Date
Nov. 26, 2024, 6:09 a.m.
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 65.234333] ================================================================== [ 65.235069] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 65.235069] [ 65.236191] Use-after-free read at 0x0000000073aa23d9 (in kfence-#224): [ 65.237083] test_krealloc+0x51c/0x830 [ 65.237703] test_krealloc+0x458/0x830 [ 65.238570] kunit_try_run_case+0x14c/0x3d0 [ 65.239285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.240015] kthread+0x24c/0x2d0 [ 65.240626] ret_from_fork+0x10/0x20 [ 65.241328] [ 65.241804] kfence-#224: 0x0000000073aa23d9-0x000000006f240e3a, size=32, cache=kmalloc-32 [ 65.241804] [ 65.242748] allocated by task 326 on cpu 1 at 65.233125s (0.009611s ago): [ 65.243665] test_alloc+0x298/0x620 [ 65.244281] test_krealloc+0xc0/0x830 [ 65.244768] kunit_try_run_case+0x14c/0x3d0 [ 65.245368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.246103] kthread+0x24c/0x2d0 [ 65.246627] ret_from_fork+0x10/0x20 [ 65.247164] [ 65.247546] freed by task 326 on cpu 1 at 65.233560s (0.013975s ago): [ 65.248436] krealloc_noprof+0x148/0x360 [ 65.248946] test_krealloc+0x1dc/0x830 [ 65.249553] kunit_try_run_case+0x14c/0x3d0 [ 65.250113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.250881] kthread+0x24c/0x2d0 [ 65.251348] ret_from_fork+0x10/0x20 [ 65.251960] [ 65.252366] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 65.253384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.253970] Hardware name: linux,dummy-virt (DT) [ 65.254633] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 65.145642] ================================================================== [ 65.146518] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 65.146518] [ 65.147377] Use-after-free read at 0x000000002d5a22be (in kfence-#223): [ 65.147739] test_memcache_typesafe_by_rcu+0x280/0x560 [ 65.148152] test_memcache_typesafe_by_rcu+0x260/0x560 [ 65.148936] kunit_try_run_case+0x14c/0x3d0 [ 65.150000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.151108] kthread+0x24c/0x2d0 [ 65.151699] ret_from_fork+0x10/0x20 [ 65.152380] [ 65.152747] kfence-#223: 0x000000002d5a22be-0x00000000fdfb8952, size=32, cache=test [ 65.152747] [ 65.153549] allocated by task 324 on cpu 1 at 65.132506s (0.021032s ago): [ 65.154227] test_alloc+0x22c/0x620 [ 65.154678] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 65.155235] kunit_try_run_case+0x14c/0x3d0 [ 65.155733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.156310] kthread+0x24c/0x2d0 [ 65.156761] ret_from_fork+0x10/0x20 [ 65.157248] [ 65.157557] freed by task 324 on cpu 1 at 65.132725s (0.024819s ago): [ 65.158207] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 65.158740] kunit_try_run_case+0x14c/0x3d0 [ 65.159251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 65.159800] kthread+0x24c/0x2d0 [ 65.160264] ret_from_fork+0x10/0x20 [ 65.160710] [ 65.161081] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 65.161889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 65.162365] Hardware name: linux,dummy-virt (DT) [ 65.162864] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 46.538715] ================================================================== [ 46.539963] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 46.539963] [ 46.541959] Invalid read at 0x00000000b2d12157: [ 46.543049] test_invalid_access+0xdc/0x1f0 [ 46.543778] kunit_try_run_case+0x14c/0x3d0 [ 46.545735] kunit_try_run_case+0x14c/0x3d0 [ 46.546425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.547235] kthread+0x24c/0x2d0 [ 46.547753] ret_from_fork+0x10/0x20 [ 46.548342] [ 46.549262] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 46.550250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 46.550987] Hardware name: linux,dummy-virt (DT) [ 46.551831] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 39.229363] ================================================================== [ 39.230312] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 39.230312] [ 39.231083] Out-of-bounds write at 0x000000003c0fa943 (1B left of kfence-#151): [ 39.231995] test_out_of_bounds_write+0x100/0x240 [ 39.232781] test_out_of_bounds_write+0xc8/0x240 [ 39.233522] kunit_try_run_case+0x14c/0x3d0 [ 39.234247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.235093] kthread+0x24c/0x2d0 [ 39.235709] ret_from_fork+0x10/0x20 [ 39.236406] [ 39.236809] kfence-#151: 0x0000000033e57af8-0x0000000074fbd6fb, size=32, cache=test [ 39.236809] [ 39.238074] allocated by task 282 on cpu 0 at 39.229196s (0.008866s ago): [ 39.239066] test_alloc+0x22c/0x620 [ 39.239697] test_out_of_bounds_write+0xc8/0x240 [ 39.240479] kunit_try_run_case+0x14c/0x3d0 [ 39.241214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.242093] kthread+0x24c/0x2d0 [ 39.242714] ret_from_fork+0x10/0x20 [ 39.243382] [ 39.243800] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.245057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.245619] Hardware name: linux,dummy-virt (DT) [ 39.246223] ================================================================== [ 39.125441] ================================================================== [ 39.126216] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 39.126216] [ 39.126965] Out-of-bounds write at 0x000000007ee26111 (1B left of kfence-#150): [ 39.127855] test_out_of_bounds_write+0x100/0x240 [ 39.129033] test_out_of_bounds_write+0xc8/0x240 [ 39.129563] kunit_try_run_case+0x14c/0x3d0 [ 39.130250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.130940] kthread+0x24c/0x2d0 [ 39.131467] ret_from_fork+0x10/0x20 [ 39.132097] [ 39.132447] kfence-#150: 0x00000000cf681eef-0x000000004eda05ed, size=32, cache=kmalloc-32 [ 39.132447] [ 39.133412] allocated by task 280 on cpu 0 at 39.125127s (0.008274s ago): [ 39.134214] test_alloc+0x298/0x620 [ 39.134809] test_out_of_bounds_write+0xc8/0x240 [ 39.135475] kunit_try_run_case+0x14c/0x3d0 [ 39.136138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.136917] kthread+0x24c/0x2d0 [ 39.137411] ret_from_fork+0x10/0x20 [ 39.138026] [ 39.138436] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.139613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.140234] Hardware name: linux,dummy-virt (DT) [ 39.140832] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 46.301573] ================================================================== [ 46.302372] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 46.302372] [ 46.303340] Corrupted memory at 0x000000007ed8cd64 [ ! . . . . . . . . . . . . . . . ] (in kfence-#219): [ 46.306005] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 46.306779] kunit_try_run_case+0x14c/0x3d0 [ 46.308538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.309455] kthread+0x24c/0x2d0 [ 46.309962] ret_from_fork+0x10/0x20 [ 46.311154] [ 46.311523] kfence-#219: 0x0000000026c3c701-0x00000000de5252cc, size=73, cache=kmalloc-96 [ 46.311523] [ 46.313225] allocated by task 314 on cpu 1 at 46.301120s (0.012093s ago): [ 46.314174] test_alloc+0x298/0x620 [ 46.314676] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 46.315832] kunit_try_run_case+0x14c/0x3d0 [ 46.316499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.317232] kthread+0x24c/0x2d0 [ 46.317758] ret_from_fork+0x10/0x20 [ 46.318361] [ 46.318749] freed by task 314 on cpu 1 at 46.301377s (0.017361s ago): [ 46.319474] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 46.320228] kunit_try_run_case+0x14c/0x3d0 [ 46.320848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.321504] kthread+0x24c/0x2d0 [ 46.322086] ret_from_fork+0x10/0x20 [ 46.322687] [ 46.323093] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 46.324150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 46.324756] Hardware name: linux,dummy-virt (DT) [ 46.325323] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 45.989659] ================================================================== [ 45.990481] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 45.990481] [ 45.991357] Out-of-bounds read at 0x00000000ffab6a2b (105B right of kfence-#216): [ 45.992423] test_kmalloc_aligned_oob_read+0x238/0x468 [ 45.993041] test_kmalloc_aligned_oob_read+0x100/0x468 [ 45.993787] kunit_try_run_case+0x14c/0x3d0 [ 45.994559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.995356] kthread+0x24c/0x2d0 [ 45.996044] ret_from_fork+0x10/0x20 [ 45.996616] [ 45.997052] kfence-#216: 0x00000000af998c6c-0x00000000fd1564a5, size=73, cache=kmalloc-96 [ 45.997052] [ 45.998111] allocated by task 312 on cpu 0 at 45.989186s (0.008913s ago): [ 45.999093] test_alloc+0x298/0x620 [ 45.999758] test_kmalloc_aligned_oob_read+0x100/0x468 [ 46.000408] kunit_try_run_case+0x14c/0x3d0 [ 46.001122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.001779] kthread+0x24c/0x2d0 [ 46.002400] ret_from_fork+0x10/0x20 [ 46.003064] [ 46.003465] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 46.004666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 46.005313] Hardware name: linux,dummy-virt (DT) [ 46.006032] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 40.270129] ================================================================== [ 40.270848] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 40.270848] [ 40.271702] Corrupted memory at 0x00000000cfc03193 [ ! . . . . . . . . . . . . . . . ] (in kfence-#161): [ 40.274506] test_corruption+0x278/0x378 [ 40.275069] kunit_try_run_case+0x14c/0x3d0 [ 40.275962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.276656] kthread+0x24c/0x2d0 [ 40.277284] ret_from_fork+0x10/0x20 [ 40.277853] [ 40.278259] kfence-#161: 0x0000000066ffb01d-0x0000000022749df0, size=32, cache=kmalloc-32 [ 40.278259] [ 40.279284] allocated by task 300 on cpu 0 at 40.269734s (0.009538s ago): [ 40.280228] test_alloc+0x298/0x620 [ 40.280856] test_corruption+0xdc/0x378 [ 40.281535] kunit_try_run_case+0x14c/0x3d0 [ 40.282256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.282997] kthread+0x24c/0x2d0 [ 40.283610] ret_from_fork+0x10/0x20 [ 40.284258] [ 40.284642] freed by task 300 on cpu 0 at 40.269946s (0.014685s ago): [ 40.285496] test_corruption+0x278/0x378 [ 40.286111] kunit_try_run_case+0x14c/0x3d0 [ 40.286715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.287434] kthread+0x24c/0x2d0 [ 40.287878] ret_from_fork+0x10/0x20 [ 40.288497] [ 40.288935] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.289991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.290504] Hardware name: linux,dummy-virt (DT) [ 40.291177] ================================================================== [ 40.685819] ================================================================== [ 40.686579] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 40.686579] [ 40.687311] Corrupted memory at 0x00000000c11574dd [ ! ] (in kfence-#165): [ 40.688590] test_corruption+0x284/0x378 [ 40.689196] kunit_try_run_case+0x14c/0x3d0 [ 40.689866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.690589] kthread+0x24c/0x2d0 [ 40.691186] ret_from_fork+0x10/0x20 [ 40.691767] [ 40.692107] kfence-#165: 0x000000005a4336c5-0x00000000d6468921, size=32, cache=kmalloc-32 [ 40.692107] [ 40.693065] allocated by task 300 on cpu 0 at 40.685315s (0.007739s ago): [ 40.693921] test_alloc+0x298/0x620 [ 40.694508] test_corruption+0x198/0x378 [ 40.695145] kunit_try_run_case+0x14c/0x3d0 [ 40.695649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.696431] kthread+0x24c/0x2d0 [ 40.697025] ret_from_fork+0x10/0x20 [ 40.697622] [ 40.697980] freed by task 300 on cpu 0 at 40.685493s (0.012474s ago): [ 40.698752] test_corruption+0x284/0x378 [ 40.699359] kunit_try_run_case+0x14c/0x3d0 [ 40.699862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.700634] kthread+0x24c/0x2d0 [ 40.701232] ret_from_fork+0x10/0x20 [ 40.701748] [ 40.702180] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.703293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.703872] Hardware name: linux,dummy-virt (DT) [ 40.704502] ================================================================== [ 40.997496] ================================================================== [ 40.998335] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 40.998335] [ 40.999233] Corrupted memory at 0x000000007e5a5af2 [ ! ] (in kfence-#168): [ 41.000410] test_corruption+0x1d8/0x378 [ 41.000924] kunit_try_run_case+0x14c/0x3d0 [ 41.001663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.002488] kthread+0x24c/0x2d0 [ 41.003123] ret_from_fork+0x10/0x20 [ 41.003592] [ 41.004007] kfence-#168: 0x00000000c14aa313-0x000000003bf5b36a, size=32, cache=test [ 41.004007] [ 41.005182] allocated by task 302 on cpu 0 at 40.997230s (0.007940s ago): [ 41.005919] test_alloc+0x22c/0x620 [ 41.006549] test_corruption+0x198/0x378 [ 41.007237] kunit_try_run_case+0x14c/0x3d0 [ 41.007800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.008649] kthread+0x24c/0x2d0 [ 41.009190] ret_from_fork+0x10/0x20 [ 41.009829] [ 41.010241] freed by task 302 on cpu 0 at 40.997329s (0.012900s ago): [ 41.011031] test_corruption+0x1d8/0x378 [ 41.011697] kunit_try_run_case+0x14c/0x3d0 [ 41.012369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.013070] kthread+0x24c/0x2d0 [ 41.013670] ret_from_fork+0x10/0x20 [ 41.014217] [ 41.014685] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 41.015810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.016396] Hardware name: linux,dummy-virt (DT) [ 41.017030] ================================================================== [ 40.789622] ================================================================== [ 40.790513] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 40.790513] [ 40.791372] Corrupted memory at 0x000000001ad9e615 [ ! . . . . . . . . . . . . . . . ] (in kfence-#166): [ 40.794010] test_corruption+0x120/0x378 [ 40.794612] kunit_try_run_case+0x14c/0x3d0 [ 40.795327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.796077] kthread+0x24c/0x2d0 [ 40.796644] ret_from_fork+0x10/0x20 [ 40.797218] [ 40.797623] kfence-#166: 0x0000000069b80584-0x000000007f5508ff, size=32, cache=test [ 40.797623] [ 40.798681] allocated by task 302 on cpu 0 at 40.789314s (0.009355s ago): [ 40.799526] test_alloc+0x22c/0x620 [ 40.800160] test_corruption+0xdc/0x378 [ 40.800814] kunit_try_run_case+0x14c/0x3d0 [ 40.801404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.802264] kthread+0x24c/0x2d0 [ 40.802807] ret_from_fork+0x10/0x20 [ 40.803465] [ 40.803824] freed by task 302 on cpu 0 at 40.789443s (0.014368s ago): [ 40.804788] test_corruption+0x120/0x378 [ 40.805419] kunit_try_run_case+0x14c/0x3d0 [ 40.806054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.806787] kthread+0x24c/0x2d0 [ 40.807389] ret_from_fork+0x10/0x20 [ 40.808000] [ 40.808418] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.809568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.810096] Hardware name: linux,dummy-virt (DT) [ 40.810674] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 40.061383] ================================================================== [ 40.062319] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 40.062319] [ 40.063150] Invalid free of 0x0000000003eb9b62 (in kfence-#159): [ 40.063964] test_invalid_addr_free+0xec/0x238 [ 40.064669] kunit_try_run_case+0x14c/0x3d0 [ 40.065548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.066138] kthread+0x24c/0x2d0 [ 40.066736] ret_from_fork+0x10/0x20 [ 40.067411] [ 40.067833] kfence-#159: 0x000000006e21bdc4-0x00000000d5830d37, size=32, cache=test [ 40.067833] [ 40.068959] allocated by task 298 on cpu 1 at 40.061181s (0.007766s ago): [ 40.069728] test_alloc+0x22c/0x620 [ 40.070258] test_invalid_addr_free+0xd4/0x238 [ 40.070995] kunit_try_run_case+0x14c/0x3d0 [ 40.071654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.072470] kthread+0x24c/0x2d0 [ 40.073100] ret_from_fork+0x10/0x20 [ 40.073575] [ 40.074038] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 40.075156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.075773] Hardware name: linux,dummy-virt (DT) [ 40.076379] ================================================================== [ 39.957449] ================================================================== [ 39.958268] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 39.958268] [ 39.959141] Invalid free of 0x0000000008e2445d (in kfence-#158): [ 39.959943] test_invalid_addr_free+0x1ac/0x238 [ 39.960646] kunit_try_run_case+0x14c/0x3d0 [ 39.961268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.962129] kthread+0x24c/0x2d0 [ 39.962679] ret_from_fork+0x10/0x20 [ 39.963299] [ 39.963718] kfence-#158: 0x000000002de572f9-0x00000000b1c10250, size=32, cache=kmalloc-32 [ 39.963718] [ 39.964887] allocated by task 296 on cpu 1 at 39.957200s (0.007674s ago): [ 39.965756] test_alloc+0x298/0x620 [ 39.966437] test_invalid_addr_free+0xd4/0x238 [ 39.967077] kunit_try_run_case+0x14c/0x3d0 [ 39.967750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.968461] kthread+0x24c/0x2d0 [ 39.968936] ret_from_fork+0x10/0x20 [ 39.969523] [ 39.969957] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.971193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.971778] Hardware name: linux,dummy-virt (DT) [ 39.972418] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 39.749597] ================================================================== [ 39.750490] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 39.750490] [ 39.751494] Invalid free of 0x000000001d1b7f50 (in kfence-#156): [ 39.752148] test_double_free+0x1bc/0x238 [ 39.753457] kunit_try_run_case+0x14c/0x3d0 [ 39.754291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.755217] kthread+0x24c/0x2d0 [ 39.755977] ret_from_fork+0x10/0x20 [ 39.756746] [ 39.757188] kfence-#156: 0x000000001d1b7f50-0x0000000025a1d3ac, size=32, cache=kmalloc-32 [ 39.757188] [ 39.758216] allocated by task 292 on cpu 0 at 39.749137s (0.009068s ago): [ 39.759262] test_alloc+0x298/0x620 [ 39.759732] test_double_free+0xd4/0x238 [ 39.760239] kunit_try_run_case+0x14c/0x3d0 [ 39.760753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.761888] kthread+0x24c/0x2d0 [ 39.762392] ret_from_fork+0x10/0x20 [ 39.763034] [ 39.763402] freed by task 292 on cpu 0 at 39.749269s (0.014123s ago): [ 39.764196] test_double_free+0x1ac/0x238 [ 39.764886] kunit_try_run_case+0x14c/0x3d0 [ 39.765569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.766324] kthread+0x24c/0x2d0 [ 39.766878] ret_from_fork+0x10/0x20 [ 39.767496] [ 39.767934] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.769075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.769634] Hardware name: linux,dummy-virt (DT) [ 39.770253] ================================================================== [ 39.853504] ================================================================== [ 39.854280] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 39.854280] [ 39.854998] Invalid free of 0x0000000018b95eb7 (in kfence-#157): [ 39.855815] test_double_free+0x100/0x238 [ 39.856501] kunit_try_run_case+0x14c/0x3d0 [ 39.857086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.857858] kthread+0x24c/0x2d0 [ 39.858397] ret_from_fork+0x10/0x20 [ 39.859027] [ 39.859344] kfence-#157: 0x0000000018b95eb7-0x000000001110de10, size=32, cache=test [ 39.859344] [ 39.860195] allocated by task 294 on cpu 0 at 39.853104s (0.007079s ago): [ 39.861129] test_alloc+0x22c/0x620 [ 39.861711] test_double_free+0xd4/0x238 [ 39.862349] kunit_try_run_case+0x14c/0x3d0 [ 39.862958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.863563] kthread+0x24c/0x2d0 [ 39.864143] ret_from_fork+0x10/0x20 [ 39.864738] [ 39.865130] freed by task 294 on cpu 0 at 39.853209s (0.011910s ago): [ 39.866009] test_double_free+0xf0/0x238 [ 39.866499] kunit_try_run_case+0x14c/0x3d0 [ 39.867171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.867814] kthread+0x24c/0x2d0 [ 39.868406] ret_from_fork+0x10/0x20 [ 39.868894] [ 39.869327] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.870413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.870881] Hardware name: linux,dummy-virt (DT) [ 39.871548] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 39.334944] ================================================================== [ 39.335663] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 39.335663] [ 39.336774] Use-after-free read at 0x00000000a1b478ac (in kfence-#152): [ 39.337623] test_use_after_free_read+0x114/0x248 [ 39.338203] test_use_after_free_read+0x1c0/0x248 [ 39.338891] kunit_try_run_case+0x14c/0x3d0 [ 39.339467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.340247] kthread+0x24c/0x2d0 [ 39.340719] ret_from_fork+0x10/0x20 [ 39.341347] [ 39.341722] kfence-#152: 0x00000000a1b478ac-0x00000000093ca67c, size=32, cache=kmalloc-32 [ 39.341722] [ 39.342590] allocated by task 284 on cpu 1 at 39.334314s (0.008265s ago): [ 39.343434] test_alloc+0x298/0x620 [ 39.344033] test_use_after_free_read+0xd0/0x248 [ 39.344741] kunit_try_run_case+0x14c/0x3d0 [ 39.345343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.345975] kthread+0x24c/0x2d0 [ 39.346538] ret_from_fork+0x10/0x20 [ 39.347870] [ 39.348264] freed by task 284 on cpu 1 at 39.334464s (0.013788s ago): [ 39.349018] test_use_after_free_read+0x1c0/0x248 [ 39.349665] kunit_try_run_case+0x14c/0x3d0 [ 39.350195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.350974] kthread+0x24c/0x2d0 [ 39.351491] ret_from_fork+0x10/0x20 [ 39.352008] [ 39.352434] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.353551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.354179] Hardware name: linux,dummy-virt (DT) [ 39.354787] ================================================================== [ 39.437501] ================================================================== [ 39.438208] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 39.438208] [ 39.438962] Use-after-free read at 0x000000009216a656 (in kfence-#153): [ 39.439768] test_use_after_free_read+0x114/0x248 [ 39.440444] test_use_after_free_read+0xf0/0x248 [ 39.441015] kunit_try_run_case+0x14c/0x3d0 [ 39.441673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.442345] kthread+0x24c/0x2d0 [ 39.442955] ret_from_fork+0x10/0x20 [ 39.443551] [ 39.443948] kfence-#153: 0x000000009216a656-0x000000004814458a, size=32, cache=test [ 39.443948] [ 39.444880] allocated by task 286 on cpu 1 at 39.437170s (0.007698s ago): [ 39.445578] test_alloc+0x22c/0x620 [ 39.446176] test_use_after_free_read+0xd0/0x248 [ 39.446883] kunit_try_run_case+0x14c/0x3d0 [ 39.447493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.448261] kthread+0x24c/0x2d0 [ 39.448731] ret_from_fork+0x10/0x20 [ 39.449346] [ 39.449709] freed by task 286 on cpu 1 at 39.437272s (0.012425s ago): [ 39.450733] test_use_after_free_read+0xf0/0x248 [ 39.451392] kunit_try_run_case+0x14c/0x3d0 [ 39.452069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.452738] kthread+0x24c/0x2d0 [ 39.453320] ret_from_fork+0x10/0x20 [ 39.453880] [ 39.454278] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.455301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.455833] Hardware name: linux,dummy-virt (DT) [ 39.456481] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 38.917310] ================================================================== [ 38.918131] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 38.918131] [ 38.918853] Out-of-bounds read at 0x000000002e81c5ad (1B left of kfence-#148): [ 38.919769] test_out_of_bounds_read+0x114/0x3e0 [ 38.920507] test_out_of_bounds_read+0xdc/0x3e0 [ 38.921292] kunit_try_run_case+0x14c/0x3d0 [ 38.921815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.922661] kthread+0x24c/0x2d0 [ 38.923234] ret_from_fork+0x10/0x20 [ 38.923937] [ 38.924293] kfence-#148: 0x0000000080a64df6-0x00000000e2ae894e, size=32, cache=test [ 38.924293] [ 38.925286] allocated by task 278 on cpu 0 at 38.917142s (0.008133s ago): [ 38.926411] test_alloc+0x22c/0x620 [ 38.927026] test_out_of_bounds_read+0xdc/0x3e0 [ 38.927740] kunit_try_run_case+0x14c/0x3d0 [ 38.928484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.929133] kthread+0x24c/0x2d0 [ 38.929750] ret_from_fork+0x10/0x20 [ 38.930392] [ 38.930815] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.931997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.932550] Hardware name: linux,dummy-virt (DT) [ 38.933191] ================================================================== [ 38.710762] ================================================================== [ 38.711597] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 38.711597] [ 38.713013] Out-of-bounds read at 0x000000004dcbdd1d (1B left of kfence-#146): [ 38.714146] test_out_of_bounds_read+0x114/0x3e0 [ 38.714822] test_out_of_bounds_read+0xdc/0x3e0 [ 38.715517] kunit_try_run_case+0x14c/0x3d0 [ 38.716239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.717055] kthread+0x24c/0x2d0 [ 38.717689] ret_from_fork+0x10/0x20 [ 38.718352] [ 38.718702] kfence-#146: 0x000000007ce1f79f-0x00000000fe2b44a4, size=32, cache=kmalloc-32 [ 38.718702] [ 38.719807] allocated by task 276 on cpu 0 at 38.709238s (0.010556s ago): [ 38.720794] test_alloc+0x298/0x620 [ 38.721421] test_out_of_bounds_read+0xdc/0x3e0 [ 38.722160] kunit_try_run_case+0x14c/0x3d0 [ 38.722808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.723611] kthread+0x24c/0x2d0 [ 38.724243] ret_from_fork+0x10/0x20 [ 38.724833] [ 38.725299] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.726486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.727093] Hardware name: linux,dummy-virt (DT) [ 38.727691] ================================================================== [ 38.813604] ================================================================== [ 38.814443] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 38.814443] [ 38.815270] Out-of-bounds read at 0x00000000b29355bb (32B right of kfence-#147): [ 38.816237] test_out_of_bounds_read+0x1c8/0x3e0 [ 38.816932] test_out_of_bounds_read+0x198/0x3e0 [ 38.817621] kunit_try_run_case+0x14c/0x3d0 [ 38.818281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.819005] kthread+0x24c/0x2d0 [ 38.819586] ret_from_fork+0x10/0x20 [ 38.820146] [ 38.820520] kfence-#147: 0x000000005be24431-0x000000007331a745, size=32, cache=kmalloc-32 [ 38.820520] [ 38.821513] allocated by task 276 on cpu 0 at 38.813172s (0.008329s ago): [ 38.822340] test_alloc+0x298/0x620 [ 38.822959] test_out_of_bounds_read+0x198/0x3e0 [ 38.823537] kunit_try_run_case+0x14c/0x3d0 [ 38.824171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.824943] kthread+0x24c/0x2d0 [ 38.825538] ret_from_fork+0x10/0x20 [ 38.826151] [ 38.826563] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.827586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.828219] Hardware name: linux,dummy-virt (DT) [ 38.828795] ================================================================== [ 39.021348] ================================================================== [ 39.022305] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 39.022305] [ 39.023141] Out-of-bounds read at 0x0000000064ca14ae (32B right of kfence-#149): [ 39.023531] test_out_of_bounds_read+0x1c8/0x3e0 [ 39.023816] test_out_of_bounds_read+0x198/0x3e0 [ 39.024303] kunit_try_run_case+0x14c/0x3d0 [ 39.025119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.026074] kthread+0x24c/0x2d0 [ 39.026832] ret_from_fork+0x10/0x20 [ 39.027563] [ 39.028018] kfence-#149: 0x00000000f1dc730f-0x00000000bce397bc, size=32, cache=test [ 39.028018] [ 39.029043] allocated by task 278 on cpu 0 at 39.021186s (0.007845s ago): [ 39.030211] test_alloc+0x22c/0x620 [ 39.030818] test_out_of_bounds_read+0x198/0x3e0 [ 39.031478] kunit_try_run_case+0x14c/0x3d0 [ 39.032050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.032744] kthread+0x24c/0x2d0 [ 39.033382] ret_from_fork+0x10/0x20 [ 39.033863] [ 39.034239] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 39.035680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.036434] Hardware name: linux,dummy-virt (DT) [ 39.037236] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 30.147478] ================================================================== [ 30.149094] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x490 [ 30.149094] [ 30.149869] Corrupted memory at 0x00000000a3adec4b [ ! . . . . . . . ] (in kfence-#101): [ 30.154308] kmalloc_track_caller_oob_right+0x224/0x490 [ 30.154975] kunit_try_run_case+0x14c/0x3d0 [ 30.155557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.156326] kthread+0x24c/0x2d0 [ 30.157279] ret_from_fork+0x10/0x20 [ 30.157742] [ 30.158381] kfence-#101: 0x000000003ca951f4-0x000000008d0b5112, size=120, cache=kmalloc-128 [ 30.158381] [ 30.160112] allocated by task 131 on cpu 0 at 30.145370s (0.014601s ago): [ 30.161141] kmalloc_track_caller_oob_right+0x184/0x490 [ 30.162178] kunit_try_run_case+0x14c/0x3d0 [ 30.162991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.163621] kthread+0x24c/0x2d0 [ 30.164105] ret_from_fork+0x10/0x20 [ 30.165625] [ 30.166304] freed by task 131 on cpu 0 at 30.146651s (0.019411s ago): [ 30.167333] kmalloc_track_caller_oob_right+0x224/0x490 [ 30.168090] kunit_try_run_case+0x14c/0x3d0 [ 30.169034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.169819] kthread+0x24c/0x2d0 [ 30.170381] ret_from_fork+0x10/0x20 [ 30.171043] [ 30.171565] CPU: 0 UID: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.172653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.174005] Hardware name: linux,dummy-virt (DT) [ 30.174615] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 38.542376] ================================================================== [ 38.543180] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 38.543806] Write of size 1 at addr fff00000c596cb78 by task kunit_try_catch/274 [ 38.545107] [ 38.545556] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.546816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.547310] Hardware name: linux,dummy-virt (DT) [ 38.547987] Call trace: [ 38.548415] show_stack+0x20/0x38 (C) [ 38.549084] dump_stack_lvl+0x8c/0xd0 [ 38.549720] print_report+0x118/0x5e0 [ 38.550387] kasan_report+0xc8/0x118 [ 38.550996] __asan_report_store1_noabort+0x20/0x30 [ 38.551674] strncpy_from_user+0x270/0x2a0 [ 38.552320] copy_user_test_oob+0x5c0/0xec0 [ 38.552962] kunit_try_run_case+0x14c/0x3d0 [ 38.553519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.554339] kthread+0x24c/0x2d0 [ 38.554916] ret_from_fork+0x10/0x20 [ 38.555545] [ 38.555878] Allocated by task 274: [ 38.556458] kasan_save_stack+0x3c/0x68 [ 38.557099] kasan_save_track+0x20/0x40 [ 38.557656] kasan_save_alloc_info+0x40/0x58 [ 38.558329] __kasan_kmalloc+0xd4/0xd8 [ 38.558846] __kmalloc_noprof+0x188/0x4c8 [ 38.559649] kunit_kmalloc_array+0x34/0x88 [ 38.560282] copy_user_test_oob+0xac/0xec0 [ 38.561078] kunit_try_run_case+0x14c/0x3d0 [ 38.561930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.562975] kthread+0x24c/0x2d0 [ 38.563689] ret_from_fork+0x10/0x20 [ 38.564458] [ 38.564928] The buggy address belongs to the object at fff00000c596cb00 [ 38.564928] which belongs to the cache kmalloc-128 of size 128 [ 38.566162] The buggy address is located 0 bytes to the right of [ 38.566162] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.567347] [ 38.567659] The buggy address belongs to the physical page: [ 38.568935] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.570050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.571049] page_type: f5(slab) [ 38.571803] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.572844] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.573649] page dumped because: kasan: bad access detected [ 38.574632] [ 38.575188] Memory state around the buggy address: [ 38.575973] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.577022] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.578071] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.579105] ^ [ 38.580137] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.581171] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.581960] ================================================================== [ 38.503499] ================================================================== [ 38.504405] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 38.505445] Write of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.506300] [ 38.507095] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.508380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.509029] Hardware name: linux,dummy-virt (DT) [ 38.510204] Call trace: [ 38.510808] show_stack+0x20/0x38 (C) [ 38.511469] dump_stack_lvl+0x8c/0xd0 [ 38.512086] print_report+0x118/0x5e0 [ 38.512667] kasan_report+0xc8/0x118 [ 38.513208] kasan_check_range+0x100/0x1a8 [ 38.513724] __kasan_check_write+0x20/0x30 [ 38.514282] strncpy_from_user+0x3c/0x2a0 [ 38.514960] copy_user_test_oob+0x5c0/0xec0 [ 38.515569] kunit_try_run_case+0x14c/0x3d0 [ 38.516237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.516951] kthread+0x24c/0x2d0 [ 38.517491] ret_from_fork+0x10/0x20 [ 38.518064] [ 38.518433] Allocated by task 274: [ 38.518865] kasan_save_stack+0x3c/0x68 [ 38.519520] kasan_save_track+0x20/0x40 [ 38.520143] kasan_save_alloc_info+0x40/0x58 [ 38.520821] __kasan_kmalloc+0xd4/0xd8 [ 38.521444] __kmalloc_noprof+0x188/0x4c8 [ 38.522051] kunit_kmalloc_array+0x34/0x88 [ 38.522696] copy_user_test_oob+0xac/0xec0 [ 38.523360] kunit_try_run_case+0x14c/0x3d0 [ 38.523927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.524638] kthread+0x24c/0x2d0 [ 38.525225] ret_from_fork+0x10/0x20 [ 38.525791] [ 38.526110] The buggy address belongs to the object at fff00000c596cb00 [ 38.526110] which belongs to the cache kmalloc-128 of size 128 [ 38.527512] The buggy address is located 0 bytes inside of [ 38.527512] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.528781] [ 38.529172] The buggy address belongs to the physical page: [ 38.529706] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.530712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.531467] page_type: f5(slab) [ 38.531925] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.532874] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.533775] page dumped because: kasan: bad access detected [ 38.534529] [ 38.534892] Memory state around the buggy address: [ 38.535620] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.536361] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.537191] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.537962] ^ [ 38.538786] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.539600] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.540388] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 38.414318] ================================================================== [ 38.415162] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec0 [ 38.415863] Write of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.417020] [ 38.417459] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.418705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.419375] Hardware name: linux,dummy-virt (DT) [ 38.420011] Call trace: [ 38.420584] show_stack+0x20/0x38 (C) [ 38.421313] dump_stack_lvl+0x8c/0xd0 [ 38.421927] print_report+0x118/0x5e0 [ 38.422558] kasan_report+0xc8/0x118 [ 38.423255] kasan_check_range+0x100/0x1a8 [ 38.423958] __kasan_check_write+0x20/0x30 [ 38.424561] copy_user_test_oob+0x434/0xec0 [ 38.425310] kunit_try_run_case+0x14c/0x3d0 [ 38.426100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.426935] kthread+0x24c/0x2d0 [ 38.427586] ret_from_fork+0x10/0x20 [ 38.428304] [ 38.428654] Allocated by task 274: [ 38.429175] kasan_save_stack+0x3c/0x68 [ 38.429817] kasan_save_track+0x20/0x40 [ 38.430500] kasan_save_alloc_info+0x40/0x58 [ 38.431095] __kasan_kmalloc+0xd4/0xd8 [ 38.431801] __kmalloc_noprof+0x188/0x4c8 [ 38.432441] kunit_kmalloc_array+0x34/0x88 [ 38.434043] copy_user_test_oob+0xac/0xec0 [ 38.434646] kunit_try_run_case+0x14c/0x3d0 [ 38.435664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.436961] kthread+0x24c/0x2d0 [ 38.437461] ret_from_fork+0x10/0x20 [ 38.437972] [ 38.438344] The buggy address belongs to the object at fff00000c596cb00 [ 38.438344] which belongs to the cache kmalloc-128 of size 128 [ 38.439969] The buggy address is located 0 bytes inside of [ 38.439969] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.441990] [ 38.442363] The buggy address belongs to the physical page: [ 38.443253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.444320] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.445258] page_type: f5(slab) [ 38.445829] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.446589] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.447681] page dumped because: kasan: bad access detected [ 38.448719] [ 38.449434] Memory state around the buggy address: [ 38.450312] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.451099] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.451843] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.452920] ^ [ 38.453981] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.455170] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.455870] ================================================================== [ 38.457458] ================================================================== [ 38.458077] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec0 [ 38.459061] Read of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.460021] [ 38.460812] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.463433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.463946] Hardware name: linux,dummy-virt (DT) [ 38.464820] Call trace: [ 38.465444] show_stack+0x20/0x38 (C) [ 38.466371] dump_stack_lvl+0x8c/0xd0 [ 38.467154] print_report+0x118/0x5e0 [ 38.467576] kasan_report+0xc8/0x118 [ 38.468303] kasan_check_range+0x100/0x1a8 [ 38.469007] __kasan_check_read+0x20/0x30 [ 38.470441] copy_user_test_oob+0x4a0/0xec0 [ 38.471102] kunit_try_run_case+0x14c/0x3d0 [ 38.471773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.472803] kthread+0x24c/0x2d0 [ 38.473460] ret_from_fork+0x10/0x20 [ 38.474153] [ 38.474524] Allocated by task 274: [ 38.475052] kasan_save_stack+0x3c/0x68 [ 38.475659] kasan_save_track+0x20/0x40 [ 38.476317] kasan_save_alloc_info+0x40/0x58 [ 38.477786] __kasan_kmalloc+0xd4/0xd8 [ 38.478369] __kmalloc_noprof+0x188/0x4c8 [ 38.479030] kunit_kmalloc_array+0x34/0x88 [ 38.479665] copy_user_test_oob+0xac/0xec0 [ 38.481033] kunit_try_run_case+0x14c/0x3d0 [ 38.481577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.482330] kthread+0x24c/0x2d0 [ 38.482855] ret_from_fork+0x10/0x20 [ 38.483388] [ 38.483758] The buggy address belongs to the object at fff00000c596cb00 [ 38.483758] which belongs to the cache kmalloc-128 of size 128 [ 38.486024] The buggy address is located 0 bytes inside of [ 38.486024] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.487113] [ 38.487485] The buggy address belongs to the physical page: [ 38.488080] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.489221] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.490432] page_type: f5(slab) [ 38.490975] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.491853] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.493030] page dumped because: kasan: bad access detected [ 38.493636] [ 38.494028] Memory state around the buggy address: [ 38.494585] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.497000] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.497926] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.498705] ^ [ 38.499510] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.500344] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.501656] ================================================================== [ 38.271711] ================================================================== [ 38.272540] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec0 [ 38.273434] Read of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.274247] [ 38.274534] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.275398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.275998] Hardware name: linux,dummy-virt (DT) [ 38.277205] Call trace: [ 38.277981] show_stack+0x20/0x38 (C) [ 38.278645] dump_stack_lvl+0x8c/0xd0 [ 38.279238] print_report+0x118/0x5e0 [ 38.279741] kasan_report+0xc8/0x118 [ 38.281486] kasan_check_range+0x100/0x1a8 [ 38.282002] __kasan_check_read+0x20/0x30 [ 38.282762] copy_user_test_oob+0x728/0xec0 [ 38.283551] kunit_try_run_case+0x14c/0x3d0 [ 38.284286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.285334] kthread+0x24c/0x2d0 [ 38.286421] ret_from_fork+0x10/0x20 [ 38.287025] [ 38.287287] Allocated by task 274: [ 38.287709] kasan_save_stack+0x3c/0x68 [ 38.288623] kasan_save_track+0x20/0x40 [ 38.289662] kasan_save_alloc_info+0x40/0x58 [ 38.290837] __kasan_kmalloc+0xd4/0xd8 [ 38.291482] __kmalloc_noprof+0x188/0x4c8 [ 38.292193] kunit_kmalloc_array+0x34/0x88 [ 38.293669] copy_user_test_oob+0xac/0xec0 [ 38.294339] kunit_try_run_case+0x14c/0x3d0 [ 38.295035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.295803] kthread+0x24c/0x2d0 [ 38.296614] ret_from_fork+0x10/0x20 [ 38.297448] [ 38.298060] The buggy address belongs to the object at fff00000c596cb00 [ 38.298060] which belongs to the cache kmalloc-128 of size 128 [ 38.299646] The buggy address is located 0 bytes inside of [ 38.299646] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.301596] [ 38.301887] The buggy address belongs to the physical page: [ 38.302539] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.304137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.305217] page_type: f5(slab) [ 38.306021] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.306873] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.307683] page dumped because: kasan: bad access detected [ 38.308359] [ 38.309323] Memory state around the buggy address: [ 38.310087] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.311101] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.312116] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.313341] ^ [ 38.314362] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.315392] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.316406] ================================================================== [ 38.371456] ================================================================== [ 38.372086] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec0 [ 38.373157] Read of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.374787] [ 38.375230] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.376226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.377552] Hardware name: linux,dummy-virt (DT) [ 38.378560] Call trace: [ 38.379124] show_stack+0x20/0x38 (C) [ 38.379846] dump_stack_lvl+0x8c/0xd0 [ 38.380602] print_report+0x118/0x5e0 [ 38.381333] kasan_report+0xc8/0x118 [ 38.381995] kasan_check_range+0x100/0x1a8 [ 38.382760] __kasan_check_read+0x20/0x30 [ 38.383454] copy_user_test_oob+0x3c8/0xec0 [ 38.384214] kunit_try_run_case+0x14c/0x3d0 [ 38.385022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.385838] kthread+0x24c/0x2d0 [ 38.386399] ret_from_fork+0x10/0x20 [ 38.387162] [ 38.387514] Allocated by task 274: [ 38.387984] kasan_save_stack+0x3c/0x68 [ 38.389018] kasan_save_track+0x20/0x40 [ 38.390076] kasan_save_alloc_info+0x40/0x58 [ 38.390693] __kasan_kmalloc+0xd4/0xd8 [ 38.391428] __kmalloc_noprof+0x188/0x4c8 [ 38.392116] kunit_kmalloc_array+0x34/0x88 [ 38.392742] copy_user_test_oob+0xac/0xec0 [ 38.393507] kunit_try_run_case+0x14c/0x3d0 [ 38.394031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.394586] kthread+0x24c/0x2d0 [ 38.395040] ret_from_fork+0x10/0x20 [ 38.395813] [ 38.396296] The buggy address belongs to the object at fff00000c596cb00 [ 38.396296] which belongs to the cache kmalloc-128 of size 128 [ 38.398287] The buggy address is located 0 bytes inside of [ 38.398287] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.399599] [ 38.400022] The buggy address belongs to the physical page: [ 38.401032] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.402657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.403420] page_type: f5(slab) [ 38.403979] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.405023] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.405996] page dumped because: kasan: bad access detected [ 38.406695] [ 38.407117] Memory state around the buggy address: [ 38.407794] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.408636] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.409491] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.410332] ^ [ 38.411147] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.411943] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.412827] ================================================================== [ 38.220033] ================================================================== [ 38.221299] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec0 [ 38.221991] Write of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.222688] [ 38.223105] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.224473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.225056] Hardware name: linux,dummy-virt (DT) [ 38.225943] Call trace: [ 38.226598] show_stack+0x20/0x38 (C) [ 38.227517] dump_stack_lvl+0x8c/0xd0 [ 38.228286] print_report+0x118/0x5e0 [ 38.229529] kasan_report+0xc8/0x118 [ 38.230113] kasan_check_range+0x100/0x1a8 [ 38.230841] __kasan_check_write+0x20/0x30 [ 38.231486] copy_user_test_oob+0x234/0xec0 [ 38.232204] kunit_try_run_case+0x14c/0x3d0 [ 38.233003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.233754] kthread+0x24c/0x2d0 [ 38.234377] ret_from_fork+0x10/0x20 [ 38.234963] [ 38.235285] Allocated by task 274: [ 38.236035] kasan_save_stack+0x3c/0x68 [ 38.237466] kasan_save_track+0x20/0x40 [ 38.238145] kasan_save_alloc_info+0x40/0x58 [ 38.238816] __kasan_kmalloc+0xd4/0xd8 [ 38.239427] __kmalloc_noprof+0x188/0x4c8 [ 38.240016] kunit_kmalloc_array+0x34/0x88 [ 38.241108] copy_user_test_oob+0xac/0xec0 [ 38.241598] kunit_try_run_case+0x14c/0x3d0 [ 38.242343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.243148] kthread+0x24c/0x2d0 [ 38.243765] ret_from_fork+0x10/0x20 [ 38.244454] [ 38.244845] The buggy address belongs to the object at fff00000c596cb00 [ 38.244845] which belongs to the cache kmalloc-128 of size 128 [ 38.246503] The buggy address is located 0 bytes inside of [ 38.246503] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.248748] [ 38.249208] The buggy address belongs to the physical page: [ 38.250073] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.251201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.252042] page_type: f5(slab) [ 38.253420] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.254427] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.255280] page dumped because: kasan: bad access detected [ 38.256022] [ 38.256411] Memory state around the buggy address: [ 38.257550] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.258428] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.259316] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.260170] ^ [ 38.261696] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.262953] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.263703] ================================================================== [ 38.326264] ================================================================== [ 38.327034] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec0 [ 38.328063] Write of size 121 at addr fff00000c596cb00 by task kunit_try_catch/274 [ 38.330155] [ 38.330638] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.331979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.332597] Hardware name: linux,dummy-virt (DT) [ 38.333498] Call trace: [ 38.333847] show_stack+0x20/0x38 (C) [ 38.334395] dump_stack_lvl+0x8c/0xd0 [ 38.335062] print_report+0x118/0x5e0 [ 38.335589] kasan_report+0xc8/0x118 [ 38.336227] kasan_check_range+0x100/0x1a8 [ 38.337946] __kasan_check_write+0x20/0x30 [ 38.338560] copy_user_test_oob+0x35c/0xec0 [ 38.339220] kunit_try_run_case+0x14c/0x3d0 [ 38.339922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.341058] kthread+0x24c/0x2d0 [ 38.341521] ret_from_fork+0x10/0x20 [ 38.342029] [ 38.342364] Allocated by task 274: [ 38.342809] kasan_save_stack+0x3c/0x68 [ 38.343991] kasan_save_track+0x20/0x40 [ 38.344884] kasan_save_alloc_info+0x40/0x58 [ 38.346320] __kasan_kmalloc+0xd4/0xd8 [ 38.346932] __kmalloc_noprof+0x188/0x4c8 [ 38.347606] kunit_kmalloc_array+0x34/0x88 [ 38.348213] copy_user_test_oob+0xac/0xec0 [ 38.348858] kunit_try_run_case+0x14c/0x3d0 [ 38.349931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.350658] kthread+0x24c/0x2d0 [ 38.351277] ret_from_fork+0x10/0x20 [ 38.351893] [ 38.353415] The buggy address belongs to the object at fff00000c596cb00 [ 38.353415] which belongs to the cache kmalloc-128 of size 128 [ 38.354535] The buggy address is located 0 bytes inside of [ 38.354535] allocated 120-byte region [fff00000c596cb00, fff00000c596cb78) [ 38.355835] [ 38.356260] The buggy address belongs to the physical page: [ 38.356991] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.357821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.358715] page_type: f5(slab) [ 38.359182] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.361180] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.361844] page dumped because: kasan: bad access detected [ 38.362610] [ 38.363485] Memory state around the buggy address: [ 38.364043] fff00000c596ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.365290] fff00000c596ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.366313] >fff00000c596cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.367116] ^ [ 38.367837] fff00000c596cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.368959] fff00000c596cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.370266] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 38.101697] ================================================================== [ 38.103164] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 38.103994] Read of size 8 at addr fff00000c596c878 by task kunit_try_catch/270 [ 38.104847] [ 38.106099] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.107618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.108165] Hardware name: linux,dummy-virt (DT) [ 38.109371] Call trace: [ 38.109882] show_stack+0x20/0x38 (C) [ 38.110565] dump_stack_lvl+0x8c/0xd0 [ 38.111243] print_report+0x118/0x5e0 [ 38.111777] kasan_report+0xc8/0x118 [ 38.112716] __asan_report_load8_noabort+0x20/0x30 [ 38.113615] copy_to_kernel_nofault+0x204/0x250 [ 38.114235] copy_to_kernel_nofault_oob+0x158/0x418 [ 38.114578] kunit_try_run_case+0x14c/0x3d0 [ 38.114873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.115228] kthread+0x24c/0x2d0 [ 38.115526] ret_from_fork+0x10/0x20 [ 38.115802] [ 38.116083] Allocated by task 270: [ 38.117331] kasan_save_stack+0x3c/0x68 [ 38.118330] kasan_save_track+0x20/0x40 [ 38.119003] kasan_save_alloc_info+0x40/0x58 [ 38.119475] __kasan_kmalloc+0xd4/0xd8 [ 38.119932] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.120566] copy_to_kernel_nofault_oob+0xc8/0x418 [ 38.121329] kunit_try_run_case+0x14c/0x3d0 [ 38.122547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.123231] kthread+0x24c/0x2d0 [ 38.123795] ret_from_fork+0x10/0x20 [ 38.124359] [ 38.124978] The buggy address belongs to the object at fff00000c596c800 [ 38.124978] which belongs to the cache kmalloc-128 of size 128 [ 38.126221] The buggy address is located 0 bytes to the right of [ 38.126221] allocated 120-byte region [fff00000c596c800, fff00000c596c878) [ 38.128211] [ 38.128842] The buggy address belongs to the physical page: [ 38.129620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.130629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.131397] page_type: f5(slab) [ 38.131917] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.132983] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.134106] page dumped because: kasan: bad access detected [ 38.134771] [ 38.135540] Memory state around the buggy address: [ 38.136142] fff00000c596c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 38.137001] fff00000c596c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.138287] >fff00000c596c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.139049] ^ [ 38.139845] fff00000c596c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.140943] fff00000c596c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.141865] ================================================================== [ 38.144723] ================================================================== [ 38.145622] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 38.146635] Write of size 8 at addr fff00000c596c878 by task kunit_try_catch/270 [ 38.147422] [ 38.147790] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.148819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.149439] Hardware name: linux,dummy-virt (DT) [ 38.150695] Call trace: [ 38.151292] show_stack+0x20/0x38 (C) [ 38.151846] dump_stack_lvl+0x8c/0xd0 [ 38.152737] print_report+0x118/0x5e0 [ 38.153564] kasan_report+0xc8/0x118 [ 38.154152] kasan_check_range+0x100/0x1a8 [ 38.154824] __kasan_check_write+0x20/0x30 [ 38.155429] copy_to_kernel_nofault+0x8c/0x250 [ 38.156114] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 38.157484] kunit_try_run_case+0x14c/0x3d0 [ 38.158048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.158778] kthread+0x24c/0x2d0 [ 38.159329] ret_from_fork+0x10/0x20 [ 38.159897] [ 38.160287] Allocated by task 270: [ 38.160828] kasan_save_stack+0x3c/0x68 [ 38.161438] kasan_save_track+0x20/0x40 [ 38.162424] kasan_save_alloc_info+0x40/0x58 [ 38.163116] __kasan_kmalloc+0xd4/0xd8 [ 38.163658] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.165062] copy_to_kernel_nofault_oob+0xc8/0x418 [ 38.165785] kunit_try_run_case+0x14c/0x3d0 [ 38.166412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.167292] kthread+0x24c/0x2d0 [ 38.167769] ret_from_fork+0x10/0x20 [ 38.168569] [ 38.168947] The buggy address belongs to the object at fff00000c596c800 [ 38.168947] which belongs to the cache kmalloc-128 of size 128 [ 38.170499] The buggy address is located 0 bytes to the right of [ 38.170499] allocated 120-byte region [fff00000c596c800, fff00000c596c878) [ 38.171746] [ 38.172234] The buggy address belongs to the physical page: [ 38.173850] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596c [ 38.174697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.175470] page_type: f5(slab) [ 38.176049] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.177270] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.178093] page dumped because: kasan: bad access detected [ 38.178713] [ 38.179195] Memory state around the buggy address: [ 38.179764] fff00000c596c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 38.180941] fff00000c596c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.181952] >fff00000c596c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.182776] ^ [ 38.183553] fff00000c596c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.184367] fff00000c596c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.185157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 38.018558] ================================================================== [ 38.018980] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 38.019895] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/258 [ 38.020838] [ 38.021376] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 38.022595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.023794] Hardware name: linux,dummy-virt (DT) [ 38.024928] Call trace: [ 38.025430] show_stack+0x20/0x38 (C) [ 38.026132] dump_stack_lvl+0x8c/0xd0 [ 38.026886] print_report+0x2fc/0x5e0 [ 38.027595] kasan_report+0xc8/0x118 [ 38.028224] __asan_report_load1_noabort+0x20/0x30 [ 38.029013] vmalloc_oob+0x51c/0x5d0 [ 38.029833] kunit_try_run_case+0x14c/0x3d0 [ 38.030661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.031507] kthread+0x24c/0x2d0 [ 38.032081] ret_from_fork+0x10/0x20 [ 38.032841] [ 38.033214] The buggy address belongs to the virtual mapping at [ 38.033214] [ffff80008010b000, ffff80008010d000) created by: [ 38.033214] vmalloc_oob+0x98/0x5d0 [ 38.034688] [ 38.035075] The buggy address belongs to the physical page: [ 38.035721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594b [ 38.037238] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.037854] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 38.038966] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 38.039965] page dumped because: kasan: bad access detected [ 38.040826] [ 38.041496] Memory state around the buggy address: [ 