasan_kmalloc+0xb7/0xc0 [ 29.717643] __kmalloc_cache_noprof+0x184/0x410 [ 29.717643] kasan_atomics+0x96/0x310 [ 29.717643] kunit_try_run_case+0x1b3/0x490 [ 29.717643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.717643] kthread+0x257/0x310 [ 29.717643] ret_from_fork+0x41/0x80 [ 29.717643] ret_from_fork_asm+0x1a/0x30 [ 29.717643] [ 29.717643] The buggy address belongs to the object at ffff88810294b780 [ 29.717643] which belongs to the cache kmalloc-64 of size 64 [ 29.717643] The buggy address is located 0 bytes to the right of [ 29.717643] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.717643] [ 29.717643] The buggy address belongs to the physical page: [ 29.717643] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.717643] flags: 0x200000000000000(node=0|zone=2) [ 29.717643] page_type: f5(slab) [ 29.717643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.717643] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.717643] page dumped because: kasan: bad access detected [ 29.717643] [ 29.717643] Memory state around the buggy address: [ 29.717643] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.717643] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.717643] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.717643] ^ [ 29.717643] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.717643] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.717643] ================================================================== [ 30.656508] ================================================================== [ 30.657087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 30.657249] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.658143] [ 30.658143] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.658143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.658143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.658143] Call Trace: [ 30.658143] <TASK> [ 30.658143] dump_stack_lvl+0x73/0xb0 [ 30.658143] print_report+0xd1/0x640 [ 30.658143] ? __virt_addr_valid+0x1db/0x2d0 [ 30.658143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.658143] kasan_report+0x102/0x140 [ 30.658143] ? kasan_atomics_helper+0xe79/0x5450 [ 30.658143] ? kasan_atomics_helper+0xe79/0x5450 [ 30.658143] kasan_check_range+0x10c/0x1c0 [ 30.658143] __kasan_check_write+0x18/0x20 [ 30.658143] kasan_atomics_helper+0xe79/0x5450 [ 30.658143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.658143] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.658143] ? trace_hardirqs_on+0x37/0xe0 [ 30.658143] ? kasan_atomics+0x153/0x310 [ 30.658143] kasan_atomics+0x1dd/0x310 [ 30.658143] ? __pfx_kasan_atomics+0x10/0x10 [ 30.658143] ? __pfx_kasan_atomics+0x10/0x10 [ 30.658143] kunit_try_run_case+0x1b3/0x490 [ 30.658143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.658143] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.658143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.658143] ? __kthread_parkme+0x82/0x160 [ 30.658143] ? preempt_count_sub+0x50/0x80 [ 30.658143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.658143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.658143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.658143] kthread+0x257/0x310 [ 30.658143] ? __pfx_kthread+0x10/0x10 [ 30.658143] ret_from_fork+0x41/0x80 [ 30.658143] ? __pfx_kthread+0x10/0x10 [ 30.658143] ret_from_fork_asm+0x1a/0x30 [ 30.658143] </TASK> [ 30.658143] [ 30.658143] Allocated by task 274: [ 30.658143] kasan_save_stack+0x3d/0x60 [ 30.658143] kasan_save_track+0x18/0x40 [ 30.658143] kasan_save_alloc_info+0x3b/0x50 [ 30.658143] __kasan_kmalloc+0xb7/0xc0 [ 30.658143] __kmalloc_cache_noprof+0x184/0x410 [ 30.658143] kasan_atomics+0x96/0x310 [ 30.658143] kunit_try_run_case+0x1b3/0x490 [ 30.658143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.658143] kthread+0x257/0x310 [ 30.658143] ret_from_fork+0x41/0x80 [ 30.658143] ret_from_fork_asm+0x1a/0x30 [ 30.658143] [ 30.658143] The buggy address belongs to the object at ffff88810294b780 [ 30.658143] which belongs to the cache kmalloc-64 of size 64 [ 30.658143] The buggy address is located 0 bytes to the right of [ 30.658143] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.658143] [ 30.658143] The buggy address belongs to the physical page: [ 30.658143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.658143] flags: 0x200000000000000(node=0|zone=2) [ 30.658143] page_type: f5(slab) [ 30.658143] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.658143] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.658143] page dumped because: kasan: bad access detected [ 30.658143] [ 30.658143] Memory state around the buggy address: [ 30.658143] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.658143] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.658143] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.658143] ^ [ 30.658143] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.658143] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.658143] ================================================================== [ 31.789832] ================================================================== [ 31.790224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 31.790224] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.791205] [ 31.794379] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.794379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.794379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.794379] Call Trace: [ 31.794379] <TASK> [ 31.794379] dump_stack_lvl+0x73/0xb0 [ 31.794379] print_report+0xd1/0x640 [ 31.794379] ? __virt_addr_valid+0x1db/0x2d0 [ 31.794379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.794379] kasan_report+0x102/0x140 [ 31.794379] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.794379] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.794379] kasan_check_range+0x10c/0x1c0 [ 31.794379] __kasan_check_write+0x18/0x20 [ 31.794379] kasan_atomics_helper+0x1b23/0x5450 [ 31.794379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.794379] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.794379] ? trace_hardirqs_on+0x37/0xe0 [ 31.794379] ? kasan_atomics+0x153/0x310 [ 31.794379] kasan_atomics+0x1dd/0x310 [ 31.794379] ? __pfx_kasan_atomics+0x10/0x10 [ 31.794379] ? __pfx_kasan_atomics+0x10/0x10 [ 31.794379] kunit_try_run_case+0x1b3/0x490 [ 31.794379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.794379] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.794379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.794379] ? __kthread_parkme+0x82/0x160 [ 31.794379] ? preempt_count_sub+0x50/0x80 [ 31.794379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.794379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.794379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.794379] kthread+0x257/0x310 [ 31.794379] ? __pfx_kthread+0x10/0x10 [ 31.794379] ret_from_fork+0x41/0x80 [ 31.794379] ? __pfx_kthread+0x10/0x10 [ 31.794379] ret_from_fork_asm+0x1a/0x30 [ 31.794379] </TASK> [ 31.794379] [ 31.794379] Allocated by task 274: [ 31.794379] kasan_save_stack+0x3d/0x60 [ 31.794379] kasan_save_track+0x18/0x40 [ 31.794379] kasan_save_alloc_info+0x3b/0x50 [ 31.794379] __kasan_kmalloc+0xb7/0xc0 [ 31.794379] __kmalloc_cache_noprof+0x184/0x410 [ 31.794379] kasan_atomics+0x96/0x310 [ 31.794379] kunit_try_run_case+0x1b3/0x490 [ 31.794379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.794379] kthread+0x257/0x310 [ 31.794379] ret_from_fork+0x41/0x80 [ 31.794379] ret_from_fork_asm+0x1a/0x30 [ 31.794379] [ 31.794379] The buggy address belongs to the object at ffff88810294b780 [ 31.794379] which belongs to the cache kmalloc-64 of size 64 [ 31.794379] The buggy address is located 0 bytes to the right of [ 31.794379] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.794379] [ 31.794379] The buggy address belongs to the physical page: [ 31.794379] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.794379] flags: 0x200000000000000(node=0|zone=2) [ 31.794379] page_type: f5(slab) [ 31.794379] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.794379] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.794379] page dumped because: kasan: bad access detected [ 31.794379] [ 31.794379] Memory state around the buggy address: [ 31.794379] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.794379] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.794379] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.794379] ^ [ 31.794379] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.794379] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.794379] ================================================================== [ 30.176382] ================================================================== [ 30.176995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 30.177186] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.177186] [ 30.177186] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.177186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.177186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.177186] Call Trace: [ 30.177186] <TASK> [ 30.177186] dump_stack_lvl+0x73/0xb0 [ 30.177186] print_report+0xd1/0x640 [ 30.177186] ? __virt_addr_valid+0x1db/0x2d0 [ 30.177186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.177186] kasan_report+0x102/0x140 [ 30.177186] ? kasan_atomics_helper+0x7c8/0x5450 [ 30.177186] ? kasan_atomics_helper+0x7c8/0x5450 [ 30.177186] kasan_check_range+0x10c/0x1c0 [ 30.177186] __kasan_check_write+0x18/0x20 [ 30.177186] kasan_atomics_helper+0x7c8/0x5450 [ 30.177186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.177186] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.177186] ? trace_hardirqs_on+0x37/0xe0 [ 30.177186] ? kasan_atomics+0x153/0x310 [ 30.177186] kasan_atomics+0x1dd/0x310 [ 30.177186] ? __pfx_kasan_atomics+0x10/0x10 [ 30.177186] ? __pfx_kasan_atomics+0x10/0x10 [ 30.177186] kunit_try_run_case+0x1b3/0x490 [ 30.177186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.177186] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.177186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.177186] ? __kthread_parkme+0x82/0x160 [ 30.177186] ? preempt_count_sub+0x50/0x80 [ 30.177186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.177186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.177186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.177186] kthread+0x257/0x310 [ 30.177186] ? __pfx_kthread+0x10/0x10 [ 30.177186] ret_from_fork+0x41/0x80 [ 30.177186] ? __pfx_kthread+0x10/0x10 [ 30.177186] ret_from_fork_asm+0x1a/0x30 [ 30.177186] </TASK> [ 30.177186] [ 30.177186] Allocated by task 274: [ 30.177186] kasan_save_stack+0x3d/0x60 [ 30.177186] kasan_save_track+0x18/0x40 [ 30.177186] kasan_save_alloc_info+0x3b/0x50 [ 30.177186] __kasan_kmalloc+0xb7/0xc0 [ 30.177186] __kmalloc_cache_noprof+0x184/0x410 [ 30.177186] kasan_atomics+0x96/0x310 [ 30.177186] kunit_try_run_case+0x1b3/0x490 [ 30.177186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.177186] kthread+0x257/0x310 [ 30.177186] ret_from_fork+0x41/0x80 [ 30.177186] ret_from_fork_asm+0x1a/0x30 [ 30.177186] [ 30.177186] The buggy address belongs to the object at ffff88810294b780 [ 30.177186] which belongs to the cache kmalloc-64 of size 64 [ 30.177186] The buggy address is located 0 bytes to the right of [ 30.177186] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.177186] [ 30.177186] The buggy address belongs to the physical page: [ 30.177186] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.177186] flags: 0x200000000000000(node=0|zone=2) [ 30.177186] page_type: f5(slab) [ 30.177186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.177186] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.177186] page dumped because: kasan: bad access detected [ 30.177186] [ 30.177186] Memory state around the buggy address: [ 30.177186] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.177186] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.177186] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.177186] ^ [ 30.177186] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.177186] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.177186] ================================================================== [ 30.568015] ================================================================== [ 30.568302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 30.568302] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.568302] [ 30.568302] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.568302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.568302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.568302] Call Trace: [ 30.568302] <TASK> [ 30.568302] dump_stack_lvl+0x73/0xb0 [ 30.568302] print_report+0xd1/0x640 [ 30.568302] ? __virt_addr_valid+0x1db/0x2d0 [ 30.568302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.568302] kasan_report+0x102/0x140 [ 30.568302] ? kasan_atomics_helper+0xd48/0x5450 [ 30.568302] ? kasan_atomics_helper+0xd48/0x5450 [ 30.568302] kasan_check_range+0x10c/0x1c0 [ 30.568302] __kasan_check_write+0x18/0x20 [ 30.568302] kasan_atomics_helper+0xd48/0x5450 [ 30.568302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.568302] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.568302] ? trace_hardirqs_on+0x37/0xe0 [ 30.568302] ? kasan_atomics+0x153/0x310 [ 30.568302] kasan_atomics+0x1dd/0x310 [ 30.568302] ? __pfx_kasan_atomics+0x10/0x10 [ 30.568302] ? __pfx_kasan_atomics+0x10/0x10 [ 30.568302] kunit_try_run_case+0x1b3/0x490 [ 30.568302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.568302] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.568302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.568302] ? __kthread_parkme+0x82/0x160 [ 30.568302] ? preempt_count_sub+0x50/0x80 [ 30.568302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.568302] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.568302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.568302] kthread+0x257/0x310 [ 30.568302] ? __pfx_kthread+0x10/0x10 [ 30.568302] ret_from_fork+0x41/0x80 [ 30.568302] ? __pfx_kthread+0x10/0x10 [ 30.568302] ret_from_fork_asm+0x1a/0x30 [ 30.568302] </TASK> [ 30.568302] [ 30.568302] Allocated by task 274: [ 30.568302] kasan_save_stack+0x3d/0x60 [ 30.568302] kasan_save_track+0x18/0x40 [ 30.568302] kasan_save_alloc_info+0x3b/0x50 [ 30.568302] __kasan_kmalloc+0xb7/0xc0 [ 30.568302] __kmalloc_cache_noprof+0x184/0x410 [ 30.568302] kasan_atomics+0x96/0x310 [ 30.568302] kunit_try_run_case+0x1b3/0x490 [ 30.568302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.568302] kthread+0x257/0x310 [ 30.568302] ret_from_fork+0x41/0x80 [ 30.568302] ret_from_fork_asm+0x1a/0x30 [ 30.568302] [ 30.568302] The buggy address belongs to the object at ffff88810294b780 [ 30.568302] which belongs to the cache kmalloc-64 of size 64 [ 30.568302] The buggy address is located 0 bytes to the right of [ 30.568302] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.568302] [ 30.568302] The buggy address belongs to the physical page: [ 30.568302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.568302] flags: 0x200000000000000(node=0|zone=2) [ 30.568302] page_type: f5(slab) [ 30.568302] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.568302] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.568302] page dumped because: kasan: bad access detected [ 30.568302] [ 30.568302] Memory state around the buggy address: [ 30.568302] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.568302] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.568302] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.568302] ^ [ 30.568302] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.568302] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.568302] ================================================================== [ 31.956778] ================================================================== [ 31.957496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 31.957496] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.957496] [ 31.957496] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.957496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.957496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.957496] Call Trace: [ 31.957496] <TASK> [ 31.957496] dump_stack_lvl+0x73/0xb0 [ 31.957496] print_report+0xd1/0x640 [ 31.957496] ? __virt_addr_valid+0x1db/0x2d0 [ 31.957496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.957496] kasan_report+0x102/0x140 [ 31.957496] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.957496] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.957496] kasan_check_range+0x10c/0x1c0 [ 31.957496] __kasan_check_write+0x18/0x20 [ 31.957496] kasan_atomics_helper+0x1d7b/0x5450 [ 31.957496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.957496] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.957496] ? trace_hardirqs_on+0x37/0xe0 [ 31.957496] ? kasan_atomics+0x153/0x310 [ 31.957496] kasan_atomics+0x1dd/0x310 [ 31.957496] ? __pfx_kasan_atomics+0x10/0x10 [ 31.957496] ? __pfx_kasan_atomics+0x10/0x10 [ 31.957496] kunit_try_run_case+0x1b3/0x490 [ 31.957496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.957496] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.957496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.957496] ? __kthread_parkme+0x82/0x160 [ 31.957496] ? preempt_count_sub+0x50/0x80 [ 31.957496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.957496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.957496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.957496] kthread+0x257/0x310 [ 31.957496] ? __pfx_kthread+0x10/0x10 [ 31.957496] ret_from_fork+0x41/0x80 [ 31.957496] ? __pfx_kthread+0x10/0x10 [ 31.957496] ret_from_fork_asm+0x1a/0x30 [ 31.957496] </TASK> [ 31.957496] [ 31.957496] Allocated by task 274: [ 31.957496] kasan_save_stack+0x3d/0x60 [ 31.957496] kasan_save_track+0x18/0x40 [ 31.957496] kasan_save_alloc_info+0x3b/0x50 [ 31.957496] __kasan_kmalloc+0xb7/0xc0 [ 31.957496] __kmalloc_cache_noprof+0x184/0x410 [ 31.957496] kasan_atomics+0x96/0x310 [ 31.957496] kunit_try_run_case+0x1b3/0x490 [ 31.957496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.957496] kthread+0x257/0x310 [ 31.957496] ret_from_fork+0x41/0x80 [ 31.957496] ret_from_fork_asm+0x1a/0x30 [ 31.957496] [ 31.957496] The buggy address belongs to the object at ffff88810294b780 [ 31.957496] which belongs to the cache kmalloc-64 of size 64 [ 31.957496] The buggy address is located 0 bytes to the right of [ 31.957496] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.957496] [ 31.957496] The buggy address belongs to the physical page: [ 31.957496] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.957496] flags: 0x200000000000000(node=0|zone=2) [ 31.957496] page_type: f5(slab) [ 31.957496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.957496] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.957496] page dumped because: kasan: bad access detected [ 31.957496] [ 31.957496] Memory state around the buggy address: [ 31.957496] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.957496] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.957496] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.957496] ^ [ 31.957496] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.957496] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.957496] ================================================================== [ 30.839600] ================================================================== [ 30.840243] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 30.840243] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.840243] [ 30.840243] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.840243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.840243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.840243] Call Trace: [ 30.840243] <TASK> [ 30.840243] dump_stack_lvl+0x73/0xb0 [ 30.840243] print_report+0xd1/0x640 [ 30.840243] ? __virt_addr_valid+0x1db/0x2d0 [ 30.840243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.840243] kasan_report+0x102/0x140 [ 30.840243] ? kasan_atomics_helper+0x107a/0x5450 [ 30.840243] ? kasan_atomics_helper+0x107a/0x5450 [ 30.840243] kasan_check_range+0x10c/0x1c0 [ 30.840243] __kasan_check_write+0x18/0x20 [ 30.840243] kasan_atomics_helper+0x107a/0x5450 [ 30.840243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.840243] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.840243] ? trace_hardirqs_on+0x37/0xe0 [ 30.840243] ? kasan_atomics+0x153/0x310 [ 30.840243] kasan_atomics+0x1dd/0x310 [ 30.840243] ? __pfx_kasan_atomics+0x10/0x10 [ 30.840243] ? __pfx_kasan_atomics+0x10/0x10 [ 30.840243] kunit_try_run_case+0x1b3/0x490 [ 30.840243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.840243] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.840243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.840243] ? __kthread_parkme+0x82/0x160 [ 30.840243] ? preempt_count_sub+0x50/0x80 [ 30.840243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.840243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.840243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.840243] kthread+0x257/0x310 [ 30.840243] ? __pfx_kthread+0x10/0x10 [ 30.840243] ret_from_fork+0x41/0x80 [ 30.840243] ? __pfx_kthread+0x10/0x10 [ 30.840243] ret_from_fork_asm+0x1a/0x30 [ 30.840243] </TASK> [ 30.840243] [ 30.840243] Allocated by task 274: [ 30.840243] kasan_save_stack+0x3d/0x60 [ 30.840243] kasan_save_track+0x18/0x40 [ 30.840243] kasan_save_alloc_info+0x3b/0x50 [ 30.840243] __kasan_kmalloc+0xb7/0xc0 [ 30.840243] __kmalloc_cache_noprof+0x184/0x410 [ 30.840243] kasan_atomics+0x96/0x310 [ 30.840243] kunit_try_run_case+0x1b3/0x490 [ 30.840243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.840243] kthread+0x257/0x310 [ 30.840243] ret_from_fork+0x41/0x80 [ 30.840243] ret_from_fork_asm+0x1a/0x30 [ 30.840243] [ 30.840243] The buggy address belongs to the object at ffff88810294b780 [ 30.840243] which belongs to the cache kmalloc-64 of size 64 [ 30.840243] The buggy address is located 0 bytes to the right of [ 30.840243] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.840243] [ 30.840243] The buggy address belongs to the physical page: [ 30.840243] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.840243] flags: 0x200000000000000(node=0|zone=2) [ 30.840243] page_type: f5(slab) [ 30.840243] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.840243] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.840243] page dumped because: kasan: bad access detected [ 30.840243] [ 30.840243] Memory state around the buggy address: [ 30.840243] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.840243] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.840243] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.840243] ^ [ 30.840243] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.840243] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.840243] ================================================================== [ 32.042176] ================================================================== [ 32.042603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 32.042603] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.042603] [ 32.042603] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.042603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.045312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.045312] Call Trace: [ 32.045312] <TASK> [ 32.045312] dump_stack_lvl+0x73/0xb0 [ 32.045312] print_report+0xd1/0x640 [ 32.045312] ? __virt_addr_valid+0x1db/0x2d0 [ 32.045312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.045312] kasan_report+0x102/0x140 [ 32.045312] ? kasan_atomics_helper+0x1eab/0x5450 [ 32.045312] ? kasan_atomics_helper+0x1eab/0x5450 [ 32.045312] kasan_check_range+0x10c/0x1c0 [ 32.045312] __kasan_check_write+0x18/0x20 [ 32.045312] kasan_atomics_helper+0x1eab/0x5450 [ 32.045312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.045312] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.045312] ? trace_hardirqs_on+0x37/0xe0 [ 32.045312] ? kasan_atomics+0x153/0x310 [ 32.045312] kasan_atomics+0x1dd/0x310 [ 32.045312] ? __pfx_kasan_atomics+0x10/0x10 [ 32.045312] ? __pfx_kasan_atomics+0x10/0x10 [ 32.045312] kunit_try_run_case+0x1b3/0x490 [ 32.045312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.045312] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.045312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.045312] ? __kthread_parkme+0x82/0x160 [ 32.045312] ? preempt_count_sub+0x50/0x80 [ 32.045312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.045312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.045312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.045312] kthread+0x257/0x310 [ 32.045312] ? __pfx_kthread+0x10/0x10 [ 32.045312] ret_from_fork+0x41/0x80 [ 32.045312] ? __pfx_kthread+0x10/0x10 [ 32.045312] ret_from_fork_asm+0x1a/0x30 [ 32.045312] </TASK> [ 32.045312] [ 32.045312] Allocated by task 274: [ 32.045312] kasan_save_stack+0x3d/0x60 [ 32.045312] kasan_save_track+0x18/0x40 [ 32.045312] kasan_save_alloc_info+0x3b/0x50 [ 32.045312] __kasan_kmalloc+0xb7/0xc0 [ 32.045312] __kmalloc_cache_noprof+0x184/0x410 [ 32.045312] kasan_atomics+0x96/0x310 [ 32.045312] kunit_try_run_case+0x1b3/0x490 [ 32.045312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.045312] kthread+0x257/0x310 [ 32.045312] ret_from_fork+0x41/0x80 [ 32.045312] ret_from_fork_asm+0x1a/0x30 [ 32.045312] [ 32.045312] The buggy address belongs to the object at ffff88810294b780 [ 32.045312] which belongs to the cache kmalloc-64 of size 64 [ 32.045312] The buggy address is located 0 bytes to the right of [ 32.045312] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.045312] [ 32.045312] The buggy address belongs to the physical page: [ 32.045312] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.045312] flags: 0x200000000000000(node=0|zone=2) [ 32.045312] page_type: f5(slab) [ 32.045312] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.045312] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.045312] page dumped because: kasan: bad access detected [ 32.045312] [ 32.045312] Memory state around the buggy address: [ 32.045312] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.045312] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.045312] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.045312] ^ [ 32.045312] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.045312] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.045312] ================================================================== [ 32.079931] ================================================================== [ 32.080402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 32.080402] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.080402] [ 32.080402] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.080402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.080402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.080402] Call Trace: [ 32.080402] <TASK> [ 32.080402] dump_stack_lvl+0x73/0xb0 [ 32.080402] print_report+0xd1/0x640 [ 32.080402] ? __virt_addr_valid+0x1db/0x2d0 [ 32.080402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.080402] kasan_report+0x102/0x140 [ 32.080402] ? kasan_atomics_helper+0x1f44/0x5450 [ 32.080402] ? kasan_atomics_helper+0x1f44/0x5450 [ 32.080402] kasan_check_range+0x10c/0x1c0 [ 32.080402] __kasan_check_write+0x18/0x20 [ 32.080402] kasan_atomics_helper+0x1f44/0x5450 [ 32.080402] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.080402] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.080402] ? trace_hardirqs_on+0x37/0xe0 [ 32.080402] ? kasan_atomics+0x153/0x310 [ 32.080402] kasan_atomics+0x1dd/0x310 [ 32.080402] ? __pfx_kasan_atomics+0x10/0x10 [ 32.080402] ? __pfx_kasan_atomics+0x10/0x10 [ 32.080402] kunit_try_run_case+0x1b3/0x490 [ 32.080402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.080402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.080402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.080402] ? __kthread_parkme+0x82/0x160 [ 32.080402] ? preempt_count_sub+0x50/0x80 [ 32.080402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.080402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.080402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.080402] kthread+0x257/0x310 [ 32.080402] ? __pfx_kthread+0x10/0x10 [ 32.080402] ret_from_fork+0x41/0x80 [ 32.080402] ? __pfx_kthread+0x10/0x10 [ 32.080402] ret_from_fork_asm+0x1a/0x30 [ 32.080402] </TASK> [ 32.080402] [ 32.080402] Allocated by task 274: [ 32.080402] kasan_save_stack+0x3d/0x60 [ 32.080402] kasan_save_track+0x18/0x40 [ 32.080402] kasan_save_alloc_info+0x3b/0x50 [ 32.080402] __kasan_kmalloc+0xb7/0xc0 [ 32.080402] __kmalloc_cache_noprof+0x184/0x410 [ 32.080402] kasan_atomics+0x96/0x310 [ 32.080402] kunit_try_run_case+0x1b3/0x490 [ 32.080402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.080402] kthread+0x257/0x310 [ 32.080402] ret_from_fork+0x41/0x80 [ 32.080402] ret_from_fork_asm+0x1a/0x30 [ 32.080402] [ 32.080402] The buggy address belongs to the object at ffff88810294b780 [ 32.080402] which belongs to the cache kmalloc-64 of size 64 [ 32.080402] The buggy address is located 0 bytes to the right of [ 32.080402] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.080402] [ 32.080402] The buggy address belongs to the physical page: [ 32.080402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.080402] flags: 0x200000000000000(node=0|zone=2) [ 32.080402] page_type: f5(slab) [ 32.080402] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.080402] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.080402] page dumped because: kasan: bad access detected [ 32.080402] [ 32.080402] Memory state around the buggy address: [ 32.080402] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.080402] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.080402] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.080402] ^ [ 32.080402] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.080402] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.080402] ================================================================== [ 31.454848] ================================================================== [ 31.455450] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 31.455450] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.455450] [ 31.455450] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.455450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.455450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.455450] Call Trace: [ 31.455450] <TASK> [ 31.455450] dump_stack_lvl+0x73/0xb0 [ 31.455450] print_report+0xd1/0x640 [ 31.455450] ? __virt_addr_valid+0x1db/0x2d0 [ 31.455450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.455450] kasan_report+0x102/0x140 [ 31.455450] ? kasan_atomics_helper+0x1650/0x5450 [ 31.455450] ? kasan_atomics_helper+0x1650/0x5450 [ 31.455450] kasan_check_range+0x10c/0x1c0 [ 31.455450] __kasan_check_write+0x18/0x20 [ 31.455450] kasan_atomics_helper+0x1650/0x5450 [ 31.455450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.455450] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.455450] ? trace_hardirqs_on+0x37/0xe0 [ 31.455450] ? kasan_atomics+0x153/0x310 [ 31.455450] kasan_atomics+0x1dd/0x310 [ 31.455450] ? __pfx_kasan_atomics+0x10/0x10 [ 31.455450] ? __pfx_kasan_atomics+0x10/0x10 [ 31.455450] kunit_try_run_case+0x1b3/0x490 [ 31.455450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.455450] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.455450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.455450] ? __kthread_parkme+0x82/0x160 [ 31.455450] ? preempt_count_sub+0x50/0x80 [ 31.455450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.455450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.455450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.455450] kthread+0x257/0x310 [ 31.455450] ? __pfx_kthread+0x10/0x10 [ 31.455450] ret_from_fork+0x41/0x80 [ 31.455450] ? __pfx_kthread+0x10/0x10 [ 31.455450] ret_from_fork_asm+0x1a/0x30 [ 31.455450] </TASK> [ 31.455450] [ 31.455450] Allocated by task 274: [ 31.455450] kasan_save_stack+0x3d/0x60 [ 31.455450] kasan_save_track+0x18/0x40 [ 31.455450] kasan_save_alloc_info+0x3b/0x50 [ 31.455450] __kasan_kmalloc+0xb7/0xc0 [ 31.455450] __kmalloc_cache_noprof+0x184/0x410 [ 31.455450] kasan_atomics+0x96/0x310 [ 31.455450] kunit_try_run_case+0x1b3/0x490 [ 31.455450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.455450] kthread+0x257/0x310 [ 31.455450] ret_from_fork+0x41/0x80 [ 31.455450] ret_from_fork_asm+0x1a/0x30 [ 31.455450] [ 31.455450] The buggy address belongs to the object at ffff88810294b780 [ 31.455450] which belongs to the cache kmalloc-64 of size 64 [ 31.455450] The buggy address is located 0 bytes to the right of [ 31.455450] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.455450] [ 31.455450] The buggy address belongs to the physical page: [ 31.455450] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.455450] flags: 0x200000000000000(node=0|zone=2) [ 31.455450] page_type: f5(slab) [ 31.455450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.455450] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.455450] page dumped because: kasan: bad access detected [ 31.455450] [ 31.455450] Memory state around the buggy address: [ 31.455450] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.455450] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.455450] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.455450] ^ [ 31.455450] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.455450] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.455450] ================================================================== [ 31.006460] ================================================================== [ 31.008005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 31.008005] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.008005] [ 31.008005] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.008005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.008005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.008005] Call Trace: [ 31.008005] <TASK> [ 31.008005] dump_stack_lvl+0x73/0xb0 [ 31.008005] print_report+0xd1/0x640 [ 31.008005] ? __virt_addr_valid+0x1db/0x2d0 [ 31.008005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.008005] kasan_report+0x102/0x140 [ 31.008005] ? kasan_atomics_helper+0x1218/0x5450 [ 31.008005] ? kasan_atomics_helper+0x1218/0x5450 [ 31.008005] kasan_check_range+0x10c/0x1c0 [ 31.008005] __kasan_check_write+0x18/0x20 [ 31.008005] kasan_atomics_helper+0x1218/0x5450 [ 31.008005] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.008005] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.008005] ? trace_hardirqs_on+0x37/0xe0 [ 31.008005] ? kasan_atomics+0x153/0x310 [ 31.008005] kasan_atomics+0x1dd/0x310 [ 31.008005] ? __pfx_kasan_atomics+0x10/0x10 [ 31.008005] ? __pfx_kasan_atomics+0x10/0x10 [ 31.008005] kunit_try_run_case+0x1b3/0x490 [ 31.008005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.008005] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.008005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.008005] ? __kthread_parkme+0x82/0x160 [ 31.008005] ? preempt_count_sub+0x50/0x80 [ 31.008005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.008005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.008005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.008005] kthread+0x257/0x310 [ 31.008005] ? __pfx_kthread+0x10/0x10 [ 31.008005] ret_from_fork+0x41/0x80 [ 31.008005] ? __pfx_kthread+0x10/0x10 [ 31.008005] ret_from_fork_asm+0x1a/0x30 [ 31.008005] </TASK> [ 31.008005] [ 31.008005] Allocated by task 274: [ 31.008005] kasan_save_stack+0x3d/0x60 [ 31.008005] kasan_save_track+0x18/0x40 [ 31.008005] kasan_save_alloc_info+0x3b/0x50 [ 31.008005] __kasan_kmalloc+0xb7/0xc0 [ 31.008005] __kmalloc_cache_noprof+0x184/0x410 [ 31.008005] kasan_atomics+0x96/0x310 [ 31.008005] kunit_try_run_case+0x1b3/0x490 [ 31.008005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.008005] kthread+0x257/0x310 [ 31.008005] ret_from_fork+0x41/0x80 [ 31.008005] ret_from_fork_asm+0x1a/0x30 [ 31.008005] [ 31.008005] The buggy address belongs to the object at ffff88810294b780 [ 31.008005] which belongs to the cache kmalloc-64 of size 64 [ 31.008005] The buggy address is located 0 bytes to the right of [ 31.008005] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.008005] [ 31.008005] The buggy address belongs to the physical page: [ 31.008005] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.008005] flags: 0x200000000000000(node=0|zone=2) [ 31.008005] page_type: f5(slab) [ 31.008005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.008005] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.008005] page dumped because: kasan: bad access detected [ 31.008005] [ 31.008005] Memory state around the buggy address: [ 31.008005] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.008005] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.008005] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.008005] ^ [ 31.008005] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.008005] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.008005] ================================================================== [ 29.757237] ================================================================== [ 29.757510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 29.757510] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.757510] [ 29.757510] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.757510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.757510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.757510] Call Trace: [ 29.757510] <TASK> [ 29.757510] dump_stack_lvl+0x73/0xb0 [ 29.757510] print_report+0xd1/0x640 [ 29.757510] ? __virt_addr_valid+0x1db/0x2d0 [ 29.757510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.757510] kasan_report+0x102/0x140 [ 29.757510] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.757510] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.757510] __asan_report_load4_noabort+0x18/0x20 [ 29.757510] kasan_atomics_helper+0x4b8a/0x5450 [ 29.757510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.757510] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.757510] ? trace_hardirqs_on+0x37/0xe0 [ 29.757510] ? kasan_atomics+0x153/0x310 [ 29.757510] kasan_atomics+0x1dd/0x310 [ 29.757510] ? __pfx_kasan_atomics+0x10/0x10 [ 29.757510] ? __pfx_kasan_atomics+0x10/0x10 [ 29.757510] kunit_try_run_case+0x1b3/0x490 [ 29.757510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.757510] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.757510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.757510] ? __kthread_parkme+0x82/0x160 [ 29.757510] ? preempt_count_sub+0x50/0x80 [ 29.757510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.757510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.757510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.757510] kthread+0x257/0x310 [ 29.757510] ? __pfx_kthread+0x10/0x10 [ 29.757510] ret_from_fork+0x41/0x80 [ 29.757510] ? __pfx_kthread+0x10/0x10 [ 29.757510] ret_from_fork_asm+0x1a/0x30 [ 29.757510] </TASK> [ 29.757510] [ 29.757510] Allocated by task 274: [ 29.757510] kasan_save_stack+0x3d/0x60 [ 29.757510] kasan_save_track+0x18/0x40 [ 29.757510] kasan_save_alloc_info+0x3b/0x50 [ 29.757510] __kasan_kmalloc+0xb7/0xc0 [ 29.757510] __kmalloc_cache_noprof+0x184/0x410 [ 29.757510] kasan_atomics+0x96/0x310 [ 29.757510] kunit_try_run_case+0x1b3/0x490 [ 29.757510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.757510] kthread+0x257/0x310 [ 29.757510] ret_from_fork+0x41/0x80 [ 29.757510] ret_from_fork_asm+0x1a/0x30 [ 29.757510] [ 29.757510] The buggy address belongs to the object at ffff88810294b780 [ 29.757510] which belongs to the cache kmalloc-64 of size 64 [ 29.757510] The buggy address is located 0 bytes to the right of [ 29.757510] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.757510] [ 29.757510] The buggy address belongs to the physical page: [ 29.757510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.757510] flags: 0x200000000000000(node=0|zone=2) [ 29.757510] page_type: f5(slab) [ 29.757510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.757510] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.757510] page dumped because: kasan: bad access detected [ 29.757510] [ 29.757510] Memory state around the buggy address: [ 29.757510] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.757510] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.757510] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.757510] ^ [ 29.757510] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.757510] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.757510] ================================================================== [ 30.881816] ================================================================== [ 30.882348] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 30.882352] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.882352] [ 30.882352] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.882352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.882352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.886021] Call Trace: [ 30.886021] <TASK> [ 30.886021] dump_stack_lvl+0x73/0xb0 [ 30.886021] print_report+0xd1/0x640 [ 30.886021] ? __virt_addr_valid+0x1db/0x2d0 [ 30.886021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.886021] kasan_report+0x102/0x140 [ 30.886021] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.886021] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.886021] __asan_report_load4_noabort+0x18/0x20 [ 30.886021] kasan_atomics_helper+0x4a1e/0x5450 [ 30.886021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.886021] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.886021] ? trace_hardirqs_on+0x37/0xe0 [ 30.886021] ? kasan_atomics+0x153/0x310 [ 30.886021] kasan_atomics+0x1dd/0x310 [ 30.886021] ? __pfx_kasan_atomics+0x10/0x10 [ 30.886021] ? __pfx_kasan_atomics+0x10/0x10 [ 30.886021] kunit_try_run_case+0x1b3/0x490 [ 30.886021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.886021] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.886021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.886021] ? __kthread_parkme+0x82/0x160 [ 30.886021] ? preempt_count_sub+0x50/0x80 [ 30.886021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.886021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.886021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.886021] kthread+0x257/0x310 [ 30.886021] ? __pfx_kthread+0x10/0x10 [ 30.886021] ret_from_fork+0x41/0x80 [ 30.886021] ? __pfx_kthread+0x10/0x10 [ 30.886021] ret_from_fork_asm+0x1a/0x30 [ 30.886021] </TASK> [ 30.886021] [ 30.886021] Allocated by task 274: [ 30.886021] kasan_save_stack+0x3d/0x60 [ 30.886021] kasan_save_track+0x18/0x40 [ 30.886021] kasan_save_alloc_info+0x3b/0x50 [ 30.886021] __kasan_kmalloc+0xb7/0xc0 [ 30.886021] __kmalloc_cache_noprof+0x184/0x410 [ 30.886021] kasan_atomics+0x96/0x310 [ 30.886021] kunit_try_run_case+0x1b3/0x490 [ 30.886021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.886021] kthread+0x257/0x310 [ 30.886021] ret_from_fork+0x41/0x80 [ 30.886021] ret_from_fork_asm+0x1a/0x30 [ 30.886021] [ 30.886021] The buggy address belongs to the object at ffff88810294b780 [ 30.886021] which belongs to the cache kmalloc-64 of size 64 [ 30.886021] The buggy address is located 0 bytes to the right of [ 30.886021] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.886021] [ 30.886021] The buggy address belongs to the physical page: [ 30.886021] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.886021] flags: 0x200000000000000(node=0|zone=2) [ 30.886021] page_type: f5(slab) [ 30.886021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.886021] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.886021] page dumped because: kasan: bad access detected [ 30.886021] [ 30.886021] Memory state around the buggy address: [ 30.886021] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.886021] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.886021] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.886021] ^ [ 30.886021] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.886021] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.886021] ================================================================== [ 31.406968] ================================================================== [ 31.407501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 31.407711] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.407711] [ 31.407711] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.407711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.407711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.407711] Call Trace: [ 31.407711] <TASK> [ 31.407711] dump_stack_lvl+0x73/0xb0 [ 31.407711] print_report+0xd1/0x640 [ 31.407711] ? __virt_addr_valid+0x1db/0x2d0 [ 31.407711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.407711] kasan_report+0x102/0x140 [ 31.407711] ? kasan_atomics_helper+0x15b7/0x5450 [ 31.407711] ? kasan_atomics_helper+0x15b7/0x5450 [ 31.407711] kasan_check_range+0x10c/0x1c0 [ 31.407711] __kasan_check_write+0x18/0x20 [ 31.407711] kasan_atomics_helper+0x15b7/0x5450 [ 31.407711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.407711] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.407711] ? trace_hardirqs_on+0x37/0xe0 [ 31.407711] ? kasan_atomics+0x153/0x310 [ 31.407711] kasan_atomics+0x1dd/0x310 [ 31.407711] ? __pfx_kasan_atomics+0x10/0x10 [ 31.407711] ? __pfx_kasan_atomics+0x10/0x10 [ 31.407711] kunit_try_run_case+0x1b3/0x490 [ 31.407711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.407711] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.407711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.407711] ? __kthread_parkme+0x82/0x160 [ 31.407711] ? preempt_count_sub+0x50/0x80 [ 31.407711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.407711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.407711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.407711] kthread+0x257/0x310 [ 31.407711] ? __pfx_kthread+0x10/0x10 [ 31.407711] ret_from_fork+0x41/0x80 [ 31.407711] ? __pfx_kthread+0x10/0x10 [ 31.407711] ret_from_fork_asm+0x1a/0x30 [ 31.407711] </TASK> [ 31.407711] [ 31.407711] Allocated by task 274: [ 31.407711] kasan_save_stack+0x3d/0x60 [ 31.407711] kasan_save_track+0x18/0x40 [ 31.407711] kasan_save_alloc_info+0x3b/0x50 [ 31.407711] __kasan_kmalloc+0xb7/0xc0 [ 31.407711] __kmalloc_cache_noprof+0x184/0x410 [ 31.407711] kasan_atomics+0x96/0x310 [ 31.407711] kunit_try_run_case+0x1b3/0x490 [ 31.407711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.407711] kthread+0x257/0x310 [ 31.407711] ret_from_fork+0x41/0x80 [ 31.407711] ret_from_fork_asm+0x1a/0x30 [ 31.407711] [ 31.407711] The buggy address belongs to the object at ffff88810294b780 [ 31.407711] which belongs to the cache kmalloc-64 of size 64 [ 31.407711] The buggy address is located 0 bytes to the right of [ 31.407711] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.407711] [ 31.407711] The buggy address belongs to the physical page: [ 31.407711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.407711] flags: 0x200000000000000(node=0|zone=2) [ 31.407711] page_type: f5(slab) [ 31.407711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.407711] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.407711] page dumped because: kasan: bad access detected [ 31.407711] [ 31.407711] Memory state around the buggy address: [ 31.407711] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.407711] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.407711] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.407711] ^ [ 31.407711] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.407711] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.407711] ================================================================== [ 31.312949] ================================================================== [ 31.313372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 31.313372] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.314565] [ 31.314565] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.314565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.314565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.314565] Call Trace: [ 31.314565] <TASK> [ 31.314565] dump_stack_lvl+0x73/0xb0 [ 31.314565] print_report+0xd1/0x640 [ 31.314565] ? __virt_addr_valid+0x1db/0x2d0 [ 31.314565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.314565] kasan_report+0x102/0x140 [ 31.314565] ? kasan_atomics_helper+0x50d6/0x5450 [ 31.314565] ? kasan_atomics_helper+0x50d6/0x5450 [ 31.314565] __asan_report_store8_noabort+0x1b/0x30 [ 31.314565] kasan_atomics_helper+0x50d6/0x5450 [ 31.314565] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.314565] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.314565] ? trace_hardirqs_on+0x37/0xe0 [ 31.314565] ? kasan_atomics+0x153/0x310 [ 31.314565] kasan_atomics+0x1dd/0x310 [ 31.314565] ? __pfx_kasan_atomics+0x10/0x10 [ 31.314565] ? __pfx_kasan_atomics+0x10/0x10 [ 31.314565] kunit_try_run_case+0x1b3/0x490 [ 31.314565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.314565] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.314565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.314565] ? __kthread_parkme+0x82/0x160 [ 31.314565] ? preempt_count_sub+0x50/0x80 [ 31.314565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.314565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.314565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.314565] kthread+0x257/0x310 [ 31.314565] ? __pfx_kthread+0x10/0x10 [ 31.314565] ret_from_fork+0x41/0x80 [ 31.314565] ? __pfx_kthread+0x10/0x10 [ 31.314565] ret_from_fork_asm+0x1a/0x30 [ 31.314565] </TASK> [ 31.314565] [ 31.314565] Allocated by task 274: [ 31.314565] kasan_save_stack+0x3d/0x60 [ 31.314565] kasan_save_track+0x18/0x40 [ 31.314565] kasan_save_alloc_info+0x3b/0x50 [ 31.314565] __kasan_kmalloc+0xb7/0xc0 [ 31.314565] __kmalloc_cache_noprof+0x184/0x410 [ 31.314565] kasan_atomics+0x96/0x310 [ 31.314565] kunit_try_run_case+0x1b3/0x490 [ 31.314565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.314565] kthread+0x257/0x310 [ 31.314565] ret_from_fork+0x41/0x80 [ 31.314565] ret_from_fork_asm+0x1a/0x30 [ 31.314565] [ 31.314565] The buggy address belongs to the object at ffff88810294b780 [ 31.314565] which belongs to the cache kmalloc-64 of size 64 [ 31.314565] The buggy address is located 0 bytes to the right of [ 31.314565] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.314565] [ 31.314565] The buggy address belongs to the physical page: [ 31.314565] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.314565] flags: 0x200000000000000(node=0|zone=2) [ 31.314565] page_type: f5(slab) [ 31.314565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.314565] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.314565] page dumped because: kasan: bad access detected [ 31.314565] [ 31.314565] Memory state around the buggy address: [ 31.314565] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.314565] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.314565] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.314565] ^ [ 31.314565] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.314565] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.314565] ================================================================== [ 30.007567] ================================================================== [ 30.008257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 30.008257] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.008257] [ 30.008257] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.008257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.008257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.008257] Call Trace: [ 30.008257] <TASK> [ 30.008257] dump_stack_lvl+0x73/0xb0 [ 30.008257] print_report+0xd1/0x640 [ 30.008257] ? __virt_addr_valid+0x1db/0x2d0 [ 30.008257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.008257] kasan_report+0x102/0x140 [ 30.008257] ? kasan_atomics_helper+0x566/0x5450 [ 30.008257] ? kasan_atomics_helper+0x566/0x5450 [ 30.008257] kasan_check_range+0x10c/0x1c0 [ 30.008257] __kasan_check_write+0x18/0x20 [ 30.008257] kasan_atomics_helper+0x566/0x5450 [ 30.008257] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.008257] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.008257] ? trace_hardirqs_on+0x37/0xe0 [ 30.008257] ? kasan_atomics+0x153/0x310 [ 30.008257] kasan_atomics+0x1dd/0x310 [ 30.008257] ? __pfx_kasan_atomics+0x10/0x10 [ 30.008257] ? __pfx_kasan_atomics+0x10/0x10 [ 30.008257] kunit_try_run_case+0x1b3/0x490 [ 30.008257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.008257] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.008257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.008257] ? __kthread_parkme+0x82/0x160 [ 30.008257] ? preempt_count_sub+0x50/0x80 [ 30.008257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.008257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.008257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.008257] kthread+0x257/0x310 [ 30.008257] ? __pfx_kthread+0x10/0x10 [ 30.008257] ret_from_fork+0x41/0x80 [ 30.008257] ? __pfx_kthread+0x10/0x10 [ 30.008257] ret_from_fork_asm+0x1a/0x30 [ 30.008257] </TASK> [ 30.008257] [ 30.008257] Allocated by task 274: [ 30.008257] kasan_save_stack+0x3d/0x60 [ 30.008257] kasan_save_track+0x18/0x40 [ 30.008257] kasan_save_alloc_info+0x3b/0x50 [ 30.008257] __kasan_kmalloc+0xb7/0xc0 [ 30.008257] __kmalloc_cache_noprof+0x184/0x410 [ 30.008257] kasan_atomics+0x96/0x310 [ 30.008257] kunit_try_run_case+0x1b3/0x490 [ 30.008257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.008257] kthread+0x257/0x310 [ 30.008257] ret_from_fork+0x41/0x80 [ 30.008257] ret_from_fork_asm+0x1a/0x30 [ 30.008257] [ 30.008257] The buggy address belongs to the object at ffff88810294b780 [ 30.008257] which belongs to the cache kmalloc-64 of size 64 [ 30.008257] The buggy address is located 0 bytes to the right of [ 30.008257] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.008257] [ 30.008257] The buggy address belongs to the physical page: [ 30.008257] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.008257] flags: 0x200000000000000(node=0|zone=2) [ 30.008257] page_type: f5(slab) [ 30.008257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.008257] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.008257] page dumped because: kasan: bad access detected [ 30.008257] [ 30.008257] Memory state around the buggy address: [ 30.008257] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.008257] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.008257] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.008257] ^ [ 30.008257] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.008257] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.008257] ================================================================== [ 31.047960] ================================================================== [ 31.048660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 31.048711] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.048711] [ 31.048711] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.048711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.048711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.048711] Call Trace: [ 31.048711] <TASK> [ 31.048711] dump_stack_lvl+0x73/0xb0 [ 31.048711] print_report+0xd1/0x640 [ 31.048711] ? __virt_addr_valid+0x1db/0x2d0 [ 31.048711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.048711] kasan_report+0x102/0x140 [ 31.048711] ? kasan_atomics_helper+0x49ea/0x5450 [ 31.048711] ? kasan_atomics_helper+0x49ea/0x5450 [ 31.048711] __asan_report_load4_noabort+0x18/0x20 [ 31.048711] kasan_atomics_helper+0x49ea/0x5450 [ 31.048711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.048711] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.048711] ? trace_hardirqs_on+0x37/0xe0 [ 31.048711] ? kasan_atomics+0x153/0x310 [ 31.048711] kasan_atomics+0x1dd/0x310 [ 31.048711] ? __pfx_kasan_atomics+0x10/0x10 [ 31.048711] ? __pfx_kasan_atomics+0x10/0x10 [ 31.048711] kunit_try_run_case+0x1b3/0x490 [ 31.048711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.048711] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.048711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.048711] ? __kthread_parkme+0x82/0x160 [ 31.048711] ? preempt_count_sub+0x50/0x80 [ 31.048711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.048711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.048711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.048711] kthread+0x257/0x310 [ 31.048711] ? __pfx_kthread+0x10/0x10 [ 31.048711] ret_from_fork+0x41/0x80 [ 31.048711] ? __pfx_kthread+0x10/0x10 [ 31.048711] ret_from_fork_asm+0x1a/0x30 [ 31.048711] </TASK> [ 31.048711] [ 31.048711] Allocated by task 274: [ 31.048711] kasan_save_stack+0x3d/0x60 [ 31.048711] kasan_save_track+0x18/0x40 [ 31.048711] kasan_save_alloc_info+0x3b/0x50 [ 31.048711] __kasan_kmalloc+0xb7/0xc0 [ 31.048711] __kmalloc_cache_noprof+0x184/0x410 [ 31.048711] kasan_atomics+0x96/0x310 [ 31.048711] kunit_try_run_case+0x1b3/0x490 [ 31.048711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.048711] kthread+0x257/0x310 [ 31.048711] ret_from_fork+0x41/0x80 [ 31.048711] ret_from_fork_asm+0x1a/0x30 [ 31.048711] [ 31.048711] The buggy address belongs to the object at ffff88810294b780 [ 31.048711] which belongs to the cache kmalloc-64 of size 64 [ 31.048711] The buggy address is located 0 bytes to the right of [ 31.048711] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.048711] [ 31.048711] The buggy address belongs to the physical page: [ 31.048711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.048711] flags: 0x200000000000000(node=0|zone=2) [ 31.048711] page_type: f5(slab) [ 31.048711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.048711] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.048711] page dumped because: kasan: bad access detected [ 31.048711] [ 31.048711] Memory state around the buggy address: [ 31.048711] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.048711] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.048711] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.048711] ^ [ 31.048711] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.048711] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.048711] ================================================================== [ 32.461913] ================================================================== [ 32.462528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 32.462637] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.463066] [ 32.463066] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.463066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.463066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.463066] Call Trace: [ 32.463066] <TASK> [ 32.463066] dump_stack_lvl+0x73/0xb0 [ 32.463066] print_report+0xd1/0x640 [ 32.463066] ? __virt_addr_valid+0x1db/0x2d0 [ 32.463066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.463066] kasan_report+0x102/0x140 [ 32.463066] ? kasan_atomics_helper+0x5117/0x5450 [ 32.463066] ? kasan_atomics_helper+0x5117/0x5450 [ 32.463066] __asan_report_load8_noabort+0x18/0x20 [ 32.463066] kasan_atomics_helper+0x5117/0x5450 [ 