38.041983] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.042798] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.044385] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 38.045550] ^ [ 38.046381] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.046772] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.047566] ================================================================== [ 37.986493] ================================================================== [ 37.987803] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 37.988578] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/258 [ 37.990201] [ 37.990627] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.991881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.992636] Hardware name: linux,dummy-virt (DT) [ 37.993956] Call trace: [ 37.994421] show_stack+0x20/0x38 (C) [ 37.995217] dump_stack_lvl+0x8c/0xd0 [ 37.995837] print_report+0x2fc/0x5e0 [ 37.996787] kasan_report+0xc8/0x118 [ 37.997404] __asan_report_load1_noabort+0x20/0x30 [ 37.998069] vmalloc_oob+0x578/0x5d0 [ 37.998670] kunit_try_run_case+0x14c/0x3d0 [ 37.999324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.000131] kthread+0x24c/0x2d0 [ 38.001024] ret_from_fork+0x10/0x20 [ 38.001458] [ 38.001858] The buggy address belongs to the virtual mapping at [ 38.001858] [ffff80008010b000, ffff80008010d000) created by: [ 38.001858] vmalloc_oob+0x98/0x5d0 [ 38.003343] [ 38.003721] The buggy address belongs to the physical page: [ 38.004360] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594b [ 38.005666] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.006476] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 38.007417] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 38.008293] page dumped because: kasan: bad access detected [ 38.009410] [ 38.009692] Memory state around the buggy address: [ 38.010275] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.011363] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.012612] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 38.013489] ^ [ 38.014555] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.015577] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.016999] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 37.930867] ================================================================== [ 37.931664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 37.933082] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.933889] [ 37.934326] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.935437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.936053] Hardware name: linux,dummy-virt (DT) [ 37.936646] Call trace: [ 37.937073] show_stack+0x20/0x38 (C) [ 37.937730] dump_stack_lvl+0x8c/0xd0 [ 37.938381] print_report+0x118/0x5e0 [ 37.939003] kasan_report+0xc8/0x118 [ 37.939573] kasan_check_range+0x100/0x1a8 [ 37.940270] __kasan_check_write+0x20/0x30 [ 37.940894] kasan_atomics_helper+0x17ec/0x4858 [ 37.941526] kasan_atomics+0x198/0x2e8 [ 37.942185] kunit_try_run_case+0x14c/0x3d0 [ 37.942884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.943605] kthread+0x24c/0x2d0 [ 37.944106] ret_from_fork+0x10/0x20 [ 37.944739] [ 37.945134] Allocated by task 254: [ 37.945706] kasan_save_stack+0x3c/0x68 [ 37.946228] kasan_save_track+0x20/0x40 [ 37.946851] kasan_save_alloc_info+0x40/0x58 [ 37.947538] __kasan_kmalloc+0xd4/0xd8 [ 37.948052] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.948740] kasan_atomics+0xb8/0x2e8 [ 37.949281] kunit_try_run_case+0x14c/0x3d0 [ 37.950305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.951058] kthread+0x24c/0x2d0 [ 37.951585] ret_from_fork+0x10/0x20 [ 37.952047] [ 37.952419] The buggy address belongs to the object at fff00000c591a100 [ 37.952419] which belongs to the cache kmalloc-64 of size 64 [ 37.953548] The buggy address is located 0 bytes to the right of [ 37.953548] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.954840] [ 37.955232] The buggy address belongs to the physical page: [ 37.956018] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.956830] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.957639] page_type: f5(slab) [ 37.958159] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.959010] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.959864] page dumped because: kasan: bad access detected [ 37.960499] [ 37.960866] Memory state around the buggy address: [ 37.961431] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.962305] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.963103] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.963881] ^ [ 37.964464] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.965363] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.966146] ================================================================== [ 35.547530] ================================================================== [ 35.548257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 35.548682] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.549590] [ 35.550006] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.551248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.551742] Hardware name: linux,dummy-virt (DT) [ 35.552444] Call trace: [ 35.552956] show_stack+0x20/0x38 (C) [ 35.553619] dump_stack_lvl+0x8c/0xd0 [ 35.554372] print_report+0x118/0x5e0 [ 35.555119] kasan_report+0xc8/0x118 [ 35.555894] kasan_check_range+0x100/0x1a8 [ 35.556708] __kasan_check_read+0x20/0x30 [ 35.557315] kasan_atomics_helper+0x1ec/0x4858 [ 35.558190] kasan_atomics+0x198/0x2e8 [ 35.558857] kunit_try_run_case+0x14c/0x3d0 [ 35.559447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.560266] kthread+0x24c/0x2d0 [ 35.560864] ret_from_fork+0x10/0x20 [ 35.561531] [ 35.561923] Allocated by task 254: [ 35.562486] kasan_save_stack+0x3c/0x68 [ 35.563124] kasan_save_track+0x20/0x40 [ 35.563738] kasan_save_alloc_info+0x40/0x58 [ 35.564381] __kasan_kmalloc+0xd4/0xd8 [ 35.565004] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.565607] kasan_atomics+0xb8/0x2e8 [ 35.566231] kunit_try_run_case+0x14c/0x3d0 [ 35.566769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.567566] kthread+0x24c/0x2d0 [ 35.568148] ret_from_fork+0x10/0x20 [ 35.568711] [ 35.569035] The buggy address belongs to the object at fff00000c591a100 [ 35.569035] which belongs to the cache kmalloc-64 of size 64 [ 35.570407] The buggy address is located 0 bytes to the right of [ 35.570407] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.571639] [ 35.572039] The buggy address belongs to the physical page: [ 35.572789] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.573614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.574455] page_type: f5(slab) [ 35.574948] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.575881] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.576701] page dumped because: kasan: bad access detected [ 35.577486] [ 35.577824] Memory state around the buggy address: [ 35.578558] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.579500] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.580355] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.581172] ^ [ 35.581848] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.582656] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.583458] ================================================================== [ 37.512607] ================================================================== [ 37.513500] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 37.514235] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.515193] [ 37.515531] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.516670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.517283] Hardware name: linux,dummy-virt (DT) [ 37.517788] Call trace: [ 37.518266] show_stack+0x20/0x38 (C) [ 37.518896] dump_stack_lvl+0x8c/0xd0 [ 37.519480] print_report+0x118/0x5e0 [ 37.520087] kasan_report+0xc8/0x118 [ 37.520709] kasan_check_range+0x100/0x1a8 [ 37.521317] __kasan_check_write+0x20/0x30 [ 37.522012] kasan_atomics_helper+0x147c/0x4858 [ 37.522638] kasan_atomics+0x198/0x2e8 [ 37.523314] kunit_try_run_case+0x14c/0x3d0 [ 37.524038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.524815] kthread+0x24c/0x2d0 [ 37.525316] ret_from_fork+0x10/0x20 [ 37.525965] [ 37.526333] Allocated by task 254: [ 37.526896] kasan_save_stack+0x3c/0x68 [ 37.527412] kasan_save_track+0x20/0x40 [ 37.528086] kasan_save_alloc_info+0x40/0x58 [ 37.528683] __kasan_kmalloc+0xd4/0xd8 [ 37.529176] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.529940] kasan_atomics+0xb8/0x2e8 [ 37.530590] kunit_try_run_case+0x14c/0x3d0 [ 37.531280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.532137] kthread+0x24c/0x2d0 [ 37.532693] ret_from_fork+0x10/0x20 [ 37.533337] [ 37.533734] The buggy address belongs to the object at fff00000c591a100 [ 37.533734] which belongs to the cache kmalloc-64 of size 64 [ 37.534999] The buggy address is located 0 bytes to the right of [ 37.534999] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.536278] [ 37.536692] The buggy address belongs to the physical page: [ 37.537362] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.538379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.539178] page_type: f5(slab) [ 37.539777] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.540684] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.541657] page dumped because: kasan: bad access detected [ 37.542470] [ 37.542853] Memory state around the buggy address: [ 37.543579] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.544454] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.545366] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.546174] ^ [ 37.546835] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.547706] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.548541] ================================================================== [ 35.822271] ================================================================== [ 35.823471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 35.824366] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.825410] [ 35.825824] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.827519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.828344] Hardware name: linux,dummy-virt (DT) [ 35.828753] Call trace: [ 35.829374] show_stack+0x20/0x38 (C) [ 35.829995] dump_stack_lvl+0x8c/0xd0 [ 35.830689] print_report+0x118/0x5e0 [ 35.831310] kasan_report+0xc8/0x118 [ 35.831858] kasan_check_range+0x100/0x1a8 [ 35.832649] __kasan_check_write+0x20/0x30 [ 35.833331] kasan_atomics_helper+0x414/0x4858 [ 35.834095] kasan_atomics+0x198/0x2e8 [ 35.834634] kunit_try_run_case+0x14c/0x3d0 [ 35.835283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.836043] kthread+0x24c/0x2d0 [ 35.836637] ret_from_fork+0x10/0x20 [ 35.837240] [ 35.837611] Allocated by task 254: [ 35.838178] kasan_save_stack+0x3c/0x68 [ 35.838727] kasan_save_track+0x20/0x40 [ 35.839341] kasan_save_alloc_info+0x40/0x58 [ 35.839946] __kasan_kmalloc+0xd4/0xd8 [ 35.840524] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.841207] kasan_atomics+0xb8/0x2e8 [ 35.841802] kunit_try_run_case+0x14c/0x3d0 [ 35.842349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.843140] kthread+0x24c/0x2d0 [ 35.843699] ret_from_fork+0x10/0x20 [ 35.844250] [ 35.844554] The buggy address belongs to the object at fff00000c591a100 [ 35.844554] which belongs to the cache kmalloc-64 of size 64 [ 35.845965] The buggy address is located 0 bytes to the right of [ 35.845965] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.847393] [ 35.847712] The buggy address belongs to the physical page: [ 35.848460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.849206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.850085] page_type: f5(slab) [ 35.850637] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.851563] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.852521] page dumped because: kasan: bad access detected [ 35.853062] [ 35.853430] Memory state around the buggy address: [ 35.854121] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.855041] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.855795] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.856691] ^ [ 35.857285] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.858119] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.858865] ================================================================== [ 36.433547] ================================================================== [ 36.434279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 36.435070] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.435728] [ 36.436719] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.438034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.438774] Hardware name: linux,dummy-virt (DT) [ 36.439582] Call trace: [ 36.440221] show_stack+0x20/0x38 (C) [ 36.441029] dump_stack_lvl+0x8c/0xd0 [ 36.441805] print_report+0x118/0x5e0 [ 36.442609] kasan_report+0xc8/0x118 [ 36.443383] kasan_check_range+0x100/0x1a8 [ 36.444205] __kasan_check_write+0x20/0x30 [ 36.444780] kasan_atomics_helper+0xad4/0x4858 [ 36.445379] kasan_atomics+0x198/0x2e8 [ 36.446440] kunit_try_run_case+0x14c/0x3d0 [ 36.447036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.447954] kthread+0x24c/0x2d0 [ 36.448680] ret_from_fork+0x10/0x20 [ 36.449465] [ 36.449995] Allocated by task 254: [ 36.450658] kasan_save_stack+0x3c/0x68 [ 36.451452] kasan_save_track+0x20/0x40 [ 36.452286] kasan_save_alloc_info+0x40/0x58 [ 36.453114] __kasan_kmalloc+0xd4/0xd8 [ 36.453885] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.454558] kasan_atomics+0xb8/0x2e8 [ 36.455070] kunit_try_run_case+0x14c/0x3d0 [ 36.455592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.456682] kthread+0x24c/0x2d0 [ 36.457403] ret_from_fork+0x10/0x20 [ 36.458207] [ 36.458744] The buggy address belongs to the object at fff00000c591a100 [ 36.458744] which belongs to the cache kmalloc-64 of size 64 [ 36.460334] The buggy address is located 0 bytes to the right of [ 36.460334] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.461946] [ 36.462495] The buggy address belongs to the physical page: [ 36.463208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.464062] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.464793] page_type: f5(slab) [ 36.465796] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.466882] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.467949] page dumped because: kasan: bad access detected [ 36.468806] [ 36.469379] Memory state around the buggy address: [ 36.470110] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.471175] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.472213] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.473235] ^ [ 36.474078] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.475165] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.476185] ================================================================== [ 35.586135] ================================================================== [ 35.587523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 35.588366] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.590195] [ 35.590617] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.591659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.592226] Hardware name: linux,dummy-virt (DT) [ 35.592759] Call trace: [ 35.593239] show_stack+0x20/0x38 (C) [ 35.593896] dump_stack_lvl+0x8c/0xd0 [ 35.594556] print_report+0x118/0x5e0 [ 35.595206] kasan_report+0xc8/0x118 [ 35.595855] kasan_check_range+0x100/0x1a8 [ 35.596566] __kasan_check_write+0x20/0x30 [ 35.597274] kasan_atomics_helper+0x24c/0x4858 [ 35.597849] kasan_atomics+0x198/0x2e8 [ 35.598528] kunit_try_run_case+0x14c/0x3d0 [ 35.599131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.599949] kthread+0x24c/0x2d0 [ 35.600509] ret_from_fork+0x10/0x20 [ 35.601177] [ 35.601496] Allocated by task 254: [ 35.602045] kasan_save_stack+0x3c/0x68 [ 35.602544] kasan_save_track+0x20/0x40 [ 35.603168] kasan_save_alloc_info+0x40/0x58 [ 35.603825] __kasan_kmalloc+0xd4/0xd8 [ 35.604337] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.605000] kasan_atomics+0xb8/0x2e8 [ 35.605628] kunit_try_run_case+0x14c/0x3d0 [ 35.606268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.607073] kthread+0x24c/0x2d0 [ 35.607607] ret_from_fork+0x10/0x20 [ 35.608222] [ 35.608576] The buggy address belongs to the object at fff00000c591a100 [ 35.608576] which belongs to the cache kmalloc-64 of size 64 [ 35.609738] The buggy address is located 0 bytes to the right of [ 35.609738] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.612085] [ 35.612443] The buggy address belongs to the physical page: [ 35.613357] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.614263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.614849] page_type: f5(slab) [ 35.616191] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.617276] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.617896] page dumped because: kasan: bad access detected [ 35.618539] [ 35.618858] Memory state around the buggy address: [ 35.619476] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.620394] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.621093] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.621986] ^ [ 35.622607] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.623444] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.624231] ================================================================== [ 36.599421] ================================================================== [ 36.600512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 36.601671] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.602436] [ 36.603261] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.604520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.605277] Hardware name: linux,dummy-virt (DT) [ 36.605996] Call trace: [ 36.606479] show_stack+0x20/0x38 (C) [ 36.607176] dump_stack_lvl+0x8c/0xd0 [ 36.607689] print_report+0x118/0x5e0 [ 36.608341] kasan_report+0xc8/0x118 [ 36.608985] kasan_check_range+0x100/0x1a8 [ 36.609554] __kasan_check_write+0x20/0x30 [ 36.610279] kasan_atomics_helper+0xc08/0x4858 [ 36.610948] kasan_atomics+0x198/0x2e8 [ 36.611643] kunit_try_run_case+0x14c/0x3d0 [ 36.612333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.613119] kthread+0x24c/0x2d0 [ 36.613714] ret_from_fork+0x10/0x20 [ 36.614344] [ 36.614708] Allocated by task 254: [ 36.615238] kasan_save_stack+0x3c/0x68 [ 36.615842] kasan_save_track+0x20/0x40 [ 36.616497] kasan_save_alloc_info+0x40/0x58 [ 36.617098] __kasan_kmalloc+0xd4/0xd8 [ 36.617749] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.618388] kasan_atomics+0xb8/0x2e8 [ 36.619059] kunit_try_run_case+0x14c/0x3d0 [ 36.619719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.620459] kthread+0x24c/0x2d0 [ 36.621059] ret_from_fork+0x10/0x20 [ 36.621663] [ 36.622114] The buggy address belongs to the object at fff00000c591a100 [ 36.622114] which belongs to the cache kmalloc-64 of size 64 [ 36.623382] The buggy address is located 0 bytes to the right of [ 36.623382] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.624670] [ 36.625107] The buggy address belongs to the physical page: [ 36.626276] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.627229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.628105] page_type: f5(slab) [ 36.628634] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.629596] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.630515] page dumped because: kasan: bad access detected [ 36.631200] [ 36.631579] Memory state around the buggy address: [ 36.632315] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.633083] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.634036] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.634821] ^ [ 36.635516] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.636356] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.637210] ================================================================== [ 36.392887] ================================================================== [ 36.393767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 36.394672] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.395412] [ 36.395813] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.396804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.397438] Hardware name: linux,dummy-virt (DT) [ 36.398106] Call trace: [ 36.398584] show_stack+0x20/0x38 (C) [ 36.399201] dump_stack_lvl+0x8c/0xd0 [ 36.399761] print_report+0x118/0x5e0 [ 36.400392] kasan_report+0xc8/0x118 [ 36.400806] kasan_check_range+0x100/0x1a8 [ 36.401353] __kasan_check_write+0x20/0x30 [ 36.401875] kasan_atomics_helper+0xa6c/0x4858 [ 36.403606] kasan_atomics+0x198/0x2e8 [ 36.404522] kunit_try_run_case+0x14c/0x3d0 [ 36.405196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.405886] kthread+0x24c/0x2d0 [ 36.406514] ret_from_fork+0x10/0x20 [ 36.407117] [ 36.407450] Allocated by task 254: [ 36.408014] kasan_save_stack+0x3c/0x68 [ 36.408554] kasan_save_track+0x20/0x40 [ 36.409192] kasan_save_alloc_info+0x40/0x58 [ 36.409752] __kasan_kmalloc+0xd4/0xd8 [ 36.410379] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.411005] kasan_atomics+0xb8/0x2e8 [ 36.411601] kunit_try_run_case+0x14c/0x3d0 [ 36.412217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.412980] kthread+0x24c/0x2d0 [ 36.413540] ret_from_fork+0x10/0x20 [ 36.414090] [ 36.414463] The buggy address belongs to the object at fff00000c591a100 [ 36.414463] which belongs to the cache kmalloc-64 of size 64 [ 36.415730] The buggy address is located 0 bytes to the right of [ 36.415730] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.417078] [ 36.417457] The buggy address belongs to the physical page: [ 36.418166] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.419065] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.419936] page_type: f5(slab) [ 36.420508] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.421402] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.422223] page dumped because: kasan: bad access detected [ 36.423367] [ 36.423897] Memory state around the buggy address: [ 36.424712] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.425703] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.426733] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.427735] ^ [ 36.428557] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.429515] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.430511] ================================================================== [ 36.757387] ================================================================== [ 36.758226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 36.759181] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.760072] [ 36.760687] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.761945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.762473] Hardware name: linux,dummy-virt (DT) [ 36.763214] Call trace: [ 36.763607] show_stack+0x20/0x38 (C) [ 36.764340] dump_stack_lvl+0x8c/0xd0 [ 36.764935] print_report+0x118/0x5e0 [ 36.765565] kasan_report+0xc8/0x118 [ 36.766103] kasan_check_range+0x100/0x1a8 [ 36.766657] __kasan_check_write+0x20/0x30 [ 36.767276] kasan_atomics_helper+0xd3c/0x4858 [ 36.767967] kasan_atomics+0x198/0x2e8 [ 36.768469] kunit_try_run_case+0x14c/0x3d0 [ 36.769154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.770090] kthread+0x24c/0x2d0 [ 36.770740] ret_from_fork+0x10/0x20 [ 36.771438] [ 36.771839] Allocated by task 254: [ 36.772446] kasan_save_stack+0x3c/0x68 [ 36.773131] kasan_save_track+0x20/0x40 [ 36.773785] kasan_save_alloc_info+0x40/0x58 [ 36.774384] __kasan_kmalloc+0xd4/0xd8 [ 36.775062] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.775590] kasan_atomics+0xb8/0x2e8 [ 36.776138] kunit_try_run_case+0x14c/0x3d0 [ 36.776922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.777724] kthread+0x24c/0x2d0 [ 36.778362] ret_from_fork+0x10/0x20 [ 36.779004] [ 36.779397] The buggy address belongs to the object at fff00000c591a100 [ 36.779397] which belongs to the cache kmalloc-64 of size 64 [ 36.780710] The buggy address is located 0 bytes to the right of [ 36.780710] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.782066] [ 36.782373] The buggy address belongs to the physical page: [ 36.783216] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.784276] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.785066] page_type: f5(slab) [ 36.785708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.786665] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.787548] page dumped because: kasan: bad access detected [ 36.788224] [ 36.788621] Memory state around the buggy address: [ 36.789187] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.790138] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.790961] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.791883] ^ [ 36.792511] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.793382] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.794262] ================================================================== [ 37.065594] ================================================================== [ 37.066534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 37.068097] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.069975] [ 37.070390] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.071624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.072256] Hardware name: linux,dummy-virt (DT) [ 37.072823] Call trace: [ 37.073302] show_stack+0x20/0x38 (C) [ 37.073959] dump_stack_lvl+0x8c/0xd0 [ 37.074592] print_report+0x118/0x5e0 [ 37.075210] kasan_report+0xc8/0x118 [ 37.075873] kasan_check_range+0x100/0x1a8 [ 37.076500] __kasan_check_write+0x20/0x30 [ 37.077189] kasan_atomics_helper+0xf88/0x4858 [ 37.077887] kasan_atomics+0x198/0x2e8 [ 37.078554] kunit_try_run_case+0x14c/0x3d0 [ 37.079166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.079954] kthread+0x24c/0x2d0 [ 37.080551] ret_from_fork+0x10/0x20 [ 37.081123] [ 37.081485] Allocated by task 254: [ 37.082036] kasan_save_stack+0x3c/0x68 [ 37.082658] kasan_save_track+0x20/0x40 [ 37.083195] kasan_save_alloc_info+0x40/0x58 [ 37.083853] __kasan_kmalloc+0xd4/0xd8 [ 37.084491] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.085131] kasan_atomics+0xb8/0x2e8 [ 37.085635] kunit_try_run_case+0x14c/0x3d0 [ 37.086306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.087039] kthread+0x24c/0x2d0 [ 37.087599] ret_from_fork+0x10/0x20 [ 37.088183] [ 37.088549] The buggy address belongs to the object at fff00000c591a100 [ 37.088549] which belongs to the cache kmalloc-64 of size 64 [ 37.089813] The buggy address is located 0 bytes to the right of [ 37.089813] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.091086] [ 37.091412] The buggy address belongs to the physical page: [ 37.092153] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.093005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.093841] page_type: f5(slab) [ 37.094428] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.095360] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.096163] page dumped because: kasan: bad access detected [ 37.096833] [ 37.097197] Memory state around the buggy address: [ 37.097875] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.098714] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.099448] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.100382] ^ [ 37.101087] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.101776] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.102682] ================================================================== [ 35.784153] ================================================================== [ 35.784925] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 35.785821] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.788137] [ 35.788505] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.789574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.790086] Hardware name: linux,dummy-virt (DT) [ 35.790752] Call trace: [ 35.791174] show_stack+0x20/0x38 (C) [ 35.791749] dump_stack_lvl+0x8c/0xd0 [ 35.792358] print_report+0x118/0x5e0 [ 35.792925] kasan_report+0xc8/0x118 [ 35.793496] kasan_check_range+0x100/0x1a8 [ 35.794080] __kasan_check_write+0x20/0x30 [ 35.794765] kasan_atomics_helper+0x3ac/0x4858 [ 35.795431] kasan_atomics+0x198/0x2e8 [ 35.796094] kunit_try_run_case+0x14c/0x3d0 [ 35.796770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.797591] kthread+0x24c/0x2d0 [ 35.798137] ret_from_fork+0x10/0x20 [ 35.798724] [ 35.799076] Allocated by task 254: [ 35.799637] kasan_save_stack+0x3c/0x68 [ 35.800274] kasan_save_track+0x20/0x40 [ 35.800852] kasan_save_alloc_info+0x40/0x58 [ 35.801546] __kasan_kmalloc+0xd4/0xd8 [ 35.802108] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.802796] kasan_atomics+0xb8/0x2e8 [ 35.803366] kunit_try_run_case+0x14c/0x3d0 [ 35.804031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.804761] kthread+0x24c/0x2d0 [ 35.805350] ret_from_fork+0x10/0x20 [ 35.805864] [ 35.806194] The buggy address belongs to the object at fff00000c591a100 [ 35.806194] which belongs to the cache kmalloc-64 of size 64 [ 35.807511] The buggy address is located 0 bytes to the right of [ 35.807511] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.808765] [ 35.809163] The buggy address belongs to the physical page: [ 35.809890] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.810875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.811661] page_type: f5(slab) [ 35.812230] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.813116] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.813935] page dumped because: kasan: bad access detected [ 35.814465] [ 35.814829] Memory state around the buggy address: [ 35.815500] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.816274] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.817083] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.817932] ^ [ 35.818616] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.819423] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.820259] ================================================================== [ 36.124133] ================================================================== [ 36.125004] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 36.125628] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.126855] [ 36.127379] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.128876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.129499] Hardware name: linux,dummy-virt (DT) [ 36.130297] Call trace: [ 36.130852] show_stack+0x20/0x38 (C) [ 36.131417] dump_stack_lvl+0x8c/0xd0 [ 36.132034] print_report+0x118/0x5e0 [ 36.132642] kasan_report+0xc8/0x118 [ 36.133355] kasan_check_range+0x100/0x1a8 [ 36.134031] __kasan_check_write+0x20/0x30 [ 36.134608] kasan_atomics_helper+0x760/0x4858 [ 36.135220] kasan_atomics+0x198/0x2e8 [ 36.135769] kunit_try_run_case+0x14c/0x3d0 [ 36.136389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.137223] kthread+0x24c/0x2d0 [ 36.137735] ret_from_fork+0x10/0x20 [ 36.138313] [ 36.138666] Allocated by task 254: [ 36.139234] kasan_save_stack+0x3c/0x68 [ 36.139801] kasan_save_track+0x20/0x40 [ 36.140384] kasan_save_alloc_info+0x40/0x58 [ 36.141009] __kasan_kmalloc+0xd4/0xd8 [ 36.141563] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.142174] kasan_atomics+0xb8/0x2e8 [ 36.142691] kunit_try_run_case+0x14c/0x3d0 [ 36.143309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.144090] kthread+0x24c/0x2d0 [ 36.144673] ret_from_fork+0x10/0x20 [ 36.145227] [ 36.145625] The buggy address belongs to the object at fff00000c591a100 [ 36.145625] which belongs to the cache kmalloc-64 of size 64 [ 36.146773] The buggy address is located 0 bytes to the right of [ 36.146773] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.148029] [ 36.148401] The buggy address belongs to the physical page: [ 36.149085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.149924] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.150672] page_type: f5(slab) [ 36.151257] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.152128] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.152863] page dumped because: kasan: bad access detected [ 36.153603] [ 36.153981] Memory state around the buggy address: [ 36.154662] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.155522] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.156374] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.157178] ^ [ 36.157742] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.158623] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.159529] ================================================================== [ 37.213558] ================================================================== [ 37.214295] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 37.215063] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.215771] [ 37.216187] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.217443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.217980] Hardware name: linux,dummy-virt (DT) [ 37.218640] Call trace: [ 37.219033] show_stack+0x20/0x38 (C) [ 37.219681] dump_stack_lvl+0x8c/0xd0 [ 37.220537] print_report+0x118/0x5e0 [ 37.221170] kasan_report+0xc8/0x118 [ 37.221775] kasan_check_range+0x100/0x1a8 [ 37.222476] __kasan_check_write+0x20/0x30 [ 37.223153] kasan_atomics_helper+0x1128/0x4858 [ 37.223891] kasan_atomics+0x198/0x2e8 [ 37.224517] kunit_try_run_case+0x14c/0x3d0 [ 37.225224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.226032] kthread+0x24c/0x2d0 [ 37.226613] ret_from_fork+0x10/0x20 [ 37.227282] [ 37.227624] Allocated by task 254: [ 37.228102] kasan_save_stack+0x3c/0x68 [ 37.228735] kasan_save_track+0x20/0x40 [ 37.229260] kasan_save_alloc_info+0x40/0x58 [ 37.229941] __kasan_kmalloc+0xd4/0xd8 [ 37.230477] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.231071] kasan_atomics+0xb8/0x2e8 [ 37.231674] kunit_try_run_case+0x14c/0x3d0 [ 37.232296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.232916] kthread+0x24c/0x2d0 [ 37.233482] ret_from_fork+0x10/0x20 [ 37.234094] [ 37.234477] The buggy address belongs to the object at fff00000c591a100 [ 37.234477] which belongs to the cache kmalloc-64 of size 64 [ 37.235713] The buggy address is located 0 bytes to the right of [ 37.235713] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.236937] [ 37.237312] The buggy address belongs to the physical page: [ 37.238043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.238817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.239615] page_type: f5(slab) [ 37.240180] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.241029] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.241891] page dumped because: kasan: bad access detected [ 37.242437] [ 37.242819] Memory state around the buggy address: [ 37.243513] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.244231] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.245163] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.246093] ^ [ 37.246803] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.247624] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.248391] ================================================================== [ 37.665378] ================================================================== [ 37.666217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 37.667101] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.667806] [ 37.668202] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.669514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.670165] Hardware name: linux,dummy-virt (DT) [ 37.670754] Call trace: [ 37.671270] show_stack+0x20/0x38 (C) [ 37.671952] dump_stack_lvl+0x8c/0xd0 [ 37.672588] print_report+0x118/0x5e0 [ 37.673354] kasan_report+0xc8/0x118 [ 37.674037] __asan_report_load8_noabort+0x20/0x30 [ 37.674683] kasan_atomics_helper+0x3db0/0x4858 [ 37.675414] kasan_atomics+0x198/0x2e8 [ 37.676105] kunit_try_run_case+0x14c/0x3d0 [ 37.676732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.677572] kthread+0x24c/0x2d0 [ 37.678178] ret_from_fork+0x10/0x20 [ 37.678844] [ 37.679235] Allocated by task 254: [ 37.679821] kasan_save_stack+0x3c/0x68 [ 37.680426] kasan_save_track+0x20/0x40 [ 37.681048] kasan_save_alloc_info+0x40/0x58 [ 37.681752] __kasan_kmalloc+0xd4/0xd8 [ 37.682333] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.683086] kasan_atomics+0xb8/0x2e8 [ 37.683637] kunit_try_run_case+0x14c/0x3d0 [ 37.684332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.685068] kthread+0x24c/0x2d0 [ 37.685659] ret_from_fork+0x10/0x20 [ 37.686202] [ 37.686628] The buggy address belongs to the object at fff00000c591a100 [ 37.686628] which belongs to the cache kmalloc-64 of size 64 [ 37.687883] The buggy address is located 0 bytes to the right of [ 37.687883] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.689216] [ 37.689563] The buggy address belongs to the physical page: [ 37.690296] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.691215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.692099] page_type: f5(slab) [ 37.692580] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.693529] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.694459] page dumped because: kasan: bad access detected [ 37.695162] [ 37.695514] Memory state around the buggy address: [ 37.696246] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.697051] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.697962] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.698815] ^ [ 37.699449] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.700346] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.701237] ================================================================== [ 36.242090] ================================================================== [ 36.243506] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 36.244351] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.245169] [ 36.245560] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.247363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.248152] Hardware name: linux,dummy-virt (DT) [ 36.248832] Call trace: [ 36.249280] show_stack+0x20/0x38 (C) [ 36.249941] dump_stack_lvl+0x8c/0xd0 [ 36.250445] print_report+0x118/0x5e0 [ 36.250974] kasan_report+0xc8/0x118 [ 36.251595] __asan_report_load4_noabort+0x20/0x30 [ 36.252339] kasan_atomics_helper+0x42d8/0x4858 [ 36.253068] kasan_atomics+0x198/0x2e8 [ 36.253692] kunit_try_run_case+0x14c/0x3d0 [ 36.254412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.255131] kthread+0x24c/0x2d0 [ 36.255769] ret_from_fork+0x10/0x20 [ 36.256426] [ 36.256787] Allocated by task 254: [ 36.257348] kasan_save_stack+0x3c/0x68 [ 36.257957] kasan_save_track+0x20/0x40 [ 36.258558] kasan_save_alloc_info+0x40/0x58 [ 36.259244] __kasan_kmalloc+0xd4/0xd8 [ 36.259860] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.260502] kasan_atomics+0xb8/0x2e8 [ 36.261092] kunit_try_run_case+0x14c/0x3d0 [ 36.261751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.262833] kthread+0x24c/0x2d0 [ 36.263344] ret_from_fork+0x10/0x20 [ 36.263851] [ 36.264516] The buggy address belongs to the object at fff00000c591a100 [ 36.264516] which belongs to the cache kmalloc-64 of size 64 [ 36.265619] The buggy address is located 0 bytes to the right of [ 36.265619] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.266998] [ 36.267378] The buggy address belongs to the physical page: [ 36.268215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.269233] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.270437] page_type: f5(slab) [ 36.270891] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.272030] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.273122] page dumped because: kasan: bad access detected [ 36.274015] [ 36.274568] Memory state around the buggy address: [ 36.275417] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.276426] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.277248] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.278288] ^ [ 36.279001] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.279716] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.280571] ================================================================== [ 37.473717] ================================================================== [ 37.474581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 37.476098] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.477120] [ 37.477455] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.478304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.478925] Hardware name: linux,dummy-virt (DT) [ 37.479593] Call trace: [ 37.480075] show_stack+0x20/0x38 (C) [ 37.480741] dump_stack_lvl+0x8c/0xd0 [ 37.481405] print_report+0x118/0x5e0 [ 37.482030] kasan_report+0xc8/0x118 [ 37.482676] kasan_check_range+0x100/0x1a8 [ 37.483239] __kasan_check_write+0x20/0x30 [ 37.483932] kasan_atomics_helper+0x1414/0x4858 [ 37.484487] kasan_atomics+0x198/0x2e8 [ 37.485139] kunit_try_run_case+0x14c/0x3d0 [ 37.485758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.486605] kthread+0x24c/0x2d0 [ 37.487212] ret_from_fork+0x10/0x20 [ 37.487847] [ 37.488213] Allocated by task 254: [ 37.488758] kasan_save_stack+0x3c/0x68 [ 37.489357] kasan_save_track+0x20/0x40 [ 37.489995] kasan_save_alloc_info+0x40/0x58 [ 37.490590] __kasan_kmalloc+0xd4/0xd8 [ 37.491077] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.491746] kasan_atomics+0xb8/0x2e8 [ 37.492340] kunit_try_run_case+0x14c/0x3d0 [ 37.493012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.493781] kthread+0x24c/0x2d0 [ 37.494363] ret_from_fork+0x10/0x20 [ 37.494979] [ 37.495357] The buggy address belongs to the object at fff00000c591a100 [ 37.495357] which belongs to the cache kmalloc-64 of size 64 [ 37.496735] The buggy address is located 0 bytes to the right of [ 37.496735] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.498216] [ 37.498594] The buggy address belongs to the physical page: [ 37.499351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.500213] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.501059] page_type: f5(slab) [ 37.501626] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.502538] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.503414] page dumped because: kasan: bad access detected [ 37.504094] [ 37.504446] Memory state around the buggy address: [ 37.505616] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.506536] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.507320] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.508043] ^ [ 37.508718] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.509531] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.510361] ================================================================== [ 35.861729] ================================================================== [ 35.862684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 35.863499] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.863874] [ 35.864328] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.865881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.866416] Hardware name: linux,dummy-virt (DT) [ 35.866940] Call trace: [ 35.867348] show_stack+0x20/0x38 (C) [ 35.867935] dump_stack_lvl+0x8c/0xd0 [ 35.868523] print_report+0x118/0x5e0 [ 35.869090] kasan_report+0xc8/0x118 [ 35.869715] kasan_check_range+0x100/0x1a8 [ 35.870395] __kasan_check_write+0x20/0x30 [ 35.871101] kasan_atomics_helper+0x47c/0x4858 [ 35.871715] kasan_atomics+0x198/0x2e8 [ 35.872387] kunit_try_run_case+0x14c/0x3d0 [ 35.873042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.873696] kthread+0x24c/0x2d0 [ 35.874299] ret_from_fork+0x10/0x20 [ 35.874944] [ 35.875358] Allocated by task 254: [ 35.875931] kasan_save_stack+0x3c/0x68 [ 35.876501] kasan_save_track+0x20/0x40 [ 35.877072] kasan_save_alloc_info+0x40/0x58 [ 35.877736] __kasan_kmalloc+0xd4/0xd8 [ 35.878241] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.878935] kasan_atomics+0xb8/0x2e8 [ 35.879530] kunit_try_run_case+0x14c/0x3d0 [ 35.880097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.880819] kthread+0x24c/0x2d0 [ 35.881411] ret_from_fork+0x10/0x20 [ 35.881872] [ 35.882256] The buggy address belongs to the object at fff00000c591a100 [ 35.882256] which belongs to the cache kmalloc-64 of size 64 [ 35.883524] The buggy address is located 0 bytes to the right of [ 35.883524] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.884686] [ 35.885086] The buggy address belongs to the physical page: [ 35.885684] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.886639] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.887387] page_type: f5(slab) [ 35.887885] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.888798] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.889745] page dumped because: kasan: bad access detected [ 35.890329] [ 35.890698] Memory state around the buggy address: [ 35.891392] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.892156] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.893002] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.893804] ^ [ 35.894428] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.895358] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.895998] ================================================================== [ 37.104073] ================================================================== [ 37.104879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 37.105767] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.106553] [ 37.106983] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.108236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.108766] Hardware name: linux,dummy-virt (DT) [ 37.109403] Call trace: [ 37.109863] show_stack+0x20/0x38 (C) [ 37.110562] dump_stack_lvl+0x8c/0xd0 [ 37.111098] print_report+0x118/0x5e0 [ 37.111739] kasan_report+0xc8/0x118 [ 37.112380] kasan_check_range+0x100/0x1a8 [ 37.112954] __kasan_check_write+0x20/0x30 [ 37.113631] kasan_atomics_helper+0xff0/0x4858 [ 37.114205] kasan_atomics+0x198/0x2e8 [ 37.114865] kunit_try_run_case+0x14c/0x3d0 [ 37.115617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.116410] kthread+0x24c/0x2d0 [ 37.117077] ret_from_fork+0x10/0x20 [ 37.117692] [ 37.118055] Allocated by task 254: [ 37.118493] kasan_save_stack+0x3c/0x68 [ 37.119123] kasan_save_track+0x20/0x40 [ 37.119617] kasan_save_alloc_info+0x40/0x58 [ 37.120293] __kasan_kmalloc+0xd4/0xd8 [ 37.120843] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.121422] kasan_atomics+0xb8/0x2e8 [ 37.122036] kunit_try_run_case+0x14c/0x3d0 [ 37.122700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.123345] kthread+0x24c/0x2d0 [ 37.123924] ret_from_fork+0x10/0x20 [ 37.124444] [ 37.124808] The buggy address belongs to the object at fff00000c591a100 [ 37.124808] which belongs to the cache kmalloc-64 of size 64 [ 37.126056] The buggy address is located 0 bytes to the right of [ 37.126056] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.127310] [ 37.127640] The buggy address belongs to the physical page: [ 37.128258] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.129194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.130006] page_type: f5(slab) [ 37.130574] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.131558] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.132488] page dumped because: kasan: bad access detected [ 37.133210] [ 37.133583] Memory state around the buggy address: [ 37.134091] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.135028] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.135823] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.136588] ^ [ 37.137238] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.137942] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.138831] ================================================================== [ 37.893614] ================================================================== [ 37.894272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 37.895235] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.896149] [ 37.896622] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.897642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.898311] Hardware name: linux,dummy-virt (DT) [ 37.898941] Call trace: [ 37.899410] show_stack+0x20/0x38 (C) [ 37.900144] dump_stack_lvl+0x8c/0xd0 [ 37.900821] print_report+0x118/0x5e0 [ 37.901432] kasan_report+0xc8/0x118 [ 37.902106] __asan_report_load8_noabort+0x20/0x30 [ 37.902787] kasan_atomics_helper+0x3e20/0x4858 [ 37.903541] kasan_atomics+0x198/0x2e8 [ 37.904170] kunit_try_run_case+0x14c/0x3d0 [ 37.904838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.905693] kthread+0x24c/0x2d0 [ 37.906344] ret_from_fork+0x10/0x20 [ 37.906921] [ 37.907336] Allocated by task 254: [ 37.907873] kasan_save_stack+0x3c/0x68 [ 37.908571] kasan_save_track+0x20/0x40 [ 37.909173] kasan_save_alloc_info+0x40/0x58 [ 37.909879] __kasan_kmalloc+0xd4/0xd8 [ 37.910432] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.911181] kasan_atomics+0xb8/0x2e8 [ 37.911729] kunit_try_run_case+0x14c/0x3d0 [ 37.912453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.913134] kthread+0x24c/0x2d0 [ 37.913731] ret_from_fork+0x10/0x20 [ 37.914309] [ 37.914739] The buggy address belongs to the object at fff00000c591a100 [ 37.914739] which belongs to the cache kmalloc-64 of size 64 [ 37.915936] The buggy address is located 0 bytes to the right of [ 37.915936] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.917309] [ 37.917722] The buggy address belongs to the physical page: [ 37.918375] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.919412] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.920166] page_type: f5(slab) [ 37.920766] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.921638] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.922530] page dumped because: kasan: bad access detected [ 37.923221] [ 37.923615] Memory state around the buggy address: [ 37.924192] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.925120] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.926055] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.926871] ^ [ 37.927532] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.928381] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.929248] ================================================================== [ 37.702786] ================================================================== [ 37.703527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 37.704541] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.705490] [ 37.705926] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.707069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.707642] Hardware name: linux,dummy-virt (DT) [ 37.708351] Call trace: [ 37.708762] show_stack+0x20/0x38 (C) [ 37.709488] dump_stack_lvl+0x8c/0xd0 [ 37.710189] print_report+0x118/0x5e0 [ 37.710745] kasan_report+0xc8/0x118 [ 37.711424] kasan_check_range+0x100/0x1a8 [ 37.712050] __kasan_check_write+0x20/0x30 [ 37.712737] kasan_atomics_helper+0x1644/0x4858 [ 37.713550] kasan_atomics+0x198/0x2e8 [ 37.714238] kunit_try_run_case+0x14c/0x3d0 [ 37.714997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.715734] kthread+0x24c/0x2d0 [ 37.716368] ret_from_fork+0x10/0x20 [ 37.716977] [ 37.717329] Allocated by task 254: [ 37.717876] kasan_save_stack+0x3c/0x68 [ 37.718485] kasan_save_track+0x20/0x40 [ 37.719162] kasan_save_alloc_info+0x40/0x58 [ 37.719754] __kasan_kmalloc+0xd4/0xd8 [ 37.720422] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.721045] kasan_atomics+0xb8/0x2e8 [ 37.721685] kunit_try_run_case+0x14c/0x3d0 [ 37.722312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.723214] kthread+0x24c/0x2d0 [ 37.723784] ret_from_fork+0x10/0x20 [ 37.724525] [ 37.724986] The buggy address belongs to the object at fff00000c591a100 [ 37.724986] which belongs to the cache kmalloc-64 of size 64 [ 37.726371] The buggy address is located 0 bytes to the right of [ 37.726371] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.727798] [ 37.728327] The buggy address belongs to the physical page: [ 37.729120] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.730227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.731205] page_type: f5(slab) [ 37.731665] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.732483] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.733306] page dumped because: kasan: bad access detected [ 37.734029] [ 37.734580] Memory state around the buggy address: [ 37.735373] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.736325] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.737271] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.738117] ^ [ 37.738806] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.739638] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.740489] ================================================================== [ 36.050077] ================================================================== [ 36.051451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 36.052620] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.053436] [ 36.053720] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.054659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.055336] Hardware name: linux,dummy-virt (DT) [ 36.056009] Call trace: [ 36.056477] show_stack+0x20/0x38 (C) [ 36.057140] dump_stack_lvl+0x8c/0xd0 [ 36.057750] print_report+0x118/0x5e0 [ 36.058437] kasan_report+0xc8/0x118 [ 36.059001] kasan_check_range+0x100/0x1a8 [ 36.059533] __kasan_check_write+0x20/0x30 [ 36.060230] kasan_atomics_helper+0x684/0x4858 [ 36.060816] kasan_atomics+0x198/0x2e8 [ 36.061482] kunit_try_run_case+0x14c/0x3d0 [ 36.062089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.062852] kthread+0x24c/0x2d0 [ 36.063417] ret_from_fork+0x10/0x20 [ 36.064081] [ 36.064447] Allocated by task 254: [ 36.065017] kasan_save_stack+0x3c/0x68 [ 36.065548] kasan_save_track+0x20/0x40 [ 36.066177] kasan_save_alloc_info+0x40/0x58 [ 36.066850] __kasan_kmalloc+0xd4/0xd8 [ 36.067405] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.067946] kasan_atomics+0xb8/0x2e8 [ 36.068563] kunit_try_run_case+0x14c/0x3d0 [ 36.069109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.069874] kthread+0x24c/0x2d0 [ 36.070403] ret_from_fork+0x10/0x20 [ 36.071045] [ 36.071405] The buggy address belongs to the object at fff00000c591a100 [ 36.071405] which belongs to the cache kmalloc-64 of size 64 [ 36.072490] The buggy address is located 0 bytes to the right of [ 36.072490] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.073853] [ 36.074244] The buggy address belongs to the physical page: [ 36.074850] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.075890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.076645] page_type: f5(slab) [ 36.077150] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.078041] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.078771] page dumped because: kasan: bad access detected [ 36.079525] [ 36.079859] Memory state around the buggy address: [ 36.080526] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.081239] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.082166] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.082972] ^ [ 36.083645] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.084402] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.085331] ================================================================== [ 36.987478] ================================================================== [ 36.988195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 36.989209] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.990060] [ 36.990524] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.991630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.992254] Hardware name: linux,dummy-virt (DT) [ 36.992964] Call trace: [ 36.993420] show_stack+0x20/0x38 (C) [ 36.994121] dump_stack_lvl+0x8c/0xd0 [ 36.994740] print_report+0x118/0x5e0 [ 36.995431] kasan_report+0xc8/0x118 [ 36.996129] kasan_check_range+0x100/0x1a8 [ 36.996720] __kasan_check_write+0x20/0x30 [ 36.997472] kasan_atomics_helper+0xeb8/0x4858 [ 36.998101] kasan_atomics+0x198/0x2e8 [ 36.998785] kunit_try_run_case+0x14c/0x3d0 [ 36.999487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.000260] kthread+0x24c/0x2d0 [ 37.000849] ret_from_fork+0x10/0x20 [ 37.001483] [ 37.001793] Allocated by task 254: [ 37.002409] kasan_save_stack+0x3c/0x68 [ 37.003072] kasan_save_track+0x20/0x40 [ 37.003644] kasan_save_alloc_info+0x40/0x58 [ 37.004356] __kasan_kmalloc+0xd4/0xd8 [ 37.004951] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.005711] kasan_atomics+0xb8/0x2e8 [ 37.006284] kunit_try_run_case+0x14c/0x3d0 [ 37.007004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.007671] kthread+0x24c/0x2d0 [ 37.008299] ret_from_fork+0x10/0x20 [ 37.008923] [ 37.009297] The buggy address belongs to the object at fff00000c591a100 [ 37.009297] which belongs to the cache kmalloc-64 of size 64 [ 37.010534] The buggy address is located 0 bytes to the right of [ 37.010534] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.011938] [ 37.012341] The buggy address belongs to the physical page: [ 37.013095] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.014018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.014836] page_type: f5(slab) [ 37.015501] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.016435] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.017384] page dumped because: kasan: bad access detected [ 37.018074] [ 37.018435] Memory state around the buggy address: [ 37.019190] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.019994] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.020851] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.021688] ^ [ 37.022323] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.023172] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.024096] ================================================================== [ 37.817369] ================================================================== [ 37.818140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 37.818895] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.819727] [ 37.820147] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.821078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.821676] Hardware name: linux,dummy-virt (DT) [ 37.822347] Call trace: [ 37.822804] show_stack+0x20/0x38 (C) [ 37.823458] dump_stack_lvl+0x8c/0xd0 [ 37.824109] print_report+0x118/0x5e0 [ 37.824757] kasan_report+0xc8/0x118 [ 37.825274] __asan_report_load8_noabort+0x20/0x30 [ 37.826087] kasan_atomics_helper+0x3e10/0x4858 [ 37.826785] kasan_atomics+0x198/0x2e8 [ 37.827378] kunit_try_run_case+0x14c/0x3d0 [ 37.827930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.828701] kthread+0x24c/0x2d0 [ 37.829283] ret_from_fork+0x10/0x20 [ 37.830002] [ 37.830465] Allocated by task 254: [ 37.831029] kasan_save_stack+0x3c/0x68 [ 37.831655] kasan_save_track+0x20/0x40 [ 37.832274] kasan_save_alloc_info+0x40/0x58 [ 37.833014] __kasan_kmalloc+0xd4/0xd8 [ 37.833642] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.834327] kasan_atomics+0xb8/0x2e8 [ 37.834998] kunit_try_run_case+0x14c/0x3d0 [ 37.835674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.836472] kthread+0x24c/0x2d0 [ 37.837098] ret_from_fork+0x10/0x20 [ 37.837652] [ 37.838049] The buggy address belongs to the object at fff00000c591a100 [ 37.838049] which belongs to the cache kmalloc-64 of size 64 [ 37.839285] The buggy address is located 0 bytes to the right of [ 37.839285] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.840645] [ 37.841033] The buggy address belongs to the physical page: [ 37.841809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.842638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.843549] page_type: f5(slab) [ 37.844134] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.844995] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.845941] page dumped because: kasan: bad access detected [ 37.846645] [ 37.847037] Memory state around the buggy address: [ 37.847738] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.848534] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.849450] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.850296] ^ [ 37.850897] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.851787] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.852649] ================================================================== [ 37.026138] ================================================================== [ 37.027146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 37.028583] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.029220] [ 37.029626] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.030771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.031388] Hardware name: linux,dummy-virt (DT) [ 37.031880] Call trace: [ 37.032397] show_stack+0x20/0x38 (C) [ 37.033117] dump_stack_lvl+0x8c/0xd0 [ 37.033783] print_report+0x118/0x5e0 [ 37.034521] kasan_report+0xc8/0x118 [ 37.035160] kasan_check_range+0x100/0x1a8 [ 37.035933] __kasan_check_write+0x20/0x30 [ 37.036578] kasan_atomics_helper+0xf20/0x4858 [ 37.037327] kasan_atomics+0x198/0x2e8 [ 37.038032] kunit_try_run_case+0x14c/0x3d0 [ 37.038841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.039749] kthread+0x24c/0x2d0 [ 37.040308] ret_from_fork+0x10/0x20 [ 37.040875] [ 37.041265] Allocated by task 254: [ 37.041813] kasan_save_stack+0x3c/0x68 [ 37.042403] kasan_save_track+0x20/0x40 [ 37.043079] kasan_save_alloc_info+0x40/0x58 [ 37.043773] __kasan_kmalloc+0xd4/0xd8 [ 37.044426] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.045135] kasan_atomics+0xb8/0x2e8 [ 37.045810] kunit_try_run_case+0x14c/0x3d0 [ 37.046457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.047281] kthread+0x24c/0x2d0 [ 37.047824] ret_from_fork+0x10/0x20 [ 37.048490] [ 37.048883] The buggy address belongs to the object at fff00000c591a100 [ 37.048883] which belongs to the cache kmalloc-64 of size 64 [ 37.050153] The buggy address is located 0 bytes to the right of [ 37.050153] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.051493] [ 37.051875] The buggy address belongs to the physical page: [ 37.052528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.053577] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.054361] page_type: f5(slab) [ 37.054977] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.055885] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.056821] page dumped because: kasan: bad access detected [ 37.057507] [ 37.057918] Memory state around the buggy address: [ 37.058523] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.059404] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.060295] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.061159] ^ [ 37.061774] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.062665] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.063503] ================================================================== [ 35.461921] ================================================================== [ 35.463261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 35.464165] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.465284] [ 35.465775] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.467370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.468065] Hardware name: linux,dummy-virt (DT) [ 35.468798] Call trace: [ 35.469366] show_stack+0x20/0x38 (C) [ 35.469888] dump_stack_lvl+0x8c/0xd0 [ 35.470640] print_report+0x118/0x5e0 [ 35.471313] kasan_report+0xc8/0x118 [ 35.471976] __asan_report_load4_noabort+0x20/0x30 [ 35.472789] kasan_atomics_helper+0x40a8/0x4858 [ 35.473589] kasan_atomics+0x198/0x2e8 [ 35.474192] kunit_try_run_case+0x14c/0x3d0 [ 35.474674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.475508] kthread+0x24c/0x2d0 [ 35.476099] ret_from_fork+0x10/0x20 [ 35.476663] [ 35.477042] Allocated by task 254: [ 35.477541] kasan_save_stack+0x3c/0x68 [ 35.478150] kasan_save_track+0x20/0x40 [ 35.478783] kasan_save_alloc_info+0x40/0x58 [ 35.479449] __kasan_kmalloc+0xd4/0xd8 [ 35.479960] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.480646] kasan_atomics+0xb8/0x2e8 [ 35.481170] kunit_try_run_case+0x14c/0x3d0 [ 35.481832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.482549] kthread+0x24c/0x2d0 [ 35.483141] ret_from_fork+0x10/0x20 [ 35.483722] [ 35.484112] The buggy address belongs to the object at fff00000c591a100 [ 35.484112] which belongs to the cache kmalloc-64 of size 64 [ 35.485286] The buggy address is located 0 bytes to the right of [ 35.485286] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.486715] [ 35.487070] The buggy address belongs to the physical page: [ 35.487780] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.488742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.489623] page_type: f5(slab) [ 35.490151] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.491160] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.491949] page dumped because: kasan: bad access detected [ 35.492757] [ 35.493123] Memory state around the buggy address: [ 35.493692] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.494615] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.495439] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.496325] ^ [ 35.496921] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.497742] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.498517] ================================================================== [ 36.160985] ================================================================== [ 36.161865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 36.162636] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.163857] [ 36.164273] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.165530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.166147] Hardware name: linux,dummy-virt (DT) [ 36.166811] Call trace: [ 36.167250] show_stack+0x20/0x38 (C) [ 36.167849] dump_stack_lvl+0x8c/0xd0 [ 36.168453] print_report+0x118/0x5e0 [ 36.169072] kasan_report+0xc8/0x118 [ 36.169657] kasan_check_range+0x100/0x1a8 [ 36.170300] __kasan_check_write+0x20/0x30 [ 36.170938] kasan_atomics_helper+0x7cc/0x4858 [ 36.171499] kasan_atomics+0x198/0x2e8 [ 36.172153] kunit_try_run_case+0x14c/0x3d0 [ 36.172838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.173651] kthread+0x24c/0x2d0 [ 36.174265] ret_from_fork+0x10/0x20 [ 36.174942] [ 36.175285] Allocated by task 254: [ 36.175778] kasan_save_stack+0x3c/0x68 [ 36.176401] kasan_save_track+0x20/0x40 [ 36.176978] kasan_save_alloc_info+0x40/0x58 [ 36.177493] __kasan_kmalloc+0xd4/0xd8 [ 36.178123] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.178812] kasan_atomics+0xb8/0x2e8 [ 36.179395] kunit_try_run_case+0x14c/0x3d0 [ 36.179967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.180707] kthread+0x24c/0x2d0 [ 36.181290] ret_from_fork+0x10/0x20 [ 36.181879] [ 36.182215] The buggy address belongs to the object at fff00000c591a100 [ 36.182215] which belongs to the cache kmalloc-64 of size 64 [ 36.183428] The buggy address is located 0 bytes to the right of [ 36.183428] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.184716] [ 36.185107] The buggy address belongs to the physical page: [ 36.185885] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.186706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.187532] page_type: f5(slab) [ 36.188022] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.189005] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.189663] page dumped because: kasan: bad access detected [ 36.190423] [ 36.190796] Memory state around the buggy address: [ 36.191484] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.192301] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.193067] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.193967] ^ [ 36.194604] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.195573] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.197069] ================================================================== [ 37.177592] ================================================================== [ 37.178308] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 37.179269] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.180083] [ 37.181168] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.181922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.182360] Hardware name: linux,dummy-virt (DT) [ 37.182845] Call trace: [ 37.183346] show_stack+0x20/0x38 (C) [ 37.184036] dump_stack_lvl+0x8c/0xd0 [ 37.184717] print_report+0x118/0x5e0 [ 37.185464] kasan_report+0xc8/0x118 [ 37.186164] kasan_check_range+0x100/0x1a8 [ 37.186883] __kasan_check_write+0x20/0x30 [ 37.187581] kasan_atomics_helper+0x10c0/0x4858 [ 37.188335] kasan_atomics+0x198/0x2e8 [ 37.188630] kunit_try_run_case+0x14c/0x3d0 [ 37.188958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.189737] kthread+0x24c/0x2d0 [ 37.190257] ret_from_fork+0x10/0x20 [ 37.190874] [ 37.191250] Allocated by task 254: [ 37.191719] kasan_save_stack+0x3c/0x68 [ 37.192214] kasan_save_track+0x20/0x40 [ 37.192717] kasan_save_alloc_info+0x40/0x58 [ 37.193372] __kasan_kmalloc+0xd4/0xd8 [ 37.193861] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.194571] kasan_atomics+0xb8/0x2e8 [ 37.195070] kunit_try_run_case+0x14c/0x3d0 [ 37.195776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.196559] kthread+0x24c/0x2d0 [ 37.197072] ret_from_fork+0x10/0x20 [ 37.197664] [ 37.198057] The buggy address belongs to the object at fff00000c591a100 [ 37.198057] which belongs to the cache kmalloc-64 of size 64 [ 37.199336] The buggy address is located 0 bytes to the right of [ 37.199336] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.200563] [ 37.200951] The buggy address belongs to the physical page: [ 37.201593] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.202535] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.203295] page_type: f5(slab) [ 37.203861] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.204683] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.205488] page dumped because: kasan: bad access detected [ 37.206242] [ 37.206617] Memory state around the buggy address: [ 37.207290] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.208116] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.208878] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.209676] ^ [ 37.210301] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.211142] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.211820] ================================================================== [ 36.521616] ================================================================== [ 36.522940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 36.523802] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.525017] [ 36.525319] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.526385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.526879] Hardware name: linux,dummy-virt (DT) [ 36.527695] Call trace: [ 36.528231] show_stack+0x20/0x38 (C) [ 36.529036] dump_stack_lvl+0x8c/0xd0 [ 36.529605] print_report+0x118/0x5e0 [ 36.530376] kasan_report+0xc8/0x118 [ 36.531160] kasan_check_range+0x100/0x1a8 [ 36.531694] __kasan_check_write+0x20/0x30 [ 36.532230] kasan_atomics_helper+0xb70/0x4858 [ 36.532780] kasan_atomics+0x198/0x2e8 [ 36.533797] kunit_try_run_case+0x14c/0x3d0 [ 36.534660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.535350] kthread+0x24c/0x2d0 [ 36.535806] ret_from_fork+0x10/0x20 [ 36.536588] [ 36.536972] Allocated by task 254: [ 36.537350] kasan_save_stack+0x3c/0x68 [ 36.538002] kasan_save_track+0x20/0x40 [ 36.538643] kasan_save_alloc_info+0x40/0x58 [ 36.539316] __kasan_kmalloc+0xd4/0xd8 [ 36.539798] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.540504] kasan_atomics+0xb8/0x2e8 [ 36.541070] kunit_try_run_case+0x14c/0x3d0 [ 36.541637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.542424] kthread+0x24c/0x2d0 [ 36.543072] ret_from_fork+0x10/0x20 [ 36.543611] [ 36.543951] The buggy address belongs to the object at fff00000c591a100 [ 36.543951] which belongs to the cache kmalloc-64 of size 64 [ 36.545181] The buggy address is located 0 bytes to the right of [ 36.545181] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.546429] [ 36.546813] The buggy address belongs to the physical page: [ 36.547501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.548419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.549285] page_type: f5(slab) [ 36.549836] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.550591] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.551539] page dumped because: kasan: bad access detected [ 36.552269] [ 36.552636] Memory state around the buggy address: [ 36.553325] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.554170] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.555114] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.555869] ^ [ 36.556571] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.557411] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.558139] ================================================================== [ 36.478139] ================================================================== [ 36.478711] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 36.479811] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.482283] [ 36.482621] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.483461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.484035] Hardware name: linux,dummy-virt (DT) [ 36.484719] Call trace: [ 36.486003] show_stack+0x20/0x38 (C) [ 36.486550] dump_stack_lvl+0x8c/0xd0 [ 36.487398] print_report+0x118/0x5e0 [ 36.488167] kasan_report+0xc8/0x118 [ 36.489003] __asan_report_load4_noabort+0x20/0x30 [ 36.489872] kasan_atomics_helper+0x3dcc/0x4858 [ 36.490718] kasan_atomics+0x198/0x2e8 [ 36.491502] kunit_try_run_case+0x14c/0x3d0 [ 36.492273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.493298] kthread+0x24c/0x2d0 [ 36.493847] ret_from_fork+0x10/0x20 [ 36.494396] [ 36.494730] Allocated by task 254: [ 36.495254] kasan_save_stack+0x3c/0x68 [ 36.495840] kasan_save_track+0x20/0x40 [ 36.497046] kasan_save_alloc_info+0x40/0x58 [ 36.497843] __kasan_kmalloc+0xd4/0xd8 [ 36.498624] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.499452] kasan_atomics+0xb8/0x2e8 [ 36.500222] kunit_try_run_case+0x14c/0x3d0 [ 36.500969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.501593] kthread+0x24c/0x2d0 [ 36.502157] ret_from_fork+0x10/0x20 [ 36.502751] [ 36.503725] The buggy address belongs to the object at fff00000c591a100 [ 36.503725] which belongs to the cache kmalloc-64 of size 64 [ 36.505335] The buggy address is located 0 bytes to the right of [ 36.505335] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.506706] [ 36.507180] The buggy address belongs to the physical page: [ 36.508000] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.509048] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.509916] page_type: f5(slab) [ 36.510571] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.511600] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.512544] page dumped because: kasan: bad access detected [ 36.513261] [ 36.513703] Memory state around the buggy address: [ 36.514372] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.515359] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.516259] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.517187] ^ [ 36.517849] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.518789] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.519699] ================================================================== [ 36.833761] ================================================================== [ 36.834837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 36.837066] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.837833] [ 36.838243] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.839310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.839997] Hardware name: linux,dummy-virt (DT) [ 36.840721] Call trace: [ 36.841193] show_stack+0x20/0x38 (C) [ 36.841869] dump_stack_lvl+0x8c/0xd0 [ 36.842481] print_report+0x118/0x5e0 [ 36.843036] kasan_report+0xc8/0x118 [ 36.843695] kasan_check_range+0x100/0x1a8 [ 36.844415] __kasan_check_read+0x20/0x30 [ 36.845034] kasan_atomics_helper+0xdd4/0x4858 [ 36.845762] kasan_atomics+0x198/0x2e8 [ 36.846388] kunit_try_run_case+0x14c/0x3d0 [ 36.847060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.847723] kthread+0x24c/0x2d0 [ 36.848251] ret_from_fork+0x10/0x20 [ 36.848754] [ 36.849143] Allocated by task 254: [ 36.849684] kasan_save_stack+0x3c/0x68 [ 36.850325] kasan_save_track+0x20/0x40 [ 36.850836] kasan_save_alloc_info+0x40/0x58 [ 36.851522] __kasan_kmalloc+0xd4/0xd8 [ 36.852116] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.852793] kasan_atomics+0xb8/0x2e8 [ 36.853411] kunit_try_run_case+0x14c/0x3d0 [ 36.853967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.854674] kthread+0x24c/0x2d0 [ 36.855262] ret_from_fork+0x10/0x20 [ 36.855810] [ 36.856172] The buggy address belongs to the object at fff00000c591a100 [ 36.856172] which belongs to the cache kmalloc-64 of size 64 [ 36.857341] The buggy address is located 0 bytes to the right of [ 36.857341] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.858617] [ 36.859013] The buggy address belongs to the physical page: [ 36.859676] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.860677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.861339] page_type: f5(slab) [ 36.861784] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.862787] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.863745] page dumped because: kasan: bad access detected [ 36.864399] [ 36.864771] Memory state around the buggy address: [ 36.865329] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.866124] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.866986] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.867775] ^ [ 36.868477] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.869183] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.869839] ================================================================== [ 37.855558] ================================================================== [ 37.856964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 37.857487] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.857874] [ 37.858082] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.858584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.858830] Hardware name: linux,dummy-virt (DT) [ 37.859921] Call trace: [ 37.860397] show_stack+0x20/0x38 (C) [ 37.861132] dump_stack_lvl+0x8c/0xd0 [ 37.861856] print_report+0x118/0x5e0 [ 37.862672] kasan_report+0xc8/0x118 [ 37.863448] kasan_check_range+0x100/0x1a8 [ 37.864153] __kasan_check_write+0x20/0x30 [ 37.864842] kasan_atomics_helper+0x175c/0x4858 [ 37.865621] kasan_atomics+0x198/0x2e8 [ 37.866204] kunit_try_run_case+0x14c/0x3d0 [ 37.866953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.867661] kthread+0x24c/0x2d0 [ 37.868301] ret_from_fork+0x10/0x20 [ 37.868928] [ 37.869337] Allocated by task 254: [ 37.869819] kasan_save_stack+0x3c/0x68 [ 37.870508] kasan_save_track+0x20/0x40 [ 37.871126] kasan_save_alloc_info+0x40/0x58 [ 37.871801] __kasan_kmalloc+0xd4/0xd8 [ 37.872407] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.873060] kasan_atomics+0xb8/0x2e8 [ 37.873654] kunit_try_run_case+0x14c/0x3d0 [ 37.874361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.875128] kthread+0x24c/0x2d0 [ 37.875677] ret_from_fork+0x10/0x20 [ 37.876333] [ 37.876727] The buggy address belongs to the object at fff00000c591a100 [ 37.876727] which belongs to the cache kmalloc-64 of size 64 [ 37.877968] The buggy address is located 0 bytes to the right of [ 37.877968] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.879322] [ 37.879777] The buggy address belongs to the physical page: [ 37.880422] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.881367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.882267] page_type: f5(slab) [ 37.882877] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.883780] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.884663] page dumped because: kasan: bad access detected [ 37.885399] [ 37.885773] Memory state around the buggy address: [ 37.886356] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.887294] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.888185] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.889018] ^ [ 37.889647] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.890509] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.891358] ================================================================== [ 36.282305] ================================================================== [ 36.283113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 36.284828] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.285775] [ 36.286082] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.287240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.287846] Hardware name: linux,dummy-virt (DT) [ 36.288455] Call trace: [ 36.288817] show_stack+0x20/0x38 (C) [ 36.289473] dump_stack_lvl+0x8c/0xd0 [ 36.290021] print_report+0x118/0x5e0 [ 36.290675] kasan_report+0xc8/0x118 [ 36.291273] kasan_check_range+0x100/0x1a8 [ 36.291871] __kasan_check_write+0x20/0x30 [ 36.292574] kasan_atomics_helper+0x934/0x4858 [ 36.293232] kasan_atomics+0x198/0x2e8 [ 36.293841] kunit_try_run_case+0x14c/0x3d0 [ 36.294405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.295231] kthread+0x24c/0x2d0 [ 36.295823] ret_from_fork+0x10/0x20 [ 36.296392] [ 36.296750] Allocated by task 254: [ 36.297274] kasan_save_stack+0x3c/0x68 [ 36.297895] kasan_save_track+0x20/0x40 [ 36.298421] kasan_save_alloc_info+0x40/0x58 [ 36.299125] __kasan_kmalloc+0xd4/0xd8 [ 36.299648] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.300346] kasan_atomics+0xb8/0x2e8 [ 36.300848] kunit_try_run_case+0x14c/0x3d0 [ 36.301511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.302292] kthread+0x24c/0x2d0 [ 36.302856] ret_from_fork+0x10/0x20 [ 36.303423] [ 36.303788] The buggy address belongs to the object at fff00000c591a100 [ 36.303788] which belongs to the cache kmalloc-64 of size 64 [ 36.305002] The buggy address is located 0 bytes to the right of [ 36.305002] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.306288] [ 36.306664] The buggy address belongs to the physical page: [ 36.307404] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.308150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.309029] page_type: f5(slab) [ 36.309602] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.310387] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.311354] page dumped because: kasan: bad access detected [ 36.312006] [ 36.312366] Memory state around the buggy address: [ 36.313056] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.313772] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.314587] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.315439] ^ [ 36.316084] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.316892] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.317686] ================================================================== [ 35.974850] ================================================================== [ 35.975541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 35.977669] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.978608] [ 35.979001] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.980130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.980693] Hardware name: linux,dummy-virt (DT) [ 35.981696] Call trace: [ 35.982168] show_stack+0x20/0x38 (C) [ 35.982744] dump_stack_lvl+0x8c/0xd0 [ 35.983361] print_report+0x118/0x5e0 [ 35.984025] kasan_report+0xc8/0x118 [ 35.984580] kasan_check_range+0x100/0x1a8 [ 35.985264] __kasan_check_write+0x20/0x30 [ 35.986004] kasan_atomics_helper+0x5b4/0x4858 [ 35.986680] kasan_atomics+0x198/0x2e8 [ 35.987264] kunit_try_run_case+0x14c/0x3d0 [ 35.988013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.988810] kthread+0x24c/0x2d0 [ 35.989489] ret_from_fork+0x10/0x20 [ 35.990143] [ 35.990526] Allocated by task 254: [ 35.991042] kasan_save_stack+0x3c/0x68 [ 35.991583] kasan_save_track+0x20/0x40 [ 35.992243] kasan_save_alloc_info+0x40/0x58 [ 35.992782] __kasan_kmalloc+0xd4/0xd8 [ 35.993414] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.994040] kasan_atomics+0xb8/0x2e8 [ 35.994558] kunit_try_run_case+0x14c/0x3d0 [ 35.995227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.996010] kthread+0x24c/0x2d0 [ 35.996563] ret_from_fork+0x10/0x20 [ 35.997053] [ 35.997414] The buggy address belongs to the object at fff00000c591a100 [ 35.997414] which belongs to the cache kmalloc-64 of size 64 [ 35.998623] The buggy address is located 0 bytes to the right of [ 35.998623] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.999872] [ 36.000266] The buggy address belongs to the physical page: [ 36.000933] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.001851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.002594] page_type: f5(slab) [ 36.003180] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.004019] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.004932] page dumped because: kasan: bad access detected [ 36.005627] [ 36.005974] Memory state around the buggy address: [ 36.006666] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.007438] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.008287] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.009055] ^ [ 36.009695] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.010488] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.011260] ================================================================== [ 36.355768] ================================================================== [ 36.356827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 36.357831] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.359009] [ 36.359861] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.360817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.361442] Hardware name: linux,dummy-virt (DT) [ 36.361978] Call trace: [ 36.362438] show_stack+0x20/0x38 (C) [ 36.363086] dump_stack_lvl+0x8c/0xd0 [ 36.363732] print_report+0x118/0x5e0 [ 36.364308] kasan_report+0xc8/0x118 [ 36.364972] kasan_check_range+0x100/0x1a8 [ 36.365630] __kasan_check_write+0x20/0x30 [ 36.366281] kasan_atomics_helper+0xa04/0x4858 [ 36.367020] kasan_atomics+0x198/0x2e8 [ 36.367658] kunit_try_run_case+0x14c/0x3d0 [ 36.368346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.369074] kthread+0x24c/0x2d0 [ 36.369561] ret_from_fork+0x10/0x20 [ 36.370217] [ 36.370594] Allocated by task 254: [ 36.371132] kasan_save_stack+0x3c/0x68 [ 36.371751] kasan_save_track+0x20/0x40 [ 36.372382] kasan_save_alloc_info+0x40/0x58 [ 36.373008] __kasan_kmalloc+0xd4/0xd8 [ 36.373604] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.374264] kasan_atomics+0xb8/0x2e8 [ 36.374809] kunit_try_run_case+0x14c/0x3d0 [ 36.375502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.376244] kthread+0x24c/0x2d0 [ 36.376810] ret_from_fork+0x10/0x20 [ 36.377350] [ 36.377711] The buggy address belongs to the object at fff00000c591a100 [ 36.377711] which belongs to the cache kmalloc-64 of size 64 [ 36.378856] The buggy address is located 0 bytes to the right of [ 36.378856] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.380072] [ 36.380447] The buggy address belongs to the physical page: [ 36.381191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.381956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.382842] page_type: f5(slab) [ 36.383421] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.384405] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.385219] page dumped because: kasan: bad access detected [ 36.385777] [ 36.386158] Memory state around the buggy address: [ 36.386846] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.387676] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.388479] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.389254] ^ [ 36.389764] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.390705] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.391445] ================================================================== [ 37.437382] ================================================================== [ 37.438056] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 37.439396] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.440690] [ 37.441101] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.442379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.442925] Hardware name: linux,dummy-virt (DT) [ 37.443579] Call trace: [ 37.444024] show_stack+0x20/0x38 (C) [ 37.444702] dump_stack_lvl+0x8c/0xd0 [ 37.445377] print_report+0x118/0x5e0 [ 37.446034] kasan_report+0xc8/0x118 [ 37.446515] __asan_report_load8_noabort+0x20/0x30 [ 37.447104] kasan_atomics_helper+0x3f04/0x4858 [ 37.447792] kasan_atomics+0x198/0x2e8 [ 37.448300] kunit_try_run_case+0x14c/0x3d0 [ 37.449015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.449652] kthread+0x24c/0x2d0 [ 37.450257] ret_from_fork+0x10/0x20 [ 37.450853] [ 37.451243] Allocated by task 254: [ 37.451791] kasan_save_stack+0x3c/0x68 [ 37.452364] kasan_save_track+0x20/0x40 [ 37.453001] kasan_save_alloc_info+0x40/0x58 [ 37.453594] __kasan_kmalloc+0xd4/0xd8 [ 37.454155] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.454847] kasan_atomics+0xb8/0x2e8 [ 37.455382] kunit_try_run_case+0x14c/0x3d0 [ 37.456044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.456689] kthread+0x24c/0x2d0 [ 37.457272] ret_from_fork+0x10/0x20 [ 37.457807] [ 37.458202] The buggy address belongs to the object at fff00000c591a100 [ 37.458202] which belongs to the cache kmalloc-64 of size 64 [ 37.459343] The buggy address is located 0 bytes to the right of [ 37.459343] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.460662] [ 37.461049] The buggy address belongs to the physical page: [ 37.461740] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.462746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.463567] page_type: f5(slab) [ 37.464148] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.464952] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.465864] page dumped because: kasan: bad access detected [ 37.466505] [ 37.466882] Memory state around the buggy address: [ 37.467569] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.468449] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.469260] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.470065] ^ [ 37.470660] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.471432] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.472419] ================================================================== [ 37.400694] ================================================================== [ 37.401409] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 37.402392] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.403760] [ 37.404132] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.405178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.405822] Hardware name: linux,dummy-virt (DT) [ 37.406468] Call trace: [ 37.406868] show_stack+0x20/0x38 (C) [ 37.407532] dump_stack_lvl+0x8c/0xd0 [ 37.408097] print_report+0x118/0x5e0 [ 37.408728] kasan_report+0xc8/0x118 [ 37.409307] kasan_check_range+0x100/0x1a8 [ 37.409943] __kasan_check_write+0x20/0x30 [ 37.410630] kasan_atomics_helper+0x1384/0x4858 [ 37.411365] kasan_atomics+0x198/0x2e8 [ 37.412016] kunit_try_run_case+0x14c/0x3d0 [ 37.412594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.413371] kthread+0x24c/0x2d0 [ 37.413995] ret_from_fork+0x10/0x20 [ 37.414640] [ 37.415033] Allocated by task 254: [ 37.415538] kasan_save_stack+0x3c/0x68 [ 37.416121] kasan_save_track+0x20/0x40 [ 37.416658] kasan_save_alloc_info+0x40/0x58 [ 37.417330] __kasan_kmalloc+0xd4/0xd8 [ 37.417875] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.418497] kasan_atomics+0xb8/0x2e8 [ 37.419105] kunit_try_run_case+0x14c/0x3d0 [ 37.419767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.420513] kthread+0x24c/0x2d0 [ 37.420999] ret_from_fork+0x10/0x20 [ 37.421583] [ 37.421981] The buggy address belongs to the object at fff00000c591a100 [ 37.421981] which belongs to the cache kmalloc-64 of size 64 [ 37.423154] The buggy address is located 0 bytes to the right of [ 37.423154] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.424385] [ 37.424757] The buggy address belongs to the physical page: [ 37.425399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.426377] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.427096] page_type: f5(slab) [ 37.427653] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.428609] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.429417] page dumped because: kasan: bad access detected [ 37.430101] [ 37.430473] Memory state around the buggy address: [ 37.431027] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.431877] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.432708] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.433488] ^ [ 37.434124] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.434942] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.435748] ================================================================== [ 36.870671] ================================================================== [ 36.871625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 36.872635] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.873620] [ 36.874084] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.875409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.876042] Hardware name: linux,dummy-virt (DT) [ 36.876734] Call trace: [ 36.877243] show_stack+0x20/0x38 (C) [ 36.877943] dump_stack_lvl+0x8c/0xd0 [ 36.878634] print_report+0x118/0x5e0 [ 36.879188] kasan_report+0xc8/0x118 [ 36.879878] __asan_report_load8_noabort+0x20/0x30 [ 36.880632] kasan_atomics_helper+0x3f58/0x4858 [ 36.881395] kasan_atomics+0x198/0x2e8 [ 36.882122] kunit_try_run_case+0x14c/0x3d0 [ 36.882794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.883551] kthread+0x24c/0x2d0 [ 36.884125] ret_from_fork+0x10/0x20 [ 36.884789] [ 36.885191] Allocated by task 254: [ 36.885744] kasan_save_stack+0x3c/0x68 [ 36.886317] kasan_save_track+0x20/0x40 [ 36.887053] kasan_save_alloc_info+0x40/0x58 [ 36.887584] __kasan_kmalloc+0xd4/0xd8 [ 36.888220] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.888925] kasan_atomics+0xb8/0x2e8 [ 36.889417] kunit_try_run_case+0x14c/0x3d0 [ 36.890096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.890744] kthread+0x24c/0x2d0 [ 36.891337] ret_from_fork+0x10/0x20 [ 36.891872] [ 36.892252] The buggy address belongs to the object at fff00000c591a100 [ 36.892252] which belongs to the cache kmalloc-64 of size 64 [ 36.893465] The buggy address is located 0 bytes to the right of [ 36.893465] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.894710] [ 36.895101] The buggy address belongs to the physical page: [ 36.895700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.896701] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.897580] page_type: f5(slab) [ 36.898137] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.899076] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.900257] page dumped because: kasan: bad access detected [ 36.900997] [ 36.901528] Memory state around the buggy address: [ 36.902137] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.902938] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.903819] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.904638] ^ [ 36.905325] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.906091] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.906885] ================================================================== [ 35.898403] ================================================================== [ 35.900113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 35.901150] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.901971] [ 35.902519] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.903954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.904653] Hardware name: linux,dummy-virt (DT) [ 35.905455] Call trace: [ 35.905932] show_stack+0x20/0x38 (C) [ 35.906488] dump_stack_lvl+0x8c/0xd0 [ 35.907097] print_report+0x118/0x5e0 [ 35.907670] kasan_report+0xc8/0x118 [ 35.908239] kasan_check_range+0x100/0x1a8 [ 35.908929] __kasan_check_write+0x20/0x30 [ 35.909531] kasan_atomics_helper+0x4e4/0x4858 [ 35.910143] kasan_atomics+0x198/0x2e8 [ 35.910785] kunit_try_run_case+0x14c/0x3d0 [ 35.911824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.912568] kthread+0x24c/0x2d0 [ 35.913126] ret_from_fork+0x10/0x20 [ 35.913768] [ 35.914163] Allocated by task 254: [ 35.914588] kasan_save_stack+0x3c/0x68 [ 35.915230] kasan_save_track+0x20/0x40 [ 35.915806] kasan_save_alloc_info+0x40/0x58 [ 35.916489] __kasan_kmalloc+0xd4/0xd8 [ 35.917006] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.917685] kasan_atomics+0xb8/0x2e8 [ 35.918183] kunit_try_run_case+0x14c/0x3d0 [ 35.918858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.919648] kthread+0x24c/0x2d0 [ 35.920252] ret_from_fork+0x10/0x20 [ 35.920863] [ 35.921293] The buggy address belongs to the object at fff00000c591a100 [ 35.921293] which belongs to the cache kmalloc-64 of size 64 [ 35.922528] The buggy address is located 0 bytes to the right of [ 35.922528] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.923641] [ 35.924031] The buggy address belongs to the physical page: [ 35.924754] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.925667] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.926493] page_type: f5(slab) [ 35.927065] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.927953] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.928792] page dumped because: kasan: bad access detected [ 35.929346] [ 35.929713] Memory state around the buggy address: [ 35.930341] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.931206] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.932048] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.932883] ^ [ 35.933504] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.934326] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.935157] ================================================================== [ 36.717776] ================================================================== [ 36.719557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 36.720616] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.721970] [ 36.722378] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.723662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.724204] Hardware name: linux,dummy-virt (DT) [ 36.724769] Call trace: [ 36.725203] show_stack+0x20/0x38 (C) [ 36.725770] dump_stack_lvl+0x8c/0xd0 [ 36.726480] print_report+0x118/0x5e0 [ 36.727101] kasan_report+0xc8/0x118 [ 36.727787] __asan_report_load4_noabort+0x20/0x30 [ 36.728529] kasan_atomics_helper+0x3dd8/0x4858 [ 36.729158] kasan_atomics+0x198/0x2e8 [ 36.729832] kunit_try_run_case+0x14c/0x3d0 [ 36.730535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.731377] kthread+0x24c/0x2d0 [ 36.731943] ret_from_fork+0x10/0x20 [ 36.732607] [ 36.733038] Allocated by task 254: [ 36.733627] kasan_save_stack+0x3c/0x68 [ 36.734249] kasan_save_track+0x20/0x40 [ 36.734839] kasan_save_alloc_info+0x40/0x58 [ 36.735545] __kasan_kmalloc+0xd4/0xd8 [ 36.736136] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.736838] kasan_atomics+0xb8/0x2e8 [ 36.737506] kunit_try_run_case+0x14c/0x3d0 [ 36.738164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.738987] kthread+0x24c/0x2d0 [ 36.739550] ret_from_fork+0x10/0x20 [ 36.740213] [ 36.740580] The buggy address belongs to the object at fff00000c591a100 [ 36.740580] which belongs to the cache kmalloc-64 of size 64 [ 36.741967] The buggy address is located 0 bytes to the right of [ 36.741967] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.743319] [ 36.743689] The buggy address belongs to the physical page: [ 36.744463] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.745420] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.746261] page_type: f5(slab) [ 36.746882] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.747782] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.748776] page dumped because: kasan: bad access detected [ 36.749430] [ 36.749847] Memory state around the buggy address: [ 36.750581] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.751400] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.752256] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.753129] ^ [ 36.753850] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.754730] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.755552] ================================================================== [ 36.201989] ================================================================== [ 36.202724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 36.203369] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.204816] [ 36.205266] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.206654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.207319] Hardware name: linux,dummy-virt (DT) [ 36.208008] Call trace: [ 36.208506] show_stack+0x20/0x38 (C) [ 36.209218] dump_stack_lvl+0x8c/0xd0 [ 36.209921] print_report+0x118/0x5e0 [ 36.210611] kasan_report+0xc8/0x118 [ 36.211298] kasan_check_range+0x100/0x1a8 [ 36.212061] __kasan_check_write+0x20/0x30 [ 36.213063] kasan_atomics_helper+0x894/0x4858 [ 36.213704] kasan_atomics+0x198/0x2e8 [ 36.214267] kunit_try_run_case+0x14c/0x3d0 [ 36.214893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.215708] kthread+0x24c/0x2d0 [ 36.216355] ret_from_fork+0x10/0x20 [ 36.217055] [ 36.217426] Allocated by task 254: [ 36.217985] kasan_save_stack+0x3c/0x68 [ 36.218653] kasan_save_track+0x20/0x40 [ 36.219234] kasan_save_alloc_info+0x40/0x58 [ 36.219934] __kasan_kmalloc+0xd4/0xd8 [ 36.220551] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.221205] kasan_atomics+0xb8/0x2e8 [ 36.221852] kunit_try_run_case+0x14c/0x3d0 [ 36.222576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.223286] kthread+0x24c/0x2d0 [ 36.223834] ret_from_fork+0x10/0x20 [ 36.224454] [ 36.224809] The buggy address belongs to the object at fff00000c591a100 [ 36.224809] which belongs to the cache kmalloc-64 of size 64 [ 36.226150] The buggy address is located 0 bytes to the right of [ 36.226150] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.227537] [ 36.227933] The buggy address belongs to the physical page: [ 36.228584] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.229650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.230402] page_type: f5(slab) [ 36.231043] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.231928] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.232858] page dumped because: kasan: bad access detected [ 36.233567] [ 36.233983] Memory state around the buggy address: [ 36.234626] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.235631] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.236441] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.237333] ^ [ 36.238292] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.239212] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.239790] ================================================================== [ 37.325365] ================================================================== [ 37.326497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 37.327856] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.328810] [ 37.329270] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.330409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.331024] Hardware name: linux,dummy-virt (DT) [ 37.331629] Call trace: [ 37.332144] show_stack+0x20/0x38 (C) [ 37.332796] dump_stack_lvl+0x8c/0xd0 [ 37.333506] print_report+0x118/0x5e0 [ 37.334129] kasan_report+0xc8/0x118 [ 37.334818] kasan_check_range+0x100/0x1a8 [ 37.335591] __kasan_check_write+0x20/0x30 [ 37.336259] kasan_atomics_helper+0x126c/0x4858 [ 37.336927] kasan_atomics+0x198/0x2e8 [ 37.337602] kunit_try_run_case+0x14c/0x3d0 [ 37.338235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.339060] kthread+0x24c/0x2d0 [ 37.339581] ret_from_fork+0x10/0x20 [ 37.340213] [ 37.340523] Allocated by task 254: [ 37.341088] kasan_save_stack+0x3c/0x68 [ 37.341606] kasan_save_track+0x20/0x40 [ 37.342204] kasan_save_alloc_info+0x40/0x58 [ 37.342873] __kasan_kmalloc+0xd4/0xd8 [ 37.343509] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.344191] kasan_atomics+0xb8/0x2e8 [ 37.344657] kunit_try_run_case+0x14c/0x3d0 [ 37.345218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.346044] kthread+0x24c/0x2d0 [ 37.346614] ret_from_fork+0x10/0x20 [ 37.347225] [ 37.347591] The buggy address belongs to the object at fff00000c591a100 [ 37.347591] which belongs to the cache kmalloc-64 of size 64 [ 37.348764] The buggy address is located 0 bytes to the right of [ 37.348764] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.350001] [ 37.350365] The buggy address belongs to the physical page: [ 37.351022] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.351862] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.352757] page_type: f5(slab) [ 37.353341] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.354288] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.355108] page dumped because: kasan: bad access detected [ 37.355682] [ 37.356076] Memory state around the buggy address: [ 37.356745] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.357575] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.358373] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.359183] ^ [ 37.359759] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.360539] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.361356] ================================================================== [ 37.363140] ================================================================== [ 37.364323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 37.365272] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.366173] [ 37.366578] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.367779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.368417] Hardware name: linux,dummy-virt (DT) [ 37.369084] Call trace: [ 37.369510] show_stack+0x20/0x38 (C) [ 37.370173] dump_stack_lvl+0x8c/0xd0 [ 37.370817] print_report+0x118/0x5e0 [ 37.371404] kasan_report+0xc8/0x118 [ 37.371980] kasan_check_range+0x100/0x1a8 [ 37.372661] __kasan_check_write+0x20/0x30 [ 37.373250] kasan_atomics_helper+0x12d8/0x4858 [ 37.373964] kasan_atomics+0x198/0x2e8 [ 37.374615] kunit_try_run_case+0x14c/0x3d0 [ 37.375420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.376078] kthread+0x24c/0x2d0 [ 37.376645] ret_from_fork+0x10/0x20 [ 37.377246] [ 37.377574] Allocated by task 254: [ 37.378044] kasan_save_stack+0x3c/0x68 [ 37.378666] kasan_save_track+0x20/0x40 [ 37.379272] kasan_save_alloc_info+0x40/0x58 [ 37.379815] __kasan_kmalloc+0xd4/0xd8 [ 37.380452] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.381028] kasan_atomics+0xb8/0x2e8 [ 37.381636] kunit_try_run_case+0x14c/0x3d0 [ 37.382209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.382891] kthread+0x24c/0x2d0 [ 37.383479] ret_from_fork+0x10/0x20 [ 37.383981] [ 37.384357] The buggy address belongs to the object at fff00000c591a100 [ 37.384357] which belongs to the cache kmalloc-64 of size 64 [ 37.385610] The buggy address is located 0 bytes to the right of [ 37.385610] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.386830] [ 37.387222] The buggy address belongs to the physical page: [ 37.387946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.388705] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.389580] page_type: f5(slab) [ 37.390104] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.390986] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.391821] page dumped because: kasan: bad access detected [ 37.392401] [ 37.392770] Memory state around the buggy address: [ 37.393389] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.394257] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.395074] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.395876] ^ [ 37.396565] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.397294] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.398121] ================================================================== [ 37.550484] ================================================================== [ 37.551285] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 37.552293] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.553268] [ 37.553732] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.554625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.555093] Hardware name: linux,dummy-virt (DT) [ 37.555720] Call trace: [ 37.556233] show_stack+0x20/0x38 (C) [ 37.557017] dump_stack_lvl+0x8c/0xd0 [ 37.557764] print_report+0x118/0x5e0 [ 37.558488] kasan_report+0xc8/0x118 [ 37.559048] kasan_check_range+0x100/0x1a8 [ 37.559782] __kasan_check_write+0x20/0x30 [ 37.560513] kasan_atomics_helper+0x14e4/0x4858 [ 37.561139] kasan_atomics+0x198/0x2e8 [ 37.561826] kunit_try_run_case+0x14c/0x3d0 [ 37.562464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.563326] kthread+0x24c/0x2d0 [ 37.563976] ret_from_fork+0x10/0x20 [ 37.564538] [ 37.564982] Allocated by task 254: [ 37.565507] kasan_save_stack+0x3c/0x68 [ 37.566160] kasan_save_track+0x20/0x40 [ 37.566655] kasan_save_alloc_info+0x40/0x58 [ 37.567368] __kasan_kmalloc+0xd4/0xd8 [ 37.567932] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.568627] kasan_atomics+0xb8/0x2e8 [ 37.569289] kunit_try_run_case+0x14c/0x3d0 [ 37.569966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.570758] kthread+0x24c/0x2d0 [ 37.571310] ret_from_fork+0x10/0x20 [ 37.571958] [ 37.572390] The buggy address belongs to the object at fff00000c591a100 [ 37.572390] which belongs to the cache kmalloc-64 of size 64 [ 37.573669] The buggy address is located 0 bytes to the right of [ 37.573669] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.575074] [ 37.575435] The buggy address belongs to the physical page: [ 37.576227] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.577042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.577952] page_type: f5(slab) [ 37.578520] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.579480] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.580357] page dumped because: kasan: bad access detected [ 37.581153] [ 37.581557] Memory state around the buggy address: [ 37.582192] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.583035] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.583918] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.584730] ^ [ 37.585354] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.586198] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.587062] ================================================================== [ 37.140727] ================================================================== [ 37.141515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 37.142303] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.143114] [ 37.143508] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.144653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.145272] Hardware name: linux,dummy-virt (DT) [ 37.145839] Call trace: [ 37.146314] show_stack+0x20/0x38 (C) [ 37.146935] dump_stack_lvl+0x8c/0xd0 [ 37.147492] print_report+0x118/0x5e0 [ 37.148060] kasan_report+0xc8/0x118 [ 37.148684] kasan_check_range+0x100/0x1a8 [ 37.149334] __kasan_check_write+0x20/0x30 [ 37.149871] kasan_atomics_helper+0x1058/0x4858 [ 37.150601] kasan_atomics+0x198/0x2e8 [ 37.151180] kunit_try_run_case+0x14c/0x3d0 [ 37.151755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.152565] kthread+0x24c/0x2d0 [ 37.153115] ret_from_fork+0x10/0x20 [ 37.153707] [ 37.154097] Allocated by task 254: [ 37.154650] kasan_save_stack+0x3c/0x68 [ 37.155262] kasan_save_track+0x20/0x40 [ 37.155956] kasan_save_alloc_info+0x40/0x58 [ 37.156546] __kasan_kmalloc+0xd4/0xd8 [ 37.157087] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.157761] kasan_atomics+0xb8/0x2e8 [ 37.158317] kunit_try_run_case+0x14c/0x3d0 [ 37.158992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.159588] kthread+0x24c/0x2d0 [ 37.160168] ret_from_fork+0x10/0x20 [ 37.160770] [ 37.161145] The buggy address belongs to the object at fff00000c591a100 [ 37.161145] which belongs to the cache kmalloc-64 of size 64 [ 37.162293] The buggy address is located 0 bytes to the right of [ 37.162293] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.163338] [ 37.163712] The buggy address belongs to the physical page: [ 37.164456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.165491] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.166201] page_type: f5(slab) [ 37.166774] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.167734] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.168547] page dumped because: kasan: bad access detected [ 37.169245] [ 37.169588] Memory state around the buggy address: [ 37.170278] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.171089] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.171896] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.172693] ^ [ 37.173315] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.174088] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.174950] ================================================================== [ 35.746704] ================================================================== [ 35.747830] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 35.748454] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.749811] [ 35.750237] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.751481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.751995] Hardware name: linux,dummy-virt (DT) [ 35.753209] Call trace: [ 35.753585] show_stack+0x20/0x38 (C) [ 35.754087] dump_stack_lvl+0x8c/0xd0 [ 35.754724] print_report+0x118/0x5e0 [ 35.755365] kasan_report+0xc8/0x118 [ 35.756038] __asan_report_store4_noabort+0x20/0x30 [ 35.756787] kasan_atomics_helper+0x3f94/0x4858 [ 35.757525] kasan_atomics+0x198/0x2e8 [ 35.758177] kunit_try_run_case+0x14c/0x3d0 [ 35.758807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.759595] kthread+0x24c/0x2d0 [ 35.760197] ret_from_fork+0x10/0x20 [ 35.760741] [ 35.761133] Allocated by task 254: [ 35.761649] kasan_save_stack+0x3c/0x68 [ 35.762301] kasan_save_track+0x20/0x40 [ 35.762874] kasan_save_alloc_info+0x40/0x58 [ 35.763481] __kasan_kmalloc+0xd4/0xd8 [ 35.763975] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.764664] kasan_atomics+0xb8/0x2e8 [ 35.765230] kunit_try_run_case+0x14c/0x3d0 [ 35.765892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.766603] kthread+0x24c/0x2d0 [ 35.767058] ret_from_fork+0x10/0x20 [ 35.767664] [ 35.768053] The buggy address belongs to the object at fff00000c591a100 [ 35.768053] which belongs to the cache kmalloc-64 of size 64 [ 35.769336] The buggy address is located 0 bytes to the right of [ 35.769336] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.770928] [ 35.771314] The buggy address belongs to the physical page: [ 35.771950] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.772797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.773586] page_type: f5(slab) [ 35.774076] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.774928] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.775805] page dumped because: kasan: bad access detected [ 35.776547] [ 35.776859] Memory state around the buggy address: [ 35.777532] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.778330] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.779159] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.779993] ^ [ 35.780604] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.781331] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.782181] ================================================================== [ 37.588828] ================================================================== [ 37.589627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 37.590573] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.591426] [ 37.591866] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.592857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.593521] Hardware name: linux,dummy-virt (DT) [ 37.594219] Call trace: [ 37.594740] show_stack+0x20/0x38 (C) [ 37.595356] dump_stack_lvl+0x8c/0xd0 [ 37.596043] print_report+0x118/0x5e0 [ 37.596725] kasan_report+0xc8/0x118 [ 37.597354] kasan_check_range+0x100/0x1a8 [ 37.598100] __kasan_check_write+0x20/0x30 [ 37.598762] kasan_atomics_helper+0x154c/0x4858 [ 37.599494] kasan_atomics+0x198/0x2e8 [ 37.600075] kunit_try_run_case+0x14c/0x3d0 [ 37.600808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.601585] kthread+0x24c/0x2d0 [ 37.602192] ret_from_fork+0x10/0x20 [ 37.602798] [ 37.603190] Allocated by task 254: [ 37.603776] kasan_save_stack+0x3c/0x68 [ 37.604375] kasan_save_track+0x20/0x40 [ 37.605052] kasan_save_alloc_info+0x40/0x58 [ 37.605605] __kasan_kmalloc+0xd4/0xd8 [ 37.606265] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.606888] kasan_atomics+0xb8/0x2e8 [ 37.607547] kunit_try_run_case+0x14c/0x3d0 [ 37.608153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.608923] kthread+0x24c/0x2d0 [ 37.609476] ret_from_fork+0x10/0x20 [ 37.610126] [ 37.610466] The buggy address belongs to the object at fff00000c591a100 [ 37.610466] which belongs to the cache kmalloc-64 of size 64 [ 37.611766] The buggy address is located 0 bytes to the right of [ 37.611766] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.613082] [ 37.613475] The buggy address belongs to the physical page: [ 37.614225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.615236] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.616021] page_type: f5(slab) [ 37.616624] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.617471] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.618423] page dumped because: kasan: bad access detected [ 37.619123] [ 37.619432] Memory state around the buggy address: [ 37.620124] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.620815] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.621732] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.622598] ^ [ 37.623289] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.624161] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.624966] ================================================================== [ 37.626813] ================================================================== [ 37.627656] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 37.628800] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.629826] [ 37.630261] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.631413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.632097] Hardware name: linux,dummy-virt (DT) [ 37.632703] Call trace: [ 37.633271] show_stack+0x20/0x38 (C) [ 37.634014] dump_stack_lvl+0x8c/0xd0 [ 37.634666] print_report+0x118/0x5e0 [ 37.635338] kasan_report+0xc8/0x118 [ 37.635995] kasan_check_range+0x100/0x1a8 [ 37.636765] __kasan_check_write+0x20/0x30 [ 37.637387] kasan_atomics_helper+0x15b4/0x4858 [ 37.638081] kasan_atomics+0x198/0x2e8 [ 37.638728] kunit_try_run_case+0x14c/0x3d0 [ 37.639301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.640153] kthread+0x24c/0x2d0 [ 37.640808] ret_from_fork+0x10/0x20 [ 37.641508] [ 37.641885] Allocated by task 254: [ 37.642512] kasan_save_stack+0x3c/0x68 [ 37.643181] kasan_save_track+0x20/0x40 [ 37.643780] kasan_save_alloc_info+0x40/0x58 [ 37.644431] __kasan_kmalloc+0xd4/0xd8 [ 37.645101] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.645677] kasan_atomics+0xb8/0x2e8 [ 37.646328] kunit_try_run_case+0x14c/0x3d0 [ 37.646945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.647710] kthread+0x24c/0x2d0 [ 37.648240] ret_from_fork+0x10/0x20 [ 37.648870] [ 37.649227] The buggy address belongs to the object at fff00000c591a100 [ 37.649227] which belongs to the cache kmalloc-64 of size 64 [ 37.650485] The buggy address is located 0 bytes to the right of [ 37.650485] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.651815] [ 37.652179] The buggy address belongs to the physical page: [ 37.652969] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.653750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.654686] page_type: f5(slab) [ 37.655230] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.656154] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.657063] page dumped because: kasan: bad access detected [ 37.657730] [ 37.658137] Memory state around the buggy address: [ 37.658796] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.659565] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.660461] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.661374] ^ [ 37.662069] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.662920] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.663729] ================================================================== [ 36.559547] ================================================================== [ 36.560792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 36.562032] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.563138] [ 36.563677] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.564798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.565201] Hardware name: linux,dummy-virt (DT) [ 36.565838] Call trace: [ 36.566317] show_stack+0x20/0x38 (C) [ 36.566977] dump_stack_lvl+0x8c/0xd0 [ 36.567611] print_report+0x118/0x5e0 [ 36.568221] kasan_report+0xc8/0x118 [ 36.568874] __asan_report_load4_noabort+0x20/0x30 [ 36.569535] kasan_atomics_helper+0x3dbc/0x4858 [ 36.570300] kasan_atomics+0x198/0x2e8 [ 36.570937] kunit_try_run_case+0x14c/0x3d0 [ 36.571619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.572435] kthread+0x24c/0x2d0 [ 36.572958] ret_from_fork+0x10/0x20 [ 36.573627] [ 36.574000] Allocated by task 254: [ 36.574584] kasan_save_stack+0x3c/0x68 [ 36.575241] kasan_save_track+0x20/0x40 [ 36.575924] kasan_save_alloc_info+0x40/0x58 [ 36.576597] __kasan_kmalloc+0xd4/0xd8 [ 36.577201] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.577945] kasan_atomics+0xb8/0x2e8 [ 36.578560] kunit_try_run_case+0x14c/0x3d0 [ 36.579284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.580003] kthread+0x24c/0x2d0 [ 36.580621] ret_from_fork+0x10/0x20 [ 36.581099] [ 36.581483] The buggy address belongs to the object at fff00000c591a100 [ 36.581483] which belongs to the cache kmalloc-64 of size 64 [ 36.582699] The buggy address is located 0 bytes to the right of [ 36.582699] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.584134] [ 36.584494] The buggy address belongs to the physical page: [ 36.585265] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.586207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.587033] page_type: f5(slab) [ 36.587624] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.588501] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.589433] page dumped because: kasan: bad access detected [ 36.590115] [ 36.590497] Memory state around the buggy address: [ 36.591231] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.592023] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.592929] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.593744] ^ [ 36.594349] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.595263] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.596067] ================================================================== [ 37.743056] ================================================================== [ 37.743721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 37.744939] Read of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.746426] [ 37.747029] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.748571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.749039] Hardware name: linux,dummy-virt (DT) [ 37.749687] Call trace: [ 37.750160] show_stack+0x20/0x38 (C) [ 37.750690] dump_stack_lvl+0x8c/0xd0 [ 37.751349] print_report+0x118/0x5e0 [ 37.751858] kasan_report+0xc8/0x118 [ 37.752506] __asan_report_load8_noabort+0x20/0x30 [ 37.753272] kasan_atomics_helper+0x3df4/0x4858 [ 37.753981] kasan_atomics+0x198/0x2e8 [ 37.754669] kunit_try_run_case+0x14c/0x3d0 [ 37.755258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.755958] kthread+0x24c/0x2d0 [ 37.756753] ret_from_fork+0x10/0x20 [ 37.757412] [ 37.757828] Allocated by task 254: [ 37.758325] kasan_save_stack+0x3c/0x68 [ 37.758965] kasan_save_track+0x20/0x40 [ 37.759664] kasan_save_alloc_info+0x40/0x58 [ 37.760386] __kasan_kmalloc+0xd4/0xd8 [ 37.760876] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.761850] kasan_atomics+0xb8/0x2e8 [ 37.762573] kunit_try_run_case+0x14c/0x3d0 [ 37.763141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.763795] kthread+0x24c/0x2d0 [ 37.764408] ret_from_fork+0x10/0x20 [ 37.764922] [ 37.765289] The buggy address belongs to the object at fff00000c591a100 [ 37.765289] which belongs to the cache kmalloc-64 of size 64 [ 37.766419] The buggy address is located 0 bytes to the right of [ 37.766419] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.767707] [ 37.768091] The buggy address belongs to the physical page: [ 37.768755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.769659] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.770431] page_type: f5(slab) [ 37.771031] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.771836] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.772791] page dumped because: kasan: bad access detected [ 37.773395] [ 37.773770] Memory state around the buggy address: [ 37.774461] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.775200] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.776123] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.776938] ^ [ 37.777622] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.778407] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.779248] ================================================================== [ 36.086655] ================================================================== [ 36.087521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 36.088952] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.089753] [ 36.090175] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.091340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.091959] Hardware name: linux,dummy-virt (DT) [ 36.092480] Call trace: [ 36.092962] show_stack+0x20/0x38 (C) [ 36.093519] dump_stack_lvl+0x8c/0xd0 [ 36.094180] print_report+0x118/0x5e0 [ 36.094827] kasan_report+0xc8/0x118 [ 36.095452] kasan_check_range+0x100/0x1a8 [ 36.096150] __kasan_check_write+0x20/0x30 [ 36.096763] kasan_atomics_helper+0x6ec/0x4858 [ 36.097479] kasan_atomics+0x198/0x2e8 [ 36.098139] kunit_try_run_case+0x14c/0x3d0 [ 36.098700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.099488] kthread+0x24c/0x2d0 [ 36.100022] ret_from_fork+0x10/0x20 [ 36.100649] [ 36.101011] Allocated by task 254: [ 36.101557] kasan_save_stack+0x3c/0x68 [ 36.102182] kasan_save_track+0x20/0x40 [ 36.102716] kasan_save_alloc_info+0x40/0x58 [ 36.103395] __kasan_kmalloc+0xd4/0xd8 [ 36.103931] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.104612] kasan_atomics+0xb8/0x2e8 [ 36.105165] kunit_try_run_case+0x14c/0x3d0 [ 36.105856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.106488] kthread+0x24c/0x2d0 [ 36.107077] ret_from_fork+0x10/0x20 [ 36.107662] [ 36.108050] The buggy address belongs to the object at fff00000c591a100 [ 36.108050] which belongs to the cache kmalloc-64 of size 64 [ 36.109204] The buggy address is located 0 bytes to the right of [ 36.109204] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.110398] [ 36.110781] The buggy address belongs to the physical page: [ 36.111523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.112443] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.113204] page_type: f5(slab) [ 36.113697] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.114598] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.115451] page dumped because: kasan: bad access detected [ 36.116097] [ 36.116469] Memory state around the buggy address: [ 36.117099] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.117877] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.118706] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.119356] ^ [ 36.120048] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.120879] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.121660] ================================================================== [ 35.937926] ================================================================== [ 35.938638] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 35.939436] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.940249] [ 35.941058] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.941963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.942592] Hardware name: linux,dummy-virt (DT) [ 35.943118] Call trace: [ 35.943573] show_stack+0x20/0x38 (C) [ 35.944232] dump_stack_lvl+0x8c/0xd0 [ 35.944888] print_report+0x118/0x5e0 [ 35.945553] kasan_report+0xc8/0x118 [ 35.946106] kasan_check_range+0x100/0x1a8 [ 35.946791] __kasan_check_write+0x20/0x30 [ 35.947460] kasan_atomics_helper+0x54c/0x4858 [ 35.948154] kasan_atomics+0x198/0x2e8 [ 35.948727] kunit_try_run_case+0x14c/0x3d0 [ 35.949361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.950094] kthread+0x24c/0x2d0 [ 35.950650] ret_from_fork+0x10/0x20 [ 35.951242] [ 35.951563] Allocated by task 254: [ 35.952135] kasan_save_stack+0x3c/0x68 [ 35.952743] kasan_save_track+0x20/0x40 [ 35.953338] kasan_save_alloc_info+0x40/0x58 [ 35.954022] __kasan_kmalloc+0xd4/0xd8 [ 35.954560] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.955258] kasan_atomics+0xb8/0x2e8 [ 35.955819] kunit_try_run_case+0x14c/0x3d0 [ 35.956400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.957192] kthread+0x24c/0x2d0 [ 35.957642] ret_from_fork+0x10/0x20 [ 35.958262] [ 35.958640] The buggy address belongs to the object at fff00000c591a100 [ 35.958640] which belongs to the cache kmalloc-64 of size 64 [ 35.959984] The buggy address is located 0 bytes to the right of [ 35.959984] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.961183] [ 35.961553] The buggy address belongs to the physical page: [ 35.962259] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.963248] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.964091] page_type: f5(slab) [ 35.964641] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.965428] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.966379] page dumped because: kasan: bad access detected [ 35.966967] [ 35.967340] Memory state around the buggy address: [ 35.968029] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.968791] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.969606] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.970410] ^ [ 35.971049] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.971958] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.972848] ================================================================== [ 35.708723] ================================================================== [ 35.709444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 35.710238] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.711152] [ 35.711596] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.712528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.713262] Hardware name: linux,dummy-virt (DT) [ 35.713976] Call trace: [ 35.714460] show_stack+0x20/0x38 (C) [ 35.715193] dump_stack_lvl+0x8c/0xd0 [ 35.715815] print_report+0x118/0x5e0 [ 35.716531] kasan_report+0xc8/0x118 [ 35.717224] kasan_check_range+0x100/0x1a8 [ 35.717951] __kasan_check_write+0x20/0x30 [ 35.718579] kasan_atomics_helper+0x32c/0x4858 [ 35.719434] kasan_atomics+0x198/0x2e8 [ 35.720126] kunit_try_run_case+0x14c/0x3d0 [ 35.720919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.721752] kthread+0x24c/0x2d0 [ 35.722324] ret_from_fork+0x10/0x20 [ 35.722970] [ 35.723308] Allocated by task 254: [ 35.723869] kasan_save_stack+0x3c/0x68 [ 35.724598] kasan_save_track+0x20/0x40 [ 35.725075] kasan_save_alloc_info+0x40/0x58 [ 35.725810] __kasan_kmalloc+0xd4/0xd8 [ 35.726437] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.727066] kasan_atomics+0xb8/0x2e8 [ 35.727600] kunit_try_run_case+0x14c/0x3d0 [ 35.728218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.728892] kthread+0x24c/0x2d0 [ 35.729412] ret_from_fork+0x10/0x20 [ 35.729959] [ 35.730319] The buggy address belongs to the object at fff00000c591a100 [ 35.730319] which belongs to the cache kmalloc-64 of size 64 [ 35.731565] The buggy address is located 0 bytes to the right of [ 35.731565] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.732772] [ 35.733159] The buggy address belongs to the physical page: [ 35.733726] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.734740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.735604] page_type: f5(slab) [ 35.736084] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.736993] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.737838] page dumped because: kasan: bad access detected [ 35.738475] [ 35.738848] Memory state around the buggy address: [ 35.739817] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.740598] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.741495] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.742346] ^ [ 35.742918] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.743776] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.744521] ================================================================== [ 36.319151] ================================================================== [ 36.320537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 36.321336] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.322111] [ 36.322533] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.323580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.324201] Hardware name: linux,dummy-virt (DT) [ 36.324734] Call trace: [ 36.325216] show_stack+0x20/0x38 (C) [ 36.325771] dump_stack_lvl+0x8c/0xd0 [ 36.326414] print_report+0x118/0x5e0 [ 36.327023] kasan_report+0xc8/0x118 [ 36.327534] kasan_check_range+0x100/0x1a8 [ 36.328201] __kasan_check_write+0x20/0x30 [ 36.328871] kasan_atomics_helper+0x99c/0x4858 [ 36.329484] kasan_atomics+0x198/0x2e8 [ 36.330141] kunit_try_run_case+0x14c/0x3d0 [ 36.330802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.331489] kthread+0x24c/0x2d0 [ 36.332095] ret_from_fork+0x10/0x20 [ 36.332634] [ 36.333021] Allocated by task 254: [ 36.333542] kasan_save_stack+0x3c/0x68 [ 36.334174] kasan_save_track+0x20/0x40 [ 36.334732] kasan_save_alloc_info+0x40/0x58 [ 36.335285] __kasan_kmalloc+0xd4/0xd8 [ 36.335893] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.336503] kasan_atomics+0xb8/0x2e8 [ 36.337068] kunit_try_run_case+0x14c/0x3d0 [ 36.337724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.338719] kthread+0x24c/0x2d0 [ 36.339292] ret_from_fork+0x10/0x20 [ 36.339849] [ 36.340198] The buggy address belongs to the object at fff00000c591a100 [ 36.340198] which belongs to the cache kmalloc-64 of size 64 [ 36.341326] The buggy address is located 0 bytes to the right of [ 36.341326] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.342620] [ 36.343007] The buggy address belongs to the physical page: [ 36.343631] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.344455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.345242] page_type: f5(slab) [ 36.345769] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.346679] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.347532] page dumped because: kasan: bad access detected [ 36.348083] [ 36.348447] Memory state around the buggy address: [ 36.349149] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.349870] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.350718] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.351507] ^ [ 36.352133] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.352956] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.353849] ================================================================== [ 35.627557] ================================================================== [ 35.628278] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 35.629097] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.629799] [ 35.630231] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.631479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.632028] Hardware name: linux,dummy-virt (DT) [ 35.632673] Call trace: [ 35.633141] show_stack+0x20/0x38 (C) [ 35.633743] dump_stack_lvl+0x8c/0xd0 [ 35.634324] print_report+0x118/0x5e0 [ 35.635015] kasan_report+0xc8/0x118 [ 35.635698] kasan_check_range+0x100/0x1a8 [ 35.636410] __kasan_check_read+0x20/0x30 [ 35.637003] kasan_atomics_helper+0x2b0/0x4858 [ 35.637710] kasan_atomics+0x198/0x2e8 [ 35.638375] kunit_try_run_case+0x14c/0x3d0 [ 35.639034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.639831] kthread+0x24c/0x2d0 [ 35.640446] ret_from_fork+0x10/0x20 [ 35.641081] [ 35.641405] Allocated by task 254: [ 35.641979] kasan_save_stack+0x3c/0x68 [ 35.642517] kasan_save_track+0x20/0x40 [ 35.643155] kasan_save_alloc_info+0x40/0x58 [ 35.643742] __kasan_kmalloc+0xd4/0xd8 [ 35.644374] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.645065] kasan_atomics+0xb8/0x2e8 [ 35.645697] kunit_try_run_case+0x14c/0x3d0 [ 35.646288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.646966] kthread+0x24c/0x2d0 [ 35.647547] ret_from_fork+0x10/0x20 [ 35.648081] [ 35.648450] The buggy address belongs to the object at fff00000c591a100 [ 35.648450] which belongs to the cache kmalloc-64 of size 64 [ 35.649466] The buggy address is located 0 bytes to the right of [ 35.649466] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.650563] [ 35.650942] The buggy address belongs to the physical page: [ 35.651655] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.652468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.653348] page_type: f5(slab) [ 35.653833] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.654673] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.655657] page dumped because: kasan: bad access detected [ 35.656251] [ 35.656605] Memory state around the buggy address: [ 35.657303] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.657999] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.658930] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.659657] ^ [ 35.660365] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.661188] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.662083] ================================================================== [ 36.013186] ================================================================== [ 36.013858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 36.015517] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.016407] [ 36.016844] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.017877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.018417] Hardware name: linux,dummy-virt (DT) [ 36.019077] Call trace: [ 36.019531] show_stack+0x20/0x38 (C) [ 36.020138] dump_stack_lvl+0x8c/0xd0 [ 36.020670] print_report+0x118/0x5e0 [ 36.021200] kasan_report+0xc8/0x118 [ 36.021823] kasan_check_range+0x100/0x1a8 [ 36.022538] __kasan_check_write+0x20/0x30 [ 36.023243] kasan_atomics_helper+0x61c/0x4858 [ 36.023935] kasan_atomics+0x198/0x2e8 [ 36.024495] kunit_try_run_case+0x14c/0x3d0 [ 36.025196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.026058] kthread+0x24c/0x2d0 [ 36.026649] ret_from_fork+0x10/0x20 [ 36.027240] [ 36.027577] Allocated by task 254: [ 36.028062] kasan_save_stack+0x3c/0x68 [ 36.028692] kasan_save_track+0x20/0x40 [ 36.029319] kasan_save_alloc_info+0x40/0x58 [ 36.029971] __kasan_kmalloc+0xd4/0xd8 [ 36.030586] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.031155] kasan_atomics+0xb8/0x2e8 [ 36.031760] kunit_try_run_case+0x14c/0x3d0 [ 36.032374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.033018] kthread+0x24c/0x2d0 [ 36.033579] ret_from_fork+0x10/0x20 [ 36.034161] [ 36.034534] The buggy address belongs to the object at fff00000c591a100 [ 36.034534] which belongs to the cache kmalloc-64 of size 64 [ 36.035798] The buggy address is located 0 bytes to the right of [ 36.035798] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.037211] [ 36.037530] The buggy address belongs to the physical page: [ 36.038272] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.039077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.039965] page_type: f5(slab) [ 36.040499] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.041295] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.042169] page dumped because: kasan: bad access detected [ 36.042758] [ 36.043142] Memory state around the buggy address: [ 36.043728] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.044500] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.045291] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.046167] ^ [ 36.046723] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.047581] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.048327] ================================================================== [ 36.795741] ================================================================== [ 36.797057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 36.798970] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.799990] [ 36.800356] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.801432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.802011] Hardware name: linux,dummy-virt (DT) [ 36.802673] Call trace: [ 36.803066] show_stack+0x20/0x38 (C) [ 36.803701] dump_stack_lvl+0x8c/0xd0 [ 36.804256] print_report+0x118/0x5e0 [ 36.804886] kasan_report+0xc8/0x118 [ 36.805467] __asan_report_load4_noabort+0x20/0x30 [ 36.806174] kasan_atomics_helper+0x3e04/0x4858 [ 36.806885] kasan_atomics+0x198/0x2e8 [ 36.807469] kunit_try_run_case+0x14c/0x3d0 [ 36.808185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.808985] kthread+0x24c/0x2d0 [ 36.809449] ret_from_fork+0x10/0x20 [ 36.810103] [ 36.810443] Allocated by task 254: [ 36.810973] kasan_save_stack+0x3c/0x68 [ 36.811601] kasan_save_track+0x20/0x40 [ 36.812256] kasan_save_alloc_info+0x40/0x58 [ 36.812845] __kasan_kmalloc+0xd4/0xd8 [ 36.813492] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.814033] kasan_atomics+0xb8/0x2e8 [ 36.814643] kunit_try_run_case+0x14c/0x3d0 [ 36.815236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.815925] kthread+0x24c/0x2d0 [ 36.816448] ret_from_fork+0x10/0x20 [ 36.817063] [ 36.817415] The buggy address belongs to the object at fff00000c591a100 [ 36.817415] which belongs to the cache kmalloc-64 of size 64 [ 36.818671] The buggy address is located 0 bytes to the right of [ 36.818671] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.819972] [ 36.820338] The buggy address belongs to the physical page: [ 36.821032] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.821988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.822655] page_type: f5(slab) [ 36.823180] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.824085] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.824965] page dumped because: kasan: bad access detected [ 36.825591] [ 36.825978] Memory state around the buggy address: [ 36.826528] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.827402] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.828134] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.828934] ^ [ 36.829619] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.830411] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.831334] ================================================================== [ 37.250566] ================================================================== [ 37.251430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 37.252259] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.253074] [ 37.253556] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.254791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.255353] Hardware name: linux,dummy-virt (DT) [ 37.255977] Call trace: [ 37.256435] show_stack+0x20/0x38 (C) [ 37.257108] dump_stack_lvl+0x8c/0xd0 [ 37.257690] print_report+0x118/0x5e0 [ 37.258355] kasan_report+0xc8/0x118 [ 37.259021] kasan_check_range+0x100/0x1a8 [ 37.259603] __kasan_check_write+0x20/0x30 [ 37.260301] kasan_atomics_helper+0x1190/0x4858 [ 37.260973] kasan_atomics+0x198/0x2e8 [ 37.261467] kunit_try_run_case+0x14c/0x3d0 [ 37.262169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.262811] kthread+0x24c/0x2d0 [ 37.263438] ret_from_fork+0x10/0x20 [ 37.264091] [ 37.264441] Allocated by task 254: [ 37.264937] kasan_save_stack+0x3c/0x68 [ 37.265596] kasan_save_track+0x20/0x40 [ 37.266121] kasan_save_alloc_info+0x40/0x58 [ 37.266766] __kasan_kmalloc+0xd4/0xd8 [ 37.267400] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.268070] kasan_atomics+0xb8/0x2e8 [ 37.268604] kunit_try_run_case+0x14c/0x3d0 [ 37.269243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.270024] kthread+0x24c/0x2d0 [ 37.270558] ret_from_fork+0x10/0x20 [ 37.271175] [ 37.271520] The buggy address belongs to the object at fff00000c591a100 [ 37.271520] which belongs to the cache kmalloc-64 of size 64 [ 37.272661] The buggy address is located 0 bytes to the right of [ 37.272661] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.273885] [ 37.274271] The buggy address belongs to the physical page: [ 37.275013] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.275963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.276679] page_type: f5(slab) [ 37.277263] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.278077] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.279018] page dumped because: kasan: bad access detected [ 37.279653] [ 37.280005] Memory state around the buggy address: [ 37.280692] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.281475] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.282340] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.283153] ^ [ 37.283833] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.284623] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.285540] ================================================================== [ 35.501167] ================================================================== [ 35.501977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 35.502850] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.504350] [ 35.504920] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.506260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.507054] Hardware name: linux,dummy-virt (DT) [ 35.507868] Call trace: [ 35.508514] show_stack+0x20/0x38 (C) [ 35.509277] dump_stack_lvl+0x8c/0xd0 [ 35.510135] print_report+0x118/0x5e0 [ 35.510944] kasan_report+0xc8/0x118 [ 35.511712] __asan_report_store4_noabort+0x20/0x30 [ 35.512601] kasan_atomics_helper+0x3f7c/0x4858 [ 35.513431] kasan_atomics+0x198/0x2e8 [ 35.514224] kunit_try_run_case+0x14c/0x3d0 [ 35.515085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.515741] kthread+0x24c/0x2d0 [ 35.516235] ret_from_fork+0x10/0x20 [ 35.516746] [ 35.517112] Allocated by task 254: [ 35.518131] kasan_save_stack+0x3c/0x68 [ 35.518741] kasan_save_track+0x20/0x40 [ 35.519645] kasan_save_alloc_info+0x40/0x58 [ 35.520276] __kasan_kmalloc+0xd4/0xd8 [ 35.521097] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.521929] kasan_atomics+0xb8/0x2e8 [ 35.522680] kunit_try_run_case+0x14c/0x3d0 [ 35.523343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.524358] kthread+0x24c/0x2d0 [ 35.525056] ret_from_fork+0x10/0x20 [ 35.525811] [ 35.526181] The buggy address belongs to the object at fff00000c591a100 [ 35.526181] which belongs to the cache kmalloc-64 of size 64 [ 35.527657] The buggy address is located 0 bytes to the right of [ 35.527657] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.529172] [ 35.529771] The buggy address belongs to the physical page: [ 35.530467] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.531644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.532457] page_type: f5(slab) [ 35.533285] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.534369] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.535402] page dumped because: kasan: bad access detected [ 35.536264] [ 35.536786] Memory state around the buggy address: [ 35.537401] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.538522] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.539368] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.540433] ^ [ 35.541240] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.542257] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.543293] ================================================================== [ 37.780804] ================================================================== [ 37.781603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 37.782381] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.783627] [ 37.783998] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.784995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.785643] Hardware name: linux,dummy-virt (DT) [ 37.786257] Call trace: [ 37.786711] show_stack+0x20/0x38 (C) [ 37.787266] dump_stack_lvl+0x8c/0xd0 [ 37.787934] print_report+0x118/0x5e0 [ 37.788531] kasan_report+0xc8/0x118 [ 37.789104] kasan_check_range+0x100/0x1a8 [ 37.789713] __kasan_check_write+0x20/0x30 [ 37.790270] kasan_atomics_helper+0x16d0/0x4858 [ 37.791012] kasan_atomics+0x198/0x2e8 [ 37.791572] kunit_try_run_case+0x14c/0x3d0 [ 37.792282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.792968] kthread+0x24c/0x2d0 [ 37.793545] ret_from_fork+0x10/0x20 [ 37.794196] [ 37.794558] Allocated by task 254: [ 37.795008] kasan_save_stack+0x3c/0x68 [ 37.795676] kasan_save_track+0x20/0x40 [ 37.796197] kasan_save_alloc_info+0x40/0x58 [ 37.796856] __kasan_kmalloc+0xd4/0xd8 [ 37.797486] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.798078] kasan_atomics+0xb8/0x2e8 [ 37.798692] kunit_try_run_case+0x14c/0x3d0 [ 37.799317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.799882] kthread+0x24c/0x2d0 [ 37.800468] ret_from_fork+0x10/0x20 [ 37.801036] [ 37.801409] The buggy address belongs to the object at fff00000c591a100 [ 37.801409] which belongs to the cache kmalloc-64 of size 64 [ 37.802585] The buggy address is located 0 bytes to the right of [ 37.802585] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.803861] [ 37.804257] The buggy address belongs to the physical page: [ 37.805002] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.805934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.806736] page_type: f5(slab) [ 37.807316] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.808039] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.808990] page dumped because: kasan: bad access detected [ 37.809719] [ 37.810057] Memory state around the buggy address: [ 37.810740] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.811509] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.812299] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.813150] ^ [ 37.813719] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.814566] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.815375] ================================================================== [ 36.676038] ================================================================== [ 36.676700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 36.677738] Write of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.678657] [ 36.679068] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.680388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.681060] Hardware name: linux,dummy-virt (DT) [ 36.681765] Call trace: [ 36.682219] show_stack+0x20/0x38 (C) [ 36.682864] dump_stack_lvl+0x8c/0xd0 [ 36.683562] print_report+0x118/0x5e0 [ 36.684209] kasan_report+0xc8/0x118 [ 36.684794] kasan_check_range+0x100/0x1a8 [ 36.685514] __kasan_check_write+0x20/0x30 [ 36.686140] kasan_atomics_helper+0xca0/0x4858 [ 36.686896] kasan_atomics+0x198/0x2e8 [ 36.687553] kunit_try_run_case+0x14c/0x3d0 [ 36.688234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.689092] kthread+0x24c/0x2d0 [ 36.689647] ret_from_fork+0x10/0x20 [ 36.690325] [ 36.690732] Allocated by task 254: [ 36.691336] kasan_save_stack+0x3c/0x68 [ 36.691889] kasan_save_track+0x20/0x40 [ 36.692561] kasan_save_alloc_info+0x40/0x58 [ 36.693218] __kasan_kmalloc+0xd4/0xd8 [ 36.693866] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.694766] kasan_atomics+0xb8/0x2e8 [ 36.695316] kunit_try_run_case+0x14c/0x3d0 [ 36.695882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.696930] kthread+0x24c/0x2d0 [ 36.697633] ret_from_fork+0x10/0x20 [ 36.698393] [ 36.698997] The buggy address belongs to the object at fff00000c591a100 [ 36.698997] which belongs to the cache kmalloc-64 of size 64 [ 36.700284] The buggy address is located 0 bytes to the right of [ 36.700284] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.701707] [ 36.702323] The buggy address belongs to the physical page: [ 36.702984] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.703858] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.704993] page_type: f5(slab) [ 36.705718] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.706799] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.707821] page dumped because: kasan: bad access detected [ 36.708672] [ 36.709022] Memory state around the buggy address: [ 36.709682] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.710482] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.711668] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.712664] ^ [ 36.713479] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.714470] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.715428] ================================================================== [ 36.639006] ================================================================== [ 36.639721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 36.640731] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.641545] [ 36.641830] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.642878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.643443] Hardware name: linux,dummy-virt (DT) [ 36.644158] Call trace: [ 36.644650] show_stack+0x20/0x38 (C) [ 36.645248] dump_stack_lvl+0x8c/0xd0 [ 36.645944] print_report+0x118/0x5e0 [ 36.646553] kasan_report+0xc8/0x118 [ 36.647224] __asan_report_load4_noabort+0x20/0x30 [ 36.648014] kasan_atomics_helper+0x3de4/0x4858 [ 36.648684] kasan_atomics+0x198/0x2e8 [ 36.649396] kunit_try_run_case+0x14c/0x3d0 [ 36.649986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.650830] kthread+0x24c/0x2d0 [ 36.651430] ret_from_fork+0x10/0x20 [ 36.652122] [ 36.652498] Allocated by task 254: [ 36.652987] kasan_save_stack+0x3c/0x68 [ 36.653661] kasan_save_track+0x20/0x40 [ 36.654313] kasan_save_alloc_info+0x40/0x58 [ 36.655021] __kasan_kmalloc+0xd4/0xd8 [ 36.655653] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.656289] kasan_atomics+0xb8/0x2e8 [ 36.656959] kunit_try_run_case+0x14c/0x3d0 [ 36.657610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.658338] kthread+0x24c/0x2d0 [ 36.658963] ret_from_fork+0x10/0x20 [ 36.659493] [ 36.659863] The buggy address belongs to the object at fff00000c591a100 [ 36.659863] which belongs to the cache kmalloc-64 of size 64 [ 36.661170] The buggy address is located 0 bytes to the right of [ 36.661170] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.662493] [ 36.662880] The buggy address belongs to the physical page: [ 36.663504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.664480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.665365] page_type: f5(slab) [ 36.665840] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.666830] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.667709] page dumped because: kasan: bad access detected [ 36.668418] [ 36.668764] Memory state around the buggy address: [ 36.669417] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.670290] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.671180] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.672003] ^ [ 36.672655] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.673492] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.674310] ================================================================== [ 36.946594] ================================================================== [ 36.948226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 36.949467] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.950350] [ 36.950771] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.951694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.952314] Hardware name: linux,dummy-virt (DT) [ 36.952988] Call trace: [ 36.953380] show_stack+0x20/0x38 (C) [ 36.953942] dump_stack_lvl+0x8c/0xd0 [ 36.954577] print_report+0x118/0x5e0 [ 36.955154] kasan_report+0xc8/0x118 [ 36.955709] __asan_report_store8_noabort+0x20/0x30 [ 36.956338] kasan_atomics_helper+0x3e5c/0x4858 [ 36.957054] kasan_atomics+0x198/0x2e8 [ 36.957585] kunit_try_run_case+0x14c/0x3d0 [ 36.958244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.959070] kthread+0x24c/0x2d0 [ 36.959668] ret_from_fork+0x10/0x20 [ 36.960318] [ 36.960656] Allocated by task 254: [ 36.961486] kasan_save_stack+0x3c/0x68 [ 36.962335] kasan_save_track+0x20/0x40 [ 36.962846] kasan_save_alloc_info+0x40/0x58 [ 36.963583] __kasan_kmalloc+0xd4/0xd8 [ 36.964138] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.964751] kasan_atomics+0xb8/0x2e8 [ 36.965791] kunit_try_run_case+0x14c/0x3d0 [ 36.966623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.967514] kthread+0x24c/0x2d0 [ 36.968210] ret_from_fork+0x10/0x20 [ 36.968965] [ 36.969486] The buggy address belongs to the object at fff00000c591a100 [ 36.969486] which belongs to the cache kmalloc-64 of size 64 [ 36.970848] The buggy address is located 0 bytes to the right of [ 36.970848] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.972291] [ 36.972650] The buggy address belongs to the physical page: [ 36.973392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.974696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.975638] page_type: f5(slab) [ 36.976386] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.977449] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.978485] page dumped because: kasan: bad access detected [ 36.979347] [ 36.979857] Memory state around the buggy address: [ 36.980625] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.981468] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.982274] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.983370] ^ [ 36.983816] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.984860] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.985653] ================================================================== [ 35.664183] ================================================================== [ 35.665174] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 35.665975] Read of size 4 at addr fff00000c591a130 by task kunit_try_catch/254 [ 35.666848] [ 35.668602] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.669665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.670233] Hardware name: linux,dummy-virt (DT) [ 35.670868] Call trace: [ 35.671253] show_stack+0x20/0x38 (C) [ 35.671875] dump_stack_lvl+0x8c/0xd0 [ 35.672418] print_report+0x118/0x5e0 [ 35.673045] kasan_report+0xc8/0x118 [ 35.673576] __asan_report_load4_noabort+0x20/0x30 [ 35.674263] kasan_atomics_helper+0x40fc/0x4858 [ 35.675600] kasan_atomics+0x198/0x2e8 [ 35.676523] kunit_try_run_case+0x14c/0x3d0 [ 35.677235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.677838] kthread+0x24c/0x2d0 [ 35.678984] ret_from_fork+0x10/0x20 [ 35.679771] [ 35.680299] Allocated by task 254: [ 35.680839] kasan_save_stack+0x3c/0x68 [ 35.681692] kasan_save_track+0x20/0x40 [ 35.682301] kasan_save_alloc_info+0x40/0x58 [ 35.683189] __kasan_kmalloc+0xd4/0xd8 [ 35.683962] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.684613] kasan_atomics+0xb8/0x2e8 [ 35.685433] kunit_try_run_case+0x14c/0x3d0 [ 35.686095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.687063] kthread+0x24c/0x2d0 [ 35.687778] ret_from_fork+0x10/0x20 [ 35.688554] [ 35.688925] The buggy address belongs to the object at fff00000c591a100 [ 35.688925] which belongs to the cache kmalloc-64 of size 64 [ 35.690523] The buggy address is located 0 bytes to the right of [ 35.690523] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 35.691822] [ 35.692362] The buggy address belongs to the physical page: [ 35.693121] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 35.694079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.694818] page_type: f5(slab) [ 35.695467] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 35.696570] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 35.697461] page dumped because: kasan: bad access detected [ 35.698141] [ 35.698551] Memory state around the buggy address: [ 35.699147] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.699976] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 35.700878] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 35.701717] ^ [ 35.702324] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.703107] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.703873] ================================================================== [ 37.287506] ================================================================== [ 37.288850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 37.289710] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 37.291393] [ 37.291842] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 37.293031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.293590] Hardware name: linux,dummy-virt (DT) [ 37.294297] Call trace: [ 37.294806] show_stack+0x20/0x38 (C) [ 37.295482] dump_stack_lvl+0x8c/0xd0 [ 37.296186] print_report+0x118/0x5e0 [ 37.296868] kasan_report+0xc8/0x118 [ 37.297550] kasan_check_range+0x100/0x1a8 [ 37.298262] __kasan_check_write+0x20/0x30 [ 37.298968] kasan_atomics_helper+0x11f8/0x4858 [ 37.299620] kasan_atomics+0x198/0x2e8 [ 37.300285] kunit_try_run_case+0x14c/0x3d0 [ 37.300994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.301680] kthread+0x24c/0x2d0 [ 37.302197] ret_from_fork+0x10/0x20 [ 37.302842] [ 37.303220] Allocated by task 254: [ 37.303714] kasan_save_stack+0x3c/0x68 [ 37.304241] kasan_save_track+0x20/0x40 [ 37.304856] kasan_save_alloc_info+0x40/0x58 [ 37.305469] __kasan_kmalloc+0xd4/0xd8 [ 37.306097] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.306654] kasan_atomics+0xb8/0x2e8 [ 37.307270] kunit_try_run_case+0x14c/0x3d0 [ 37.307869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.308513] kthread+0x24c/0x2d0 [ 37.309097] ret_from_fork+0x10/0x20 [ 37.309576] [ 37.309966] The buggy address belongs to the object at fff00000c591a100 [ 37.309966] which belongs to the cache kmalloc-64 of size 64 [ 37.311108] The buggy address is located 0 bytes to the right of [ 37.311108] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 37.312391] [ 37.312760] The buggy address belongs to the physical page: [ 37.313937] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 37.314840] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.315866] page_type: f5(slab) [ 37.316430] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 37.316831] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 37.317535] page dumped because: kasan: bad access detected [ 37.318227] [ 37.318547] Memory state around the buggy address: [ 37.319235] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.320162] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 37.320925] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 37.321701] ^ [ 37.322265] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.323080] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.323924] ================================================================== [ 36.909302] ================================================================== [ 36.910076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 36.910797] Write of size 8 at addr fff00000c591a130 by task kunit_try_catch/254 [ 36.911638] [ 36.912029] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 36.913120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.913726] Hardware name: linux,dummy-virt (DT) [ 36.914403] Call trace: [ 36.914826] show_stack+0x20/0x38 (C) [ 36.915490] dump_stack_lvl+0x8c/0xd0 [ 36.916084] print_report+0x118/0x5e0 [ 36.916694] kasan_report+0xc8/0x118 [ 36.917342] kasan_check_range+0x100/0x1a8 [ 36.918023] __kasan_check_write+0x20/0x30 [ 36.918710] kasan_atomics_helper+0xe44/0x4858 [ 36.919362] kasan_atomics+0x198/0x2e8 [ 36.920028] kunit_try_run_case+0x14c/0x3d0 [ 36.920633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.921464] kthread+0x24c/0x2d0 [ 36.922082] ret_from_fork+0x10/0x20 [ 36.922647] [ 36.923035] Allocated by task 254: [ 36.923569] kasan_save_stack+0x3c/0x68 [ 36.924191] kasan_save_track+0x20/0x40 [ 36.924711] kasan_save_alloc_info+0x40/0x58 [ 36.925392] __kasan_kmalloc+0xd4/0xd8 [ 36.925962] __kmalloc_cache_noprof+0x15c/0x3c8 [ 36.926551] kasan_atomics+0xb8/0x2e8 [ 36.927189] kunit_try_run_case+0x14c/0x3d0 [ 36.927785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.928471] kthread+0x24c/0x2d0 [ 36.929055] ret_from_fork+0x10/0x20 [ 36.929541] [ 36.930265] The buggy address belongs to the object at fff00000c591a100 [ 36.930265] which belongs to the cache kmalloc-64 of size 64 [ 36.931685] The buggy address is located 0 bytes to the right of [ 36.931685] allocated 48-byte region [fff00000c591a100, fff00000c591a130) [ 36.933588] [ 36.933978] The buggy address belongs to the physical page: [ 36.934572] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591a [ 36.935488] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.936227] page_type: f5(slab) [ 36.936785] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 36.937627] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 36.938531] page dumped because: kasan: bad access detected [ 36.939263] [ 36.939633] Memory state around the buggy address: [ 36.940275] fff00000c591a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.941068] fff00000c591a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.941806] >fff00000c591a100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 36.942650] ^ [ 36.943269] fff00000c591a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.944020] fff00000c591a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.944823] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 35.170250] ================================================================== [ 35.171046] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 35.171793] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.172773] [ 35.173244] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.174478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.175135] Hardware name: linux,dummy-virt (DT) [ 35.175726] Call trace: [ 35.176210] show_stack+0x20/0x38 (C) [ 35.176746] dump_stack_lvl+0x8c/0xd0 [ 35.177300] print_report+0x118/0x5e0 [ 35.177890] kasan_report+0xc8/0x118 [ 35.178413] kasan_check_range+0x100/0x1a8 [ 35.179169] __kasan_check_write+0x20/0x30 [ 35.179930] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 35.180829] kasan_bitops_generic+0x11c/0x1c8 [ 35.181532] kunit_try_run_case+0x14c/0x3d0 [ 35.182132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.182988] kthread+0x24c/0x2d0 [ 35.183634] ret_from_fork+0x10/0x20 [ 35.184291] [ 35.184699] Allocated by task 250: [ 35.185315] kasan_save_stack+0x3c/0x68 [ 35.185834] kasan_save_track+0x20/0x40 [ 35.186492] kasan_save_alloc_info+0x40/0x58 [ 35.187163] __kasan_kmalloc+0xd4/0xd8 [ 35.187855] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.188549] kasan_bitops_generic+0xa0/0x1c8 [ 35.189275] kunit_try_run_case+0x14c/0x3d0 [ 35.189992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.190680] kthread+0x24c/0x2d0 [ 35.191288] ret_from_fork+0x10/0x20 [ 35.191850] [ 35.192249] The buggy address belongs to the object at fff00000c57c32c0 [ 35.192249] which belongs to the cache kmalloc-16 of size 16 [ 35.193554] The buggy address is located 8 bytes inside of [ 35.193554] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.194776] [ 35.195201] The buggy address belongs to the physical page: [ 35.196027] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.196882] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.197790] page_type: f5(slab) [ 35.198423] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.199351] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.200146] page dumped because: kasan: bad access detected [ 35.200940] [ 35.201338] Memory state around the buggy address: [ 35.201996] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.202792] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.203711] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.204422] ^ [ 35.205589] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.206501] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.207345] ================================================================== [ 35.249838] ================================================================== [ 35.250615] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 35.251073] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.251438] [ 35.251614] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.252985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.253988] Hardware name: linux,dummy-virt (DT) [ 35.254804] Call trace: [ 35.255236] show_stack+0x20/0x38 (C) [ 35.255995] dump_stack_lvl+0x8c/0xd0 [ 35.256619] print_report+0x118/0x5e0 [ 35.257270] kasan_report+0xc8/0x118 [ 35.257888] kasan_check_range+0x100/0x1a8 [ 35.258582] __kasan_check_write+0x20/0x30 [ 35.259248] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 35.260096] kasan_bitops_generic+0x11c/0x1c8 [ 35.260726] kunit_try_run_case+0x14c/0x3d0 [ 35.261426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.262222] kthread+0x24c/0x2d0 [ 35.262811] ret_from_fork+0x10/0x20 [ 35.263457] [ 35.263811] Allocated by task 250: [ 35.264428] kasan_save_stack+0x3c/0x68 [ 35.265016] kasan_save_track+0x20/0x40 [ 35.265714] kasan_save_alloc_info+0x40/0x58 [ 35.266331] __kasan_kmalloc+0xd4/0xd8 [ 35.267005] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.267653] kasan_bitops_generic+0xa0/0x1c8 [ 35.268362] kunit_try_run_case+0x14c/0x3d0 [ 35.268973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.269772] kthread+0x24c/0x2d0 [ 35.270233] ret_from_fork+0x10/0x20 [ 35.270839] [ 35.271258] The buggy address belongs to the object at fff00000c57c32c0 [ 35.271258] which belongs to the cache kmalloc-16 of size 16 [ 35.273015] The buggy address is located 8 bytes inside of [ 35.273015] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.274303] [ 35.274710] The buggy address belongs to the physical page: [ 35.275399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.276442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.277268] page_type: f5(slab) [ 35.277804] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.278735] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.279609] page dumped because: kasan: bad access detected [ 35.280300] [ 35.280672] Memory state around the buggy address: [ 35.281419] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.282257] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.283048] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.283937] ^ [ 35.284615] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.285572] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.286487] ================================================================== [ 35.123622] ================================================================== [ 35.125242] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 35.126547] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.127814] [ 35.128308] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.129613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.130477] Hardware name: linux,dummy-virt (DT) [ 35.131322] Call trace: [ 35.131973] show_stack+0x20/0x38 (C) [ 35.132784] dump_stack_lvl+0x8c/0xd0 [ 35.133683] print_report+0x118/0x5e0 [ 35.134256] kasan_report+0xc8/0x118 [ 35.134865] __asan_report_load8_noabort+0x20/0x30 [ 35.136013] kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 35.137074] kasan_bitops_generic+0x11c/0x1c8 [ 35.137896] kunit_try_run_case+0x14c/0x3d0 [ 35.138730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.139665] kthread+0x24c/0x2d0 [ 35.141079] ret_from_fork+0x10/0x20 [ 35.141378] [ 35.141538] Allocated by task 250: [ 35.141767] kasan_save_stack+0x3c/0x68 [ 35.142821] kasan_save_track+0x20/0x40 [ 35.143543] kasan_save_alloc_info+0x40/0x58 [ 35.144256] __kasan_kmalloc+0xd4/0xd8 [ 35.144832] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.145652] kasan_bitops_generic+0xa0/0x1c8 [ 35.146390] kunit_try_run_case+0x14c/0x3d0 [ 35.147171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.147849] kthread+0x24c/0x2d0 [ 35.148475] ret_from_fork+0x10/0x20 [ 35.149065] [ 35.149726] The buggy address belongs to the object at fff00000c57c32c0 [ 35.149726] which belongs to the cache kmalloc-16 of size 16 [ 35.152128] The buggy address is located 8 bytes inside of [ 35.152128] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.153555] [ 35.153938] The buggy address belongs to the physical page: [ 35.154672] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.155707] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.157048] page_type: f5(slab) [ 35.157474] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.158173] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.158968] page dumped because: kasan: bad access detected [ 35.159582] [ 35.159973] Memory state around the buggy address: [ 35.160867] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.161684] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.162422] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.163582] ^ [ 35.164751] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.165895] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.166702] ================================================================== [ 35.328505] ================================================================== [ 35.329341] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 35.330432] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.331372] [ 35.331788] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.333113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.333845] Hardware name: linux,dummy-virt (DT) [ 35.334541] Call trace: [ 35.335099] show_stack+0x20/0x38 (C) [ 35.335832] dump_stack_lvl+0x8c/0xd0 [ 35.336537] print_report+0x118/0x5e0 [ 35.337220] kasan_report+0xc8/0x118 [ 35.337950] kasan_check_range+0x100/0x1a8 [ 35.338683] __kasan_check_write+0x20/0x30 [ 35.339421] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 35.340364] kasan_bitops_generic+0x11c/0x1c8 [ 35.341117] kunit_try_run_case+0x14c/0x3d0 [ 35.341885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.342610] kthread+0x24c/0x2d0 [ 35.343199] ret_from_fork+0x10/0x20 [ 35.343879] [ 35.344309] Allocated by task 250: [ 35.344790] kasan_save_stack+0x3c/0x68 [ 35.345547] kasan_save_track+0x20/0x40 [ 35.346160] kasan_save_alloc_info+0x40/0x58 [ 35.346792] __kasan_kmalloc+0xd4/0xd8 [ 35.347457] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.348080] kasan_bitops_generic+0xa0/0x1c8 [ 35.348781] kunit_try_run_case+0x14c/0x3d0 [ 35.349417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.350197] kthread+0x24c/0x2d0 [ 35.350712] ret_from_fork+0x10/0x20 [ 35.351365] [ 35.351748] The buggy address belongs to the object at fff00000c57c32c0 [ 35.351748] which belongs to the cache kmalloc-16 of size 16 [ 35.352978] The buggy address is located 8 bytes inside of [ 35.352978] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.354270] [ 35.354724] The buggy address belongs to the physical page: [ 35.355335] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.356380] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.357147] page_type: f5(slab) [ 35.357756] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.358662] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.359564] page dumped because: kasan: bad access detected [ 35.360265] [ 35.360612] Memory state around the buggy address: [ 35.361310] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.362185] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.363072] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.363894] ^ [ 35.364589] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.365509] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.366291] ================================================================== [ 35.209318] ================================================================== [ 35.211180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 35.212063] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.213133] [ 35.213545] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.214652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.215229] Hardware name: linux,dummy-virt (DT) [ 35.215851] Call trace: [ 35.216315] show_stack+0x20/0x38 (C) [ 35.216989] dump_stack_lvl+0x8c/0xd0 [ 35.217620] print_report+0x118/0x5e0 [ 35.218235] kasan_report+0xc8/0x118 [ 35.218760] __asan_report_load8_noabort+0x20/0x30 [ 35.219468] kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 35.220291] kasan_bitops_generic+0x11c/0x1c8 [ 35.221117] kunit_try_run_case+0x14c/0x3d0 [ 35.221713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.222443] kthread+0x24c/0x2d0 [ 35.223100] ret_from_fork+0x10/0x20 [ 35.223725] [ 35.224133] Allocated by task 250: [ 35.224746] kasan_save_stack+0x3c/0x68 [ 35.225416] kasan_save_track+0x20/0x40 [ 35.226080] kasan_save_alloc_info+0x40/0x58 [ 35.226698] __kasan_kmalloc+0xd4/0xd8 [ 35.227339] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.228025] kasan_bitops_generic+0xa0/0x1c8 [ 35.228736] kunit_try_run_case+0x14c/0x3d0 [ 35.229339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.230164] kthread+0x24c/0x2d0 [ 35.230676] ret_from_fork+0x10/0x20 [ 35.231334] [ 35.231714] The buggy address belongs to the object at fff00000c57c32c0 [ 35.231714] which belongs to the cache kmalloc-16 of size 16 [ 35.233035] The buggy address is located 8 bytes inside of [ 35.233035] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.234302] [ 35.234722] The buggy address belongs to the physical page: [ 35.235542] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.236453] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.237248] page_type: f5(slab) [ 35.237843] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.238736] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.239624] page dumped because: kasan: bad access detected [ 35.240314] [ 35.240701] Memory state around the buggy address: [ 35.241395] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.242265] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.243164] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.243988] ^ [ 35.244674] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.245589] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.246433] ================================================================== [ 35.405682] ================================================================== [ 35.406535] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 35.407812] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.408559] [ 35.409027] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.410195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.410783] Hardware name: linux,dummy-virt (DT) [ 35.411370] Call trace: [ 35.411867] show_stack+0x20/0x38 (C) [ 35.412500] dump_stack_lvl+0x8c/0xd0 [ 35.413099] print_report+0x118/0x5e0 [ 35.413794] kasan_report+0xc8/0x118 [ 35.414431] __asan_report_load8_noabort+0x20/0x30 [ 35.415117] kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 35.416039] kasan_bitops_generic+0x11c/0x1c8 [ 35.416696] kunit_try_run_case+0x14c/0x3d0 [ 35.417362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.418253] kthread+0x24c/0x2d0 [ 35.418751] ret_from_fork+0x10/0x20 [ 35.419425] [ 35.420088] Allocated by task 250: [ 35.420758] kasan_save_stack+0x3c/0x68 [ 35.421292] kasan_save_track+0x20/0x40 [ 35.421843] kasan_save_alloc_info+0x40/0x58 [ 35.422577] __kasan_kmalloc+0xd4/0xd8 [ 35.423084] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.423700] kasan_bitops_generic+0xa0/0x1c8 [ 35.424292] kunit_try_run_case+0x14c/0x3d0 [ 35.424832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.425655] kthread+0x24c/0x2d0 [ 35.426233] ret_from_fork+0x10/0x20 [ 35.426741] [ 35.427126] The buggy address belongs to the object at fff00000c57c32c0 [ 35.427126] which belongs to the cache kmalloc-16 of size 16 [ 35.428339] The buggy address is located 8 bytes inside of [ 35.428339] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.429359] [ 35.429731] The buggy address belongs to the physical page: [ 35.430480] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.431337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.432115] page_type: f5(slab) [ 35.432673] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.433551] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.434518] page dumped because: kasan: bad access detected [ 35.435206] [ 35.435576] Memory state around the buggy address: [ 35.436246] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.437056] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.437935] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.438708] ^ [ 35.439297] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.440214] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.440989] ================================================================== [ 35.368052] ================================================================== [ 35.368924] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 35.370017] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.370993] [ 35.371427] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.372425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.373112] Hardware name: linux,dummy-virt (DT) [ 35.373726] Call trace: [ 35.374276] show_stack+0x20/0x38 (C) [ 35.374945] dump_stack_lvl+0x8c/0xd0 [ 35.375663] print_report+0x118/0x5e0 [ 35.376286] kasan_report+0xc8/0x118 [ 35.376971] __asan_report_load8_noabort+0x20/0x30 [ 35.377602] kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 35.378502] kasan_bitops_generic+0x11c/0x1c8 [ 35.379130] kunit_try_run_case+0x14c/0x3d0 [ 35.379850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.380600] kthread+0x24c/0x2d0 [ 35.381186] ret_from_fork+0x10/0x20 [ 35.381820] [ 35.382255] Allocated by task 250: [ 35.382838] kasan_save_stack+0x3c/0x68 [ 35.383472] kasan_save_track+0x20/0x40 [ 35.384142] kasan_save_alloc_info+0x40/0x58 [ 35.384777] __kasan_kmalloc+0xd4/0xd8 [ 35.385487] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.386120] kasan_bitops_generic+0xa0/0x1c8 [ 35.386798] kunit_try_run_case+0x14c/0x3d0 [ 35.387441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.388212] kthread+0x24c/0x2d0 [ 35.388764] ret_from_fork+0x10/0x20 [ 35.389320] [ 35.389729] The buggy address belongs to the object at fff00000c57c32c0 [ 35.389729] which belongs to the cache kmalloc-16 of size 16 [ 35.390955] The buggy address is located 8 bytes inside of [ 35.390955] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.392220] [ 35.392621] The buggy address belongs to the physical page: [ 35.393272] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.394226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.395097] page_type: f5(slab) [ 35.395676] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.396541] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.397427] page dumped because: kasan: bad access detected [ 35.398144] [ 35.398526] Memory state around the buggy address: [ 35.399107] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.400025] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.400874] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.401706] ^ [ 35.402421] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.403281] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.404107] ================================================================== [ 35.289086] ================================================================== [ 35.289795] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 35.290751] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.291423] [ 35.291871] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.293139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.293733] Hardware name: linux,dummy-virt (DT) [ 35.294422] Call trace: [ 35.294941] show_stack+0x20/0x38 (C) [ 35.295534] dump_stack_lvl+0x8c/0xd0 [ 35.296233] print_report+0x118/0x5e0 [ 35.296865] kasan_report+0xc8/0x118 [ 35.297558] __asan_report_load8_noabort+0x20/0x30 [ 35.298252] kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 35.299120] kasan_bitops_generic+0x11c/0x1c8 [ 35.299822] kunit_try_run_case+0x14c/0x3d0 [ 35.300465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.301285] kthread+0x24c/0x2d0 [ 35.301863] ret_from_fork+0x10/0x20 [ 35.302506] [ 35.302931] Allocated by task 250: [ 35.303439] kasan_save_stack+0x3c/0x68 [ 35.304069] kasan_save_track+0x20/0x40 [ 35.304729] kasan_save_alloc_info+0x40/0x58 [ 35.305408] __kasan_kmalloc+0xd4/0xd8 [ 35.306075] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.306685] kasan_bitops_generic+0xa0/0x1c8 [ 35.307390] kunit_try_run_case+0x14c/0x3d0 [ 35.308004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.308815] kthread+0x24c/0x2d0 [ 35.309337] ret_from_fork+0x10/0x20 [ 35.309987] [ 35.310363] The buggy address belongs to the object at fff00000c57c32c0 [ 35.310363] which belongs to the cache kmalloc-16 of size 16 [ 35.311693] The buggy address is located 8 bytes inside of [ 35.311693] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.312946] [ 35.313327] The buggy address belongs to the physical page: [ 35.313990] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.315046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.315924] page_type: f5(slab) [ 35.316406] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.317500] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.318355] page dumped because: kasan: bad access detected [ 35.319049] [ 35.319455] Memory state around the buggy address: [ 35.320097] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.320857] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.321779] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.322617] ^ [ 35.323311] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.324175] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.325012] ================================================================== [ 35.081189] ================================================================== [ 35.081783] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 35.082519] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.083471] [ 35.083878] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.086078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.086766] Hardware name: linux,dummy-virt (DT) [ 35.087519] Call trace: [ 35.087990] show_stack+0x20/0x38 (C) [ 35.088884] dump_stack_lvl+0x8c/0xd0 [ 35.089755] print_report+0x118/0x5e0 [ 35.090327] kasan_report+0xc8/0x118 [ 35.091029] kasan_check_range+0x100/0x1a8 [ 35.091607] __kasan_check_write+0x20/0x30 [ 35.092279] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 35.093581] kasan_bitops_generic+0x11c/0x1c8 [ 35.094050] kunit_try_run_case+0x14c/0x3d0 [ 35.094611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.095283] kthread+0x24c/0x2d0 [ 35.095875] ret_from_fork+0x10/0x20 [ 35.096815] [ 35.097206] Allocated by task 250: [ 35.097795] kasan_save_stack+0x3c/0x68 [ 35.098294] kasan_save_track+0x20/0x40 [ 35.098763] kasan_save_alloc_info+0x40/0x58 [ 35.099449] __kasan_kmalloc+0xd4/0xd8 [ 35.100072] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.100756] kasan_bitops_generic+0xa0/0x1c8 [ 35.101436] kunit_try_run_case+0x14c/0x3d0 [ 35.102031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.103798] kthread+0x24c/0x2d0 [ 35.104516] ret_from_fork+0x10/0x20 [ 35.105088] [ 35.105368] The buggy address belongs to the object at fff00000c57c32c0 [ 35.105368] which belongs to the cache kmalloc-16 of size 16 [ 35.106427] The buggy address is located 8 bytes inside of [ 35.106427] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.107879] [ 35.108335] The buggy address belongs to the physical page: [ 35.109445] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.110586] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.111533] page_type: f5(slab) [ 35.112217] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.113715] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.114470] page dumped because: kasan: bad access detected [ 35.115437] [ 35.115966] Memory state around the buggy address: [ 35.117023] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.117820] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.118406] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.119216] ^ [ 35.120051] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.121376] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.121931] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 34.863639] ================================================================== [ 34.864448] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 34.865704] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.867610] [ 34.868079] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.869203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.869729] Hardware name: linux,dummy-virt (DT) [ 34.870759] Call trace: [ 34.871230] show_stack+0x20/0x38 (C) [ 34.871802] dump_stack_lvl+0x8c/0xd0 [ 34.872720] print_report+0x118/0x5e0 [ 34.874004] kasan_report+0xc8/0x118 [ 34.874601] kasan_check_range+0x100/0x1a8 [ 34.875295] __kasan_check_write+0x20/0x30 [ 34.875948] kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 34.877024] kasan_bitops_generic+0x110/0x1c8 [ 34.877786] kunit_try_run_case+0x14c/0x3d0 [ 34.878243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.878607] kthread+0x24c/0x2d0 [ 34.878867] ret_from_fork+0x10/0x20 [ 34.879510] [ 34.880013] Allocated by task 250: [ 34.881010] kasan_save_stack+0x3c/0x68 [ 34.881715] kasan_save_track+0x20/0x40 [ 34.882343] kasan_save_alloc_info+0x40/0x58 [ 34.883027] __kasan_kmalloc+0xd4/0xd8 [ 34.883924] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.885223] kasan_bitops_generic+0xa0/0x1c8 [ 34.885770] kunit_try_run_case+0x14c/0x3d0 [ 34.886524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.887367] kthread+0x24c/0x2d0 [ 34.888048] ret_from_fork+0x10/0x20 [ 34.888993] [ 34.889467] The buggy address belongs to the object at fff00000c57c32c0 [ 34.889467] which belongs to the cache kmalloc-16 of size 16 [ 34.890383] The buggy address is located 8 bytes inside of [ 34.890383] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.891796] [ 34.892198] The buggy address belongs to the physical page: [ 34.893241] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.894185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.894868] page_type: f5(slab) [ 34.895535] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.896855] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.897503] page dumped because: kasan: bad access detected [ 34.898132] [ 34.898713] Memory state around the buggy address: [ 34.899493] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.900252] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.901502] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.902348] ^ [ 34.903149] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.904048] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.904891] ================================================================== [ 34.906027] ================================================================== [ 34.906724] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 34.909327] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.910302] [ 34.910726] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.913154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.913967] Hardware name: linux,dummy-virt (DT) [ 34.914611] Call trace: [ 34.915094] show_stack+0x20/0x38 (C) [ 34.915800] dump_stack_lvl+0x8c/0xd0 [ 34.916566] print_report+0x118/0x5e0 [ 34.917067] kasan_report+0xc8/0x118 [ 34.917694] __asan_report_load8_noabort+0x20/0x30 [ 34.918319] kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 34.918926] kasan_bitops_generic+0x110/0x1c8 [ 34.919615] kunit_try_run_case+0x14c/0x3d0 [ 34.920317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.921206] kthread+0x24c/0x2d0 [ 34.921797] ret_from_fork+0x10/0x20 [ 34.922463] [ 34.922835] Allocated by task 250: [ 34.924193] kasan_save_stack+0x3c/0x68 [ 34.924779] kasan_save_track+0x20/0x40 [ 34.925462] kasan_save_alloc_info+0x40/0x58 [ 34.926471] __kasan_kmalloc+0xd4/0xd8 [ 34.927025] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.927701] kasan_bitops_generic+0xa0/0x1c8 [ 34.928303] kunit_try_run_case+0x14c/0x3d0 [ 34.928937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.929715] kthread+0x24c/0x2d0 [ 34.931174] ret_from_fork+0x10/0x20 [ 34.931708] [ 34.932097] The buggy address belongs to the object at fff00000c57c32c0 [ 34.932097] which belongs to the cache kmalloc-16 of size 16 [ 34.933689] The buggy address is located 8 bytes inside of [ 34.933689] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.934924] [ 34.935293] The buggy address belongs to the physical page: [ 34.935877] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.937130] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.937867] page_type: f5(slab) [ 34.938313] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.940253] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.941474] page dumped because: kasan: bad access detected [ 34.942071] [ 34.942434] Memory state around the buggy address: [ 34.943049] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.943792] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.944823] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.945596] ^ [ 34.946268] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.947543] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.948840] ================================================================== [ 35.038201] ================================================================== [ 35.038861] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 35.039550] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 35.040285] [ 35.040699] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.042369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.042836] Hardware name: linux,dummy-virt (DT) [ 35.043516] Call trace: [ 35.043979] show_stack+0x20/0x38 (C) [ 35.045355] dump_stack_lvl+0x8c/0xd0 [ 35.046074] print_report+0x118/0x5e0 [ 35.046759] kasan_report+0xc8/0x118 [ 35.047436] __asan_report_load8_noabort+0x20/0x30 [ 35.048219] kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 35.049481] kasan_bitops_generic+0x110/0x1c8 [ 35.050093] kunit_try_run_case+0x14c/0x3d0 [ 35.050824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.051565] kthread+0x24c/0x2d0 [ 35.052202] ret_from_fork+0x10/0x20 [ 35.053048] [ 35.053671] Allocated by task 250: [ 35.054770] kasan_save_stack+0x3c/0x68 [ 35.055385] kasan_save_track+0x20/0x40 [ 35.055884] kasan_save_alloc_info+0x40/0x58 [ 35.056731] __kasan_kmalloc+0xd4/0xd8 [ 35.057351] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.058171] kasan_bitops_generic+0xa0/0x1c8 [ 35.058884] kunit_try_run_case+0x14c/0x3d0 [ 35.059418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.060204] kthread+0x24c/0x2d0 [ 35.061073] ret_from_fork+0x10/0x20 [ 35.062366] [ 35.062973] The buggy address belongs to the object at fff00000c57c32c0 [ 35.062973] which belongs to the cache kmalloc-16 of size 16 [ 35.064204] The buggy address is located 8 bytes inside of [ 35.064204] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.066123] [ 35.066537] The buggy address belongs to the physical page: [ 35.067319] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.068462] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.069357] page_type: f5(slab) [ 35.069766] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.070561] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.071212] page dumped because: kasan: bad access detected [ 35.071973] [ 35.072342] Memory state around the buggy address: [ 35.073615] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.074334] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.075176] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.076081] ^ [ 35.077132] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.078151] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.079481] ================================================================== [ 34.637750] ================================================================== [ 34.638781] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 34.639612] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.640445] [ 34.641120] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.642680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.643309] Hardware name: linux,dummy-virt (DT) [ 34.643785] Call trace: [ 34.644165] show_stack+0x20/0x38 (C) [ 34.645734] dump_stack_lvl+0x8c/0xd0 [ 34.646560] print_report+0x118/0x5e0 [ 34.647292] kasan_report+0xc8/0x118 [ 34.648052] kasan_check_range+0x100/0x1a8 [ 34.649494] __kasan_check_write+0x20/0x30 [ 34.650170] kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 34.650973] kasan_bitops_generic+0x110/0x1c8 [ 34.651631] kunit_try_run_case+0x14c/0x3d0 [ 34.652203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.652814] kthread+0x24c/0x2d0 [ 34.653829] ret_from_fork+0x10/0x20 [ 34.654462] [ 34.654825] Allocated by task 250: [ 34.655428] kasan_save_stack+0x3c/0x68 [ 34.656073] kasan_save_track+0x20/0x40 [ 34.656762] kasan_save_alloc_info+0x40/0x58 [ 34.657391] __kasan_kmalloc+0xd4/0xd8 [ 34.657877] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.659414] kasan_bitops_generic+0xa0/0x1c8 [ 34.659940] kunit_try_run_case+0x14c/0x3d0 [ 34.660506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.661234] kthread+0x24c/0x2d0 [ 34.661808] ret_from_fork+0x10/0x20 [ 34.662723] [ 34.663070] The buggy address belongs to the object at fff00000c57c32c0 [ 34.663070] which belongs to the cache kmalloc-16 of size 16 [ 34.665205] The buggy address is located 8 bytes inside of [ 34.665205] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.666477] [ 34.666863] The buggy address belongs to the physical page: [ 34.667831] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.668836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.669728] page_type: f5(slab) [ 34.670300] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.671250] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.672048] page dumped because: kasan: bad access detected [ 34.673590] [ 34.673931] Memory state around the buggy address: [ 34.674492] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.675342] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.676168] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.677392] ^ [ 34.678048] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.678824] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.679615] ================================================================== [ 34.950708] ================================================================== [ 34.951622] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 34.952391] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.953249] [ 34.953665] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.955281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.956013] Hardware name: linux,dummy-virt (DT) [ 34.956677] Call trace: [ 34.957130] show_stack+0x20/0x38 (C) [ 34.957790] dump_stack_lvl+0x8c/0xd0 [ 34.959225] print_report+0x118/0x5e0 [ 34.959760] kasan_report+0xc8/0x118 [ 34.960622] kasan_check_range+0x100/0x1a8 [ 34.961307] __kasan_check_write+0x20/0x30 [ 34.962189] kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 34.963044] kasan_bitops_generic+0x110/0x1c8 [ 34.963720] kunit_try_run_case+0x14c/0x3d0 [ 34.965164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.965876] kthread+0x24c/0x2d0 [ 34.966428] ret_from_fork+0x10/0x20 [ 34.967105] [ 34.967454] Allocated by task 250: [ 34.967919] kasan_save_stack+0x3c/0x68 [ 34.968845] kasan_save_track+0x20/0x40 [ 34.969672] kasan_save_alloc_info+0x40/0x58 [ 34.970243] __kasan_kmalloc+0xd4/0xd8 [ 34.970857] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.971483] kasan_bitops_generic+0xa0/0x1c8 [ 34.972097] kunit_try_run_case+0x14c/0x3d0 [ 34.973162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.973873] kthread+0x24c/0x2d0 [ 34.974483] ret_from_fork+0x10/0x20 [ 34.975250] [ 34.975877] The buggy address belongs to the object at fff00000c57c32c0 [ 34.975877] which belongs to the cache kmalloc-16 of size 16 [ 34.977490] The buggy address is located 8 bytes inside of [ 34.977490] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.978487] [ 34.978670] The buggy address belongs to the physical page: [ 34.979043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.979961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.981743] page_type: f5(slab) [ 34.982793] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.983778] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.984888] page dumped because: kasan: bad access detected [ 34.985540] [ 34.985865] Memory state around the buggy address: [ 34.986488] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.987330] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.988111] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.989579] ^ [ 34.990297] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.991765] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.993457] ================================================================== [ 34.995190] ================================================================== [ 34.996859] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 34.997817] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.999255] [ 34.999536] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 35.000993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.002103] Hardware name: linux,dummy-virt (DT) [ 35.002810] Call trace: [ 35.003293] show_stack+0x20/0x38 (C) [ 35.003964] dump_stack_lvl+0x8c/0xd0 [ 35.004679] print_report+0x118/0x5e0 [ 35.005660] kasan_report+0xc8/0x118 [ 35.006516] kasan_check_range+0x100/0x1a8 [ 35.007175] __kasan_check_write+0x20/0x30 [ 35.007485] kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 35.007810] kasan_bitops_generic+0x110/0x1c8 [ 35.008125] kunit_try_run_case+0x14c/0x3d0 [ 35.008874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.010406] kthread+0x24c/0x2d0 [ 35.011005] ret_from_fork+0x10/0x20 [ 35.011614] [ 35.012047] Allocated by task 250: [ 35.012864] kasan_save_stack+0x3c/0x68 [ 35.013652] kasan_save_track+0x20/0x40 [ 35.014286] kasan_save_alloc_info+0x40/0x58 [ 35.014888] __kasan_kmalloc+0xd4/0xd8 [ 35.015627] __kmalloc_cache_noprof+0x15c/0x3c8 [ 35.016735] kasan_bitops_generic+0xa0/0x1c8 [ 35.017244] kunit_try_run_case+0x14c/0x3d0 [ 35.017714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.018566] kthread+0x24c/0x2d0 [ 35.019140] ret_from_fork+0x10/0x20 [ 35.019632] [ 35.020042] The buggy address belongs to the object at fff00000c57c32c0 [ 35.020042] which belongs to the cache kmalloc-16 of size 16 [ 35.021999] The buggy address is located 8 bytes inside of [ 35.021999] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 35.023349] [ 35.023726] The buggy address belongs to the physical page: [ 35.024464] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 35.025364] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.026352] page_type: f5(slab) [ 35.026952] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 35.027861] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 35.029233] page dumped because: kasan: bad access detected [ 35.030140] [ 35.030505] Memory state around the buggy address: [ 35.031136] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 35.031959] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 35.033141] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 35.034111] ^ [ 35.034616] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.035632] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.036931] ================================================================== [ 34.773056] ================================================================== [ 34.774260] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 34.775047] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.776030] [ 34.776878] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.778649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.779167] Hardware name: linux,dummy-virt (DT) [ 34.779699] Call trace: [ 34.780867] show_stack+0x20/0x38 (C) [ 34.781681] dump_stack_lvl+0x8c/0xd0 [ 34.782315] print_report+0x118/0x5e0 [ 34.782947] kasan_report+0xc8/0x118 [ 34.783551] __asan_report_load8_noabort+0x20/0x30 [ 34.784231] kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 34.785000] kasan_bitops_generic+0x110/0x1c8 [ 34.786351] kunit_try_run_case+0x14c/0x3d0 [ 34.787033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.787782] kthread+0x24c/0x2d0 [ 34.788439] ret_from_fork+0x10/0x20 [ 34.789214] [ 34.789594] Allocated by task 250: [ 34.790232] kasan_save_stack+0x3c/0x68 [ 34.790924] kasan_save_track+0x20/0x40 [ 34.791568] kasan_save_alloc_info+0x40/0x58 [ 34.792223] __kasan_kmalloc+0xd4/0xd8 [ 34.792965] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.793683] kasan_bitops_generic+0xa0/0x1c8 [ 34.794407] kunit_try_run_case+0x14c/0x3d0 [ 34.795186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.796057] kthread+0x24c/0x2d0 [ 34.796734] ret_from_fork+0x10/0x20 [ 34.797487] [ 34.797987] The buggy address belongs to the object at fff00000c57c32c0 [ 34.797987] which belongs to the cache kmalloc-16 of size 16 [ 34.799709] The buggy address is located 8 bytes inside of [ 34.799709] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.801204] [ 34.801519] The buggy address belongs to the physical page: [ 34.802188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.802948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.803807] page_type: f5(slab) [ 34.804410] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.806011] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.807074] page dumped because: kasan: bad access detected [ 34.807942] [ 34.808583] Memory state around the buggy address: [ 34.809670] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.810694] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.811703] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.812778] ^ [ 34.813327] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.814082] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.815023] ================================================================== [ 34.682172] ================================================================== [ 34.683635] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 34.685032] Read of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.686070] [ 34.686479] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.687703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.688554] Hardware name: linux,dummy-virt (DT) [ 34.689100] Call trace: [ 34.689454] show_stack+0x20/0x38 (C) [ 34.690063] dump_stack_lvl+0x8c/0xd0 [ 34.690765] print_report+0x118/0x5e0 [ 34.691461] kasan_report+0xc8/0x118 [ 34.692144] __asan_report_load8_noabort+0x20/0x30 [ 34.692938] kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 34.694121] kasan_bitops_generic+0x110/0x1c8 [ 34.694771] kunit_try_run_case+0x14c/0x3d0 [ 34.695553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.696336] kthread+0x24c/0x2d0 [ 34.696936] ret_from_fork+0x10/0x20 [ 34.697480] [ 34.697852] Allocated by task 250: [ 34.699245] kasan_save_stack+0x3c/0x68 [ 34.699857] kasan_save_track+0x20/0x40 [ 34.700724] kasan_save_alloc_info+0x40/0x58 [ 34.701562] __kasan_kmalloc+0xd4/0xd8 [ 34.702169] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.702835] kasan_bitops_generic+0xa0/0x1c8 [ 34.703523] kunit_try_run_case+0x14c/0x3d0 [ 34.704153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.705586] kthread+0x24c/0x2d0 [ 34.705931] ret_from_fork+0x10/0x20 [ 34.706481] [ 34.706925] The buggy address belongs to the object at fff00000c57c32c0 [ 34.706925] which belongs to the cache kmalloc-16 of size 16 [ 34.708575] The buggy address is located 8 bytes inside of [ 34.708575] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.710234] [ 34.710891] The buggy address belongs to the physical page: [ 34.711582] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.713549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.714516] page_type: f5(slab) [ 34.715274] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.716184] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.717649] page dumped because: kasan: bad access detected [ 34.718533] [ 34.719068] Memory state around the buggy address: [ 34.719813] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.720984] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.722478] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.722847] ^ [ 34.723812] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.724978] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.725829] ================================================================== [ 34.817175] ================================================================== [ 34.817859] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 34.818853] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.821082] [ 34.821398] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.823296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.823922] Hardware name: linux,dummy-virt (DT) [ 34.824868] Call trace: [ 34.825373] show_stack+0x20/0x38 (C) [ 34.826043] dump_stack_lvl+0x8c/0xd0 [ 34.826707] print_report+0x118/0x5e0 [ 34.828039] kasan_report+0xc8/0x118 [ 34.828764] kasan_check_range+0x100/0x1a8 [ 34.829444] __kasan_check_write+0x20/0x30 [ 34.829995] kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 34.830627] kasan_bitops_generic+0x110/0x1c8 [ 34.832049] kunit_try_run_case+0x14c/0x3d0 [ 34.833354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.833881] kthread+0x24c/0x2d0 [ 34.834357] ret_from_fork+0x10/0x20 [ 34.835052] [ 34.835489] Allocated by task 250: [ 34.836144] kasan_save_stack+0x3c/0x68 [ 34.836766] kasan_save_track+0x20/0x40 [ 34.837887] kasan_save_alloc_info+0x40/0x58 [ 34.838719] __kasan_kmalloc+0xd4/0xd8 [ 34.839282] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.839873] kasan_bitops_generic+0xa0/0x1c8 [ 34.841110] kunit_try_run_case+0x14c/0x3d0 [ 34.841683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.842879] kthread+0x24c/0x2d0 [ 34.843365] ret_from_fork+0x10/0x20 [ 34.844117] [ 34.844752] The buggy address belongs to the object at fff00000c57c32c0 [ 34.844752] which belongs to the cache kmalloc-16 of size 16 [ 34.846019] The buggy address is located 8 bytes inside of [ 34.846019] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.847553] [ 34.848144] The buggy address belongs to the physical page: [ 34.849038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.849878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.851546] page_type: f5(slab) [ 34.852074] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.853381] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.854224] page dumped because: kasan: bad access detected [ 34.854892] [ 34.855320] Memory state around the buggy address: [ 34.855978] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.857032] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.858583] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.859390] ^ [ 34.860062] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.861272] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.862095] ================================================================== [ 34.727236] ================================================================== [ 34.728019] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 34.728916] Write of size 8 at addr fff00000c57c32c8 by task kunit_try_catch/250 [ 34.729736] [ 34.731287] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.732579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.733264] Hardware name: linux,dummy-virt (DT) [ 34.733843] Call trace: [ 34.734254] show_stack+0x20/0x38 (C) [ 34.734865] dump_stack_lvl+0x8c/0xd0 [ 34.735554] print_report+0x118/0x5e0 [ 34.736075] kasan_report+0xc8/0x118 [ 34.737404] kasan_check_range+0x100/0x1a8 [ 34.738005] __kasan_check_write+0x20/0x30 [ 34.738541] kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 34.739918] kasan_bitops_generic+0x110/0x1c8 [ 34.740756] kunit_try_run_case+0x14c/0x3d0 [ 34.741630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.742547] kthread+0x24c/0x2d0 [ 34.743295] ret_from_fork+0x10/0x20 [ 34.744101] [ 34.744733] Allocated by task 250: [ 34.745271] kasan_save_stack+0x3c/0x68 [ 34.746362] kasan_save_track+0x20/0x40 [ 34.747099] kasan_save_alloc_info+0x40/0x58 [ 34.747639] __kasan_kmalloc+0xd4/0xd8 [ 34.748127] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.749517] kasan_bitops_generic+0xa0/0x1c8 [ 34.750173] kunit_try_run_case+0x14c/0x3d0 [ 34.750733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.751785] kthread+0x24c/0x2d0 [ 34.752646] ret_from_fork+0x10/0x20 [ 34.753219] [ 34.753574] The buggy address belongs to the object at fff00000c57c32c0 [ 34.753574] which belongs to the cache kmalloc-16 of size 16 [ 34.754753] The buggy address is located 8 bytes inside of [ 34.754753] allocated 9-byte region [fff00000c57c32c0, fff00000c57c32c9) [ 34.756265] [ 34.756697] The buggy address belongs to the physical page: [ 34.757980] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 34.759038] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.760018] page_type: f5(slab) [ 34.760762] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.762092] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.762876] page dumped because: kasan: bad access detected [ 34.764057] [ 34.764620] Memory state around the buggy address: [ 34.765648] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 34.766531] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.767531] >fff00000c57c3280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 34.769112] ^ [ 34.769803] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.770675] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.771519] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 34.189396] ================================================================== [ 34.190598] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2e4/0x348 [ 34.191543] Read of size 1 at addr ffff800080ac7bea by task kunit_try_catch/242 [ 34.192409] [ 34.193066] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.194292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.194937] Hardware name: linux,dummy-virt (DT) [ 34.195643] Call trace: [ 34.196256] show_stack+0x20/0x38 (C) [ 34.197168] dump_stack_lvl+0x8c/0xd0 [ 34.197861] print_report+0x2fc/0x5e0 [ 34.198579] kasan_report+0xc8/0x118 [ 34.199260] __asan_report_load1_noabort+0x20/0x30 [ 34.200038] kasan_alloca_oob_right+0x2e4/0x348 [ 34.201064] kunit_try_run_case+0x14c/0x3d0 [ 34.201894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.202851] kthread+0x24c/0x2d0 [ 34.203624] ret_from_fork+0x10/0x20 [ 34.204525] [ 34.204756] The buggy address belongs to stack of task kunit_try_catch/242 [ 34.205458] [ 34.205729] The buggy address belongs to the virtual mapping at [ 34.205729] [ffff800080ac0000, ffff800080ac9000) created by: [ 34.205729] kernel_clone+0x140/0x790 [ 34.206977] [ 34.207360] The buggy address belongs to the physical page: [ 34.208178] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f1 [ 34.209671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.211668] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 34.213037] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.213660] page dumped because: kasan: bad access detected [ 34.214300] [ 34.214762] Memory state around the buggy address: [ 34.215670] ffff800080ac7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.216686] ffff800080ac7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.217506] >ffff800080ac7b80: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 34.219262] ^ [ 34.220257] ffff800080ac7c00: cb cb cb cb 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 [ 34.221316] ffff800080ac7c80: 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 34.222501] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 34.578973] ================================================================== [ 34.579602] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 34.580729] Read of size 1 at addr fff00000c58bc8d0 by task kunit_try_catch/248 [ 34.581585] [ 34.582045] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.583277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.583866] Hardware name: linux,dummy-virt (DT) [ 34.584523] Call trace: [ 34.585041] show_stack+0x20/0x38 (C) [ 34.585729] dump_stack_lvl+0x8c/0xd0 [ 34.586419] print_report+0x118/0x5e0 [ 34.587073] kasan_report+0xc8/0x118 [ 34.587645] __asan_report_load1_noabort+0x20/0x30 [ 34.588455] strnlen+0x80/0x88 [ 34.589038] kasan_strings+0x380/0x8f8 [ 34.589664] kunit_try_run_case+0x14c/0x3d0 [ 34.590412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.591285] kthread+0x24c/0x2d0 [ 34.591803] ret_from_fork+0x10/0x20 [ 34.592508] [ 34.592929] Allocated by task 248: [ 34.593505] kasan_save_stack+0x3c/0x68 [ 34.594204] kasan_save_track+0x20/0x40 [ 34.595477] kasan_save_alloc_info+0x40/0x58 [ 34.596227] __kasan_kmalloc+0xd4/0xd8 [ 34.596709] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.597401] kasan_strings+0xb4/0x8f8 [ 34.599094] kunit_try_run_case+0x14c/0x3d0 [ 34.599861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.600797] kthread+0x24c/0x2d0 [ 34.601461] ret_from_fork+0x10/0x20 [ 34.601972] [ 34.602294] Freed by task 248: [ 34.602743] kasan_save_stack+0x3c/0x68 [ 34.603730] kasan_save_track+0x20/0x40 [ 34.604283] kasan_save_free_info+0x4c/0x78 [ 34.604817] __kasan_slab_free+0x6c/0x98 [ 34.605352] kfree+0x114/0x3d0 [ 34.605809] kasan_strings+0x128/0x8f8 [ 34.606863] kunit_try_run_case+0x14c/0x3d0 [ 34.607687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.608585] kthread+0x24c/0x2d0 [ 34.609313] ret_from_fork+0x10/0x20 [ 34.610089] [ 34.610646] The buggy address belongs to the object at fff00000c58bc8c0 [ 34.610646] which belongs to the cache kmalloc-32 of size 32 [ 34.612188] The buggy address is located 16 bytes inside of [ 34.612188] freed 32-byte region [fff00000c58bc8c0, fff00000c58bc8e0) [ 34.613757] [ 34.614195] The buggy address belongs to the physical page: [ 34.614994] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.615826] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.616751] page_type: f5(slab) [ 34.617325] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.618166] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.619064] page dumped because: kasan: bad access detected [ 34.619789] [ 34.620222] Memory state around the buggy address: [ 34.620848] fff00000c58bc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.621642] fff00000c58bc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.622545] >fff00000c58bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.623416] ^ [ 34.624067] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.624850] fff00000c58bc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.625582] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 34.531230] ================================================================== [ 34.532032] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 34.532919] Read of size 1 at addr fff00000c58bc8d0 by task kunit_try_catch/248 [ 34.533822] [ 34.534227] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.535693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.536396] Hardware name: linux,dummy-virt (DT) [ 34.537151] Call trace: [ 34.537620] show_stack+0x20/0x38 (C) [ 34.538187] dump_stack_lvl+0x8c/0xd0 [ 34.538677] print_report+0x118/0x5e0 [ 34.539359] kasan_report+0xc8/0x118 [ 34.540046] __asan_report_load1_noabort+0x20/0x30 [ 34.540852] strlen+0xa8/0xb0 [ 34.541473] kasan_strings+0x320/0x8f8 [ 34.542155] kunit_try_run_case+0x14c/0x3d0 [ 34.542925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.543799] kthread+0x24c/0x2d0 [ 34.544466] ret_from_fork+0x10/0x20 [ 34.545146] [ 34.545573] Allocated by task 248: [ 34.546220] kasan_save_stack+0x3c/0x68 [ 34.546922] kasan_save_track+0x20/0x40 [ 34.547598] kasan_save_alloc_info+0x40/0x58 [ 34.548333] __kasan_kmalloc+0xd4/0xd8 [ 34.549019] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.549776] kasan_strings+0xb4/0x8f8 [ 34.550486] kunit_try_run_case+0x14c/0x3d0 [ 34.551227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.552122] kthread+0x24c/0x2d0 [ 34.552700] ret_from_fork+0x10/0x20 [ 34.553286] [ 34.553475] Freed by task 248: [ 34.553692] kasan_save_stack+0x3c/0x68 [ 34.554021] kasan_save_track+0x20/0x40 [ 34.554646] kasan_save_free_info+0x4c/0x78 [ 34.555208] __kasan_slab_free+0x6c/0x98 [ 34.555889] kfree+0x114/0x3d0 [ 34.556458] kasan_strings+0x128/0x8f8 [ 34.557024] kunit_try_run_case+0x14c/0x3d0 [ 34.557681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.558440] kthread+0x24c/0x2d0 [ 34.558935] ret_from_fork+0x10/0x20 [ 34.559533] [ 34.559924] The buggy address belongs to the object at fff00000c58bc8c0 [ 34.559924] which belongs to the cache kmalloc-32 of size 32 [ 34.561240] The buggy address is located 16 bytes inside of [ 34.561240] freed 32-byte region [fff00000c58bc8c0, fff00000c58bc8e0) [ 34.562775] [ 34.563212] The buggy address belongs to the physical page: [ 34.563980] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.564833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.565525] page_type: f5(slab) [ 34.566489] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.567602] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.568650] page dumped because: kasan: bad access detected [ 34.569529] [ 34.570345] Memory state around the buggy address: [ 34.570928] fff00000c58bc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.571835] fff00000c58bc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.573029] >fff00000c58bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.574022] ^ [ 34.574923] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.575950] fff00000c58bc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.576791] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 34.484898] ================================================================== [ 34.485710] BUG: KASAN: slab-use-after-free in kasan_strings+0x858/0x8f8 [ 34.486641] Read of size 1 at addr fff00000c58bc8d0 by task kunit_try_catch/248 [ 34.487865] [ 34.488553] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.489891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.490402] Hardware name: linux,dummy-virt (DT) [ 34.491156] Call trace: [ 34.491516] show_stack+0x20/0x38 (C) [ 34.492334] dump_stack_lvl+0x8c/0xd0 [ 34.493043] print_report+0x118/0x5e0 [ 34.493727] kasan_report+0xc8/0x118 [ 34.494341] __asan_report_load1_noabort+0x20/0x30 [ 34.495148] kasan_strings+0x858/0x8f8 [ 34.495805] kunit_try_run_case+0x14c/0x3d0 [ 34.496462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.497311] kthread+0x24c/0x2d0 [ 34.497979] ret_from_fork+0x10/0x20 [ 34.498601] [ 34.498986] Allocated by task 248: [ 34.499587] kasan_save_stack+0x3c/0x68 [ 34.500197] kasan_save_track+0x20/0x40 [ 34.500855] kasan_save_alloc_info+0x40/0x58 [ 34.501449] __kasan_kmalloc+0xd4/0xd8 [ 34.502111] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.502747] kasan_strings+0xb4/0x8f8 [ 34.503411] kunit_try_run_case+0x14c/0x3d0 [ 34.503982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.504784] kthread+0x24c/0x2d0 [ 34.505397] ret_from_fork+0x10/0x20 [ 34.506063] [ 34.506434] Freed by task 248: [ 34.506990] kasan_save_stack+0x3c/0x68 [ 34.507667] kasan_save_track+0x20/0x40 [ 34.508234] kasan_save_free_info+0x4c/0x78 [ 34.508946] __kasan_slab_free+0x6c/0x98 [ 34.509568] kfree+0x114/0x3d0 [ 34.510174] kasan_strings+0x128/0x8f8 [ 34.510760] kunit_try_run_case+0x14c/0x3d0 [ 34.511481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.512201] kthread+0x24c/0x2d0 [ 34.512807] ret_from_fork+0x10/0x20 [ 34.513428] [ 34.513888] The buggy address belongs to the object at fff00000c58bc8c0 [ 34.513888] which belongs to the cache kmalloc-32 of size 32 [ 34.515140] The buggy address is located 16 bytes inside of [ 34.515140] freed 32-byte region [fff00000c58bc8c0, fff00000c58bc8e0) [ 34.516412] [ 34.516818] The buggy address belongs to the physical page: [ 34.517464] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.518506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.519419] page_type: f5(slab) [ 34.519988] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.520867] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.521804] page dumped because: kasan: bad access detected [ 34.522481] [ 34.522893] Memory state around the buggy address: [ 34.523512] fff00000c58bc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.524459] fff00000c58bc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.525380] >fff00000c58bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.526204] ^ [ 34.526996] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.527846] fff00000c58bc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.528690] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 34.439237] ================================================================== [ 