32.463066] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.463066] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.463066] ? trace_hardirqs_on+0x37/0xe0 [ 32.463066] ? kasan_atomics+0x153/0x310 [ 32.463066] kasan_atomics+0x1dd/0x310 [ 32.463066] ? __pfx_kasan_atomics+0x10/0x10 [ 32.463066] ? __pfx_kasan_atomics+0x10/0x10 [ 32.463066] kunit_try_run_case+0x1b3/0x490 [ 32.463066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.463066] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.463066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.463066] ? __kthread_parkme+0x82/0x160 [ 32.463066] ? preempt_count_sub+0x50/0x80 [ 32.463066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.463066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.463066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.463066] kthread+0x257/0x310 [ 32.463066] ? __pfx_kthread+0x10/0x10 [ 32.463066] ret_from_fork+0x41/0x80 [ 32.463066] ? __pfx_kthread+0x10/0x10 [ 32.463066] ret_from_fork_asm+0x1a/0x30 [ 32.463066] </TASK> [ 32.463066] [ 32.463066] Allocated by task 274: [ 32.463066] kasan_save_stack+0x3d/0x60 [ 32.463066] kasan_save_track+0x18/0x40 [ 32.463066] kasan_save_alloc_info+0x3b/0x50 [ 32.463066] __kasan_kmalloc+0xb7/0xc0 [ 32.463066] __kmalloc_cache_noprof+0x184/0x410 [ 32.463066] kasan_atomics+0x96/0x310 [ 32.463066] kunit_try_run_case+0x1b3/0x490 [ 32.463066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.463066] kthread+0x257/0x310 [ 32.463066] ret_from_fork+0x41/0x80 [ 32.463066] ret_from_fork_asm+0x1a/0x30 [ 32.463066] [ 32.463066] The buggy address belongs to the object at ffff88810294b780 [ 32.463066] which belongs to the cache kmalloc-64 of size 64 [ 32.463066] The buggy address is located 0 bytes to the right of [ 32.463066] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.463066] [ 32.463066] The buggy address belongs to the physical page: [ 32.463066] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.463066] flags: 0x200000000000000(node=0|zone=2) [ 32.463066] page_type: f5(slab) [ 32.463066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.463066] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.463066] page dumped because: kasan: bad access detected [ 32.463066] [ 32.463066] Memory state around the buggy address: [ 32.463066] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.463066] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.463066] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.463066] ^ [ 32.463066] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.463066] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.463066] ================================================================== [ 31.750500] ================================================================== [ 31.751133] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 31.751133] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.751133] [ 31.751133] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.751133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.751133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.751133] Call Trace: [ 31.751133] <TASK> [ 31.751133] dump_stack_lvl+0x73/0xb0 [ 31.751133] print_report+0xd1/0x640 [ 31.751133] ? __virt_addr_valid+0x1db/0x2d0 [ 31.751133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.751133] kasan_report+0x102/0x140 [ 31.751133] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.751133] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.751133] kasan_check_range+0x10c/0x1c0 [ 31.751133] __kasan_check_write+0x18/0x20 [ 31.751133] kasan_atomics_helper+0x1a80/0x5450 [ 31.751133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.751133] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.751133] ? trace_hardirqs_on+0x37/0xe0 [ 31.751133] ? kasan_atomics+0x153/0x310 [ 31.751133] kasan_atomics+0x1dd/0x310 [ 31.751133] ? __pfx_kasan_atomics+0x10/0x10 [ 31.751133] ? __pfx_kasan_atomics+0x10/0x10 [ 31.751133] kunit_try_run_case+0x1b3/0x490 [ 31.751133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.751133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.751133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.751133] ? __kthread_parkme+0x82/0x160 [ 31.751133] ? preempt_count_sub+0x50/0x80 [ 31.751133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.751133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.751133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.751133] kthread+0x257/0x310 [ 31.751133] ? __pfx_kthread+0x10/0x10 [ 31.751133] ret_from_fork+0x41/0x80 [ 31.751133] ? __pfx_kthread+0x10/0x10 [ 31.751133] ret_from_fork_asm+0x1a/0x30 [ 31.751133] </TASK> [ 31.751133] [ 31.751133] Allocated by task 274: [ 31.751133] kasan_save_stack+0x3d/0x60 [ 31.751133] kasan_save_track+0x18/0x40 [ 31.751133] kasan_save_alloc_info+0x3b/0x50 [ 31.751133] __kasan_kmalloc+0xb7/0xc0 [ 31.751133] __kmalloc_cache_noprof+0x184/0x410 [ 31.751133] kasan_atomics+0x96/0x310 [ 31.751133] kunit_try_run_case+0x1b3/0x490 [ 31.751133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.751133] kthread+0x257/0x310 [ 31.751133] ret_from_fork+0x41/0x80 [ 31.751133] ret_from_fork_asm+0x1a/0x30 [ 31.751133] [ 31.751133] The buggy address belongs to the object at ffff88810294b780 [ 31.751133] which belongs to the cache kmalloc-64 of size 64 [ 31.751133] The buggy address is located 0 bytes to the right of [ 31.751133] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.751133] [ 31.751133] The buggy address belongs to the physical page: [ 31.751133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.751133] flags: 0x200000000000000(node=0|zone=2) [ 31.751133] page_type: f5(slab) [ 31.751133] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.751133] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.751133] page dumped because: kasan: bad access detected [ 31.751133] [ 31.751133] Memory state around the buggy address: [ 31.751133] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.751133] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.751133] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.751133] ^ [ 31.751133] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.751133] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.751133] ================================================================== [ 32.333631] ================================================================== [ 32.334288] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 32.334288] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.334288] [ 32.334288] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.334288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.334288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.334288] Call Trace: [ 32.334288] <TASK> [ 32.334288] dump_stack_lvl+0x73/0xb0 [ 32.334288] print_report+0xd1/0x640 [ 32.334288] ? __virt_addr_valid+0x1db/0x2d0 [ 32.334288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.334288] kasan_report+0x102/0x140 [ 32.334288] ? kasan_atomics_helper+0x218b/0x5450 [ 32.334288] ? kasan_atomics_helper+0x218b/0x5450 [ 32.334288] kasan_check_range+0x10c/0x1c0 [ 32.334288] __kasan_check_write+0x18/0x20 [ 32.334288] kasan_atomics_helper+0x218b/0x5450 [ 32.334288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.334288] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.334288] ? trace_hardirqs_on+0x37/0xe0 [ 32.334288] ? kasan_atomics+0x153/0x310 [ 32.334288] kasan_atomics+0x1dd/0x310 [ 32.334288] ? __pfx_kasan_atomics+0x10/0x10 [ 32.334288] ? __pfx_kasan_atomics+0x10/0x10 [ 32.334288] kunit_try_run_case+0x1b3/0x490 [ 32.334288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.334288] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.334288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.334288] ? __kthread_parkme+0x82/0x160 [ 32.334288] ? preempt_count_sub+0x50/0x80 [ 32.334288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.334288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.334288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.334288] kthread+0x257/0x310 [ 32.334288] ? __pfx_kthread+0x10/0x10 [ 32.334288] ret_from_fork+0x41/0x80 [ 32.334288] ? __pfx_kthread+0x10/0x10 [ 32.334288] ret_from_fork_asm+0x1a/0x30 [ 32.334288] </TASK> [ 32.334288] [ 32.334288] Allocated by task 274: [ 32.334288] kasan_save_stack+0x3d/0x60 [ 32.334288] kasan_save_track+0x18/0x40 [ 32.334288] kasan_save_alloc_info+0x3b/0x50 [ 32.334288] __kasan_kmalloc+0xb7/0xc0 [ 32.334288] __kmalloc_cache_noprof+0x184/0x410 [ 32.334288] kasan_atomics+0x96/0x310 [ 32.334288] kunit_try_run_case+0x1b3/0x490 [ 32.334288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.334288] kthread+0x257/0x310 [ 32.334288] ret_from_fork+0x41/0x80 [ 32.334288] ret_from_fork_asm+0x1a/0x30 [ 32.334288] [ 32.334288] The buggy address belongs to the object at ffff88810294b780 [ 32.334288] which belongs to the cache kmalloc-64 of size 64 [ 32.334288] The buggy address is located 0 bytes to the right of [ 32.334288] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.334288] [ 32.334288] The buggy address belongs to the physical page: [ 32.334288] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.334288] flags: 0x200000000000000(node=0|zone=2) [ 32.334288] page_type: f5(slab) [ 32.334288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.334288] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.334288] page dumped because: kasan: bad access detected [ 32.334288] [ 32.334288] Memory state around the buggy address: [ 32.334288] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.334288] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.334288] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.334288] ^ [ 32.334288] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.334288] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.334288] ================================================================== [ 29.663618] ================================================================== [ 29.664179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 29.664179] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.664179] [ 29.664179] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.664179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.664179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.664179] Call Trace: [ 29.664179] <TASK> [ 29.664179] dump_stack_lvl+0x73/0xb0 [ 29.664179] print_report+0xd1/0x640 [ 29.664179] ? __virt_addr_valid+0x1db/0x2d0 [ 29.664179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.664179] kasan_report+0x102/0x140 [ 29.672485] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.672485] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.672485] __asan_report_load4_noabort+0x18/0x20 [ 29.672485] kasan_atomics_helper+0x4bbe/0x5450 [ 29.672485] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.672485] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.672485] ? trace_hardirqs_on+0x37/0xe0 [ 29.672485] ? kasan_atomics+0x153/0x310 [ 29.672485] kasan_atomics+0x1dd/0x310 [ 29.672485] ? __pfx_kasan_atomics+0x10/0x10 [ 29.672485] ? __pfx_kasan_atomics+0x10/0x10 [ 29.672485] kunit_try_run_case+0x1b3/0x490 [ 29.672485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.672485] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.672485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.672485] ? __kthread_parkme+0x82/0x160 [ 29.672485] ? preempt_count_sub+0x50/0x80 [ 29.672485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.672485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.672485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.672485] kthread+0x257/0x310 [ 29.672485] ? __pfx_kthread+0x10/0x10 [ 29.672485] ret_from_fork+0x41/0x80 [ 29.672485] ? __pfx_kthread+0x10/0x10 [ 29.672485] ret_from_fork_asm+0x1a/0x30 [ 29.672485] </TASK> [ 29.672485] [ 29.672485] Allocated by task 274: [ 29.672485] kasan_save_stack+0x3d/0x60 [ 29.672485] kasan_save_track+0x18/0x40 [ 29.672485] kasan_save_alloc_info+0x3b/0x50 [ 29.672485] __kasan_kmalloc+0xb7/0xc0 [ 29.672485] __kmalloc_cache_noprof+0x184/0x410 [ 29.672485] kasan_atomics+0x96/0x310 [ 29.672485] kunit_try_run_case+0x1b3/0x490 [ 29.672485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.672485] kthread+0x257/0x310 [ 29.672485] ret_from_fork+0x41/0x80 [ 29.672485] ret_from_fork_asm+0x1a/0x30 [ 29.672485] [ 29.672485] The buggy address belongs to the object at ffff88810294b780 [ 29.672485] which belongs to the cache kmalloc-64 of size 64 [ 29.672485] The buggy address is located 0 bytes to the right of [ 29.672485] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.672485] [ 29.672485] The buggy address belongs to the physical page: [ 29.672485] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.672485] flags: 0x200000000000000(node=0|zone=2) [ 29.672485] page_type: f5(slab) [ 29.672485] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.672485] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.672485] page dumped because: kasan: bad access detected [ 29.672485] [ 29.672485] Memory state around the buggy address: [ 29.672485] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.672485] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.672485] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.672485] ^ [ 29.672485] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.672485] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.672485] ================================================================== [ 30.356319] ================================================================== [ 30.356958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 30.358471] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.358471] [ 30.358471] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.358471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.358471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.358471] Call Trace: [ 30.358471] <TASK> [ 30.358471] dump_stack_lvl+0x73/0xb0 [ 30.358471] print_report+0xd1/0x640 [ 30.358471] ? __virt_addr_valid+0x1db/0x2d0 [ 30.358471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.358471] kasan_report+0x102/0x140 [ 30.358471] ? kasan_atomics_helper+0xa2c/0x5450 [ 30.358471] ? kasan_atomics_helper+0xa2c/0x5450 [ 30.358471] kasan_check_range+0x10c/0x1c0 [ 30.358471] __kasan_check_write+0x18/0x20 [ 30.358471] kasan_atomics_helper+0xa2c/0x5450 [ 30.358471] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.358471] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.358471] ? trace_hardirqs_on+0x37/0xe0 [ 30.358471] ? kasan_atomics+0x153/0x310 [ 30.358471] kasan_atomics+0x1dd/0x310 [ 30.358471] ? __pfx_kasan_atomics+0x10/0x10 [ 30.358471] ? __pfx_kasan_atomics+0x10/0x10 [ 30.358471] kunit_try_run_case+0x1b3/0x490 [ 30.358471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.358471] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.358471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.358471] ? __kthread_parkme+0x82/0x160 [ 30.358471] ? preempt_count_sub+0x50/0x80 [ 30.358471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.358471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.358471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.358471] kthread+0x257/0x310 [ 30.358471] ? __pfx_kthread+0x10/0x10 [ 30.358471] ret_from_fork+0x41/0x80 [ 30.358471] ? __pfx_kthread+0x10/0x10 [ 30.358471] ret_from_fork_asm+0x1a/0x30 [ 30.358471] </TASK> [ 30.358471] [ 30.358471] Allocated by task 274: [ 30.358471] kasan_save_stack+0x3d/0x60 [ 30.358471] kasan_save_track+0x18/0x40 [ 30.358471] kasan_save_alloc_info+0x3b/0x50 [ 30.358471] __kasan_kmalloc+0xb7/0xc0 [ 30.358471] __kmalloc_cache_noprof+0x184/0x410 [ 30.358471] kasan_atomics+0x96/0x310 [ 30.358471] kunit_try_run_case+0x1b3/0x490 [ 30.358471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.358471] kthread+0x257/0x310 [ 30.358471] ret_from_fork+0x41/0x80 [ 30.358471] ret_from_fork_asm+0x1a/0x30 [ 30.358471] [ 30.358471] The buggy address belongs to the object at ffff88810294b780 [ 30.358471] which belongs to the cache kmalloc-64 of size 64 [ 30.358471] The buggy address is located 0 bytes to the right of [ 30.358471] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.358471] [ 30.358471] The buggy address belongs to the physical page: [ 30.358471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.358471] flags: 0x200000000000000(node=0|zone=2) [ 30.358471] page_type: f5(slab) [ 30.358471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.358471] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.358471] page dumped because: kasan: bad access detected [ 30.358471] [ 30.358471] Memory state around the buggy address: [ 30.358471] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.358471] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.358471] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.358471] ^ [ 30.358471] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.358471] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.358471] ================================================================== [ 32.245948] ================================================================== [ 32.246329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 32.246728] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.246728] [ 32.246728] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.246728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.246728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.246728] Call Trace: [ 32.246728] <TASK> [ 32.246728] dump_stack_lvl+0x73/0xb0 [ 32.246728] print_report+0xd1/0x640 [ 32.246728] ? __virt_addr_valid+0x1db/0x2d0 [ 32.246728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.246728] kasan_report+0x102/0x140 [ 32.246728] ? kasan_atomics_helper+0x20c9/0x5450 [ 32.246728] ? kasan_atomics_helper+0x20c9/0x5450 [ 32.246728] kasan_check_range+0x10c/0x1c0 [ 32.246728] __kasan_check_write+0x18/0x20 [ 32.246728] kasan_atomics_helper+0x20c9/0x5450 [ 32.246728] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.246728] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.246728] ? trace_hardirqs_on+0x37/0xe0 [ 32.246728] ? kasan_atomics+0x153/0x310 [ 32.246728] kasan_atomics+0x1dd/0x310 [ 32.246728] ? __pfx_kasan_atomics+0x10/0x10 [ 32.246728] ? __pfx_kasan_atomics+0x10/0x10 [ 32.246728] kunit_try_run_case+0x1b3/0x490 [ 32.246728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.246728] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.246728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.246728] ? __kthread_parkme+0x82/0x160 [ 32.246728] ? preempt_count_sub+0x50/0x80 [ 32.246728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.246728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.246728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.246728] kthread+0x257/0x310 [ 32.246728] ? __pfx_kthread+0x10/0x10 [ 32.246728] ret_from_fork+0x41/0x80 [ 32.246728] ? __pfx_kthread+0x10/0x10 [ 32.246728] ret_from_fork_asm+0x1a/0x30 [ 32.246728] </TASK> [ 32.246728] [ 32.246728] Allocated by task 274: [ 32.246728] kasan_save_stack+0x3d/0x60 [ 32.246728] kasan_save_track+0x18/0x40 [ 32.246728] kasan_save_alloc_info+0x3b/0x50 [ 32.246728] __kasan_kmalloc+0xb7/0xc0 [ 32.246728] __kmalloc_cache_noprof+0x184/0x410 [ 32.246728] kasan_atomics+0x96/0x310 [ 32.246728] kunit_try_run_case+0x1b3/0x490 [ 32.246728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.246728] kthread+0x257/0x310 [ 32.246728] ret_from_fork+0x41/0x80 [ 32.246728] ret_from_fork_asm+0x1a/0x30 [ 32.246728] [ 32.246728] The buggy address belongs to the object at ffff88810294b780 [ 32.246728] which belongs to the cache kmalloc-64 of size 64 [ 32.246728] The buggy address is located 0 bytes to the right of [ 32.246728] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.246728] [ 32.246728] The buggy address belongs to the physical page: [ 32.246728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.246728] flags: 0x200000000000000(node=0|zone=2) [ 32.246728] page_type: f5(slab) [ 32.246728] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.246728] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.246728] page dumped because: kasan: bad access detected [ 32.246728] [ 32.246728] Memory state around the buggy address: [ 32.246728] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.246728] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.246728] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.246728] ^ [ 32.246728] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.246728] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.246728] ================================================================== [ 31.670844] ================================================================== [ 31.671410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 31.671599] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.671599] [ 31.671599] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.672965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.672965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.672965] Call Trace: [ 31.672965] <TASK> [ 31.672965] dump_stack_lvl+0x73/0xb0 [ 31.672965] print_report+0xd1/0x640 [ 31.672965] ? __virt_addr_valid+0x1db/0x2d0 [ 31.672965] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.672965] kasan_report+0x102/0x140 [ 31.672965] ? kasan_atomics_helper+0x194b/0x5450 [ 31.672965] ? kasan_atomics_helper+0x194b/0x5450 [ 31.672965] kasan_check_range+0x10c/0x1c0 [ 31.672965] __kasan_check_write+0x18/0x20 [ 31.672965] kasan_atomics_helper+0x194b/0x5450 [ 31.672965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.672965] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.672965] ? trace_hardirqs_on+0x37/0xe0 [ 31.672965] ? kasan_atomics+0x153/0x310 [ 31.672965] kasan_atomics+0x1dd/0x310 [ 31.672965] ? __pfx_kasan_atomics+0x10/0x10 [ 31.672965] ? __pfx_kasan_atomics+0x10/0x10 [ 31.672965] kunit_try_run_case+0x1b3/0x490 [ 31.672965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.672965] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.672965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.672965] ? __kthread_parkme+0x82/0x160 [ 31.672965] ? preempt_count_sub+0x50/0x80 [ 31.672965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.672965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.672965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.672965] kthread+0x257/0x310 [ 31.672965] ? __pfx_kthread+0x10/0x10 [ 31.672965] ret_from_fork+0x41/0x80 [ 31.672965] ? __pfx_kthread+0x10/0x10 [ 31.672965] ret_from_fork_asm+0x1a/0x30 [ 31.672965] </TASK> [ 31.672965] [ 31.672965] Allocated by task 274: [ 31.672965] kasan_save_stack+0x3d/0x60 [ 31.672965] kasan_save_track+0x18/0x40 [ 31.672965] kasan_save_alloc_info+0x3b/0x50 [ 31.672965] __kasan_kmalloc+0xb7/0xc0 [ 31.672965] __kmalloc_cache_noprof+0x184/0x410 [ 31.672965] kasan_atomics+0x96/0x310 [ 31.672965] kunit_try_run_case+0x1b3/0x490 [ 31.672965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.672965] kthread+0x257/0x310 [ 31.672965] ret_from_fork+0x41/0x80 [ 31.672965] ret_from_fork_asm+0x1a/0x30 [ 31.672965] [ 31.672965] The buggy address belongs to the object at ffff88810294b780 [ 31.672965] which belongs to the cache kmalloc-64 of size 64 [ 31.672965] The buggy address is located 0 bytes to the right of [ 31.672965] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.672965] [ 31.672965] The buggy address belongs to the physical page: [ 31.672965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.672965] flags: 0x200000000000000(node=0|zone=2) [ 31.672965] page_type: f5(slab) [ 31.672965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.672965] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.672965] page dumped because: kasan: bad access detected [ 31.672965] [ 31.672965] Memory state around the buggy address: [ 31.672965] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.672965] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.672965] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.672965] ^ [ 31.672965] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.672965] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.672965] ================================================================== [ 30.137527] ================================================================== [ 30.138320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 30.138394] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.138394] [ 30.138394] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.138394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.138394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.138394] Call Trace: [ 30.138394] <TASK> [ 30.138394] dump_stack_lvl+0x73/0xb0 [ 30.138394] print_report+0xd1/0x640 [ 30.138394] ? __virt_addr_valid+0x1db/0x2d0 [ 30.138394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.138394] kasan_report+0x102/0x140 [ 30.138394] ? kasan_atomics_helper+0x730/0x5450 [ 30.138394] ? kasan_atomics_helper+0x730/0x5450 [ 30.138394] kasan_check_range+0x10c/0x1c0 [ 30.138394] __kasan_check_write+0x18/0x20 [ 30.138394] kasan_atomics_helper+0x730/0x5450 [ 30.138394] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.138394] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.138394] ? trace_hardirqs_on+0x37/0xe0 [ 30.138394] ? kasan_atomics+0x153/0x310 [ 30.138394] kasan_atomics+0x1dd/0x310 [ 30.138394] ? __pfx_kasan_atomics+0x10/0x10 [ 30.138394] ? __pfx_kasan_atomics+0x10/0x10 [ 30.138394] kunit_try_run_case+0x1b3/0x490 [ 30.138394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.138394] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.138394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.138394] ? __kthread_parkme+0x82/0x160 [ 30.138394] ? preempt_count_sub+0x50/0x80 [ 30.138394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.138394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.138394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.138394] kthread+0x257/0x310 [ 30.138394] ? __pfx_kthread+0x10/0x10 [ 30.138394] ret_from_fork+0x41/0x80 [ 30.138394] ? __pfx_kthread+0x10/0x10 [ 30.138394] ret_from_fork_asm+0x1a/0x30 [ 30.138394] </TASK> [ 30.138394] [ 30.138394] Allocated by task 274: [ 30.138394] kasan_save_stack+0x3d/0x60 [ 30.138394] kasan_save_track+0x18/0x40 [ 30.138394] kasan_save_alloc_info+0x3b/0x50 [ 30.138394] __kasan_kmalloc+0xb7/0xc0 [ 30.138394] __kmalloc_cache_noprof+0x184/0x410 [ 30.138394] kasan_atomics+0x96/0x310 [ 30.138394] kunit_try_run_case+0x1b3/0x490 [ 30.138394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.138394] kthread+0x257/0x310 [ 30.138394] ret_from_fork+0x41/0x80 [ 30.138394] ret_from_fork_asm+0x1a/0x30 [ 30.138394] [ 30.138394] The buggy address belongs to the object at ffff88810294b780 [ 30.138394] which belongs to the cache kmalloc-64 of size 64 [ 30.138394] The buggy address is located 0 bytes to the right of [ 30.138394] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.138394] [ 30.138394] The buggy address belongs to the physical page: [ 30.138394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.138394] flags: 0x200000000000000(node=0|zone=2) [ 30.138394] page_type: f5(slab) [ 30.138394] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.138394] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.138394] page dumped because: kasan: bad access detected [ 30.138394] [ 30.138394] Memory state around the buggy address: [ 30.138394] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.138394] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.138394] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.138394] ^ [ 30.138394] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.138394] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.138394] ================================================================== [ 30.049634] ================================================================== [ 30.050307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 30.050376] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.050376] [ 30.050376] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.050376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.050376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.050376] Call Trace: [ 30.050376] <TASK> [ 30.050376] dump_stack_lvl+0x73/0xb0 [ 30.050376] print_report+0xd1/0x640 [ 30.050376] ? __virt_addr_valid+0x1db/0x2d0 [ 30.050376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.050376] kasan_report+0x102/0x140 [ 30.050376] ? kasan_atomics_helper+0x5ff/0x5450 [ 30.050376] ? kasan_atomics_helper+0x5ff/0x5450 [ 30.050376] kasan_check_range+0x10c/0x1c0 [ 30.050376] __kasan_check_write+0x18/0x20 [ 30.050376] kasan_atomics_helper+0x5ff/0x5450 [ 30.050376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.050376] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.050376] ? trace_hardirqs_on+0x37/0xe0 [ 30.050376] ? kasan_atomics+0x153/0x310 [ 30.050376] kasan_atomics+0x1dd/0x310 [ 30.050376] ? __pfx_kasan_atomics+0x10/0x10 [ 30.050376] ? __pfx_kasan_atomics+0x10/0x10 [ 30.050376] kunit_try_run_case+0x1b3/0x490 [ 30.050376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.050376] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.050376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.050376] ? __kthread_parkme+0x82/0x160 [ 30.050376] ? preempt_count_sub+0x50/0x80 [ 30.050376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.050376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.050376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.050376] kthread+0x257/0x310 [ 30.050376] ? __pfx_kthread+0x10/0x10 [ 30.050376] ret_from_fork+0x41/0x80 [ 30.050376] ? __pfx_kthread+0x10/0x10 [ 30.050376] ret_from_fork_asm+0x1a/0x30 [ 30.050376] </TASK> [ 30.050376] [ 30.050376] Allocated by task 274: [ 30.050376] kasan_save_stack+0x3d/0x60 [ 30.050376] kasan_save_track+0x18/0x40 [ 30.050376] kasan_save_alloc_info+0x3b/0x50 [ 30.050376] __kasan_kmalloc+0xb7/0xc0 [ 30.050376] __kmalloc_cache_noprof+0x184/0x410 [ 30.050376] kasan_atomics+0x96/0x310 [ 30.050376] kunit_try_run_case+0x1b3/0x490 [ 30.050376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.050376] kthread+0x257/0x310 [ 30.050376] ret_from_fork+0x41/0x80 [ 30.050376] ret_from_fork_asm+0x1a/0x30 [ 30.050376] [ 30.050376] The buggy address belongs to the object at ffff88810294b780 [ 30.050376] which belongs to the cache kmalloc-64 of size 64 [ 30.050376] The buggy address is located 0 bytes to the right of [ 30.050376] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.050376] [ 30.050376] The buggy address belongs to the physical page: [ 30.050376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.050376] flags: 0x200000000000000(node=0|zone=2) [ 30.050376] page_type: f5(slab) [ 30.050376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.050376] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.050376] page dumped because: kasan: bad access detected [ 30.050376] [ 30.050376] Memory state around the buggy address: [ 30.050376] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.050376] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.050376] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.050376] ^ [ 30.050376] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.050376] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.050376] ================================================================== [ 32.163994] ================================================================== [ 32.164152] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 32.164152] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.164152] [ 32.164152] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.164152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.164152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.164152] Call Trace: [ 32.164152] <TASK> [ 32.164152] dump_stack_lvl+0x73/0xb0 [ 32.164152] print_report+0xd1/0x640 [ 32.170011] ? __virt_addr_valid+0x1db/0x2d0 [ 32.170011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.170011] kasan_report+0x102/0x140 [ 32.170011] ? kasan_atomics_helper+0x2007/0x5450 [ 32.170011] ? kasan_atomics_helper+0x2007/0x5450 [ 32.170011] kasan_check_range+0x10c/0x1c0 [ 32.170011] __kasan_check_write+0x18/0x20 [ 32.170011] kasan_atomics_helper+0x2007/0x5450 [ 32.170011] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.170011] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.170011] ? trace_hardirqs_on+0x37/0xe0 [ 32.170011] ? kasan_atomics+0x153/0x310 [ 32.170011] kasan_atomics+0x1dd/0x310 [ 32.170011] ? __pfx_kasan_atomics+0x10/0x10 [ 32.170011] ? __pfx_kasan_atomics+0x10/0x10 [ 32.170011] kunit_try_run_case+0x1b3/0x490 [ 32.170011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.170011] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.170011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.170011] ? __kthread_parkme+0x82/0x160 [ 32.170011] ? preempt_count_sub+0x50/0x80 [ 32.170011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.170011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.170011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.170011] kthread+0x257/0x310 [ 32.170011] ? __pfx_kthread+0x10/0x10 [ 32.170011] ret_from_fork+0x41/0x80 [ 32.170011] ? __pfx_kthread+0x10/0x10 [ 32.170011] ret_from_fork_asm+0x1a/0x30 [ 32.170011] </TASK> [ 32.170011] [ 32.170011] Allocated by task 274: [ 32.170011] kasan_save_stack+0x3d/0x60 [ 32.170011] kasan_save_track+0x18/0x40 [ 32.170011] kasan_save_alloc_info+0x3b/0x50 [ 32.170011] __kasan_kmalloc+0xb7/0xc0 [ 32.170011] __kmalloc_cache_noprof+0x184/0x410 [ 32.170011] kasan_atomics+0x96/0x310 [ 32.170011] kunit_try_run_case+0x1b3/0x490 [ 32.170011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.170011] kthread+0x257/0x310 [ 32.170011] ret_from_fork+0x41/0x80 [ 32.170011] ret_from_fork_asm+0x1a/0x30 [ 32.170011] [ 32.170011] The buggy address belongs to the object at ffff88810294b780 [ 32.170011] which belongs to the cache kmalloc-64 of size 64 [ 32.170011] The buggy address is located 0 bytes to the right of [ 32.170011] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.170011] [ 32.170011] The buggy address belongs to the physical page: [ 32.170011] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.170011] flags: 0x200000000000000(node=0|zone=2) [ 32.170011] page_type: f5(slab) [ 32.170011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.170011] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.170011] page dumped because: kasan: bad access detected [ 32.170011] [ 32.170011] Memory state around the buggy address: [ 32.170011] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.170011] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.170011] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.170011] ^ [ 32.170011] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.170011] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.170011] ================================================================== [ 32.001355] ================================================================== [ 32.002056] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 32.002240] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.002240] [ 32.002240] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.002240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.002240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.002240] Call Trace: [ 32.002240] <TASK> [ 32.002240] dump_stack_lvl+0x73/0xb0 [ 32.002240] print_report+0xd1/0x640 [ 32.002240] ? __virt_addr_valid+0x1db/0x2d0 [ 32.002240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.002240] kasan_report+0x102/0x140 [ 32.002240] ? kasan_atomics_helper+0x1e13/0x5450 [ 32.002240] ? kasan_atomics_helper+0x1e13/0x5450 [ 32.002240] kasan_check_range+0x10c/0x1c0 [ 32.002240] __kasan_check_write+0x18/0x20 [ 32.002240] kasan_atomics_helper+0x1e13/0x5450 [ 32.002240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.002240] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.002240] ? trace_hardirqs_on+0x37/0xe0 [ 32.002240] ? kasan_atomics+0x153/0x310 [ 32.002240] kasan_atomics+0x1dd/0x310 [ 32.002240] ? __pfx_kasan_atomics+0x10/0x10 [ 32.002240] ? __pfx_kasan_atomics+0x10/0x10 [ 32.002240] kunit_try_run_case+0x1b3/0x490 [ 32.002240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.002240] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.002240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.002240] ? __kthread_parkme+0x82/0x160 [ 32.002240] ? preempt_count_sub+0x50/0x80 [ 32.002240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.002240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.002240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.002240] kthread+0x257/0x310 [ 32.002240] ? __pfx_kthread+0x10/0x10 [ 32.002240] ret_from_fork+0x41/0x80 [ 32.002240] ? __pfx_kthread+0x10/0x10 [ 32.002240] ret_from_fork_asm+0x1a/0x30 [ 32.002240] </TASK> [ 32.002240] [ 32.002240] Allocated by task 274: [ 32.002240] kasan_save_stack+0x3d/0x60 [ 32.002240] kasan_save_track+0x18/0x40 [ 32.002240] kasan_save_alloc_info+0x3b/0x50 [ 32.002240] __kasan_kmalloc+0xb7/0xc0 [ 32.002240] __kmalloc_cache_noprof+0x184/0x410 [ 32.002240] kasan_atomics+0x96/0x310 [ 32.002240] kunit_try_run_case+0x1b3/0x490 [ 32.002240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.002240] kthread+0x257/0x310 [ 32.002240] ret_from_fork+0x41/0x80 [ 32.002240] ret_from_fork_asm+0x1a/0x30 [ 32.002240] [ 32.002240] The buggy address belongs to the object at ffff88810294b780 [ 32.002240] which belongs to the cache kmalloc-64 of size 64 [ 32.002240] The buggy address is located 0 bytes to the right of [ 32.002240] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.002240] [ 32.002240] The buggy address belongs to the physical page: [ 32.002240] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.002240] flags: 0x200000000000000(node=0|zone=2) [ 32.002240] page_type: f5(slab) [ 32.002240] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.002240] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.002240] page dumped because: kasan: bad access detected [ 32.002240] [ 32.002240] Memory state around the buggy address: [ 32.002240] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.002240] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.002240] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.002240] ^ [ 32.002240] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.002240] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.002240] ================================================================== [ 30.220468] ================================================================== [ 30.221171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 30.222430] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.222430] [ 30.222430] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.222430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.222430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.222430] Call Trace: [ 30.222430] <TASK> [ 30.222430] dump_stack_lvl+0x73/0xb0 [ 30.222430] print_report+0xd1/0x640 [ 30.222430] ? __virt_addr_valid+0x1db/0x2d0 [ 30.222430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.222430] kasan_report+0x102/0x140 [ 30.222430] ? kasan_atomics_helper+0x861/0x5450 [ 30.222430] ? kasan_atomics_helper+0x861/0x5450 [ 30.222430] kasan_check_range+0x10c/0x1c0 [ 30.222430] __kasan_check_write+0x18/0x20 [ 30.222430] kasan_atomics_helper+0x861/0x5450 [ 30.222430] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.222430] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.222430] ? trace_hardirqs_on+0x37/0xe0 [ 30.222430] ? kasan_atomics+0x153/0x310 [ 30.222430] kasan_atomics+0x1dd/0x310 [ 30.222430] ? __pfx_kasan_atomics+0x10/0x10 [ 30.222430] ? __pfx_kasan_atomics+0x10/0x10 [ 30.222430] kunit_try_run_case+0x1b3/0x490 [ 30.222430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.222430] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.222430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.222430] ? __kthread_parkme+0x82/0x160 [ 30.222430] ? preempt_count_sub+0x50/0x80 [ 30.222430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.222430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.222430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.222430] kthread+0x257/0x310 [ 30.222430] ? __pfx_kthread+0x10/0x10 [ 30.222430] ret_from_fork+0x41/0x80 [ 30.222430] ? __pfx_kthread+0x10/0x10 [ 30.222430] ret_from_fork_asm+0x1a/0x30 [ 30.222430] </TASK> [ 30.222430] [ 30.222430] Allocated by task 274: [ 30.222430] kasan_save_stack+0x3d/0x60 [ 30.222430] kasan_save_track+0x18/0x40 [ 30.222430] kasan_save_alloc_info+0x3b/0x50 [ 30.222430] __kasan_kmalloc+0xb7/0xc0 [ 30.222430] __kmalloc_cache_noprof+0x184/0x410 [ 30.222430] kasan_atomics+0x96/0x310 [ 30.222430] kunit_try_run_case+0x1b3/0x490 [ 30.222430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.222430] kthread+0x257/0x310 [ 30.222430] ret_from_fork+0x41/0x80 [ 30.222430] ret_from_fork_asm+0x1a/0x30 [ 30.222430] [ 30.222430] The buggy address belongs to the object at ffff88810294b780 [ 30.222430] which belongs to the cache kmalloc-64 of size 64 [ 30.222430] The buggy address is located 0 bytes to the right of [ 30.222430] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.222430] [ 30.222430] The buggy address belongs to the physical page: [ 30.222430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.222430] flags: 0x200000000000000(node=0|zone=2) [ 30.222430] page_type: f5(slab) [ 30.222430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.222430] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.222430] page dumped because: kasan: bad access detected [ 30.222430] [ 30.222430] Memory state around the buggy address: [ 30.222430] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.222430] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.222430] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.222430] ^ [ 30.222430] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.222430] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.222430] ================================================================== [ 31.264019] ================================================================== [ 31.264416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 31.264655] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.264655] [ 31.264655] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.264655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.264655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.264655] Call Trace: [ 31.264655] <TASK> [ 31.264655] dump_stack_lvl+0x73/0xb0 [ 31.264655] print_report+0xd1/0x640 [ 31.264655] ? __virt_addr_valid+0x1db/0x2d0 [ 31.264655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.264655] kasan_report+0x102/0x140 [ 31.264655] ? kasan_atomics_helper+0x1468/0x5450 [ 31.264655] ? kasan_atomics_helper+0x1468/0x5450 [ 31.264655] kasan_check_range+0x10c/0x1c0 [ 31.264655] __kasan_check_write+0x18/0x20 [ 31.264655] kasan_atomics_helper+0x1468/0x5450 [ 31.264655] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.264655] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.264655] ? trace_hardirqs_on+0x37/0xe0 [ 31.264655] ? kasan_atomics+0x153/0x310 [ 31.264655] kasan_atomics+0x1dd/0x310 [ 31.264655] ? __pfx_kasan_atomics+0x10/0x10 [ 31.264655] ? __pfx_kasan_atomics+0x10/0x10 [ 31.264655] kunit_try_run_case+0x1b3/0x490 [ 31.264655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.264655] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.264655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.264655] ? __kthread_parkme+0x82/0x160 [ 31.264655] ? preempt_count_sub+0x50/0x80 [ 31.264655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.264655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.264655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.264655] kthread+0x257/0x310 [ 31.264655] ? __pfx_kthread+0x10/0x10 [ 31.264655] ret_from_fork+0x41/0x80 [ 31.264655] ? __pfx_kthread+0x10/0x10 [ 31.264655] ret_from_fork_asm+0x1a/0x30 [ 31.264655] </TASK> [ 31.264655] [ 31.264655] Allocated by task 274: [ 31.264655] kasan_save_stack+0x3d/0x60 [ 31.264655] kasan_save_track+0x18/0x40 [ 31.264655] kasan_save_alloc_info+0x3b/0x50 [ 31.264655] __kasan_kmalloc+0xb7/0xc0 [ 31.264655] __kmalloc_cache_noprof+0x184/0x410 [ 31.264655] kasan_atomics+0x96/0x310 [ 31.264655] kunit_try_run_case+0x1b3/0x490 [ 31.264655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.264655] kthread+0x257/0x310 [ 31.264655] ret_from_fork+0x41/0x80 [ 31.264655] ret_from_fork_asm+0x1a/0x30 [ 31.264655] [ 31.264655] The buggy address belongs to the object at ffff88810294b780 [ 31.264655] which belongs to the cache kmalloc-64 of size 64 [ 31.264655] The buggy address is located 0 bytes to the right of [ 31.264655] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.264655] [ 31.264655] The buggy address belongs to the physical page: [ 31.264655] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.264655] flags: 0x200000000000000(node=0|zone=2) [ 31.264655] page_type: f5(slab) [ 31.264655] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.264655] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.264655] page dumped because: kasan: bad access detected [ 31.264655] [ 31.264655] Memory state around the buggy address: [ 31.264655] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.264655] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.264655] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.264655] ^ [ 31.264655] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.264655] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.264655] ================================================================== [ 30.437166] ================================================================== [ 30.437589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 30.438255] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.438255] [ 30.438255] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.438255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.438255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.438255] Call Trace: [ 30.438255] <TASK> [ 30.438255] dump_stack_lvl+0x73/0xb0 [ 30.438255] print_report+0xd1/0x640 [ 30.438255] ? __virt_addr_valid+0x1db/0x2d0 [ 30.438255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.438255] kasan_report+0x102/0x140 [ 30.438255] ? kasan_atomics_helper+0xb6b/0x5450 [ 30.438255] ? kasan_atomics_helper+0xb6b/0x5450 [ 30.438255] kasan_check_range+0x10c/0x1c0 [ 30.438255] __kasan_check_write+0x18/0x20 [ 30.438255] kasan_atomics_helper+0xb6b/0x5450 [ 30.438255] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.438255] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.438255] ? trace_hardirqs_on+0x37/0xe0 [ 30.438255] ? kasan_atomics+0x153/0x310 [ 30.438255] kasan_atomics+0x1dd/0x310 [ 30.438255] ? __pfx_kasan_atomics+0x10/0x10 [ 30.438255] ? __pfx_kasan_atomics+0x10/0x10 [ 30.438255] kunit_try_run_case+0x1b3/0x490 [ 30.438255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.438255] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.438255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.438255] ? __kthread_parkme+0x82/0x160 [ 30.438255] ? preempt_count_sub+0x50/0x80 [ 30.438255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.438255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.438255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.438255] kthread+0x257/0x310 [ 30.438255] ? __pfx_kthread+0x10/0x10 [ 30.438255] ret_from_fork+0x41/0x80 [ 30.438255] ? __pfx_kthread+0x10/0x10 [ 30.438255] ret_from_fork_asm+0x1a/0x30 [ 30.438255] </TASK> [ 30.438255] [ 30.438255] Allocated by task 274: [ 30.438255] kasan_save_stack+0x3d/0x60 [ 30.438255] kasan_save_track+0x18/0x40 [ 30.438255] kasan_save_alloc_info+0x3b/0x50 [ 30.438255] __kasan_kmalloc+0xb7/0xc0 [ 30.438255] __kmalloc_cache_noprof+0x184/0x410 [ 30.438255] kasan_atomics+0x96/0x310 [ 30.438255] kunit_try_run_case+0x1b3/0x490 [ 30.438255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.438255] kthread+0x257/0x310 [ 30.438255] ret_from_fork+0x41/0x80 [ 30.438255] ret_from_fork_asm+0x1a/0x30 [ 30.438255] [ 30.438255] The buggy address belongs to the object at ffff88810294b780 [ 30.438255] which belongs to the cache kmalloc-64 of size 64 [ 30.438255] The buggy address is located 0 bytes to the right of [ 30.438255] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.438255] [ 30.438255] The buggy address belongs to the physical page: [ 30.438255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.438255] flags: 0x200000000000000(node=0|zone=2) [ 30.438255] page_type: f5(slab) [ 30.438255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.438255] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.438255] page dumped because: kasan: bad access detected [ 30.438255] [ 30.438255] Memory state around the buggy address: [ 30.438255] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.438255] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.438255] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.438255] ^ [ 30.438255] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.438255] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.438255] ================================================================== [ 31.223754] ================================================================== [ 31.224335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 31.224335] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.224335] [ 31.224335] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.224335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.224335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.224335] Call Trace: [ 31.224335] <TASK> [ 31.224335] dump_stack_lvl+0x73/0xb0 [ 31.224335] print_report+0xd1/0x640 [ 31.224335] ? __virt_addr_valid+0x1db/0x2d0 [ 31.224335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.224335] kasan_report+0x102/0x140 [ 31.224335] ? kasan_atomics_helper+0x4eb0/0x5450 [ 31.224335] ? kasan_atomics_helper+0x4eb0/0x5450 [ 31.224335] __asan_report_load8_noabort+0x18/0x20 [ 31.224335] kasan_atomics_helper+0x4eb0/0x5450 [ 31.224335] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.224335] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.224335] ? trace_hardirqs_on+0x37/0xe0 [ 31.224335] ? kasan_atomics+0x153/0x310 [ 31.224335] kasan_atomics+0x1dd/0x310 [ 31.224335] ? __pfx_kasan_atomics+0x10/0x10 [ 31.224335] ? __pfx_kasan_atomics+0x10/0x10 [ 31.224335] kunit_try_run_case+0x1b3/0x490 [ 31.224335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.224335] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.224335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.224335] ? __kthread_parkme+0x82/0x160 [ 31.224335] ? preempt_count_sub+0x50/0x80 [ 31.224335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.224335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.224335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.224335] kthread+0x257/0x310 [ 31.224335] ? __pfx_kthread+0x10/0x10 [ 31.224335] ret_from_fork+0x41/0x80 [ 31.224335] ? __pfx_kthread+0x10/0x10 [ 31.224335] ret_from_fork_asm+0x1a/0x30 [ 31.224335] </TASK> [ 31.224335] [ 31.224335] Allocated by task 274: [ 31.224335] kasan_save_stack+0x3d/0x60 [ 31.224335] kasan_save_track+0x18/0x40 [ 31.224335] kasan_save_alloc_info+0x3b/0x50 [ 31.224335] __kasan_kmalloc+0xb7/0xc0 [ 31.224335] __kmalloc_cache_noprof+0x184/0x410 [ 31.224335] kasan_atomics+0x96/0x310 [ 31.224335] kunit_try_run_case+0x1b3/0x490 [ 31.224335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.224335] kthread+0x257/0x310 [ 31.224335] ret_from_fork+0x41/0x80 [ 31.224335] ret_from_fork_asm+0x1a/0x30 [ 31.224335] [ 31.224335] The buggy address belongs to the object at ffff88810294b780 [ 31.224335] which belongs to the cache kmalloc-64 of size 64 [ 31.224335] The buggy address is located 0 bytes to the right of [ 31.224335] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.224335] [ 31.224335] The buggy address belongs to the physical page: [ 31.224335] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.224335] flags: 0x200000000000000(node=0|zone=2) [ 31.224335] page_type: f5(slab) [ 31.224335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.224335] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.224335] page dumped because: kasan: bad access detected [ 31.224335] [ 31.224335] Memory state around the buggy address: [ 31.224335] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.224335] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.224335] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.224335] ^ [ 31.224335] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.224335] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.224335] ================================================================== [ 32.208036] ================================================================== [ 32.208766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 32.208766] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.209150] [ 32.209150] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.209150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.209150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.209150] Call Trace: [ 32.209150] <TASK> [ 32.209150] dump_stack_lvl+0x73/0xb0 [ 32.209150] print_report+0xd1/0x640 [ 32.209150] ? __virt_addr_valid+0x1db/0x2d0 [ 32.209150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.209150] kasan_report+0x102/0x140 [ 32.209150] ? kasan_atomics_helper+0x4f9a/0x5450 [ 32.209150] ? kasan_atomics_helper+0x4f9a/0x5450 [ 32.209150] __asan_report_load8_noabort+0x18/0x20 [ 32.209150] kasan_atomics_helper+0x4f9a/0x5450 [ 32.209150] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.209150] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.209150] ? trace_hardirqs_on+0x37/0xe0 [ 32.209150] ? kasan_atomics+0x153/0x310 [ 32.209150] kasan_atomics+0x1dd/0x310 [ 32.209150] ? __pfx_kasan_atomics+0x10/0x10 [ 32.209150] ? __pfx_kasan_atomics+0x10/0x10 [ 32.209150] kunit_try_run_case+0x1b3/0x490 [ 32.209150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.209150] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.209150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.209150] ? __kthread_parkme+0x82/0x160 [ 32.209150] ? preempt_count_sub+0x50/0x80 [ 32.209150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.209150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.209150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.209150] kthread+0x257/0x310 [ 32.209150] ? __pfx_kthread+0x10/0x10 [ 32.209150] ret_from_fork+0x41/0x80 [ 32.209150] ? __pfx_kthread+0x10/0x10 [ 32.209150] ret_from_fork_asm+0x1a/0x30 [ 32.209150] </TASK> [ 32.209150] [ 32.209150] Allocated by task 274: [ 32.209150] kasan_save_stack+0x3d/0x60 [ 32.209150] kasan_save_track+0x18/0x40 [ 32.209150] kasan_save_alloc_info+0x3b/0x50 [ 32.209150] __kasan_kmalloc+0xb7/0xc0 [ 32.209150] __kmalloc_cache_noprof+0x184/0x410 [ 32.209150] kasan_atomics+0x96/0x310 [ 32.209150] kunit_try_run_case+0x1b3/0x490 [ 32.209150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.209150] kthread+0x257/0x310 [ 32.209150] ret_from_fork+0x41/0x80 [ 32.209150] ret_from_fork_asm+0x1a/0x30 [ 32.209150] [ 32.209150] The buggy address belongs to the object at ffff88810294b780 [ 32.209150] which belongs to the cache kmalloc-64 of size 64 [ 32.209150] The buggy address is located 0 bytes to the right of [ 32.209150] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.209150] [ 32.209150] The buggy address belongs to the physical page: [ 32.209150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.209150] flags: 0x200000000000000(node=0|zone=2) [ 32.209150] page_type: f5(slab) [ 32.209150] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.209150] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.209150] page dumped because: kasan: bad access detected [ 32.209150] [ 32.209150] Memory state around the buggy address: [ 32.209150] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.209150] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.209150] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.209150] ^ [ 32.209150] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.209150] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.209150] ================================================================== [ 30.309875] ================================================================== [ 30.310922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 30.310922] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.310922] [ 30.310922] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.310922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.310922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.310922] Call Trace: [ 30.310922] <TASK> [ 30.310922] dump_stack_lvl+0x73/0xb0 [ 30.310922] print_report+0xd1/0x640 [ 30.310922] ? __virt_addr_valid+0x1db/0x2d0 [ 30.310922] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.310922] kasan_report+0x102/0x140 [ 30.310922] ? kasan_atomics_helper+0x993/0x5450 [ 30.310922] ? kasan_atomics_helper+0x993/0x5450 [ 30.310922] kasan_check_range+0x10c/0x1c0 [ 30.310922] __kasan_check_write+0x18/0x20 [ 30.310922] kasan_atomics_helper+0x993/0x5450 [ 30.310922] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.310922] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.310922] ? trace_hardirqs_on+0x37/0xe0 [ 30.310922] ? kasan_atomics+0x153/0x310 [ 30.310922] kasan_atomics+0x1dd/0x310 [ 30.310922] ? __pfx_kasan_atomics+0x10/0x10 [ 30.310922] ? __pfx_kasan_atomics+0x10/0x10 [ 30.310922] kunit_try_run_case+0x1b3/0x490 [ 30.310922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.310922] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.310922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.310922] ? __kthread_parkme+0x82/0x160 [ 30.310922] ? preempt_count_sub+0x50/0x80 [ 30.310922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.310922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.310922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.310922] kthread+0x257/0x310 [ 30.310922] ? __pfx_kthread+0x10/0x10 [ 30.310922] ret_from_fork+0x41/0x80 [ 30.310922] ? __pfx_kthread+0x10/0x10 [ 30.310922] ret_from_fork_asm+0x1a/0x30 [ 30.310922] </TASK> [ 30.310922] [ 30.310922] Allocated by task 274: [ 30.310922] kasan_save_stack+0x3d/0x60 [ 30.310922] kasan_save_track+0x18/0x40 [ 30.310922] kasan_save_alloc_info+0x3b/0x50 [ 30.310922] __kasan_kmalloc+0xb7/0xc0 [ 30.310922] __kmalloc_cache_noprof+0x184/0x410 [ 30.310922] kasan_atomics+0x96/0x310 [ 30.310922] kunit_try_run_case+0x1b3/0x490 [ 30.310922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.310922] kthread+0x257/0x310 [ 30.310922] ret_from_fork+0x41/0x80 [ 30.310922] ret_from_fork_asm+0x1a/0x30 [ 30.310922] [ 30.310922] The buggy address belongs to the object at ffff88810294b780 [ 30.310922] which belongs to the cache kmalloc-64 of size 64 [ 30.310922] The buggy address is located 0 bytes to the right of [ 30.310922] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.310922] [ 30.310922] The buggy address belongs to the physical page: [ 30.310922] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.310922] flags: 0x200000000000000(node=0|zone=2) [ 30.310922] page_type: f5(slab) [ 30.310922] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.310922] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.310922] page dumped because: kasan: bad access detected [ 30.310922] [ 30.310922] Memory state around the buggy address: [ 30.310922] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.310922] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.310922] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.310922] ^ [ 30.310922] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.310922] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.310922] ================================================================== [ 30.485080] ================================================================== [ 30.485353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 30.485353] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.485353] [ 30.485353] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.485353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.485353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.485353] Call Trace: [ 30.485353] <TASK> [ 30.485353] dump_stack_lvl+0x73/0xb0 [ 30.485353] print_report+0xd1/0x640 [ 30.485353] ? __virt_addr_valid+0x1db/0x2d0 [ 30.485353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.485353] kasan_report+0x102/0x140 [ 30.485353] ? kasan_atomics_helper+0xc71/0x5450 [ 30.485353] ? kasan_atomics_helper+0xc71/0x5450 [ 30.485353] kasan_check_range+0x10c/0x1c0 [ 30.485353] __kasan_check_write+0x18/0x20 [ 30.485353] kasan_atomics_helper+0xc71/0x5450 [ 30.485353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.485353] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.485353] ? trace_hardirqs_on+0x37/0xe0 [ 30.485353] ? kasan_atomics+0x153/0x310 [ 30.485353] kasan_atomics+0x1dd/0x310 [ 30.485353] ? __pfx_kasan_atomics+0x10/0x10 [ 30.485353] ? __pfx_kasan_atomics+0x10/0x10 [ 30.485353] kunit_try_run_case+0x1b3/0x490 [ 30.485353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.485353] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.485353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.485353] ? __kthread_parkme+0x82/0x160 [ 30.485353] ? preempt_count_sub+0x50/0x80 [ 30.485353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.485353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.485353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.485353] kthread+0x257/0x310 [ 30.485353] ? __pfx_kthread+0x10/0x10 [ 30.485353] ret_from_fork+0x41/0x80 [ 30.485353] ? __pfx_kthread+0x10/0x10 [ 30.485353] ret_from_fork_asm+0x1a/0x30 [ 30.485353] </TASK> [ 30.485353] [ 30.485353] Allocated by task 274: [ 30.485353] kasan_save_stack+0x3d/0x60 [ 30.485353] kasan_save_track+0x18/0x40 [ 30.485353] kasan_save_alloc_info+0x3b/0x50 [ 30.485353] __kasan_kmalloc+0xb7/0xc0 [ 30.485353] __kmalloc_cache_noprof+0x184/0x410 [ 30.485353] kasan_atomics+0x96/0x310 [ 30.485353] kunit_try_run_case+0x1b3/0x490 [ 30.485353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.485353] kthread+0x257/0x310 [ 30.485353] ret_from_fork+0x41/0x80 [ 30.485353] ret_from_fork_asm+0x1a/0x30 [ 30.485353] [ 30.485353] The buggy address belongs to the object at ffff88810294b780 [ 30.485353] which belongs to the cache kmalloc-64 of size 64 [ 30.485353] The buggy address is located 0 bytes to the right of [ 30.485353] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.485353] [ 30.485353] The buggy address belongs to the physical page: [ 30.485353] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.485353] flags: 0x200000000000000(node=0|zone=2) [ 30.485353] page_type: f5(slab) [ 30.485353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.485353] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.485353] page dumped because: kasan: bad access detected [ 30.485353] [ 30.485353] Memory state around the buggy address: [ 30.485353] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.485353] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.485353] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.485353] ^ [ 30.485353] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.485353] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.485353] ================================================================== [ 30.797411] ================================================================== [ 30.797762] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 30.797762] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.797762] [ 30.797762] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.797762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.800366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.800366] Call Trace: [ 30.800366] <TASK> [ 30.800366] dump_stack_lvl+0x73/0xb0 [ 30.800366] print_report+0xd1/0x640 [ 30.800366] ? __virt_addr_valid+0x1db/0x2d0 [ 30.800366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.800366] kasan_report+0x102/0x140 [ 30.800366] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.800366] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.800366] __asan_report_load4_noabort+0x18/0x20 [ 30.800366] kasan_atomics_helper+0x4a38/0x5450 [ 30.800366] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.800366] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.800366] ? trace_hardirqs_on+0x37/0xe0 [ 30.800366] ? kasan_atomics+0x153/0x310 [ 30.800366] kasan_atomics+0x1dd/0x310 [ 30.800366] ? __pfx_kasan_atomics+0x10/0x10 [ 30.800366] ? __pfx_kasan_atomics+0x10/0x10 [ 30.800366] kunit_try_run_case+0x1b3/0x490 [ 30.800366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.800366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.800366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.800366] ? __kthread_parkme+0x82/0x160 [ 30.800366] ? preempt_count_sub+0x50/0x80 [ 30.800366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.800366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.800366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.800366] kthread+0x257/0x310 [ 30.800366] ? __pfx_kthread+0x10/0x10 [ 30.800366] ret_from_fork+0x41/0x80 [ 30.800366] ? __pfx_kthread+0x10/0x10 [ 30.800366] ret_from_fork_asm+0x1a/0x30 [ 30.800366] </TASK> [ 30.800366] [ 30.800366] Allocated by task 274: [ 30.800366] kasan_save_stack+0x3d/0x60 [ 30.800366] kasan_save_track+0x18/0x40 [ 30.800366] kasan_save_alloc_info+0x3b/0x50 [ 30.800366] __kasan_kmalloc+0xb7/0xc0 [ 30.800366] __kmalloc_cache_noprof+0x184/0x410 [ 30.800366] kasan_atomics+0x96/0x310 [ 30.800366] kunit_try_run_case+0x1b3/0x490 [ 30.800366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.800366] kthread+0x257/0x310 [ 30.800366] ret_from_fork+0x41/0x80 [ 30.800366] ret_from_fork_asm+0x1a/0x30 [ 30.800366] [ 30.800366] The buggy address belongs to the object at ffff88810294b780 [ 30.800366] which belongs to the cache kmalloc-64 of size 64 [ 30.800366] The buggy address is located 0 bytes to the right of [ 30.800366] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.800366] [ 30.800366] The buggy address belongs to the physical page: [ 30.800366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.800366] flags: 0x200000000000000(node=0|zone=2) [ 30.800366] page_type: f5(slab) [ 30.800366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.800366] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.800366] page dumped because: kasan: bad access detected [ 30.800366] [ 30.800366] Memory state around the buggy address: [ 30.800366] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.800366] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.800366] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.800366] ^ [ 30.800366] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.800366] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.800366] ================================================================== [ 30.090349] ================================================================== [ 30.091390] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 30.091390] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.091390] [ 30.091390] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.091390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.091390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.091390] Call Trace: [ 30.091390] <TASK> [ 30.091390] dump_stack_lvl+0x73/0xb0 [ 30.091390] print_report+0xd1/0x640 [ 30.091390] ? __virt_addr_valid+0x1db/0x2d0 [ 30.091390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.091390] kasan_report+0x102/0x140 [ 30.091390] ? kasan_atomics_helper+0x698/0x5450 [ 30.091390] ? kasan_atomics_helper+0x698/0x5450 [ 30.091390] kasan_check_range+0x10c/0x1c0 [ 30.091390] __kasan_check_write+0x18/0x20 [ 30.091390] kasan_atomics_helper+0x698/0x5450 [ 30.091390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.091390] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.091390] ? trace_hardirqs_on+0x37/0xe0 [ 30.091390] ? kasan_atomics+0x153/0x310 [ 30.091390] kasan_atomics+0x1dd/0x310 [ 30.091390] ? __pfx_kasan_atomics+0x10/0x10 [ 30.091390] ? __pfx_kasan_atomics+0x10/0x10 [ 30.091390] kunit_try_run_case+0x1b3/0x490 [ 30.091390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.091390] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.091390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.091390] ? __kthread_parkme+0x82/0x160 [ 30.091390] ? preempt_count_sub+0x50/0x80 [ 30.091390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.091390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.091390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.091390] kthread+0x257/0x310 [ 30.091390] ? __pfx_kthread+0x10/0x10 [ 30.091390] ret_from_fork+0x41/0x80 [ 30.091390] ? __pfx_kthread+0x10/0x10 [ 30.091390] ret_from_fork_asm+0x1a/0x30 [ 30.091390] </TASK> [ 30.091390] [ 30.091390] Allocated by task 274: [ 30.091390] kasan_save_stack+0x3d/0x60 [ 30.091390] kasan_save_track+0x18/0x40 [ 30.091390] kasan_save_alloc_info+0x3b/0x50 [ 30.091390] __kasan_kmalloc+0xb7/0xc0 [ 30.091390] __kmalloc_cache_noprof+0x184/0x410 [ 30.091390] kasan_atomics+0x96/0x310 [ 30.091390] kunit_try_run_case+0x1b3/0x490 [ 30.091390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.091390] kthread+0x257/0x310 [ 30.091390] ret_from_fork+0x41/0x80 [ 30.091390] ret_from_fork_asm+0x1a/0x30 [ 30.091390] [ 30.091390] The buggy address belongs to the object at ffff88810294b780 [ 30.091390] which belongs to the cache kmalloc-64 of size 64 [ 30.091390] The buggy address is located 0 bytes to the right of [ 30.091390] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.091390] [ 30.091390] The buggy address belongs to the physical page: [ 30.091390] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.091390] flags: 0x200000000000000(node=0|zone=2) [ 30.091390] page_type: f5(slab) [ 30.091390] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.091390] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.091390] page dumped because: kasan: bad access detected [ 30.091390] [ 30.091390] Memory state around the buggy address: [ 30.091390] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.091390] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.091390] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.091390] ^ [ 30.091390] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.091390] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.091390] ================================================================== [ 31.625963] ================================================================== [ 31.626897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 31.626897] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.626897] [ 31.626897] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.626897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.626897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.626897] Call Trace: [ 31.626897] <TASK> [ 31.626897] dump_stack_lvl+0x73/0xb0 [ 31.626897] print_report+0xd1/0x640 [ 31.626897] ? __virt_addr_valid+0x1db/0x2d0 [ 31.626897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.626897] kasan_report+0x102/0x140 [ 31.626897] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.626897] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.626897] kasan_check_range+0x10c/0x1c0 [ 31.626897] __kasan_check_write+0x18/0x20 [ 31.626897] kasan_atomics_helper+0x18b2/0x5450 [ 31.626897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.626897] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.626897] ? trace_hardirqs_on+0x37/0xe0 [ 31.626897] ? kasan_atomics+0x153/0x310 [ 31.626897] kasan_atomics+0x1dd/0x310 [ 31.626897] ? __pfx_kasan_atomics+0x10/0x10 [ 31.626897] ? __pfx_kasan_atomics+0x10/0x10 [ 31.626897] kunit_try_run_case+0x1b3/0x490 [ 31.626897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.626897] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.626897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.626897] ? __kthread_parkme+0x82/0x160 [ 31.626897] ? preempt_count_sub+0x50/0x80 [ 31.626897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.626897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.626897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.626897] kthread+0x257/0x310 [ 31.626897] ? __pfx_kthread+0x10/0x10 [ 31.626897] ret_from_fork+0x41/0x80 [ 31.626897] ? __pfx_kthread+0x10/0x10 [ 31.626897] ret_from_fork_asm+0x1a/0x30 [ 31.626897] </TASK> [ 31.626897] [ 31.626897] Allocated by task 274: [ 31.626897] kasan_save_stack+0x3d/0x60 [ 31.626897] kasan_save_track+0x18/0x40 [ 31.626897] kasan_save_alloc_info+0x3b/0x50 [ 31.626897] __kasan_kmalloc+0xb7/0xc0 [ 31.626897] __kmalloc_cache_noprof+0x184/0x410 [ 31.626897] kasan_atomics+0x96/0x310 [ 31.626897] kunit_try_run_case+0x1b3/0x490 [ 31.626897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.626897] kthread+0x257/0x310 [ 31.626897] ret_from_fork+0x41/0x80 [ 31.626897] ret_from_fork_asm+0x1a/0x30 [ 31.626897] [ 31.626897] The buggy address belongs to the object at ffff88810294b780 [ 31.626897] which belongs to the cache kmalloc-64 of size 64 [ 31.626897] The buggy address is located 0 bytes to the right of [ 31.626897] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.626897] [ 31.626897] The buggy address belongs to the physical page: [ 31.626897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.626897] flags: 0x200000000000000(node=0|zone=2) [ 31.626897] page_type: f5(slab) [ 31.626897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.626897] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.626897] page dumped because: kasan: bad access detected [ 31.626897] [ 31.626897] Memory state around the buggy address: [ 31.626897] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.626897] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.626897] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.626897] ^ [ 31.626897] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.626897] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.626897] ================================================================== [ 30.614897] ================================================================== [ 30.615267] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 30.616592] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.616592] [ 30.616592] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.616592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.616592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.616592] Call Trace: [ 30.616592] <TASK> [ 30.616592] dump_stack_lvl+0x73/0xb0 [ 30.616592] print_report+0xd1/0x640 [ 30.616592] ? __virt_addr_valid+0x1db/0x2d0 [ 30.616592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.616592] kasan_report+0x102/0x140 [ 30.616592] ? kasan_atomics_helper+0xde1/0x5450 [ 30.616592] ? kasan_atomics_helper+0xde1/0x5450 [ 30.616592] kasan_check_range+0x10c/0x1c0 [ 30.616592] __kasan_check_write+0x18/0x20 [ 30.616592] kasan_atomics_helper+0xde1/0x5450 [ 30.616592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.616592] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.616592] ? trace_hardirqs_on+0x37/0xe0 [ 30.616592] ? kasan_atomics+0x153/0x310 [ 30.616592] kasan_atomics+0x1dd/0x310 [ 30.616592] ? __pfx_kasan_atomics+0x10/0x10 [ 30.616592] ? __pfx_kasan_atomics+0x10/0x10 [ 30.616592] kunit_try_run_case+0x1b3/0x490 [ 30.616592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.616592] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.616592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.616592] ? __kthread_parkme+0x82/0x160 [ 30.616592] ? preempt_count_sub+0x50/0x80 [ 30.616592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.616592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.616592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.616592] kthread+0x257/0x310 [ 30.616592] ? __pfx_kthread+0x10/0x10 [ 30.616592] ret_from_fork+0x41/0x80 [ 30.616592] ? __pfx_kthread+0x10/0x10 [ 30.616592] ret_from_fork_asm+0x1a/0x30 [ 30.616592] </TASK> [ 30.616592] [ 30.616592] Allocated by task 274: [ 30.616592] kasan_save_stack+0x3d/0x60 [ 30.616592] kasan_save_track+0x18/0x40 [ 30.616592] kasan_save_alloc_info+0x3b/0x50 [ 30.616592] __kasan_kmalloc+0xb7/0xc0 [ 30.616592] __kmalloc_cache_noprof+0x184/0x410 [ 30.616592] kasan_atomics+0x96/0x310 [ 30.616592] kunit_try_run_case+0x1b3/0x490 [ 30.616592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.616592] kthread+0x257/0x310 [ 30.616592] ret_from_fork+0x41/0x80 [ 30.616592] ret_from_fork_asm+0x1a/0x30 [ 30.616592] [ 30.616592] The buggy address belongs to the object at ffff88810294b780 [ 30.616592] which belongs to the cache kmalloc-64 of size 64 [ 30.616592] The buggy address is located 0 bytes to the right of [ 30.616592] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.616592] [ 30.616592] The buggy address belongs to the physical page: [ 30.616592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.616592] flags: 0x200000000000000(node=0|zone=2) [ 30.616592] page_type: f5(slab) [ 30.616592] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.616592] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.616592] page dumped because: kasan: bad access detected [ 30.616592] [ 30.616592] Memory state around the buggy address: [ 30.616592] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.616592] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.616592] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.616592] ^ [ 30.616592] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.616592] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.616592] ================================================================== [ 30.922651] ================================================================== [ 30.923173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 30.923366] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.923366] [ 30.923366] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.923366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.923366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.923366] Call Trace: [ 30.923366] <TASK> [ 30.923366] dump_stack_lvl+0x73/0xb0 [ 30.923366] print_report+0xd1/0x640 [ 30.923366] ? __virt_addr_valid+0x1db/0x2d0 [ 30.923366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.923366] kasan_report+0x102/0x140 [ 30.923366] ? kasan_atomics_helper+0x1149/0x5450 [ 30.923366] ? kasan_atomics_helper+0x1149/0x5450 [ 30.923366] kasan_check_range+0x10c/0x1c0 [ 30.923366] __kasan_check_write+0x18/0x20 [ 30.923366] kasan_atomics_helper+0x1149/0x5450 [ 30.923366] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.923366] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.923366] ? trace_hardirqs_on+0x37/0xe0 [ 30.923366] ? kasan_atomics+0x153/0x310 [ 30.923366] kasan_atomics+0x1dd/0x310 [ 30.923366] ? __pfx_kasan_atomics+0x10/0x10 [ 30.923366] ? __pfx_kasan_atomics+0x10/0x10 [ 30.923366] kunit_try_run_case+0x1b3/0x490 [ 30.923366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.923366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.923366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.923366] ? __kthread_parkme+0x82/0x160 [ 30.923366] ? preempt_count_sub+0x50/0x80 [ 30.923366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.923366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.923366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.923366] kthread+0x257/0x310 [ 30.923366] ? __pfx_kthread+0x10/0x10 [ 30.923366] ret_from_fork+0x41/0x80 [ 30.923366] ? __pfx_kthread+0x10/0x10 [ 30.923366] ret_from_fork_asm+0x1a/0x30 [ 30.923366] </TASK> [ 30.923366] [ 30.923366] Allocated by task 274: [ 30.923366] kasan_save_stack+0x3d/0x60 [ 30.923366] kasan_save_track+0x18/0x40 [ 30.923366] kasan_save_alloc_info+0x3b/0x50 [ 30.923366] __kasan_kmalloc+0xb7/0xc0 [ 30.923366] __kmalloc_cache_noprof+0x184/0x410 [ 30.923366] kasan_atomics+0x96/0x310 [ 30.923366] kunit_try_run_case+0x1b3/0x490 [ 30.923366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.923366] kthread+0x257/0x310 [ 30.923366] ret_from_fork+0x41/0x80 [ 30.923366] ret_from_fork_asm+0x1a/0x30 [ 30.923366] [ 30.923366] The buggy address belongs to the object at ffff88810294b780 [ 30.923366] which belongs to the cache kmalloc-64 of size 64 [ 30.923366] The buggy address is located 0 bytes to the right of [ 30.923366] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.923366] [ 30.923366] The buggy address belongs to the physical page: [ 30.923366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.923366] flags: 0x200000000000000(node=0|zone=2) [ 30.923366] page_type: f5(slab) [ 30.923366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.923366] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.923366] page dumped because: kasan: bad access detected [ 30.923366] [ 30.923366] Memory state around the buggy address: [ 30.923366] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.923366] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.923366] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.923366] ^ [ 30.923366] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.923366] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.923366] ================================================================== [ 30.964771] ================================================================== [ 30.965405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 30.965507] Read of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.965507] [ 30.965507] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.965507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.965507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.965507] Call Trace: [ 30.965507] <TASK> [ 30.965507] dump_stack_lvl+0x73/0xb0 [ 30.965507] print_report+0xd1/0x640 [ 30.965507] ? __virt_addr_valid+0x1db/0x2d0 [ 30.965507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.965507] kasan_report+0x102/0x140 [ 30.965507] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.965507] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.965507] __asan_report_load4_noabort+0x18/0x20 [ 30.965507] kasan_atomics_helper+0x4a04/0x5450 [ 30.965507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.965507] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.965507] ? trace_hardirqs_on+0x37/0xe0 [ 30.965507] ? kasan_atomics+0x153/0x310 [ 30.965507] kasan_atomics+0x1dd/0x310 [ 30.965507] ? __pfx_kasan_atomics+0x10/0x10 [ 30.965507] ? __pfx_kasan_atomics+0x10/0x10 [ 30.965507] kunit_try_run_case+0x1b3/0x490 [ 30.965507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.965507] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.965507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.965507] ? __kthread_parkme+0x82/0x160 [ 30.965507] ? preempt_count_sub+0x50/0x80 [ 30.965507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.965507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.965507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.965507] kthread+0x257/0x310 [ 30.965507] ? __pfx_kthread+0x10/0x10 [ 30.965507] ret_from_fork+0x41/0x80 [ 30.965507] ? __pfx_kthread+0x10/0x10 [ 30.965507] ret_from_fork_asm+0x1a/0x30 [ 30.965507] </TASK> [ 30.965507] [ 30.965507] Allocated by task 274: [ 30.965507] kasan_save_stack+0x3d/0x60 [ 30.965507] kasan_save_track+0x18/0x40 [ 30.965507] kasan_save_alloc_info+0x3b/0x50 [ 30.965507] __kasan_kmalloc+0xb7/0xc0 [ 30.965507] __kmalloc_cache_noprof+0x184/0x410 [ 30.965507] kasan_atomics+0x96/0x310 [ 30.965507] kunit_try_run_case+0x1b3/0x490 [ 30.965507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.965507] kthread+0x257/0x310 [ 30.965507] ret_from_fork+0x41/0x80 [ 30.965507] ret_from_fork_asm+0x1a/0x30 [ 30.965507] [ 30.965507] The buggy address belongs to the object at ffff88810294b780 [ 30.965507] which belongs to the cache kmalloc-64 of size 64 [ 30.965507] The buggy address is located 0 bytes to the right of [ 30.965507] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.965507] [ 30.965507] The buggy address belongs to the physical page: [ 30.965507] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.965507] flags: 0x200000000000000(node=0|zone=2) [ 30.965507] page_type: f5(slab) [ 30.965507] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.965507] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.965507] page dumped because: kasan: bad access detected [ 30.965507] [ 30.965507] Memory state around the buggy address: [ 30.965507] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.965507] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.965507] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.965507] ^ [ 30.965507] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.965507] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.965507] ================================================================== [ 31.179501] ================================================================== [ 31.180604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 31.180604] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.180604] [ 31.180604] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.180604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.180604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.180604] Call Trace: [ 31.180604] <TASK> [ 31.180604] dump_stack_lvl+0x73/0xb0 [ 31.180604] print_report+0xd1/0x640 [ 31.180604] ? __virt_addr_valid+0x1db/0x2d0 [ 31.180604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.180604] kasan_report+0x102/0x140 [ 31.180604] ? kasan_atomics_helper+0x13b6/0x5450 [ 31.180604] ? kasan_atomics_helper+0x13b6/0x5450 [ 31.180604] kasan_check_range+0x10c/0x1c0 [ 31.180604] __kasan_check_read+0x15/0x20 [ 31.180604] kasan_atomics_helper+0x13b6/0x5450 [ 31.180604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.180604] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.180604] ? trace_hardirqs_on+0x37/0xe0 [ 31.180604] ? kasan_atomics+0x153/0x310 [ 31.180604] kasan_atomics+0x1dd/0x310 [ 31.180604] ? __pfx_kasan_atomics+0x10/0x10 [ 31.180604] ? __pfx_kasan_atomics+0x10/0x10 [ 31.180604] kunit_try_run_case+0x1b3/0x490 [ 31.180604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.180604] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.180604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.180604] ? __kthread_parkme+0x82/0x160 [ 31.180604] ? preempt_count_sub+0x50/0x80 [ 31.180604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.180604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.180604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.180604] kthread+0x257/0x310 [ 31.180604] ? __pfx_kthread+0x10/0x10 [ 31.180604] ret_from_fork+0x41/0x80 [ 31.180604] ? __pfx_kthread+0x10/0x10 [ 31.180604] ret_from_fork_asm+0x1a/0x30 [ 31.180604] </TASK> [ 31.180604] [ 31.180604] Allocated by task 274: [ 31.180604] kasan_save_stack+0x3d/0x60 [ 31.180604] kasan_save_track+0x18/0x40 [ 31.180604] kasan_save_alloc_info+0x3b/0x50 [ 31.180604] __kasan_kmalloc+0xb7/0xc0 [ 31.180604] __kmalloc_cache_noprof+0x184/0x410 [ 31.180604] kasan_atomics+0x96/0x310 [ 31.180604] kunit_try_run_case+0x1b3/0x490 [ 31.180604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.180604] kthread+0x257/0x310 [ 31.180604] ret_from_fork+0x41/0x80 [ 31.180604] ret_from_fork_asm+0x1a/0x30 [ 31.180604] [ 31.180604] The buggy address belongs to the object at ffff88810294b780 [ 31.180604] which belongs to the cache kmalloc-64 of size 64 [ 31.180604] The buggy address is located 0 bytes to the right of [ 31.180604] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.180604] [ 31.180604] The buggy address belongs to the physical page: [ 31.180604] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.180604] flags: 0x200000000000000(node=0|zone=2) [ 31.180604] page_type: f5(slab) [ 31.180604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.180604] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.180604] page dumped because: kasan: bad access detected [ 31.180604] [ 31.180604] Memory state around the buggy address: [ 31.180604] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.180604] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.180604] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.180604] ^ [ 31.180604] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.180604] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.180604] ================================================================== [ 29.800827] ================================================================== [ 29.801511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 29.801511] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.801511] [ 29.801511] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.801511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.801511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.801511] Call Trace: [ 29.801511] <TASK> [ 29.801511] dump_stack_lvl+0x73/0xb0 [ 29.801511] print_report+0xd1/0x640 [ 29.801511] ? __virt_addr_valid+0x1db/0x2d0 [ 29.801511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.801511] kasan_report+0x102/0x140 [ 29.801511] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.801511] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.801511] __asan_report_store4_noabort+0x1b/0x30 [ 29.801511] kasan_atomics_helper+0x4b70/0x5450 [ 29.801511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.801511] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.801511] ? trace_hardirqs_on+0x37/0xe0 [ 29.801511] ? kasan_atomics+0x153/0x310 [ 29.801511] kasan_atomics+0x1dd/0x310 [ 29.801511] ? __pfx_kasan_atomics+0x10/0x10 [ 29.801511] ? __pfx_kasan_atomics+0x10/0x10 [ 29.801511] kunit_try_run_case+0x1b3/0x490 [ 29.801511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.801511] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.801511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.801511] ? __kthread_parkme+0x82/0x160 [ 29.801511] ? preempt_count_sub+0x50/0x80 [ 29.801511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.801511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.801511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.801511] kthread+0x257/0x310 [ 29.801511] ? __pfx_kthread+0x10/0x10 [ 29.801511] ret_from_fork+0x41/0x80 [ 29.801511] ? __pfx_kthread+0x10/0x10 [ 29.801511] ret_from_fork_asm+0x1a/0x30 [ 29.801511] </TASK> [ 29.801511] [ 29.801511] Allocated by task 274: [ 29.801511] kasan_save_stack+0x3d/0x60 [ 29.801511] kasan_save_track+0x18/0x40 [ 29.801511] kasan_save_alloc_info+0x3b/0x50 [ 29.801511] __kasan_kmalloc+0xb7/0xc0 [ 29.801511] __kmalloc_cache_noprof+0x184/0x410 [ 29.801511] kasan_atomics+0x96/0x310 [ 29.801511] kunit_try_run_case+0x1b3/0x490 [ 29.801511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.801511] kthread+0x257/0x310 [ 29.801511] ret_from_fork+0x41/0x80 [ 29.801511] ret_from_fork_asm+0x1a/0x30 [ 29.801511] [ 29.801511] The buggy address belongs to the object at ffff88810294b780 [ 29.801511] which belongs to the cache kmalloc-64 of size 64 [ 29.801511] The buggy address is located 0 bytes to the right of [ 29.801511] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.801511] [ 29.801511] The buggy address belongs to the physical page: [ 29.801511] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.801511] flags: 0x200000000000000(node=0|zone=2) [ 29.801511] page_type: f5(slab) [ 29.801511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.801511] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.801511] page dumped because: kasan: bad access detected [ 29.801511] [ 29.801511] Memory state around the buggy address: [ 29.801511] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.801511] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.801511] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.801511] ^ [ 29.801511] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.801511] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.801511] ================================================================== [ 31.581715] ================================================================== [ 31.582234] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 31.583592] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.583592] [ 31.583592] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.583592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.583592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.583592] Call Trace: [ 31.583592] <TASK> [ 31.583592] dump_stack_lvl+0x73/0xb0 [ 31.583592] print_report+0xd1/0x640 [ 31.583592] ? __virt_addr_valid+0x1db/0x2d0 [ 31.583592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.583592] kasan_report+0x102/0x140 [ 31.583592] ? kasan_atomics_helper+0x1819/0x5450 [ 31.583592] ? kasan_atomics_helper+0x1819/0x5450 [ 31.583592] kasan_check_range+0x10c/0x1c0 [ 31.583592] __kasan_check_write+0x18/0x20 [ 31.583592] kasan_atomics_helper+0x1819/0x5450 [ 31.583592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.583592] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.583592] ? trace_hardirqs_on+0x37/0xe0 [ 31.583592] ? kasan_atomics+0x153/0x310 [ 31.583592] kasan_atomics+0x1dd/0x310 [ 31.583592] ? __pfx_kasan_atomics+0x10/0x10 [ 31.583592] ? __pfx_kasan_atomics+0x10/0x10 [ 31.583592] kunit_try_run_case+0x1b3/0x490 [ 31.583592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.583592] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.583592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.583592] ? __kthread_parkme+0x82/0x160 [ 31.583592] ? preempt_count_sub+0x50/0x80 [ 31.583592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.583592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.583592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.583592] kthread+0x257/0x310 [ 31.583592] ? __pfx_kthread+0x10/0x10 [ 31.583592] ret_from_fork+0x41/0x80 [ 31.583592] ? __pfx_kthread+0x10/0x10 [ 31.583592] ret_from_fork_asm+0x1a/0x30 [ 31.583592] </TASK> [ 31.583592] [ 31.583592] Allocated by task 274: [ 31.583592] kasan_save_stack+0x3d/0x60 [ 31.583592] kasan_save_track+0x18/0x40 [ 31.583592] kasan_save_alloc_info+0x3b/0x50 [ 31.583592] __kasan_kmalloc+0xb7/0xc0 [ 31.583592] __kmalloc_cache_noprof+0x184/0x410 [ 31.583592] kasan_atomics+0x96/0x310 [ 31.583592] kunit_try_run_case+0x1b3/0x490 [ 31.583592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.583592] kthread+0x257/0x310 [ 31.583592] ret_from_fork+0x41/0x80 [ 31.583592] ret_from_fork_asm+0x1a/0x30 [ 31.583592] [ 31.583592] The buggy address belongs to the object at ffff88810294b780 [ 31.583592] which belongs to the cache kmalloc-64 of size 64 [ 31.583592] The buggy address is located 0 bytes to the right of [ 31.583592] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.583592] [ 31.583592] The buggy address belongs to the physical page: [ 31.583592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.583592] flags: 0x200000000000000(node=0|zone=2) [ 31.583592] page_type: f5(slab) [ 31.583592] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.583592] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.583592] page dumped because: kasan: bad access detected [ 31.583592] [ 31.583592] Memory state around the buggy address: [ 31.583592] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.583592] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.583592] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.583592] ^ [ 31.583592] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.583592] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.583592] ================================================================== [ 30.705525] ================================================================== [ 30.706098] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 30.706248] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 30.706248] [ 30.706248] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.706248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.706248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.706248] Call Trace: [ 30.706248] <TASK> [ 30.706248] dump_stack_lvl+0x73/0xb0 [ 30.706248] print_report+0xd1/0x640 [ 30.706248] ? __virt_addr_valid+0x1db/0x2d0 [ 30.706248] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.706248] kasan_report+0x102/0x140 [ 30.706248] ? kasan_atomics_helper+0xf11/0x5450 [ 30.706248] ? kasan_atomics_helper+0xf11/0x5450 [ 30.706248] kasan_check_range+0x10c/0x1c0 [ 30.706248] __kasan_check_write+0x18/0x20 [ 30.706248] kasan_atomics_helper+0xf11/0x5450 [ 30.706248] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.706248] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.706248] ? trace_hardirqs_on+0x37/0xe0 [ 30.706248] ? kasan_atomics+0x153/0x310 [ 30.706248] kasan_atomics+0x1dd/0x310 [ 30.706248] ? __pfx_kasan_atomics+0x10/0x10 [ 30.706248] ? __pfx_kasan_atomics+0x10/0x10 [ 30.706248] kunit_try_run_case+0x1b3/0x490 [ 30.706248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.706248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.706248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.706248] ? __kthread_parkme+0x82/0x160 [ 30.706248] ? preempt_count_sub+0x50/0x80 [ 30.706248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.706248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.706248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.706248] kthread+0x257/0x310 [ 30.706248] ? __pfx_kthread+0x10/0x10 [ 30.706248] ret_from_fork+0x41/0x80 [ 30.706248] ? __pfx_kthread+0x10/0x10 [ 30.706248] ret_from_fork_asm+0x1a/0x30 [ 30.706248] </TASK> [ 30.706248] [ 30.706248] Allocated by task 274: [ 30.706248] kasan_save_stack+0x3d/0x60 [ 30.706248] kasan_save_track+0x18/0x40 [ 30.706248] kasan_save_alloc_info+0x3b/0x50 [ 30.706248] __kasan_kmalloc+0xb7/0xc0 [ 30.706248] __kmalloc_cache_noprof+0x184/0x410 [ 30.706248] kasan_atomics+0x96/0x310 [ 30.706248] kunit_try_run_case+0x1b3/0x490 [ 30.706248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.706248] kthread+0x257/0x310 [ 30.706248] ret_from_fork+0x41/0x80 [ 30.706248] ret_from_fork_asm+0x1a/0x30 [ 30.706248] [ 30.706248] The buggy address belongs to the object at ffff88810294b780 [ 30.706248] which belongs to the cache kmalloc-64 of size 64 [ 30.706248] The buggy address is located 0 bytes to the right of [ 30.706248] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 30.706248] [ 30.706248] The buggy address belongs to the physical page: [ 30.706248] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 30.706248] flags: 0x200000000000000(node=0|zone=2) [ 30.706248] page_type: f5(slab) [ 30.706248] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.706248] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.706248] page dumped because: kasan: bad access detected [ 30.706248] [ 30.706248] Memory state around the buggy address: [ 30.706248] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.706248] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.706248] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.706248] ^ [ 30.706248] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.706248] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.706248] ================================================================== [ 29.966924] ================================================================== [ 29.967422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 29.967422] Write of size 4 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 29.967422] [ 29.967422] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.967422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.971297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.971297] Call Trace: [ 29.971297] <TASK> [ 29.971297] dump_stack_lvl+0x73/0xb0 [ 29.971297] print_report+0xd1/0x640 [ 29.971297] ? __virt_addr_valid+0x1db/0x2d0 [ 29.971297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.971297] kasan_report+0x102/0x140 [ 29.971297] ? kasan_atomics_helper+0x4b3c/0x5450 [ 29.971297] ? kasan_atomics_helper+0x4b3c/0x5450 [ 29.971297] __asan_report_store4_noabort+0x1b/0x30 [ 29.971297] kasan_atomics_helper+0x4b3c/0x5450 [ 29.971297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.971297] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.971297] ? trace_hardirqs_on+0x37/0xe0 [ 29.971297] ? kasan_atomics+0x153/0x310 [ 29.971297] kasan_atomics+0x1dd/0x310 [ 29.971297] ? __pfx_kasan_atomics+0x10/0x10 [ 29.971297] ? __pfx_kasan_atomics+0x10/0x10 [ 29.971297] kunit_try_run_case+0x1b3/0x490 [ 29.971297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.971297] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.971297] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.971297] ? __kthread_parkme+0x82/0x160 [ 29.971297] ? preempt_count_sub+0x50/0x80 [ 29.971297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.971297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.971297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.971297] kthread+0x257/0x310 [ 29.971297] ? __pfx_kthread+0x10/0x10 [ 29.971297] ret_from_fork+0x41/0x80 [ 29.971297] ? __pfx_kthread+0x10/0x10 [ 29.971297] ret_from_fork_asm+0x1a/0x30 [ 29.971297] </TASK> [ 29.971297] [ 29.971297] Allocated by task 274: [ 29.971297] kasan_save_stack+0x3d/0x60 [ 29.971297] kasan_save_track+0x18/0x40 [ 29.971297] kasan_save_alloc_info+0x3b/0x50 [ 29.971297] __kasan_kmalloc+0xb7/0xc0 [ 29.971297] __kmalloc_cache_noprof+0x184/0x410 [ 29.971297] kasan_atomics+0x96/0x310 [ 29.971297] kunit_try_run_case+0x1b3/0x490 [ 29.971297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.971297] kthread+0x257/0x310 [ 29.971297] ret_from_fork+0x41/0x80 [ 29.971297] ret_from_fork_asm+0x1a/0x30 [ 29.971297] [ 29.971297] The buggy address belongs to the object at ffff88810294b780 [ 29.971297] which belongs to the cache kmalloc-64 of size 64 [ 29.971297] The buggy address is located 0 bytes to the right of [ 29.971297] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 29.971297] [ 29.971297] The buggy address belongs to the physical page: [ 29.971297] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 29.971297] flags: 0x200000000000000(node=0|zone=2) [ 29.971297] page_type: f5(slab) [ 29.971297] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.971297] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.971297] page dumped because: kasan: bad access detected [ 29.971297] [ 29.971297] Memory state around the buggy address: [ 29.971297] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.971297] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.971297] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.971297] ^ [ 29.971297] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.971297] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.971297] ================================================================== [ 32.417187] ================================================================== [ 32.417531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 32.417531] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.417531] [ 32.417531] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.417531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.417905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.422203] Call Trace: [ 32.422203] <TASK> [ 32.422203] dump_stack_lvl+0x73/0xb0 [ 32.422203] print_report+0xd1/0x640 [ 32.422203] ? __virt_addr_valid+0x1db/0x2d0 [ 32.422203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.422203] kasan_report+0x102/0x140 [ 32.422203] ? kasan_atomics_helper+0x224d/0x5450 [ 32.422203] ? kasan_atomics_helper+0x224d/0x5450 [ 32.422203] kasan_check_range+0x10c/0x1c0 [ 32.422203] __kasan_check_write+0x18/0x20 [ 32.422203] kasan_atomics_helper+0x224d/0x5450 [ 32.422203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.422203] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.422203] ? trace_hardirqs_on+0x37/0xe0 [ 32.422203] ? kasan_atomics+0x153/0x310 [ 32.422203] kasan_atomics+0x1dd/0x310 [ 32.422203] ? __pfx_kasan_atomics+0x10/0x10 [ 32.422203] ? __pfx_kasan_atomics+0x10/0x10 [ 32.422203] kunit_try_run_case+0x1b3/0x490 [ 32.422203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.422203] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.422203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.422203] ? __kthread_parkme+0x82/0x160 [ 32.422203] ? preempt_count_sub+0x50/0x80 [ 32.422203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.422203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.422203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.422203] kthread+0x257/0x310 [ 32.422203] ? __pfx_kthread+0x10/0x10 [ 32.422203] ret_from_fork+0x41/0x80 [ 32.422203] ? __pfx_kthread+0x10/0x10 [ 32.422203] ret_from_fork_asm+0x1a/0x30 [ 32.422203] </TASK> [ 32.422203] [ 32.422203] Allocated by task 274: [ 32.422203] kasan_save_stack+0x3d/0x60 [ 32.422203] kasan_save_track+0x18/0x40 [ 32.422203] kasan_save_alloc_info+0x3b/0x50 [ 32.422203] __kasan_kmalloc+0xb7/0xc0 [ 32.422203] __kmalloc_cache_noprof+0x184/0x410 [ 32.422203] kasan_atomics+0x96/0x310 [ 32.422203] kunit_try_run_case+0x1b3/0x490 [ 32.422203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.422203] kthread+0x257/0x310 [ 32.422203] ret_from_fork+0x41/0x80 [ 32.422203] ret_from_fork_asm+0x1a/0x30 [ 32.422203] [ 32.422203] The buggy address belongs to the object at ffff88810294b780 [ 32.422203] which belongs to the cache kmalloc-64 of size 64 [ 32.422203] The buggy address is located 0 bytes to the right of [ 32.422203] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.422203] [ 32.422203] The buggy address belongs to the physical page: [ 32.422203] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.422203] flags: 0x200000000000000(node=0|zone=2) [ 32.422203] page_type: f5(slab) [ 32.422203] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.422203] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.422203] page dumped because: kasan: bad access detected [ 32.422203] [ 32.422203] Memory state around the buggy address: [ 32.422203] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.422203] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.422203] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.422203] ^ [ 32.422203] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.422203] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.422203] ================================================================== [ 32.125358] ================================================================== [ 32.125808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 32.126193] Read of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 32.126193] [ 32.126193] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.126193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.126193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.126193] Call Trace: [ 32.126193] <TASK> [ 32.126193] dump_stack_lvl+0x73/0xb0 [ 32.126193] print_report+0xd1/0x640 [ 32.126193] ? __virt_addr_valid+0x1db/0x2d0 [ 32.126193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.126193] kasan_report+0x102/0x140 [ 32.126193] ? kasan_atomics_helper+0x4f73/0x5450 [ 32.126193] ? kasan_atomics_helper+0x4f73/0x5450 [ 32.126193] __asan_report_load8_noabort+0x18/0x20 [ 32.126193] kasan_atomics_helper+0x4f73/0x5450 [ 32.126193] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.126193] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.126193] ? trace_hardirqs_on+0x37/0xe0 [ 32.126193] ? kasan_atomics+0x153/0x310 [ 32.126193] kasan_atomics+0x1dd/0x310 [ 32.126193] ? __pfx_kasan_atomics+0x10/0x10 [ 32.126193] ? __pfx_kasan_atomics+0x10/0x10 [ 32.126193] kunit_try_run_case+0x1b3/0x490 [ 32.126193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.126193] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.126193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.126193] ? __kthread_parkme+0x82/0x160 [ 32.126193] ? preempt_count_sub+0x50/0x80 [ 32.126193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.126193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.126193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.126193] kthread+0x257/0x310 [ 32.126193] ? __pfx_kthread+0x10/0x10 [ 32.126193] ret_from_fork+0x41/0x80 [ 32.126193] ? __pfx_kthread+0x10/0x10 [ 32.126193] ret_from_fork_asm+0x1a/0x30 [ 32.126193] </TASK> [ 32.126193] [ 32.126193] Allocated by task 274: [ 32.126193] kasan_save_stack+0x3d/0x60 [ 32.126193] kasan_save_track+0x18/0x40 [ 32.126193] kasan_save_alloc_info+0x3b/0x50 [ 32.126193] __kasan_kmalloc+0xb7/0xc0 [ 32.126193] __kmalloc_cache_noprof+0x184/0x410 [ 32.126193] kasan_atomics+0x96/0x310 [ 32.126193] kunit_try_run_case+0x1b3/0x490 [ 32.126193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.126193] kthread+0x257/0x310 [ 32.126193] ret_from_fork+0x41/0x80 [ 32.126193] ret_from_fork_asm+0x1a/0x30 [ 32.126193] [ 32.126193] The buggy address belongs to the object at ffff88810294b780 [ 32.126193] which belongs to the cache kmalloc-64 of size 64 [ 32.126193] The buggy address is located 0 bytes to the right of [ 32.126193] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 32.126193] [ 32.126193] The buggy address belongs to the physical page: [ 32.126193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 32.126193] flags: 0x200000000000000(node=0|zone=2) [ 32.126193] page_type: f5(slab) [ 32.126193] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.126193] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.126193] page dumped because: kasan: bad access detected [ 32.126193] [ 32.126193] Memory state around the buggy address: [ 32.126193] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.126193] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.126193] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.126193] ^ [ 32.126193] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.126193] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.126193] ================================================================== [ 31.494787] ================================================================== [ 31.495230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 31.495230] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.495230] [ 31.495230] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.495230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.495230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.495230] Call Trace: [ 31.495230] <TASK> [ 31.495230] dump_stack_lvl+0x73/0xb0 [ 31.495230] print_report+0xd1/0x640 [ 31.495230] ? __virt_addr_valid+0x1db/0x2d0 [ 31.495230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.495230] kasan_report+0x102/0x140 [ 31.495230] ? kasan_atomics_helper+0x16e8/0x5450 [ 31.495230] ? kasan_atomics_helper+0x16e8/0x5450 [ 31.495230] kasan_check_range+0x10c/0x1c0 [ 31.495230] __kasan_check_write+0x18/0x20 [ 31.495230] kasan_atomics_helper+0x16e8/0x5450 [ 31.495230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.495230] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.495230] ? trace_hardirqs_on+0x37/0xe0 [ 31.495230] ? kasan_atomics+0x153/0x310 [ 31.495230] kasan_atomics+0x1dd/0x310 [ 31.495230] ? __pfx_kasan_atomics+0x10/0x10 [ 31.495230] ? __pfx_kasan_atomics+0x10/0x10 [ 31.495230] kunit_try_run_case+0x1b3/0x490 [ 31.495230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.495230] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.495230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.495230] ? __kthread_parkme+0x82/0x160 [ 31.495230] ? preempt_count_sub+0x50/0x80 [ 31.495230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.495230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.495230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.495230] kthread+0x257/0x310 [ 31.495230] ? __pfx_kthread+0x10/0x10 [ 31.495230] ret_from_fork+0x41/0x80 [ 31.495230] ? __pfx_kthread+0x10/0x10 [ 31.495230] ret_from_fork_asm+0x1a/0x30 [ 31.495230] </TASK> [ 31.495230] [ 31.495230] Allocated by task 274: [ 31.495230] kasan_save_stack+0x3d/0x60 [ 31.495230] kasan_save_track+0x18/0x40 [ 31.495230] kasan_save_alloc_info+0x3b/0x50 [ 31.495230] __kasan_kmalloc+0xb7/0xc0 [ 31.495230] __kmalloc_cache_noprof+0x184/0x410 [ 31.495230] kasan_atomics+0x96/0x310 [ 31.495230] kunit_try_run_case+0x1b3/0x490 [ 31.495230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.495230] kthread+0x257/0x310 [ 31.495230] ret_from_fork+0x41/0x80 [ 31.495230] ret_from_fork_asm+0x1a/0x30 [ 31.495230] [ 31.495230] The buggy address belongs to the object at ffff88810294b780 [ 31.495230] which belongs to the cache kmalloc-64 of size 64 [ 31.495230] The buggy address is located 0 bytes to the right of [ 31.495230] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.495230] [ 31.495230] The buggy address belongs to the physical page: [ 31.495230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.495230] flags: 0x200000000000000(node=0|zone=2) [ 31.495230] page_type: f5(slab) [ 31.495230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.495230] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.495230] page dumped because: kasan: bad access detected [ 31.495230] [ 31.495230] Memory state around the buggy address: [ 31.495230] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.495230] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.495230] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.495230] ^ [ 31.495230] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.495230] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.495230] ================================================================== [ 31.357449] ================================================================== [ 31.358218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 31.358218] Write of size 8 at addr ffff88810294b7b0 by task kunit_try_catch/274 [ 31.358218] [ 31.358218] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.358218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.358218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.358218] Call Trace: [ 31.358218] <TASK> [ 31.358218] dump_stack_lvl+0x73/0xb0 [ 31.358218] print_report+0xd1/0x640 [ 31.358218] ? __virt_addr_valid+0x1db/0x2d0 [ 31.358218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.358218] kasan_report+0x102/0x140 [ 31.358218] ? kasan_atomics_helper+0x151e/0x5450 [ 31.358218] ? kasan_atomics_helper+0x151e/0x5450 [ 31.358218] kasan_check_range+0x10c/0x1c0 [ 31.358218] __kasan_check_write+0x18/0x20 [ 31.358218] kasan_atomics_helper+0x151e/0x5450 [ 31.358218] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.358218] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.358218] ? trace_hardirqs_on+0x37/0xe0 [ 31.358218] ? kasan_atomics+0x153/0x310 [ 31.358218] kasan_atomics+0x1dd/0x310 [ 31.358218] ? __pfx_kasan_atomics+0x10/0x10 [ 31.358218] ? __pfx_kasan_atomics+0x10/0x10 [ 31.358218] kunit_try_run_case+0x1b3/0x490 [ 31.358218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.358218] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.358218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.358218] ? __kthread_parkme+0x82/0x160 [ 31.358218] ? preempt_count_sub+0x50/0x80 [ 31.358218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.358218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.358218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.358218] kthread+0x257/0x310 [ 31.358218] ? __pfx_kthread+0x10/0x10 [ 31.358218] ret_from_fork+0x41/0x80 [ 31.358218] ? __pfx_kthread+0x10/0x10 [ 31.358218] ret_from_fork_asm+0x1a/0x30 [ 31.358218] </TASK> [ 31.358218] [ 31.358218] Allocated by task 274: [ 31.358218] kasan_save_stack+0x3d/0x60 [ 31.358218] kasan_save_track+0x18/0x40 [ 31.358218] kasan_save_alloc_info+0x3b/0x50 [ 31.358218] __kasan_kmalloc+0xb7/0xc0 [ 31.358218] __kmalloc_cache_noprof+0x184/0x410 [ 31.358218] kasan_atomics+0x96/0x310 [ 31.358218] kunit_try_run_case+0x1b3/0x490 [ 31.358218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.358218] kthread+0x257/0x310 [ 31.358218] ret_from_fork+0x41/0x80 [ 31.358218] ret_from_fork_asm+0x1a/0x30 [ 31.358218] [ 31.358218] The buggy address belongs to the object at ffff88810294b780 [ 31.358218] which belongs to the cache kmalloc-64 of size 64 [ 31.358218] The buggy address is located 0 bytes to the right of [ 31.358218] allocated 48-byte region [ffff88810294b780, ffff88810294b7b0) [ 31.358218] [ 31.358218] The buggy address belongs to the physical page: [ 31.358218] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294b [ 31.358218] flags: 0x200000000000000(node=0|zone=2) [ 31.358218] page_type: f5(slab) [ 31.358218] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.358218] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.358218] page dumped because: kasan: bad access detected [ 31.358218] [ 31.358218] Memory state around the buggy address: [ 31.358218] ffff88810294b680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.358218] ffff88810294b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.358218] >ffff88810294b780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.358218] ^ [ 31.358218] ffff88810294b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.358218] ffff88810294b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.358218] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 29.602969] ================================================================== [ 29.603370] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.603452] Read of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.603452] [ 29.605097] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.605097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.605097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.605097] Call Trace: [ 29.605097] <TASK> [ 29.605097] dump_stack_lvl+0x73/0xb0 [ 29.605097] print_report+0xd1/0x640 [ 29.605097] ? __virt_addr_valid+0x1db/0x2d0 [ 29.605097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.605097] kasan_report+0x102/0x140 [ 29.605097] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.605097] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.605097] __asan_report_load8_noabort+0x18/0x20 [ 29.605097] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.605097] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.605097] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.605097] ? __pfx_read_hpet+0x10/0x10 [ 29.605097] ? kasan_bitops_generic+0x93/0x1c0 [ 29.605097] kasan_bitops_generic+0x122/0x1c0 [ 29.605097] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.605097] ? ktime_get_ts64+0x84/0x230 [ 29.605097] kunit_try_run_case+0x1b3/0x490 [ 29.605097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.605097] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.605097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.605097] ? __kthread_parkme+0x82/0x160 [ 29.605097] ? preempt_count_sub+0x50/0x80 [ 29.605097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.605097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.605097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.605097] kthread+0x257/0x310 [ 29.605097] ? __pfx_kthread+0x10/0x10 [ 29.605097] ret_from_fork+0x41/0x80 [ 29.605097] ? __pfx_kthread+0x10/0x10 [ 29.605097] ret_from_fork_asm+0x1a/0x30 [ 29.605097] </TASK> [ 29.605097] [ 29.605097] Allocated by task 270: [ 29.605097] kasan_save_stack+0x3d/0x60 [ 29.605097] kasan_save_track+0x18/0x40 [ 29.605097] kasan_save_alloc_info+0x3b/0x50 [ 29.605097] __kasan_kmalloc+0xb7/0xc0 [ 29.605097] __kmalloc_cache_noprof+0x184/0x410 [ 29.605097] kasan_bitops_generic+0x93/0x1c0 [ 29.605097] kunit_try_run_case+0x1b3/0x490 [ 29.605097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.605097] kthread+0x257/0x310 [ 29.605097] ret_from_fork+0x41/0x80 [ 29.605097] ret_from_fork_asm+0x1a/0x30 [ 29.605097] [ 29.605097] The buggy address belongs to the object at ffff888101a46900 [ 29.605097] which belongs to the cache kmalloc-16 of size 16 [ 29.605097] The buggy address is located 8 bytes inside of [ 29.605097] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.605097] [ 29.605097] The buggy address belongs to the physical page: [ 29.605097] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.605097] flags: 0x200000000000000(node=0|zone=2) [ 29.605097] page_type: f5(slab) [ 29.605097] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.605097] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.605097] page dumped because: kasan: bad access detected [ 29.605097] [ 29.605097] Memory state around the buggy address: [ 29.605097] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.605097] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.605097] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.605097] ^ [ 29.605097] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.605097] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.605097] ================================================================== [ 29.286711] ================================================================== [ 29.287372] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.287372] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.287372] [ 29.287372] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.287372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.287372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.287372] Call Trace: [ 29.287372] <TASK> [ 29.287372] dump_stack_lvl+0x73/0xb0 [ 29.287372] print_report+0xd1/0x640 [ 29.287372] ? __virt_addr_valid+0x1db/0x2d0 [ 29.287372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.287372] kasan_report+0x102/0x140 [ 29.287372] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.287372] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.287372] kasan_check_range+0x10c/0x1c0 [ 29.287372] __kasan_check_write+0x18/0x20 [ 29.287372] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.287372] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.287372] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.287372] ? __pfx_read_hpet+0x10/0x10 [ 29.287372] ? kasan_bitops_generic+0x93/0x1c0 [ 29.287372] kasan_bitops_generic+0x122/0x1c0 [ 29.287372] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.287372] ? ktime_get_ts64+0x84/0x230 [ 29.287372] kunit_try_run_case+0x1b3/0x490 [ 29.287372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.287372] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.287372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.287372] ? __kthread_parkme+0x82/0x160 [ 29.287372] ? preempt_count_sub+0x50/0x80 [ 29.287372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.287372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.287372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.287372] kthread+0x257/0x310 [ 29.287372] ? __pfx_kthread+0x10/0x10 [ 29.287372] ret_from_fork+0x41/0x80 [ 29.287372] ? __pfx_kthread+0x10/0x10 [ 29.287372] ret_from_fork_asm+0x1a/0x30 [ 29.287372] </TASK> [ 29.287372] [ 29.287372] Allocated by task 270: [ 29.287372] kasan_save_stack+0x3d/0x60 [ 29.287372] kasan_save_track+0x18/0x40 [ 29.287372] kasan_save_alloc_info+0x3b/0x50 [ 29.287372] __kasan_kmalloc+0xb7/0xc0 [ 29.287372] __kmalloc_cache_noprof+0x184/0x410 [ 29.287372] kasan_bitops_generic+0x93/0x1c0 [ 29.287372] kunit_try_run_case+0x1b3/0x490 [ 29.287372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.287372] kthread+0x257/0x310 [ 29.287372] ret_from_fork+0x41/0x80 [ 29.287372] ret_from_fork_asm+0x1a/0x30 [ 29.287372] [ 29.287372] The buggy address belongs to the object at ffff888101a46900 [ 29.287372] which belongs to the cache kmalloc-16 of size 16 [ 29.287372] The buggy address is located 8 bytes inside of [ 29.287372] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.287372] [ 29.287372] The buggy address belongs to the physical page: [ 29.287372] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.287372] flags: 0x200000000000000(node=0|zone=2) [ 29.287372] page_type: f5(slab) [ 29.287372] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.287372] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.287372] page dumped because: kasan: bad access detected [ 29.287372] [ 29.287372] Memory state around the buggy address: [ 29.287372] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.287372] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.287372] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.287372] ^ [ 29.287372] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.287372] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.287372] ================================================================== [ 29.464087] ================================================================== [ 29.464602] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.464602] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.466518] [ 29.466518] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.466518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.466518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.466518] Call Trace: [ 29.466518] <TASK> [ 29.466518] dump_stack_lvl+0x73/0xb0 [ 29.466518] print_report+0xd1/0x640 [ 29.466518] ? __virt_addr_valid+0x1db/0x2d0 [ 29.466518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.466518] kasan_report+0x102/0x140 [ 29.466518] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.466518] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.466518] kasan_check_range+0x10c/0x1c0 [ 29.466518] __kasan_check_write+0x18/0x20 [ 29.466518] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.466518] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.466518] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.466518] ? __pfx_read_hpet+0x10/0x10 [ 29.466518] ? kasan_bitops_generic+0x93/0x1c0 [ 29.466518] kasan_bitops_generic+0x122/0x1c0 [ 29.466518] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.466518] ? ktime_get_ts64+0x84/0x230 [ 29.466518] kunit_try_run_case+0x1b3/0x490 [ 29.466518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.466518] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.466518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.466518] ? __kthread_parkme+0x82/0x160 [ 29.466518] ? preempt_count_sub+0x50/0x80 [ 29.466518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.466518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.466518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.466518] kthread+0x257/0x310 [ 29.466518] ? __pfx_kthread+0x10/0x10 [ 29.466518] ret_from_fork+0x41/0x80 [ 29.466518] ? __pfx_kthread+0x10/0x10 [ 29.466518] ret_from_fork_asm+0x1a/0x30 [ 29.466518] </TASK> [ 29.466518] [ 29.466518] Allocated by task 270: [ 29.466518] kasan_save_stack+0x3d/0x60 [ 29.466518] kasan_save_track+0x18/0x40 [ 29.466518] kasan_save_alloc_info+0x3b/0x50 [ 29.466518] __kasan_kmalloc+0xb7/0xc0 [ 29.466518] __kmalloc_cache_noprof+0x184/0x410 [ 29.466518] kasan_bitops_generic+0x93/0x1c0 [ 29.466518] kunit_try_run_case+0x1b3/0x490 [ 29.466518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.466518] kthread+0x257/0x310 [ 29.466518] ret_from_fork+0x41/0x80 [ 29.466518] ret_from_fork_asm+0x1a/0x30 [ 29.466518] [ 29.466518] The buggy address belongs to the object at ffff888101a46900 [ 29.466518] which belongs to the cache kmalloc-16 of size 16 [ 29.466518] The buggy address is located 8 bytes inside of [ 29.466518] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.466518] [ 29.466518] The buggy address belongs to the physical page: [ 29.466518] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.466518] flags: 0x200000000000000(node=0|zone=2) [ 29.466518] page_type: f5(slab) [ 29.466518] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.466518] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.466518] page dumped because: kasan: bad access detected [ 29.466518] [ 29.466518] Memory state around the buggy address: [ 29.466518] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.466518] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.466518] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.466518] ^ [ 29.466518] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.466518] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.466518] ================================================================== [ 29.552758] ================================================================== [ 29.553437] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.553437] Read of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.553437] [ 29.553437] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.553437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.553437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.553437] Call Trace: [ 29.553437] <TASK> [ 29.553437] dump_stack_lvl+0x73/0xb0 [ 29.553437] print_report+0xd1/0x640 [ 29.553437] ? __virt_addr_valid+0x1db/0x2d0 [ 29.553437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.553437] kasan_report+0x102/0x140 [ 29.553437] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.553437] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.553437] kasan_check_range+0x10c/0x1c0 [ 29.553437] __kasan_check_read+0x15/0x20 [ 29.553437] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.553437] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.553437] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.553437] ? __pfx_read_hpet+0x10/0x10 [ 29.553437] ? kasan_bitops_generic+0x93/0x1c0 [ 29.553437] kasan_bitops_generic+0x122/0x1c0 [ 29.553437] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.553437] ? ktime_get_ts64+0x84/0x230 [ 29.553437] kunit_try_run_case+0x1b3/0x490 [ 29.553437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.553437] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.553437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.553437] ? __kthread_parkme+0x82/0x160 [ 29.553437] ? preempt_count_sub+0x50/0x80 [ 29.553437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.553437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.553437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.553437] kthread+0x257/0x310 [ 29.553437] ? __pfx_kthread+0x10/0x10 [ 29.553437] ret_from_fork+0x41/0x80 [ 29.553437] ? __pfx_kthread+0x10/0x10 [ 29.553437] ret_from_fork_asm+0x1a/0x30 [ 29.553437] </TASK> [ 29.553437] [ 29.553437] Allocated by task 270: [ 29.553437] kasan_save_stack+0x3d/0x60 [ 29.553437] kasan_save_track+0x18/0x40 [ 29.553437] kasan_save_alloc_info+0x3b/0x50 [ 29.553437] __kasan_kmalloc+0xb7/0xc0 [ 29.553437] __kmalloc_cache_noprof+0x184/0x410 [ 29.553437] kasan_bitops_generic+0x93/0x1c0 [ 29.553437] kunit_try_run_case+0x1b3/0x490 [ 29.553437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.553437] kthread+0x257/0x310 [ 29.553437] ret_from_fork+0x41/0x80 [ 29.553437] ret_from_fork_asm+0x1a/0x30 [ 29.553437] [ 29.553437] The buggy address belongs to the object at ffff888101a46900 [ 29.553437] which belongs to the cache kmalloc-16 of size 16 [ 29.553437] The buggy address is located 8 bytes inside of [ 29.553437] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.553437] [ 29.553437] The buggy address belongs to the physical page: [ 29.553437] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.553437] flags: 0x200000000000000(node=0|zone=2) [ 29.553437] page_type: f5(slab) [ 29.553437] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.553437] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.553437] page dumped because: kasan: bad access detected [ 29.553437] [ 29.553437] Memory state around the buggy address: [ 29.553437] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.553437] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.553437] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.553437] ^ [ 29.553437] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.553437] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.553437] ================================================================== [ 29.425016] ================================================================== [ 29.425509] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.425509] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.425509] [ 29.425509] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.425509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.425509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.425509] Call Trace: [ 29.425509] <TASK> [ 29.425509] dump_stack_lvl+0x73/0xb0 [ 29.425509] print_report+0xd1/0x640 [ 29.425509] ? __virt_addr_valid+0x1db/0x2d0 [ 29.425509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.425509] kasan_report+0x102/0x140 [ 29.425509] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.425509] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.425509] kasan_check_range+0x10c/0x1c0 [ 29.425509] __kasan_check_write+0x18/0x20 [ 29.425509] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.425509] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.425509] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.425509] ? __pfx_read_hpet+0x10/0x10 [ 29.425509] ? kasan_bitops_generic+0x93/0x1c0 [ 29.425509] kasan_bitops_generic+0x122/0x1c0 [ 29.425509] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.425509] ? ktime_get_ts64+0x84/0x230 [ 29.425509] kunit_try_run_case+0x1b3/0x490 [ 29.425509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.425509] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.425509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.425509] ? __kthread_parkme+0x82/0x160 [ 29.425509] ? preempt_count_sub+0x50/0x80 [ 29.425509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.425509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.425509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.425509] kthread+0x257/0x310 [ 29.425509] ? __pfx_kthread+0x10/0x10 [ 29.425509] ret_from_fork+0x41/0x80 [ 29.425509] ? __pfx_kthread+0x10/0x10 [ 29.425509] ret_from_fork_asm+0x1a/0x30 [ 29.425509] </TASK> [ 29.425509] [ 29.425509] Allocated by task 270: [ 29.425509] kasan_save_stack+0x3d/0x60 [ 29.425509] kasan_save_track+0x18/0x40 [ 29.425509] kasan_save_alloc_info+0x3b/0x50 [ 29.425509] __kasan_kmalloc+0xb7/0xc0 [ 29.425509] __kmalloc_cache_noprof+0x184/0x410 [ 29.425509] kasan_bitops_generic+0x93/0x1c0 [ 29.425509] kunit_try_run_case+0x1b3/0x490 [ 29.425509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.425509] kthread+0x257/0x310 [ 29.425509] ret_from_fork+0x41/0x80 [ 29.425509] ret_from_fork_asm+0x1a/0x30 [ 29.425509] [ 29.425509] The buggy address belongs to the object at ffff888101a46900 [ 29.425509] which belongs to the cache kmalloc-16 of size 16 [ 29.425509] The buggy address is located 8 bytes inside of [ 29.425509] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.425509] [ 29.425509] The buggy address belongs to the physical page: [ 29.425509] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.425509] flags: 0x200000000000000(node=0|zone=2) [ 29.425509] page_type: f5(slab) [ 29.425509] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.425509] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.425509] page dumped because: kasan: bad access detected [ 29.425509] [ 29.425509] Memory state around the buggy address: [ 29.425509] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.425509] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.425509] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.425509] ^ [ 29.425509] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.425509] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.425509] ================================================================== [ 29.385375] ================================================================== [ 29.385705] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.385705] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.386365] [ 29.386365] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.386365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.386365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.386365] Call Trace: [ 29.386365] <TASK> [ 29.386365] dump_stack_lvl+0x73/0xb0 [ 29.386365] print_report+0xd1/0x640 [ 29.386365] ? __virt_addr_valid+0x1db/0x2d0 [ 29.386365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.386365] kasan_report+0x102/0x140 [ 29.386365] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.386365] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.386365] kasan_check_range+0x10c/0x1c0 [ 29.386365] __kasan_check_write+0x18/0x20 [ 29.386365] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.386365] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.386365] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.386365] ? __pfx_read_hpet+0x10/0x10 [ 29.386365] ? kasan_bitops_generic+0x93/0x1c0 [ 29.386365] kasan_bitops_generic+0x122/0x1c0 [ 29.386365] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.386365] ? ktime_get_ts64+0x84/0x230 [ 29.386365] kunit_try_run_case+0x1b3/0x490 [ 29.386365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.386365] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.386365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.386365] ? __kthread_parkme+0x82/0x160 [ 29.386365] ? preempt_count_sub+0x50/0x80 [ 29.386365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.386365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.386365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.386365] kthread+0x257/0x310 [ 29.386365] ? __pfx_kthread+0x10/0x10 [ 29.386365] ret_from_fork+0x41/0x80 [ 29.386365] ? __pfx_kthread+0x10/0x10 [ 29.386365] ret_from_fork_asm+0x1a/0x30 [ 29.386365] </TASK> [ 29.386365] [ 29.386365] Allocated by task 270: [ 29.386365] kasan_save_stack+0x3d/0x60 [ 29.386365] kasan_save_track+0x18/0x40 [ 29.386365] kasan_save_alloc_info+0x3b/0x50 [ 29.386365] __kasan_kmalloc+0xb7/0xc0 [ 29.386365] __kmalloc_cache_noprof+0x184/0x410 [ 29.386365] kasan_bitops_generic+0x93/0x1c0 [ 29.386365] kunit_try_run_case+0x1b3/0x490 [ 29.386365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.386365] kthread+0x257/0x310 [ 29.386365] ret_from_fork+0x41/0x80 [ 29.386365] ret_from_fork_asm+0x1a/0x30 [ 29.386365] [ 29.386365] The buggy address belongs to the object at ffff888101a46900 [ 29.386365] which belongs to the cache kmalloc-16 of size 16 [ 29.386365] The buggy address is located 8 bytes inside of [ 29.386365] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.386365] [ 29.386365] The buggy address belongs to the physical page: [ 29.386365] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.386365] flags: 0x200000000000000(node=0|zone=2) [ 29.386365] page_type: f5(slab) [ 29.386365] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.386365] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.386365] page dumped because: kasan: bad access detected [ 29.386365] [ 29.386365] Memory state around the buggy address: [ 29.386365] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.386365] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.386365] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386365] ^ [ 29.386365] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386365] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386365] ================================================================== [ 29.509934] ================================================================== [ 29.510206] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.510206] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.510206] [ 29.510206] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.510206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.510206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.510206] Call Trace: [ 29.510206] <TASK> [ 29.510206] dump_stack_lvl+0x73/0xb0 [ 29.510206] print_report+0xd1/0x640 [ 29.510206] ? __virt_addr_valid+0x1db/0x2d0 [ 29.510206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.510206] kasan_report+0x102/0x140 [ 29.510206] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.510206] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.510206] kasan_check_range+0x10c/0x1c0 [ 29.510206] __kasan_check_write+0x18/0x20 [ 29.510206] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.510206] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.510206] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.510206] ? __pfx_read_hpet+0x10/0x10 [ 29.510206] ? kasan_bitops_generic+0x93/0x1c0 [ 29.510206] kasan_bitops_generic+0x122/0x1c0 [ 29.510206] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.510206] ? ktime_get_ts64+0x84/0x230 [ 29.510206] kunit_try_run_case+0x1b3/0x490 [ 29.510206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.510206] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.510206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.510206] ? __kthread_parkme+0x82/0x160 [ 29.510206] ? preempt_count_sub+0x50/0x80 [ 29.510206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.510206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.510206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.510206] kthread+0x257/0x310 [ 29.510206] ? __pfx_kthread+0x10/0x10 [ 29.510206] ret_from_fork+0x41/0x80 [ 29.510206] ? __pfx_kthread+0x10/0x10 [ 29.510206] ret_from_fork_asm+0x1a/0x30 [ 29.510206] </TASK> [ 29.510206] [ 29.510206] Allocated by task 270: [ 29.510206] kasan_save_stack+0x3d/0x60 [ 29.510206] kasan_save_track+0x18/0x40 [ 29.510206] kasan_save_alloc_info+0x3b/0x50 [ 29.510206] __kasan_kmalloc+0xb7/0xc0 [ 29.510206] __kmalloc_cache_noprof+0x184/0x410 [ 29.510206] kasan_bitops_generic+0x93/0x1c0 [ 29.510206] kunit_try_run_case+0x1b3/0x490 [ 29.510206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.510206] kthread+0x257/0x310 [ 29.510206] ret_from_fork+0x41/0x80 [ 29.510206] ret_from_fork_asm+0x1a/0x30 [ 29.510206] [ 29.510206] The buggy address belongs to the object at ffff888101a46900 [ 29.510206] which belongs to the cache kmalloc-16 of size 16 [ 29.510206] The buggy address is located 8 bytes inside of [ 29.510206] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.510206] [ 29.510206] The buggy address belongs to the physical page: [ 29.510206] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.510206] flags: 0x200000000000000(node=0|zone=2) [ 29.510206] page_type: f5(slab) [ 29.510206] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.510206] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.510206] page dumped because: kasan: bad access detected [ 29.510206] [ 29.510206] Memory state around the buggy address: [ 29.510206] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.510206] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.510206] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.510206] ^ [ 29.510206] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.510206] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.510206] ================================================================== [ 29.248612] ================================================================== [ 29.249241] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.249241] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.249241] [ 29.249241] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.249241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.249241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.249241] Call Trace: [ 29.249241] <TASK> [ 29.249241] dump_stack_lvl+0x73/0xb0 [ 29.249241] print_report+0xd1/0x640 [ 29.249241] ? __virt_addr_valid+0x1db/0x2d0 [ 29.249241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.249241] kasan_report+0x102/0x140 [ 29.249241] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.249241] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.249241] kasan_check_range+0x10c/0x1c0 [ 29.249241] __kasan_check_write+0x18/0x20 [ 29.249241] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.249241] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.249241] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.249241] ? __pfx_read_hpet+0x10/0x10 [ 29.249241] ? kasan_bitops_generic+0x93/0x1c0 [ 29.249241] kasan_bitops_generic+0x122/0x1c0 [ 29.249241] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.249241] ? ktime_get_ts64+0x84/0x230 [ 29.249241] kunit_try_run_case+0x1b3/0x490 [ 29.249241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.249241] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.249241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.249241] ? __kthread_parkme+0x82/0x160 [ 29.249241] ? preempt_count_sub+0x50/0x80 [ 29.249241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.249241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.249241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.249241] kthread+0x257/0x310 [ 29.249241] ? __pfx_kthread+0x10/0x10 [ 29.249241] ret_from_fork+0x41/0x80 [ 29.249241] ? __pfx_kthread+0x10/0x10 [ 29.249241] ret_from_fork_asm+0x1a/0x30 [ 29.249241] </TASK> [ 29.249241] [ 29.249241] Allocated by task 270: [ 29.249241] kasan_save_stack+0x3d/0x60 [ 29.249241] kasan_save_track+0x18/0x40 [ 29.249241] kasan_save_alloc_info+0x3b/0x50 [ 29.249241] __kasan_kmalloc+0xb7/0xc0 [ 29.249241] __kmalloc_cache_noprof+0x184/0x410 [ 29.249241] kasan_bitops_generic+0x93/0x1c0 [ 29.249241] kunit_try_run_case+0x1b3/0x490 [ 29.249241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.249241] kthread+0x257/0x310 [ 29.249241] ret_from_fork+0x41/0x80 [ 29.249241] ret_from_fork_asm+0x1a/0x30 [ 29.249241] [ 29.249241] The buggy address belongs to the object at ffff888101a46900 [ 29.249241] which belongs to the cache kmalloc-16 of size 16 [ 29.249241] The buggy address is located 8 bytes inside of [ 29.249241] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.249241] [ 29.249241] The buggy address belongs to the physical page: [ 29.249241] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.249241] flags: 0x200000000000000(node=0|zone=2) [ 29.249241] page_type: f5(slab) [ 29.249241] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.249241] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.249241] page dumped because: kasan: bad access detected [ 29.249241] [ 29.249241] Memory state around the buggy address: [ 29.249241] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.249241] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.249241] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.249241] ^ [ 29.249241] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.249241] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.249241] ================================================================== [ 29.333103] ================================================================== [ 29.333781] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.333781] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.333781] [ 29.333781] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.333781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.333781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.333781] Call Trace: [ 29.333781] <TASK> [ 29.333781] dump_stack_lvl+0x73/0xb0 [ 29.333781] print_report+0xd1/0x640 [ 29.333781] ? __virt_addr_valid+0x1db/0x2d0 [ 29.333781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.333781] kasan_report+0x102/0x140 [ 29.333781] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.333781] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.333781] kasan_check_range+0x10c/0x1c0 [ 29.333781] __kasan_check_write+0x18/0x20 [ 29.333781] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.333781] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.333781] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.333781] ? __pfx_read_hpet+0x10/0x10 [ 29.333781] ? kasan_bitops_generic+0x93/0x1c0 [ 29.333781] kasan_bitops_generic+0x122/0x1c0 [ 29.333781] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.333781] ? ktime_get_ts64+0x84/0x230 [ 29.333781] kunit_try_run_case+0x1b3/0x490 [ 29.333781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.333781] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.333781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.333781] ? __kthread_parkme+0x82/0x160 [ 29.333781] ? preempt_count_sub+0x50/0x80 [ 29.333781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.333781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.333781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.333781] kthread+0x257/0x310 [ 29.333781] ? __pfx_kthread+0x10/0x10 [ 29.333781] ret_from_fork+0x41/0x80 [ 29.333781] ? __pfx_kthread+0x10/0x10 [ 29.333781] ret_from_fork_asm+0x1a/0x30 [ 29.333781] </TASK> [ 29.333781] [ 29.333781] Allocated by task 270: [ 29.333781] kasan_save_stack+0x3d/0x60 [ 29.333781] kasan_save_track+0x18/0x40 [ 29.333781] kasan_save_alloc_info+0x3b/0x50 [ 29.333781] __kasan_kmalloc+0xb7/0xc0 [ 29.333781] __kmalloc_cache_noprof+0x184/0x410 [ 29.333781] kasan_bitops_generic+0x93/0x1c0 [ 29.333781] kunit_try_run_case+0x1b3/0x490 [ 29.333781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.333781] kthread+0x257/0x310 [ 29.333781] ret_from_fork+0x41/0x80 [ 29.333781] ret_from_fork_asm+0x1a/0x30 [ 29.333781] [ 29.333781] The buggy address belongs to the object at ffff888101a46900 [ 29.333781] which belongs to the cache kmalloc-16 of size 16 [ 29.333781] The buggy address is located 8 bytes inside of [ 29.333781] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.333781] [ 29.333781] The buggy address belongs to the physical page: [ 29.333781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.333781] flags: 0x200000000000000(node=0|zone=2) [ 29.333781] page_type: f5(slab) [ 29.333781] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.333781] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.333781] page dumped because: kasan: bad access detected [ 29.333781] [ 29.333781] Memory state around the buggy address: [ 29.333781] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.333781] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.333781] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.333781] ^ [ 29.333781] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.333781] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.333781] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 28.959279] ================================================================== [ 28.959663] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.959663] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 28.959663] [ 28.959663] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.959663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.959663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.959663] Call Trace: [ 28.959663] <TASK> [ 28.959663] dump_stack_lvl+0x73/0xb0 [ 28.959663] print_report+0xd1/0x640 [ 28.959663] ? __virt_addr_valid+0x1db/0x2d0 [ 28.959663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.959663] kasan_report+0x102/0x140 [ 28.959663] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.959663] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.959663] kasan_check_range+0x10c/0x1c0 [ 28.959663] __kasan_check_write+0x18/0x20 [ 28.959663] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.959663] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.959663] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.959663] ? __pfx_read_hpet+0x10/0x10 [ 28.959663] ? kasan_bitops_generic+0x93/0x1c0 [ 28.959663] kasan_bitops_generic+0x117/0x1c0 [ 28.959663] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.959663] ? ktime_get_ts64+0x84/0x230 [ 28.959663] kunit_try_run_case+0x1b3/0x490 [ 28.959663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.959663] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.959663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.959663] ? __kthread_parkme+0x82/0x160 [ 28.959663] ? preempt_count_sub+0x50/0x80 [ 28.959663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.959663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.959663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.959663] kthread+0x257/0x310 [ 28.959663] ? __pfx_kthread+0x10/0x10 [ 28.959663] ret_from_fork+0x41/0x80 [ 28.959663] ? __pfx_kthread+0x10/0x10 [ 28.959663] ret_from_fork_asm+0x1a/0x30 [ 28.959663] </TASK> [ 28.959663] [ 28.959663] Allocated by task 270: [ 28.959663] kasan_save_stack+0x3d/0x60 [ 28.959663] kasan_save_track+0x18/0x40 [ 28.959663] kasan_save_alloc_info+0x3b/0x50 [ 28.959663] __kasan_kmalloc+0xb7/0xc0 [ 28.959663] __kmalloc_cache_noprof+0x184/0x410 [ 28.959663] kasan_bitops_generic+0x93/0x1c0 [ 28.959663] kunit_try_run_case+0x1b3/0x490 [ 28.959663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.959663] kthread+0x257/0x310 [ 28.959663] ret_from_fork+0x41/0x80 [ 28.959663] ret_from_fork_asm+0x1a/0x30 [ 28.959663] [ 28.959663] The buggy address belongs to the object at ffff888101a46900 [ 28.959663] which belongs to the cache kmalloc-16 of size 16 [ 28.959663] The buggy address is located 8 bytes inside of [ 28.959663] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 28.959663] [ 28.959663] The buggy address belongs to the physical page: [ 28.959663] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 28.959663] flags: 0x200000000000000(node=0|zone=2) [ 28.959663] page_type: f5(slab) [ 28.959663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.959663] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.959663] page dumped because: kasan: bad access detected [ 28.959663] [ 28.959663] Memory state around the buggy address: [ 28.959663] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 28.959663] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.959663] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.959663] ^ [ 28.959663] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.959663] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.959663] ================================================================== [ 28.910155] ================================================================== [ 28.910155] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.910155] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 28.910155] [ 28.910155] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.910155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.910155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.910155] Call Trace: [ 28.910155] <TASK> [ 28.910155] dump_stack_lvl+0x73/0xb0 [ 28.910155] print_report+0xd1/0x640 [ 28.910155] ? __virt_addr_valid+0x1db/0x2d0 [ 28.910155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.910155] kasan_report+0x102/0x140 [ 28.910155] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.910155] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.910155] kasan_check_range+0x10c/0x1c0 [ 28.910155] __kasan_check_write+0x18/0x20 [ 28.910155] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.910155] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.910155] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.910155] ? __pfx_read_hpet+0x10/0x10 [ 28.910155] ? kasan_bitops_generic+0x93/0x1c0 [ 28.910155] kasan_bitops_generic+0x117/0x1c0 [ 28.910155] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.910155] ? ktime_get_ts64+0x84/0x230 [ 28.910155] kunit_try_run_case+0x1b3/0x490 [ 28.910155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.910155] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.910155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.910155] ? __kthread_parkme+0x82/0x160 [ 28.910155] ? preempt_count_sub+0x50/0x80 [ 28.910155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.910155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.910155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.910155] kthread+0x257/0x310 [ 28.910155] ? __pfx_kthread+0x10/0x10 [ 28.910155] ret_from_fork+0x41/0x80 [ 28.910155] ? __pfx_kthread+0x10/0x10 [ 28.910155] ret_from_fork_asm+0x1a/0x30 [ 28.910155] </TASK> [ 28.910155] [ 28.910155] Allocated by task 270: [ 28.910155] kasan_save_stack+0x3d/0x60 [ 28.910155] kasan_save_track+0x18/0x40 [ 28.910155] kasan_save_alloc_info+0x3b/0x50 [ 28.910155] __kasan_kmalloc+0xb7/0xc0 [ 28.910155] __kmalloc_cache_noprof+0x184/0x410 [ 28.910155] kasan_bitops_generic+0x93/0x1c0 [ 28.910155] kunit_try_run_case+0x1b3/0x490 [ 28.910155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.910155] kthread+0x257/0x310 [ 28.910155] ret_from_fork+0x41/0x80 [ 28.910155] ret_from_fork_asm+0x1a/0x30 [ 28.910155] [ 28.910155] The buggy address belongs to the object at ffff888101a46900 [ 28.910155] which belongs to the cache kmalloc-16 of size 16 [ 28.910155] The buggy address is located 8 bytes inside of [ 28.910155] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 28.910155] [ 28.910155] The buggy address belongs to the physical page: [ 28.910155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 28.910155] flags: 0x200000000000000(node=0|zone=2) [ 28.910155] page_type: f5(slab) [ 28.910155] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.910155] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.910155] page dumped because: kasan: bad access detected [ 28.910155] [ 28.910155] Memory state around the buggy address: [ 28.910155] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 28.910155] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.910155] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.910155] ^ [ 28.910155] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.910155] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.910155] ================================================================== [ 29.010290] ================================================================== [ 29.010772] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.011084] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.011084] [ 29.011084] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.011084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.011084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.011084] Call Trace: [ 29.011084] <TASK> [ 29.011084] dump_stack_lvl+0x73/0xb0 [ 29.011084] print_report+0xd1/0x640 [ 29.011084] ? __virt_addr_valid+0x1db/0x2d0 [ 29.011084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.011084] kasan_report+0x102/0x140 [ 29.011084] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.011084] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.011084] kasan_check_range+0x10c/0x1c0 [ 29.011084] __kasan_check_write+0x18/0x20 [ 29.011084] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.011084] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.011084] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.011084] ? __pfx_read_hpet+0x10/0x10 [ 29.011084] ? kasan_bitops_generic+0x93/0x1c0 [ 29.011084] kasan_bitops_generic+0x117/0x1c0 [ 29.011084] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.011084] ? ktime_get_ts64+0x84/0x230 [ 29.011084] kunit_try_run_case+0x1b3/0x490 [ 29.011084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.011084] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.011084] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.011084] ? __kthread_parkme+0x82/0x160 [ 29.011084] ? preempt_count_sub+0x50/0x80 [ 29.011084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.011084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.011084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.011084] kthread+0x257/0x310 [ 29.011084] ? __pfx_kthread+0x10/0x10 [ 29.011084] ret_from_fork+0x41/0x80 [ 29.011084] ? __pfx_kthread+0x10/0x10 [ 29.011084] ret_from_fork_asm+0x1a/0x30 [ 29.011084] </TASK> [ 29.011084] [ 29.011084] Allocated by task 270: [ 29.011084] kasan_save_stack+0x3d/0x60 [ 29.011084] kasan_save_track+0x18/0x40 [ 29.011084] kasan_save_alloc_info+0x3b/0x50 [ 29.011084] __kasan_kmalloc+0xb7/0xc0 [ 29.011084] __kmalloc_cache_noprof+0x184/0x410 [ 29.011084] kasan_bitops_generic+0x93/0x1c0 [ 29.011084] kunit_try_run_case+0x1b3/0x490 [ 29.011084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.011084] kthread+0x257/0x310 [ 29.011084] ret_from_fork+0x41/0x80 [ 29.011084] ret_from_fork_asm+0x1a/0x30 [ 29.011084] [ 29.011084] The buggy address belongs to the object at ffff888101a46900 [ 29.011084] which belongs to the cache kmalloc-16 of size 16 [ 29.011084] The buggy address is located 8 bytes inside of [ 29.011084] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.011084] [ 29.011084] The buggy address belongs to the physical page: [ 29.011084] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.011084] flags: 0x200000000000000(node=0|zone=2) [ 29.011084] page_type: f5(slab) [ 29.011084] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.011084] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.011084] page dumped because: kasan: bad access detected [ 29.011084] [ 29.011084] Memory state around the buggy address: [ 29.011084] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.011084] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.011084] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.011084] ^ [ 29.011084] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.011084] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.011084] ================================================================== [ 29.062210] ================================================================== [ 29.062210] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.062210] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.062210] [ 29.062210] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.062210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.062210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.062210] Call Trace: [ 29.062210] <TASK> [ 29.062210] dump_stack_lvl+0x73/0xb0 [ 29.062210] print_report+0xd1/0x640 [ 29.062210] ? __virt_addr_valid+0x1db/0x2d0 [ 29.062210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.062210] kasan_report+0x102/0x140 [ 29.062210] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.062210] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.062210] kasan_check_range+0x10c/0x1c0 [ 29.062210] __kasan_check_write+0x18/0x20 [ 29.062210] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.062210] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.062210] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.062210] ? __pfx_read_hpet+0x10/0x10 [ 29.062210] ? kasan_bitops_generic+0x93/0x1c0 [ 29.062210] kasan_bitops_generic+0x117/0x1c0 [ 29.062210] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.062210] ? ktime_get_ts64+0x84/0x230 [ 29.062210] kunit_try_run_case+0x1b3/0x490 [ 29.062210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.062210] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.062210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.062210] ? __kthread_parkme+0x82/0x160 [ 29.062210] ? preempt_count_sub+0x50/0x80 [ 29.062210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.062210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.062210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.062210] kthread+0x257/0x310 [ 29.062210] ? __pfx_kthread+0x10/0x10 [ 29.062210] ret_from_fork+0x41/0x80 [ 29.062210] ? __pfx_kthread+0x10/0x10 [ 29.062210] ret_from_fork_asm+0x1a/0x30 [ 29.062210] </TASK> [ 29.062210] [ 29.062210] Allocated by task 270: [ 29.062210] kasan_save_stack+0x3d/0x60 [ 29.062210] kasan_save_track+0x18/0x40 [ 29.062210] kasan_save_alloc_info+0x3b/0x50 [ 29.062210] __kasan_kmalloc+0xb7/0xc0 [ 29.062210] __kmalloc_cache_noprof+0x184/0x410 [ 29.062210] kasan_bitops_generic+0x93/0x1c0 [ 29.062210] kunit_try_run_case+0x1b3/0x490 [ 29.062210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.062210] kthread+0x257/0x310 [ 29.062210] ret_from_fork+0x41/0x80 [ 29.062210] ret_from_fork_asm+0x1a/0x30 [ 29.062210] [ 29.062210] The buggy address belongs to the object at ffff888101a46900 [ 29.062210] which belongs to the cache kmalloc-16 of size 16 [ 29.062210] The buggy address is located 8 bytes inside of [ 29.062210] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.062210] [ 29.062210] The buggy address belongs to the physical page: [ 29.062210] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.062210] flags: 0x200000000000000(node=0|zone=2) [ 29.062210] page_type: f5(slab) [ 29.062210] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.062210] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.062210] page dumped because: kasan: bad access detected [ 29.062210] [ 29.062210] Memory state around the buggy address: [ 29.062210] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.062210] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.062210] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.062210] ^ [ 29.062210] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.062210] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.062210] ================================================================== [ 29.159764] ================================================================== [ 29.160481] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.160481] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.160481] [ 29.160481] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.160481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.160481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.160481] Call Trace: [ 29.160481] <TASK> [ 29.160481] dump_stack_lvl+0x73/0xb0 [ 29.160481] print_report+0xd1/0x640 [ 29.160481] ? __virt_addr_valid+0x1db/0x2d0 [ 29.160481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.160481] kasan_report+0x102/0x140 [ 29.160481] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.160481] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.160481] kasan_check_range+0x10c/0x1c0 [ 29.160481] __kasan_check_write+0x18/0x20 [ 29.160481] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.160481] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.160481] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.160481] ? __pfx_read_hpet+0x10/0x10 [ 29.160481] ? kasan_bitops_generic+0x93/0x1c0 [ 29.160481] kasan_bitops_generic+0x117/0x1c0 [ 29.160481] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.160481] ? ktime_get_ts64+0x84/0x230 [ 29.160481] kunit_try_run_case+0x1b3/0x490 [ 29.160481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.160481] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.160481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.160481] ? __kthread_parkme+0x82/0x160 [ 29.160481] ? preempt_count_sub+0x50/0x80 [ 29.160481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.160481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.160481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.160481] kthread+0x257/0x310 [ 29.160481] ? __pfx_kthread+0x10/0x10 [ 29.160481] ret_from_fork+0x41/0x80 [ 29.160481] ? __pfx_kthread+0x10/0x10 [ 29.160481] ret_from_fork_asm+0x1a/0x30 [ 29.160481] </TASK> [ 29.160481] [ 29.160481] Allocated by task 270: [ 29.160481] kasan_save_stack+0x3d/0x60 [ 29.160481] kasan_save_track+0x18/0x40 [ 29.160481] kasan_save_alloc_info+0x3b/0x50 [ 29.160481] __kasan_kmalloc+0xb7/0xc0 [ 29.160481] __kmalloc_cache_noprof+0x184/0x410 [ 29.160481] kasan_bitops_generic+0x93/0x1c0 [ 29.160481] kunit_try_run_case+0x1b3/0x490 [ 29.160481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.160481] kthread+0x257/0x310 [ 29.160481] ret_from_fork+0x41/0x80 [ 29.160481] ret_from_fork_asm+0x1a/0x30 [ 29.160481] [ 29.160481] The buggy address belongs to the object at ffff888101a46900 [ 29.160481] which belongs to the cache kmalloc-16 of size 16 [ 29.160481] The buggy address is located 8 bytes inside of [ 29.160481] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.160481] [ 29.160481] The buggy address belongs to the physical page: [ 29.160481] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.160481] flags: 0x200000000000000(node=0|zone=2) [ 29.160481] page_type: f5(slab) [ 29.160481] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.160481] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.160481] page dumped because: kasan: bad access detected [ 29.160481] [ 29.160481] Memory state around the buggy address: [ 29.160481] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.160481] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.160481] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160481] ^ [ 29.160481] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160481] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160481] ================================================================== [ 29.201005] ================================================================== [ 29.201255] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.201255] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.201255] [ 29.201255] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.201255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.201255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.201255] Call Trace: [ 29.201255] <TASK> [ 29.201255] dump_stack_lvl+0x73/0xb0 [ 29.201255] print_report+0xd1/0x640 [ 29.201255] ? __virt_addr_valid+0x1db/0x2d0 [ 29.201255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.201255] kasan_report+0x102/0x140 [ 29.201255] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.201255] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.201255] kasan_check_range+0x10c/0x1c0 [ 29.201255] __kasan_check_write+0x18/0x20 [ 29.201255] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.201255] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.201255] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.201255] ? __pfx_read_hpet+0x10/0x10 [ 29.201255] ? kasan_bitops_generic+0x93/0x1c0 [ 29.201255] kasan_bitops_generic+0x117/0x1c0 [ 29.201255] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.201255] ? ktime_get_ts64+0x84/0x230 [ 29.201255] kunit_try_run_case+0x1b3/0x490 [ 29.201255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.201255] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.201255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.201255] ? __kthread_parkme+0x82/0x160 [ 29.201255] ? preempt_count_sub+0x50/0x80 [ 29.201255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.201255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.201255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.201255] kthread+0x257/0x310 [ 29.201255] ? __pfx_kthread+0x10/0x10 [ 29.201255] ret_from_fork+0x41/0x80 [ 29.201255] ? __pfx_kthread+0x10/0x10 [ 29.201255] ret_from_fork_asm+0x1a/0x30 [ 29.201255] </TASK> [ 29.201255] [ 29.201255] Allocated by task 270: [ 29.201255] kasan_save_stack+0x3d/0x60 [ 29.201255] kasan_save_track+0x18/0x40 [ 29.201255] kasan_save_alloc_info+0x3b/0x50 [ 29.201255] __kasan_kmalloc+0xb7/0xc0 [ 29.201255] __kmalloc_cache_noprof+0x184/0x410 [ 29.201255] kasan_bitops_generic+0x93/0x1c0 [ 29.201255] kunit_try_run_case+0x1b3/0x490 [ 29.201255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.201255] kthread+0x257/0x310 [ 29.201255] ret_from_fork+0x41/0x80 [ 29.201255] ret_from_fork_asm+0x1a/0x30 [ 29.201255] [ 29.201255] The buggy address belongs to the object at ffff888101a46900 [ 29.201255] which belongs to the cache kmalloc-16 of size 16 [ 29.201255] The buggy address is located 8 bytes inside of [ 29.201255] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.201255] [ 29.201255] The buggy address belongs to the physical page: [ 29.201255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.201255] flags: 0x200000000000000(node=0|zone=2) [ 29.201255] page_type: f5(slab) [ 29.201255] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.201255] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.201255] page dumped because: kasan: bad access detected [ 29.201255] [ 29.201255] Memory state around the buggy address: [ 29.201255] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.201255] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.201255] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.201255] ^ [ 29.201255] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.201255] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.201255] ================================================================== [ 28.857750] ================================================================== [ 28.858196] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.858196] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 28.858196] [ 28.858196] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.858196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.858196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.858196] Call Trace: [ 28.858196] <TASK> [ 28.858196] dump_stack_lvl+0x73/0xb0 [ 28.858196] print_report+0xd1/0x640 [ 28.858196] ? __virt_addr_valid+0x1db/0x2d0 [ 28.858196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.858196] kasan_report+0x102/0x140 [ 28.858196] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.858196] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.858196] kasan_check_range+0x10c/0x1c0 [ 28.858196] __kasan_check_write+0x18/0x20 [ 28.858196] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.858196] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.858196] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.858196] ? __pfx_read_hpet+0x10/0x10 [ 28.858196] ? kasan_bitops_generic+0x93/0x1c0 [ 28.858196] kasan_bitops_generic+0x117/0x1c0 [ 28.858196] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.858196] ? ktime_get_ts64+0x84/0x230 [ 28.858196] kunit_try_run_case+0x1b3/0x490 [ 28.858196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.858196] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.858196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.858196] ? __kthread_parkme+0x82/0x160 [ 28.858196] ? preempt_count_sub+0x50/0x80 [ 28.858196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.858196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.858196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.858196] kthread+0x257/0x310 [ 28.858196] ? __pfx_kthread+0x10/0x10 [ 28.858196] ret_from_fork+0x41/0x80 [ 28.858196] ? __pfx_kthread+0x10/0x10 [ 28.858196] ret_from_fork_asm+0x1a/0x30 [ 28.858196] </TASK> [ 28.858196] [ 28.858196] Allocated by task 270: [ 28.858196] kasan_save_stack+0x3d/0x60 [ 28.858196] kasan_save_track+0x18/0x40 [ 28.858196] kasan_save_alloc_info+0x3b/0x50 [ 28.858196] __kasan_kmalloc+0xb7/0xc0 [ 28.858196] __kmalloc_cache_noprof+0x184/0x410 [ 28.858196] kasan_bitops_generic+0x93/0x1c0 [ 28.858196] kunit_try_run_case+0x1b3/0x490 [ 28.858196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.858196] kthread+0x257/0x310 [ 28.858196] ret_from_fork+0x41/0x80 [ 28.858196] ret_from_fork_asm+0x1a/0x30 [ 28.858196] [ 28.858196] The buggy address belongs to the object at ffff888101a46900 [ 28.858196] which belongs to the cache kmalloc-16 of size 16 [ 28.858196] The buggy address is located 8 bytes inside of [ 28.858196] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 28.858196] [ 28.858196] The buggy address belongs to the physical page: [ 28.858196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 28.858196] flags: 0x200000000000000(node=0|zone=2) [ 28.858196] page_type: f5(slab) [ 28.858196] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.858196] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.858196] page dumped because: kasan: bad access detected [ 28.858196] [ 28.858196] Memory state around the buggy address: [ 28.858196] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 28.858196] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.858196] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.858196] ^ [ 28.858196] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.858196] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.858196] ================================================================== [ 29.114179] ================================================================== [ 29.114179] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.114179] Write of size 8 at addr ffff888101a46908 by task kunit_try_catch/270 [ 29.114179] [ 29.114179] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.114179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.114179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.114179] Call Trace: [ 29.114179] <TASK> [ 29.114179] dump_stack_lvl+0x73/0xb0 [ 29.114179] print_report+0xd1/0x640 [ 29.114179] ? __virt_addr_valid+0x1db/0x2d0 [ 29.114179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.114179] kasan_report+0x102/0x140 [ 29.114179] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.114179] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.114179] kasan_check_range+0x10c/0x1c0 [ 29.114179] __kasan_check_write+0x18/0x20 [ 29.114179] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.114179] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.114179] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.114179] ? __pfx_read_hpet+0x10/0x10 [ 29.114179] ? kasan_bitops_generic+0x93/0x1c0 [ 29.114179] kasan_bitops_generic+0x117/0x1c0 [ 29.114179] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.114179] ? ktime_get_ts64+0x84/0x230 [ 29.114179] kunit_try_run_case+0x1b3/0x490 [ 29.114179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.114179] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.114179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.114179] ? __kthread_parkme+0x82/0x160 [ 29.114179] ? preempt_count_sub+0x50/0x80 [ 29.114179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.114179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.114179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.114179] kthread+0x257/0x310 [ 29.114179] ? __pfx_kthread+0x10/0x10 [ 29.114179] ret_from_fork+0x41/0x80 [ 29.114179] ? __pfx_kthread+0x10/0x10 [ 29.114179] ret_from_fork_asm+0x1a/0x30 [ 29.114179] </TASK> [ 29.114179] [ 29.114179] Allocated by task 270: [ 29.114179] kasan_save_stack+0x3d/0x60 [ 29.114179] kasan_save_track+0x18/0x40 [ 29.114179] kasan_save_alloc_info+0x3b/0x50 [ 29.114179] __kasan_kmalloc+0xb7/0xc0 [ 29.114179] __kmalloc_cache_noprof+0x184/0x410 [ 29.114179] kasan_bitops_generic+0x93/0x1c0 [ 29.114179] kunit_try_run_case+0x1b3/0x490 [ 29.114179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.114179] kthread+0x257/0x310 [ 29.114179] ret_from_fork+0x41/0x80 [ 29.114179] ret_from_fork_asm+0x1a/0x30 [ 29.114179] [ 29.114179] The buggy address belongs to the object at ffff888101a46900 [ 29.114179] which belongs to the cache kmalloc-16 of size 16 [ 29.114179] The buggy address is located 8 bytes inside of [ 29.114179] allocated 9-byte region [ffff888101a46900, ffff888101a46909) [ 29.114179] [ 29.114179] The buggy address belongs to the physical page: [ 29.114179] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 29.114179] flags: 0x200000000000000(node=0|zone=2) [ 29.114179] page_type: f5(slab) [ 29.114179] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.114179] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.114179] page dumped because: kasan: bad access detected [ 29.114179] [ 29.114179] Memory state around the buggy address: [ 29.114179] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 29.114179] ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.114179] >ffff888101a46900: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.114179] ^ [ 29.114179] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.114179] ffff888101a46a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.114179] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 28.795426] ================================================================== [ 28.795864] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 28.796118] Read of size 1 at addr ffff88810294c410 by task kunit_try_catch/268 [ 28.796118] [ 28.796118] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.797553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.797553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.798308] Call Trace: [ 28.800980] <TASK> [ 28.800980] dump_stack_lvl+0x73/0xb0 [ 28.800980] print_report+0xd1/0x640 [ 28.800980] ? __virt_addr_valid+0x1db/0x2d0 [ 28.802768] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.803053] kasan_report+0x102/0x140 [ 28.804311] ? strnlen+0x73/0x80 [ 28.804311] ? strnlen+0x73/0x80 [ 28.804311] __asan_report_load1_noabort+0x18/0x20 [ 28.804311] strnlen+0x73/0x80 [ 28.804311] kasan_strings+0x4cc/0xb60 [ 28.807645] ? __pfx_kasan_strings+0x10/0x10 [ 28.807645] ? __schedule+0xc3e/0x2790 [ 28.808547] ? ktime_get_ts64+0x84/0x230 [ 28.809443] kunit_try_run_case+0x1b3/0x490 [ 28.809443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.809443] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.809443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.809443] ? __kthread_parkme+0x82/0x160 [ 28.809443] ? preempt_count_sub+0x50/0x80 [ 28.813918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.813918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.813918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.813918] kthread+0x257/0x310 [ 28.816867] ? __pfx_kthread+0x10/0x10 [ 28.816867] ret_from_fork+0x41/0x80 [ 28.818019] ? __pfx_kthread+0x10/0x10 [ 28.818019] ret_from_fork_asm+0x1a/0x30 [ 28.818019] </TASK> [ 28.818019] [ 28.818019] Allocated by task 268: [ 28.818019] kasan_save_stack+0x3d/0x60 [ 28.821815] kasan_save_track+0x18/0x40 [ 28.821815] kasan_save_alloc_info+0x3b/0x50 [ 28.821815] __kasan_kmalloc+0xb7/0xc0 [ 28.821815] __kmalloc_cache_noprof+0x184/0x410 [ 28.821815] kasan_strings+0xb3/0xb60 [ 28.821815] kunit_try_run_case+0x1b3/0x490 [ 28.821815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.825750] kthread+0x257/0x310 [ 28.825750] ret_from_fork+0x41/0x80 [ 28.825750] ret_from_fork_asm+0x1a/0x30 [ 28.825750] [ 28.827425] Freed by task 268: [ 28.827425] kasan_save_stack+0x3d/0x60 [ 28.827425] kasan_save_track+0x18/0x40 [ 28.827425] kasan_save_free_info+0x3f/0x60 [ 28.830156] __kasan_slab_free+0x56/0x70 [ 28.830156] kfree+0x123/0x3f0 [ 28.830156] kasan_strings+0x13a/0xb60 [ 28.831491] kunit_try_run_case+0x1b3/0x490 [ 28.832597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.832597] kthread+0x257/0x310 [ 28.832597] ret_from_fork+0x41/0x80 [ 28.834946] ret_from_fork_asm+0x1a/0x30 [ 28.834946] [ 28.834946] The buggy address belongs to the object at ffff88810294c400 [ 28.834946] which belongs to the cache kmalloc-32 of size 32 [ 28.834946] The buggy address is located 16 bytes inside of [ 28.834946] freed 32-byte region [ffff88810294c400, ffff88810294c420) [ 28.837378] [ 28.837378] The buggy address belongs to the physical page: [ 28.837378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.837378] flags: 0x200000000000000(node=0|zone=2) [ 28.837378] page_type: f5(slab) [ 28.841629] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.841629] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.841629] page dumped because: kasan: bad access detected [ 28.841629] [ 28.843474] Memory state around the buggy address: [ 28.843474] ffff88810294c300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.843474] ffff88810294c380: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.845944] >ffff88810294c400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.845944] ^ [ 28.847867] ffff88810294c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.847867] ffff88810294c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.847867] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 28.740040] ================================================================== [ 28.740755] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 28.740755] Read of size 1 at addr ffff88810294c410 by task kunit_try_catch/268 [ 28.740755] [ 28.740755] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.740755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.740755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.740755] Call Trace: [ 28.745359] <TASK> [ 28.745359] dump_stack_lvl+0x73/0xb0 [ 28.746238] print_report+0xd1/0x640 [ 28.746238] ? __virt_addr_valid+0x1db/0x2d0 [ 28.746238] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.748613] kasan_report+0x102/0x140 [ 28.748613] ? strlen+0x8f/0xb0 [ 28.748613] ? strlen+0x8f/0xb0 [ 28.748613] __asan_report_load1_noabort+0x18/0x20 [ 28.750450] strlen+0x8f/0xb0 [ 28.750450] kasan_strings+0x432/0xb60 [ 28.750450] ? __pfx_kasan_strings+0x10/0x10 [ 28.750450] ? __schedule+0xc3e/0x2790 [ 28.752580] ? ktime_get_ts64+0x84/0x230 [ 28.752580] kunit_try_run_case+0x1b3/0x490 [ 28.752580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.752580] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.752580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.752580] ? __kthread_parkme+0x82/0x160 [ 28.757671] ? preempt_count_sub+0x50/0x80 [ 28.757671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.758866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.758866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.758866] kthread+0x257/0x310 [ 28.758866] ? __pfx_kthread+0x10/0x10 [ 28.758866] ret_from_fork+0x41/0x80 [ 28.758866] ? __pfx_kthread+0x10/0x10 [ 28.762868] ret_from_fork_asm+0x1a/0x30 [ 28.762868] </TASK> [ 28.762868] [ 28.765730] Allocated by task 268: [ 28.766210] kasan_save_stack+0x3d/0x60 [ 28.766210] kasan_save_track+0x18/0x40 [ 28.766210] kasan_save_alloc_info+0x3b/0x50 [ 28.766210] __kasan_kmalloc+0xb7/0xc0 [ 28.766210] __kmalloc_cache_noprof+0x184/0x410 [ 28.769557] kasan_strings+0xb3/0xb60 [ 28.769557] kunit_try_run_case+0x1b3/0x490 [ 28.769557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.769557] kthread+0x257/0x310 [ 28.772233] ret_from_fork+0x41/0x80 [ 28.772233] ret_from_fork_asm+0x1a/0x30 [ 28.772233] [ 28.772233] Freed by task 268: [ 28.772233] kasan_save_stack+0x3d/0x60 [ 28.775077] kasan_save_track+0x18/0x40 [ 28.775077] kasan_save_free_info+0x3f/0x60 [ 28.775077] __kasan_slab_free+0x56/0x70 [ 28.775077] kfree+0x123/0x3f0 [ 28.775077] kasan_strings+0x13a/0xb60 [ 28.775077] kunit_try_run_case+0x1b3/0x490 [ 28.775077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.775077] kthread+0x257/0x310 [ 28.779653] ret_from_fork+0x41/0x80 [ 28.779653] ret_from_fork_asm+0x1a/0x30 [ 28.779653] [ 28.779653] The buggy address belongs to the object at ffff88810294c400 [ 28.779653] which belongs to the cache kmalloc-32 of size 32 [ 28.779653] The buggy address is located 16 bytes inside of [ 28.779653] freed 32-byte region [ffff88810294c400, ffff88810294c420) [ 28.779653] [ 28.779653] The buggy address belongs to the physical page: [ 28.784047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.784047] flags: 0x200000000000000(node=0|zone=2) [ 28.785830] page_type: f5(slab) [ 28.785830] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.785830] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.787850] page dumped because: kasan: bad access detected [ 28.787850] [ 28.787850] Memory state around the buggy address: [ 28.787850] ffff88810294c300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.789982] ffff88810294c380: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.789982] >ffff88810294c400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.791614] ^ [ 28.791614] ffff88810294c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.792420] ffff88810294c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.793531] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 28.689005] ================================================================== [ 28.689510] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 28.689522] Read of size 1 at addr ffff88810294c410 by task kunit_try_catch/268 [ 28.689522] [ 28.689522] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.689522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.689522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.689522] Call Trace: [ 28.694621] <TASK> [ 28.694621] dump_stack_lvl+0x73/0xb0 [ 28.694621] print_report+0xd1/0x640 [ 28.696274] ? __virt_addr_valid+0x1db/0x2d0 [ 28.696274] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.696274] kasan_report+0x102/0x140 [ 28.698613] ? kasan_strings+0xa0f/0xb60 [ 28.698613] ? kasan_strings+0xa0f/0xb60 [ 28.698613] __asan_report_load1_noabort+0x18/0x20 [ 28.698613] kasan_strings+0xa0f/0xb60 [ 28.698613] ? __pfx_kasan_strings+0x10/0x10 [ 28.698613] ? __schedule+0xc3e/0x2790 [ 28.698613] ? ktime_get_ts64+0x84/0x230 [ 28.703059] kunit_try_run_case+0x1b3/0x490 [ 28.703059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.703059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.703059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.703059] ? __kthread_parkme+0x82/0x160 [ 28.703059] ? preempt_count_sub+0x50/0x80 [ 28.703059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.703059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.703059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.703059] kthread+0x257/0x310 [ 28.703059] ? __pfx_kthread+0x10/0x10 [ 28.703059] ret_from_fork+0x41/0x80 [ 28.703059] ? __pfx_kthread+0x10/0x10 [ 28.703059] ret_from_fork_asm+0x1a/0x30 [ 28.703059] </TASK> [ 28.703059] [ 28.703059] Allocated by task 268: [ 28.711736] kasan_save_stack+0x3d/0x60 [ 28.712535] kasan_save_track+0x18/0x40 [ 28.712535] kasan_save_alloc_info+0x3b/0x50 [ 28.712535] __kasan_kmalloc+0xb7/0xc0 [ 28.712535] __kmalloc_cache_noprof+0x184/0x410 [ 28.714273] kasan_strings+0xb3/0xb60 [ 28.715602] kunit_try_run_case+0x1b3/0x490 [ 28.715602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.715602] kthread+0x257/0x310 [ 28.716912] ret_from_fork+0x41/0x80 [ 28.716912] ret_from_fork_asm+0x1a/0x30 [ 28.716912] [ 28.716912] Freed by task 268: [ 28.716912] kasan_save_stack+0x3d/0x60 [ 28.718512] kasan_save_track+0x18/0x40 [ 28.718512] kasan_save_free_info+0x3f/0x60 [ 28.718512] __kasan_slab_free+0x56/0x70 [ 28.718512] kfree+0x123/0x3f0 [ 28.721375] kasan_strings+0x13a/0xb60 [ 28.721375] kunit_try_run_case+0x1b3/0x490 [ 28.721375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.721375] kthread+0x257/0x310 [ 28.721375] ret_from_fork+0x41/0x80 [ 28.721375] ret_from_fork_asm+0x1a/0x30 [ 28.721375] [ 28.721375] The buggy address belongs to the object at ffff88810294c400 [ 28.721375] which belongs to the cache kmalloc-32 of size 32 [ 28.721375] The buggy address is located 16 bytes inside of [ 28.721375] freed 32-byte region [ffff88810294c400, ffff88810294c420) [ 28.726758] [ 28.726758] The buggy address belongs to the physical page: [ 28.726758] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.727984] flags: 0x200000000000000(node=0|zone=2) [ 28.727984] page_type: f5(slab) [ 28.730350] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.730350] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.732277] page dumped because: kasan: bad access detected [ 28.732277] [ 28.732277] Memory state around the buggy address: [ 28.733899] ffff88810294c300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.733899] ffff88810294c380: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.733899] >ffff88810294c400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.736185] ^ [ 28.736185] ffff88810294c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.736185] ffff88810294c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.737839] ==================================================================
Failure - kunit - _kasan
_kasan fail
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 28.636131] ================================================================== [ 28.636640] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 28.636640] Read of size 1 at addr ffff88810294c410 by task kunit_try_catch/268 [ 28.636640] [ 28.636640] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.636640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.636640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.636640] Call Trace: [ 28.636640] <TASK> [ 28.636640] dump_stack_lvl+0x73/0xb0 [ 28.636640] print_report+0xd1/0x640 [ 28.636640] ? __virt_addr_valid+0x1db/0x2d0 [ 28.636640] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.636640] kasan_report+0x102/0x140 [ 28.636640] ? strcmp+0xb0/0xc0 [ 28.636640] ? strcmp+0xb0/0xc0 [ 28.636640] __asan_report_load1_noabort+0x18/0x20 [ 28.636640] strcmp+0xb0/0xc0 [ 28.636640] kasan_strings+0x2e9/0xb60 [ 28.636640] ? __pfx_kasan_strings+0x10/0x10 [ 28.636640] ? __schedule+0xc3e/0x2790 [ 28.636640] ? ktime_get_ts64+0x84/0x230 [ 28.636640] kunit_try_run_case+0x1b3/0x490 [ 28.636640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.636640] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.636640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.636640] ? __kthread_parkme+0x82/0x160 [ 28.636640] ? preempt_count_sub+0x50/0x80 [ 28.636640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.636640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.636640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.636640] kthread+0x257/0x310 [ 28.636640] ? __pfx_kthread+0x10/0x10 [ 28.636640] ret_from_fork+0x41/0x80 [ 28.636640] ? __pfx_kthread+0x10/0x10 [ 28.636640] ret_from_fork_asm+0x1a/0x30 [ 28.636640] </TASK> [ 28.636640] [ 28.636640] Allocated by task 268: [ 28.636640] kasan_save_stack+0x3d/0x60 [ 28.636640] kasan_save_track+0x18/0x40 [ 28.636640] kasan_save_alloc_info+0x3b/0x50 [ 28.636640] __kasan_kmalloc+0xb7/0xc0 [ 28.636640] __kmalloc_cache_noprof+0x184/0x410 [ 28.636640] kasan_strings+0xb3/0xb60 [ 28.636640] kunit_try_run_case+0x1b3/0x490 [ 28.636640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.636640] kthread+0x257/0x310 [ 28.636640] ret_from_fork+0x41/0x80 [ 28.636640] ret_from_fork_asm+0x1a/0x30 [ 28.636640] [ 28.636640] Freed by task 268: [ 28.636640] kasan_save_stack+0x3d/0x60 [ 28.636640] kasan_save_track+0x18/0x40 [ 28.636640] kasan_save_free_info+0x3f/0x60 [ 28.636640] __kasan_slab_free+0x56/0x70 [ 28.636640] kfree+0x123/0x3f0 [ 28.636640] kasan_strings+0x13a/0xb60 [ 28.636640] kunit_try_run_case+0x1b3/0x490 [ 28.636640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.636640] kthread+0x257/0x310 [ 28.636640] ret_from_fork+0x41/0x80 [ 28.636640] ret_from_fork_asm+0x1a/0x30 [ 28.636640] [ 28.636640] The buggy address belongs to the object at ffff88810294c400 [ 28.636640] which belongs to the cache kmalloc-32 of size 32 [ 28.636640] The buggy address is located 16 bytes inside of [ 28.636640] freed 32-byte region [ffff88810294c400, ffff88810294c420) [ 28.636640] [ 28.636640] The buggy address belongs to the physical page: [ 28.636640] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.636640] flags: 0x200000000000000(node=0|zone=2) [ 28.636640] page_type: f5(slab) [ 28.636640] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.636640] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.636640] page dumped because: kasan: bad access detected [ 28.636640] [ 28.636640] Memory state around the buggy address: [ 28.636640] ffff88810294c300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.636640] ffff88810294c380: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.636640] >ffff88810294c400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.636640] ^ [ 28.636640] ffff88810294c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.636640] ffff88810294c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.636640] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 28.578564] ================================================================== [ 28.579149] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 28.579149] Read of size 1 at addr ffff88810294c410 by task kunit_try_catch/268 [ 28.579149] [ 28.579149] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.579149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.579149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.579149] Call Trace: [ 28.579149] <TASK> [ 28.579149] dump_stack_lvl+0x73/0xb0 [ 28.579149] print_report+0xd1/0x640 [ 28.579149] ? __virt_addr_valid+0x1db/0x2d0 [ 28.579149] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.579149] kasan_report+0x102/0x140 [ 28.579149] ? strrchr+0x64/0x70 [ 28.579149] ? strrchr+0x64/0x70 [ 28.579149] __asan_report_load1_noabort+0x18/0x20 [ 28.579149] strrchr+0x64/0x70 [ 28.579149] kasan_strings+0x24c/0xb60 [ 28.579149] ? __pfx_kasan_strings+0x10/0x10 [ 28.579149] ? __schedule+0xc3e/0x2790 [ 28.579149] ? ktime_get_ts64+0x84/0x230 [ 28.579149] kunit_try_run_case+0x1b3/0x490 [ 28.579149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.579149] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.579149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.579149] ? __kthread_parkme+0x82/0x160 [ 28.579149] ? preempt_count_sub+0x50/0x80 [ 28.579149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.579149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.579149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.579149] kthread+0x257/0x310 [ 28.579149] ? __pfx_kthread+0x10/0x10 [ 28.579149] ret_from_fork+0x41/0x80 [ 28.579149] ? __pfx_kthread+0x10/0x10 [ 28.579149] ret_from_fork_asm+0x1a/0x30 [ 28.579149] </TASK> [ 28.579149] [ 28.579149] Allocated by task 268: [ 28.579149] kasan_save_stack+0x3d/0x60 [ 28.579149] kasan_save_track+0x18/0x40 [ 28.579149] kasan_save_alloc_info+0x3b/0x50 [ 28.579149] __kasan_kmalloc+0xb7/0xc0 [ 28.579149] __kmalloc_cache_noprof+0x184/0x410 [ 28.579149] kasan_strings+0xb3/0xb60 [ 28.579149] kunit_try_run_case+0x1b3/0x490 [ 28.579149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.579149] kthread+0x257/0x310 [ 28.579149] ret_from_fork+0x41/0x80 [ 28.579149] ret_from_fork_asm+0x1a/0x30 [ 28.579149] [ 28.579149] Freed by task 268: [ 28.579149] kasan_save_stack+0x3d/0x60 [ 28.579149] kasan_save_track+0x18/0x40 [ 28.579149] kasan_save_free_info+0x3f/0x60 [ 28.579149] __kasan_slab_free+0x56/0x70 [ 28.579149] kfree+0x123/0x3f0 [ 28.579149] kasan_strings+0x13a/0xb60 [ 28.579149] kunit_try_run_case+0x1b3/0x490 [ 28.579149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.579149] kthread+0x257/0x310 [ 28.579149] ret_from_fork+0x41/0x80 [ 28.579149] ret_from_fork_asm+0x1a/0x30 [ 28.579149] [ 28.579149] The buggy address belongs to the object at ffff88810294c400 [ 28.579149] which belongs to the cache kmalloc-32 of size 32 [ 28.579149] The buggy address is located 16 bytes inside of [ 28.579149] freed 32-byte region [ffff88810294c400, ffff88810294c420) [ 28.579149] [ 28.579149] The buggy address belongs to the physical page: [ 28.579149] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.579149] flags: 0x200000000000000(node=0|zone=2) [ 28.579149] page_type: f5(slab) [ 28.579149] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.579149] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.579149] page dumped because: kasan: bad access detected [ 28.579149] [ 28.579149] Memory state around the buggy address: [ 28.579149] ffff88810294c300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.579149] ffff88810294c380: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.579149] >ffff88810294c400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.579149] ^ [ 28.579149] ffff88810294c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.579149] ffff88810294c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.579149] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 28.519509] ================================================================== [ 28.520046] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 28.520046] Read of size 1 at addr ffff88810294c410 by task kunit_try_catch/268 [ 28.520046] [ 28.520046] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.520046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.520046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.520046] Call Trace: [ 28.520046] <TASK> [ 28.520046] dump_stack_lvl+0x73/0xb0 [ 28.520046] print_report+0xd1/0x640 [ 28.520046] ? __virt_addr_valid+0x1db/0x2d0 [ 28.520046] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.520046] kasan_report+0x102/0x140 [ 28.520046] ? strchr+0x9c/0xc0 [ 28.520046] ? strchr+0x9c/0xc0 [ 28.520046] __asan_report_load1_noabort+0x18/0x20 [ 28.520046] strchr+0x9c/0xc0 [ 28.520046] kasan_strings+0x1b1/0xb60 [ 28.520046] ? __pfx_kasan_strings+0x10/0x10 [ 28.520046] ? __schedule+0xc3e/0x2790 [ 28.520046] ? ktime_get_ts64+0x84/0x230 [ 28.520046] kunit_try_run_case+0x1b3/0x490 [ 28.520046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.520046] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.520046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.520046] ? __kthread_parkme+0x82/0x160 [ 28.520046] ? preempt_count_sub+0x50/0x80 [ 28.520046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.520046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.520046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.520046] kthread+0x257/0x310 [ 28.520046] ? __pfx_kthread+0x10/0x10 [ 28.520046] ret_from_fork+0x41/0x80 [ 28.520046] ? __pfx_kthread+0x10/0x10 [ 28.520046] ret_from_fork_asm+0x1a/0x30 [ 28.520046] </TASK> [ 28.520046] [ 28.520046] Allocated by task 268: [ 28.520046] kasan_save_stack+0x3d/0x60 [ 28.520046] kasan_save_track+0x18/0x40 [ 28.520046] kasan_save_alloc_info+0x3b/0x50 [ 28.520046] __kasan_kmalloc+0xb7/0xc0 [ 28.520046] __kmalloc_cache_noprof+0x184/0x410 [ 28.520046] kasan_strings+0xb3/0xb60 [ 28.520046] kunit_try_run_case+0x1b3/0x490 [ 28.520046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.520046] kthread+0x257/0x310 [ 28.520046] ret_from_fork+0x41/0x80 [ 28.520046] ret_from_fork_asm+0x1a/0x30 [ 28.520046] [ 28.520046] Freed by task 268: [ 28.520046] kasan_save_stack+0x3d/0x60 [ 28.520046] kasan_save_track+0x18/0x40 [ 28.520046] kasan_save_free_info+0x3f/0x60 [ 28.520046] __kasan_slab_free+0x56/0x70 [ 28.520046] kfree+0x123/0x3f0 [ 28.520046] kasan_strings+0x13a/0xb60 [ 28.520046] kunit_try_run_case+0x1b3/0x490 [ 28.520046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.520046] kthread+0x257/0x310 [ 28.520046] ret_from_fork+0x41/0x80 [ 28.520046] ret_from_fork_asm+0x1a/0x30 [ 28.520046] [ 28.520046] The buggy address belongs to the object at ffff88810294c400 [ 28.520046] which belongs to the cache kmalloc-32 of size 32 [ 28.520046] The buggy address is located 16 bytes inside of [ 28.520046] freed 32-byte region [ffff88810294c400, ffff88810294c420) [ 28.520046] [ 28.520046] The buggy address belongs to the physical page: [ 28.520046] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.520046] flags: 0x200000000000000(node=0|zone=2) [ 28.520046] page_type: f5(slab) [ 28.520046] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.520046] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.520046] page dumped because: kasan: bad access detected [ 28.520046] [ 28.520046] Memory state around the buggy address: [ 28.520046] ffff88810294c300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.520046] ffff88810294c380: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.520046] >ffff88810294c400: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.520046] ^ [ 28.520046] ffff88810294c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.520046] ffff88810294c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.520046] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 28.461972] ================================================================== [ 28.462613] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 28.462613] Read of size 1 at addr ffff8881028eaf58 by task kunit_try_catch/266 [ 28.462613] [ 28.462613] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.462613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.462613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.462613] Call Trace: [ 28.462613] <TASK> [ 28.462613] dump_stack_lvl+0x73/0xb0 [ 28.462613] print_report+0xd1/0x640 [ 28.462613] ? __virt_addr_valid+0x1db/0x2d0 [ 28.462613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.462613] kasan_report+0x102/0x140 [ 28.462613] ? memcmp+0x1b4/0x1d0 [ 28.462613] ? memcmp+0x1b4/0x1d0 [ 28.462613] __asan_report_load1_noabort+0x18/0x20 [ 28.462613] memcmp+0x1b4/0x1d0 [ 28.462613] kasan_memcmp+0x190/0x390 [ 28.462613] ? __pfx_kasan_memcmp+0x10/0x10 [ 28.462613] ? __switch_to+0x5d9/0xf60 [ 28.462613] ? ktime_get_ts64+0x84/0x230 [ 28.462613] kunit_try_run_case+0x1b3/0x490 [ 28.462613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.462613] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.462613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.462613] ? __kthread_parkme+0x82/0x160 [ 28.462613] ? preempt_count_sub+0x50/0x80 [ 28.462613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.462613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.462613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.462613] kthread+0x257/0x310 [ 28.462613] ? __pfx_kthread+0x10/0x10 [ 28.462613] ret_from_fork+0x41/0x80 [ 28.462613] ? __pfx_kthread+0x10/0x10 [ 28.462613] ret_from_fork_asm+0x1a/0x30 [ 28.462613] </TASK> [ 28.462613] [ 28.462613] Allocated by task 266: [ 28.462613] kasan_save_stack+0x3d/0x60 [ 28.462613] kasan_save_track+0x18/0x40 [ 28.462613] kasan_save_alloc_info+0x3b/0x50 [ 28.462613] __kasan_kmalloc+0xb7/0xc0 [ 28.462613] __kmalloc_cache_noprof+0x184/0x410 [ 28.462613] kasan_memcmp+0xb8/0x390 [ 28.462613] kunit_try_run_case+0x1b3/0x490 [ 28.462613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.462613] kthread+0x257/0x310 [ 28.462613] ret_from_fork+0x41/0x80 [ 28.462613] ret_from_fork_asm+0x1a/0x30 [ 28.462613] [ 28.462613] The buggy address belongs to the object at ffff8881028eaf40 [ 28.462613] which belongs to the cache kmalloc-32 of size 32 [ 28.462613] The buggy address is located 0 bytes to the right of [ 28.462613] allocated 24-byte region [ffff8881028eaf40, ffff8881028eaf58) [ 28.462613] [ 28.462613] The buggy address belongs to the physical page: [ 28.462613] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ea [ 28.462613] flags: 0x200000000000000(node=0|zone=2) [ 28.462613] page_type: f5(slab) [ 28.462613] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.462613] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.462613] page dumped because: kasan: bad access detected [ 28.462613] [ 28.462613] Memory state around the buggy address: [ 28.462613] ffff8881028eae00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.462613] ffff8881028eae80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.462613] >ffff8881028eaf00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.462613] ^ [ 28.462613] ffff8881028eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.462613] ffff8881028eb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.462613] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 28.407457] ================================================================== [ 28.408148] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 28.408148] Read of size 1 at addr ffff88810294c258 by task kunit_try_catch/264 [ 28.408148] [ 28.408148] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.408148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.408148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.408148] Call Trace: [ 28.408148] <TASK> [ 28.408148] dump_stack_lvl+0x73/0xb0 [ 28.408148] print_report+0xd1/0x640 [ 28.408148] ? __virt_addr_valid+0x1db/0x2d0 [ 28.408148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.408148] kasan_report+0x102/0x140 [ 28.408148] ? memchr+0x79/0x90 [ 28.408148] ? memchr+0x79/0x90 [ 28.408148] __asan_report_load1_noabort+0x18/0x20 [ 28.408148] memchr+0x79/0x90 [ 28.408148] kasan_memchr+0x163/0x320 [ 28.408148] ? __pfx_kasan_memchr+0x10/0x10 [ 28.408148] ? __schedule+0xc3e/0x2790 [ 28.408148] ? ktime_get_ts64+0x84/0x230 [ 28.408148] kunit_try_run_case+0x1b3/0x490 [ 28.408148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.408148] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.408148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.408148] ? __kthread_parkme+0x82/0x160 [ 28.408148] ? preempt_count_sub+0x50/0x80 [ 28.408148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.408148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.408148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.408148] kthread+0x257/0x310 [ 28.408148] ? __pfx_kthread+0x10/0x10 [ 28.408148] ret_from_fork+0x41/0x80 [ 28.408148] ? __pfx_kthread+0x10/0x10 [ 28.408148] ret_from_fork_asm+0x1a/0x30 [ 28.408148] </TASK> [ 28.408148] [ 28.408148] Allocated by task 264: [ 28.408148] kasan_save_stack+0x3d/0x60 [ 28.408148] kasan_save_track+0x18/0x40 [ 28.408148] kasan_save_alloc_info+0x3b/0x50 [ 28.408148] __kasan_kmalloc+0xb7/0xc0 [ 28.408148] __kmalloc_cache_noprof+0x184/0x410 [ 28.408148] kasan_memchr+0xad/0x320 [ 28.408148] kunit_try_run_case+0x1b3/0x490 [ 28.408148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.408148] kthread+0x257/0x310 [ 28.408148] ret_from_fork+0x41/0x80 [ 28.408148] ret_from_fork_asm+0x1a/0x30 [ 28.408148] [ 28.408148] The buggy address belongs to the object at ffff88810294c240 [ 28.408148] which belongs to the cache kmalloc-32 of size 32 [ 28.408148] The buggy address is located 0 bytes to the right of [ 28.408148] allocated 24-byte region [ffff88810294c240, ffff88810294c258) [ 28.408148] [ 28.408148] The buggy address belongs to the physical page: [ 28.408148] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 28.408148] flags: 0x200000000000000(node=0|zone=2) [ 28.408148] page_type: f5(slab) [ 28.408148] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.408148] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.408148] page dumped because: kasan: bad access detected [ 28.408148] [ 28.408148] Memory state around the buggy address: [ 28.408148] ffff88810294c100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.408148] ffff88810294c180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.408148] >ffff88810294c200: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.408148] ^ [ 28.408148] ffff88810294c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.408148] ffff88810294c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.408148] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 28.358617] ================================================================== [ 28.359153] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 28.359153] Read of size 1 at addr ffff888102affcaa by task kunit_try_catch/262 [ 28.359153] [ 28.359153] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.359153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.359153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.359153] Call Trace: [ 28.359153] <TASK> [ 28.359153] dump_stack_lvl+0x73/0xb0 [ 28.359153] print_report+0xd1/0x640 [ 28.359153] ? __virt_addr_valid+0x1db/0x2d0 [ 28.359153] ? kasan_addr_to_slab+0x11/0xa0 [ 28.359153] kasan_report+0x102/0x140 [ 28.359153] ? kasan_alloca_oob_right+0x328/0x390 [ 28.359153] ? kasan_alloca_oob_right+0x328/0x390 [ 28.359153] __asan_report_load1_noabort+0x18/0x20 [ 28.359153] kasan_alloca_oob_right+0x328/0x390 [ 28.359153] ? ktime_get_ts64+0x84/0x230 [ 28.359153] ? read_hpet+0x1f0/0x230 [ 28.359153] ? __pfx_read_hpet+0x10/0x10 [ 28.359153] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 28.359153] ? __schedule+0xc3e/0x2790 [ 28.359153] ? ktime_get_ts64+0x84/0x230 [ 28.359153] kunit_try_run_case+0x1b3/0x490 [ 28.359153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.359153] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.359153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.359153] ? __kthread_parkme+0x82/0x160 [ 28.359153] ? preempt_count_sub+0x50/0x80 [ 28.359153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.359153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.359153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.359153] kthread+0x257/0x310 [ 28.359153] ? __pfx_kthread+0x10/0x10 [ 28.359153] ret_from_fork+0x41/0x80 [ 28.359153] ? __pfx_kthread+0x10/0x10 [ 28.359153] ret_from_fork_asm+0x1a/0x30 [ 28.359153] </TASK> [ 28.359153] [ 28.359153] The buggy address belongs to stack of task kunit_try_catch/262 [ 28.359153] [ 28.359153] The buggy address belongs to the physical page: [ 28.359153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aff [ 28.359153] flags: 0x200000000000000(node=0|zone=2) [ 28.359153] raw: 0200000000000000 ffffea00040abfc8 ffffea00040abfc8 0000000000000000 [ 28.359153] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.359153] page dumped because: kasan: bad access detected [ 28.359153] [ 28.359153] Memory state around the buggy address: [ 28.359153] ffff888102affb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.359153] ffff888102affc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.359153] >ffff888102affc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 28.359153] ^ [ 28.359153] ffff888102affd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 28.359153] ffff888102affd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.359153] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 28.309204] ================================================================== [ 28.309492] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 28.309492] Read of size 1 at addr ffff888102af7c9f by task kunit_try_catch/260 [ 28.309492] [ 28.309492] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.314249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.314249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.314249] Call Trace: [ 28.314249] <TASK> [ 28.314249] dump_stack_lvl+0x73/0xb0 [ 28.314249] print_report+0xd1/0x640 [ 28.314249] ? __virt_addr_valid+0x1db/0x2d0 [ 28.314249] ? kasan_addr_to_slab+0x11/0xa0 [ 28.314249] kasan_report+0x102/0x140 [ 28.314249] ? kasan_alloca_oob_left+0x31f/0x380 [ 28.314249] ? kasan_alloca_oob_left+0x31f/0x380 [ 28.314249] __asan_report_load1_noabort+0x18/0x20 [ 28.314249] kasan_alloca_oob_left+0x31f/0x380 [ 28.314249] ? ktime_get_ts64+0x84/0x230 [ 28.314249] ? read_hpet+0x1f0/0x230 [ 28.314249] ? __pfx_read_hpet+0x10/0x10 [ 28.314249] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 28.314249] ? __schedule+0xc3e/0x2790 [ 28.314249] ? ktime_get_ts64+0x84/0x230 [ 28.314249] kunit_try_run_case+0x1b3/0x490 [ 28.314249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.314249] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.314249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.314249] ? __kthread_parkme+0x82/0x160 [ 28.314249] ? preempt_count_sub+0x50/0x80 [ 28.314249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.314249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.314249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.314249] kthread+0x257/0x310 [ 28.314249] ? __pfx_kthread+0x10/0x10 [ 28.314249] ret_from_fork+0x41/0x80 [ 28.314249] ? __pfx_kthread+0x10/0x10 [ 28.314249] ret_from_fork_asm+0x1a/0x30 [ 28.314249] </TASK> [ 28.314249] [ 28.314249] The buggy address belongs to stack of task kunit_try_catch/260 [ 28.314249] [ 28.314249] The buggy address belongs to the physical page: [ 28.314249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 28.314249] flags: 0x200000000000000(node=0|zone=2) [ 28.314249] raw: 0200000000000000 ffffea00040abdc8 ffffea00040abdc8 0000000000000000 [ 28.314249] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.314249] page dumped because: kasan: bad access detected [ 28.314249] [ 28.314249] Memory state around the buggy address: [ 28.314249] ffff888102af7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.314249] ffff888102af7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.314249] >ffff888102af7c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 28.314249] ^ [ 28.314249] ffff888102af7d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 28.314249] ffff888102af7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.314249] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 28.257924] ================================================================== [ 28.258215] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 28.258215] Read of size 1 at addr ffff888102affd72 by task kunit_try_catch/258 [ 28.259980] [ 28.259980] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.259980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.259980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.259980] Call Trace: [ 28.259980] <TASK> [ 28.259980] dump_stack_lvl+0x73/0xb0 [ 28.259980] print_report+0xd1/0x640 [ 28.259980] ? __virt_addr_valid+0x1db/0x2d0 [ 28.259980] ? kasan_addr_to_slab+0x11/0xa0 [ 28.259980] kasan_report+0x102/0x140 [ 28.259980] ? kasan_stack_oob+0x2ae/0x300 [ 28.259980] ? kasan_stack_oob+0x2ae/0x300 [ 28.259980] __asan_report_load1_noabort+0x18/0x20 [ 28.259980] kasan_stack_oob+0x2ae/0x300 [ 28.259980] ? __pfx_kasan_stack_oob+0x10/0x10 [ 28.259980] ? __switch_to+0x5d9/0xf60 [ 28.259980] ? __schedule+0xc3e/0x2790 [ 28.259980] ? ktime_get_ts64+0x84/0x230 [ 28.259980] kunit_try_run_case+0x1b3/0x490 [ 28.259980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.259980] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.259980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.259980] ? __kthread_parkme+0x82/0x160 [ 28.259980] ? preempt_count_sub+0x50/0x80 [ 28.259980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.259980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.259980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.259980] kthread+0x257/0x310 [ 28.259980] ? __pfx_kthread+0x10/0x10 [ 28.259980] ret_from_fork+0x41/0x80 [ 28.259980] ? __pfx_kthread+0x10/0x10 [ 28.259980] ret_from_fork_asm+0x1a/0x30 [ 28.259980] </TASK> [ 28.259980] [ 28.259980] The buggy address belongs to stack of task kunit_try_catch/258 [ 28.259980] and is located at offset 138 in frame: [ 28.259980] kasan_stack_oob+0x0/0x300 [ 28.259980] [ 28.259980] This frame has 4 objects: [ 28.259980] [48, 49) '__assertion' [ 28.259980] [64, 72) 'array' [ 28.259980] [96, 112) '__assertion' [ 28.259980] [128, 138) 'stack_array' [ 28.259980] [ 28.259980] The buggy address belongs to the physical page: [ 28.259980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aff [ 28.259980] flags: 0x200000000000000(node=0|zone=2) [ 28.259980] raw: 0200000000000000 ffffea00040abfc8 ffffea00040abfc8 0000000000000000 [ 28.259980] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.259980] page dumped because: kasan: bad access detected [ 28.259980] [ 28.259980] Memory state around the buggy address: [ 28.259980] ffff888102affc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.259980] ffff888102affc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.259980] >ffff888102affd00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 28.259980] ^ [ 28.259980] ffff888102affd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.259980] ffff888102affe00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 28.259980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 28.206466] ================================================================== [ 28.207103] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 28.207103] Read of size 1 at addr ffffffff959fcc2d by task kunit_try_catch/254 [ 28.207103] [ 28.207103] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 28.207103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.207103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.207103] Call Trace: [ 28.207103] <TASK> [ 28.207103] dump_stack_lvl+0x73/0xb0 [ 28.207103] print_report+0xd1/0x640 [ 28.207103] ? __virt_addr_valid+0x1db/0x2d0 [ 28.207103] ? kasan_addr_to_slab+0x11/0xa0 [ 28.207103] kasan_report+0x102/0x140 [ 28.207103] ? kasan_global_oob_right+0x288/0x2d0 [ 28.207103] ? kasan_global_oob_right+0x288/0x2d0 [ 28.207103] __asan_report_load1_noabort+0x18/0x20 [ 28.207103] kasan_global_oob_right+0x288/0x2d0 [ 28.207103] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 28.207103] ? __schedule+0xc3e/0x2790 [ 28.207103] ? ktime_get_ts64+0x84/0x230 [ 28.207103] kunit_try_run_case+0x1b3/0x490 [ 28.207103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.207103] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.207103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.207103] ? __kthread_parkme+0x82/0x160 [ 28.207103] ? preempt_count_sub+0x50/0x80 [ 28.207103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.207103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.207103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.207103] kthread+0x257/0x310 [ 28.207103] ? __pfx_kthread+0x10/0x10 [ 28.207103] ret_from_fork+0x41/0x80 [ 28.207103] ? __pfx_kthread+0x10/0x10 [ 28.207103] ret_from_fork_asm+0x1a/0x30 [ 28.207103] </TASK> [ 28.207103] [ 28.207103] The buggy address belongs to the variable: [ 28.207103] global_array+0xd/0x40 [ 28.207103] [ 28.207103] The buggy address belongs to the physical page: [ 28.207103] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12dfc [ 28.207103] flags: 0x100000000002000(reserved|node=0|zone=1) [ 28.207103] raw: 0100000000002000 ffffea00004b7f08 ffffea00004b7f08 0000000000000000 [ 28.207103] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.207103] page dumped because: kasan: bad access detected [ 28.207103] [ 28.207103] Memory state around the buggy address: [ 28.207103] ffffffff959fcb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.207103] ffffffff959fcb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.207103] >ffffffff959fcc00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 28.207103] ^ [ 28.207103] ffffffff959fcc80: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 28.207103] ffffffff959fcd00: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 28.207103] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 26.900419] ================================================================== [ 26.901166] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 26.901166] Read of size 1 at addr ffff888100a2ba00 by task kunit_try_catch/224 [ 26.901166] [ 26.901166] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.901166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.901166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.901166] Call Trace: [ 26.901166] <TASK> [ 26.901166] dump_stack_lvl+0x73/0xb0 [ 26.901166] print_report+0xd1/0x640 [ 26.901166] ? __virt_addr_valid+0x1db/0x2d0 [ 26.901166] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.901166] kasan_report+0x102/0x140 [ 26.901166] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.901166] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.901166] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.901166] __kasan_check_byte+0x3d/0x50 [ 26.901166] kmem_cache_destroy+0x25/0x1d0 [ 26.901166] kmem_cache_double_destroy+0x1bd/0x380 [ 26.901166] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 26.901166] ? __switch_to+0x5d9/0xf60 [ 26.901166] ? __pfx_empty_cache_ctor+0x10/0x10 [ 26.901166] ? ktime_get_ts64+0x84/0x230 [ 26.901166] kunit_try_run_case+0x1b3/0x490 [ 26.901166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.901166] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.901166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.901166] ? __kthread_parkme+0x82/0x160 [ 26.901166] ? preempt_count_sub+0x50/0x80 [ 26.901166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.901166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.901166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.901166] kthread+0x257/0x310 [ 26.901166] ? __pfx_kthread+0x10/0x10 [ 26.901166] ret_from_fork+0x41/0x80 [ 26.901166] ? __pfx_kthread+0x10/0x10 [ 26.901166] ret_from_fork_asm+0x1a/0x30 [ 26.901166] </TASK> [ 26.901166] [ 26.901166] Allocated by task 224: [ 26.901166] kasan_save_stack+0x3d/0x60 [ 26.901166] kasan_save_track+0x18/0x40 [ 26.901166] kasan_save_alloc_info+0x3b/0x50 [ 26.901166] __kasan_slab_alloc+0x91/0xa0 [ 26.901166] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.901166] __kmem_cache_create_args+0x177/0x250 [ 26.901166] kmem_cache_double_destroy+0xd3/0x380 [ 26.901166] kunit_try_run_case+0x1b3/0x490 [ 26.901166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.901166] kthread+0x257/0x310 [ 26.901166] ret_from_fork+0x41/0x80 [ 26.901166] ret_from_fork_asm+0x1a/0x30 [ 26.901166] [ 26.901166] Freed by task 224: [ 26.901166] kasan_save_stack+0x3d/0x60 [ 26.901166] kasan_save_track+0x18/0x40 [ 26.901166] kasan_save_free_info+0x3f/0x60 [ 26.901166] __kasan_slab_free+0x56/0x70 [ 26.901166] kmem_cache_free+0x120/0x420 [ 26.901166] slab_kmem_cache_release+0x2e/0x40 [ 26.901166] kmem_cache_release+0x16/0x20 [ 26.901166] kobject_put+0x181/0x450 [ 26.901166] sysfs_slab_release+0x16/0x20 [ 26.901166] kmem_cache_destroy+0xf0/0x1d0 [ 26.901166] kmem_cache_double_destroy+0x14c/0x380 [ 26.901166] kunit_try_run_case+0x1b3/0x490 [ 26.901166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.901166] kthread+0x257/0x310 [ 26.901166] ret_from_fork+0x41/0x80 [ 26.901166] ret_from_fork_asm+0x1a/0x30 [ 26.901166] [ 26.901166] The buggy address belongs to the object at ffff888100a2ba00 [ 26.901166] which belongs to the cache kmem_cache of size 208 [ 26.901166] The buggy address is located 0 bytes inside of [ 26.901166] freed 208-byte region [ffff888100a2ba00, ffff888100a2bad0) [ 26.901166] [ 26.901166] The buggy address belongs to the physical page: [ 26.901166] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2b [ 26.901166] flags: 0x200000000000000(node=0|zone=2) [ 26.901166] page_type: f5(slab) [ 26.901166] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 26.901166] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 26.901166] page dumped because: kasan: bad access detected [ 26.901166] [ 26.901166] Memory state around the buggy address: [ 26.901166] ffff888100a2b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.901166] ffff888100a2b980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.901166] >ffff888100a2ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.901166] ^ [ 26.901166] ffff888100a2ba80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 26.901166] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.901166] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 26.810459] ================================================================== [ 26.811129] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.811129] Read of size 1 at addr ffff8881028e8000 by task kunit_try_catch/222 [ 26.811129] [ 26.811129] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.811129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.811129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.811129] Call Trace: [ 26.811129] <TASK> [ 26.811129] dump_stack_lvl+0x73/0xb0 [ 26.811129] print_report+0xd1/0x640 [ 26.811129] ? __virt_addr_valid+0x1db/0x2d0 [ 26.811129] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.811129] kasan_report+0x102/0x140 [ 26.811129] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.811129] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.811129] __asan_report_load1_noabort+0x18/0x20 [ 26.811129] kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.811129] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 26.811129] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.811129] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 26.811129] kunit_try_run_case+0x1b3/0x490 [ 26.811129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.811129] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.811129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.811129] ? __kthread_parkme+0x82/0x160 [ 26.811129] ? preempt_count_sub+0x50/0x80 [ 26.811129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.811129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.811129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.811129] kthread+0x257/0x310 [ 26.811129] ? __pfx_kthread+0x10/0x10 [ 26.811129] ret_from_fork+0x41/0x80 [ 26.811129] ? __pfx_kthread+0x10/0x10 [ 26.811129] ret_from_fork_asm+0x1a/0x30 [ 26.811129] </TASK> [ 26.811129] [ 26.811129] Allocated by task 222: [ 26.811129] kasan_save_stack+0x3d/0x60 [ 26.811129] kasan_save_track+0x18/0x40 [ 26.811129] kasan_save_alloc_info+0x3b/0x50 [ 26.811129] __kasan_slab_alloc+0x91/0xa0 [ 26.811129] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.811129] kmem_cache_rcu_uaf+0x156/0x510 [ 26.811129] kunit_try_run_case+0x1b3/0x490 [ 26.811129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.811129] kthread+0x257/0x310 [ 26.811129] ret_from_fork+0x41/0x80 [ 26.811129] ret_from_fork_asm+0x1a/0x30 [ 26.811129] [ 26.811129] Freed by task 0: [ 26.811129] kasan_save_stack+0x3d/0x60 [ 26.811129] kasan_save_track+0x18/0x40 [ 26.811129] kasan_save_free_info+0x3f/0x60 [ 26.811129] __kasan_slab_free+0x56/0x70 [ 26.811129] slab_free_after_rcu_debug+0xe4/0x310 [ 26.811129] rcu_core+0x680/0x1d70 [ 26.811129] rcu_core_si+0x12/0x20 [ 26.811129] handle_softirqs+0x209/0x720 [ 26.811129] __irq_exit_rcu+0xc9/0x110 [ 26.811129] irq_exit_rcu+0x12/0x20 [ 26.811129] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.811129] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.811129] [ 26.811129] Last potentially related work creation: [ 26.811129] kasan_save_stack+0x3d/0x60 [ 26.811129] __kasan_record_aux_stack+0xae/0xc0 [ 26.811129] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.811129] kmem_cache_free+0x276/0x420 [ 26.811129] kmem_cache_rcu_uaf+0x195/0x510 [ 26.811129] kunit_try_run_case+0x1b3/0x490 [ 26.811129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.811129] kthread+0x257/0x310 [ 26.811129] ret_from_fork+0x41/0x80 [ 26.811129] ret_from_fork_asm+0x1a/0x30 [ 26.811129] [ 26.811129] The buggy address belongs to the object at ffff8881028e8000 [ 26.811129] which belongs to the cache test_cache of size 200 [ 26.811129] The buggy address is located 0 bytes inside of [ 26.811129] freed 200-byte region [ffff8881028e8000, ffff8881028e80c8) [ 26.811129] [ 26.811129] The buggy address belongs to the physical page: [ 26.811129] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e8 [ 26.811129] flags: 0x200000000000000(node=0|zone=2) [ 26.811129] page_type: f5(slab) [ 26.811129] raw: 0200000000000000 ffff888100a2b8c0 dead000000000122 0000000000000000 [ 26.811129] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.811129] page dumped because: kasan: bad access detected [ 26.811129] [ 26.811129] Memory state around the buggy address: [ 26.811129] ffff8881028e7f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 26.811129] ffff8881028e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.811129] >ffff8881028e8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.811129] ^ [ 26.811129] ffff8881028e8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.811129] ffff8881028e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.811129] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 26.719371] ================================================================== [ 26.720040] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] Free of addr ffff888102944001 by task kunit_try_catch/220 [ 26.720150] [ 26.720150] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.720150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.720150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.720150] Call Trace: [ 26.720150] <TASK> [ 26.720150] dump_stack_lvl+0x73/0xb0 [ 26.720150] print_report+0xd1/0x640 [ 26.720150] ? __virt_addr_valid+0x1db/0x2d0 [ 26.720150] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.720150] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] kasan_report_invalid_free+0xc0/0xf0 [ 26.720150] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] check_slab_allocation+0x11f/0x130 [ 26.720150] __kasan_slab_pre_free+0x28/0x40 [ 26.720150] kmem_cache_free+0xee/0x420 [ 26.720150] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.720150] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] kmem_cache_invalid_free+0x1d9/0x470 [ 26.720150] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 26.720150] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.720150] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 26.720150] kunit_try_run_case+0x1b3/0x490 [ 26.720150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.720150] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.720150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.720150] ? __kthread_parkme+0x82/0x160 [ 26.720150] ? preempt_count_sub+0x50/0x80 [ 26.720150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.720150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.720150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.720150] kthread+0x257/0x310 [ 26.720150] ? __pfx_kthread+0x10/0x10 [ 26.720150] ret_from_fork+0x41/0x80 [ 26.720150] ? __pfx_kthread+0x10/0x10 [ 26.720150] ret_from_fork_asm+0x1a/0x30 [ 26.720150] </TASK> [ 26.720150] [ 26.720150] Allocated by task 220: [ 26.720150] kasan_save_stack+0x3d/0x60 [ 26.720150] kasan_save_track+0x18/0x40 [ 26.720150] kasan_save_alloc_info+0x3b/0x50 [ 26.720150] __kasan_slab_alloc+0x91/0xa0 [ 26.720150] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.720150] kmem_cache_invalid_free+0x158/0x470 [ 26.720150] kunit_try_run_case+0x1b3/0x490 [ 26.720150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.720150] kthread+0x257/0x310 [ 26.720150] ret_from_fork+0x41/0x80 [ 26.720150] ret_from_fork_asm+0x1a/0x30 [ 26.720150] [ 26.720150] The buggy address belongs to the object at ffff888102944000 [ 26.720150] which belongs to the cache test_cache of size 200 [ 26.720150] The buggy address is located 1 bytes inside of [ 26.720150] 200-byte region [ffff888102944000, ffff8881029440c8) [ 26.720150] [ 26.720150] The buggy address belongs to the physical page: [ 26.720150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102944 [ 26.720150] flags: 0x200000000000000(node=0|zone=2) [ 26.720150] page_type: f5(slab) [ 26.720150] raw: 0200000000000000 ffff888101c70b40 dead000000000122 0000000000000000 [ 26.720150] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.720150] page dumped because: kasan: bad access detected [ 26.720150] [ 26.720150] Memory state around the buggy address: [ 26.720150] ffff888102943f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.720150] ffff888102943f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.720150] >ffff888102944000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.720150] ^ [ 26.720150] ffff888102944080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.720150] ffff888102944100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.720150] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 26.638240] ================================================================== [ 26.638266] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 26.638266] Free of addr ffff888102942000 by task kunit_try_catch/218 [ 26.638266] [ 26.638266] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.638266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.638266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.638266] Call Trace: [ 26.638266] <TASK> [ 26.638266] dump_stack_lvl+0x73/0xb0 [ 26.638266] print_report+0xd1/0x640 [ 26.638266] ? __virt_addr_valid+0x1db/0x2d0 [ 26.638266] ? kmem_cache_double_free+0x1e6/0x490 [ 26.638266] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.638266] ? kmem_cache_double_free+0x1e6/0x490 [ 26.638266] kasan_report_invalid_free+0xc0/0xf0 [ 26.638266] ? kmem_cache_double_free+0x1e6/0x490 [ 26.638266] ? kmem_cache_double_free+0x1e6/0x490 [ 26.638266] check_slab_allocation+0x101/0x130 [ 26.638266] __kasan_slab_pre_free+0x28/0x40 [ 26.638266] kmem_cache_free+0xee/0x420 [ 26.638266] ? kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.638266] ? kmem_cache_double_free+0x1e6/0x490 [ 26.638266] kmem_cache_double_free+0x1e6/0x490 [ 26.638266] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 26.638266] ? __switch_to+0x5d9/0xf60 [ 26.638266] ? ktime_get_ts64+0x84/0x230 [ 26.638266] kunit_try_run_case+0x1b3/0x490 [ 26.638266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.638266] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.638266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.638266] ? __kthread_parkme+0x82/0x160 [ 26.638266] ? preempt_count_sub+0x50/0x80 [ 26.638266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.638266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.638266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.638266] kthread+0x257/0x310 [ 26.638266] ? __pfx_kthread+0x10/0x10 [ 26.638266] ret_from_fork+0x41/0x80 [ 26.638266] ? __pfx_kthread+0x10/0x10 [ 26.638266] ret_from_fork_asm+0x1a/0x30 [ 26.638266] </TASK> [ 26.638266] [ 26.638266] Allocated by task 218: [ 26.638266] kasan_save_stack+0x3d/0x60 [ 26.638266] kasan_save_track+0x18/0x40 [ 26.638266] kasan_save_alloc_info+0x3b/0x50 [ 26.638266] __kasan_slab_alloc+0x91/0xa0 [ 26.638266] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.638266] kmem_cache_double_free+0x150/0x490 [ 26.638266] kunit_try_run_case+0x1b3/0x490 [ 26.638266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.638266] kthread+0x257/0x310 [ 26.638266] ret_from_fork+0x41/0x80 [ 26.638266] ret_from_fork_asm+0x1a/0x30 [ 26.638266] [ 26.638266] Freed by task 218: [ 26.638266] kasan_save_stack+0x3d/0x60 [ 26.638266] kasan_save_track+0x18/0x40 [ 26.638266] kasan_save_free_info+0x3f/0x60 [ 26.638266] __kasan_slab_free+0x56/0x70 [ 26.638266] kmem_cache_free+0x120/0x420 [ 26.638266] kmem_cache_double_free+0x16b/0x490 [ 26.638266] kunit_try_run_case+0x1b3/0x490 [ 26.638266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.638266] kthread+0x257/0x310 [ 26.638266] ret_from_fork+0x41/0x80 [ 26.638266] ret_from_fork_asm+0x1a/0x30 [ 26.638266] [ 26.638266] The buggy address belongs to the object at ffff888102942000 [ 26.638266] which belongs to the cache test_cache of size 200 [ 26.638266] The buggy address is located 0 bytes inside of [ 26.638266] 200-byte region [ffff888102942000, ffff8881029420c8) [ 26.638266] [ 26.638266] The buggy address belongs to the physical page: [ 26.638266] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102942 [ 26.638266] flags: 0x200000000000000(node=0|zone=2) [ 26.638266] page_type: f5(slab) [ 26.638266] raw: 0200000000000000 ffff888101c70a00 dead000000000122 0000000000000000 [ 26.638266] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.638266] page dumped because: kasan: bad access detected [ 26.638266] [ 26.638266] Memory state around the buggy address: [ 26.638266] ffff888102941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.638266] ffff888102941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.638266] >ffff888102942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.638266] ^ [ 26.638266] ffff888102942080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.638266] ffff888102942100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.638266] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 26.562761] ================================================================== [ 26.563150] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 26.563150] Read of size 1 at addr ffff8881028e80c8 by task kunit_try_catch/216 [ 26.563150] [ 26.563150] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.563150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.563150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.563150] Call Trace: [ 26.563150] <TASK> [ 26.563150] dump_stack_lvl+0x73/0xb0 [ 26.563150] print_report+0xd1/0x640 [ 26.563150] ? __virt_addr_valid+0x1db/0x2d0 [ 26.563150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.563150] kasan_report+0x102/0x140 [ 26.563150] ? kmem_cache_oob+0x404/0x530 [ 26.563150] ? kmem_cache_oob+0x404/0x530 [ 26.563150] __asan_report_load1_noabort+0x18/0x20 [ 26.563150] kmem_cache_oob+0x404/0x530 [ 26.563150] ? __pfx_kmem_cache_oob+0x10/0x10 [ 26.563150] ? __switch_to+0x5d9/0xf60 [ 26.563150] ? ktime_get_ts64+0x84/0x230 [ 26.563150] kunit_try_run_case+0x1b3/0x490 [ 26.563150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.563150] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.563150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.563150] ? __kthread_parkme+0x82/0x160 [ 26.563150] ? preempt_count_sub+0x50/0x80 [ 26.563150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.563150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.563150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.563150] kthread+0x257/0x310 [ 26.563150] ? __pfx_kthread+0x10/0x10 [ 26.563150] ret_from_fork+0x41/0x80 [ 26.563150] ? __pfx_kthread+0x10/0x10 [ 26.563150] ret_from_fork_asm+0x1a/0x30 [ 26.563150] </TASK> [ 26.563150] [ 26.563150] Allocated by task 216: [ 26.563150] kasan_save_stack+0x3d/0x60 [ 26.563150] kasan_save_track+0x18/0x40 [ 26.563150] kasan_save_alloc_info+0x3b/0x50 [ 26.563150] __kasan_slab_alloc+0x91/0xa0 [ 26.563150] kmem_cache_alloc_noprof+0x11e/0x3f0 [ 26.563150] kmem_cache_oob+0x158/0x530 [ 26.563150] kunit_try_run_case+0x1b3/0x490 [ 26.563150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.563150] kthread+0x257/0x310 [ 26.563150] ret_from_fork+0x41/0x80 [ 26.563150] ret_from_fork_asm+0x1a/0x30 [ 26.563150] [ 26.563150] The buggy address belongs to the object at ffff8881028e8000 [ 26.563150] which belongs to the cache test_cache of size 200 [ 26.563150] The buggy address is located 0 bytes to the right of [ 26.563150] allocated 200-byte region [ffff8881028e8000, ffff8881028e80c8) [ 26.563150] [ 26.563150] The buggy address belongs to the physical page: [ 26.563150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e8 [ 26.563150] flags: 0x200000000000000(node=0|zone=2) [ 26.563150] page_type: f5(slab) [ 26.563150] raw: 0200000000000000 ffff888100a2b780 dead000000000122 0000000000000000 [ 26.563150] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.563150] page dumped because: kasan: bad access detected [ 26.563150] [ 26.563150] Memory state around the buggy address: [ 26.563150] ffff8881028e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.563150] ffff8881028e8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.563150] >ffff8881028e8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.563150] ^ [ 26.563150] ffff8881028e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.563150] ffff8881028e8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.563150] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 26.476856] ================================================================== [ 26.477370] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 26.477370] Read of size 8 at addr ffff88810293ae00 by task kunit_try_catch/209 [ 26.477370] [ 26.477370] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.477370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.477370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.477370] Call Trace: [ 26.477370] <TASK> [ 26.477370] dump_stack_lvl+0x73/0xb0 [ 26.477370] print_report+0xd1/0x640 [ 26.477370] ? __virt_addr_valid+0x1db/0x2d0 [ 26.477370] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.477370] kasan_report+0x102/0x140 [ 26.477370] ? workqueue_uaf+0x4d8/0x560 [ 26.477370] ? workqueue_uaf+0x4d8/0x560 [ 26.477370] __asan_report_load8_noabort+0x18/0x20 [ 26.477370] workqueue_uaf+0x4d8/0x560 [ 26.477370] ? __pfx_workqueue_uaf+0x10/0x10 [ 26.477370] ? __pfx_workqueue_uaf+0x10/0x10 [ 26.477370] kunit_try_run_case+0x1b3/0x490 [ 26.477370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.477370] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.477370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.477370] ? __kthread_parkme+0x82/0x160 [ 26.477370] ? preempt_count_sub+0x50/0x80 [ 26.477370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.477370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.477370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.477370] kthread+0x257/0x310 [ 26.477370] ? __pfx_kthread+0x10/0x10 [ 26.477370] ret_from_fork+0x41/0x80 [ 26.477370] ? __pfx_kthread+0x10/0x10 [ 26.477370] ret_from_fork_asm+0x1a/0x30 [ 26.477370] </TASK> [ 26.477370] [ 26.477370] Allocated by task 209: [ 26.477370] kasan_save_stack+0x3d/0x60 [ 26.477370] kasan_save_track+0x18/0x40 [ 26.477370] kasan_save_alloc_info+0x3b/0x50 [ 26.477370] __kasan_kmalloc+0xb7/0xc0 [ 26.477370] __kmalloc_cache_noprof+0x184/0x410 [ 26.477370] workqueue_uaf+0x153/0x560 [ 26.477370] kunit_try_run_case+0x1b3/0x490 [ 26.477370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.477370] kthread+0x257/0x310 [ 26.477370] ret_from_fork+0x41/0x80 [ 26.477370] ret_from_fork_asm+0x1a/0x30 [ 26.477370] [ 26.477370] Freed by task 44: [ 26.477370] kasan_save_stack+0x3d/0x60 [ 26.477370] kasan_save_track+0x18/0x40 [ 26.477370] kasan_save_free_info+0x3f/0x60 [ 26.477370] __kasan_slab_free+0x56/0x70 [ 26.477370] kfree+0x123/0x3f0 [ 26.477370] workqueue_uaf_work+0x12/0x20 [ 26.477370] process_one_work+0x5ee/0xf60 [ 26.477370] worker_thread+0x720/0x1300 [ 26.477370] kthread+0x257/0x310 [ 26.477370] ret_from_fork+0x41/0x80 [ 26.477370] ret_from_fork_asm+0x1a/0x30 [ 26.477370] [ 26.477370] Last potentially related work creation: [ 26.477370] kasan_save_stack+0x3d/0x60 [ 26.477370] __kasan_record_aux_stack+0xae/0xc0 [ 26.477370] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.477370] __queue_work+0x67e/0xf70 [ 26.477370] queue_work_on+0x74/0xa0 [ 26.477370] workqueue_uaf+0x26e/0x560 [ 26.477370] kunit_try_run_case+0x1b3/0x490 [ 26.477370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.477370] kthread+0x257/0x310 [ 26.477370] ret_from_fork+0x41/0x80 [ 26.477370] ret_from_fork_asm+0x1a/0x30 [ 26.477370] [ 26.477370] The buggy address belongs to the object at ffff88810293ae00 [ 26.477370] which belongs to the cache kmalloc-32 of size 32 [ 26.477370] The buggy address is located 0 bytes inside of [ 26.477370] freed 32-byte region [ffff88810293ae00, ffff88810293ae20) [ 26.477370] [ 26.477370] The buggy address belongs to the physical page: [ 26.477370] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10293a [ 26.477370] flags: 0x200000000000000(node=0|zone=2) [ 26.477370] page_type: f5(slab) [ 26.477370] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.477370] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 26.477370] page dumped because: kasan: bad access detected [ 26.477370] [ 26.477370] Memory state around the buggy address: [ 26.477370] ffff88810293ad00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.477370] ffff88810293ad80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.477370] >ffff88810293ae00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 26.477370] ^ [ 26.477370] ffff88810293ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.477370] ffff88810293af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.477370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 26.387367] ================================================================== [ 26.388010] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 26.388158] Read of size 4 at addr ffff8881028e0980 by task swapper/0/0 [ 26.388158] [ 26.388158] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.12.0-next-20241126 #1 [ 26.388158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.388158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.388158] Call Trace: [ 26.388158] <IRQ> [ 26.388158] dump_stack_lvl+0x73/0xb0 [ 26.388158] print_report+0xd1/0x640 [ 26.388158] ? __virt_addr_valid+0x1db/0x2d0 [ 26.388158] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.388158] kasan_report+0x102/0x140 [ 26.388158] ? rcu_uaf_reclaim+0x50/0x60 [ 26.388158] ? rcu_uaf_reclaim+0x50/0x60 [ 26.388158] __asan_report_load4_noabort+0x18/0x20 [ 26.388158] rcu_uaf_reclaim+0x50/0x60 [ 26.388158] rcu_core+0x680/0x1d70 [ 26.388158] ? __pfx_rcu_core+0x10/0x10 [ 26.388158] ? ktime_get+0x69/0x150 [ 26.388158] ? handle_softirqs+0x18e/0x720 [ 26.388158] rcu_core_si+0x12/0x20 [ 26.388158] handle_softirqs+0x209/0x720 [ 26.388158] ? hrtimer_interrupt+0x2fe/0x780 [ 26.388158] ? __pfx_handle_softirqs+0x10/0x10 [ 26.388158] __irq_exit_rcu+0xc9/0x110 [ 26.388158] irq_exit_rcu+0x12/0x20 [ 26.388158] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.403337] </IRQ> [ 26.403337] <TASK> [ 26.403337] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.403337] RIP: 0010:default_idle+0xf/0x20 [ 26.403337] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 13 e0 34 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 26.403337] RSP: 0000:ffffffff94607df0 EFLAGS: 00010202 [ 26.403337] RAX: ffff88815b000000 RBX: ffffffff9461a680 RCX: ffffffff9330c925 [ 26.403337] RDX: ffffed102b606b23 RSI: 0000000000000004 RDI: 0000000000064ee4 [ 26.403337] RBP: ffffffff94607df8 R08: 0000000000000001 R09: ffffed102b606b22 [ 26.403337] R10: ffff88815b035913 R11: 0000000000000000 R12: 0000000000000000 [ 26.403337] R13: fffffbfff28c34d0 R14: ffffffff95172c90 R15: 0000000000000000 [ 26.403337] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 26.403337] ? arch_cpu_idle+0xd/0x20 [ 26.403337] default_idle_call+0x48/0x80 [ 26.403337] do_idle+0x310/0x3c0 [ 26.403337] ? __pfx_do_idle+0x10/0x10 [ 26.403337] ? trace_preempt_on+0x20/0xc0 [ 26.403337] ? schedule+0x86/0x310 [ 26.403337] ? preempt_count_sub+0x50/0x80 [ 26.403337] cpu_startup_entry+0x5c/0x70 [ 26.403337] rest_init+0x11a/0x140 [ 26.403337] ? acpi_subsystem_init+0x5d/0x150 [ 26.403337] start_kernel+0x320/0x400 [ 26.403337] x86_64_start_reservations+0x1c/0x30 [ 26.403337] x86_64_start_kernel+0xcf/0xe0 [ 26.403337] common_startup_64+0x12c/0x138 [ 26.403337] </TASK> [ 26.403337] [ 26.403337] Allocated by task 207: [ 26.403337] kasan_save_stack+0x3d/0x60 [ 26.403337] kasan_save_track+0x18/0x40 [ 26.403337] kasan_save_alloc_info+0x3b/0x50 [ 26.403337] __kasan_kmalloc+0xb7/0xc0 [ 26.403337] __kmalloc_cache_noprof+0x184/0x410 [ 26.403337] rcu_uaf+0xb1/0x330 [ 26.403337] kunit_try_run_case+0x1b3/0x490 [ 26.403337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.403337] kthread+0x257/0x310 [ 26.403337] ret_from_fork+0x41/0x80 [ 26.403337] ret_from_fork_asm+0x1a/0x30 [ 26.403337] [ 26.403337] Freed by task 0: [ 26.403337] kasan_save_stack+0x3d/0x60 [ 26.403337] kasan_save_track+0x18/0x40 [ 26.403337] kasan_save_free_info+0x3f/0x60 [ 26.403337] __kasan_slab_free+0x56/0x70 [ 26.403337] kfree+0x123/0x3f0 [ 26.403337] rcu_uaf_reclaim+0x1f/0x60 [ 26.403337] rcu_core+0x680/0x1d70 [ 26.403337] rcu_core_si+0x12/0x20 [ 26.403337] handle_softirqs+0x209/0x720 [ 26.403337] __irq_exit_rcu+0xc9/0x110 [ 26.403337] irq_exit_rcu+0x12/0x20 [ 26.403337] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.403337] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.403337] [ 26.403337] Last potentially related work creation: [ 26.403337] kasan_save_stack+0x3d/0x60 [ 26.403337] __kasan_record_aux_stack+0xae/0xc0 [ 26.403337] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.403337] __call_rcu_common.constprop.0+0x72/0xaa0 [ 26.403337] call_rcu+0x12/0x20 [ 26.403337] rcu_uaf+0x169/0x330 [ 26.403337] kunit_try_run_case+0x1b3/0x490 [ 26.403337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.403337] kthread+0x257/0x310 [ 26.403337] ret_from_fork+0x41/0x80 [ 26.403337] ret_from_fork_asm+0x1a/0x30 [ 26.403337] [ 26.403337] The buggy address belongs to the object at ffff8881028e0980 [ 26.403337] which belongs to the cache kmalloc-32 of size 32 [ 26.403337] The buggy address is located 0 bytes inside of [ 26.403337] freed 32-byte region [ffff8881028e0980, ffff8881028e09a0) [ 26.403337] [ 26.403337] The buggy address belongs to the physical page: [ 26.403337] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e0 [ 26.403337] flags: 0x200000000000000(node=0|zone=2) [ 26.403337] page_type: f5(slab) [ 26.403337] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.403337] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 26.403337] page dumped because: kasan: bad access detected [ 26.403337] [ 26.403337] Memory state around the buggy address: [ 26.403337] ffff8881028e0880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.403337] ffff8881028e0900: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.403337] >ffff8881028e0980: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 26.403337] ^ [ 26.403337] ffff8881028e0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.403337] ffff8881028e0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.403337] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 26.196817] ================================================================== [ 26.197217] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 26.197217] Read of size 1 at addr ffff88810293c500 by task kunit_try_catch/205 [ 26.197217] [ 26.197217] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.197217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.197217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.197217] Call Trace: [ 26.197217] <TASK> [ 26.197217] dump_stack_lvl+0x73/0xb0 [ 26.197217] print_report+0xd1/0x640 [ 26.197217] ? __virt_addr_valid+0x1db/0x2d0 [ 26.197217] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.197217] kasan_report+0x102/0x140 [ 26.197217] ? ksize_uaf+0x19e/0x6c0 [ 26.197217] ? ksize_uaf+0x19e/0x6c0 [ 26.197217] ? ksize_uaf+0x19e/0x6c0 [ 26.197217] __kasan_check_byte+0x3d/0x50 [ 26.197217] ksize+0x20/0x60 [ 26.197217] ksize_uaf+0x19e/0x6c0 [ 26.197217] ? __pfx_ksize_uaf+0x10/0x10 [ 26.197217] ? __schedule+0xc3e/0x2790 [ 26.197217] ? ktime_get_ts64+0x84/0x230 [ 26.197217] kunit_try_run_case+0x1b3/0x490 [ 26.197217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.197217] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.197217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.197217] ? __kthread_parkme+0x82/0x160 [ 26.197217] ? preempt_count_sub+0x50/0x80 [ 26.197217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.197217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.197217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.197217] kthread+0x257/0x310 [ 26.197217] ? __pfx_kthread+0x10/0x10 [ 26.197217] ret_from_fork+0x41/0x80 [ 26.197217] ? __pfx_kthread+0x10/0x10 [ 26.197217] ret_from_fork_asm+0x1a/0x30 [ 26.197217] </TASK> [ 26.197217] [ 26.197217] Allocated by task 205: [ 26.197217] kasan_save_stack+0x3d/0x60 [ 26.197217] kasan_save_track+0x18/0x40 [ 26.197217] kasan_save_alloc_info+0x3b/0x50 [ 26.197217] __kasan_kmalloc+0xb7/0xc0 [ 26.197217] __kmalloc_cache_noprof+0x184/0x410 [ 26.197217] ksize_uaf+0xab/0x6c0 [ 26.197217] kunit_try_run_case+0x1b3/0x490 [ 26.197217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.197217] kthread+0x257/0x310 [ 26.197217] ret_from_fork+0x41/0x80 [ 26.197217] ret_from_fork_asm+0x1a/0x30 [ 26.197217] [ 26.197217] Freed by task 205: [ 26.197217] kasan_save_stack+0x3d/0x60 [ 26.197217] kasan_save_track+0x18/0x40 [ 26.197217] kasan_save_free_info+0x3f/0x60 [ 26.197217] __kasan_slab_free+0x56/0x70 [ 26.197217] kfree+0x123/0x3f0 [ 26.197217] ksize_uaf+0x12d/0x6c0 [ 26.197217] kunit_try_run_case+0x1b3/0x490 [ 26.197217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.197217] kthread+0x257/0x310 [ 26.197217] ret_from_fork+0x41/0x80 [ 26.197217] ret_from_fork_asm+0x1a/0x30 [ 26.197217] [ 26.197217] The buggy address belongs to the object at ffff88810293c500 [ 26.197217] which belongs to the cache kmalloc-128 of size 128 [ 26.197217] The buggy address is located 0 bytes inside of [ 26.197217] freed 128-byte region [ffff88810293c500, ffff88810293c580) [ 26.197217] [ 26.197217] The buggy address belongs to the physical page: [ 26.197217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10293c [ 26.197217] flags: 0x200000000000000(node=0|zone=2) [ 26.197217] page_type: f5(slab) [ 26.197217] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.197217] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.197217] page dumped because: kasan: bad access detected [ 26.197217] [ 26.197217] Memory state around the buggy address: [ 26.197217] ffff88810293c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 26.197217] ffff88810293c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.197217] >ffff88810293c500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.197217] ^ [ 26.197217] ffff88810293c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.197217] ffff88810293c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.197217] ================================================================== [ 26.255446] ================================================================== [ 26.256187] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 26.256187] Read of size 1 at addr ffff88810293c500 by task kunit_try_catch/205 [ 26.256187] [ 26.256187] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.256187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.256187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.256187] Call Trace: [ 26.256187] <TASK> [ 26.256187] dump_stack_lvl+0x73/0xb0 [ 26.256187] print_report+0xd1/0x640 [ 26.256187] ? __virt_addr_valid+0x1db/0x2d0 [ 26.256187] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.256187] kasan_report+0x102/0x140 [ 26.256187] ? ksize_uaf+0x600/0x6c0 [ 26.256187] ? ksize_uaf+0x600/0x6c0 [ 26.256187] __asan_report_load1_noabort+0x18/0x20 [ 26.256187] ksize_uaf+0x600/0x6c0 [ 26.256187] ? __pfx_ksize_uaf+0x10/0x10 [ 26.256187] ? __schedule+0xc3e/0x2790 [ 26.256187] ? ktime_get_ts64+0x84/0x230 [ 26.256187] kunit_try_run_case+0x1b3/0x490 [ 26.256187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.256187] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.256187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.256187] ? __kthread_parkme+0x82/0x160 [ 26.256187] ? preempt_count_sub+0x50/0x80 [ 26.256187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.256187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.256187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.256187] kthread+0x257/0x310 [ 26.256187] ? __pfx_kthread+0x10/0x10 [ 26.256187] ret_from_fork+0x41/0x80 [ 26.256187] ? __pfx_kthread+0x10/0x10 [ 26.256187] ret_from_fork_asm+0x1a/0x30 [ 26.256187] </TASK> [ 26.256187] [ 26.256187] Allocated by task 205: [ 26.256187] kasan_save_stack+0x3d/0x60 [ 26.256187] kasan_save_track+0x18/0x40 [ 26.256187] kasan_save_alloc_info+0x3b/0x50 [ 26.256187] __kasan_kmalloc+0xb7/0xc0 [ 26.256187] __kmalloc_cache_noprof+0x184/0x410 [ 26.256187] ksize_uaf+0xab/0x6c0 [ 26.256187] kunit_try_run_case+0x1b3/0x490 [ 26.256187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.256187] kthread+0x257/0x310 [ 26.256187] ret_from_fork+0x41/0x80 [ 26.256187] ret_from_fork_asm+0x1a/0x30 [ 26.256187] [ 26.256187] Freed by task 205: [ 26.256187] kasan_save_stack+0x3d/0x60 [ 26.256187] kasan_save_track+0x18/0x40 [ 26.256187] kasan_save_free_info+0x3f/0x60 [ 26.256187] __kasan_slab_free+0x56/0x70 [ 26.256187] kfree+0x123/0x3f0 [ 26.256187] ksize_uaf+0x12d/0x6c0 [ 26.256187] kunit_try_run_case+0x1b3/0x490 [ 26.256187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.256187] kthread+0x257/0x310 [ 26.256187] ret_from_fork+0x41/0x80 [ 26.256187] ret_from_fork_asm+0x1a/0x30 [ 26.256187] [ 26.256187] The buggy address belongs to the object at ffff88810293c500 [ 26.256187] which belongs to the cache kmalloc-128 of size 128 [ 26.256187] The buggy address is located 0 bytes inside of [ 26.256187] freed 128-byte region [ffff88810293c500, ffff88810293c580) [ 26.256187] [ 26.256187] The buggy address belongs to the physical page: [ 26.256187] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10293c [ 26.256187] flags: 0x200000000000000(node=0|zone=2) [ 26.256187] page_type: f5(slab) [ 26.256187] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.256187] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.256187] page dumped because: kasan: bad access detected [ 26.256187] [ 26.256187] Memory state around the buggy address: [ 26.256187] ffff88810293c400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.256187] ffff88810293c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.256187] >ffff88810293c500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.256187] ^ [ 26.256187] ffff88810293c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.256187] ffff88810293c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.256187] ================================================================== [ 26.314540] ================================================================== [ 26.315151] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 26.315151] Read of size 1 at addr ffff88810293c578 by task kunit_try_catch/205 [ 26.315151] [ 26.315151] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.315151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.315151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.315151] Call Trace: [ 26.315151] <TASK> [ 26.315151] dump_stack_lvl+0x73/0xb0 [ 26.315151] print_report+0xd1/0x640 [ 26.315151] ? __virt_addr_valid+0x1db/0x2d0 [ 26.315151] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.315151] kasan_report+0x102/0x140 [ 26.315151] ? ksize_uaf+0x5e6/0x6c0 [ 26.315151] ? ksize_uaf+0x5e6/0x6c0 [ 26.315151] __asan_report_load1_noabort+0x18/0x20 [ 26.315151] ksize_uaf+0x5e6/0x6c0 [ 26.315151] ? __pfx_ksize_uaf+0x10/0x10 [ 26.315151] ? __schedule+0xc3e/0x2790 [ 26.315151] ? ktime_get_ts64+0x84/0x230 [ 26.315151] kunit_try_run_case+0x1b3/0x490 [ 26.315151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.315151] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.315151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.315151] ? __kthread_parkme+0x82/0x160 [ 26.315151] ? preempt_count_sub+0x50/0x80 [ 26.315151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.315151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.315151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.315151] kthread+0x257/0x310 [ 26.315151] ? __pfx_kthread+0x10/0x10 [ 26.315151] ret_from_fork+0x41/0x80 [ 26.315151] ? __pfx_kthread+0x10/0x10 [ 26.315151] ret_from_fork_asm+0x1a/0x30 [ 26.315151] </TASK> [ 26.315151] [ 26.315151] Allocated by task 205: [ 26.315151] kasan_save_stack+0x3d/0x60 [ 26.315151] kasan_save_track+0x18/0x40 [ 26.315151] kasan_save_alloc_info+0x3b/0x50 [ 26.315151] __kasan_kmalloc+0xb7/0xc0 [ 26.315151] __kmalloc_cache_noprof+0x184/0x410 [ 26.315151] ksize_uaf+0xab/0x6c0 [ 26.315151] kunit_try_run_case+0x1b3/0x490 [ 26.315151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.315151] kthread+0x257/0x310 [ 26.315151] ret_from_fork+0x41/0x80 [ 26.315151] ret_from_fork_asm+0x1a/0x30 [ 26.315151] [ 26.315151] Freed by task 205: [ 26.315151] kasan_save_stack+0x3d/0x60 [ 26.315151] kasan_save_track+0x18/0x40 [ 26.315151] kasan_save_free_info+0x3f/0x60 [ 26.315151] __kasan_slab_free+0x56/0x70 [ 26.315151] kfree+0x123/0x3f0 [ 26.315151] ksize_uaf+0x12d/0x6c0 [ 26.315151] kunit_try_run_case+0x1b3/0x490 [ 26.315151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.315151] kthread+0x257/0x310 [ 26.315151] ret_from_fork+0x41/0x80 [ 26.315151] ret_from_fork_asm+0x1a/0x30 [ 26.315151] [ 26.315151] The buggy address belongs to the object at ffff88810293c500 [ 26.315151] which belongs to the cache kmalloc-128 of size 128 [ 26.315151] The buggy address is located 120 bytes inside of [ 26.315151] freed 128-byte region [ffff88810293c500, ffff88810293c580) [ 26.315151] [ 26.315151] The buggy address belongs to the physical page: [ 26.315151] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10293c [ 26.315151] flags: 0x200000000000000(node=0|zone=2) [ 26.315151] page_type: f5(slab) [ 26.315151] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.315151] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.315151] page dumped because: kasan: bad access detected [ 26.315151] [ 26.315151] Memory state around the buggy address: [ 26.315151] ffff88810293c400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.315151] ffff88810293c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.315151] >ffff88810293c500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.315151] ^ [ 26.315151] ffff88810293c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.315151] ffff88810293c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.315151] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 26.100234] ================================================================== [ 26.100821] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.100821] Read of size 1 at addr ffff8881028e1a78 by task kunit_try_catch/203 [ 26.100821] [ 26.100821] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.100821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.100821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.100821] Call Trace: [ 26.100821] <TASK> [ 26.100821] dump_stack_lvl+0x73/0xb0 [ 26.100821] print_report+0xd1/0x640 [ 26.100821] ? __virt_addr_valid+0x1db/0x2d0 [ 26.100821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.100821] kasan_report+0x102/0x140 [ 26.100821] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.100821] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.100821] __asan_report_load1_noabort+0x18/0x20 [ 26.100821] ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.100821] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.100821] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.100821] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.100821] kunit_try_run_case+0x1b3/0x490 [ 26.100821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.100821] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.100821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.100821] ? __kthread_parkme+0x82/0x160 [ 26.100821] ? preempt_count_sub+0x50/0x80 [ 26.100821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.100821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.100821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.100821] kthread+0x257/0x310 [ 26.100821] ? __pfx_kthread+0x10/0x10 [ 26.100821] ret_from_fork+0x41/0x80 [ 26.100821] ? __pfx_kthread+0x10/0x10 [ 26.100821] ret_from_fork_asm+0x1a/0x30 [ 26.100821] </TASK> [ 26.100821] [ 26.100821] Allocated by task 203: [ 26.100821] kasan_save_stack+0x3d/0x60 [ 26.100821] kasan_save_track+0x18/0x40 [ 26.100821] kasan_save_alloc_info+0x3b/0x50 [ 26.100821] __kasan_kmalloc+0xb7/0xc0 [ 26.100821] __kmalloc_cache_noprof+0x184/0x410 [ 26.100821] ksize_unpoisons_memory+0xc8/0x9b0 [ 26.100821] kunit_try_run_case+0x1b3/0x490 [ 26.100821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.100821] kthread+0x257/0x310 [ 26.100821] ret_from_fork+0x41/0x80 [ 26.100821] ret_from_fork_asm+0x1a/0x30 [ 26.100821] [ 26.100821] The buggy address belongs to the object at ffff8881028e1a00 [ 26.100821] which belongs to the cache kmalloc-128 of size 128 [ 26.100821] The buggy address is located 5 bytes to the right of [ 26.100821] allocated 115-byte region [ffff8881028e1a00, ffff8881028e1a73) [ 26.100821] [ 26.100821] The buggy address belongs to the physical page: [ 26.100821] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e1 [ 26.100821] flags: 0x200000000000000(node=0|zone=2) [ 26.100821] page_type: f5(slab) [ 26.100821] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.100821] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.100821] page dumped because: kasan: bad access detected [ 26.100821] [ 26.100821] Memory state around the buggy address: [ 26.100821] ffff8881028e1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.100821] ffff8881028e1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.100821] >ffff8881028e1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.100821] ^ [ 26.100821] ffff8881028e1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.100821] ffff8881028e1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.100821] ================================================================== [ 26.053635] ================================================================== [ 26.054163] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 26.054163] Read of size 1 at addr ffff8881028e1a73 by task kunit_try_catch/203 [ 26.054163] [ 26.054163] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.054163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.054163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.054163] Call Trace: [ 26.054163] <TASK> [ 26.054163] dump_stack_lvl+0x73/0xb0 [ 26.054163] print_report+0xd1/0x640 [ 26.054163] ? __virt_addr_valid+0x1db/0x2d0 [ 26.054163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.054163] kasan_report+0x102/0x140 [ 26.054163] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 26.054163] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 26.054163] __asan_report_load1_noabort+0x18/0x20 [ 26.054163] ksize_unpoisons_memory+0x81e/0x9b0 [ 26.054163] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.054163] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.054163] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.054163] kunit_try_run_case+0x1b3/0x490 [ 26.054163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.054163] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.054163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.054163] ? __kthread_parkme+0x82/0x160 [ 26.054163] ? preempt_count_sub+0x50/0x80 [ 26.054163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.054163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.054163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.054163] kthread+0x257/0x310 [ 26.054163] ? __pfx_kthread+0x10/0x10 [ 26.054163] ret_from_fork+0x41/0x80 [ 26.054163] ? __pfx_kthread+0x10/0x10 [ 26.054163] ret_from_fork_asm+0x1a/0x30 [ 26.054163] </TASK> [ 26.054163] [ 26.054163] Allocated by task 203: [ 26.054163] kasan_save_stack+0x3d/0x60 [ 26.054163] kasan_save_track+0x18/0x40 [ 26.054163] kasan_save_alloc_info+0x3b/0x50 [ 26.054163] __kasan_kmalloc+0xb7/0xc0 [ 26.054163] __kmalloc_cache_noprof+0x184/0x410 [ 26.054163] ksize_unpoisons_memory+0xc8/0x9b0 [ 26.054163] kunit_try_run_case+0x1b3/0x490 [ 26.054163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.054163] kthread+0x257/0x310 [ 26.054163] ret_from_fork+0x41/0x80 [ 26.054163] ret_from_fork_asm+0x1a/0x30 [ 26.054163] [ 26.054163] The buggy address belongs to the object at ffff8881028e1a00 [ 26.054163] which belongs to the cache kmalloc-128 of size 128 [ 26.054163] The buggy address is located 0 bytes to the right of [ 26.054163] allocated 115-byte region [ffff8881028e1a00, ffff8881028e1a73) [ 26.054163] [ 26.054163] The buggy address belongs to the physical page: [ 26.054163] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e1 [ 26.054163] flags: 0x200000000000000(node=0|zone=2) [ 26.054163] page_type: f5(slab) [ 26.054163] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.054163] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.054163] page dumped because: kasan: bad access detected [ 26.054163] [ 26.054163] Memory state around the buggy address: [ 26.054163] ffff8881028e1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.054163] ffff8881028e1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054163] >ffff8881028e1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.054163] ^ [ 26.054163] ffff8881028e1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054163] ffff8881028e1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054163] ================================================================== [ 26.146314] ================================================================== [ 26.146314] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.146314] Read of size 1 at addr ffff8881028e1a7f by task kunit_try_catch/203 [ 26.146314] [ 26.146314] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 26.146314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.146314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.146314] Call Trace: [ 26.146314] <TASK> [ 26.146314] dump_stack_lvl+0x73/0xb0 [ 26.146314] print_report+0xd1/0x640 [ 26.146314] ? __virt_addr_valid+0x1db/0x2d0 [ 26.146314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.146314] kasan_report+0x102/0x140 [ 26.146314] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.146314] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.146314] __asan_report_load1_noabort+0x18/0x20 [ 26.146314] ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.146314] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.146314] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.146314] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.146314] kunit_try_run_case+0x1b3/0x490 [ 26.146314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.146314] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.146314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.146314] ? __kthread_parkme+0x82/0x160 [ 26.146314] ? preempt_count_sub+0x50/0x80 [ 26.146314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.146314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.146314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.146314] kthread+0x257/0x310 [ 26.146314] ? __pfx_kthread+0x10/0x10 [ 26.146314] ret_from_fork+0x41/0x80 [ 26.146314] ? __pfx_kthread+0x10/0x10 [ 26.146314] ret_from_fork_asm+0x1a/0x30 [ 26.146314] </TASK> [ 26.146314] [ 26.146314] Allocated by task 203: [ 26.146314] kasan_save_stack+0x3d/0x60 [ 26.146314] kasan_save_track+0x18/0x40 [ 26.146314] kasan_save_alloc_info+0x3b/0x50 [ 26.146314] __kasan_kmalloc+0xb7/0xc0 [ 26.146314] __kmalloc_cache_noprof+0x184/0x410 [ 26.146314] ksize_unpoisons_memory+0xc8/0x9b0 [ 26.146314] kunit_try_run_case+0x1b3/0x490 [ 26.146314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.146314] kthread+0x257/0x310 [ 26.146314] ret_from_fork+0x41/0x80 [ 26.146314] ret_from_fork_asm+0x1a/0x30 [ 26.146314] [ 26.146314] The buggy address belongs to the object at ffff8881028e1a00 [ 26.146314] which belongs to the cache kmalloc-128 of size 128 [ 26.146314] The buggy address is located 12 bytes to the right of [ 26.146314] allocated 115-byte region [ffff8881028e1a00, ffff8881028e1a73) [ 26.146314] [ 26.146314] The buggy address belongs to the physical page: [ 26.146314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e1 [ 26.146314] flags: 0x200000000000000(node=0|zone=2) [ 26.146314] page_type: f5(slab) [ 26.146314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.146314] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.146314] page dumped because: kasan: bad access detected [ 26.146314] [ 26.146314] Memory state around the buggy address: [ 26.146314] ffff8881028e1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.146314] ffff8881028e1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.146314] >ffff8881028e1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.146314] ^ [ 26.146314] ffff8881028e1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.146314] ffff8881028e1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.146314] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 25.982964] ================================================================== [ 25.983493] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 25.983505] Free of addr ffff888101a468e0 by task kunit_try_catch/201 [ 25.983505] [ 25.983505] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.983505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.983505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.983505] Call Trace: [ 25.983505] <TASK> [ 25.983505] dump_stack_lvl+0x73/0xb0 [ 25.983505] print_report+0xd1/0x640 [ 25.983505] ? __virt_addr_valid+0x1db/0x2d0 [ 25.983505] ? kfree_sensitive+0x2e/0x90 [ 25.983505] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.983505] ? kfree_sensitive+0x2e/0x90 [ 25.983505] kasan_report_invalid_free+0xc0/0xf0 [ 25.983505] ? kfree_sensitive+0x2e/0x90 [ 25.983505] ? kfree_sensitive+0x2e/0x90 [ 25.983505] check_slab_allocation+0x101/0x130 [ 25.983505] __kasan_slab_pre_free+0x28/0x40 [ 25.983505] kfree+0xf1/0x3f0 [ 25.983505] ? kfree_sensitive+0x2e/0x90 [ 25.983505] kfree_sensitive+0x2e/0x90 [ 25.983505] kmalloc_double_kzfree+0x19d/0x360 [ 25.983505] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.983505] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.983505] kunit_try_run_case+0x1b3/0x490 [ 25.983505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.983505] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.983505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.983505] ? __kthread_parkme+0x82/0x160 [ 25.983505] ? preempt_count_sub+0x50/0x80 [ 25.983505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.983505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.983505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.983505] kthread+0x257/0x310 [ 25.983505] ? __pfx_kthread+0x10/0x10 [ 25.983505] ret_from_fork+0x41/0x80 [ 25.983505] ? __pfx_kthread+0x10/0x10 [ 25.983505] ret_from_fork_asm+0x1a/0x30 [ 25.983505] </TASK> [ 25.983505] [ 25.983505] Allocated by task 201: [ 25.983505] kasan_save_stack+0x3d/0x60 [ 25.983505] kasan_save_track+0x18/0x40 [ 25.983505] kasan_save_alloc_info+0x3b/0x50 [ 25.983505] __kasan_kmalloc+0xb7/0xc0 [ 25.983505] __kmalloc_cache_noprof+0x184/0x410 [ 25.983505] kmalloc_double_kzfree+0xaa/0x360 [ 25.983505] kunit_try_run_case+0x1b3/0x490 [ 25.983505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.983505] kthread+0x257/0x310 [ 25.983505] ret_from_fork+0x41/0x80 [ 25.983505] ret_from_fork_asm+0x1a/0x30 [ 25.983505] [ 25.983505] Freed by task 201: [ 25.983505] kasan_save_stack+0x3d/0x60 [ 25.983505] kasan_save_track+0x18/0x40 [ 25.983505] kasan_save_free_info+0x3f/0x60 [ 25.983505] __kasan_slab_free+0x56/0x70 [ 25.983505] kfree+0x123/0x3f0 [ 25.983505] kfree_sensitive+0x67/0x90 [ 25.983505] kmalloc_double_kzfree+0x12c/0x360 [ 25.983505] kunit_try_run_case+0x1b3/0x490 [ 25.983505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.983505] kthread+0x257/0x310 [ 25.983505] ret_from_fork+0x41/0x80 [ 25.983505] ret_from_fork_asm+0x1a/0x30 [ 25.983505] [ 25.983505] The buggy address belongs to the object at ffff888101a468e0 [ 25.983505] which belongs to the cache kmalloc-16 of size 16 [ 25.983505] The buggy address is located 0 bytes inside of [ 25.983505] 16-byte region [ffff888101a468e0, ffff888101a468f0) [ 25.983505] [ 25.983505] The buggy address belongs to the physical page: [ 25.983505] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 25.983505] flags: 0x200000000000000(node=0|zone=2) [ 25.983505] page_type: f5(slab) [ 25.983505] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.983505] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.983505] page dumped because: kasan: bad access detected [ 25.983505] [ 25.983505] Memory state around the buggy address: [ 25.983505] ffff888101a46780: 00 05 fc fc 00 05 fc fc 00 02 fc fc fa fb fc fc [ 25.983505] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 25.983505] >ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.983505] ^ [ 25.983505] ffff888101a46900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.983505] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.983505] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 25.925954] ================================================================== [ 25.926252] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 25.928323] Read of size 1 at addr ffff888101a468e0 by task kunit_try_catch/201 [ 25.928323] [ 25.928323] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.928323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.928323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.928323] Call Trace: [ 25.928323] <TASK> [ 25.928323] dump_stack_lvl+0x73/0xb0 [ 25.928323] print_report+0xd1/0x640 [ 25.928323] ? __virt_addr_valid+0x1db/0x2d0 [ 25.928323] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.928323] kasan_report+0x102/0x140 [ 25.928323] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.928323] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.928323] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.928323] __kasan_check_byte+0x3d/0x50 [ 25.928323] kfree_sensitive+0x22/0x90 [ 25.928323] kmalloc_double_kzfree+0x19d/0x360 [ 25.928323] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.928323] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.928323] kunit_try_run_case+0x1b3/0x490 [ 25.928323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.928323] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.928323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.928323] ? __kthread_parkme+0x82/0x160 [ 25.928323] ? preempt_count_sub+0x50/0x80 [ 25.928323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.928323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.928323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.928323] kthread+0x257/0x310 [ 25.928323] ? __pfx_kthread+0x10/0x10 [ 25.928323] ret_from_fork+0x41/0x80 [ 25.928323] ? __pfx_kthread+0x10/0x10 [ 25.928323] ret_from_fork_asm+0x1a/0x30 [ 25.928323] </TASK> [ 25.928323] [ 25.928323] Allocated by task 201: [ 25.928323] kasan_save_stack+0x3d/0x60 [ 25.928323] kasan_save_track+0x18/0x40 [ 25.928323] kasan_save_alloc_info+0x3b/0x50 [ 25.928323] __kasan_kmalloc+0xb7/0xc0 [ 25.928323] __kmalloc_cache_noprof+0x184/0x410 [ 25.928323] kmalloc_double_kzfree+0xaa/0x360 [ 25.928323] kunit_try_run_case+0x1b3/0x490 [ 25.928323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.928323] kthread+0x257/0x310 [ 25.928323] ret_from_fork+0x41/0x80 [ 25.928323] ret_from_fork_asm+0x1a/0x30 [ 25.928323] [ 25.928323] Freed by task 201: [ 25.928323] kasan_save_stack+0x3d/0x60 [ 25.928323] kasan_save_track+0x18/0x40 [ 25.928323] kasan_save_free_info+0x3f/0x60 [ 25.928323] __kasan_slab_free+0x56/0x70 [ 25.928323] kfree+0x123/0x3f0 [ 25.928323] kfree_sensitive+0x67/0x90 [ 25.928323] kmalloc_double_kzfree+0x12c/0x360 [ 25.928323] kunit_try_run_case+0x1b3/0x490 [ 25.928323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.928323] kthread+0x257/0x310 [ 25.928323] ret_from_fork+0x41/0x80 [ 25.928323] ret_from_fork_asm+0x1a/0x30 [ 25.928323] [ 25.928323] The buggy address belongs to the object at ffff888101a468e0 [ 25.928323] which belongs to the cache kmalloc-16 of size 16 [ 25.928323] The buggy address is located 0 bytes inside of [ 25.928323] freed 16-byte region [ffff888101a468e0, ffff888101a468f0) [ 25.928323] [ 25.928323] The buggy address belongs to the physical page: [ 25.928323] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 25.928323] flags: 0x200000000000000(node=0|zone=2) [ 25.928323] page_type: f5(slab) [ 25.928323] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.928323] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.928323] page dumped because: kasan: bad access detected [ 25.928323] [ 25.928323] Memory state around the buggy address: [ 25.928323] ffff888101a46780: 00 05 fc fc 00 05 fc fc 00 02 fc fc fa fb fc fc [ 25.928323] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 25.928323] >ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.928323] ^ [ 25.928323] ffff888101a46900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.928323] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.928323] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 25.267952] ================================================================== [ 25.268505] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 25.268505] Write of size 16 at addr ffff888102611ac0 by task kunit_try_catch/175 [ 25.268505] [ 25.268505] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.268505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.268505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.268505] Call Trace: [ 25.268505] <TASK> [ 25.268505] dump_stack_lvl+0x73/0xb0 [ 25.268505] print_report+0xd1/0x640 [ 25.268505] ? __virt_addr_valid+0x1db/0x2d0 [ 25.268505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.268505] kasan_report+0x102/0x140 [ 25.268505] ? kmalloc_oob_16+0x454/0x4a0 [ 25.268505] ? kmalloc_oob_16+0x454/0x4a0 [ 25.268505] __asan_report_store16_noabort+0x1b/0x30 [ 25.268505] kmalloc_oob_16+0x454/0x4a0 [ 25.268505] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 25.268505] ? __schedule+0xc3e/0x2790 [ 25.268505] ? ktime_get_ts64+0x84/0x230 [ 25.268505] kunit_try_run_case+0x1b3/0x490 [ 25.268505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.268505] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.268505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.268505] ? __kthread_parkme+0x82/0x160 [ 25.268505] ? preempt_count_sub+0x50/0x80 [ 25.268505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.268505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.268505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.268505] kthread+0x257/0x310 [ 25.268505] ? __pfx_kthread+0x10/0x10 [ 25.268505] ret_from_fork+0x41/0x80 [ 25.268505] ? __pfx_kthread+0x10/0x10 [ 25.268505] ret_from_fork_asm+0x1a/0x30 [ 25.268505] </TASK> [ 25.268505] [ 25.268505] Allocated by task 175: [ 25.268505] kasan_save_stack+0x3d/0x60 [ 25.268505] kasan_save_track+0x18/0x40 [ 25.268505] kasan_save_alloc_info+0x3b/0x50 [ 25.268505] __kasan_kmalloc+0xb7/0xc0 [ 25.268505] __kmalloc_cache_noprof+0x184/0x410 [ 25.268505] kmalloc_oob_16+0xa9/0x4a0 [ 25.268505] kunit_try_run_case+0x1b3/0x490 [ 25.268505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.268505] kthread+0x257/0x310 [ 25.268505] ret_from_fork+0x41/0x80 [ 25.268505] ret_from_fork_asm+0x1a/0x30 [ 25.268505] [ 25.268505] The buggy address belongs to the object at ffff888102611ac0 [ 25.268505] which belongs to the cache kmalloc-16 of size 16 [ 25.268505] The buggy address is located 0 bytes inside of [ 25.268505] allocated 13-byte region [ffff888102611ac0, ffff888102611acd) [ 25.268505] [ 25.268505] The buggy address belongs to the physical page: [ 25.268505] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102611 [ 25.268505] flags: 0x200000000000000(node=0|zone=2) [ 25.268505] page_type: f5(slab) [ 25.268505] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.268505] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.268505] page dumped because: kasan: bad access detected [ 25.268505] [ 25.268505] Memory state around the buggy address: [ 25.268505] ffff888102611980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 25.268505] ffff888102611a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 25.268505] >ffff888102611a80: fa fb fc fc 00 04 fc fc 00 05 fc fc 00 00 fc fc [ 25.268505] ^ [ 25.268505] ffff888102611b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.268505] ffff888102611b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.268505] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 25.804383] ================================================================== [ 25.805030] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 25.805187] Write of size 33 at addr ffff88810293d000 by task kunit_try_catch/195 [ 25.805187] [ 25.805187] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.805187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.805187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.805187] Call Trace: [ 25.805187] <TASK> [ 25.805187] dump_stack_lvl+0x73/0xb0 [ 25.805187] print_report+0xd1/0x640 [ 25.805187] ? __virt_addr_valid+0x1db/0x2d0 [ 25.805187] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.805187] kasan_report+0x102/0x140 [ 25.805187] ? kmalloc_uaf_memset+0x1a4/0x360 [ 25.805187] ? kmalloc_uaf_memset+0x1a4/0x360 [ 25.805187] kasan_check_range+0x10c/0x1c0 [ 25.805187] __asan_memset+0x27/0x50 [ 25.805187] kmalloc_uaf_memset+0x1a4/0x360 [ 25.805187] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 25.805187] ? __schedule+0xc3e/0x2790 [ 25.805187] ? ktime_get_ts64+0x84/0x230 [ 25.805187] kunit_try_run_case+0x1b3/0x490 [ 25.805187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.805187] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.805187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.805187] ? __kthread_parkme+0x82/0x160 [ 25.805187] ? preempt_count_sub+0x50/0x80 [ 25.805187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.805187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.805187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.805187] kthread+0x257/0x310 [ 25.805187] ? __pfx_kthread+0x10/0x10 [ 25.805187] ret_from_fork+0x41/0x80 [ 25.805187] ? __pfx_kthread+0x10/0x10 [ 25.805187] ret_from_fork_asm+0x1a/0x30 [ 25.805187] </TASK> [ 25.805187] [ 25.805187] Allocated by task 195: [ 25.805187] kasan_save_stack+0x3d/0x60 [ 25.805187] kasan_save_track+0x18/0x40 [ 25.805187] kasan_save_alloc_info+0x3b/0x50 [ 25.805187] __kasan_kmalloc+0xb7/0xc0 [ 25.805187] __kmalloc_cache_noprof+0x184/0x410 [ 25.805187] kmalloc_uaf_memset+0xaa/0x360 [ 25.805187] kunit_try_run_case+0x1b3/0x490 [ 25.805187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.805187] kthread+0x257/0x310 [ 25.805187] ret_from_fork+0x41/0x80 [ 25.805187] ret_from_fork_asm+0x1a/0x30 [ 25.805187] [ 25.805187] Freed by task 195: [ 25.805187] kasan_save_stack+0x3d/0x60 [ 25.805187] kasan_save_track+0x18/0x40 [ 25.805187] kasan_save_free_info+0x3f/0x60 [ 25.805187] __kasan_slab_free+0x56/0x70 [ 25.805187] kfree+0x123/0x3f0 [ 25.805187] kmalloc_uaf_memset+0x12c/0x360 [ 25.805187] kunit_try_run_case+0x1b3/0x490 [ 25.805187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.805187] kthread+0x257/0x310 [ 25.805187] ret_from_fork+0x41/0x80 [ 25.805187] ret_from_fork_asm+0x1a/0x30 [ 25.805187] [ 25.805187] The buggy address belongs to the object at ffff88810293d000 [ 25.805187] which belongs to the cache kmalloc-64 of size 64 [ 25.805187] The buggy address is located 0 bytes inside of [ 25.805187] freed 64-byte region [ffff88810293d000, ffff88810293d040) [ 25.805187] [ 25.805187] The buggy address belongs to the physical page: [ 25.805187] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10293d [ 25.805187] flags: 0x200000000000000(node=0|zone=2) [ 25.805187] page_type: f5(slab) [ 25.805187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.805187] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.805187] page dumped because: kasan: bad access detected [ 25.805187] [ 25.805187] Memory state around the buggy address: [ 25.805187] ffff88810293cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.805187] ffff88810293cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.805187] >ffff88810293d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.805187] ^ [ 25.805187] ffff88810293d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.805187] ffff88810293d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.805187] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 25.689985] ================================================================== [ 25.690406] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 25.690406] Read of size 64 at addr ffff888102936f04 by task kunit_try_catch/191 [ 25.690406] [ 25.690406] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.690406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.690406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.690406] Call Trace: [ 25.690406] <TASK> [ 25.690406] dump_stack_lvl+0x73/0xb0 [ 25.690406] print_report+0xd1/0x640 [ 25.690406] ? __virt_addr_valid+0x1db/0x2d0 [ 25.690406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.690406] kasan_report+0x102/0x140 [ 25.690406] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 25.690406] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 25.690406] kasan_check_range+0x10c/0x1c0 [ 25.690406] __asan_memmove+0x27/0x70 [ 25.690406] kmalloc_memmove_invalid_size+0x170/0x330 [ 25.690406] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 25.690406] ? __schedule+0xc3e/0x2790 [ 25.690406] ? ktime_get_ts64+0x84/0x230 [ 25.690406] kunit_try_run_case+0x1b3/0x490 [ 25.690406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.690406] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.690406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.690406] ? __kthread_parkme+0x82/0x160 [ 25.690406] ? preempt_count_sub+0x50/0x80 [ 25.690406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.690406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.690406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.690406] kthread+0x257/0x310 [ 25.690406] ? __pfx_kthread+0x10/0x10 [ 25.690406] ret_from_fork+0x41/0x80 [ 25.690406] ? __pfx_kthread+0x10/0x10 [ 25.690406] ret_from_fork_asm+0x1a/0x30 [ 25.690406] </TASK> [ 25.690406] [ 25.690406] Allocated by task 191: [ 25.690406] kasan_save_stack+0x3d/0x60 [ 25.690406] kasan_save_track+0x18/0x40 [ 25.690406] kasan_save_alloc_info+0x3b/0x50 [ 25.690406] __kasan_kmalloc+0xb7/0xc0 [ 25.690406] __kmalloc_cache_noprof+0x184/0x410 [ 25.690406] kmalloc_memmove_invalid_size+0xad/0x330 [ 25.690406] kunit_try_run_case+0x1b3/0x490 [ 25.690406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.690406] kthread+0x257/0x310 [ 25.690406] ret_from_fork+0x41/0x80 [ 25.690406] ret_from_fork_asm+0x1a/0x30 [ 25.690406] [ 25.690406] The buggy address belongs to the object at ffff888102936f00 [ 25.690406] which belongs to the cache kmalloc-64 of size 64 [ 25.690406] The buggy address is located 4 bytes inside of [ 25.690406] allocated 64-byte region [ffff888102936f00, ffff888102936f40) [ 25.690406] [ 25.690406] The buggy address belongs to the physical page: [ 25.690406] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102936 [ 25.690406] flags: 0x200000000000000(node=0|zone=2) [ 25.690406] page_type: f5(slab) [ 25.690406] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.690406] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.690406] page dumped because: kasan: bad access detected [ 25.690406] [ 25.690406] Memory state around the buggy address: [ 25.690406] ffff888102936e00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 25.690406] ffff888102936e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.690406] >ffff888102936f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.690406] ^ [ 25.690406] ffff888102936f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.690406] ffff888102937000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.690406] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 25.629901] ================================================================== [ 25.630430] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 25.630430] Read of size 18446744073709551614 at addr ffff8881028dbf04 by task kunit_try_catch/189 [ 25.630430] [ 25.630430] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.630430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.630430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.630430] Call Trace: [ 25.630430] <TASK> [ 25.630430] dump_stack_lvl+0x73/0xb0 [ 25.630430] print_report+0xd1/0x640 [ 25.630430] ? __virt_addr_valid+0x1db/0x2d0 [ 25.630430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.630430] kasan_report+0x102/0x140 [ 25.630430] ? kmalloc_memmove_negative_size+0x172/0x330 [ 25.630430] ? kmalloc_memmove_negative_size+0x172/0x330 [ 25.630430] kasan_check_range+0x10c/0x1c0 [ 25.630430] __asan_memmove+0x27/0x70 [ 25.630430] kmalloc_memmove_negative_size+0x172/0x330 [ 25.630430] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 25.630430] ? __schedule+0xc3e/0x2790 [ 25.630430] ? ktime_get_ts64+0x84/0x230 [ 25.630430] kunit_try_run_case+0x1b3/0x490 [ 25.630430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.630430] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.630430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.630430] ? __kthread_parkme+0x82/0x160 [ 25.630430] ? preempt_count_sub+0x50/0x80 [ 25.630430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.630430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.630430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.630430] kthread+0x257/0x310 [ 25.630430] ? __pfx_kthread+0x10/0x10 [ 25.630430] ret_from_fork+0x41/0x80 [ 25.630430] ? __pfx_kthread+0x10/0x10 [ 25.630430] ret_from_fork_asm+0x1a/0x30 [ 25.630430] </TASK> [ 25.630430] [ 25.630430] Allocated by task 189: [ 25.630430] kasan_save_stack+0x3d/0x60 [ 25.630430] kasan_save_track+0x18/0x40 [ 25.630430] kasan_save_alloc_info+0x3b/0x50 [ 25.630430] __kasan_kmalloc+0xb7/0xc0 [ 25.630430] __kmalloc_cache_noprof+0x184/0x410 [ 25.630430] kmalloc_memmove_negative_size+0xad/0x330 [ 25.630430] kunit_try_run_case+0x1b3/0x490 [ 25.630430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.630430] kthread+0x257/0x310 [ 25.630430] ret_from_fork+0x41/0x80 [ 25.630430] ret_from_fork_asm+0x1a/0x30 [ 25.630430] [ 25.630430] The buggy address belongs to the object at ffff8881028dbf00 [ 25.630430] which belongs to the cache kmalloc-64 of size 64 [ 25.630430] The buggy address is located 4 bytes inside of [ 25.630430] 64-byte region [ffff8881028dbf00, ffff8881028dbf40) [ 25.630430] [ 25.630430] The buggy address belongs to the physical page: [ 25.630430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028db [ 25.630430] flags: 0x200000000000000(node=0|zone=2) [ 25.630430] page_type: f5(slab) [ 25.630430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.630430] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.630430] page dumped because: kasan: bad access detected [ 25.630430] [ 25.630430] Memory state around the buggy address: [ 25.630430] ffff8881028dbe00: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 25.630430] ffff8881028dbe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.630430] >ffff8881028dbf00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.630430] ^ [ 25.630430] ffff8881028dbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.630430] ffff8881028dc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.630430] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 25.482617] ================================================================== [ 25.483266] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 25.483266] Write of size 4 at addr ffff888102938a75 by task kunit_try_catch/183 [ 25.483266] [ 25.483266] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.483266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.487915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.487915] Call Trace: [ 25.487915] <TASK> [ 25.487915] dump_stack_lvl+0x73/0xb0 [ 25.487915] print_report+0xd1/0x640 [ 25.487915] ? __virt_addr_valid+0x1db/0x2d0 [ 25.487915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.487915] kasan_report+0x102/0x140 [ 25.487915] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.487915] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.487915] kasan_check_range+0x10c/0x1c0 [ 25.487915] __asan_memset+0x27/0x50 [ 25.487915] kmalloc_oob_memset_4+0x167/0x330 [ 25.487915] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 25.487915] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 25.487915] kunit_try_run_case+0x1b3/0x490 [ 25.487915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.487915] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.487915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.487915] ? __kthread_parkme+0x82/0x160 [ 25.487915] ? preempt_count_sub+0x50/0x80 [ 25.487915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.487915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.487915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.487915] kthread+0x257/0x310 [ 25.487915] ? __pfx_kthread+0x10/0x10 [ 25.487915] ret_from_fork+0x41/0x80 [ 25.487915] ? __pfx_kthread+0x10/0x10 [ 25.487915] ret_from_fork_asm+0x1a/0x30 [ 25.487915] </TASK> [ 25.487915] [ 25.487915] Allocated by task 183: [ 25.487915] kasan_save_stack+0x3d/0x60 [ 25.487915] kasan_save_track+0x18/0x40 [ 25.487915] kasan_save_alloc_info+0x3b/0x50 [ 25.487915] __kasan_kmalloc+0xb7/0xc0 [ 25.487915] __kmalloc_cache_noprof+0x184/0x410 [ 25.487915] kmalloc_oob_memset_4+0xad/0x330 [ 25.487915] kunit_try_run_case+0x1b3/0x490 [ 25.487915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.487915] kthread+0x257/0x310 [ 25.487915] ret_from_fork+0x41/0x80 [ 25.487915] ret_from_fork_asm+0x1a/0x30 [ 25.487915] [ 25.487915] The buggy address belongs to the object at ffff888102938a00 [ 25.487915] which belongs to the cache kmalloc-128 of size 128 [ 25.487915] The buggy address is located 117 bytes inside of [ 25.487915] allocated 120-byte region [ffff888102938a00, ffff888102938a78) [ 25.487915] [ 25.487915] The buggy address belongs to the physical page: [ 25.487915] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 25.487915] flags: 0x200000000000000(node=0|zone=2) [ 25.487915] page_type: f5(slab) [ 25.487915] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.487915] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.487915] page dumped because: kasan: bad access detected [ 25.487915] [ 25.487915] Memory state around the buggy address: [ 25.487915] ffff888102938900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.487915] ffff888102938980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.487915] >ffff888102938a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.487915] ^ [ 25.487915] ffff888102938a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.487915] ffff888102938b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.487915] ================================================================== [ 25.436456] ================================================================== [ 25.437150] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] Write of size 2 at addr ffff888102938877 by task kunit_try_catch/181 [ 25.437161] [ 25.437161] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.437161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.437161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.437161] Call Trace: [ 25.437161] <TASK> [ 25.437161] dump_stack_lvl+0x73/0xb0 [ 25.437161] print_report+0xd1/0x640 [ 25.437161] ? __virt_addr_valid+0x1db/0x2d0 [ 25.437161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.437161] kasan_report+0x102/0x140 [ 25.437161] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] kasan_check_range+0x10c/0x1c0 [ 25.437161] __asan_memset+0x27/0x50 [ 25.437161] kmalloc_oob_memset_2+0x167/0x330 [ 25.437161] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.437161] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.437161] kunit_try_run_case+0x1b3/0x490 [ 25.437161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.437161] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.437161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.437161] ? __kthread_parkme+0x82/0x160 [ 25.437161] ? preempt_count_sub+0x50/0x80 [ 25.437161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.437161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.437161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.437161] kthread+0x257/0x310 [ 25.437161] ? __pfx_kthread+0x10/0x10 [ 25.437161] ret_from_fork+0x41/0x80 [ 25.437161] ? __pfx_kthread+0x10/0x10 [ 25.437161] ret_from_fork_asm+0x1a/0x30 [ 25.437161] </TASK> [ 25.437161] [ 25.437161] Allocated by task 181: [ 25.437161] kasan_save_stack+0x3d/0x60 [ 25.437161] kasan_save_track+0x18/0x40 [ 25.437161] kasan_save_alloc_info+0x3b/0x50 [ 25.437161] __kasan_kmalloc+0xb7/0xc0 [ 25.437161] __kmalloc_cache_noprof+0x184/0x410 [ 25.437161] kmalloc_oob_memset_2+0xad/0x330 [ 25.437161] kunit_try_run_case+0x1b3/0x490 [ 25.437161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.437161] kthread+0x257/0x310 [ 25.437161] ret_from_fork+0x41/0x80 [ 25.437161] ret_from_fork_asm+0x1a/0x30 [ 25.437161] [ 25.437161] The buggy address belongs to the object at ffff888102938800 [ 25.437161] which belongs to the cache kmalloc-128 of size 128 [ 25.437161] The buggy address is located 119 bytes inside of [ 25.437161] allocated 120-byte region [ffff888102938800, ffff888102938878) [ 25.437161] [ 25.437161] The buggy address belongs to the physical page: [ 25.437161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 25.437161] flags: 0x200000000000000(node=0|zone=2) [ 25.437161] page_type: f5(slab) [ 25.437161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.437161] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.437161] page dumped because: kasan: bad access detected [ 25.437161] [ 25.437161] Memory state around the buggy address: [ 25.437161] ffff888102938700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.437161] ffff888102938780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.437161] >ffff888102938800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.437161] ^ [ 25.437161] ffff888102938880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.437161] ffff888102938900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.437161] ================================================================== [ 25.575357] ================================================================== [ 25.576161] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] Write of size 16 at addr ffff8881028e1069 by task kunit_try_catch/187 [ 25.576161] [ 25.576161] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.576161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.576161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.576161] Call Trace: [ 25.576161] <TASK> [ 25.576161] dump_stack_lvl+0x73/0xb0 [ 25.576161] print_report+0xd1/0x640 [ 25.576161] ? __virt_addr_valid+0x1db/0x2d0 [ 25.576161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.576161] kasan_report+0x102/0x140 [ 25.576161] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] kasan_check_range+0x10c/0x1c0 [ 25.576161] __asan_memset+0x27/0x50 [ 25.576161] kmalloc_oob_memset_16+0x167/0x330 [ 25.576161] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 25.576161] ? __schedule+0xc3e/0x2790 [ 25.576161] ? ktime_get_ts64+0x84/0x230 [ 25.576161] kunit_try_run_case+0x1b3/0x490 [ 25.576161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.576161] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.576161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.576161] ? __kthread_parkme+0x82/0x160 [ 25.576161] ? preempt_count_sub+0x50/0x80 [ 25.576161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.576161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.576161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.576161] kthread+0x257/0x310 [ 25.576161] ? __pfx_kthread+0x10/0x10 [ 25.576161] ret_from_fork+0x41/0x80 [ 25.576161] ? __pfx_kthread+0x10/0x10 [ 25.576161] ret_from_fork_asm+0x1a/0x30 [ 25.576161] </TASK> [ 25.576161] [ 25.576161] Allocated by task 187: [ 25.576161] kasan_save_stack+0x3d/0x60 [ 25.576161] kasan_save_track+0x18/0x40 [ 25.576161] kasan_save_alloc_info+0x3b/0x50 [ 25.576161] __kasan_kmalloc+0xb7/0xc0 [ 25.576161] __kmalloc_cache_noprof+0x184/0x410 [ 25.576161] kmalloc_oob_memset_16+0xad/0x330 [ 25.576161] kunit_try_run_case+0x1b3/0x490 [ 25.576161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.576161] kthread+0x257/0x310 [ 25.576161] ret_from_fork+0x41/0x80 [ 25.576161] ret_from_fork_asm+0x1a/0x30 [ 25.576161] [ 25.576161] The buggy address belongs to the object at ffff8881028e1000 [ 25.576161] which belongs to the cache kmalloc-128 of size 128 [ 25.576161] The buggy address is located 105 bytes inside of [ 25.576161] allocated 120-byte region [ffff8881028e1000, ffff8881028e1078) [ 25.576161] [ 25.576161] The buggy address belongs to the physical page: [ 25.576161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028e1 [ 25.576161] flags: 0x200000000000000(node=0|zone=2) [ 25.576161] page_type: f5(slab) [ 25.576161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.576161] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.576161] page dumped because: kasan: bad access detected [ 25.576161] [ 25.576161] Memory state around the buggy address: [ 25.576161] ffff8881028e0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] ffff8881028e0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] >ffff8881028e1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.576161] ^ [ 25.576161] ffff8881028e1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] ffff8881028e1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.576161] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 25.376604] ================================================================== [ 25.377210] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 25.377210] Write of size 128 at addr ffff888102938700 by task kunit_try_catch/179 [ 25.377210] [ 25.377210] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.377210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.377210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.377210] Call Trace: [ 25.377210] <TASK> [ 25.377210] dump_stack_lvl+0x73/0xb0 [ 25.377210] print_report+0xd1/0x640 [ 25.377210] ? __virt_addr_valid+0x1db/0x2d0 [ 25.377210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.377210] kasan_report+0x102/0x140 [ 25.377210] ? kmalloc_oob_in_memset+0x160/0x320 [ 25.377210] ? kmalloc_oob_in_memset+0x160/0x320 [ 25.377210] kasan_check_range+0x10c/0x1c0 [ 25.377210] __asan_memset+0x27/0x50 [ 25.377210] kmalloc_oob_in_memset+0x160/0x320 [ 25.377210] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 25.377210] ? __schedule+0xc3e/0x2790 [ 25.377210] ? ktime_get_ts64+0x84/0x230 [ 25.377210] kunit_try_run_case+0x1b3/0x490 [ 25.377210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.377210] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.377210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.377210] ? __kthread_parkme+0x82/0x160 [ 25.377210] ? preempt_count_sub+0x50/0x80 [ 25.377210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.377210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.377210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.377210] kthread+0x257/0x310 [ 25.377210] ? __pfx_kthread+0x10/0x10 [ 25.377210] ret_from_fork+0x41/0x80 [ 25.377210] ? __pfx_kthread+0x10/0x10 [ 25.377210] ret_from_fork_asm+0x1a/0x30 [ 25.377210] </TASK> [ 25.377210] [ 25.377210] Allocated by task 179: [ 25.377210] kasan_save_stack+0x3d/0x60 [ 25.377210] kasan_save_track+0x18/0x40 [ 25.377210] kasan_save_alloc_info+0x3b/0x50 [ 25.377210] __kasan_kmalloc+0xb7/0xc0 [ 25.377210] __kmalloc_cache_noprof+0x184/0x410 [ 25.377210] kmalloc_oob_in_memset+0xad/0x320 [ 25.377210] kunit_try_run_case+0x1b3/0x490 [ 25.377210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.377210] kthread+0x257/0x310 [ 25.377210] ret_from_fork+0x41/0x80 [ 25.377210] ret_from_fork_asm+0x1a/0x30 [ 25.377210] [ 25.377210] The buggy address belongs to the object at ffff888102938700 [ 25.377210] which belongs to the cache kmalloc-128 of size 128 [ 25.377210] The buggy address is located 0 bytes inside of [ 25.377210] allocated 120-byte region [ffff888102938700, ffff888102938778) [ 25.377210] [ 25.377210] The buggy address belongs to the physical page: [ 25.377210] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 25.377210] flags: 0x200000000000000(node=0|zone=2) [ 25.377210] page_type: f5(slab) [ 25.377210] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.377210] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.377210] page dumped because: kasan: bad access detected [ 25.377210] [ 25.377210] Memory state around the buggy address: [ 25.377210] ffff888102938600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.377210] ffff888102938680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.377210] >ffff888102938700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.377210] ^ [ 25.377210] ffff888102938780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.377210] ffff888102938800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.377210] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 25.317984] ================================================================== [ 25.318460] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 25.318460] Read of size 16 at addr ffff888101a468a0 by task kunit_try_catch/177 [ 25.318460] [ 25.318460] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.318460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.318460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.318460] Call Trace: [ 25.318460] <TASK> [ 25.318460] dump_stack_lvl+0x73/0xb0 [ 25.318460] print_report+0xd1/0x640 [ 25.318460] ? __virt_addr_valid+0x1db/0x2d0 [ 25.318460] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.318460] kasan_report+0x102/0x140 [ 25.318460] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.318460] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.318460] __asan_report_load16_noabort+0x18/0x20 [ 25.318460] kmalloc_uaf_16+0x47d/0x4c0 [ 25.318460] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 25.318460] ? __schedule+0xc3e/0x2790 [ 25.318460] ? ktime_get_ts64+0x84/0x230 [ 25.318460] kunit_try_run_case+0x1b3/0x490 [ 25.318460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.318460] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.318460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.318460] ? __kthread_parkme+0x82/0x160 [ 25.318460] ? preempt_count_sub+0x50/0x80 [ 25.318460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.318460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.318460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.318460] kthread+0x257/0x310 [ 25.318460] ? __pfx_kthread+0x10/0x10 [ 25.318460] ret_from_fork+0x41/0x80 [ 25.318460] ? __pfx_kthread+0x10/0x10 [ 25.318460] ret_from_fork_asm+0x1a/0x30 [ 25.318460] </TASK> [ 25.318460] [ 25.318460] Allocated by task 177: [ 25.318460] kasan_save_stack+0x3d/0x60 [ 25.318460] kasan_save_track+0x18/0x40 [ 25.318460] kasan_save_alloc_info+0x3b/0x50 [ 25.318460] __kasan_kmalloc+0xb7/0xc0 [ 25.318460] __kmalloc_cache_noprof+0x184/0x410 [ 25.318460] kmalloc_uaf_16+0x15c/0x4c0 [ 25.318460] kunit_try_run_case+0x1b3/0x490 [ 25.318460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.318460] kthread+0x257/0x310 [ 25.318460] ret_from_fork+0x41/0x80 [ 25.318460] ret_from_fork_asm+0x1a/0x30 [ 25.318460] [ 25.318460] Freed by task 177: [ 25.318460] kasan_save_stack+0x3d/0x60 [ 25.318460] kasan_save_track+0x18/0x40 [ 25.318460] kasan_save_free_info+0x3f/0x60 [ 25.318460] __kasan_slab_free+0x56/0x70 [ 25.318460] kfree+0x123/0x3f0 [ 25.318460] kmalloc_uaf_16+0x1d7/0x4c0 [ 25.318460] kunit_try_run_case+0x1b3/0x490 [ 25.318460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.318460] kthread+0x257/0x310 [ 25.318460] ret_from_fork+0x41/0x80 [ 25.318460] ret_from_fork_asm+0x1a/0x30 [ 25.318460] [ 25.318460] The buggy address belongs to the object at ffff888101a468a0 [ 25.318460] which belongs to the cache kmalloc-16 of size 16 [ 25.318460] The buggy address is located 0 bytes inside of [ 25.318460] freed 16-byte region [ffff888101a468a0, ffff888101a468b0) [ 25.318460] [ 25.318460] The buggy address belongs to the physical page: [ 25.318460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 25.318460] flags: 0x200000000000000(node=0|zone=2) [ 25.318460] page_type: f5(slab) [ 25.318460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.318460] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.318460] page dumped because: kasan: bad access detected [ 25.318460] [ 25.318460] Memory state around the buggy address: [ 25.318460] ffff888101a46780: 00 05 fc fc 00 05 fc fc 00 02 fc fc fa fb fc fc [ 25.318460] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 25.318460] >ffff888101a46880: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 25.318460] ^ [ 25.318460] ffff888101a46900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.318460] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.318460] ================================================================== [ 25.864291] ================================================================== [ 25.865156] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 25.865156] Read of size 1 at addr ffff88810293d128 by task kunit_try_catch/197 [ 25.865156] [ 25.865156] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.865156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.865156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.865156] Call Trace: [ 25.865156] <TASK> [ 25.865156] dump_stack_lvl+0x73/0xb0 [ 25.865156] print_report+0xd1/0x640 [ 25.865156] ? __virt_addr_valid+0x1db/0x2d0 [ 25.865156] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.865156] kasan_report+0x102/0x140 [ 25.865156] ? kmalloc_uaf2+0x4aa/0x520 [ 25.865156] ? kmalloc_uaf2+0x4aa/0x520 [ 25.865156] __asan_report_load1_noabort+0x18/0x20 [ 25.865156] kmalloc_uaf2+0x4aa/0x520 [ 25.865156] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 25.865156] ? __switch_to+0x5d9/0xf60 [ 25.865156] ? __schedule+0xc3e/0x2790 [ 25.865156] ? ktime_get_ts64+0x84/0x230 [ 25.865156] kunit_try_run_case+0x1b3/0x490 [ 25.865156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.865156] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.865156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.865156] ? __kthread_parkme+0x82/0x160 [ 25.865156] ? preempt_count_sub+0x50/0x80 [ 25.865156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.865156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.865156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.865156] kthread+0x257/0x310 [ 25.865156] ? __pfx_kthread+0x10/0x10 [ 25.865156] ret_from_fork+0x41/0x80 [ 25.865156] ? __pfx_kthread+0x10/0x10 [ 25.865156] ret_from_fork_asm+0x1a/0x30 [ 25.865156] </TASK> [ 25.865156] [ 25.865156] Allocated by task 197: [ 25.865156] kasan_save_stack+0x3d/0x60 [ 25.865156] kasan_save_track+0x18/0x40 [ 25.865156] kasan_save_alloc_info+0x3b/0x50 [ 25.865156] __kasan_kmalloc+0xb7/0xc0 [ 25.865156] __kmalloc_cache_noprof+0x184/0x410 [ 25.865156] kmalloc_uaf2+0xc7/0x520 [ 25.865156] kunit_try_run_case+0x1b3/0x490 [ 25.865156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.865156] kthread+0x257/0x310 [ 25.865156] ret_from_fork+0x41/0x80 [ 25.865156] ret_from_fork_asm+0x1a/0x30 [ 25.865156] [ 25.865156] Freed by task 197: [ 25.865156] kasan_save_stack+0x3d/0x60 [ 25.865156] kasan_save_track+0x18/0x40 [ 25.865156] kasan_save_free_info+0x3f/0x60 [ 25.865156] __kasan_slab_free+0x56/0x70 [ 25.865156] kfree+0x123/0x3f0 [ 25.865156] kmalloc_uaf2+0x14d/0x520 [ 25.865156] kunit_try_run_case+0x1b3/0x490 [ 25.865156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.865156] kthread+0x257/0x310 [ 25.865156] ret_from_fork+0x41/0x80 [ 25.865156] ret_from_fork_asm+0x1a/0x30 [ 25.865156] [ 25.865156] The buggy address belongs to the object at ffff88810293d100 [ 25.865156] which belongs to the cache kmalloc-64 of size 64 [ 25.865156] The buggy address is located 40 bytes inside of [ 25.865156] freed 64-byte region [ffff88810293d100, ffff88810293d140) [ 25.865156] [ 25.865156] The buggy address belongs to the physical page: [ 25.865156] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10293d [ 25.865156] flags: 0x200000000000000(node=0|zone=2) [ 25.865156] page_type: f5(slab) [ 25.865156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.865156] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.865156] page dumped because: kasan: bad access detected [ 25.865156] [ 25.865156] Memory state around the buggy address: [ 25.865156] ffff88810293d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.865156] ffff88810293d080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.865156] >ffff88810293d100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.865156] ^ [ 25.865156] ffff88810293d180: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 25.865156] ffff88810293d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.865156] ================================================================== [ 25.741635] ================================================================== [ 25.742294] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 25.742294] Read of size 1 at addr ffff888101a468c8 by task kunit_try_catch/193 [ 25.742294] [ 25.742294] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.742294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.742294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.742294] Call Trace: [ 25.742294] <TASK> [ 25.742294] dump_stack_lvl+0x73/0xb0 [ 25.742294] print_report+0xd1/0x640 [ 25.742294] ? __virt_addr_valid+0x1db/0x2d0 [ 25.742294] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.742294] kasan_report+0x102/0x140 [ 25.742294] ? kmalloc_uaf+0x322/0x380 [ 25.742294] ? kmalloc_uaf+0x322/0x380 [ 25.742294] __asan_report_load1_noabort+0x18/0x20 [ 25.742294] kmalloc_uaf+0x322/0x380 [ 25.742294] ? __pfx_kmalloc_uaf+0x10/0x10 [ 25.742294] ? __pfx_kmalloc_uaf+0x10/0x10 [ 25.742294] kunit_try_run_case+0x1b3/0x490 [ 25.742294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.742294] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.742294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.742294] ? __kthread_parkme+0x82/0x160 [ 25.742294] ? preempt_count_sub+0x50/0x80 [ 25.742294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.742294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.742294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.742294] kthread+0x257/0x310 [ 25.742294] ? __pfx_kthread+0x10/0x10 [ 25.742294] ret_from_fork+0x41/0x80 [ 25.742294] ? __pfx_kthread+0x10/0x10 [ 25.742294] ret_from_fork_asm+0x1a/0x30 [ 25.742294] </TASK> [ 25.742294] [ 25.742294] Allocated by task 193: [ 25.742294] kasan_save_stack+0x3d/0x60 [ 25.742294] kasan_save_track+0x18/0x40 [ 25.742294] kasan_save_alloc_info+0x3b/0x50 [ 25.742294] __kasan_kmalloc+0xb7/0xc0 [ 25.742294] __kmalloc_cache_noprof+0x184/0x410 [ 25.742294] kmalloc_uaf+0xab/0x380 [ 25.742294] kunit_try_run_case+0x1b3/0x490 [ 25.742294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.742294] kthread+0x257/0x310 [ 25.742294] ret_from_fork+0x41/0x80 [ 25.742294] ret_from_fork_asm+0x1a/0x30 [ 25.742294] [ 25.742294] Freed by task 193: [ 25.742294] kasan_save_stack+0x3d/0x60 [ 25.742294] kasan_save_track+0x18/0x40 [ 25.742294] kasan_save_free_info+0x3f/0x60 [ 25.742294] __kasan_slab_free+0x56/0x70 [ 25.742294] kfree+0x123/0x3f0 [ 25.742294] kmalloc_uaf+0x12d/0x380 [ 25.742294] kunit_try_run_case+0x1b3/0x490 [ 25.742294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.742294] kthread+0x257/0x310 [ 25.742294] ret_from_fork+0x41/0x80 [ 25.742294] ret_from_fork_asm+0x1a/0x30 [ 25.742294] [ 25.742294] The buggy address belongs to the object at ffff888101a468c0 [ 25.742294] which belongs to the cache kmalloc-16 of size 16 [ 25.742294] The buggy address is located 8 bytes inside of [ 25.742294] freed 16-byte region [ffff888101a468c0, ffff888101a468d0) [ 25.742294] [ 25.742294] The buggy address belongs to the physical page: [ 25.742294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 25.742294] flags: 0x200000000000000(node=0|zone=2) [ 25.742294] page_type: f5(slab) [ 25.742294] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.742294] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.742294] page dumped because: kasan: bad access detected [ 25.742294] [ 25.742294] Memory state around the buggy address: [ 25.742294] ffff888101a46780: 00 05 fc fc 00 05 fc fc 00 02 fc fc fa fb fc fc [ 25.742294] ffff888101a46800: 00 05 fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 25.742294] >ffff888101a46880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 25.742294] ^ [ 25.742294] ffff888101a46900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.742294] ffff888101a46980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.742294] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 25.209566] ================================================================== [ 25.210262] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 25.210262] Read of size 1 at addr ffff888100aa9c00 by task kunit_try_catch/173 [ 25.210262] [ 25.210262] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.210262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.210262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.210262] Call Trace: [ 25.210262] <TASK> [ 25.210262] dump_stack_lvl+0x73/0xb0 [ 25.210262] print_report+0xd1/0x640 [ 25.210262] ? __virt_addr_valid+0x1db/0x2d0 [ 25.210262] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.210262] kasan_report+0x102/0x140 [ 25.210262] ? krealloc_uaf+0x53e/0x5e0 [ 25.210262] ? krealloc_uaf+0x53e/0x5e0 [ 25.210262] __asan_report_load1_noabort+0x18/0x20 [ 25.210262] krealloc_uaf+0x53e/0x5e0 [ 25.210262] ? __pfx_read_hpet+0x10/0x10 [ 25.210262] ? __pfx_krealloc_uaf+0x10/0x10 [ 25.210262] ? __switch_to+0x5d9/0xf60 [ 25.210262] ? __schedule+0xc3e/0x2790 [ 25.210262] ? ktime_get_ts64+0x84/0x230 [ 25.210262] kunit_try_run_case+0x1b3/0x490 [ 25.210262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.210262] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.210262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.210262] ? __kthread_parkme+0x82/0x160 [ 25.210262] ? preempt_count_sub+0x50/0x80 [ 25.210262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.210262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.210262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.210262] kthread+0x257/0x310 [ 25.210262] ? __pfx_kthread+0x10/0x10 [ 25.210262] ret_from_fork+0x41/0x80 [ 25.210262] ? __pfx_kthread+0x10/0x10 [ 25.210262] ret_from_fork_asm+0x1a/0x30 [ 25.210262] </TASK> [ 25.210262] [ 25.210262] Allocated by task 173: [ 25.210262] kasan_save_stack+0x3d/0x60 [ 25.210262] kasan_save_track+0x18/0x40 [ 25.210262] kasan_save_alloc_info+0x3b/0x50 [ 25.210262] __kasan_kmalloc+0xb7/0xc0 [ 25.210262] __kmalloc_cache_noprof+0x184/0x410 [ 25.210262] krealloc_uaf+0xbc/0x5e0 [ 25.210262] kunit_try_run_case+0x1b3/0x490 [ 25.210262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.210262] kthread+0x257/0x310 [ 25.210262] ret_from_fork+0x41/0x80 [ 25.210262] ret_from_fork_asm+0x1a/0x30 [ 25.210262] [ 25.210262] Freed by task 173: [ 25.210262] kasan_save_stack+0x3d/0x60 [ 25.210262] kasan_save_track+0x18/0x40 [ 25.210262] kasan_save_free_info+0x3f/0x60 [ 25.210262] __kasan_slab_free+0x56/0x70 [ 25.210262] kfree+0x123/0x3f0 [ 25.210262] krealloc_uaf+0x13e/0x5e0 [ 25.210262] kunit_try_run_case+0x1b3/0x490 [ 25.210262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.210262] kthread+0x257/0x310 [ 25.210262] ret_from_fork+0x41/0x80 [ 25.210262] ret_from_fork_asm+0x1a/0x30 [ 25.210262] [ 25.210262] The buggy address belongs to the object at ffff888100aa9c00 [ 25.210262] which belongs to the cache kmalloc-256 of size 256 [ 25.210262] The buggy address is located 0 bytes inside of [ 25.210262] freed 256-byte region [ffff888100aa9c00, ffff888100aa9d00) [ 25.210262] [ 25.210262] The buggy address belongs to the physical page: [ 25.210262] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa8 [ 25.210262] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.210262] flags: 0x200000000000040(head|node=0|zone=2) [ 25.210262] page_type: f5(slab) [ 25.210262] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.210262] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.210262] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.210262] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.210262] head: 0200000000000001 ffffea000402aa01 ffffffffffffffff 0000000000000000 [ 25.210262] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.210262] page dumped because: kasan: bad access detected [ 25.210262] [ 25.210262] Memory state around the buggy address: [ 25.210262] ffff888100aa9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.210262] ffff888100aa9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.210262] >ffff888100aa9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.210262] ^ [ 25.210262] ffff888100aa9c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.210262] ffff888100aa9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.210262] ================================================================== [ 25.156429] ================================================================== [ 25.157007] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 25.157007] Read of size 1 at addr ffff888100aa9c00 by task kunit_try_catch/173 [ 25.157007] [ 25.157007] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.157007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.157007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.157007] Call Trace: [ 25.157007] <TASK> [ 25.157007] dump_stack_lvl+0x73/0xb0 [ 25.157007] print_report+0xd1/0x640 [ 25.157007] ? __virt_addr_valid+0x1db/0x2d0 [ 25.157007] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.157007] kasan_report+0x102/0x140 [ 25.157007] ? krealloc_uaf+0x1b9/0x5e0 [ 25.157007] ? krealloc_uaf+0x1b9/0x5e0 [ 25.157007] ? krealloc_uaf+0x1b9/0x5e0 [ 25.157007] __kasan_check_byte+0x3d/0x50 [ 25.157007] krealloc_noprof+0x3f/0x340 [ 25.157007] krealloc_uaf+0x1b9/0x5e0 [ 25.157007] ? __pfx_read_hpet+0x10/0x10 [ 25.157007] ? __pfx_krealloc_uaf+0x10/0x10 [ 25.157007] ? __switch_to+0x5d9/0xf60 [ 25.157007] ? __schedule+0xc3e/0x2790 [ 25.157007] ? ktime_get_ts64+0x84/0x230 [ 25.157007] kunit_try_run_case+0x1b3/0x490 [ 25.157007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.157007] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.157007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.157007] ? __kthread_parkme+0x82/0x160 [ 25.157007] ? preempt_count_sub+0x50/0x80 [ 25.157007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.157007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.157007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.157007] kthread+0x257/0x310 [ 25.157007] ? __pfx_kthread+0x10/0x10 [ 25.157007] ret_from_fork+0x41/0x80 [ 25.157007] ? __pfx_kthread+0x10/0x10 [ 25.157007] ret_from_fork_asm+0x1a/0x30 [ 25.157007] </TASK> [ 25.157007] [ 25.157007] Allocated by task 173: [ 25.157007] kasan_save_stack+0x3d/0x60 [ 25.157007] kasan_save_track+0x18/0x40 [ 25.157007] kasan_save_alloc_info+0x3b/0x50 [ 25.157007] __kasan_kmalloc+0xb7/0xc0 [ 25.157007] __kmalloc_cache_noprof+0x184/0x410 [ 25.157007] krealloc_uaf+0xbc/0x5e0 [ 25.157007] kunit_try_run_case+0x1b3/0x490 [ 25.157007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.157007] kthread+0x257/0x310 [ 25.157007] ret_from_fork+0x41/0x80 [ 25.157007] ret_from_fork_asm+0x1a/0x30 [ 25.157007] [ 25.157007] Freed by task 173: [ 25.157007] kasan_save_stack+0x3d/0x60 [ 25.157007] kasan_save_track+0x18/0x40 [ 25.157007] kasan_save_free_info+0x3f/0x60 [ 25.157007] __kasan_slab_free+0x56/0x70 [ 25.157007] kfree+0x123/0x3f0 [ 25.157007] krealloc_uaf+0x13e/0x5e0 [ 25.157007] kunit_try_run_case+0x1b3/0x490 [ 25.157007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.157007] kthread+0x257/0x310 [ 25.157007] ret_from_fork+0x41/0x80 [ 25.157007] ret_from_fork_asm+0x1a/0x30 [ 25.157007] [ 25.157007] The buggy address belongs to the object at ffff888100aa9c00 [ 25.157007] which belongs to the cache kmalloc-256 of size 256 [ 25.157007] The buggy address is located 0 bytes inside of [ 25.157007] freed 256-byte region [ffff888100aa9c00, ffff888100aa9d00) [ 25.157007] [ 25.157007] The buggy address belongs to the physical page: [ 25.157007] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa8 [ 25.157007] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.157007] flags: 0x200000000000040(head|node=0|zone=2) [ 25.157007] page_type: f5(slab) [ 25.157007] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.157007] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.157007] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.157007] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.157007] head: 0200000000000001 ffffea000402aa01 ffffffffffffffff 0000000000000000 [ 25.157007] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.157007] page dumped because: kasan: bad access detected [ 25.157007] [ 25.157007] Memory state around the buggy address: [ 25.157007] ffff888100aa9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.157007] ffff888100aa9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.157007] >ffff888100aa9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.157007] ^ [ 25.157007] ffff888100aa9c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.157007] ffff888100aa9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.157007] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 25.107157] ================================================================== [ 25.107991] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 25.107991] Write of size 1 at addr ffff888102b120eb by task kunit_try_catch/171 [ 25.107991] [ 25.107991] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.107991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.107991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.107991] Call Trace: [ 25.107991] <TASK> [ 25.107991] dump_stack_lvl+0x73/0xb0 [ 25.107991] print_report+0xd1/0x640 [ 25.107991] ? __virt_addr_valid+0x1db/0x2d0 [ 25.107991] ? kasan_addr_to_slab+0x11/0xa0 [ 25.107991] kasan_report+0x102/0x140 [ 25.107991] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 25.107991] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 25.107991] __asan_report_store1_noabort+0x1b/0x30 [ 25.107991] krealloc_less_oob_helper+0xd49/0x11d0 [ 25.107991] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.107991] ? __switch_to+0x5d9/0xf60 [ 25.107991] ? __schedule+0xc3e/0x2790 [ 25.107991] krealloc_large_less_oob+0x1c/0x30 [ 25.107991] kunit_try_run_case+0x1b3/0x490 [ 25.107991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.107991] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.107991] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.107991] ? __kthread_parkme+0x82/0x160 [ 25.107991] ? preempt_count_sub+0x50/0x80 [ 25.107991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.107991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.107991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.107991] kthread+0x257/0x310 [ 25.107991] ? __pfx_kthread+0x10/0x10 [ 25.107991] ret_from_fork+0x41/0x80 [ 25.107991] ? __pfx_kthread+0x10/0x10 [ 25.107991] ret_from_fork_asm+0x1a/0x30 [ 25.107991] </TASK> [ 25.107991] [ 25.107991] The buggy address belongs to the physical page: [ 25.107991] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 25.107991] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.107991] flags: 0x200000000000040(head|node=0|zone=2) [ 25.107991] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.107991] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.107991] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.107991] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.107991] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 25.107991] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.107991] page dumped because: kasan: bad access detected [ 25.107991] [ 25.107991] Memory state around the buggy address: [ 25.107991] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.107991] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.107991] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.107991] ^ [ 25.107991] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.107991] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.107991] ================================================================== [ 24.761503] ================================================================== [ 24.762215] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 24.763090] Write of size 1 at addr ffff888100aa9aeb by task kunit_try_catch/165 [ 24.763465] [ 24.763636] TSC found unstable after boot, most likely due to broken BIOS. Use 'tsc=unstable'. [ 24.763639] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.763773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.763813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.763872] Call Trace: [ 24.763925] <TASK> [ 24.763976] dump_stack_lvl+0x73/0xb0 [ 24.764071] print_report+0xd1/0x640 [ 24.764147] ? __virt_addr_valid+0x1db/0x2d0 [ 24.764230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.764315] kasan_report+0x102/0x140 [ 24.764417] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.764504] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.764597] __asan_report_store1_noabort+0x1b/0x30 [ 24.764673] krealloc_less_oob_helper+0xd49/0x11d0 [ 24.764792] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.764875] ? finish_task_switch.isra.0+0x153/0x700 [ 24.764985] ? __switch_to+0x5d9/0xf60 [ 24.765078] ? __schedule+0xc3e/0x2790 [ 24.767192] ? __pfx_read_tsc+0x10/0x10 [ 24.767296] krealloc_less_oob+0x1c/0x30 [ 24.767366] kunit_try_run_case+0x1b3/0x490 [ 24.767436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.767500] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.767565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.767630] ? __kthread_parkme+0x82/0x160 [ 24.767745] ? preempt_count_sub+0x50/0x80 [ 24.768486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.770557] sched_clock: Marking unstable (24632152235, 131065939)<-(24918734144, -155476693) [ 24.772272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.772386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.772462] kthread+0x257/0x310 [ 24.773192] ? __pfx_kthread+0x10/0x10 [ 24.773260] ret_from_fork+0x41/0x80 [ 24.764218] ? __pfx_kthread+0x10/0x10 [ 24.764218] ret_from_fork_asm+0x1a/0x30 [ 24.764218] </TASK> [ 24.764218] [ 24.764218] Allocated by task 165: [ 24.764218] kasan_save_stack+0x3d/0x60 [ 24.764218] kasan_save_track+0x18/0x40 [ 24.764218] kasan_save_alloc_info+0x3b/0x50 [ 24.764218] __kasan_krealloc+0x190/0x1f0 [ 24.764218] krealloc_noprof+0xf3/0x340 [ 24.764218] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.764218] krealloc_less_oob+0x1c/0x30 [ 24.764218] kunit_try_run_case+0x1b3/0x490 [ 24.764218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.764218] kthread+0x257/0x310 [ 24.764218] ret_from_fork+0x41/0x80 [ 24.764218] ret_from_fork_asm+0x1a/0x30 [ 24.764218] [ 24.764218] The buggy address belongs to the object at ffff888100aa9a00 [ 24.764218] which belongs to the cache kmalloc-256 of size 256 [ 24.764218] The buggy address is located 34 bytes to the right of [ 24.764218] allocated 201-byte region [ffff888100aa9a00, ffff888100aa9ac9) [ 24.764218] [ 24.764218] The buggy address belongs to the physical page: [ 24.764218] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa8 [ 24.764218] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.764218] flags: 0x200000000000040(head|node=0|zone=2) [ 24.764218] page_type: f5(slab) [ 24.764218] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.764218] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.764218] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.764218] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.764218] head: 0200000000000001 ffffea000402aa01 ffffffffffffffff 0000000000000000 [ 24.764218] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.764218] page dumped because: kasan: bad access detected [ 24.764218] [ 24.764218] Memory state around the buggy address: [ 24.764218] ffff888100aa9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.764218] ffff888100aa9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.764218] >ffff888100aa9a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.764218] ^ [ 24.764218] ffff888100aa9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.764218] ffff888100aa9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.764218] ================================================================== [ 24.573240] ================================================================== [ 24.574527] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 24.575272] Write of size 1 at addr ffff888100aa9ad0 by task kunit_try_catch/165 [ 24.575835] [ 24.576049] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.578040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.578427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.579505] Call Trace: [ 24.579828] <TASK> [ 24.580025] dump_stack_lvl+0x73/0xb0 [ 24.580555] print_report+0xd1/0x640 [ 24.581569] ? __virt_addr_valid+0x1db/0x2d0 [ 24.582113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.582523] kasan_report+0x102/0x140 [ 24.583401] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.583902] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.584627] __asan_report_store1_noabort+0x1b/0x30 [ 24.585153] krealloc_less_oob_helper+0xe25/0x11d0 [ 24.585580] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.586115] ? finish_task_switch.isra.0+0x153/0x700 [ 24.586606] ? __switch_to+0x5d9/0xf60 [ 24.587732] ? __schedule+0xc3e/0x2790 [ 24.588283] ? __pfx_read_tsc+0x10/0x10 [ 24.588788] krealloc_less_oob+0x1c/0x30 [ 24.589260] kunit_try_run_case+0x1b3/0x490 [ 24.589801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.590637] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.591827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.592422] ? __kthread_parkme+0x82/0x160 [ 24.592940] ? preempt_count_sub+0x50/0x80 [ 24.593420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.594055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.594885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.595960] kthread+0x257/0x310 [ 24.596397] ? __pfx_kthread+0x10/0x10 [ 24.597251] ret_from_fork+0x41/0x80 [ 24.597635] ? __pfx_kthread+0x10/0x10 [ 24.598036] ret_from_fork_asm+0x1a/0x30 [ 24.598807] </TASK> [ 24.599653] [ 24.599949] Allocated by task 165: [ 24.600370] kasan_save_stack+0x3d/0x60 [ 24.601020] kasan_save_track+0x18/0x40 [ 24.601515] kasan_save_alloc_info+0x3b/0x50 [ 24.601907] __kasan_krealloc+0x190/0x1f0 [ 24.602561] krealloc_noprof+0xf3/0x340 [ 24.603000] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.603336] krealloc_less_oob+0x1c/0x30 [ 24.604189] kunit_try_run_case+0x1b3/0x490 [ 24.604545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.605076] kthread+0x257/0x310 [ 24.605461] ret_from_fork+0x41/0x80 [ 24.606440] ret_from_fork_asm+0x1a/0x30 [ 24.606850] [ 24.607222] The buggy address belongs to the object at ffff888100aa9a00 [ 24.607222] which belongs to the cache kmalloc-256 of size 256 [ 24.608386] The buggy address is located 7 bytes to the right of [ 24.608386] allocated 201-byte region [ffff888100aa9a00, ffff888100aa9ac9) [ 24.610051] [ 24.610477] The buggy address belongs to the physical page: [ 24.611024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa8 [ 24.611626] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.612559] flags: 0x200000000000040(head|node=0|zone=2) [ 24.613720] page_type: f5(slab) [ 24.614086] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.614781] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.615252] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.616264] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.617005] head: 0200000000000001 ffffea000402aa01 ffffffffffffffff 0000000000000000 [ 24.618362] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.619017] page dumped because: kasan: bad access detected [ 24.619799] [ 24.620008] Memory state around the buggy address: [ 24.620632] ffff888100aa9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.621952] ffff888100aa9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.622458] >ffff888100aa9a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.623042] ^ [ 24.623556] ffff888100aa9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.624447] ffff888100aa9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.624941] ================================================================== [ 24.942742] ================================================================== [ 24.943528] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 24.943528] Write of size 1 at addr ffff888102b120c9 by task kunit_try_catch/171 [ 24.943528] [ 24.943528] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.943528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.943528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.943528] Call Trace: [ 24.943528] <TASK> [ 24.943528] dump_stack_lvl+0x73/0xb0 [ 24.943528] print_report+0xd1/0x640 [ 24.943528] ? __virt_addr_valid+0x1db/0x2d0 [ 24.943528] ? kasan_addr_to_slab+0x11/0xa0 [ 24.943528] kasan_report+0x102/0x140 [ 24.943528] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.943528] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.943528] __asan_report_store1_noabort+0x1b/0x30 [ 24.943528] krealloc_less_oob_helper+0xd72/0x11d0 [ 24.943528] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.943528] ? __switch_to+0x5d9/0xf60 [ 24.943528] ? __schedule+0xc3e/0x2790 [ 24.943528] krealloc_large_less_oob+0x1c/0x30 [ 24.943528] kunit_try_run_case+0x1b3/0x490 [ 24.943528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.943528] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.943528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.943528] ? __kthread_parkme+0x82/0x160 [ 24.943528] ? preempt_count_sub+0x50/0x80 [ 24.943528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.943528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.943528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.943528] kthread+0x257/0x310 [ 24.943528] ? __pfx_kthread+0x10/0x10 [ 24.943528] ret_from_fork+0x41/0x80 [ 24.943528] ? __pfx_kthread+0x10/0x10 [ 24.943528] ret_from_fork_asm+0x1a/0x30 [ 24.943528] </TASK> [ 24.943528] [ 24.943528] The buggy address belongs to the physical page: [ 24.943528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 24.943528] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.943528] flags: 0x200000000000040(head|node=0|zone=2) [ 24.943528] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.943528] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.943528] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.943528] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.943528] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 24.943528] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.943528] page dumped because: kasan: bad access detected [ 24.943528] [ 24.943528] Memory state around the buggy address: [ 24.943528] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.943528] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.943528] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.943528] ^ [ 24.943528] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.943528] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.943528] ================================================================== [ 25.028928] ================================================================== [ 25.029771] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 25.029771] Write of size 1 at addr ffff888102b120da by task kunit_try_catch/171 [ 25.029771] [ 25.029771] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.029771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.029771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.029771] Call Trace: [ 25.029771] <TASK> [ 25.029771] dump_stack_lvl+0x73/0xb0 [ 25.029771] print_report+0xd1/0x640 [ 25.029771] ? __virt_addr_valid+0x1db/0x2d0 [ 25.029771] ? kasan_addr_to_slab+0x11/0xa0 [ 25.029771] kasan_report+0x102/0x140 [ 25.029771] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 25.029771] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 25.029771] __asan_report_store1_noabort+0x1b/0x30 [ 25.029771] krealloc_less_oob_helper+0xec8/0x11d0 [ 25.029771] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.029771] ? __switch_to+0x5d9/0xf60 [ 25.029771] ? __schedule+0xc3e/0x2790 [ 25.029771] krealloc_large_less_oob+0x1c/0x30 [ 25.029771] kunit_try_run_case+0x1b3/0x490 [ 25.029771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.029771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.029771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.029771] ? __kthread_parkme+0x82/0x160 [ 25.029771] ? preempt_count_sub+0x50/0x80 [ 25.029771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.029771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.029771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.029771] kthread+0x257/0x310 [ 25.029771] ? __pfx_kthread+0x10/0x10 [ 25.029771] ret_from_fork+0x41/0x80 [ 25.029771] ? __pfx_kthread+0x10/0x10 [ 25.029771] ret_from_fork_asm+0x1a/0x30 [ 25.029771] </TASK> [ 25.029771] [ 25.029771] The buggy address belongs to the physical page: [ 25.029771] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 25.029771] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.029771] flags: 0x200000000000040(head|node=0|zone=2) [ 25.029771] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.029771] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.029771] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.029771] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.029771] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 25.029771] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.029771] page dumped because: kasan: bad access detected [ 25.029771] [ 25.029771] Memory state around the buggy address: [ 25.029771] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.029771] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.029771] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.029771] ^ [ 25.029771] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.029771] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.029771] ================================================================== [ 25.066775] ================================================================== [ 25.067294] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 25.067495] Write of size 1 at addr ffff888102b120ea by task kunit_try_catch/171 [ 25.067495] [ 25.067495] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 25.067495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.067495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.067495] Call Trace: [ 25.067495] <TASK> [ 25.067495] dump_stack_lvl+0x73/0xb0 [ 25.067495] print_report+0xd1/0x640 [ 25.067495] ? __virt_addr_valid+0x1db/0x2d0 [ 25.067495] ? kasan_addr_to_slab+0x11/0xa0 [ 25.067495] kasan_report+0x102/0x140 [ 25.067495] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 25.067495] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 25.067495] __asan_report_store1_noabort+0x1b/0x30 [ 25.067495] krealloc_less_oob_helper+0xe92/0x11d0 [ 25.067495] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.067495] ? __switch_to+0x5d9/0xf60 [ 25.067495] ? __schedule+0xc3e/0x2790 [ 25.067495] krealloc_large_less_oob+0x1c/0x30 [ 25.067495] kunit_try_run_case+0x1b3/0x490 [ 25.067495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.067495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.067495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.067495] ? __kthread_parkme+0x82/0x160 [ 25.067495] ? preempt_count_sub+0x50/0x80 [ 25.067495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.067495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.067495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.067495] kthread+0x257/0x310 [ 25.067495] ? __pfx_kthread+0x10/0x10 [ 25.067495] ret_from_fork+0x41/0x80 [ 25.067495] ? __pfx_kthread+0x10/0x10 [ 25.067495] ret_from_fork_asm+0x1a/0x30 [ 25.067495] </TASK> [ 25.067495] [ 25.067495] The buggy address belongs to the physical page: [ 25.067495] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 25.067495] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.067495] flags: 0x200000000000040(head|node=0|zone=2) [ 25.067495] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.067495] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.067495] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.067495] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.067495] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 25.067495] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.067495] page dumped because: kasan: bad access detected [ 25.067495] [ 25.067495] Memory state around the buggy address: [ 25.067495] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.067495] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.067495] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.067495] ^ [ 25.067495] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.067495] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.067495] ================================================================== [ 24.986650] ================================================================== [ 24.987292] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 24.987292] Write of size 1 at addr ffff888102b120d0 by task kunit_try_catch/171 [ 24.987292] [ 24.987292] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.987292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.987292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.987292] Call Trace: [ 24.987292] <TASK> [ 24.987292] dump_stack_lvl+0x73/0xb0 [ 24.987292] print_report+0xd1/0x640 [ 24.987292] ? __virt_addr_valid+0x1db/0x2d0 [ 24.987292] ? kasan_addr_to_slab+0x11/0xa0 [ 24.987292] kasan_report+0x102/0x140 [ 24.987292] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.987292] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.987292] __asan_report_store1_noabort+0x1b/0x30 [ 24.987292] krealloc_less_oob_helper+0xe25/0x11d0 [ 24.987292] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.987292] ? __switch_to+0x5d9/0xf60 [ 24.987292] ? __schedule+0xc3e/0x2790 [ 24.987292] krealloc_large_less_oob+0x1c/0x30 [ 24.987292] kunit_try_run_case+0x1b3/0x490 [ 24.987292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.987292] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.987292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.987292] ? __kthread_parkme+0x82/0x160 [ 24.987292] ? preempt_count_sub+0x50/0x80 [ 24.987292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.987292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.987292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.987292] kthread+0x257/0x310 [ 24.987292] ? __pfx_kthread+0x10/0x10 [ 24.987292] ret_from_fork+0x41/0x80 [ 24.987292] ? __pfx_kthread+0x10/0x10 [ 24.987292] ret_from_fork_asm+0x1a/0x30 [ 24.987292] </TASK> [ 24.987292] [ 24.987292] The buggy address belongs to the physical page: [ 24.987292] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 24.987292] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.987292] flags: 0x200000000000040(head|node=0|zone=2) [ 24.987292] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.987292] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.987292] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.987292] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.987292] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 24.987292] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.987292] page dumped because: kasan: bad access detected [ 24.987292] [ 24.987292] Memory state around the buggy address: [ 24.987292] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.987292] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.987292] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.987292] ^ [ 24.987292] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.987292] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.987292] ================================================================== [ 24.513382] ================================================================== [ 24.514355] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 24.515193] Write of size 1 at addr ffff888100aa9ac9 by task kunit_try_catch/165 [ 24.516747] [ 24.517527] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.518089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.519005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.520136] Call Trace: [ 24.520822] <TASK> [ 24.521589] dump_stack_lvl+0x73/0xb0 [ 24.522671] print_report+0xd1/0x640 [ 24.523073] ? __virt_addr_valid+0x1db/0x2d0 [ 24.523785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.524557] kasan_report+0x102/0x140 [ 24.524880] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.525564] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.526472] __asan_report_store1_noabort+0x1b/0x30 [ 24.526966] krealloc_less_oob_helper+0xd72/0x11d0 [ 24.527402] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.528384] ? finish_task_switch.isra.0+0x153/0x700 [ 24.528833] ? __switch_to+0x5d9/0xf60 [ 24.529533] ? __schedule+0xc3e/0x2790 [ 24.530554] ? __pfx_read_tsc+0x10/0x10 [ 24.531097] krealloc_less_oob+0x1c/0x30 [ 24.531844] kunit_try_run_case+0x1b3/0x490 [ 24.532321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.533379] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.534209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.535080] ? __kthread_parkme+0x82/0x160 [ 24.535758] ? preempt_count_sub+0x50/0x80 [ 24.536450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.536662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.537950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.538532] kthread+0x257/0x310 [ 24.538787] ? __pfx_kthread+0x10/0x10 [ 24.539159] ret_from_fork+0x41/0x80 [ 24.539547] ? __pfx_kthread+0x10/0x10 [ 24.539865] ret_from_fork_asm+0x1a/0x30 [ 24.540198] </TASK> [ 24.540387] [ 24.540914] Allocated by task 165: [ 24.541507] kasan_save_stack+0x3d/0x60 [ 24.541894] kasan_save_track+0x18/0x40 [ 24.542903] kasan_save_alloc_info+0x3b/0x50 [ 24.543622] __kasan_krealloc+0x190/0x1f0 [ 24.543943] krealloc_noprof+0xf3/0x340 [ 24.544734] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.545396] krealloc_less_oob+0x1c/0x30 [ 24.545851] kunit_try_run_case+0x1b3/0x490 [ 24.546022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.547095] kthread+0x257/0x310 [ 24.547499] ret_from_fork+0x41/0x80 [ 24.548136] ret_from_fork_asm+0x1a/0x30 [ 24.548833] [ 24.549381] The buggy address belongs to the object at ffff888100aa9a00 [ 24.549381] which belongs to the cache kmalloc-256 of size 256 [ 24.551020] The buggy address is located 0 bytes to the right of [ 24.551020] allocated 201-byte region [ffff888100aa9a00, ffff888100aa9ac9) [ 24.551821] [ 24.552061] The buggy address belongs to the physical page: [ 24.552526] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa8 [ 24.553397] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.554440] flags: 0x200000000000040(head|node=0|zone=2) [ 24.555407] page_type: f5(slab) [ 24.555825] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.556781] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.557571] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.558300] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.560054] head: 0200000000000001 ffffea000402aa01 ffffffffffffffff 0000000000000000 [ 24.560438] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.561272] page dumped because: kasan: bad access detected [ 24.562428] [ 24.562587] Memory state around the buggy address: [ 24.562876] ffff888100aa9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.563948] ffff888100aa9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.565737] >ffff888100aa9a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.566244] ^ [ 24.566781] ffff888100aa9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.568566] ffff888100aa9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.569122] ================================================================== [ 24.626928] ================================================================== [ 24.627620] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 24.628533] Write of size 1 at addr ffff888100aa9ada by task kunit_try_catch/165 [ 24.629634] [ 24.629934] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.630588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.631414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.632129] Call Trace: [ 24.632452] <TASK> [ 24.632774] dump_stack_lvl+0x73/0xb0 [ 24.633152] print_report+0xd1/0x640 [ 24.633446] ? __virt_addr_valid+0x1db/0x2d0 [ 24.636043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.636613] kasan_report+0x102/0x140 [ 24.638777] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.639387] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.639912] __asan_report_store1_noabort+0x1b/0x30 [ 24.640521] krealloc_less_oob_helper+0xec8/0x11d0 [ 24.641860] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.642956] ? finish_task_switch.isra.0+0x153/0x700 [ 24.644007] ? __switch_to+0x5d9/0xf60 [ 24.645161] ? __schedule+0xc3e/0x2790 [ 24.645718] ? __pfx_read_tsc+0x10/0x10 [ 24.646253] krealloc_less_oob+0x1c/0x30 [ 24.647524] kunit_try_run_case+0x1b3/0x490 [ 24.648934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.649488] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.649847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.650465] ? __kthread_parkme+0x82/0x160 [ 24.650874] ? preempt_count_sub+0x50/0x80 [ 24.651314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.652059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.652772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.653802] kthread+0x257/0x310 [ 24.654273] ? __pfx_kthread+0x10/0x10 [ 24.654835] ret_from_fork+0x41/0x80 [ 24.655351] ? __pfx_kthread+0x10/0x10 [ 24.656118] ret_from_fork_asm+0x1a/0x30 [ 24.656720] </TASK> [ 24.657127] [ 24.657384] Allocated by task 165: [ 24.657900] kasan_save_stack+0x3d/0x60 [ 24.658483] kasan_save_track+0x18/0x40 [ 24.659028] kasan_save_alloc_info+0x3b/0x50 [ 24.659518] __kasan_krealloc+0x190/0x1f0 [ 24.660110] krealloc_noprof+0xf3/0x340 [ 24.660776] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.661409] krealloc_less_oob+0x1c/0x30 [ 24.661996] kunit_try_run_case+0x1b3/0x490 [ 24.662612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.663393] kthread+0x257/0x310 [ 24.663938] ret_from_fork+0x41/0x80 [ 24.664588] ret_from_fork_asm+0x1a/0x30 [ 24.665147] [ 24.665439] The buggy address belongs to the object at ffff888100aa9a00 [ 24.665439] which belongs to the cache kmalloc-256 of size 256 [ 24.667031] The buggy address is located 17 bytes to the right of [ 24.667031] allocated 201-byte region [ffff888100aa9a00, ffff888100aa9ac9) [ 24.667837] clocksource: timekeeping watchdog on CPU0: Marking clocksource 'tsc' as unstable because the skew is too large: [ 24.668285] [ 24.668447] The buggy address belongs to the physical page: [ 24.668531] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa8 [ 24.668613] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.668728] flags: 0x200000000000040(head|node=0|zone=2) [ 24.668801] page_type: f5(slab) [ 24.668876] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.668959] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.670614] clocksource: 'hpet' wd_nsec: 464547490 wd_now: 78733987 wd_last: 75ae61aa mask: ffffffff [ 24.670932] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.671004] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.671066] head: 0200000000000001 ffffea000402aa01 ffffffffffffffff 0000000000000000 [ 24.673242] clocksource: 'tsc' cs_nsec: 465236277 cs_now: 1378f8626a cs_last: 1325c7b18e mask: ffffffffffffffff [ 24.676131] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.676206] page dumped because: kasan: bad access detected [ 24.676246] [ 24.676267] Memory state around the buggy address: [ 24.676399] ffff888100aa9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.680027] clocksource: Clocksource 'tsc' skewed 688787 ns (0 ms) over watchdog 'hpet' interval of 464547490 ns (464 ms) [ 24.680313] clocksource: 'tsc' is current clocksource. [ 24.681002] ffff888100aa9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.681076] >ffff888100aa9a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.681121] ^ [ 24.681192] ffff888100aa9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.681266] ffff888100aa9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.681320] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 24.827215] ================================================================== [ 24.827215] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 24.827856] clocksource: Checking clocksource tsc synchronization from CPU 0 to CPUs 1. [ 24.827215] Write of size 1 at addr ffff888102b120eb by task kunit_try_catch/169 [ 24.827215] [ 24.827215] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.827215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.827215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.827215] Call Trace: [ 24.827215] <TASK> [ 24.827215] dump_stack_lvl+0x73/0xb0 [ 24.827215] print_report+0xd1/0x640 [ 24.827215] ? __virt_addr_valid+0x1db/0x2d0 [ 24.827215] ? kasan_addr_to_slab+0x11/0xa0 [ 24.827215] kasan_report+0x102/0x140 [ 24.827215] ? krealloc_more_oob_helper+0x823/0x930 [ 24.827215] ? krealloc_more_oob_helper+0x823/0x930 [ 24.827215] __asan_report_store1_noabort+0x1b/0x30 [ 24.827215] krealloc_more_oob_helper+0x823/0x930 [ 24.827215] ? __schedule+0xc3e/0x2790 [ 24.827215] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.827215] ? finish_task_switch.isra.0+0x153/0x700 [ 24.827215] ? __switch_to+0x5d9/0xf60 [ 24.827215] ? __schedule+0xc3e/0x2790 [ 24.827215] ? __pfx_read_tsc+0x10/0x10 [ 24.827215] krealloc_large_more_oob+0x1c/0x30 [ 24.827215] kunit_try_run_case+0x1b3/0x490 [ 24.827215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.827215] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.827215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.827215] ? __kthread_parkme+0x82/0x160 [ 24.827215] ? preempt_count_sub+0x50/0x80 [ 24.827215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.827215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.827215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.827215] kthread+0x257/0x310 [ 24.827215] ? __pfx_kthread+0x10/0x10 [ 24.827215] ret_from_fork+0x41/0x80 [ 24.827215] ? __pfx_kthread+0x10/0x10 [ 24.827215] ret_from_fork_asm+0x1a/0x30 [ 24.827215] </TASK> [ 24.827215] [ 24.827215] The buggy address belongs to the physical page: [ 24.827215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 24.827215] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.827215] flags: 0x200000000000040(head|node=0|zone=2) [ 24.827215] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.827215] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.827215] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.827215] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.827215] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 24.827215] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.827215] page dumped because: kasan: bad access detected [ 24.827215] [ 24.827215] Memory state around the buggy address: [ 24.827215] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.827215] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.827215] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.827215] ^ [ 24.827215] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.827215] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.827215] ================================================================== [ 24.451305] ================================================================== [ 24.451869] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 24.452777] Write of size 1 at addr ffff88810038e6f0 by task kunit_try_catch/163 [ 24.454463] [ 24.454646] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.455405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.456480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.457141] Call Trace: [ 24.458050] <TASK> [ 24.458298] dump_stack_lvl+0x73/0xb0 [ 24.459206] print_report+0xd1/0x640 [ 24.459574] ? __virt_addr_valid+0x1db/0x2d0 [ 24.460594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.461395] kasan_report+0x102/0x140 [ 24.461794] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.462823] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.463627] __asan_report_store1_noabort+0x1b/0x30 [ 24.464762] krealloc_more_oob_helper+0x7ed/0x930 [ 24.465171] ? __schedule+0xc3e/0x2790 [ 24.465722] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.466086] ? finish_task_switch.isra.0+0x153/0x700 [ 24.466739] ? __switch_to+0x5d9/0xf60 [ 24.467170] ? __schedule+0xc3e/0x2790 [ 24.467478] ? __pfx_read_tsc+0x10/0x10 [ 24.467951] krealloc_more_oob+0x1c/0x30 [ 24.468328] kunit_try_run_case+0x1b3/0x490 [ 24.468634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.469933] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.470418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.471240] ? __kthread_parkme+0x82/0x160 [ 24.471593] ? preempt_count_sub+0x50/0x80 [ 24.471981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.472539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.473175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.473624] kthread+0x257/0x310 [ 24.473916] ? __pfx_kthread+0x10/0x10 [ 24.474328] ret_from_fork+0x41/0x80 [ 24.474642] ? __pfx_kthread+0x10/0x10 [ 24.475763] ret_from_fork_asm+0x1a/0x30 [ 24.476144] </TASK> [ 24.476388] [ 24.476636] Allocated by task 163: [ 24.477277] kasan_save_stack+0x3d/0x60 [ 24.477614] kasan_save_track+0x18/0x40 [ 24.478070] kasan_save_alloc_info+0x3b/0x50 [ 24.478538] __kasan_krealloc+0x190/0x1f0 [ 24.479514] krealloc_noprof+0xf3/0x340 [ 24.479943] krealloc_more_oob_helper+0x1aa/0x930 [ 24.480628] krealloc_more_oob+0x1c/0x30 [ 24.481143] kunit_try_run_case+0x1b3/0x490 [ 24.481656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.482149] kthread+0x257/0x310 [ 24.482404] ret_from_fork+0x41/0x80 [ 24.482664] ret_from_fork_asm+0x1a/0x30 [ 24.482956] [ 24.483807] The buggy address belongs to the object at ffff88810038e600 [ 24.483807] which belongs to the cache kmalloc-256 of size 256 [ 24.485724] The buggy address is located 5 bytes to the right of [ 24.485724] allocated 235-byte region [ffff88810038e600, ffff88810038e6eb) [ 24.487408] [ 24.487642] The buggy address belongs to the physical page: [ 24.488056] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10038e [ 24.489162] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.489545] flags: 0x200000000000040(head|node=0|zone=2) [ 24.490789] page_type: f5(slab) [ 24.491189] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.492418] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.493488] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.494407] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.495480] head: 0200000000000001 ffffea000400e381 ffffffffffffffff 0000000000000000 [ 24.497006] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.498024] page dumped because: kasan: bad access detected [ 24.498978] [ 24.499221] Memory state around the buggy address: [ 24.499527] ffff88810038e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.500162] ffff88810038e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.500572] >ffff88810038e680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.502454] ^ [ 24.503114] ffff88810038e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.504009] ffff88810038e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.505073] ================================================================== [ 24.394034] ================================================================== [ 24.394803] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 24.395464] Write of size 1 at addr ffff88810038e6eb by task kunit_try_catch/163 [ 24.395994] [ 24.396163] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.397098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.397725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.398845] Call Trace: [ 24.399379] <TASK> [ 24.399713] dump_stack_lvl+0x73/0xb0 [ 24.400487] print_report+0xd1/0x640 [ 24.401450] ? __virt_addr_valid+0x1db/0x2d0 [ 24.402123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.402835] kasan_report+0x102/0x140 [ 24.403649] ? krealloc_more_oob_helper+0x823/0x930 [ 24.404551] ? krealloc_more_oob_helper+0x823/0x930 [ 24.405297] __asan_report_store1_noabort+0x1b/0x30 [ 24.405871] krealloc_more_oob_helper+0x823/0x930 [ 24.406367] ? __schedule+0xc3e/0x2790 [ 24.406970] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.407517] ? finish_task_switch.isra.0+0x153/0x700 [ 24.408613] ? __switch_to+0x5d9/0xf60 [ 24.409368] ? __schedule+0xc3e/0x2790 [ 24.409791] ? __pfx_read_tsc+0x10/0x10 [ 24.410240] krealloc_more_oob+0x1c/0x30 [ 24.410598] kunit_try_run_case+0x1b3/0x490 [ 24.411641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.411975] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.412997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.413478] ? __kthread_parkme+0x82/0x160 [ 24.414437] ? preempt_count_sub+0x50/0x80 [ 24.414824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.415317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.416642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.417042] kthread+0x257/0x310 [ 24.418142] ? __pfx_kthread+0x10/0x10 [ 24.418470] ret_from_fork+0x41/0x80 [ 24.418757] ? __pfx_kthread+0x10/0x10 [ 24.419017] ret_from_fork_asm+0x1a/0x30 [ 24.419487] </TASK> [ 24.420302] [ 24.420571] Allocated by task 163: [ 24.421198] kasan_save_stack+0x3d/0x60 [ 24.421492] kasan_save_track+0x18/0x40 [ 24.421775] kasan_save_alloc_info+0x3b/0x50 [ 24.422920] __kasan_krealloc+0x190/0x1f0 [ 24.423474] krealloc_noprof+0xf3/0x340 [ 24.424367] krealloc_more_oob_helper+0x1aa/0x930 [ 24.424602] krealloc_more_oob+0x1c/0x30 [ 24.424855] kunit_try_run_case+0x1b3/0x490 [ 24.426162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.427076] kthread+0x257/0x310 [ 24.427324] ret_from_fork+0x41/0x80 [ 24.428310] ret_from_fork_asm+0x1a/0x30 [ 24.428714] [ 24.428871] The buggy address belongs to the object at ffff88810038e600 [ 24.428871] which belongs to the cache kmalloc-256 of size 256 [ 24.430459] The buggy address is located 0 bytes to the right of [ 24.430459] allocated 235-byte region [ffff88810038e600, ffff88810038e6eb) [ 24.431238] [ 24.431462] The buggy address belongs to the physical page: [ 24.432852] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10038e [ 24.433534] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.434396] flags: 0x200000000000040(head|node=0|zone=2) [ 24.434857] page_type: f5(slab) [ 24.435506] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.436688] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.437280] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.438407] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.438770] head: 0200000000000001 ffffea000400e381 ffffffffffffffff 0000000000000000 [ 24.439383] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.440981] page dumped because: kasan: bad access detected [ 24.441575] [ 24.442001] Memory state around the buggy address: [ 24.442985] ffff88810038e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.443498] ffff88810038e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.444479] >ffff88810038e680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.446200] ^ [ 24.446667] ffff88810038e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.447325] ffff88810038e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.448580] ================================================================== [ 24.877040] ================================================================== [ 24.877282] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 24.877282] Write of size 1 at addr ffff888102b120f0 by task kunit_try_catch/169 [ 24.877282] [ 24.877282] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.880279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.880279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.880279] Call Trace: [ 24.880279] <TASK> [ 24.880279] dump_stack_lvl+0x73/0xb0 [ 24.880279] print_report+0xd1/0x640 [ 24.880279] ? __virt_addr_valid+0x1db/0x2d0 [ 24.880279] ? kasan_addr_to_slab+0x11/0xa0 [ 24.880279] kasan_report+0x102/0x140 [ 24.880279] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.880279] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.880279] __asan_report_store1_noabort+0x1b/0x30 [ 24.880279] krealloc_more_oob_helper+0x7ed/0x930 [ 24.880279] ? __schedule+0xc3e/0x2790 [ 24.880279] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.880279] ? finish_task_switch.isra.0+0x153/0x700 [ 24.880279] ? __switch_to+0x5d9/0xf60 [ 24.880279] ? __schedule+0xc3e/0x2790 [ 24.880279] ? __pfx_read_tsc+0x10/0x10 [ 24.880279] krealloc_large_more_oob+0x1c/0x30 [ 24.880279] kunit_try_run_case+0x1b3/0x490 [ 24.880279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.880279] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.880279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.880279] ? __kthread_parkme+0x82/0x160 [ 24.880279] ? preempt_count_sub+0x50/0x80 [ 24.880279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.880279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.880279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.880279] kthread+0x257/0x310 [ 24.880279] ? __pfx_kthread+0x10/0x10 [ 24.880279] ret_from_fork+0x41/0x80 [ 24.880279] ? __pfx_kthread+0x10/0x10 [ 24.880279] ret_from_fork_asm+0x1a/0x30 [ 24.880279] </TASK> [ 24.880279] [ 24.880279] The buggy address belongs to the physical page: [ 24.880279] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 24.880279] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.880279] flags: 0x200000000000040(head|node=0|zone=2) [ 24.880279] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.880279] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.880279] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.880279] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.880279] head: 0200000000000002 ffffea00040ac401 ffffffffffffffff 0000000000000000 [ 24.880279] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.880279] page dumped because: kasan: bad access detected [ 24.880279] [ 24.880279] Memory state around the buggy address: [ 24.880279] ffff888102b11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.880279] ffff888102b12000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.880279] >ffff888102b12080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.880279] ^ [ 24.880279] ffff888102b12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.880279] ffff888102b12180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.880279] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 24.352638] ================================================================== [ 24.354106] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 24.354749] Read of size 1 at addr ffff888102bf0000 by task kunit_try_catch/161 [ 24.355959] [ 24.356647] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.357476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.357974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.358921] Call Trace: [ 24.359922] <TASK> [ 24.360297] dump_stack_lvl+0x73/0xb0 [ 24.360776] print_report+0xd1/0x640 [ 24.361209] ? __virt_addr_valid+0x1db/0x2d0 [ 24.361890] ? kasan_addr_to_slab+0x11/0xa0 [ 24.362479] kasan_report+0x102/0x140 [ 24.362797] ? page_alloc_uaf+0x358/0x3d0 [ 24.363327] ? page_alloc_uaf+0x358/0x3d0 [ 24.364006] __asan_report_load1_noabort+0x18/0x20 [ 24.364575] page_alloc_uaf+0x358/0x3d0 [ 24.365535] ? __pfx_page_alloc_uaf+0x10/0x10 [ 24.366059] ? __schedule+0xc3e/0x2790 [ 24.366499] ? __pfx_read_tsc+0x10/0x10 [ 24.366995] ? ktime_get_ts64+0x84/0x230 [ 24.367942] kunit_try_run_case+0x1b3/0x490 [ 24.368265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.368568] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.369171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.369904] ? __kthread_parkme+0x82/0x160 [ 24.370466] ? preempt_count_sub+0x50/0x80 [ 24.370972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.372027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.372676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.373501] kthread+0x257/0x310 [ 24.373818] ? __pfx_kthread+0x10/0x10 [ 24.374262] ret_from_fork+0x41/0x80 [ 24.374923] ? __pfx_kthread+0x10/0x10 [ 24.375306] ret_from_fork_asm+0x1a/0x30 [ 24.375618] </TASK> [ 24.375825] [ 24.376182] The buggy address belongs to the physical page: [ 24.376725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf0 [ 24.378417] flags: 0x200000000000000(node=0|zone=2) [ 24.378946] page_type: f0(buddy) [ 24.379284] raw: 0200000000000000 ffff88817fffb4a0 ffff88817fffb4a0 0000000000000000 [ 24.379669] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 24.380188] page dumped because: kasan: bad access detected [ 24.380534] [ 24.380874] Memory state around the buggy address: [ 24.381336] ffff888102beff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.381742] ffff888102beff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.382376] >ffff888102bf0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.383034] ^ [ 24.383506] ffff888102bf0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.384047] ffff888102bf0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.384551] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 24.298599] ================================================================== [ 24.300004] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 24.300658] Free of addr ffff888102b0c001 by task kunit_try_catch/157 [ 24.301717] [ 24.302437] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.303724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.304167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.304965] Call Trace: [ 24.305225] <TASK> [ 24.305460] dump_stack_lvl+0x73/0xb0 [ 24.306806] print_report+0xd1/0x640 [ 24.308186] ? __virt_addr_valid+0x1db/0x2d0 [ 24.308598] ? kfree+0x271/0x3f0 [ 24.308970] ? kasan_addr_to_slab+0x11/0xa0 [ 24.309365] ? kfree+0x271/0x3f0 [ 24.310367] kasan_report_invalid_free+0xc0/0xf0 [ 24.310841] ? kfree+0x271/0x3f0 [ 24.311067] ? kfree+0x271/0x3f0 [ 24.311864] __kasan_kfree_large+0x86/0xd0 [ 24.312346] free_large_kmalloc+0x3b/0xd0 [ 24.313386] kfree+0x271/0x3f0 [ 24.313782] kmalloc_large_invalid_free+0x121/0x2b0 [ 24.314259] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 24.315511] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 24.315954] kunit_try_run_case+0x1b3/0x490 [ 24.316531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.317169] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.318066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.319178] ? __kthread_parkme+0x82/0x160 [ 24.319620] ? preempt_count_sub+0x50/0x80 [ 24.320059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.320447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.321631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.322288] kthread+0x257/0x310 [ 24.322525] ? __pfx_kthread+0x10/0x10 [ 24.323034] ret_from_fork+0x41/0x80 [ 24.323612] ? __pfx_kthread+0x10/0x10 [ 24.324215] ret_from_fork_asm+0x1a/0x30 [ 24.324776] </TASK> [ 24.325107] [ 24.325420] The buggy address belongs to the physical page: [ 24.326085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0c [ 24.327546] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.328271] flags: 0x200000000000040(head|node=0|zone=2) [ 24.328895] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.329504] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.330754] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.331243] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.331805] head: 0200000000000002 ffffea00040ac301 ffffffffffffffff 0000000000000000 [ 24.332472] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.333427] page dumped because: kasan: bad access detected [ 24.334103] [ 24.334317] Memory state around the buggy address: [ 24.334635] ffff888102b0bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.335521] ffff888102b0bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.335925] >ffff888102b0c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.336726] ^ [ 24.337666] ffff888102b0c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.338363] ffff888102b0c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.339197] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 24.256441] ================================================================== [ 24.257211] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 24.258035] Read of size 1 at addr ffff888102b80000 by task kunit_try_catch/155 [ 24.258731] [ 24.259026] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.259908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.261194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.262628] Call Trace: [ 24.263057] <TASK> [ 24.263471] dump_stack_lvl+0x73/0xb0 [ 24.264378] print_report+0xd1/0x640 [ 24.265032] ? __virt_addr_valid+0x1db/0x2d0 [ 24.265555] ? kasan_addr_to_slab+0x11/0xa0 [ 24.266719] kasan_report+0x102/0x140 [ 24.267094] ? kmalloc_large_uaf+0x2f3/0x340 [ 24.267486] ? kmalloc_large_uaf+0x2f3/0x340 [ 24.268162] __asan_report_load1_noabort+0x18/0x20 [ 24.268670] kmalloc_large_uaf+0x2f3/0x340 [ 24.269666] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 24.269978] ? __schedule+0xc3e/0x2790 [ 24.270637] ? __pfx_read_tsc+0x10/0x10 [ 24.271154] ? ktime_get_ts64+0x84/0x230 [ 24.271587] kunit_try_run_case+0x1b3/0x490 [ 24.272639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.273791] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.274171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.274946] ? __kthread_parkme+0x82/0x160 [ 24.275579] ? preempt_count_sub+0x50/0x80 [ 24.276186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.276627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.277517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.278303] kthread+0x257/0x310 [ 24.278810] ? __pfx_kthread+0x10/0x10 [ 24.279411] ret_from_fork+0x41/0x80 [ 24.279916] ? __pfx_kthread+0x10/0x10 [ 24.280487] ret_from_fork_asm+0x1a/0x30 [ 24.281006] </TASK> [ 24.281417] [ 24.281682] The buggy address belongs to the physical page: [ 24.282324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80 [ 24.283159] flags: 0x200000000000000(node=0|zone=2) [ 24.283634] raw: 0200000000000000 ffffea00040ae108 ffff88815b03f000 0000000000000000 [ 24.284512] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.285187] page dumped because: kasan: bad access detected [ 24.285409] [ 24.285493] Memory state around the buggy address: [ 24.285653] ffff888102b7ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.286000] ffff888102b7ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.286574] >ffff888102b80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.287892] ^ [ 24.288545] ffff888102b80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.289454] ffff888102b80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.290287] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 24.207367] ================================================================== [ 24.208768] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 24.209308] Write of size 1 at addr ffff888102b8200a by task kunit_try_catch/153 [ 24.209952] [ 24.210141] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.211091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.212464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.212945] Call Trace: [ 24.213303] <TASK> [ 24.213597] dump_stack_lvl+0x73/0xb0 [ 24.214554] print_report+0xd1/0x640 [ 24.214990] ? __virt_addr_valid+0x1db/0x2d0 [ 24.215488] ? kasan_addr_to_slab+0x11/0xa0 [ 24.216331] kasan_report+0x102/0x140 [ 24.216824] ? kmalloc_large_oob_right+0x2eb/0x340 [ 24.217366] ? kmalloc_large_oob_right+0x2eb/0x340 [ 24.218533] __asan_report_store1_noabort+0x1b/0x30 [ 24.219175] kmalloc_large_oob_right+0x2eb/0x340 [ 24.219853] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 24.220211] ? __schedule+0xc3e/0x2790 [ 24.221254] ? __pfx_read_tsc+0x10/0x10 [ 24.222034] ? ktime_get_ts64+0x84/0x230 [ 24.222745] kunit_try_run_case+0x1b3/0x490 [ 24.223445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.224557] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.224991] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.225693] ? __kthread_parkme+0x82/0x160 [ 24.226577] ? preempt_count_sub+0x50/0x80 [ 24.227534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.228061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.229393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.229853] kthread+0x257/0x310 [ 24.230662] ? __pfx_kthread+0x10/0x10 [ 24.231217] ret_from_fork+0x41/0x80 [ 24.232125] ? __pfx_kthread+0x10/0x10 [ 24.233108] ret_from_fork_asm+0x1a/0x30 [ 24.233567] </TASK> [ 24.234071] [ 24.234439] The buggy address belongs to the physical page: [ 24.235200] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80 [ 24.235678] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.236232] flags: 0x200000000000040(head|node=0|zone=2) [ 24.236675] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.238312] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.239278] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.240094] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.241135] head: 0200000000000002 ffffea00040ae001 ffffffffffffffff 0000000000000000 [ 24.242053] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.242581] page dumped because: kasan: bad access detected [ 24.243092] [ 24.243829] Memory state around the buggy address: [ 24.244286] ffff888102b81f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.245087] ffff888102b81f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.246276] >ffff888102b82000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.247110] ^ [ 24.247495] ffff888102b82080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.248063] ffff888102b82100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.248565] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 24.139928] ================================================================== [ 24.141724] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 24.142692] Write of size 1 at addr ffff8881021a5f00 by task kunit_try_catch/151 [ 24.143713] [ 24.143942] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.145758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.146062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.147173] Call Trace: [ 24.147461] <TASK> [ 24.147964] dump_stack_lvl+0x73/0xb0 [ 24.148530] print_report+0xd1/0x640 [ 24.149335] ? __virt_addr_valid+0x1db/0x2d0 [ 24.150001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.151387] kasan_report+0x102/0x140 [ 24.151894] ? kmalloc_big_oob_right+0x318/0x370 [ 24.152585] ? kmalloc_big_oob_right+0x318/0x370 [ 24.153121] __asan_report_store1_noabort+0x1b/0x30 [ 24.153567] kmalloc_big_oob_right+0x318/0x370 [ 24.153913] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 24.154260] ? __schedule+0xc3e/0x2790 [ 24.154556] ? __pfx_read_tsc+0x10/0x10 [ 24.155033] ? ktime_get_ts64+0x84/0x230 [ 24.155456] kunit_try_run_case+0x1b3/0x490 [ 24.155989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.156342] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.157396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.158107] ? __kthread_parkme+0x82/0x160 [ 24.158653] ? preempt_count_sub+0x50/0x80 [ 24.159511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.160229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.161119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.162604] kthread+0x257/0x310 [ 24.163212] ? __pfx_kthread+0x10/0x10 [ 24.163875] ret_from_fork+0x41/0x80 [ 24.164516] ? __pfx_kthread+0x10/0x10 [ 24.165204] ret_from_fork_asm+0x1a/0x30 [ 24.165784] </TASK> [ 24.166005] [ 24.166270] Allocated by task 151: [ 24.167625] kasan_save_stack+0x3d/0x60 [ 24.168974] kasan_save_track+0x18/0x40 [ 24.169800] kasan_save_alloc_info+0x3b/0x50 [ 24.170679] __kasan_kmalloc+0xb7/0xc0 [ 24.171288] __kmalloc_cache_noprof+0x184/0x410 [ 24.172235] kmalloc_big_oob_right+0xaa/0x370 [ 24.172953] kunit_try_run_case+0x1b3/0x490 [ 24.173751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.174557] kthread+0x257/0x310 [ 24.175063] ret_from_fork+0x41/0x80 [ 24.176018] ret_from_fork_asm+0x1a/0x30 [ 24.176629] [ 24.177131] The buggy address belongs to the object at ffff8881021a4000 [ 24.177131] which belongs to the cache kmalloc-8k of size 8192 [ 24.179301] The buggy address is located 0 bytes to the right of [ 24.179301] allocated 7936-byte region [ffff8881021a4000, ffff8881021a5f00) [ 24.180792] [ 24.181329] The buggy address belongs to the physical page: [ 24.182577] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021a0 [ 24.183493] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.184473] flags: 0x200000000000040(head|node=0|zone=2) [ 24.185147] page_type: f5(slab) [ 24.185549] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.186958] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 24.188327] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.189247] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 24.190325] head: 0200000000000003 ffffea0004086801 ffffffffffffffff 0000000000000000 [ 24.191452] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 24.192300] page dumped because: kasan: bad access detected [ 24.192681] [ 24.193292] Memory state around the buggy address: [ 24.194231] ffff8881021a5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.195476] ffff8881021a5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.196381] >ffff8881021a5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.197450] ^ [ 24.197714] ffff8881021a5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.199190] ffff8881021a6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.199764] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 24.027414] ================================================================== [ 24.028316] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.029112] Write of size 1 at addr ffff8881028d8a78 by task kunit_try_catch/149 [ 24.030494] [ 24.030946] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.032650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.033246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.034418] Call Trace: [ 24.034873] <TASK> [ 24.035445] dump_stack_lvl+0x73/0xb0 [ 24.036195] print_report+0xd1/0x640 [ 24.037079] ? __virt_addr_valid+0x1db/0x2d0 [ 24.037724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.038598] kasan_report+0x102/0x140 [ 24.039191] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.040377] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.041050] __asan_report_store1_noabort+0x1b/0x30 [ 24.041556] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.042758] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 24.043776] ? __schedule+0xc3e/0x2790 [ 24.044541] ? __pfx_read_tsc+0x10/0x10 [ 24.045243] ? ktime_get_ts64+0x84/0x230 [ 24.045816] kunit_try_run_case+0x1b3/0x490 [ 24.046466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.047131] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.048273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.048629] ? __kthread_parkme+0x82/0x160 [ 24.048979] ? preempt_count_sub+0x50/0x80 [ 24.050068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.051004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.051569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.052451] kthread+0x257/0x310 [ 24.053628] ? __pfx_kthread+0x10/0x10 [ 24.054069] ret_from_fork+0x41/0x80 [ 24.055207] ? __pfx_kthread+0x10/0x10 [ 24.055582] ret_from_fork_asm+0x1a/0x30 [ 24.056577] </TASK> [ 24.057531] [ 24.057735] Allocated by task 149: [ 24.058488] kasan_save_stack+0x3d/0x60 [ 24.058976] kasan_save_track+0x18/0x40 [ 24.059370] kasan_save_alloc_info+0x3b/0x50 [ 24.059820] __kasan_kmalloc+0xb7/0xc0 [ 24.060209] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 24.060921] kmalloc_track_caller_oob_right+0x9a/0x530 [ 24.061489] kunit_try_run_case+0x1b3/0x490 [ 24.062166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.062922] kthread+0x257/0x310 [ 24.063214] ret_from_fork+0x41/0x80 [ 24.064119] ret_from_fork_asm+0x1a/0x30 [ 24.064600] [ 24.065993] The buggy address belongs to the object at ffff8881028d8a00 [ 24.065993] which belongs to the cache kmalloc-128 of size 128 [ 24.067396] The buggy address is located 0 bytes to the right of [ 24.067396] allocated 120-byte region [ffff8881028d8a00, ffff8881028d8a78) [ 24.069412] [ 24.069837] The buggy address belongs to the physical page: [ 24.070650] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028d8 [ 24.071036] flags: 0x200000000000000(node=0|zone=2) [ 24.071239] page_type: f5(slab) [ 24.071392] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.071657] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.072185] page dumped because: kasan: bad access detected [ 24.073647] [ 24.073859] Memory state around the buggy address: [ 24.074305] ffff8881028d8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.075051] ffff8881028d8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.075737] >ffff8881028d8a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.076310] ^ [ 24.077149] ffff8881028d8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.077724] ffff8881028d8b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.078529] ================================================================== [ 24.079977] ================================================================== [ 24.080958] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.081820] Write of size 1 at addr ffff8881028d8b78 by task kunit_try_catch/149 [ 24.082372] [ 24.082555] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 24.083725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.084153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.084966] Call Trace: [ 24.085369] <TASK> [ 24.085753] dump_stack_lvl+0x73/0xb0 [ 24.086269] print_report+0xd1/0x640 [ 24.086779] ? __virt_addr_valid+0x1db/0x2d0 [ 24.087196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.087908] kasan_report+0x102/0x140 [ 24.088482] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.088943] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.089644] __asan_report_store1_noabort+0x1b/0x30 [ 24.090358] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.091064] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 24.091542] ? __schedule+0xc3e/0x2790 [ 24.092077] ? __pfx_read_tsc+0x10/0x10 [ 24.092570] ? ktime_get_ts64+0x84/0x230 [ 24.093056] kunit_try_run_case+0x1b3/0x490 [ 24.093720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.094252] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.094793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.095390] ? __kthread_parkme+0x82/0x160 [ 24.095837] ? preempt_count_sub+0x50/0x80 [ 24.096392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.096982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.097740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.098342] kthread+0x257/0x310 [ 24.098810] ? __pfx_kthread+0x10/0x10 [ 24.099220] ret_from_fork+0x41/0x80 [ 24.099592] ? __pfx_kthread+0x10/0x10 [ 24.101372] ret_from_fork_asm+0x1a/0x30 [ 24.101968] </TASK> [ 24.102518] [ 24.102832] Allocated by task 149: [ 24.103413] kasan_save_stack+0x3d/0x60 [ 24.104768] kasan_save_track+0x18/0x40 [ 24.105688] kasan_save_alloc_info+0x3b/0x50 [ 24.106457] __kasan_kmalloc+0xb7/0xc0 [ 24.106986] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 24.107849] kmalloc_track_caller_oob_right+0x19b/0x530 [ 24.108444] kunit_try_run_case+0x1b3/0x490 [ 24.109876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.110303] kthread+0x257/0x310 [ 24.111181] ret_from_fork+0x41/0x80 [ 24.111640] ret_from_fork_asm+0x1a/0x30 [ 24.112578] [ 24.113101] The buggy address belongs to the object at ffff8881028d8b00 [ 24.113101] which belongs to the cache kmalloc-128 of size 128 [ 24.114640] The buggy address is located 0 bytes to the right of [ 24.114640] allocated 120-byte region [ffff8881028d8b00, ffff8881028d8b78) [ 24.116415] [ 24.117153] The buggy address belongs to the physical page: [ 24.117545] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028d8 [ 24.118846] flags: 0x200000000000000(node=0|zone=2) [ 24.119670] page_type: f5(slab) [ 24.120586] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.121729] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.122751] page dumped because: kasan: bad access detected [ 24.123407] [ 24.123861] Memory state around the buggy address: [ 24.124845] ffff8881028d8a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.126071] ffff8881028d8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.127055] >ffff8881028d8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.128538] ^ [ 24.129514] ffff8881028d8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.130817] ffff8881028d8c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.132000] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 23.976391] ================================================================== [ 23.977412] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 23.978265] Read of size 1 at addr ffff888102a5b000 by task kunit_try_catch/147 [ 23.978781] [ 23.979084] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.980001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.980373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.981280] Call Trace: [ 23.981822] <TASK> [ 23.982126] dump_stack_lvl+0x73/0xb0 [ 23.982680] print_report+0xd1/0x640 [ 23.982986] ? __virt_addr_valid+0x1db/0x2d0 [ 23.983610] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.984577] kasan_report+0x102/0x140 [ 23.985144] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 23.985785] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 23.986113] __asan_report_load1_noabort+0x18/0x20 [ 23.986581] kmalloc_node_oob_right+0x36b/0x3d0 [ 23.987154] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 23.987684] ? __schedule+0xc3e/0x2790 [ 23.988257] ? __pfx_read_tsc+0x10/0x10 [ 23.988587] ? ktime_get_ts64+0x84/0x230 [ 23.989129] kunit_try_run_case+0x1b3/0x490 [ 23.989644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.990120] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.990762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.991276] ? __kthread_parkme+0x82/0x160 [ 23.991866] ? preempt_count_sub+0x50/0x80 [ 23.992459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.992931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.993300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.993744] kthread+0x257/0x310 [ 23.994372] ? __pfx_kthread+0x10/0x10 [ 23.995006] ret_from_fork+0x41/0x80 [ 23.995508] ? __pfx_kthread+0x10/0x10 [ 23.996037] ret_from_fork_asm+0x1a/0x30 [ 23.996501] </TASK> [ 23.996970] [ 23.997310] Allocated by task 147: [ 23.997682] kasan_save_stack+0x3d/0x60 [ 23.998204] kasan_save_track+0x18/0x40 [ 23.998741] kasan_save_alloc_info+0x3b/0x50 [ 23.999034] __kasan_kmalloc+0xb7/0xc0 [ 23.999289] __kmalloc_cache_node_noprof+0x183/0x420 [ 23.999585] kmalloc_node_oob_right+0xac/0x3d0 [ 24.000148] kunit_try_run_case+0x1b3/0x490 [ 24.000861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.001601] kthread+0x257/0x310 [ 24.002098] ret_from_fork+0x41/0x80 [ 24.002663] ret_from_fork_asm+0x1a/0x30 [ 24.003148] [ 24.003373] The buggy address belongs to the object at ffff888102a5a000 [ 24.003373] which belongs to the cache kmalloc-4k of size 4096 [ 24.004647] The buggy address is located 0 bytes to the right of [ 24.004647] allocated 4096-byte region [ffff888102a5a000, ffff888102a5b000) [ 24.005506] [ 24.005669] The buggy address belongs to the physical page: [ 24.006634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 24.007823] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.008767] flags: 0x200000000000040(head|node=0|zone=2) [ 24.009757] page_type: f5(slab) [ 24.010087] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 24.010465] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 24.011243] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 24.012344] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 24.013222] head: 0200000000000003 ffffea00040a9601 ffffffffffffffff 0000000000000000 [ 24.013991] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 24.014425] page dumped because: kasan: bad access detected [ 24.014753] [ 24.014908] Memory state around the buggy address: [ 24.015492] ffff888102a5af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.016270] ffff888102a5af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.017796] >ffff888102a5b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.018381] ^ [ 24.019236] ffff888102a5b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.019771] ffff888102a5b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.020656] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 23.917020] ================================================================== [ 23.918351] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 23.919419] Read of size 1 at addr ffff888101a4681f by task kunit_try_catch/145 [ 23.920759] [ 23.921382] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.922533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.923422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.924528] Call Trace: [ 23.924823] <TASK> [ 23.925210] dump_stack_lvl+0x73/0xb0 [ 23.925869] print_report+0xd1/0x640 [ 23.926395] ? __virt_addr_valid+0x1db/0x2d0 [ 23.927042] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.927900] kasan_report+0x102/0x140 [ 23.928388] ? kmalloc_oob_left+0x363/0x3c0 [ 23.928920] ? kmalloc_oob_left+0x363/0x3c0 [ 23.929637] __asan_report_load1_noabort+0x18/0x20 [ 23.930465] kmalloc_oob_left+0x363/0x3c0 [ 23.930870] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 23.931612] ? __schedule+0xc3e/0x2790 [ 23.932136] ? __pfx_read_tsc+0x10/0x10 [ 23.932640] ? ktime_get_ts64+0x84/0x230 [ 23.933376] kunit_try_run_case+0x1b3/0x490 [ 23.933905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.934682] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.935116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.935625] ? __kthread_parkme+0x82/0x160 [ 23.936203] ? preempt_count_sub+0x50/0x80 [ 23.936640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.937977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.938798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.939683] kthread+0x257/0x310 [ 23.940431] ? __pfx_kthread+0x10/0x10 [ 23.941171] ret_from_fork+0x41/0x80 [ 23.941579] ? __pfx_kthread+0x10/0x10 [ 23.942005] ret_from_fork_asm+0x1a/0x30 [ 23.942446] </TASK> [ 23.942825] [ 23.943081] Allocated by task 1: [ 23.943409] kasan_save_stack+0x3d/0x60 [ 23.943972] kasan_save_track+0x18/0x40 [ 23.944408] kasan_save_alloc_info+0x3b/0x50 [ 23.944917] __kasan_kmalloc+0xb7/0xc0 [ 23.945457] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.946153] kvasprintf+0xc6/0x150 [ 23.946516] __kthread_create_on_node+0x18c/0x3a0 [ 23.947070] kthread_create_on_node+0xa8/0xe0 [ 23.947604] create_worker+0x3c8/0x7a0 [ 23.948165] alloc_unbound_pwq+0x8ea/0xdb0 [ 23.948727] apply_wqattrs_prepare+0x332/0xd40 [ 23.949250] apply_workqueue_attrs_locked+0x4d/0xa0 [ 23.949947] alloc_workqueue+0xcc4/0x1ad0 [ 23.950333] latency_fsnotify_init+0x1b/0x50 [ 23.950981] do_one_initcall+0xb5/0x370 [ 23.951556] kernel_init_freeable+0x425/0x6f0 [ 23.952184] kernel_init+0x23/0x1e0 [ 23.952738] ret_from_fork+0x41/0x80 [ 23.953379] ret_from_fork_asm+0x1a/0x30 [ 23.954048] [ 23.954423] The buggy address belongs to the object at ffff888101a46800 [ 23.954423] which belongs to the cache kmalloc-16 of size 16 [ 23.955878] The buggy address is located 18 bytes to the right of [ 23.955878] allocated 13-byte region [ffff888101a46800, ffff888101a4680d) [ 23.957365] [ 23.957694] The buggy address belongs to the physical page: [ 23.958432] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a46 [ 23.959432] flags: 0x200000000000000(node=0|zone=2) [ 23.960043] page_type: f5(slab) [ 23.960447] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.961421] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.962070] page dumped because: kasan: bad access detected [ 23.962343] [ 23.962442] Memory state around the buggy address: [ 23.962630] ffff888101a46700: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 23.963725] ffff888101a46780: 00 05 fc fc 00 05 fc fc 00 02 fc fc fa fb fc fc [ 23.964815] >ffff888101a46800: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 23.965749] ^ [ 23.966385] ffff888101a46880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.967254] ffff888101a46900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.967934] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 23.788757] ================================================================== [ 23.789573] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 23.791214] Write of size 1 at addr ffff888102933573 by task kunit_try_catch/143 [ 23.791891] [ 23.793791] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241126 #1 [ 23.794653] Tainted: [N]=TEST [ 23.795060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.796205] Call Trace: [ 23.796790] <TASK> [ 23.797512] dump_stack_lvl+0x73/0xb0 [ 23.798021] print_report+0xd1/0x640 [ 23.798413] ? __virt_addr_valid+0x1db/0x2d0 [ 23.798913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.799468] kasan_report+0x102/0x140 [ 23.799816] ? kmalloc_oob_right+0x6f2/0x7f0 [ 23.800294] ? kmalloc_oob_right+0x6f2/0x7f0 [ 23.800820] __asan_report_store1_noabort+0x1b/0x30 [ 23.801320] kmalloc_oob_right+0x6f2/0x7f0 [ 23.801681] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.802137] ? __schedule+0xc3e/0x2790 [ 23.802603] ? __pfx_read_tsc+0x10/0x10 [ 23.803087] ? ktime_get_ts64+0x84/0x230 [ 23.803485] kunit_try_run_case+0x1b3/0x490 [ 23.803981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.804524] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.805199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.805614] ? __kthread_parkme+0x82/0x160 [ 23.806218] ? preempt_count_sub+0x50/0x80 [ 23.806568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.806915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.807649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.808151] kthread+0x257/0x310 [ 23.808435] ? __pfx_kthread+0x10/0x10 [ 23.808900] ret_from_fork+0x41/0x80 [ 23.809450] ? __pfx_kthread+0x10/0x10 [ 23.809951] ret_from_fork_asm+0x1a/0x30 [ 23.810458] </TASK> [ 23.810933] [ 23.811279] Allocated by task 143: [ 23.812032] kasan_save_stack+0x3d/0x60 [ 23.812605] kasan_save_track+0x18/0x40 [ 23.813079] kasan_save_alloc_info+0x3b/0x50 [ 23.813490] __kasan_kmalloc+0xb7/0xc0 [ 23.813856] __kmalloc_cache_noprof+0x184/0x410 [ 23.814352] kmalloc_oob_right+0xaa/0x7f0 [ 23.814814] kunit_try_run_case+0x1b3/0x490 [ 23.815095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.815653] kthread+0x257/0x310 [ 23.816081] ret_from_fork+0x41/0x80 [ 23.816486] ret_from_fork_asm+0x1a/0x30 [ 23.817065] [ 23.817501] The buggy address belongs to the object at ffff888102933500 [ 23.817501] which belongs to the cache kmalloc-128 of size 128 [ 23.818856] The buggy address is located 0 bytes to the right of [ 23.818856] allocated 115-byte region [ffff888102933500, ffff888102933573) [ 23.820186] [ 23.820795] The buggy address belongs to the physical page: [ 23.821739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 23.822983] flags: 0x200000000000000(node=0|zone=2) [ 23.824507] page_type: f5(slab) [ 23.825779] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.826544] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.827735] page dumped because: kasan: bad access detected [ 23.828339] [ 23.828557] Memory state around the buggy address: [ 23.829904] ffff888102933400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.830556] ffff888102933480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.831132] >ffff888102933500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.831942] ^ [ 23.832584] ffff888102933580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.833224] ffff888102933600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.834035] ================================================================== [ 23.873574] ================================================================== [ 23.874546] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 23.875347] Read of size 1 at addr ffff888102933580 by task kunit_try_catch/143 [ 23.876141] [ 23.876411] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.877402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.877922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.878835] Call Trace: [ 23.879174] <TASK> [ 23.879483] dump_stack_lvl+0x73/0xb0 [ 23.880033] print_report+0xd1/0x640 [ 23.880488] ? __virt_addr_valid+0x1db/0x2d0 [ 23.881175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.881831] kasan_report+0x102/0x140 [ 23.882290] ? kmalloc_oob_right+0x68c/0x7f0 [ 23.882831] ? kmalloc_oob_right+0x68c/0x7f0 [ 23.883200] __asan_report_load1_noabort+0x18/0x20 [ 23.883759] kmalloc_oob_right+0x68c/0x7f0 [ 23.884262] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.884802] ? __schedule+0xc3e/0x2790 [ 23.885264] ? __pfx_read_tsc+0x10/0x10 [ 23.885801] ? ktime_get_ts64+0x84/0x230 [ 23.886254] kunit_try_run_case+0x1b3/0x490 [ 23.886560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.887022] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.887331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.887645] ? __kthread_parkme+0x82/0x160 [ 23.887959] ? preempt_count_sub+0x50/0x80 [ 23.888284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.888589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.888997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.889349] kthread+0x257/0x310 [ 23.889607] ? __pfx_kthread+0x10/0x10 [ 23.889920] ret_from_fork+0x41/0x80 [ 23.890189] ? __pfx_kthread+0x10/0x10 [ 23.890460] ret_from_fork_asm+0x1a/0x30 [ 23.891505] </TASK> [ 23.891900] [ 23.892313] Allocated by task 143: [ 23.892548] kasan_save_stack+0x3d/0x60 [ 23.893083] kasan_save_track+0x18/0x40 [ 23.893546] kasan_save_alloc_info+0x3b/0x50 [ 23.893970] __kasan_kmalloc+0xb7/0xc0 [ 23.894277] __kmalloc_cache_noprof+0x184/0x410 [ 23.894874] kmalloc_oob_right+0xaa/0x7f0 [ 23.895373] kunit_try_run_case+0x1b3/0x490 [ 23.895942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.896587] kthread+0x257/0x310 [ 23.897098] ret_from_fork+0x41/0x80 [ 23.897579] ret_from_fork_asm+0x1a/0x30 [ 23.898137] [ 23.898425] The buggy address belongs to the object at ffff888102933500 [ 23.898425] which belongs to the cache kmalloc-128 of size 128 [ 23.899158] The buggy address is located 13 bytes to the right of [ 23.899158] allocated 115-byte region [ffff888102933500, ffff888102933573) [ 23.899510] [ 23.899597] The buggy address belongs to the physical page: [ 23.899894] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 23.900292] flags: 0x200000000000000(node=0|zone=2) [ 23.901068] page_type: f5(slab) [ 23.901482] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.902367] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.903216] page dumped because: kasan: bad access detected [ 23.903767] [ 23.903983] Memory state around the buggy address: [ 23.904520] ffff888102933480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.905057] ffff888102933500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.905613] >ffff888102933580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.906434] ^ [ 23.906932] ffff888102933600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.907682] ffff888102933680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.908178] ================================================================== [ 23.838112] ================================================================== [ 23.838792] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 23.839406] Write of size 1 at addr ffff888102933578 by task kunit_try_catch/143 [ 23.839982] [ 23.840167] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 23.841081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.841503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.842060] Call Trace: [ 23.842398] <TASK> [ 23.842675] dump_stack_lvl+0x73/0xb0 [ 23.843147] print_report+0xd1/0x640 [ 23.843572] ? __virt_addr_valid+0x1db/0x2d0 [ 23.844106] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.844646] kasan_report+0x102/0x140 [ 23.845075] ? kmalloc_oob_right+0x6bf/0x7f0 [ 23.845481] ? kmalloc_oob_right+0x6bf/0x7f0 [ 23.845952] __asan_report_store1_noabort+0x1b/0x30 [ 23.846456] kmalloc_oob_right+0x6bf/0x7f0 [ 23.847252] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.847637] ? __schedule+0xc3e/0x2790 [ 23.848088] ? __pfx_read_tsc+0x10/0x10 [ 23.848456] ? ktime_get_ts64+0x84/0x230 [ 23.848859] kunit_try_run_case+0x1b3/0x490 [ 23.849260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.849762] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.850431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.850801] ? __kthread_parkme+0x82/0x160 [ 23.851096] ? preempt_count_sub+0x50/0x80 [ 23.851396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.851618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.852195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.852865] kthread+0x257/0x310 [ 23.853296] ? __pfx_kthread+0x10/0x10 [ 23.853824] ret_from_fork+0x41/0x80 [ 23.854268] ? __pfx_kthread+0x10/0x10 [ 23.854768] ret_from_fork_asm+0x1a/0x30 [ 23.855268] </TASK> [ 23.855586] [ 23.855921] Allocated by task 143: [ 23.856327] kasan_save_stack+0x3d/0x60 [ 23.856860] kasan_save_track+0x18/0x40 [ 23.857319] kasan_save_alloc_info+0x3b/0x50 [ 23.857864] __kasan_kmalloc+0xb7/0xc0 [ 23.858302] __kmalloc_cache_noprof+0x184/0x410 [ 23.858894] kmalloc_oob_right+0xaa/0x7f0 [ 23.859362] kunit_try_run_case+0x1b3/0x490 [ 23.859899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.860459] kthread+0x257/0x310 [ 23.860922] ret_from_fork+0x41/0x80 [ 23.861367] ret_from_fork_asm+0x1a/0x30 [ 23.861879] [ 23.862119] The buggy address belongs to the object at ffff888102933500 [ 23.862119] which belongs to the cache kmalloc-128 of size 128 [ 23.863281] The buggy address is located 5 bytes to the right of [ 23.863281] allocated 115-byte region [ffff888102933500, ffff888102933573) [ 23.864483] [ 23.864809] The buggy address belongs to the physical page: [ 23.865369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 23.866015] flags: 0x200000000000000(node=0|zone=2) [ 23.866528] page_type: f5(slab) [ 23.867000] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.867435] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.867865] page dumped because: kasan: bad access detected [ 23.868157] [ 23.868276] Memory state around the buggy address: [ 23.868435] ffff888102933400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.868640] ffff888102933480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.869333] >ffff888102933500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.870047] ^ [ 23.870754] ffff888102933580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.871446] ffff888102933600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.872236] ==================================================================