34.440106] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 34.440895] Read of size 1 at addr fff00000c58bc8d0 by task kunit_try_catch/248 [ 34.441545] [ 34.442612] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.443678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.444457] Hardware name: linux,dummy-virt (DT) [ 34.445052] Call trace: [ 34.445477] show_stack+0x20/0x38 (C) [ 34.446073] dump_stack_lvl+0x8c/0xd0 [ 34.446852] print_report+0x118/0x5e0 [ 34.447548] kasan_report+0xc8/0x118 [ 34.448281] __asan_report_load1_noabort+0x20/0x30 [ 34.449108] strcmp+0xc0/0xc8 [ 34.449736] kasan_strings+0x248/0x8f8 [ 34.450364] kunit_try_run_case+0x14c/0x3d0 [ 34.451083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.451859] kthread+0x24c/0x2d0 [ 34.452468] ret_from_fork+0x10/0x20 [ 34.453092] [ 34.453497] Allocated by task 248: [ 34.454026] kasan_save_stack+0x3c/0x68 [ 34.454591] kasan_save_track+0x20/0x40 [ 34.455263] kasan_save_alloc_info+0x40/0x58 [ 34.455974] __kasan_kmalloc+0xd4/0xd8 [ 34.456627] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.457286] kasan_strings+0xb4/0x8f8 [ 34.457948] kunit_try_run_case+0x14c/0x3d0 [ 34.458575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.459394] kthread+0x24c/0x2d0 [ 34.459861] ret_from_fork+0x10/0x20 [ 34.460478] [ 34.460841] Freed by task 248: [ 34.461328] kasan_save_stack+0x3c/0x68 [ 34.462019] kasan_save_track+0x20/0x40 [ 34.462608] kasan_save_free_info+0x4c/0x78 [ 34.463326] __kasan_slab_free+0x6c/0x98 [ 34.463895] kfree+0x114/0x3d0 [ 34.464505] kasan_strings+0x128/0x8f8 [ 34.465170] kunit_try_run_case+0x14c/0x3d0 [ 34.465812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.466648] kthread+0x24c/0x2d0 [ 34.467262] ret_from_fork+0x10/0x20 [ 34.467793] [ 34.468203] The buggy address belongs to the object at fff00000c58bc8c0 [ 34.468203] which belongs to the cache kmalloc-32 of size 32 [ 34.469480] The buggy address is located 16 bytes inside of [ 34.469480] freed 32-byte region [fff00000c58bc8c0, fff00000c58bc8e0) [ 34.470788] [ 34.471218] The buggy address belongs to the physical page: [ 34.471837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.472874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.473678] page_type: f5(slab) [ 34.474260] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.475194] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.476125] page dumped because: kasan: bad access detected [ 34.476810] [ 34.477167] Memory state around the buggy address: [ 34.477840] fff00000c58bc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.478674] fff00000c58bc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.479589] >fff00000c58bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.480430] ^ [ 34.481131] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.482002] fff00000c58bc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.482846] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 34.390176] ================================================================== [ 34.391939] BUG: KASAN: slab-use-after-free in strrchr+0x6c/0x78 [ 34.393866] Read of size 1 at addr fff00000c58bc8d0 by task kunit_try_catch/248 [ 34.394676] [ 34.395142] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.396761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.397859] Hardware name: linux,dummy-virt (DT) [ 34.398564] Call trace: [ 34.399111] show_stack+0x20/0x38 (C) [ 34.399755] dump_stack_lvl+0x8c/0xd0 [ 34.400320] print_report+0x118/0x5e0 [ 34.400615] kasan_report+0xc8/0x118 [ 34.400877] __asan_report_load1_noabort+0x20/0x30 [ 34.401575] strrchr+0x6c/0x78 [ 34.402128] kasan_strings+0x1e0/0x8f8 [ 34.402824] kunit_try_run_case+0x14c/0x3d0 [ 34.403462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.404293] kthread+0x24c/0x2d0 [ 34.404828] ret_from_fork+0x10/0x20 [ 34.405365] [ 34.405669] Allocated by task 248: [ 34.406237] kasan_save_stack+0x3c/0x68 [ 34.406882] kasan_save_track+0x20/0x40 [ 34.407526] kasan_save_alloc_info+0x40/0x58 [ 34.408203] __kasan_kmalloc+0xd4/0xd8 [ 34.408677] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.409379] kasan_strings+0xb4/0x8f8 [ 34.410005] kunit_try_run_case+0x14c/0x3d0 [ 34.410544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.411337] kthread+0x24c/0x2d0 [ 34.411933] ret_from_fork+0x10/0x20 [ 34.412475] [ 34.412871] Freed by task 248: [ 34.413282] kasan_save_stack+0x3c/0x68 [ 34.414283] kasan_save_track+0x20/0x40 [ 34.414964] kasan_save_free_info+0x4c/0x78 [ 34.415612] __kasan_slab_free+0x6c/0x98 [ 34.416271] kfree+0x114/0x3d0 [ 34.416895] kasan_strings+0x128/0x8f8 [ 34.417499] kunit_try_run_case+0x14c/0x3d0 [ 34.418224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.419004] kthread+0x24c/0x2d0 [ 34.419527] ret_from_fork+0x10/0x20 [ 34.420101] [ 34.420412] The buggy address belongs to the object at fff00000c58bc8c0 [ 34.420412] which belongs to the cache kmalloc-32 of size 32 [ 34.421775] The buggy address is located 16 bytes inside of [ 34.421775] freed 32-byte region [fff00000c58bc8c0, fff00000c58bc8e0) [ 34.422982] [ 34.423355] The buggy address belongs to the physical page: [ 34.424118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.424880] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.425733] page_type: f5(slab) [ 34.426259] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.427252] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.427929] page dumped because: kasan: bad access detected [ 34.428650] [ 34.429040] Memory state around the buggy address: [ 34.429663] fff00000c58bc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.430520] fff00000c58bc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.431338] >fff00000c58bc880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.432083] ^ [ 34.432864] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.433676] fff00000c58bc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.434398] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 34.341719] ================================================================== [ 34.342631] BUG: KASAN: slab-use-after-free in strchr+0xcc/0xd8 [ 34.343467] Read of size 1 at addr fff00000c58bc8d0 by task kunit_try_catch/248 [ 34.344492] [ 34.345523] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.346740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.347473] Hardware name: linux,dummy-virt (DT) [ 34.348048] Call trace: [ 34.348462] show_stack+0x20/0x38 (C) [ 34.349307] dump_stack_lvl+0x8c/0xd0 [ 34.350024] print_report+0x118/0x5e0 [ 34.350665] kasan_report+0xc8/0x118 [ 34.351480] __asan_report_load1_noabort+0x20/0x30 [ 34.352518] strchr+0xcc/0xd8 [ 34.352836] kasan_strings+0x180/0x8f8 [ 34.353359] kunit_try_run_case+0x14c/0x3d0 [ 34.354436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.355429] kthread+0x24c/0x2d0 [ 34.355983] ret_from_fork+0x10/0x20 [ 34.356610] [ 34.357025] Allocated by task 248: [ 34.357746] kasan_save_stack+0x3c/0x68 [ 34.358304] kasan_save_track+0x20/0x40 [ 34.358829] kasan_save_alloc_info+0x40/0x58 [ 34.359402] __kasan_kmalloc+0xd4/0xd8 [ 34.359957] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.361197] kasan_strings+0xb4/0x8f8 [ 34.361800] kunit_try_run_case+0x14c/0x3d0 [ 34.362380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.363310] kthread+0x24c/0x2d0 [ 34.363852] ret_from_fork+0x10/0x20 [ 34.364469] [ 34.365156] Freed by task 248: [ 34.365588] kasan_save_stack+0x3c/0x68 [ 34.366300] kasan_save_track+0x20/0x40 [ 34.366936] kasan_save_free_info+0x4c/0x78 [ 34.367588] __kasan_slab_free+0x6c/0x98 [ 34.368229] kfree+0x114/0x3d0 [ 34.368841] kasan_strings+0x128/0x8f8 [ 34.369873] kunit_try_run_case+0x14c/0x3d0 [ 34.370471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.371240] kthread+0x24c/0x2d0 [ 34.371824] ret_from_fork+0x10/0x20 [ 34.372420] [ 34.373188] The buggy address belongs to the object at fff00000c58bc8c0 [ 34.373188] which belongs to the cache kmalloc-32 of size 32 [ 34.374500] The buggy address is located 16 bytes inside of [ 34.374500] freed 32-byte region [fff00000c58bc8c0, fff00000c58bc8e0) [ 34.375742] [ 34.376135] The buggy address belongs to the physical page: [ 34.377294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.378110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.378961] page_type: f5(slab) [ 34.379482] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.380304] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.381430] page dumped because: kasan: bad access detected [ 34.382048] [ 34.382408] Memory state around the buggy address: [ 34.383068] fff00000c58bc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.383989] fff00000c58bc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.385250] >fff00000c58bc880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.386035] ^ [ 34.386757] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.387547] fff00000c58bc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.388420] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 34.285761] ================================================================== [ 34.287010] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 34.287812] Read of size 1 at addr fff00000c58bc818 by task kunit_try_catch/246 [ 34.289999] [ 34.290400] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.291948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.292603] Hardware name: linux,dummy-virt (DT) [ 34.293370] Call trace: [ 34.293880] show_stack+0x20/0x38 (C) [ 34.294545] dump_stack_lvl+0x8c/0xd0 [ 34.295219] print_report+0x118/0x5e0 [ 34.295838] kasan_report+0xc8/0x118 [ 34.296559] __asan_report_load1_noabort+0x20/0x30 [ 34.297325] memcmp+0x198/0x1d8 [ 34.297948] kasan_memcmp+0x16c/0x300 [ 34.298563] kunit_try_run_case+0x14c/0x3d0 [ 34.299305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.300092] kthread+0x24c/0x2d0 [ 34.300983] ret_from_fork+0x10/0x20 [ 34.301567] [ 34.301986] Allocated by task 246: [ 34.302520] kasan_save_stack+0x3c/0x68 [ 34.303167] kasan_save_track+0x20/0x40 [ 34.303831] kasan_save_alloc_info+0x40/0x58 [ 34.304793] __kasan_kmalloc+0xd4/0xd8 [ 34.305451] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.306162] kasan_memcmp+0xbc/0x300 [ 34.306805] kunit_try_run_case+0x14c/0x3d0 [ 34.307441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.308558] kthread+0x24c/0x2d0 [ 34.309162] ret_from_fork+0x10/0x20 [ 34.309643] [ 34.310033] The buggy address belongs to the object at fff00000c58bc800 [ 34.310033] which belongs to the cache kmalloc-32 of size 32 [ 34.312500] The buggy address is located 0 bytes to the right of [ 34.312500] allocated 24-byte region [fff00000c58bc800, fff00000c58bc818) [ 34.314069] [ 34.314338] The buggy address belongs to the physical page: [ 34.314829] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.315979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.318295] page_type: f5(slab) [ 34.319026] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.320017] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.321270] page dumped because: kasan: bad access detected [ 34.321893] [ 34.322217] Memory state around the buggy address: [ 34.322836] fff00000c58bc700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 34.323542] fff00000c58bc780: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 34.324645] >fff00000c58bc800: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.325406] ^ [ 34.326021] fff00000c58bc880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.326891] fff00000c58bc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.327705] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 34.233928] ================================================================== [ 34.235111] BUG: KASAN: slab-out-of-bounds in memchr+0x78/0x88 [ 34.235883] Read of size 1 at addr fff00000c58bc6d8 by task kunit_try_catch/244 [ 34.236990] [ 34.237398] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.238417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.238895] Hardware name: linux,dummy-virt (DT) [ 34.239668] Call trace: [ 34.240157] show_stack+0x20/0x38 (C) [ 34.240986] dump_stack_lvl+0x8c/0xd0 [ 34.241992] print_report+0x118/0x5e0 [ 34.242574] kasan_report+0xc8/0x118 [ 34.243449] __asan_report_load1_noabort+0x20/0x30 [ 34.244323] memchr+0x78/0x88 [ 34.245175] kasan_memchr+0x148/0x2d8 [ 34.245755] kunit_try_run_case+0x14c/0x3d0 [ 34.246338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.247234] kthread+0x24c/0x2d0 [ 34.247755] ret_from_fork+0x10/0x20 [ 34.248408] [ 34.248986] Allocated by task 244: [ 34.249463] kasan_save_stack+0x3c/0x68 [ 34.250065] kasan_save_track+0x20/0x40 [ 34.250609] kasan_save_alloc_info+0x40/0x58 [ 34.251758] __kasan_kmalloc+0xd4/0xd8 [ 34.252349] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.253160] kasan_memchr+0xb0/0x2d8 [ 34.253687] kunit_try_run_case+0x14c/0x3d0 [ 34.254262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.255005] kthread+0x24c/0x2d0 [ 34.255551] ret_from_fork+0x10/0x20 [ 34.256056] [ 34.256437] The buggy address belongs to the object at fff00000c58bc6c0 [ 34.256437] which belongs to the cache kmalloc-32 of size 32 [ 34.258692] The buggy address is located 0 bytes to the right of [ 34.258692] allocated 24-byte region [fff00000c58bc6c0, fff00000c58bc6d8) [ 34.260028] [ 34.260621] The buggy address belongs to the physical page: [ 34.261637] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058bc [ 34.263003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.263761] page_type: f5(slab) [ 34.264345] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.265684] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.266548] page dumped because: kasan: bad access detected [ 34.267466] [ 34.268033] Memory state around the buggy address: [ 34.268757] fff00000c58bc580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 34.269564] fff00000c58bc600: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 34.270739] >fff00000c58bc680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 34.271524] ^ [ 34.272757] fff00000c58bc700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.273972] fff00000c58bc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.274981] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 34.145363] ================================================================== [ 34.146680] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 34.147573] Read of size 1 at addr ffff800080ae7bdf by task kunit_try_catch/240 [ 34.148350] [ 34.148741] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.149749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.151032] Hardware name: linux,dummy-virt (DT) [ 34.151681] Call trace: [ 34.153347] show_stack+0x20/0x38 (C) [ 34.153967] dump_stack_lvl+0x8c/0xd0 [ 34.154580] print_report+0x2fc/0x5e0 [ 34.155361] kasan_report+0xc8/0x118 [ 34.156042] __asan_report_load1_noabort+0x20/0x30 [ 34.157144] kasan_alloca_oob_left+0x2b8/0x310 [ 34.157718] kunit_try_run_case+0x14c/0x3d0 [ 34.158308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.159382] kthread+0x24c/0x2d0 [ 34.159930] ret_from_fork+0x10/0x20 [ 34.160850] [ 34.161188] The buggy address belongs to stack of task kunit_try_catch/240 [ 34.162037] [ 34.162397] The buggy address belongs to the virtual mapping at [ 34.162397] [ffff800080ae0000, ffff800080ae9000) created by: [ 34.162397] kernel_clone+0x140/0x790 [ 34.164339] [ 34.165472] The buggy address belongs to the physical page: [ 34.166172] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 34.167149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.168007] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 34.169121] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.170650] page dumped because: kasan: bad access detected [ 34.171324] [ 34.171731] Memory state around the buggy address: [ 34.172366] ffff800080ae7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.173257] ffff800080ae7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.174516] >ffff800080ae7b80: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 34.175374] ^ [ 34.176149] ffff800080ae7c00: cb cb cb cb 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 [ 34.177350] ffff800080ae7c80: 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 34.177742] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 34.100070] ================================================================== [ 34.101712] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x230/0x268 [ 34.102530] Read of size 1 at addr ffff800080ae7cba by task kunit_try_catch/238 [ 34.103472] [ 34.103943] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.105818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.106392] Hardware name: linux,dummy-virt (DT) [ 34.107006] Call trace: [ 34.107482] show_stack+0x20/0x38 (C) [ 34.108098] dump_stack_lvl+0x8c/0xd0 [ 34.108778] print_report+0x2fc/0x5e0 [ 34.109367] kasan_report+0xc8/0x118 [ 34.110369] __asan_report_load1_noabort+0x20/0x30 [ 34.111018] kasan_stack_oob+0x230/0x268 [ 34.111836] kunit_try_run_case+0x14c/0x3d0 [ 34.112798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.113464] kthread+0x24c/0x2d0 [ 34.114026] ret_from_fork+0x10/0x20 [ 34.114549] [ 34.115035] The buggy address belongs to stack of task kunit_try_catch/238 [ 34.116049] and is located at offset 138 in frame: [ 34.116997] kasan_stack_oob+0x0/0x268 [ 34.117687] [ 34.118031] This frame has 4 objects: [ 34.118563] [48, 49) '__assertion' [ 34.118670] [64, 72) 'array' [ 34.119198] [96, 112) '__assertion' [ 34.120371] [128, 138) 'stack_array' [ 34.120851] [ 34.121661] The buggy address belongs to the virtual mapping at [ 34.121661] [ffff800080ae0000, ffff800080ae9000) created by: [ 34.121661] kernel_clone+0x140/0x790 [ 34.123472] [ 34.123787] The buggy address belongs to the physical page: [ 34.124769] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 34.125413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.125802] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 34.126543] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.127337] page dumped because: kasan: bad access detected [ 34.128033] [ 34.128676] Memory state around the buggy address: [ 34.129371] ffff800080ae7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.130241] ffff800080ae7c00: 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 [ 34.131063] >ffff800080ae7c80: f2 f2 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 [ 34.131823] ^ [ 34.132844] ffff800080ae7d00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 34.133745] ffff800080ae7d80: f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 34.134574] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 34.046793] ================================================================== [ 34.048155] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 34.050050] Read of size 1 at addr ffff946f1aed906d by task kunit_try_catch/234 [ 34.050892] [ 34.051307] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.052775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.053785] Hardware name: linux,dummy-virt (DT) [ 34.054472] Call trace: [ 34.054987] show_stack+0x20/0x38 (C) [ 34.055550] dump_stack_lvl+0x8c/0xd0 [ 34.056240] print_report+0x2fc/0x5e0 [ 34.056955] kasan_report+0xc8/0x118 [ 34.057462] __asan_report_load1_noabort+0x20/0x30 [ 34.058218] kasan_global_oob_right+0x230/0x270 [ 34.058935] kunit_try_run_case+0x14c/0x3d0 [ 34.059508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.060311] kthread+0x24c/0x2d0 [ 34.061195] ret_from_fork+0x10/0x20 [ 34.062188] [ 34.062692] The buggy address belongs to the variable: [ 34.063456] global_array+0xd/0x40 [ 34.064089] [ 34.065589] The buggy address belongs to the virtual mapping at [ 34.065589] [ffff946f19220000, ffff946f1af91000) created by: [ 34.065589] paging_init+0x668/0x7c8 [ 34.067291] [ 34.068084] The buggy address belongs to the physical page: [ 34.069224] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x478d9 [ 34.070180] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 34.071130] raw: 03fffe0000002000 ffffc1ffc01e3648 ffffc1ffc01e3648 0000000000000000 [ 34.072054] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.072980] page dumped because: kasan: bad access detected [ 34.074533] [ 34.074983] Memory state around the buggy address: [ 34.075729] ffff946f1aed8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.076696] ffff946f1aed8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.077552] >ffff946f1aed9000: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 34.078760] ^ [ 34.079472] ffff946f1aed9080: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 34.080377] ffff946f1aed9100: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 34.081798] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 33.999981] ================================================================== [ 34.001034] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 34.001819] Free of addr fff00000c65e0001 by task kunit_try_catch/232 [ 34.002774] [ 34.003242] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 34.004587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.005216] Hardware name: linux,dummy-virt (DT) [ 34.006004] Call trace: [ 34.006477] show_stack+0x20/0x38 (C) [ 34.007064] dump_stack_lvl+0x8c/0xd0 [ 34.007747] print_report+0x118/0x5e0 [ 34.008515] kasan_report_invalid_free+0xb0/0xd8 [ 34.009734] __kasan_mempool_poison_object+0xfc/0x150 [ 34.010474] mempool_free+0x28c/0x328 [ 34.011196] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 34.011987] mempool_kmalloc_large_invalid_free+0xb8/0x110 [ 34.013004] kunit_try_run_case+0x14c/0x3d0 [ 34.013581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.014255] kthread+0x24c/0x2d0 [ 34.014743] ret_from_fork+0x10/0x20 [ 34.015835] [ 34.016702] The buggy address belongs to the physical page: [ 34.017525] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e0 [ 34.018637] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 34.019710] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 34.021088] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 34.022007] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.022807] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 34.024022] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 34.025335] head: 0bfffe0000000002 ffffc1ffc3197801 ffffffffffffffff 0000000000000000 [ 34.026462] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 34.027487] page dumped because: kasan: bad access detected [ 34.028321] [ 34.028552] Memory state around the buggy address: [ 34.029702] fff00000c65dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.030804] fff00000c65dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.031744] >fff00000c65e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.032921] ^ [ 34.033652] fff00000c65e0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.034727] fff00000c65e0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.035695] ================================================================== [ 33.942484] ================================================================== [ 33.943661] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 33.944583] Free of addr fff00000c6087a01 by task kunit_try_catch/230 [ 33.945637] [ 33.946297] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.947406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.948062] Hardware name: linux,dummy-virt (DT) [ 33.949042] Call trace: [ 33.949497] show_stack+0x20/0x38 (C) [ 33.950048] dump_stack_lvl+0x8c/0xd0 [ 33.950718] print_report+0x118/0x5e0 [ 33.951273] kasan_report_invalid_free+0xb0/0xd8 [ 33.952033] check_slab_allocation+0xfc/0x108 [ 33.952926] __kasan_mempool_poison_object+0x78/0x150 [ 33.953625] mempool_free+0x28c/0x328 [ 33.954254] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 33.955061] mempool_kmalloc_invalid_free+0xb8/0x110 [ 33.955744] kunit_try_run_case+0x14c/0x3d0 [ 33.956583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.957556] kthread+0x24c/0x2d0 [ 33.958121] ret_from_fork+0x10/0x20 [ 33.958685] [ 33.959067] Allocated by task 230: [ 33.959596] kasan_save_stack+0x3c/0x68 [ 33.960182] kasan_save_track+0x20/0x40 [ 33.960962] kasan_save_alloc_info+0x40/0x58 [ 33.961566] __kasan_mempool_unpoison_object+0x11c/0x180 [ 33.962194] remove_element+0x130/0x1f8 [ 33.962685] mempool_alloc_preallocated+0x58/0xc0 [ 33.963189] mempool_kmalloc_invalid_free_helper+0x94/0x2a0 [ 33.964879] mempool_kmalloc_invalid_free+0xb8/0x110 [ 33.965505] kunit_try_run_case+0x14c/0x3d0 [ 33.966156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.966839] kthread+0x24c/0x2d0 [ 33.967977] ret_from_fork+0x10/0x20 [ 33.968938] [ 33.969265] The buggy address belongs to the object at fff00000c6087a00 [ 33.969265] which belongs to the cache kmalloc-128 of size 128 [ 33.970358] The buggy address is located 1 bytes inside of [ 33.970358] 128-byte region [fff00000c6087a00, fff00000c6087a80) [ 33.971503] [ 33.971936] The buggy address belongs to the physical page: [ 33.972998] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106087 [ 33.974007] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.974751] page_type: f5(slab) [ 33.975406] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.976370] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.977467] page dumped because: kasan: bad access detected [ 33.978110] [ 33.978525] Memory state around the buggy address: [ 33.979171] fff00000c6087900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.979997] fff00000c6087980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.980946] >fff00000c6087a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.982187] ^ [ 33.982731] fff00000c6087a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.983553] fff00000c6087b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.984621] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 33.789866] ================================================================== [ 33.791291] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 33.792232] Free of addr fff00000c6087400 by task kunit_try_catch/224 [ 33.793728] [ 33.794156] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.795840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.797017] Hardware name: linux,dummy-virt (DT) [ 33.797743] Call trace: [ 33.798283] show_stack+0x20/0x38 (C) [ 33.798994] dump_stack_lvl+0x8c/0xd0 [ 33.799646] print_report+0x118/0x5e0 [ 33.800163] kasan_report_invalid_free+0xb0/0xd8 [ 33.801212] check_slab_allocation+0xd4/0x108 [ 33.801926] __kasan_mempool_poison_object+0x78/0x150 [ 33.802522] mempool_free+0x28c/0x328 [ 33.803157] mempool_double_free_helper+0x150/0x2e0 [ 33.803722] mempool_kmalloc_double_free+0xb8/0x110 [ 33.804960] kunit_try_run_case+0x14c/0x3d0 [ 33.805570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.806376] kthread+0x24c/0x2d0 [ 33.806934] ret_from_fork+0x10/0x20 [ 33.807502] [ 33.807824] Allocated by task 224: [ 33.809527] kasan_save_stack+0x3c/0x68 [ 33.810067] kasan_save_track+0x20/0x40 [ 33.810635] kasan_save_alloc_info+0x40/0x58 [ 33.811345] __kasan_mempool_unpoison_object+0x11c/0x180 [ 33.811987] remove_element+0x130/0x1f8 [ 33.812939] mempool_alloc_preallocated+0x58/0xc0 [ 33.813604] mempool_double_free_helper+0x94/0x2e0 [ 33.814401] mempool_kmalloc_double_free+0xb8/0x110 [ 33.815186] kunit_try_run_case+0x14c/0x3d0 [ 33.815739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.816800] kthread+0x24c/0x2d0 [ 33.817278] ret_from_fork+0x10/0x20 [ 33.817774] [ 33.818311] Freed by task 224: [ 33.818875] kasan_save_stack+0x3c/0x68 [ 33.819437] kasan_save_track+0x20/0x40 [ 33.819952] kasan_save_free_info+0x4c/0x78 [ 33.820963] __kasan_mempool_poison_object+0xc0/0x150 [ 33.821520] mempool_free+0x28c/0x328 [ 33.822016] mempool_double_free_helper+0x100/0x2e0 [ 33.822601] mempool_kmalloc_double_free+0xb8/0x110 [ 33.823180] kunit_try_run_case+0x14c/0x3d0 [ 33.823693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.825706] kthread+0x24c/0x2d0 [ 33.826127] ret_from_fork+0x10/0x20 [ 33.826587] [ 33.827020] The buggy address belongs to the object at fff00000c6087400 [ 33.827020] which belongs to the cache kmalloc-128 of size 128 [ 33.828392] The buggy address is located 0 bytes inside of [ 33.828392] 128-byte region [fff00000c6087400, fff00000c6087480) [ 33.830199] [ 33.830576] The buggy address belongs to the physical page: [ 33.831463] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106087 [ 33.832520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.833131] page_type: f5(slab) [ 33.833534] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.834743] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.835539] page dumped because: kasan: bad access detected [ 33.836836] [ 33.837354] Memory state around the buggy address: [ 33.838112] fff00000c6087300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.839117] fff00000c6087380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.840131] >fff00000c6087400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.841173] ^ [ 33.841562] fff00000c6087480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.842419] fff00000c6087500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.843754] ================================================================== [ 33.854859] ================================================================== [ 33.856280] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 33.857686] Free of addr fff00000c65b8000 by task kunit_try_catch/226 [ 33.858246] [ 33.858660] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.860922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.861428] Hardware name: linux,dummy-virt (DT) [ 33.862246] Call trace: [ 33.862860] show_stack+0x20/0x38 (C) [ 33.863648] dump_stack_lvl+0x8c/0xd0 [ 33.864450] print_report+0x118/0x5e0 [ 33.865083] kasan_report_invalid_free+0xb0/0xd8 [ 33.865699] __kasan_mempool_poison_object+0x14c/0x150 [ 33.866762] mempool_free+0x28c/0x328 [ 33.867247] mempool_double_free_helper+0x150/0x2e0 [ 33.868083] mempool_kmalloc_large_double_free+0xb8/0x110 [ 33.869032] kunit_try_run_case+0x14c/0x3d0 [ 33.869833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.870866] kthread+0x24c/0x2d0 [ 33.871596] ret_from_fork+0x10/0x20 [ 33.872550] [ 33.872922] The buggy address belongs to the physical page: [ 33.874225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b8 [ 33.875132] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.876107] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.877171] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.877563] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.877965] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.879083] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.880261] head: 0bfffe0000000002 ffffc1ffc3196e01 ffffffffffffffff 0000000000000000 [ 33.881170] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.883035] page dumped because: kasan: bad access detected [ 33.883704] [ 33.884117] Memory state around the buggy address: [ 33.884670] fff00000c65b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.885479] fff00000c65b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.886701] >fff00000c65b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.887546] ^ [ 33.888140] fff00000c65b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.889711] fff00000c65b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.890785] ================================================================== [ 33.904200] ================================================================== [ 33.905451] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 33.906596] Free of addr fff00000c65b8000 by task kunit_try_catch/228 [ 33.907927] [ 33.908317] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.909632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.910195] Hardware name: linux,dummy-virt (DT) [ 33.911062] Call trace: [ 33.911680] show_stack+0x20/0x38 (C) [ 33.912321] dump_stack_lvl+0x8c/0xd0 [ 33.912850] print_report+0x118/0x5e0 [ 33.913388] kasan_report_invalid_free+0xb0/0xd8 [ 33.914184] __kasan_mempool_poison_pages+0xe0/0xe8 [ 33.915144] mempool_free+0x24c/0x328 [ 33.915655] mempool_double_free_helper+0x150/0x2e0 [ 33.916416] mempool_page_alloc_double_free+0xb4/0x110 [ 33.917111] kunit_try_run_case+0x14c/0x3d0 [ 33.917800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.918618] kthread+0x24c/0x2d0 [ 33.919181] ret_from_fork+0x10/0x20 [ 33.919718] [ 33.920108] The buggy address belongs to the physical page: [ 33.920888] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b8 [ 33.921953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.922694] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 33.923358] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.924485] page dumped because: kasan: bad access detected [ 33.925148] [ 33.925576] Memory state around the buggy address: [ 33.926261] fff00000c65b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.927042] fff00000c65b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.927956] >fff00000c65b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.928760] ^ [ 33.929275] fff00000c65b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.930163] fff00000c65b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.930966] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 33.751865] ================================================================== [ 33.753082] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 33.754012] Read of size 1 at addr fff00000c65e0000 by task kunit_try_catch/222 [ 33.754890] [ 33.755315] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.756585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.757213] Hardware name: linux,dummy-virt (DT) [ 33.757949] Call trace: [ 33.758378] show_stack+0x20/0x38 (C) [ 33.759124] dump_stack_lvl+0x8c/0xd0 [ 33.759699] print_report+0x118/0x5e0 [ 33.760270] kasan_report+0xc8/0x118 [ 33.760894] __asan_report_load1_noabort+0x20/0x30 [ 33.761760] mempool_uaf_helper+0x314/0x340 [ 33.762394] mempool_page_alloc_uaf+0xb8/0x118 [ 33.763148] kunit_try_run_case+0x14c/0x3d0 [ 33.763842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.764635] kthread+0x24c/0x2d0 [ 33.765141] ret_from_fork+0x10/0x20 [ 33.765652] [ 33.766048] The buggy address belongs to the physical page: [ 33.766712] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e0 [ 33.767793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.768676] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 33.769573] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.770416] page dumped because: kasan: bad access detected [ 33.771211] [ 33.771636] Memory state around the buggy address: [ 33.772339] fff00000c65dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.773219] fff00000c65dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.774120] >fff00000c65e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.774987] ^ [ 33.775556] fff00000c65e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.776430] fff00000c65e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.777196] ================================================================== [ 33.630377] ================================================================== [ 33.631396] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 33.632117] Read of size 1 at addr fff00000c65e0000 by task kunit_try_catch/218 [ 33.633648] [ 33.633936] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.634810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.635469] Hardware name: linux,dummy-virt (DT) [ 33.636080] Call trace: [ 33.636885] show_stack+0x20/0x38 (C) [ 33.637407] dump_stack_lvl+0x8c/0xd0 [ 33.638115] print_report+0x118/0x5e0 [ 33.638787] kasan_report+0xc8/0x118 [ 33.639488] __asan_report_load1_noabort+0x20/0x30 [ 33.640346] mempool_uaf_helper+0x314/0x340 [ 33.641261] mempool_kmalloc_large_uaf+0xbc/0x118 [ 33.641975] kunit_try_run_case+0x14c/0x3d0 [ 33.642663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.643450] kthread+0x24c/0x2d0 [ 33.644060] ret_from_fork+0x10/0x20 [ 33.644891] [ 33.645260] The buggy address belongs to the physical page: [ 33.645857] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e0 [ 33.646872] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.648005] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.649265] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.650335] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.651410] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.652713] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.653563] head: 0bfffe0000000002 ffffc1ffc3197801 ffffffffffffffff 0000000000000000 [ 33.654393] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.655980] page dumped because: kasan: bad access detected [ 33.657483] [ 33.657715] Memory state around the buggy address: [ 33.658394] fff00000c65dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.659255] fff00000c65dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.660019] >fff00000c65e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.661324] ^ [ 33.661759] fff00000c65e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.662934] fff00000c65e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 33.663960] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 33.678059] ================================================================== [ 33.679226] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 33.680797] Read of size 1 at addr fff00000c58e3240 by task kunit_try_catch/220 [ 33.681815] [ 33.682262] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.683510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.684130] Hardware name: linux,dummy-virt (DT) [ 33.684968] Call trace: [ 33.685364] show_stack+0x20/0x38 (C) [ 33.685940] dump_stack_lvl+0x8c/0xd0 [ 33.686496] print_report+0x118/0x5e0 [ 33.687118] kasan_report+0xc8/0x118 [ 33.687645] __asan_report_load1_noabort+0x20/0x30 [ 33.688616] mempool_uaf_helper+0x314/0x340 [ 33.689656] mempool_slab_uaf+0xb8/0x110 [ 33.690194] kunit_try_run_case+0x14c/0x3d0 [ 33.690729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.691378] kthread+0x24c/0x2d0 [ 33.691817] ret_from_fork+0x10/0x20 [ 33.692475] [ 33.693016] Allocated by task 220: [ 33.693600] kasan_save_stack+0x3c/0x68 [ 33.694282] kasan_save_track+0x20/0x40 [ 33.695092] kasan_save_alloc_info+0x40/0x58 [ 33.695876] __kasan_mempool_unpoison_object+0xbc/0x180 [ 33.697134] remove_element+0x16c/0x1f8 [ 33.697898] mempool_alloc_preallocated+0x58/0xc0 [ 33.698530] mempool_uaf_helper+0xa4/0x340 [ 33.699091] mempool_slab_uaf+0xb8/0x110 [ 33.699617] kunit_try_run_case+0x14c/0x3d0 [ 33.700838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.701757] kthread+0x24c/0x2d0 [ 33.702417] ret_from_fork+0x10/0x20 [ 33.703152] [ 33.703691] Freed by task 220: [ 33.704396] kasan_save_stack+0x3c/0x68 [ 33.705319] kasan_save_track+0x20/0x40 [ 33.705856] kasan_save_free_info+0x4c/0x78 [ 33.706420] __kasan_mempool_poison_object+0xc0/0x150 [ 33.707486] mempool_free+0x28c/0x328 [ 33.708200] mempool_uaf_helper+0x104/0x340 [ 33.709142] mempool_slab_uaf+0xb8/0x110 [ 33.710000] kunit_try_run_case+0x14c/0x3d0 [ 33.710815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.711723] kthread+0x24c/0x2d0 [ 33.712531] ret_from_fork+0x10/0x20 [ 33.712876] [ 33.713067] The buggy address belongs to the object at fff00000c58e3240 [ 33.713067] which belongs to the cache test_cache of size 123 [ 33.713598] The buggy address is located 0 bytes inside of [ 33.713598] freed 123-byte region [fff00000c58e3240, fff00000c58e32bb) [ 33.714350] [ 33.714741] The buggy address belongs to the physical page: [ 33.715430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058e3 [ 33.717325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.718205] page_type: f5(slab) [ 33.718960] raw: 0bfffe0000000000 fff00000c59253c0 dead000000000122 0000000000000000 [ 33.719866] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 33.720696] page dumped because: kasan: bad access detected [ 33.721308] [ 33.721665] Memory state around the buggy address: [ 33.722572] fff00000c58e3100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.723381] fff00000c58e3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.724526] >fff00000c58e3200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 33.725449] ^ [ 33.726054] fff00000c58e3280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.726870] fff00000c58e3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.727694] ================================================================== [ 33.566013] ================================================================== [ 33.567047] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 33.567993] Read of size 1 at addr fff00000c5922c00 by task kunit_try_catch/216 [ 33.569862] [ 33.570324] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.571519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.572119] Hardware name: linux,dummy-virt (DT) [ 33.572677] Call trace: [ 33.573473] show_stack+0x20/0x38 (C) [ 33.574139] dump_stack_lvl+0x8c/0xd0 [ 33.574764] print_report+0x118/0x5e0 [ 33.575443] kasan_report+0xc8/0x118 [ 33.576061] __asan_report_load1_noabort+0x20/0x30 [ 33.577043] mempool_uaf_helper+0x314/0x340 [ 33.577445] mempool_kmalloc_uaf+0xbc/0x118 [ 33.578163] kunit_try_run_case+0x14c/0x3d0 [ 33.578858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.579698] kthread+0x24c/0x2d0 [ 33.580300] ret_from_fork+0x10/0x20 [ 33.581145] [ 33.581510] Allocated by task 216: [ 33.582109] kasan_save_stack+0x3c/0x68 [ 33.582754] kasan_save_track+0x20/0x40 [ 33.583314] kasan_save_alloc_info+0x40/0x58 [ 33.584019] __kasan_mempool_unpoison_object+0x11c/0x180 [ 33.584695] remove_element+0x130/0x1f8 [ 33.585148] mempool_alloc_preallocated+0x58/0xc0 [ 33.586240] mempool_uaf_helper+0xa4/0x340 [ 33.587515] mempool_kmalloc_uaf+0xbc/0x118 [ 33.588863] kunit_try_run_case+0x14c/0x3d0 [ 33.589581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.590306] kthread+0x24c/0x2d0 [ 33.590864] ret_from_fork+0x10/0x20 [ 33.591445] [ 33.591844] Freed by task 216: [ 33.592398] kasan_save_stack+0x3c/0x68 [ 33.593023] kasan_save_track+0x20/0x40 [ 33.593757] kasan_save_free_info+0x4c/0x78 [ 33.594393] __kasan_mempool_poison_object+0xc0/0x150 [ 33.595029] mempool_free+0x28c/0x328 [ 33.595685] mempool_uaf_helper+0x104/0x340 [ 33.596537] mempool_kmalloc_uaf+0xbc/0x118 [ 33.597471] kunit_try_run_case+0x14c/0x3d0 [ 33.598107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.599013] kthread+0x24c/0x2d0 [ 33.599694] ret_from_fork+0x10/0x20 [ 33.600468] [ 33.600825] The buggy address belongs to the object at fff00000c5922c00 [ 33.600825] which belongs to the cache kmalloc-128 of size 128 [ 33.602005] The buggy address is located 0 bytes inside of [ 33.602005] freed 128-byte region [fff00000c5922c00, fff00000c5922c80) [ 33.603269] [ 33.603577] The buggy address belongs to the physical page: [ 33.604217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105922 [ 33.605173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.605815] page_type: f5(slab) [ 33.607361] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.608890] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.609766] page dumped because: kasan: bad access detected [ 33.610391] [ 33.610794] Memory state around the buggy address: [ 33.611417] fff00000c5922b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.612151] fff00000c5922b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.613572] >fff00000c5922c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.614375] ^ [ 33.614989] fff00000c5922c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.615760] fff00000c5922d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.616994] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 33.498947] ================================================================== [ 33.500188] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 33.501384] Read of size 1 at addr fff00000c58e62bb by task kunit_try_catch/214 [ 33.502015] [ 33.502418] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.504107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.504952] Hardware name: linux,dummy-virt (DT) [ 33.505761] Call trace: [ 33.506407] show_stack+0x20/0x38 (C) [ 33.507213] dump_stack_lvl+0x8c/0xd0 [ 33.508022] print_report+0x118/0x5e0 [ 33.508812] kasan_report+0xc8/0x118 [ 33.509380] __asan_report_load1_noabort+0x20/0x30 [ 33.509996] mempool_oob_right_helper+0x2ac/0x2f0 [ 33.511221] mempool_slab_oob_right+0xb8/0x110 [ 33.511958] kunit_try_run_case+0x14c/0x3d0 [ 33.512970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.513696] kthread+0x24c/0x2d0 [ 33.514329] ret_from_fork+0x10/0x20 [ 33.514864] [ 33.515221] Allocated by task 214: [ 33.515720] kasan_save_stack+0x3c/0x68 [ 33.516260] kasan_save_track+0x20/0x40 [ 33.517429] kasan_save_alloc_info+0x40/0x58 [ 33.518088] __kasan_mempool_unpoison_object+0xbc/0x180 [ 33.518798] remove_element+0x16c/0x1f8 [ 33.519372] mempool_alloc_preallocated+0x58/0xc0 [ 33.520109] mempool_oob_right_helper+0x98/0x2f0 [ 33.521556] mempool_slab_oob_right+0xb8/0x110 [ 33.522520] kunit_try_run_case+0x14c/0x3d0 [ 33.523173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.523964] kthread+0x24c/0x2d0 [ 33.524817] ret_from_fork+0x10/0x20 [ 33.525550] [ 33.525971] The buggy address belongs to the object at fff00000c58e6240 [ 33.525971] which belongs to the cache test_cache of size 123 [ 33.527267] The buggy address is located 0 bytes to the right of [ 33.527267] allocated 123-byte region [fff00000c58e6240, fff00000c58e62bb) [ 33.528793] [ 33.529280] The buggy address belongs to the physical page: [ 33.529892] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058e6 [ 33.530918] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.531696] page_type: f5(slab) [ 33.532178] raw: 0bfffe0000000000 fff00000c5925280 dead000000000122 0000000000000000 [ 33.533156] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 33.534041] page dumped because: kasan: bad access detected [ 33.534643] [ 33.535336] Memory state around the buggy address: [ 33.535972] fff00000c58e6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.537106] fff00000c58e6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 33.538006] >fff00000c58e6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 33.538834] ^ [ 33.539488] fff00000c58e6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.540682] fff00000c58e6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.541508] ================================================================== [ 33.451850] ================================================================== [ 33.453554] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 33.454813] Read of size 1 at addr fff00000c65b6001 by task kunit_try_catch/212 [ 33.455597] [ 33.456026] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.457953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.459080] Hardware name: linux,dummy-virt (DT) [ 33.459744] Call trace: [ 33.460613] show_stack+0x20/0x38 (C) [ 33.461279] dump_stack_lvl+0x8c/0xd0 [ 33.461985] print_report+0x118/0x5e0 [ 33.462633] kasan_report+0xc8/0x118 [ 33.463268] __asan_report_load1_noabort+0x20/0x30 [ 33.464051] mempool_oob_right_helper+0x2ac/0x2f0 [ 33.464634] mempool_kmalloc_large_oob_right+0xbc/0x118 [ 33.465468] kunit_try_run_case+0x14c/0x3d0 [ 33.466178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.466877] kthread+0x24c/0x2d0 [ 33.467377] ret_from_fork+0x10/0x20 [ 33.468022] [ 33.468518] The buggy address belongs to the physical page: [ 33.469353] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b4 [ 33.470211] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.471130] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.472032] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.473228] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.474206] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.475395] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.476202] head: 0bfffe0000000002 ffffc1ffc3196d01 ffffffffffffffff 0000000000000000 [ 33.477393] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.478289] page dumped because: kasan: bad access detected [ 33.478970] [ 33.479387] Memory state around the buggy address: [ 33.480001] fff00000c65b5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.481040] fff00000c65b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.482060] >fff00000c65b6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.482809] ^ [ 33.483408] fff00000c65b6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.484208] fff00000c65b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.485369] ================================================================== [ 33.398545] ================================================================== [ 33.399584] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 33.400786] Read of size 1 at addr fff00000c58fc173 by task kunit_try_catch/210 [ 33.401731] [ 33.402090] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 33.402741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.403098] Hardware name: linux,dummy-virt (DT) [ 33.403551] Call trace: [ 33.403918] show_stack+0x20/0x38 (C) [ 33.404976] dump_stack_lvl+0x8c/0xd0 [ 33.405527] print_report+0x118/0x5e0 [ 33.406870] kasan_report+0xc8/0x118 [ 33.407604] __asan_report_load1_noabort+0x20/0x30 [ 33.408714] mempool_oob_right_helper+0x2ac/0x2f0 [ 33.409333] mempool_kmalloc_oob_right+0xbc/0x118 [ 33.409943] kunit_try_run_case+0x14c/0x3d0 [ 33.410598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.411366] kthread+0x24c/0x2d0 [ 33.411977] ret_from_fork+0x10/0x20 [ 33.412800] [ 33.413384] Allocated by task 210: [ 33.413788] kasan_save_stack+0x3c/0x68 [ 33.414274] kasan_save_track+0x20/0x40 [ 33.414878] kasan_save_alloc_info+0x40/0x58 [ 33.415462] __kasan_mempool_unpoison_object+0x11c/0x180 [ 33.416137] remove_element+0x130/0x1f8 [ 33.416774] mempool_alloc_preallocated+0x58/0xc0 [ 33.417866] mempool_oob_right_helper+0x98/0x2f0 [ 33.418587] mempool_kmalloc_oob_right+0xbc/0x118 [ 33.419352] kunit_try_run_case+0x14c/0x3d0 [ 33.420031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.421072] kthread+0x24c/0x2d0 [ 33.421570] ret_from_fork+0x10/0x20 [ 33.422004] [ 33.422270] The buggy address belongs to the object at fff00000c58fc100 [ 33.422270] which belongs to the cache kmalloc-128 of size 128 [ 33.424877] The buggy address is located 0 bytes to the right of [ 33.424877] allocated 115-byte region [fff00000c58fc100, fff00000c58fc173) [ 33.426295] [ 33.426571] The buggy address belongs to the physical page: [ 33.427141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058fc [ 33.428099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.429358] page_type: f5(slab) [ 33.429782] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.430754] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.431759] page dumped because: kasan: bad access detected [ 33.432543] [ 33.432886] Memory state around the buggy address: [ 33.433728] fff00000c58fc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.434305] fff00000c58fc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.435223] >fff00000c58fc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.436006] ^ [ 33.437162] fff00000c58fc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.438313] fff00000c58fc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 33.439652] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 32.778668] ================================================================== [ 32.779647] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x17c/0x2f8 [ 32.780490] Read of size 1 at addr fff00000c56ba640 by task kunit_try_catch/204 [ 32.781295] [ 32.781700] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.782786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.783268] Hardware name: linux,dummy-virt (DT) [ 32.783933] Call trace: [ 32.784299] show_stack+0x20/0x38 (C) [ 32.784968] dump_stack_lvl+0x8c/0xd0 [ 32.785643] print_report+0x118/0x5e0 [ 32.786167] kasan_report+0xc8/0x118 [ 32.786795] __kasan_check_byte+0x54/0x70 [ 32.787489] kmem_cache_destroy+0x34/0x218 [ 32.788126] kmem_cache_double_destroy+0x17c/0x2f8 [ 32.788851] kunit_try_run_case+0x14c/0x3d0 [ 32.789450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.790214] kthread+0x24c/0x2d0 [ 32.790796] ret_from_fork+0x10/0x20 [ 32.791442] [ 32.791768] Allocated by task 204: [ 32.792217] kasan_save_stack+0x3c/0x68 [ 32.792827] kasan_save_track+0x20/0x40 [ 32.793407] kasan_save_alloc_info+0x40/0x58 [ 32.794025] __kasan_slab_alloc+0xa8/0xb0 [ 32.794670] kmem_cache_alloc_noprof+0x108/0x3a0 [ 32.795366] __kmem_cache_create_args+0x18c/0x2b0 [ 32.796068] kmem_cache_double_destroy+0xc8/0x2f8 [ 32.796702] kunit_try_run_case+0x14c/0x3d0 [ 32.797370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.797969] kthread+0x24c/0x2d0 [ 32.798529] ret_from_fork+0x10/0x20 [ 32.799102] [ 32.799412] Freed by task 204: [ 32.799931] kasan_save_stack+0x3c/0x68 [ 32.800495] kasan_save_track+0x20/0x40 [ 32.801120] kasan_save_free_info+0x4c/0x78 [ 32.801672] __kasan_slab_free+0x6c/0x98 [ 32.802313] kmem_cache_free+0x118/0x470 [ 32.802875] slab_kmem_cache_release+0x38/0x50 [ 32.803827] kmem_cache_release+0x1c/0x30 [ 32.804430] kobject_put+0x17c/0x430 [ 32.805035] sysfs_slab_release+0x1c/0x30 [ 32.805633] kmem_cache_destroy+0x118/0x218 [ 32.806202] kmem_cache_double_destroy+0x130/0x2f8 [ 32.806934] kunit_try_run_case+0x14c/0x3d0 [ 32.807514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.808225] kthread+0x24c/0x2d0 [ 32.808778] ret_from_fork+0x10/0x20 [ 32.809283] [ 32.809640] The buggy address belongs to the object at fff00000c56ba640 [ 32.809640] which belongs to the cache kmem_cache of size 208 [ 32.810843] The buggy address is located 0 bytes inside of [ 32.810843] freed 208-byte region [fff00000c56ba640, fff00000c56ba710) [ 32.812039] [ 32.812415] The buggy address belongs to the physical page: [ 32.813140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ba [ 32.814015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.814810] page_type: f5(slab) [ 32.815435] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 32.816219] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 32.817064] page dumped because: kasan: bad access detected [ 32.817692] [ 32.818067] Memory state around the buggy address: [ 32.818573] fff00000c56ba500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.819433] fff00000c56ba580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 32.820221] >fff00000c56ba600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 32.821020] ^ [ 32.821581] fff00000c56ba680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.822420] fff00000c56ba700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.823143] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 32.665500] ================================================================== [ 32.666537] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x390/0x468 [ 32.667410] Read of size 1 at addr fff00000c64bc000 by task kunit_try_catch/202 [ 32.668094] [ 32.668491] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.669982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.670597] Hardware name: linux,dummy-virt (DT) [ 32.671324] Call trace: [ 32.671810] show_stack+0x20/0x38 (C) [ 32.673070] dump_stack_lvl+0x8c/0xd0 [ 32.673655] print_report+0x118/0x5e0 [ 32.674358] kasan_report+0xc8/0x118 [ 32.675072] __asan_report_load1_noabort+0x20/0x30 [ 32.675892] kmem_cache_rcu_uaf+0x390/0x468 [ 32.676569] kunit_try_run_case+0x14c/0x3d0 [ 32.677214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.678295] kthread+0x24c/0x2d0 [ 32.678930] ret_from_fork+0x10/0x20 [ 32.679803] [ 32.680423] Allocated by task 202: [ 32.680935] kasan_save_stack+0x3c/0x68 [ 32.681678] kasan_save_track+0x20/0x40 [ 32.682398] kasan_save_alloc_info+0x40/0x58 [ 32.683139] __kasan_slab_alloc+0xa8/0xb0 [ 32.683424] kmem_cache_alloc_noprof+0x108/0x3a0 [ 32.683706] kmem_cache_rcu_uaf+0x12c/0x468 [ 32.684046] kunit_try_run_case+0x14c/0x3d0 [ 32.685490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.686132] kthread+0x24c/0x2d0 [ 32.686569] ret_from_fork+0x10/0x20 [ 32.687464] [ 32.687867] Freed by task 0: [ 32.688281] kasan_save_stack+0x3c/0x68 [ 32.689427] kasan_save_track+0x20/0x40 [ 32.690122] kasan_save_free_info+0x4c/0x78 [ 32.690839] __kasan_slab_free+0x6c/0x98 [ 32.691557] slab_free_after_rcu_debug+0xd4/0x2f8 [ 32.692493] rcu_core+0xa54/0x1df8 [ 32.693512] rcu_core_si+0x18/0x30 [ 32.693952] handle_softirqs+0x374/0xb20 [ 32.694621] __do_softirq+0x1c/0x28 [ 32.695535] [ 32.696119] Last potentially related work creation: [ 32.696668] kasan_save_stack+0x3c/0x68 [ 32.697673] __kasan_record_aux_stack+0xbc/0xe8 [ 32.698325] kasan_record_aux_stack_noalloc+0x14/0x20 [ 32.698959] kmem_cache_free+0x28c/0x470 [ 32.699473] kmem_cache_rcu_uaf+0x16c/0x468 [ 32.701562] kunit_try_run_case+0x14c/0x3d0 [ 32.702122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.702745] kthread+0x24c/0x2d0 [ 32.703331] ret_from_fork+0x10/0x20 [ 32.703983] [ 32.704312] The buggy address belongs to the object at fff00000c64bc000 [ 32.704312] which belongs to the cache test_cache of size 200 [ 32.705526] The buggy address is located 0 bytes inside of [ 32.705526] freed 200-byte region [fff00000c64bc000, fff00000c64bc0c8) [ 32.706693] [ 32.707052] The buggy address belongs to the physical page: [ 32.707623] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 32.708629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.709432] page_type: f5(slab) [ 32.710856] raw: 0bfffe0000000000 fff00000c56ba500 dead000000000122 0000000000000000 [ 32.711819] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 32.712583] page dumped because: kasan: bad access detected [ 32.713397] [ 32.713769] Memory state around the buggy address: [ 32.714838] fff00000c64bbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.716027] fff00000c64bbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.717519] >fff00000c64bc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.718530] ^ [ 32.719035] fff00000c64bc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 32.719721] fff00000c64bc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.720544] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 32.551583] ================================================================== [ 32.552624] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3b8 [ 32.553502] Free of addr fff00000c5912001 by task kunit_try_catch/200 [ 32.555066] [ 32.555444] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.557084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.557742] Hardware name: linux,dummy-virt (DT) [ 32.558493] Call trace: [ 32.558980] show_stack+0x20/0x38 (C) [ 32.559639] dump_stack_lvl+0x8c/0xd0 [ 32.560180] print_report+0x118/0x5e0 [ 32.561083] kasan_report_invalid_free+0xb0/0xd8 [ 32.561695] check_slab_allocation+0xfc/0x108 [ 32.562330] __kasan_slab_pre_free+0x2c/0x48 [ 32.563003] kmem_cache_free+0xf0/0x470 [ 32.563582] kmem_cache_invalid_free+0x184/0x3b8 [ 32.564182] kunit_try_run_case+0x14c/0x3d0 [ 32.565162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.565800] kthread+0x24c/0x2d0 [ 32.566400] ret_from_fork+0x10/0x20 [ 32.567025] [ 32.567347] Allocated by task 200: [ 32.567893] kasan_save_stack+0x3c/0x68 [ 32.569166] kasan_save_track+0x20/0x40 [ 32.569730] kasan_save_alloc_info+0x40/0x58 [ 32.570347] __kasan_slab_alloc+0xa8/0xb0 [ 32.570937] kmem_cache_alloc_noprof+0x108/0x3a0 [ 32.571475] kmem_cache_invalid_free+0x12c/0x3b8 [ 32.572521] kunit_try_run_case+0x14c/0x3d0 [ 32.573191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.573887] kthread+0x24c/0x2d0 [ 32.574481] ret_from_fork+0x10/0x20 [ 32.575099] [ 32.575418] The buggy address belongs to the object at fff00000c5912000 [ 32.575418] which belongs to the cache test_cache of size 200 [ 32.576941] The buggy address is located 1 bytes inside of [ 32.576941] 200-byte region [fff00000c5912000, fff00000c59120c8) [ 32.578022] [ 32.578388] The buggy address belongs to the physical page: [ 32.579144] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105912 [ 32.580015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.581097] page_type: f5(slab) [ 32.581667] raw: 0bfffe0000000000 fff00000c5925000 dead000000000122 0000000000000000 [ 32.582553] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 32.583488] page dumped because: kasan: bad access detected [ 32.584148] [ 32.584762] Memory state around the buggy address: [ 32.585311] fff00000c5911f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.586120] fff00000c5911f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.587010] >fff00000c5912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.587881] ^ [ 32.588995] fff00000c5912080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 32.589656] fff00000c5912100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.590413] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 32.478094] ================================================================== [ 32.478970] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 32.480129] Free of addr fff00000c5925000 by task kunit_try_catch/198 [ 32.481560] [ 32.481924] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.483290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.483948] Hardware name: linux,dummy-virt (DT) [ 32.484810] Call trace: [ 32.485346] show_stack+0x20/0x38 (C) [ 32.486243] dump_stack_lvl+0x8c/0xd0 [ 32.487058] print_report+0x118/0x5e0 [ 32.487773] kasan_report_invalid_free+0xb0/0xd8 [ 32.488632] check_slab_allocation+0xd4/0x108 [ 32.489542] __kasan_slab_pre_free+0x2c/0x48 [ 32.490329] kmem_cache_free+0xf0/0x470 [ 32.491236] kmem_cache_double_free+0x190/0x3c8 [ 32.492067] kunit_try_run_case+0x14c/0x3d0 [ 32.493707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.494645] kthread+0x24c/0x2d0 [ 32.495365] ret_from_fork+0x10/0x20 [ 32.496050] [ 32.496466] Allocated by task 198: [ 32.496945] kasan_save_stack+0x3c/0x68 [ 32.497643] kasan_save_track+0x20/0x40 [ 32.498159] kasan_save_alloc_info+0x40/0x58 [ 32.498826] __kasan_slab_alloc+0xa8/0xb0 [ 32.499425] kmem_cache_alloc_noprof+0x108/0x3a0 [ 32.500115] kmem_cache_double_free+0x12c/0x3c8 [ 32.500994] kunit_try_run_case+0x14c/0x3d0 [ 32.501550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.502882] kthread+0x24c/0x2d0 [ 32.503375] ret_from_fork+0x10/0x20 [ 32.503830] [ 32.504123] Freed by task 198: [ 32.505259] kasan_save_stack+0x3c/0x68 [ 32.506170] kasan_save_track+0x20/0x40 [ 32.506776] kasan_save_free_info+0x4c/0x78 [ 32.507393] __kasan_slab_free+0x6c/0x98 [ 32.508074] kmem_cache_free+0x118/0x470 [ 32.508869] kmem_cache_double_free+0x140/0x3c8 [ 32.509516] kunit_try_run_case+0x14c/0x3d0 [ 32.510119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.510891] kthread+0x24c/0x2d0 [ 32.512223] ret_from_fork+0x10/0x20 [ 32.513042] [ 32.513360] The buggy address belongs to the object at fff00000c5925000 [ 32.513360] which belongs to the cache test_cache of size 200 [ 32.514552] The buggy address is located 0 bytes inside of [ 32.514552] 200-byte region [fff00000c5925000, fff00000c59250c8) [ 32.515777] [ 32.516160] The buggy address belongs to the physical page: [ 32.517841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105925 [ 32.518696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.519455] page_type: f5(slab) [ 32.519968] raw: 0bfffe0000000000 fff00000c56ba3c0 dead000000000122 0000000000000000 [ 32.521332] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 32.522122] page dumped because: kasan: bad access detected [ 32.522818] [ 32.523193] Memory state around the buggy address: [ 32.523751] fff00000c5924f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.525544] fff00000c5924f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.526364] >fff00000c5925000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.527086] ^ [ 32.527619] fff00000c5925080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 32.528885] fff00000c5925100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.529650] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 32.392317] ================================================================== [ 32.393710] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x33c/0x428 [ 32.394539] Read of size 1 at addr fff00000c59220c8 by task kunit_try_catch/196 [ 32.395395] [ 32.395727] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.397403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.398358] Hardware name: linux,dummy-virt (DT) [ 32.399035] Call trace: [ 32.399473] show_stack+0x20/0x38 (C) [ 32.400045] dump_stack_lvl+0x8c/0xd0 [ 32.400919] print_report+0x118/0x5e0 [ 32.401463] kasan_report+0xc8/0x118 [ 32.402308] __asan_report_load1_noabort+0x20/0x30 [ 32.403023] kmem_cache_oob+0x33c/0x428 [ 32.403550] kunit_try_run_case+0x14c/0x3d0 [ 32.404253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.405941] kthread+0x24c/0x2d0 [ 32.406616] ret_from_fork+0x10/0x20 [ 32.407181] [ 32.407539] Allocated by task 196: [ 32.408089] kasan_save_stack+0x3c/0x68 [ 32.409252] kasan_save_track+0x20/0x40 [ 32.409782] kasan_save_alloc_info+0x40/0x58 [ 32.410591] __kasan_slab_alloc+0xa8/0xb0 [ 32.411213] kmem_cache_alloc_noprof+0x108/0x3a0 [ 32.412137] kmem_cache_oob+0x12c/0x428 [ 32.412982] kunit_try_run_case+0x14c/0x3d0 [ 32.414161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.415022] kthread+0x24c/0x2d0 [ 32.415682] ret_from_fork+0x10/0x20 [ 32.416446] [ 32.416929] The buggy address belongs to the object at fff00000c5922000 [ 32.416929] which belongs to the cache test_cache of size 200 [ 32.418148] The buggy address is located 0 bytes to the right of [ 32.418148] allocated 200-byte region [fff00000c5922000, fff00000c59220c8) [ 32.419514] [ 32.419943] The buggy address belongs to the physical page: [ 32.420583] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105922 [ 32.421932] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.423189] page_type: f5(slab) [ 32.423806] raw: 0bfffe0000000000 fff00000c56ba280 dead000000000122 0000000000000000 [ 32.424851] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 32.426125] page dumped because: kasan: bad access detected [ 32.426798] [ 32.427215] Memory state around the buggy address: [ 32.427821] fff00000c5921f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.429432] fff00000c5922000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.430559] >fff00000c5922080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 32.431303] ^ [ 32.432019] fff00000c5922100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.433303] fff00000c5922180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.434105] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 32.301550] ================================================================== [ 32.302935] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 32.303768] Read of size 8 at addr fff00000c647a8c0 by task kunit_try_catch/189 [ 32.305293] [ 32.305616] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.306637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.307831] Hardware name: linux,dummy-virt (DT) [ 32.308783] Call trace: [ 32.309161] show_stack+0x20/0x38 (C) [ 32.309815] dump_stack_lvl+0x8c/0xd0 [ 32.310414] print_report+0x118/0x5e0 [ 32.311041] kasan_report+0xc8/0x118 [ 32.311650] __asan_report_load8_noabort+0x20/0x30 [ 32.312384] workqueue_uaf+0x480/0x4a8 [ 32.313362] kunit_try_run_case+0x14c/0x3d0 [ 32.314029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.315021] kthread+0x24c/0x2d0 [ 32.315322] ret_from_fork+0x10/0x20 [ 32.315593] [ 32.315748] Allocated by task 189: [ 32.315994] kasan_save_stack+0x3c/0x68 [ 32.316517] kasan_save_track+0x20/0x40 [ 32.317485] kasan_save_alloc_info+0x40/0x58 [ 32.318174] __kasan_kmalloc+0xd4/0xd8 [ 32.318727] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.319522] workqueue_uaf+0x13c/0x4a8 [ 32.320298] kunit_try_run_case+0x14c/0x3d0 [ 32.321500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.322057] kthread+0x24c/0x2d0 [ 32.322685] ret_from_fork+0x10/0x20 [ 32.323278] [ 32.323639] Freed by task 8: [ 32.324198] kasan_save_stack+0x3c/0x68 [ 32.324773] kasan_save_track+0x20/0x40 [ 32.325980] kasan_save_free_info+0x4c/0x78 [ 32.326674] __kasan_slab_free+0x6c/0x98 [ 32.327312] kfree+0x114/0x3d0 [ 32.327881] workqueue_uaf_work+0x18/0x30 [ 32.329343] process_one_work+0x530/0xfa8 [ 32.330193] worker_thread+0x614/0xf28 [ 32.330821] kthread+0x24c/0x2d0 [ 32.331386] ret_from_fork+0x10/0x20 [ 32.332056] [ 32.332576] Last potentially related work creation: [ 32.334086] kasan_save_stack+0x3c/0x68 [ 32.334596] __kasan_record_aux_stack+0xbc/0xe8 [ 32.335464] kasan_record_aux_stack_noalloc+0x14/0x20 [ 32.336323] __queue_work+0x654/0xfe0 [ 32.337075] queue_work_on+0xbc/0xf8 [ 32.337543] workqueue_uaf+0x210/0x4a8 [ 32.338046] kunit_try_run_case+0x14c/0x3d0 [ 32.338577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.340323] kthread+0x24c/0x2d0 [ 32.340796] ret_from_fork+0x10/0x20 [ 32.341432] [ 32.341769] The buggy address belongs to the object at fff00000c647a8c0 [ 32.341769] which belongs to the cache kmalloc-32 of size 32 [ 32.343155] The buggy address is located 0 bytes inside of [ 32.343155] freed 32-byte region [fff00000c647a8c0, fff00000c647a8e0) [ 32.345495] [ 32.345849] The buggy address belongs to the physical page: [ 32.347172] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10647a [ 32.348056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.349321] page_type: f5(slab) [ 32.349989] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 32.350943] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 32.351816] page dumped because: kasan: bad access detected [ 32.352495] [ 32.353345] Memory state around the buggy address: [ 32.353999] fff00000c647a780: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 32.354765] fff00000c647a800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 32.356737] >fff00000c647a880: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 32.357467] ^ [ 32.358126] fff00000c647a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.358950] fff00000c647a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.359688] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 32.221099] ================================================================== [ 32.222018] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 32.222855] Read of size 4 at addr fff00000c58e0280 by task swapper/1/0 [ 32.223529] [ 32.223934] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.12.0-next-20241126 #1 [ 32.224782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.225401] Hardware name: linux,dummy-virt (DT) [ 32.226065] Call trace: [ 32.226513] show_stack+0x20/0x38 (C) [ 32.227321] dump_stack_lvl+0x8c/0xd0 [ 32.227958] print_report+0x118/0x5e0 [ 32.228462] kasan_report+0xc8/0x118 [ 32.229343] __asan_report_load4_noabort+0x20/0x30 [ 32.230035] rcu_uaf_reclaim+0x64/0x70 [ 32.230663] rcu_core+0xa54/0x1df8 [ 32.231261] rcu_core_si+0x18/0x30 [ 32.231762] handle_softirqs+0x374/0xb20 [ 32.232599] __do_softirq+0x1c/0x28 [ 32.233174] ____do_softirq+0x18/0x30 [ 32.234016] call_on_irq_stack+0x24/0x58 [ 32.234741] do_softirq_own_stack+0x24/0x38 [ 32.235437] __irq_exit_rcu+0x1fc/0x318 [ 32.235988] irq_exit_rcu+0x1c/0x80 [ 32.236937] el1_interrupt+0x38/0x58 [ 32.237441] el1h_64_irq_handler+0x18/0x28 [ 32.238085] el1h_64_irq+0x6c/0x70 [ 32.238776] arch_local_irq_enable+0x4/0x8 (P) [ 32.239449] default_idle_call+0x6c/0x78 (L) [ 32.240112] do_idle+0x384/0x4e8 [ 32.240926] cpu_startup_entry+0x64/0x80 [ 32.241603] secondary_start_kernel+0x288/0x340 [ 32.242278] __secondary_switched+0xc0/0xc8 [ 32.242825] [ 32.243197] Allocated by task 187: [ 32.243700] kasan_save_stack+0x3c/0x68 [ 32.244250] kasan_save_track+0x20/0x40 [ 32.245147] kasan_save_alloc_info+0x40/0x58 [ 32.245658] __kasan_kmalloc+0xd4/0xd8 [ 32.246101] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.246578] rcu_uaf+0xb0/0x2d0 [ 32.247323] kunit_try_run_case+0x14c/0x3d0 [ 32.248038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.249216] kthread+0x24c/0x2d0 [ 32.249754] ret_from_fork+0x10/0x20 [ 32.250186] [ 32.250491] Freed by task 0: [ 32.251043] kasan_save_stack+0x3c/0x68 [ 32.251582] kasan_save_track+0x20/0x40 [ 32.252316] kasan_save_free_info+0x4c/0x78 [ 32.253235] __kasan_slab_free+0x6c/0x98 [ 32.253924] kfree+0x114/0x3d0 [ 32.254552] rcu_uaf_reclaim+0x28/0x70 [ 32.255101] rcu_core+0xa54/0x1df8 [ 32.255764] rcu_core_si+0x18/0x30 [ 32.256359] handle_softirqs+0x374/0xb20 [ 32.256988] __do_softirq+0x1c/0x28 [ 32.257482] [ 32.257876] Last potentially related work creation: [ 32.258794] kasan_save_stack+0x3c/0x68 [ 32.259475] __kasan_record_aux_stack+0xbc/0xe8 [ 32.260078] kasan_record_aux_stack_noalloc+0x14/0x20 [ 32.261065] __call_rcu_common.constprop.0+0x74/0xa18 [ 32.261788] call_rcu+0x18/0x30 [ 32.262342] rcu_uaf+0x14c/0x2d0 [ 32.262921] kunit_try_run_case+0x14c/0x3d0 [ 32.263579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.264993] kthread+0x24c/0x2d0 [ 32.265742] ret_from_fork+0x10/0x20 [ 32.266280] [ 32.266692] The buggy address belongs to the object at fff00000c58e0280 [ 32.266692] which belongs to the cache kmalloc-32 of size 32 [ 32.267960] The buggy address is located 0 bytes inside of [ 32.267960] freed 32-byte region [fff00000c58e0280, fff00000c58e02a0) [ 32.269551] [ 32.269938] The buggy address belongs to the physical page: [ 32.270676] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058e0 [ 32.271617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.272814] page_type: f5(slab) [ 32.273352] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 32.274266] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 32.275183] page dumped because: kasan: bad access detected [ 32.275917] [ 32.276560] Memory state around the buggy address: [ 32.277281] fff00000c58e0180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.278035] fff00000c58e0200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.278895] >fff00000c58e0280: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 32.279745] ^ [ 32.280601] fff00000c58e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.281547] fff00000c58e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.282434] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 32.091015] ================================================================== [ 32.091893] BUG: KASAN: slab-use-after-free in ksize_uaf+0x59c/0x600 [ 32.092729] Read of size 1 at addr fff00000c5915300 by task kunit_try_catch/185 [ 32.093525] [ 32.094374] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.095473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.096074] Hardware name: linux,dummy-virt (DT) [ 32.097837] Call trace: [ 32.098274] show_stack+0x20/0x38 (C) [ 32.098794] dump_stack_lvl+0x8c/0xd0 [ 32.099459] print_report+0x118/0x5e0 [ 32.099987] kasan_report+0xc8/0x118 [ 32.101017] __asan_report_load1_noabort+0x20/0x30 [ 32.101681] ksize_uaf+0x59c/0x600 [ 32.102178] kunit_try_run_case+0x14c/0x3d0 [ 32.102878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.103559] kthread+0x24c/0x2d0 [ 32.104218] ret_from_fork+0x10/0x20 [ 32.105442] [ 32.105734] Allocated by task 185: [ 32.106611] kasan_save_stack+0x3c/0x68 [ 32.107351] kasan_save_track+0x20/0x40 [ 32.107879] kasan_save_alloc_info+0x40/0x58 [ 32.108512] __kasan_kmalloc+0xd4/0xd8 [ 32.109504] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.110155] ksize_uaf+0xb8/0x600 [ 32.110689] kunit_try_run_case+0x14c/0x3d0 [ 32.111403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.112139] kthread+0x24c/0x2d0 [ 32.113212] ret_from_fork+0x10/0x20 [ 32.113935] [ 32.114227] Freed by task 185: [ 32.114825] kasan_save_stack+0x3c/0x68 [ 32.115544] kasan_save_track+0x20/0x40 [ 32.116217] kasan_save_free_info+0x4c/0x78 [ 32.117263] __kasan_slab_free+0x6c/0x98 [ 32.117856] kfree+0x114/0x3d0 [ 32.118418] ksize_uaf+0x11c/0x600 [ 32.119015] kunit_try_run_case+0x14c/0x3d0 [ 32.119538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.120555] kthread+0x24c/0x2d0 [ 32.121616] ret_from_fork+0x10/0x20 [ 32.122460] [ 32.122826] The buggy address belongs to the object at fff00000c5915300 [ 32.122826] which belongs to the cache kmalloc-128 of size 128 [ 32.124014] The buggy address is located 0 bytes inside of [ 32.124014] freed 128-byte region [fff00000c5915300, fff00000c5915380) [ 32.125922] [ 32.126322] The buggy address belongs to the physical page: [ 32.126958] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105915 [ 32.127897] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.128863] page_type: f5(slab) [ 32.129869] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.130680] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.131849] page dumped because: kasan: bad access detected [ 32.133317] [ 32.133619] Memory state around the buggy address: [ 32.134513] fff00000c5915200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.135463] fff00000c5915280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.136264] >fff00000c5915300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.137242] ^ [ 32.137641] fff00000c5915380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.138469] fff00000c5915400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.139402] ================================================================== [ 32.140955] ================================================================== [ 32.141861] BUG: KASAN: slab-use-after-free in ksize_uaf+0x548/0x600 [ 32.142787] Read of size 1 at addr fff00000c5915378 by task kunit_try_catch/185 [ 32.143687] [ 32.144164] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.145542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.146165] Hardware name: linux,dummy-virt (DT) [ 32.146842] Call trace: [ 32.147933] show_stack+0x20/0x38 (C) [ 32.148800] dump_stack_lvl+0x8c/0xd0 [ 32.149315] print_report+0x118/0x5e0 [ 32.150237] kasan_report+0xc8/0x118 [ 32.150864] __asan_report_load1_noabort+0x20/0x30 [ 32.151711] ksize_uaf+0x548/0x600 [ 32.152761] kunit_try_run_case+0x14c/0x3d0 [ 32.153475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.154457] kthread+0x24c/0x2d0 [ 32.154826] ret_from_fork+0x10/0x20 [ 32.155499] [ 32.155919] Allocated by task 185: [ 32.156439] kasan_save_stack+0x3c/0x68 [ 32.157357] kasan_save_track+0x20/0x40 [ 32.158123] kasan_save_alloc_info+0x40/0x58 [ 32.158798] __kasan_kmalloc+0xd4/0xd8 [ 32.159382] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.160072] ksize_uaf+0xb8/0x600 [ 32.160541] kunit_try_run_case+0x14c/0x3d0 [ 32.161204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.161896] kthread+0x24c/0x2d0 [ 32.163248] ret_from_fork+0x10/0x20 [ 32.163765] [ 32.164148] Freed by task 185: [ 32.165129] kasan_save_stack+0x3c/0x68 [ 32.165696] kasan_save_track+0x20/0x40 [ 32.166325] kasan_save_free_info+0x4c/0x78 [ 32.166934] __kasan_slab_free+0x6c/0x98 [ 32.167515] kfree+0x114/0x3d0 [ 32.168212] ksize_uaf+0x11c/0x600 [ 32.169669] kunit_try_run_case+0x14c/0x3d0 [ 32.170251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.171069] kthread+0x24c/0x2d0 [ 32.171592] ret_from_fork+0x10/0x20 [ 32.172207] [ 32.172559] The buggy address belongs to the object at fff00000c5915300 [ 32.172559] which belongs to the cache kmalloc-128 of size 128 [ 32.174470] The buggy address is located 120 bytes inside of [ 32.174470] freed 128-byte region [fff00000c5915300, fff00000c5915380) [ 32.176311] [ 32.176820] The buggy address belongs to the physical page: [ 32.177563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105915 [ 32.178464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.179359] page_type: f5(slab) [ 32.179870] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.180482] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.180854] page dumped because: kasan: bad access detected [ 32.182094] [ 32.182500] Memory state around the buggy address: [ 32.183232] fff00000c5915200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.184179] fff00000c5915280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.186113] >fff00000c5915300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.187271] ^ [ 32.188469] fff00000c5915380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.189639] fff00000c5915400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.190373] ================================================================== [ 32.038917] ================================================================== [ 32.040073] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x600 [ 32.040884] Read of size 1 at addr fff00000c5915300 by task kunit_try_catch/185 [ 32.042321] [ 32.042664] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 32.043858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.044884] Hardware name: linux,dummy-virt (DT) [ 32.046090] Call trace: [ 32.046552] show_stack+0x20/0x38 (C) [ 32.047291] dump_stack_lvl+0x8c/0xd0 [ 32.047962] print_report+0x118/0x5e0 [ 32.048721] kasan_report+0xc8/0x118 [ 32.049217] __kasan_check_byte+0x54/0x70 [ 32.049798] ksize+0x30/0x88 [ 32.050547] ksize_uaf+0x168/0x600 [ 32.051045] kunit_try_run_case+0x14c/0x3d0 [ 32.051768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.052592] kthread+0x24c/0x2d0 [ 32.053575] ret_from_fork+0x10/0x20 [ 32.054191] [ 32.054606] Allocated by task 185: [ 32.055146] kasan_save_stack+0x3c/0x68 [ 32.055757] kasan_save_track+0x20/0x40 [ 32.056321] kasan_save_alloc_info+0x40/0x58 [ 32.057043] __kasan_kmalloc+0xd4/0xd8 [ 32.057654] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.058233] ksize_uaf+0xb8/0x600 [ 32.058692] kunit_try_run_case+0x14c/0x3d0 [ 32.060037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.061028] kthread+0x24c/0x2d0 [ 32.061759] ret_from_fork+0x10/0x20 [ 32.062433] [ 32.062852] Freed by task 185: [ 32.063542] kasan_save_stack+0x3c/0x68 [ 32.064290] kasan_save_track+0x20/0x40 [ 32.065018] kasan_save_free_info+0x4c/0x78 [ 32.065508] __kasan_slab_free+0x6c/0x98 [ 32.066269] kfree+0x114/0x3d0 [ 32.066958] ksize_uaf+0x11c/0x600 [ 32.067623] kunit_try_run_case+0x14c/0x3d0 [ 32.068455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.069309] kthread+0x24c/0x2d0 [ 32.070247] ret_from_fork+0x10/0x20 [ 32.070789] [ 32.071220] The buggy address belongs to the object at fff00000c5915300 [ 32.071220] which belongs to the cache kmalloc-128 of size 128 [ 32.072574] The buggy address is located 0 bytes inside of [ 32.072574] freed 128-byte region [fff00000c5915300, fff00000c5915380) [ 32.074682] [ 32.075117] The buggy address belongs to the physical page: [ 32.075773] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105915 [ 32.076845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.078055] page_type: f5(slab) [ 32.078631] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.079597] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.081209] page dumped because: kasan: bad access detected [ 32.081985] [ 32.082385] Memory state around the buggy address: [ 32.083049] fff00000c5915200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.084004] fff00000c5915280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.084891] >fff00000c5915300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.086015] ^ [ 32.086536] fff00000c5915380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.087323] fff00000c5915400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.088147] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 31.990593] ================================================================== [ 31.991304] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x6a0/0x750 [ 31.992077] Read of size 1 at addr fff00000c591527f by task kunit_try_catch/183 [ 31.992748] [ 31.993829] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.995142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.995568] Hardware name: linux,dummy-virt (DT) [ 31.996537] Call trace: [ 31.997263] show_stack+0x20/0x38 (C) [ 31.997698] dump_stack_lvl+0x8c/0xd0 [ 31.998358] print_report+0x118/0x5e0 [ 31.999030] kasan_report+0xc8/0x118 [ 31.999560] __asan_report_load1_noabort+0x20/0x30 [ 32.000316] ksize_unpoisons_memory+0x6a0/0x750 [ 32.001506] kunit_try_run_case+0x14c/0x3d0 [ 32.002147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.002959] kthread+0x24c/0x2d0 [ 32.003544] ret_from_fork+0x10/0x20 [ 32.004200] [ 32.004564] Allocated by task 183: [ 32.005433] kasan_save_stack+0x3c/0x68 [ 32.006076] kasan_save_track+0x20/0x40 [ 32.006577] kasan_save_alloc_info+0x40/0x58 [ 32.007151] __kasan_kmalloc+0xd4/0xd8 [ 32.007754] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.009070] ksize_unpoisons_memory+0xc0/0x750 [ 32.009547] kunit_try_run_case+0x14c/0x3d0 [ 32.009834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.010750] kthread+0x24c/0x2d0 [ 32.011373] ret_from_fork+0x10/0x20 [ 32.012083] [ 32.012950] The buggy address belongs to the object at fff00000c5915200 [ 32.012950] which belongs to the cache kmalloc-128 of size 128 [ 32.014379] The buggy address is located 12 bytes to the right of [ 32.014379] allocated 115-byte region [fff00000c5915200, fff00000c5915273) [ 32.015819] [ 32.016246] The buggy address belongs to the physical page: [ 32.017040] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105915 [ 32.018337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.019045] page_type: f5(slab) [ 32.019844] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.021044] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.021424] page dumped because: kasan: bad access detected [ 32.021719] [ 32.021870] Memory state around the buggy address: [ 32.022438] fff00000c5915100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.023390] fff00000c5915180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.024047] >fff00000c5915200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 32.026178] ^ [ 32.027172] fff00000c5915280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.027550] fff00000c5915300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.027942] ================================================================== [ 31.946125] ================================================================== [ 31.946773] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x750 [ 31.948450] Read of size 1 at addr fff00000c5915278 by task kunit_try_catch/183 [ 31.950836] [ 31.951207] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.953118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.954084] Hardware name: linux,dummy-virt (DT) [ 31.954766] Call trace: [ 31.955424] show_stack+0x20/0x38 (C) [ 31.955972] dump_stack_lvl+0x8c/0xd0 [ 31.956845] print_report+0x118/0x5e0 [ 31.957461] kasan_report+0xc8/0x118 [ 31.958083] __asan_report_load1_noabort+0x20/0x30 [ 31.958796] ksize_unpoisons_memory+0x628/0x750 [ 31.959536] kunit_try_run_case+0x14c/0x3d0 [ 31.960224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.961384] kthread+0x24c/0x2d0 [ 31.961849] ret_from_fork+0x10/0x20 [ 31.962351] [ 31.963396] Allocated by task 183: [ 31.964043] kasan_save_stack+0x3c/0x68 [ 31.964840] kasan_save_track+0x20/0x40 [ 31.965882] kasan_save_alloc_info+0x40/0x58 [ 31.966613] __kasan_kmalloc+0xd4/0xd8 [ 31.967089] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.967771] ksize_unpoisons_memory+0xc0/0x750 [ 31.968612] kunit_try_run_case+0x14c/0x3d0 [ 31.969429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.969992] kthread+0x24c/0x2d0 [ 31.970524] ret_from_fork+0x10/0x20 [ 31.971139] [ 31.971506] The buggy address belongs to the object at fff00000c5915200 [ 31.971506] which belongs to the cache kmalloc-128 of size 128 [ 31.973545] The buggy address is located 5 bytes to the right of [ 31.973545] allocated 115-byte region [fff00000c5915200, fff00000c5915273) [ 31.974803] [ 31.975466] The buggy address belongs to the physical page: [ 31.976200] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105915 [ 31.977575] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.978545] page_type: f5(slab) [ 31.979112] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.980078] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.981285] page dumped because: kasan: bad access detected [ 31.982139] [ 31.982512] Memory state around the buggy address: [ 31.983248] fff00000c5915100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.984089] fff00000c5915180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.985318] >fff00000c5915200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 31.986112] ^ [ 31.986798] fff00000c5915280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.987524] fff00000c5915300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.988140] ================================================================== [ 31.903352] ================================================================== [ 31.904470] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x638/0x750 [ 31.905299] Read of size 1 at addr fff00000c5915273 by task kunit_try_catch/183 [ 31.906278] [ 31.906708] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.907785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.909076] Hardware name: linux,dummy-virt (DT) [ 31.909732] Call trace: [ 31.910166] show_stack+0x20/0x38 (C) [ 31.910822] dump_stack_lvl+0x8c/0xd0 [ 31.911859] print_report+0x118/0x5e0 [ 31.912754] kasan_report+0xc8/0x118 [ 31.913312] __asan_report_load1_noabort+0x20/0x30 [ 31.913922] ksize_unpoisons_memory+0x638/0x750 [ 31.914627] kunit_try_run_case+0x14c/0x3d0 [ 31.915283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.915979] kthread+0x24c/0x2d0 [ 31.916579] ret_from_fork+0x10/0x20 [ 31.917616] [ 31.918213] Allocated by task 183: [ 31.918760] kasan_save_stack+0x3c/0x68 [ 31.919304] kasan_save_track+0x20/0x40 [ 31.919824] kasan_save_alloc_info+0x40/0x58 [ 31.921031] __kasan_kmalloc+0xd4/0xd8 [ 31.921773] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.922618] ksize_unpoisons_memory+0xc0/0x750 [ 31.923432] kunit_try_run_case+0x14c/0x3d0 [ 31.924270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.925626] kthread+0x24c/0x2d0 [ 31.926095] ret_from_fork+0x10/0x20 [ 31.926872] [ 31.927430] The buggy address belongs to the object at fff00000c5915200 [ 31.927430] which belongs to the cache kmalloc-128 of size 128 [ 31.928986] The buggy address is located 0 bytes to the right of [ 31.928986] allocated 115-byte region [fff00000c5915200, fff00000c5915273) [ 31.930254] [ 31.930600] The buggy address belongs to the physical page: [ 31.931803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105915 [ 31.932809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.933978] page_type: f5(slab) [ 31.934670] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.935712] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.937118] page dumped because: kasan: bad access detected [ 31.937792] [ 31.938122] Memory state around the buggy address: [ 31.938820] fff00000c5915100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.939675] fff00000c5915180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.940399] >fff00000c5915200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 31.941250] ^ [ 31.941986] fff00000c5915280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.942820] fff00000c5915300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.944059] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 31.845839] ================================================================== [ 31.846679] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 31.847474] Free of addr fff00000c599a880 by task kunit_try_catch/181 [ 31.848036] [ 31.849448] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.850512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.851015] Hardware name: linux,dummy-virt (DT) [ 31.851698] Call trace: [ 31.852212] show_stack+0x20/0x38 (C) [ 31.853127] dump_stack_lvl+0x8c/0xd0 [ 31.853745] print_report+0x118/0x5e0 [ 31.854381] kasan_report_invalid_free+0xb0/0xd8 [ 31.855020] check_slab_allocation+0xd4/0x108 [ 31.855741] __kasan_slab_pre_free+0x2c/0x48 [ 31.856331] kfree+0xe8/0x3d0 [ 31.856949] kfree_sensitive+0x3c/0xb0 [ 31.857499] kmalloc_double_kzfree+0x168/0x308 [ 31.858160] kunit_try_run_case+0x14c/0x3d0 [ 31.858705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.859764] kthread+0x24c/0x2d0 [ 31.860328] ret_from_fork+0x10/0x20 [ 31.861249] [ 31.861569] Allocated by task 181: [ 31.862135] kasan_save_stack+0x3c/0x68 [ 31.862774] kasan_save_track+0x20/0x40 [ 31.863275] kasan_save_alloc_info+0x40/0x58 [ 31.863944] __kasan_kmalloc+0xd4/0xd8 [ 31.864828] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.865451] kmalloc_double_kzfree+0xb8/0x308 [ 31.866065] kunit_try_run_case+0x14c/0x3d0 [ 31.866586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.867359] kthread+0x24c/0x2d0 [ 31.867927] ret_from_fork+0x10/0x20 [ 31.868897] [ 31.869176] Freed by task 181: [ 31.869524] kasan_save_stack+0x3c/0x68 [ 31.870345] kasan_save_track+0x20/0x40 [ 31.870999] kasan_save_free_info+0x4c/0x78 [ 31.871568] __kasan_slab_free+0x6c/0x98 [ 31.872158] kfree+0x114/0x3d0 [ 31.872745] kfree_sensitive+0x80/0xb0 [ 31.873399] kmalloc_double_kzfree+0x11c/0x308 [ 31.874115] kunit_try_run_case+0x14c/0x3d0 [ 31.874811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.875509] kthread+0x24c/0x2d0 [ 31.875999] ret_from_fork+0x10/0x20 [ 31.876588] [ 31.876895] The buggy address belongs to the object at fff00000c599a880 [ 31.876895] which belongs to the cache kmalloc-16 of size 16 [ 31.878365] The buggy address is located 0 bytes inside of [ 31.878365] 16-byte region [fff00000c599a880, fff00000c599a890) [ 31.879528] [ 31.879890] The buggy address belongs to the physical page: [ 31.880839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599a [ 31.881831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.882590] page_type: f5(slab) [ 31.883168] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.884043] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.885226] page dumped because: kasan: bad access detected [ 31.885874] [ 31.886248] Memory state around the buggy address: [ 31.886754] fff00000c599a780: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 31.887667] fff00000c599a800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.888721] >fff00000c599a880: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.889460] ^ [ 31.890008] fff00000c599a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.890785] fff00000c599a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.892171] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 31.794385] ================================================================== [ 31.795859] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 31.796587] Read of size 1 at addr fff00000c599a880 by task kunit_try_catch/181 [ 31.798088] [ 31.798479] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.799698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.800299] Hardware name: linux,dummy-virt (DT) [ 31.800831] Call trace: [ 31.801500] show_stack+0x20/0x38 (C) [ 31.802161] dump_stack_lvl+0x8c/0xd0 [ 31.802804] print_report+0x118/0x5e0 [ 31.803428] kasan_report+0xc8/0x118 [ 31.804067] __kasan_check_byte+0x54/0x70 [ 31.805021] kfree_sensitive+0x30/0xb0 [ 31.805635] kmalloc_double_kzfree+0x168/0x308 [ 31.806313] kunit_try_run_case+0x14c/0x3d0 [ 31.806969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.807703] kthread+0x24c/0x2d0 [ 31.808190] ret_from_fork+0x10/0x20 [ 31.809130] [ 31.809487] Allocated by task 181: [ 31.810040] kasan_save_stack+0x3c/0x68 [ 31.810612] kasan_save_track+0x20/0x40 [ 31.811209] kasan_save_alloc_info+0x40/0x58 [ 31.811875] __kasan_kmalloc+0xd4/0xd8 [ 31.812784] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.813379] kmalloc_double_kzfree+0xb8/0x308 [ 31.814044] kunit_try_run_case+0x14c/0x3d0 [ 31.814623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.815350] kthread+0x24c/0x2d0 [ 31.815922] ret_from_fork+0x10/0x20 [ 31.816918] [ 31.817257] Freed by task 181: [ 31.817665] kasan_save_stack+0x3c/0x68 [ 31.818288] kasan_save_track+0x20/0x40 [ 31.819687] kasan_save_free_info+0x4c/0x78 [ 31.820338] __kasan_slab_free+0x6c/0x98 [ 31.820969] kfree+0x114/0x3d0 [ 31.821478] kfree_sensitive+0x80/0xb0 [ 31.822264] kmalloc_double_kzfree+0x11c/0x308 [ 31.822993] kunit_try_run_case+0x14c/0x3d0 [ 31.823547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.824229] kthread+0x24c/0x2d0 [ 31.825102] ret_from_fork+0x10/0x20 [ 31.825737] [ 31.826157] The buggy address belongs to the object at fff00000c599a880 [ 31.826157] which belongs to the cache kmalloc-16 of size 16 [ 31.827419] The buggy address is located 0 bytes inside of [ 31.827419] freed 16-byte region [fff00000c599a880, fff00000c599a890) [ 31.828960] [ 31.829328] The buggy address belongs to the physical page: [ 31.830084] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599a [ 31.830848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.831710] page_type: f5(slab) [ 31.832288] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.833181] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.834116] page dumped because: kasan: bad access detected [ 31.834814] [ 31.835145] Memory state around the buggy address: [ 31.835858] fff00000c599a780: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 31.837189] fff00000c599a800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.838262] >fff00000c599a880: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.839546] ^ [ 31.840163] fff00000c599a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.841312] fff00000c599a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.842320] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 31.667652] ================================================================== [ 31.669577] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 31.670805] Write of size 33 at addr fff00000c6499600 by task kunit_try_catch/175 [ 31.671498] [ 31.672089] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.673694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.674251] Hardware name: linux,dummy-virt (DT) [ 31.674828] Call trace: [ 31.675194] show_stack+0x20/0x38 (C) [ 31.675879] dump_stack_lvl+0x8c/0xd0 [ 31.676930] print_report+0x118/0x5e0 [ 31.677506] kasan_report+0xc8/0x118 [ 31.678068] kasan_check_range+0x100/0x1a8 [ 31.678656] __asan_memset+0x34/0x78 [ 31.679227] kmalloc_uaf_memset+0x170/0x310 [ 31.679785] kunit_try_run_case+0x14c/0x3d0 [ 31.680570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.681405] kthread+0x24c/0x2d0 [ 31.682147] ret_from_fork+0x10/0x20 [ 31.682657] [ 31.683035] Allocated by task 175: [ 31.683552] kasan_save_stack+0x3c/0x68 [ 31.684193] kasan_save_track+0x20/0x40 [ 31.685175] kasan_save_alloc_info+0x40/0x58 [ 31.685769] __kasan_kmalloc+0xd4/0xd8 [ 31.686362] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.687051] kmalloc_uaf_memset+0xb8/0x310 [ 31.687606] kunit_try_run_case+0x14c/0x3d0 [ 31.688133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.689005] kthread+0x24c/0x2d0 [ 31.689926] ret_from_fork+0x10/0x20 [ 31.690716] [ 31.691090] Freed by task 175: [ 31.691569] kasan_save_stack+0x3c/0x68 [ 31.692120] kasan_save_track+0x20/0x40 [ 31.693098] kasan_save_free_info+0x4c/0x78 [ 31.694146] __kasan_slab_free+0x6c/0x98 [ 31.694983] kfree+0x114/0x3d0 [ 31.695507] kmalloc_uaf_memset+0x11c/0x310 [ 31.696123] kunit_try_run_case+0x14c/0x3d0 [ 31.697085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.697813] kthread+0x24c/0x2d0 [ 31.698382] ret_from_fork+0x10/0x20 [ 31.699030] [ 31.699352] The buggy address belongs to the object at fff00000c6499600 [ 31.699352] which belongs to the cache kmalloc-64 of size 64 [ 31.700841] The buggy address is located 0 bytes inside of [ 31.700841] freed 64-byte region [fff00000c6499600, fff00000c6499640) [ 31.702244] [ 31.702619] The buggy address belongs to the physical page: [ 31.703173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106499 [ 31.704112] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.704972] page_type: f5(slab) [ 31.705572] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.706519] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.707532] page dumped because: kasan: bad access detected [ 31.708499] [ 31.708897] Memory state around the buggy address: [ 31.709671] fff00000c6499500: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 31.710697] fff00000c6499580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.711301] >fff00000c6499600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.712298] ^ [ 31.712951] fff00000c6499680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.713634] fff00000c6499700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.714681] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 31.551926] ================================================================== [ 31.553141] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e8 [ 31.554573] Read of size 64 at addr fff00000c6499484 by task kunit_try_catch/171 [ 31.555380] [ 31.556164] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.558462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.559148] Hardware name: linux,dummy-virt (DT) [ 31.559895] Call trace: [ 31.560578] show_stack+0x20/0x38 (C) [ 31.561806] dump_stack_lvl+0x8c/0xd0 [ 31.562651] print_report+0x118/0x5e0 [ 31.563434] kasan_report+0xc8/0x118 [ 31.564195] kasan_check_range+0x100/0x1a8 [ 31.565137] __asan_memmove+0x3c/0x98 [ 31.565886] kmalloc_memmove_invalid_size+0x154/0x2e8 [ 31.566753] kunit_try_run_case+0x14c/0x3d0 [ 31.567552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.568520] kthread+0x24c/0x2d0 [ 31.569047] ret_from_fork+0x10/0x20 [ 31.569426] [ 31.570050] Allocated by task 171: [ 31.570619] kasan_save_stack+0x3c/0x68 [ 31.571502] kasan_save_track+0x20/0x40 [ 31.572298] kasan_save_alloc_info+0x40/0x58 [ 31.573453] __kasan_kmalloc+0xd4/0xd8 [ 31.573943] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.574859] kmalloc_memmove_invalid_size+0xb0/0x2e8 [ 31.575698] kunit_try_run_case+0x14c/0x3d0 [ 31.576191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.577310] kthread+0x24c/0x2d0 [ 31.578036] ret_from_fork+0x10/0x20 [ 31.578546] [ 31.578866] The buggy address belongs to the object at fff00000c6499480 [ 31.578866] which belongs to the cache kmalloc-64 of size 64 [ 31.580673] The buggy address is located 4 bytes inside of [ 31.580673] allocated 64-byte region [fff00000c6499480, fff00000c64994c0) [ 31.582355] [ 31.582937] The buggy address belongs to the physical page: [ 31.583762] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106499 [ 31.584847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.585616] page_type: f5(slab) [ 31.586524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.587439] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.588309] page dumped because: kasan: bad access detected [ 31.588978] [ 31.589392] Memory state around the buggy address: [ 31.589966] fff00000c6499380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.590932] fff00000c6499400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.591690] >fff00000c6499480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 31.593153] ^ [ 31.593980] fff00000c6499500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.594974] fff00000c6499580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.596136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 31.499720] ================================================================== [ 31.501035] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 31.502785] Read of size 18446744073709551614 at addr fff00000c58d3804 by task kunit_try_catch/169 [ 31.503973] [ 31.504558] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.505480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.506211] Hardware name: linux,dummy-virt (DT) [ 31.506957] Call trace: [ 31.507352] show_stack+0x20/0x38 (C) [ 31.508090] dump_stack_lvl+0x8c/0xd0 [ 31.508716] print_report+0x118/0x5e0 [ 31.509704] kasan_report+0xc8/0x118 [ 31.510347] kasan_check_range+0x100/0x1a8 [ 31.510994] __asan_memmove+0x3c/0x98 [ 31.512194] kmalloc_memmove_negative_size+0x154/0x2e0 [ 31.513253] kunit_try_run_case+0x14c/0x3d0 [ 31.513920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.514693] kthread+0x24c/0x2d0 [ 31.515327] ret_from_fork+0x10/0x20 [ 31.515942] [ 31.516248] Allocated by task 169: [ 31.516849] kasan_save_stack+0x3c/0x68 [ 31.517661] kasan_save_track+0x20/0x40 [ 31.518128] kasan_save_alloc_info+0x40/0x58 [ 31.518723] __kasan_kmalloc+0xd4/0xd8 [ 31.519421] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.520151] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 31.520966] kunit_try_run_case+0x14c/0x3d0 [ 31.521550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.522949] kthread+0x24c/0x2d0 [ 31.523355] ret_from_fork+0x10/0x20 [ 31.523990] [ 31.524397] The buggy address belongs to the object at fff00000c58d3800 [ 31.524397] which belongs to the cache kmalloc-64 of size 64 [ 31.526094] The buggy address is located 4 bytes inside of [ 31.526094] 64-byte region [fff00000c58d3800, fff00000c58d3840) [ 31.527627] [ 31.528008] The buggy address belongs to the physical page: [ 31.528819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058d3 [ 31.529719] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.530608] page_type: f5(slab) [ 31.531544] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.532541] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.533208] page dumped because: kasan: bad access detected [ 31.533839] [ 31.534259] Memory state around the buggy address: [ 31.534990] fff00000c58d3700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 31.535969] fff00000c58d3780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.536962] >fff00000c58d3800: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 31.537823] ^ [ 31.538414] fff00000c58d3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.539525] fff00000c58d3900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.540760] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 31.449329] ================================================================== [ 31.450516] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 31.451452] Write of size 16 at addr fff00000c5685469 by task kunit_try_catch/167 [ 31.452263] [ 31.453020] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.454206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.454743] Hardware name: linux,dummy-virt (DT) [ 31.455357] Call trace: [ 31.455803] show_stack+0x20/0x38 (C) [ 31.456550] dump_stack_lvl+0x8c/0xd0 [ 31.457497] print_report+0x118/0x5e0 [ 31.458140] kasan_report+0xc8/0x118 [ 31.458750] kasan_check_range+0x100/0x1a8 [ 31.459394] __asan_memset+0x34/0x78 [ 31.460021] kmalloc_oob_memset_16+0x150/0x2f8 [ 31.460995] kunit_try_run_case+0x14c/0x3d0 [ 31.461651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.462633] kthread+0x24c/0x2d0 [ 31.463342] ret_from_fork+0x10/0x20 [ 31.464121] [ 31.464731] Allocated by task 167: [ 31.465240] kasan_save_stack+0x3c/0x68 [ 31.465865] kasan_save_track+0x20/0x40 [ 31.466406] kasan_save_alloc_info+0x40/0x58 [ 31.467124] __kasan_kmalloc+0xd4/0xd8 [ 31.467696] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.468674] kmalloc_oob_memset_16+0xb0/0x2f8 [ 31.469256] kunit_try_run_case+0x14c/0x3d0 [ 31.469738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.470581] kthread+0x24c/0x2d0 [ 31.471186] ret_from_fork+0x10/0x20 [ 31.471758] [ 31.472113] The buggy address belongs to the object at fff00000c5685400 [ 31.472113] which belongs to the cache kmalloc-128 of size 128 [ 31.474034] The buggy address is located 105 bytes inside of [ 31.474034] allocated 120-byte region [fff00000c5685400, fff00000c5685478) [ 31.474926] [ 31.475875] The buggy address belongs to the physical page: [ 31.476801] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105685 [ 31.477775] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.478553] page_type: f5(slab) [ 31.479078] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.479884] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.480993] page dumped because: kasan: bad access detected [ 31.481652] [ 31.481940] Memory state around the buggy address: [ 31.482574] fff00000c5685300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.483367] fff00000c5685380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.484260] >fff00000c5685400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.485665] ^ [ 31.486734] fff00000c5685480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.487552] fff00000c5685500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.488340] ================================================================== [ 31.297147] ================================================================== [ 31.298121] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 31.299448] Write of size 2 at addr fff00000c648be77 by task kunit_try_catch/161 [ 31.300523] [ 31.300861] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.302204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.302815] Hardware name: linux,dummy-virt (DT) [ 31.303620] Call trace: [ 31.304211] show_stack+0x20/0x38 (C) [ 31.305081] dump_stack_lvl+0x8c/0xd0 [ 31.305691] print_report+0x118/0x5e0 [ 31.306574] kasan_report+0xc8/0x118 [ 31.307196] kasan_check_range+0x100/0x1a8 [ 31.307842] __asan_memset+0x34/0x78 [ 31.308839] kmalloc_oob_memset_2+0x150/0x2f8 [ 31.309451] kunit_try_run_case+0x14c/0x3d0 [ 31.310185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.310946] kthread+0x24c/0x2d0 [ 31.311547] ret_from_fork+0x10/0x20 [ 31.312151] [ 31.312942] Allocated by task 161: [ 31.313362] kasan_save_stack+0x3c/0x68 [ 31.314044] kasan_save_track+0x20/0x40 [ 31.314563] kasan_save_alloc_info+0x40/0x58 [ 31.315312] __kasan_kmalloc+0xd4/0xd8 [ 31.315968] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.316527] kmalloc_oob_memset_2+0xb0/0x2f8 [ 31.317469] kunit_try_run_case+0x14c/0x3d0 [ 31.318089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.318713] kthread+0x24c/0x2d0 [ 31.319526] ret_from_fork+0x10/0x20 [ 31.320044] [ 31.320841] The buggy address belongs to the object at fff00000c648be00 [ 31.320841] which belongs to the cache kmalloc-128 of size 128 [ 31.322113] The buggy address is located 119 bytes inside of [ 31.322113] allocated 120-byte region [fff00000c648be00, fff00000c648be78) [ 31.323427] [ 31.323823] The buggy address belongs to the physical page: [ 31.324699] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648b [ 31.325957] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.326683] page_type: f5(slab) [ 31.327254] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.328541] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.329672] page dumped because: kasan: bad access detected [ 31.330150] [ 31.330353] Memory state around the buggy address: [ 31.330637] fff00000c648bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.331874] fff00000c648bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.332896] >fff00000c648be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.333512] ^ [ 31.334754] fff00000c648be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.335761] fff00000c648bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.336878] ================================================================== [ 31.347508] ================================================================== [ 31.348665] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 31.349419] Write of size 4 at addr fff00000c5685375 by task kunit_try_catch/163 [ 31.350304] [ 31.350715] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.352382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.353356] Hardware name: linux,dummy-virt (DT) [ 31.354071] Call trace: [ 31.354543] show_stack+0x20/0x38 (C) [ 31.355264] dump_stack_lvl+0x8c/0xd0 [ 31.355928] print_report+0x118/0x5e0 [ 31.356644] kasan_report+0xc8/0x118 [ 31.357215] kasan_check_range+0x100/0x1a8 [ 31.357813] __asan_memset+0x34/0x78 [ 31.358847] kmalloc_oob_memset_4+0x150/0x300 [ 31.359686] kunit_try_run_case+0x14c/0x3d0 [ 31.360672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.361631] kthread+0x24c/0x2d0 [ 31.362510] ret_from_fork+0x10/0x20 [ 31.363302] [ 31.363842] Allocated by task 163: [ 31.364342] kasan_save_stack+0x3c/0x68 [ 31.365353] kasan_save_track+0x20/0x40 [ 31.365897] kasan_save_alloc_info+0x40/0x58 [ 31.366488] __kasan_kmalloc+0xd4/0xd8 [ 31.367308] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.367928] kmalloc_oob_memset_4+0xb0/0x300 [ 31.368461] kunit_try_run_case+0x14c/0x3d0 [ 31.369406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.370081] kthread+0x24c/0x2d0 [ 31.370632] ret_from_fork+0x10/0x20 [ 31.371571] [ 31.371853] The buggy address belongs to the object at fff00000c5685300 [ 31.371853] which belongs to the cache kmalloc-128 of size 128 [ 31.373294] The buggy address is located 117 bytes inside of [ 31.373294] allocated 120-byte region [fff00000c5685300, fff00000c5685378) [ 31.374839] [ 31.375224] The buggy address belongs to the physical page: [ 31.375804] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105685 [ 31.377147] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.378012] page_type: f5(slab) [ 31.378576] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.379453] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.380226] page dumped because: kasan: bad access detected [ 31.381246] [ 31.381554] Memory state around the buggy address: [ 31.382177] fff00000c5685200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.382832] fff00000c5685280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.383741] >fff00000c5685300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.384884] ^ [ 31.385690] fff00000c5685380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.386535] fff00000c5685400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.387255] ================================================================== [ 31.397639] ================================================================== [ 31.398811] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 31.399602] Write of size 8 at addr fff00000c647b271 by task kunit_try_catch/165 [ 31.400726] [ 31.401069] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.402422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.403172] Hardware name: linux,dummy-virt (DT) [ 31.403897] Call trace: [ 31.404279] show_stack+0x20/0x38 (C) [ 31.405195] dump_stack_lvl+0x8c/0xd0 [ 31.405740] print_report+0x118/0x5e0 [ 31.406391] kasan_report+0xc8/0x118 [ 31.406974] kasan_check_range+0x100/0x1a8 [ 31.407544] __asan_memset+0x34/0x78 [ 31.408177] kmalloc_oob_memset_8+0x150/0x2f8 [ 31.408881] kunit_try_run_case+0x14c/0x3d0 [ 31.410039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.410872] kthread+0x24c/0x2d0 [ 31.411599] ret_from_fork+0x10/0x20 [ 31.412524] [ 31.412881] Allocated by task 165: [ 31.413444] kasan_save_stack+0x3c/0x68 [ 31.414223] kasan_save_track+0x20/0x40 [ 31.415024] kasan_save_alloc_info+0x40/0x58 [ 31.415728] __kasan_kmalloc+0xd4/0xd8 [ 31.416543] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.417340] kmalloc_oob_memset_8+0xb0/0x2f8 [ 31.418084] kunit_try_run_case+0x14c/0x3d0 [ 31.418526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.419495] kthread+0x24c/0x2d0 [ 31.419843] ret_from_fork+0x10/0x20 [ 31.420641] [ 31.421062] The buggy address belongs to the object at fff00000c647b200 [ 31.421062] which belongs to the cache kmalloc-128 of size 128 [ 31.422875] The buggy address is located 113 bytes inside of [ 31.422875] allocated 120-byte region [fff00000c647b200, fff00000c647b278) [ 31.424073] [ 31.424606] The buggy address belongs to the physical page: [ 31.425919] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10647b [ 31.426977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.427840] page_type: f5(slab) [ 31.428521] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.429570] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.430226] page dumped because: kasan: bad access detected [ 31.430920] [ 31.431316] Memory state around the buggy address: [ 31.432068] fff00000c647b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.433003] fff00000c647b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.434316] >fff00000c647b200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.435369] ^ [ 31.436273] fff00000c647b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.437359] fff00000c647b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.437981] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 31.247266] ================================================================== [ 31.248719] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 31.249530] Write of size 128 at addr fff00000c5685000 by task kunit_try_catch/159 [ 31.249954] [ 31.250306] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.251335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.251845] Hardware name: linux,dummy-virt (DT) [ 31.252529] Call trace: [ 31.252957] show_stack+0x20/0x38 (C) [ 31.253521] dump_stack_lvl+0x8c/0xd0 [ 31.254483] print_report+0x118/0x5e0 [ 31.255144] kasan_report+0xc8/0x118 [ 31.255764] kasan_check_range+0x100/0x1a8 [ 31.256655] __asan_memset+0x34/0x78 [ 31.257283] kmalloc_oob_in_memset+0x144/0x2d0 [ 31.257989] kunit_try_run_case+0x14c/0x3d0 [ 31.258578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.259380] kthread+0x24c/0x2d0 [ 31.259986] ret_from_fork+0x10/0x20 [ 31.260869] [ 31.261239] Allocated by task 159: [ 31.261655] kasan_save_stack+0x3c/0x68 [ 31.262282] kasan_save_track+0x20/0x40 [ 31.262897] kasan_save_alloc_info+0x40/0x58 [ 31.263504] __kasan_kmalloc+0xd4/0xd8 [ 31.264119] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.265979] kmalloc_oob_in_memset+0xb0/0x2d0 [ 31.266533] kunit_try_run_case+0x14c/0x3d0 [ 31.267182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.267866] kthread+0x24c/0x2d0 [ 31.268627] ret_from_fork+0x10/0x20 [ 31.269149] [ 31.269515] The buggy address belongs to the object at fff00000c5685000 [ 31.269515] which belongs to the cache kmalloc-128 of size 128 [ 31.270713] The buggy address is located 0 bytes inside of [ 31.270713] allocated 120-byte region [fff00000c5685000, fff00000c5685078) [ 31.272004] [ 31.272327] The buggy address belongs to the physical page: [ 31.273292] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105685 [ 31.274187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.275722] page_type: f5(slab) [ 31.276236] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.277429] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.278522] page dumped because: kasan: bad access detected [ 31.279119] [ 31.279481] Memory state around the buggy address: [ 31.280149] fff00000c5684f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 31.281057] fff00000c5684f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 31.281857] >fff00000c5685000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.282755] ^ [ 31.283484] fff00000c5685080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.284960] fff00000c5685100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.285530] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 31.188848] ================================================================== [ 31.190241] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 31.190857] Read of size 16 at addr fff00000c599a840 by task kunit_try_catch/157 [ 31.191873] [ 31.192352] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.193779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.194494] Hardware name: linux,dummy-virt (DT) [ 31.195303] Call trace: [ 31.195851] show_stack+0x20/0x38 (C) [ 31.196713] dump_stack_lvl+0x8c/0xd0 [ 31.197575] print_report+0x118/0x5e0 [ 31.198538] kasan_report+0xc8/0x118 [ 31.199502] __asan_report_load16_noabort+0x20/0x30 [ 31.200643] kmalloc_uaf_16+0x3bc/0x438 [ 31.201383] kunit_try_run_case+0x14c/0x3d0 [ 31.201933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.202624] kthread+0x24c/0x2d0 [ 31.203238] ret_from_fork+0x10/0x20 [ 31.203917] [ 31.204375] Allocated by task 157: [ 31.204850] kasan_save_stack+0x3c/0x68 [ 31.205484] kasan_save_track+0x20/0x40 [ 31.206061] kasan_save_alloc_info+0x40/0x58 [ 31.206711] __kasan_kmalloc+0xd4/0xd8 [ 31.207211] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.207888] kmalloc_uaf_16+0x140/0x438 [ 31.208489] kunit_try_run_case+0x14c/0x3d0 [ 31.209155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.209826] kthread+0x24c/0x2d0 [ 31.211300] ret_from_fork+0x10/0x20 [ 31.211882] [ 31.212309] Freed by task 157: [ 31.212775] kasan_save_stack+0x3c/0x68 [ 31.213625] kasan_save_track+0x20/0x40 [ 31.214248] kasan_save_free_info+0x4c/0x78 [ 31.214820] __kasan_slab_free+0x6c/0x98 [ 31.215439] kfree+0x114/0x3d0 [ 31.215994] kmalloc_uaf_16+0x190/0x438 [ 31.216934] kunit_try_run_case+0x14c/0x3d0 [ 31.217447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.218216] kthread+0x24c/0x2d0 [ 31.218668] ret_from_fork+0x10/0x20 [ 31.219275] [ 31.219638] The buggy address belongs to the object at fff00000c599a840 [ 31.219638] which belongs to the cache kmalloc-16 of size 16 [ 31.221071] The buggy address is located 0 bytes inside of [ 31.221071] freed 16-byte region [fff00000c599a840, fff00000c599a850) [ 31.222297] [ 31.222673] The buggy address belongs to the physical page: [ 31.223403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599a [ 31.224631] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.225420] page_type: f5(slab) [ 31.226002] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.226965] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.227741] page dumped because: kasan: bad access detected [ 31.228929] [ 31.229196] Memory state around the buggy address: [ 31.229611] fff00000c599a700: 00 02 fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 31.230213] fff00000c599a780: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 31.231124] >fff00000c599a800: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 31.232006] ^ [ 31.232769] fff00000c599a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.233703] fff00000c599a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.234387] ================================================================== [ 31.607469] ================================================================== [ 31.608981] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 31.610314] Read of size 1 at addr fff00000c599a868 by task kunit_try_catch/173 [ 31.611241] [ 31.613090] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.614396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.615146] Hardware name: linux,dummy-virt (DT) [ 31.615983] Call trace: [ 31.616728] show_stack+0x20/0x38 (C) [ 31.617344] dump_stack_lvl+0x8c/0xd0 [ 31.618001] print_report+0x118/0x5e0 [ 31.618544] kasan_report+0xc8/0x118 [ 31.619224] __asan_report_load1_noabort+0x20/0x30 [ 31.619978] kmalloc_uaf+0x300/0x338 [ 31.620593] kunit_try_run_case+0x14c/0x3d0 [ 31.621568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.622307] kthread+0x24c/0x2d0 [ 31.622945] ret_from_fork+0x10/0x20 [ 31.623562] [ 31.623958] Allocated by task 173: [ 31.624662] kasan_save_stack+0x3c/0x68 [ 31.625308] kasan_save_track+0x20/0x40 [ 31.625969] kasan_save_alloc_info+0x40/0x58 [ 31.626632] __kasan_kmalloc+0xd4/0xd8 [ 31.627275] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.628008] kmalloc_uaf+0xb8/0x338 [ 31.628779] kunit_try_run_case+0x14c/0x3d0 [ 31.629467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.629996] kthread+0x24c/0x2d0 [ 31.630539] ret_from_fork+0x10/0x20 [ 31.631592] [ 31.632001] Freed by task 173: [ 31.632683] kasan_save_stack+0x3c/0x68 [ 31.633426] kasan_save_track+0x20/0x40 [ 31.634130] kasan_save_free_info+0x4c/0x78 [ 31.634736] __kasan_slab_free+0x6c/0x98 [ 31.635324] kfree+0x114/0x3d0 [ 31.635851] kmalloc_uaf+0x11c/0x338 [ 31.636708] kunit_try_run_case+0x14c/0x3d0 [ 31.637393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.638110] kthread+0x24c/0x2d0 [ 31.638701] ret_from_fork+0x10/0x20 [ 31.639247] [ 31.639610] The buggy address belongs to the object at fff00000c599a860 [ 31.639610] which belongs to the cache kmalloc-16 of size 16 [ 31.641092] The buggy address is located 8 bytes inside of [ 31.641092] freed 16-byte region [fff00000c599a860, fff00000c599a870) [ 31.642388] [ 31.642732] The buggy address belongs to the physical page: [ 31.643658] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599a [ 31.645076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.646043] page_type: f5(slab) [ 31.646740] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.647588] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.648413] page dumped because: kasan: bad access detected [ 31.649542] [ 31.649891] Memory state around the buggy address: [ 31.650860] fff00000c599a700: 00 02 fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 31.651734] fff00000c599a780: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 31.652351] >fff00000c599a800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.653403] ^ [ 31.654087] fff00000c599a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.654885] fff00000c599a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.655859] ================================================================== [ 31.727199] ================================================================== [ 31.728209] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 31.729370] Read of size 1 at addr fff00000c6499728 by task kunit_try_catch/177 [ 31.730192] [ 31.730593] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.731555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.732139] Hardware name: linux,dummy-virt (DT) [ 31.733174] Call trace: [ 31.733662] show_stack+0x20/0x38 (C) [ 31.734348] dump_stack_lvl+0x8c/0xd0 [ 31.735038] print_report+0x118/0x5e0 [ 31.735698] kasan_report+0xc8/0x118 [ 31.736655] __asan_report_load1_noabort+0x20/0x30 [ 31.737318] kmalloc_uaf2+0x3f4/0x468 [ 31.737980] kunit_try_run_case+0x14c/0x3d0 [ 31.738664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.739412] kthread+0x24c/0x2d0 [ 31.739969] ret_from_fork+0x10/0x20 [ 31.740932] [ 31.741320] Allocated by task 177: [ 31.741866] kasan_save_stack+0x3c/0x68 [ 31.742469] kasan_save_track+0x20/0x40 [ 31.743102] kasan_save_alloc_info+0x40/0x58 [ 31.743706] __kasan_kmalloc+0xd4/0xd8 [ 31.744687] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.745393] kmalloc_uaf2+0xc4/0x468 [ 31.746022] kunit_try_run_case+0x14c/0x3d0 [ 31.746720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.747353] kthread+0x24c/0x2d0 [ 31.747958] ret_from_fork+0x10/0x20 [ 31.749429] [ 31.750041] Freed by task 177: [ 31.750503] kasan_save_stack+0x3c/0x68 [ 31.751168] kasan_save_track+0x20/0x40 [ 31.751703] kasan_save_free_info+0x4c/0x78 [ 31.752772] __kasan_slab_free+0x6c/0x98 [ 31.753500] kfree+0x114/0x3d0 [ 31.754098] kmalloc_uaf2+0x134/0x468 [ 31.754702] kunit_try_run_case+0x14c/0x3d0 [ 31.755307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.756122] kthread+0x24c/0x2d0 [ 31.756999] ret_from_fork+0x10/0x20 [ 31.757585] [ 31.757926] The buggy address belongs to the object at fff00000c6499700 [ 31.757926] which belongs to the cache kmalloc-64 of size 64 [ 31.759011] The buggy address is located 40 bytes inside of [ 31.759011] freed 64-byte region [fff00000c6499700, fff00000c6499740) [ 31.760580] [ 31.760969] The buggy address belongs to the physical page: [ 31.761608] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106499 [ 31.762518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.763451] page_type: f5(slab) [ 31.763929] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.765098] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.765985] page dumped because: kasan: bad access detected [ 31.766717] [ 31.767093] Memory state around the buggy address: [ 31.767592] fff00000c6499600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.769081] fff00000c6499680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.769703] >fff00000c6499700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.770602] ^ [ 31.771461] fff00000c6499780: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 31.772390] fff00000c6499800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.773466] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 31.132030] ================================================================== [ 31.133120] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 31.133976] Write of size 16 at addr fff00000c57c3280 by task kunit_try_catch/155 [ 31.134991] [ 31.135290] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.136646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.138653] Hardware name: linux,dummy-virt (DT) [ 31.140577] Call trace: [ 31.142684] show_stack+0x20/0x38 (C) [ 31.143351] dump_stack_lvl+0x8c/0xd0 [ 31.143924] print_report+0x118/0x5e0 [ 31.144610] kasan_report+0xc8/0x118 [ 31.145239] __asan_report_store16_noabort+0x20/0x30 [ 31.146482] kmalloc_oob_16+0x3a0/0x3f8 [ 31.147101] kunit_try_run_case+0x14c/0x3d0 [ 31.147695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.148329] kthread+0x24c/0x2d0 [ 31.148921] ret_from_fork+0x10/0x20 [ 31.149519] [ 31.149846] Allocated by task 155: [ 31.151233] kasan_save_stack+0x3c/0x68 [ 31.151766] kasan_save_track+0x20/0x40 [ 31.152482] kasan_save_alloc_info+0x40/0x58 [ 31.153606] __kasan_kmalloc+0xd4/0xd8 [ 31.154112] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.154670] kmalloc_oob_16+0xb4/0x3f8 [ 31.155281] kunit_try_run_case+0x14c/0x3d0 [ 31.155829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.156823] kthread+0x24c/0x2d0 [ 31.157557] ret_from_fork+0x10/0x20 [ 31.158034] [ 31.158317] The buggy address belongs to the object at fff00000c57c3280 [ 31.158317] which belongs to the cache kmalloc-16 of size 16 [ 31.159630] The buggy address is located 0 bytes inside of [ 31.159630] allocated 13-byte region [fff00000c57c3280, fff00000c57c328d) [ 31.161862] [ 31.162208] The buggy address belongs to the physical page: [ 31.162859] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c3 [ 31.163798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.164743] page_type: f5(slab) [ 31.165639] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.166500] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 31.167614] page dumped because: kasan: bad access detected [ 31.168127] [ 31.168513] Memory state around the buggy address: [ 31.169877] fff00000c57c3180: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 31.170976] fff00000c57c3200: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 31.172052] >fff00000c57c3280: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.172879] ^ [ 31.174094] fff00000c57c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.175049] fff00000c57c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.176114] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 31.022671] ================================================================== [ 31.024216] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 31.025042] Read of size 1 at addr fff00000c43ac000 by task kunit_try_catch/153 [ 31.026139] [ 31.026547] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.027589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.028203] Hardware name: linux,dummy-virt (DT) [ 31.028724] Call trace: [ 31.029212] show_stack+0x20/0x38 (C) [ 31.029887] dump_stack_lvl+0x8c/0xd0 [ 31.030491] print_report+0x118/0x5e0 [ 31.031174] kasan_report+0xc8/0x118 [ 31.031800] __kasan_check_byte+0x54/0x70 [ 31.032510] krealloc_noprof+0x44/0x360 [ 31.033105] krealloc_uaf+0x180/0x520 [ 31.033763] kunit_try_run_case+0x14c/0x3d0 [ 31.034390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.035246] kthread+0x24c/0x2d0 [ 31.035774] ret_from_fork+0x10/0x20 [ 31.036471] [ 31.036870] Allocated by task 153: [ 31.037352] kasan_save_stack+0x3c/0x68 [ 31.038038] kasan_save_track+0x20/0x40 [ 31.038698] kasan_save_alloc_info+0x40/0x58 [ 31.039392] __kasan_kmalloc+0xd4/0xd8 [ 31.040048] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.040658] krealloc_uaf+0xc8/0x520 [ 31.041278] kunit_try_run_case+0x14c/0x3d0 [ 31.041937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.042691] kthread+0x24c/0x2d0 [ 31.043263] ret_from_fork+0x10/0x20 [ 31.043882] [ 31.044234] Freed by task 153: [ 31.044749] kasan_save_stack+0x3c/0x68 [ 31.045372] kasan_save_track+0x20/0x40 [ 31.046049] kasan_save_free_info+0x4c/0x78 [ 31.046711] __kasan_slab_free+0x6c/0x98 [ 31.047360] kfree+0x114/0x3d0 [ 31.048012] krealloc_uaf+0x12c/0x520 [ 31.048515] kunit_try_run_case+0x14c/0x3d0 [ 31.049118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.049821] kthread+0x24c/0x2d0 [ 31.050394] ret_from_fork+0x10/0x20 [ 31.050974] [ 31.051416] The buggy address belongs to the object at fff00000c43ac000 [ 31.051416] which belongs to the cache kmalloc-256 of size 256 [ 31.052960] The buggy address is located 0 bytes inside of [ 31.052960] freed 256-byte region [fff00000c43ac000, fff00000c43ac100) [ 31.054258] [ 31.054638] The buggy address belongs to the physical page: [ 31.055440] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043ac [ 31.056460] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 31.057380] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 31.058333] page_type: f5(slab) [ 31.058923] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 31.059873] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.060895] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 31.061863] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.062852] head: 0bfffe0000000001 ffffc1ffc310eb01 ffffffffffffffff 0000000000000000 [ 31.063850] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 31.064754] page dumped because: kasan: bad access detected [ 31.065434] [ 31.065866] Memory state around the buggy address: [ 31.066555] fff00000c43abf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.067432] fff00000c43abf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.068307] >fff00000c43ac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.069265] ^ [ 31.069807] fff00000c43ac080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.070669] fff00000c43ac100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.071558] ================================================================== [ 31.074211] ================================================================== [ 31.075364] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 31.076778] Read of size 1 at addr fff00000c43ac000 by task kunit_try_catch/153 [ 31.077819] [ 31.078220] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 31.079453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.080094] Hardware name: linux,dummy-virt (DT) [ 31.080640] Call trace: [ 31.081100] show_stack+0x20/0x38 (C) [ 31.081696] dump_stack_lvl+0x8c/0xd0 [ 31.082292] print_report+0x118/0x5e0 [ 31.082840] kasan_report+0xc8/0x118 [ 31.083472] __asan_report_load1_noabort+0x20/0x30 [ 31.084100] krealloc_uaf+0x4c8/0x520 [ 31.084710] kunit_try_run_case+0x14c/0x3d0 [ 31.085369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.086166] kthread+0x24c/0x2d0 [ 31.086741] ret_from_fork+0x10/0x20 [ 31.087380] [ 31.087729] Allocated by task 153: [ 31.088253] kasan_save_stack+0x3c/0x68 [ 31.088870] kasan_save_track+0x20/0x40 [ 31.089416] kasan_save_alloc_info+0x40/0x58 [ 31.090086] __kasan_kmalloc+0xd4/0xd8 [ 31.090584] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.091276] krealloc_uaf+0xc8/0x520 [ 31.091739] kunit_try_run_case+0x14c/0x3d0 [ 31.092401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.093058] kthread+0x24c/0x2d0 [ 31.093613] ret_from_fork+0x10/0x20 [ 31.094150] [ 31.094518] Freed by task 153: [ 31.095042] kasan_save_stack+0x3c/0x68 [ 31.095643] kasan_save_track+0x20/0x40 [ 31.096158] kasan_save_free_info+0x4c/0x78 [ 31.096811] __kasan_slab_free+0x6c/0x98 [ 31.097364] kfree+0x114/0x3d0 [ 31.097918] krealloc_uaf+0x12c/0x520 [ 31.098425] kunit_try_run_case+0x14c/0x3d0 [ 31.099111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.099823] kthread+0x24c/0x2d0 [ 31.100327] ret_from_fork+0x10/0x20 [ 31.100926] [ 31.101224] The buggy address belongs to the object at fff00000c43ac000 [ 31.101224] which belongs to the cache kmalloc-256 of size 256 [ 31.102381] The buggy address is located 0 bytes inside of [ 31.102381] freed 256-byte region [fff00000c43ac000, fff00000c43ac100) [ 31.103724] [ 31.104044] The buggy address belongs to the physical page: [ 31.104775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043ac [ 31.105635] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 31.106536] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 31.107339] page_type: f5(slab) [ 31.107823] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 31.108779] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.109514] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 31.110505] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.111512] head: 0bfffe0000000001 ffffc1ffc310eb01 ffffffffffffffff 0000000000000000 [ 31.112480] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 31.113174] page dumped because: kasan: bad access detected [ 31.113889] [ 31.114269] Memory state around the buggy address: [ 31.114871] fff00000c43abf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.115776] fff00000c43abf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.116524] >fff00000c43ac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.117418] ^ [ 31.117892] fff00000c43ac080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.118742] fff00000c43ac100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.119372] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 30.976140] ================================================================== [ 30.977629] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 30.978560] Write of size 1 at addr fff00000c64660eb by task kunit_try_catch/151 [ 30.979431] [ 30.979927] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.981211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.981626] Hardware name: linux,dummy-virt (DT) [ 30.982650] Call trace: [ 30.983067] show_stack+0x20/0x38 (C) [ 30.983605] dump_stack_lvl+0x8c/0xd0 [ 30.984140] print_report+0x118/0x5e0 [ 30.984929] kasan_report+0xc8/0x118 [ 30.985966] __asan_report_store1_noabort+0x20/0x30 [ 30.986668] krealloc_less_oob_helper+0xa58/0xc50 [ 30.987313] krealloc_large_less_oob+0x20/0x38 [ 30.987951] kunit_try_run_case+0x14c/0x3d0 [ 30.988843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.989542] kthread+0x24c/0x2d0 [ 30.990520] ret_from_fork+0x10/0x20 [ 30.991121] [ 30.991505] The buggy address belongs to the physical page: [ 30.992972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.993602] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.994077] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.995100] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.995954] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.997226] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.998140] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.999538] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 31.001008] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 31.001751] page dumped because: kasan: bad access detected [ 31.002554] [ 31.002973] Memory state around the buggy address: [ 31.003646] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.004519] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.005698] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 31.006814] ^ [ 31.007745] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 31.009023] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 31.009810] ================================================================== [ 30.615979] ================================================================== [ 30.616709] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 30.617737] Write of size 1 at addr fff00000c4481eda by task kunit_try_catch/147 [ 30.619182] [ 30.619701] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.621017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.621762] Hardware name: linux,dummy-virt (DT) [ 30.622538] Call trace: [ 30.622941] show_stack+0x20/0x38 (C) [ 30.623448] dump_stack_lvl+0x8c/0xd0 [ 30.624084] print_report+0x118/0x5e0 [ 30.624608] kasan_report+0xc8/0x118 [ 30.625293] __asan_report_store1_noabort+0x20/0x30 [ 30.625966] krealloc_less_oob_helper+0xa80/0xc50 [ 30.626721] krealloc_less_oob+0x20/0x38 [ 30.627272] kunit_try_run_case+0x14c/0x3d0 [ 30.627997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.628724] kthread+0x24c/0x2d0 [ 30.629318] ret_from_fork+0x10/0x20 [ 30.629865] [ 30.630283] Allocated by task 147: [ 30.630856] kasan_save_stack+0x3c/0x68 [ 30.631414] kasan_save_track+0x20/0x40 [ 30.632084] kasan_save_alloc_info+0x40/0x58 [ 30.632698] __kasan_krealloc+0x118/0x178 [ 30.633384] krealloc_noprof+0x128/0x360 [ 30.633995] krealloc_less_oob_helper+0x168/0xc50 [ 30.634733] krealloc_less_oob+0x20/0x38 [ 30.635365] kunit_try_run_case+0x14c/0x3d0 [ 30.636066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.636748] kthread+0x24c/0x2d0 [ 30.637369] ret_from_fork+0x10/0x20 [ 30.637921] [ 30.638325] The buggy address belongs to the object at fff00000c4481e00 [ 30.638325] which belongs to the cache kmalloc-256 of size 256 [ 30.639590] The buggy address is located 17 bytes to the right of [ 30.639590] allocated 201-byte region [fff00000c4481e00, fff00000c4481ec9) [ 30.640976] [ 30.641388] The buggy address belongs to the physical page: [ 30.642124] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.643151] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.643961] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.644841] page_type: f5(slab) [ 30.645425] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.646260] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.647186] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.648081] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.648960] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.649804] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.650673] page dumped because: kasan: bad access detected [ 30.651364] [ 30.651757] Memory state around the buggy address: [ 30.652271] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.653227] fff00000c4481e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.654114] >fff00000c4481e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 30.654985] ^ [ 30.655787] fff00000c4481f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.656623] fff00000c4481f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.657497] ================================================================== [ 30.838220] ================================================================== [ 30.839515] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 30.840298] Write of size 1 at addr fff00000c64660c9 by task kunit_try_catch/151 [ 30.841630] [ 30.842031] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.843874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.844521] Hardware name: linux,dummy-virt (DT) [ 30.845613] Call trace: [ 30.846064] show_stack+0x20/0x38 (C) [ 30.846600] dump_stack_lvl+0x8c/0xd0 [ 30.847462] print_report+0x118/0x5e0 [ 30.848048] kasan_report+0xc8/0x118 [ 30.848826] __asan_report_store1_noabort+0x20/0x30 [ 30.849428] krealloc_less_oob_helper+0xa48/0xc50 [ 30.850354] krealloc_large_less_oob+0x20/0x38 [ 30.851154] kunit_try_run_case+0x14c/0x3d0 [ 30.851947] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.853046] kthread+0x24c/0x2d0 [ 30.853585] ret_from_fork+0x10/0x20 [ 30.854145] [ 30.854517] The buggy address belongs to the physical page: [ 30.855189] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.856109] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.857254] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.858528] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.859381] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.860233] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.861581] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.862365] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.863311] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.864095] page dumped because: kasan: bad access detected [ 30.865452] [ 30.865810] Memory state around the buggy address: [ 30.866462] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.867374] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.868040] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 30.869486] ^ [ 30.870118] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.870941] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.871728] ================================================================== [ 30.530113] ================================================================== [ 30.531136] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 30.531892] Write of size 1 at addr fff00000c4481ec9 by task kunit_try_catch/147 [ 30.533007] [ 30.533290] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.534464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.534930] Hardware name: linux,dummy-virt (DT) [ 30.535550] Call trace: [ 30.535944] show_stack+0x20/0x38 (C) [ 30.536574] dump_stack_lvl+0x8c/0xd0 [ 30.537190] print_report+0x118/0x5e0 [ 30.537818] kasan_report+0xc8/0x118 [ 30.538414] __asan_report_store1_noabort+0x20/0x30 [ 30.539186] krealloc_less_oob_helper+0xa48/0xc50 [ 30.539821] krealloc_less_oob+0x20/0x38 [ 30.540363] kunit_try_run_case+0x14c/0x3d0 [ 30.541054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.541760] kthread+0x24c/0x2d0 [ 30.542366] ret_from_fork+0x10/0x20 [ 30.542896] [ 30.543273] Allocated by task 147: [ 30.543794] kasan_save_stack+0x3c/0x68 [ 30.544388] kasan_save_track+0x20/0x40 [ 30.544871] kasan_save_alloc_info+0x40/0x58 [ 30.545516] __kasan_krealloc+0x118/0x178 [ 30.546168] krealloc_noprof+0x128/0x360 [ 30.546793] krealloc_less_oob_helper+0x168/0xc50 [ 30.547438] krealloc_less_oob+0x20/0x38 [ 30.547954] kunit_try_run_case+0x14c/0x3d0 [ 30.548592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.549203] kthread+0x24c/0x2d0 [ 30.549761] ret_from_fork+0x10/0x20 [ 30.550316] [ 30.550693] The buggy address belongs to the object at fff00000c4481e00 [ 30.550693] which belongs to the cache kmalloc-256 of size 256 [ 30.551890] The buggy address is located 0 bytes to the right of [ 30.551890] allocated 201-byte region [fff00000c4481e00, fff00000c4481ec9) [ 30.553076] [ 30.553439] The buggy address belongs to the physical page: [ 30.554133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.555124] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.555857] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.556785] page_type: f5(slab) [ 30.557258] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.558078] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.559005] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.559845] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.560656] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.561515] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.562257] page dumped because: kasan: bad access detected [ 30.563002] [ 30.563294] Memory state around the buggy address: [ 30.563946] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.564709] fff00000c4481e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.565579] >fff00000c4481e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 30.566317] ^ [ 30.567077] fff00000c4481f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.567810] fff00000c4481f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.568575] ================================================================== [ 30.705314] ================================================================== [ 30.705984] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 30.706954] Write of size 1 at addr fff00000c4481eeb by task kunit_try_catch/147 [ 30.707724] [ 30.709022] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.710312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.710771] Hardware name: linux,dummy-virt (DT) [ 30.711073] Call trace: [ 30.711267] show_stack+0x20/0x38 (C) [ 30.711543] dump_stack_lvl+0x8c/0xd0 [ 30.711807] print_report+0x118/0x5e0 [ 30.712206] kasan_report+0xc8/0x118 [ 30.712796] __asan_report_store1_noabort+0x20/0x30 [ 30.713593] krealloc_less_oob_helper+0xa58/0xc50 [ 30.714367] krealloc_less_oob+0x20/0x38 [ 30.715042] kunit_try_run_case+0x14c/0x3d0 [ 30.715637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.716479] kthread+0x24c/0x2d0 [ 30.716967] ret_from_fork+0x10/0x20 [ 30.717634] [ 30.718031] Allocated by task 147: [ 30.718556] kasan_save_stack+0x3c/0x68 [ 30.719088] kasan_save_track+0x20/0x40 [ 30.719772] kasan_save_alloc_info+0x40/0x58 [ 30.720486] __kasan_krealloc+0x118/0x178 [ 30.721145] krealloc_noprof+0x128/0x360 [ 30.721782] krealloc_less_oob_helper+0x168/0xc50 [ 30.722489] krealloc_less_oob+0x20/0x38 [ 30.723144] kunit_try_run_case+0x14c/0x3d0 [ 30.723830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.724500] kthread+0x24c/0x2d0 [ 30.725113] ret_from_fork+0x10/0x20 [ 30.725721] [ 30.726053] The buggy address belongs to the object at fff00000c4481e00 [ 30.726053] which belongs to the cache kmalloc-256 of size 256 [ 30.727264] The buggy address is located 34 bytes to the right of [ 30.727264] allocated 201-byte region [fff00000c4481e00, fff00000c4481ec9) [ 30.728688] [ 30.729016] The buggy address belongs to the physical page: [ 30.729664] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.730491] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.731386] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.732346] page_type: f5(slab) [ 30.732953] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.733785] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.734751] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.735664] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.736495] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.737424] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.738240] page dumped because: kasan: bad access detected [ 30.738827] [ 30.739255] Memory state around the buggy address: [ 30.739849] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.740725] fff00000c4481e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.741578] >fff00000c4481e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 30.742391] ^ [ 30.743220] fff00000c4481f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.744039] fff00000c4481f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.744876] ================================================================== [ 30.873012] ================================================================== [ 30.873820] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 30.875022] Write of size 1 at addr fff00000c64660d0 by task kunit_try_catch/151 [ 30.875941] [ 30.876376] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.878094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.879288] Hardware name: linux,dummy-virt (DT) [ 30.880104] Call trace: [ 30.880462] show_stack+0x20/0x38 (C) [ 30.881281] dump_stack_lvl+0x8c/0xd0 [ 30.881961] print_report+0x118/0x5e0 [ 30.882592] kasan_report+0xc8/0x118 [ 30.883236] __asan_report_store1_noabort+0x20/0x30 [ 30.883973] krealloc_less_oob_helper+0xb9c/0xc50 [ 30.885102] krealloc_large_less_oob+0x20/0x38 [ 30.885743] kunit_try_run_case+0x14c/0x3d0 [ 30.886516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.887345] kthread+0x24c/0x2d0 [ 30.887872] ret_from_fork+0x10/0x20 [ 30.888558] [ 30.888919] The buggy address belongs to the physical page: [ 30.889438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.890594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.891795] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.893120] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.893828] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.895088] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.895495] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.895868] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.896658] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.898176] page dumped because: kasan: bad access detected [ 30.899053] [ 30.899405] Memory state around the buggy address: [ 30.900033] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.901204] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.901987] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 30.902769] ^ [ 30.903833] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.905003] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.906089] ================================================================== [ 30.570740] ================================================================== [ 30.571632] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 30.572940] Write of size 1 at addr fff00000c4481ed0 by task kunit_try_catch/147 [ 30.573646] [ 30.575194] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.576412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.576930] Hardware name: linux,dummy-virt (DT) [ 30.577481] Call trace: [ 30.577924] show_stack+0x20/0x38 (C) [ 30.578574] dump_stack_lvl+0x8c/0xd0 [ 30.579170] print_report+0x118/0x5e0 [ 30.579743] kasan_report+0xc8/0x118 [ 30.580377] __asan_report_store1_noabort+0x20/0x30 [ 30.580958] krealloc_less_oob_helper+0xb9c/0xc50 [ 30.581665] krealloc_less_oob+0x20/0x38 [ 30.582250] kunit_try_run_case+0x14c/0x3d0 [ 30.582963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.583740] kthread+0x24c/0x2d0 [ 30.584250] ret_from_fork+0x10/0x20 [ 30.584881] [ 30.585253] Allocated by task 147: [ 30.585798] kasan_save_stack+0x3c/0x68 [ 30.586346] kasan_save_track+0x20/0x40 [ 30.587323] kasan_save_alloc_info+0x40/0x58 [ 30.587850] __kasan_krealloc+0x118/0x178 [ 30.588632] krealloc_noprof+0x128/0x360 [ 30.589155] krealloc_less_oob_helper+0x168/0xc50 [ 30.589701] krealloc_less_oob+0x20/0x38 [ 30.590624] kunit_try_run_case+0x14c/0x3d0 [ 30.591345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.592086] kthread+0x24c/0x2d0 [ 30.592806] ret_from_fork+0x10/0x20 [ 30.593519] [ 30.593874] The buggy address belongs to the object at fff00000c4481e00 [ 30.593874] which belongs to the cache kmalloc-256 of size 256 [ 30.595058] The buggy address is located 7 bytes to the right of [ 30.595058] allocated 201-byte region [fff00000c4481e00, fff00000c4481ec9) [ 30.596569] [ 30.596988] The buggy address belongs to the physical page: [ 30.597731] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.598560] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.599526] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.600396] page_type: f5(slab) [ 30.600951] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.601866] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.602782] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.603664] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.604529] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.605397] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.606238] page dumped because: kasan: bad access detected [ 30.606948] [ 30.607352] Memory state around the buggy address: [ 30.607987] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.608758] fff00000c4481e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.609636] >fff00000c4481e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 30.610376] ^ [ 30.611265] fff00000c4481f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.612080] fff00000c4481f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.612872] ================================================================== [ 30.941102] ================================================================== [ 30.941822] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 30.942753] Write of size 1 at addr fff00000c64660ea by task kunit_try_catch/151 [ 30.943659] [ 30.944069] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.945130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.945588] Hardware name: linux,dummy-virt (DT) [ 30.946709] Call trace: [ 30.947181] show_stack+0x20/0x38 (C) [ 30.947801] dump_stack_lvl+0x8c/0xd0 [ 30.949632] print_report+0x118/0x5e0 [ 30.950264] kasan_report+0xc8/0x118 [ 30.950829] __asan_report_store1_noabort+0x20/0x30 [ 30.951574] krealloc_less_oob_helper+0xae4/0xc50 [ 30.952200] krealloc_large_less_oob+0x20/0x38 [ 30.953340] kunit_try_run_case+0x14c/0x3d0 [ 30.953948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.954661] kthread+0x24c/0x2d0 [ 30.955220] ret_from_fork+0x10/0x20 [ 30.955791] [ 30.956175] The buggy address belongs to the physical page: [ 30.957578] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.958526] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.959345] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.960160] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.961097] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.962366] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.963186] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.963985] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.965784] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.966687] page dumped because: kasan: bad access detected [ 30.967335] [ 30.968000] Memory state around the buggy address: [ 30.969147] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.970127] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.971003] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 30.971800] ^ [ 30.972708] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.973740] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.974981] ================================================================== [ 30.659674] ================================================================== [ 30.660438] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 30.661385] Write of size 1 at addr fff00000c4481eea by task kunit_try_catch/147 [ 30.662563] [ 30.662926] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.664823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.665504] Hardware name: linux,dummy-virt (DT) [ 30.666183] Call trace: [ 30.666551] show_stack+0x20/0x38 (C) [ 30.667067] dump_stack_lvl+0x8c/0xd0 [ 30.667588] print_report+0x118/0x5e0 [ 30.668482] kasan_report+0xc8/0x118 [ 30.669219] __asan_report_store1_noabort+0x20/0x30 [ 30.670022] krealloc_less_oob_helper+0xae4/0xc50 [ 30.670895] krealloc_less_oob+0x20/0x38 [ 30.671689] kunit_try_run_case+0x14c/0x3d0 [ 30.672277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.673313] kthread+0x24c/0x2d0 [ 30.673862] ret_from_fork+0x10/0x20 [ 30.674662] [ 30.675203] Allocated by task 147: [ 30.675849] kasan_save_stack+0x3c/0x68 [ 30.676600] kasan_save_track+0x20/0x40 [ 30.677311] kasan_save_alloc_info+0x40/0x58 [ 30.677861] __kasan_krealloc+0x118/0x178 [ 30.678494] krealloc_noprof+0x128/0x360 [ 30.679062] krealloc_less_oob_helper+0x168/0xc50 [ 30.679729] krealloc_less_oob+0x20/0x38 [ 30.680407] kunit_try_run_case+0x14c/0x3d0 [ 30.681056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.681691] kthread+0x24c/0x2d0 [ 30.682266] ret_from_fork+0x10/0x20 [ 30.682830] [ 30.683220] The buggy address belongs to the object at fff00000c4481e00 [ 30.683220] which belongs to the cache kmalloc-256 of size 256 [ 30.684467] The buggy address is located 33 bytes to the right of [ 30.684467] allocated 201-byte region [fff00000c4481e00, fff00000c4481ec9) [ 30.685864] [ 30.686288] The buggy address belongs to the physical page: [ 30.686982] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.688018] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.688865] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.689758] page_type: f5(slab) [ 30.690224] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.691179] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.692086] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.693052] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.693944] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.694832] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.695740] page dumped because: kasan: bad access detected [ 30.696391] [ 30.696789] Memory state around the buggy address: [ 30.697335] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.698194] fff00000c4481e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.699162] >fff00000c4481e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 30.700153] ^ [ 30.700856] fff00000c4481f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.701965] fff00000c4481f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.702897] ================================================================== [ 30.907955] ================================================================== [ 30.909008] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 30.909630] Write of size 1 at addr fff00000c64660da by task kunit_try_catch/151 [ 30.910604] [ 30.911041] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.912325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.912802] Hardware name: linux,dummy-virt (DT) [ 30.913472] Call trace: [ 30.913984] show_stack+0x20/0x38 (C) [ 30.914663] dump_stack_lvl+0x8c/0xd0 [ 30.915287] print_report+0x118/0x5e0 [ 30.915862] kasan_report+0xc8/0x118 [ 30.916488] __asan_report_store1_noabort+0x20/0x30 [ 30.917503] krealloc_less_oob_helper+0xa80/0xc50 [ 30.918501] krealloc_large_less_oob+0x20/0x38 [ 30.919138] kunit_try_run_case+0x14c/0x3d0 [ 30.919858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.920955] kthread+0x24c/0x2d0 [ 30.921429] ret_from_fork+0x10/0x20 [ 30.922063] [ 30.922373] The buggy address belongs to the physical page: [ 30.922948] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.923923] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.924761] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.925966] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.926867] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.928148] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.929337] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.930136] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.931204] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.931999] page dumped because: kasan: bad access detected [ 30.933473] [ 30.933724] Memory state around the buggy address: [ 30.934398] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.935190] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.936059] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 30.936824] ^ [ 30.937871] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.938716] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.939782] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 30.757739] ================================================================== [ 30.758822] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 30.759653] Write of size 1 at addr fff00000c64660eb by task kunit_try_catch/149 [ 30.760383] [ 30.761291] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.762806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.763652] Hardware name: linux,dummy-virt (DT) [ 30.764771] Call trace: [ 30.765411] show_stack+0x20/0x38 (C) [ 30.766486] dump_stack_lvl+0x8c/0xd0 [ 30.767237] print_report+0x118/0x5e0 [ 30.767872] kasan_report+0xc8/0x118 [ 30.768415] __asan_report_store1_noabort+0x20/0x30 [ 30.769452] krealloc_more_oob_helper+0x614/0x680 [ 30.770298] krealloc_large_more_oob+0x20/0x38 [ 30.770977] kunit_try_run_case+0x14c/0x3d0 [ 30.771608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.772635] kthread+0x24c/0x2d0 [ 30.773104] ret_from_fork+0x10/0x20 [ 30.773586] [ 30.774031] The buggy address belongs to the physical page: [ 30.774834] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.776013] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.777097] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.777990] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.778886] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.779923] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.780881] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.782597] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.783406] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.784203] page dumped because: kasan: bad access detected [ 30.784920] [ 30.785283] Memory state around the buggy address: [ 30.785804] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.787123] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.787930] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 30.789403] ^ [ 30.790211] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.791034] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.791828] ================================================================== [ 30.794851] ================================================================== [ 30.795673] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 30.797465] Write of size 1 at addr fff00000c64660f0 by task kunit_try_catch/149 [ 30.798236] [ 30.798643] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.799694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.800360] Hardware name: linux,dummy-virt (DT) [ 30.801104] Call trace: [ 30.801803] show_stack+0x20/0x38 (C) [ 30.802529] dump_stack_lvl+0x8c/0xd0 [ 30.803290] print_report+0x118/0x5e0 [ 30.804059] kasan_report+0xc8/0x118 [ 30.804673] __asan_report_store1_noabort+0x20/0x30 [ 30.805310] krealloc_more_oob_helper+0x5c8/0x680 [ 30.806297] krealloc_large_more_oob+0x20/0x38 [ 30.807114] kunit_try_run_case+0x14c/0x3d0 [ 30.807615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.808376] kthread+0x24c/0x2d0 [ 30.809288] ret_from_fork+0x10/0x20 [ 30.809938] [ 30.810337] The buggy address belongs to the physical page: [ 30.811126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.812024] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.813061] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.813693] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.814355] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.815620] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.817219] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.818188] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.818980] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.819923] page dumped because: kasan: bad access detected [ 30.820515] [ 30.820872] Memory state around the buggy address: [ 30.821477] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.822715] fff00000c6466000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.823341] >fff00000c6466080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 30.824814] ^ [ 30.825869] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.826890] fff00000c6466180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.827933] ================================================================== [ 30.469505] ================================================================== [ 30.470461] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 30.471205] Write of size 1 at addr fff00000c4481cf0 by task kunit_try_catch/145 [ 30.472132] [ 30.473323] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.474408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.475111] Hardware name: linux,dummy-virt (DT) [ 30.475759] Call trace: [ 30.476944] show_stack+0x20/0x38 (C) [ 30.477831] dump_stack_lvl+0x8c/0xd0 [ 30.478474] print_report+0x118/0x5e0 [ 30.479471] kasan_report+0xc8/0x118 [ 30.480206] __asan_report_store1_noabort+0x20/0x30 [ 30.481161] krealloc_more_oob_helper+0x5c8/0x680 [ 30.481954] krealloc_more_oob+0x20/0x38 [ 30.482699] kunit_try_run_case+0x14c/0x3d0 [ 30.483263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.484159] kthread+0x24c/0x2d0 [ 30.484802] ret_from_fork+0x10/0x20 [ 30.485426] [ 30.485753] Allocated by task 145: [ 30.486556] kasan_save_stack+0x3c/0x68 [ 30.487616] kasan_save_track+0x20/0x40 [ 30.488186] kasan_save_alloc_info+0x40/0x58 [ 30.488792] __kasan_krealloc+0x118/0x178 [ 30.489877] krealloc_noprof+0x128/0x360 [ 30.490523] krealloc_more_oob_helper+0x168/0x680 [ 30.491210] krealloc_more_oob+0x20/0x38 [ 30.491797] kunit_try_run_case+0x14c/0x3d0 [ 30.493343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.494264] kthread+0x24c/0x2d0 [ 30.494819] ret_from_fork+0x10/0x20 [ 30.495408] [ 30.495738] The buggy address belongs to the object at fff00000c4481c00 [ 30.495738] which belongs to the cache kmalloc-256 of size 256 [ 30.497420] The buggy address is located 5 bytes to the right of [ 30.497420] allocated 235-byte region [fff00000c4481c00, fff00000c4481ceb) [ 30.498726] [ 30.499103] The buggy address belongs to the physical page: [ 30.499701] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.500521] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.502610] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.503339] page_type: f5(slab) [ 30.503881] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.505109] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.505988] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.507090] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.508143] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.509445] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.510109] page dumped because: kasan: bad access detected [ 30.510846] [ 30.511347] Memory state around the buggy address: [ 30.512092] fff00000c4481b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.513098] fff00000c4481c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.514378] >fff00000c4481c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 30.515140] ^ [ 30.515895] fff00000c4481d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.516921] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.517687] ================================================================== [ 30.420851] ================================================================== [ 30.422277] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 30.423221] Write of size 1 at addr fff00000c4481ceb by task kunit_try_catch/145 [ 30.424135] [ 30.424518] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.425937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.426370] Hardware name: linux,dummy-virt (DT) [ 30.427030] Call trace: [ 30.427415] show_stack+0x20/0x38 (C) [ 30.428117] dump_stack_lvl+0x8c/0xd0 [ 30.428873] print_report+0x118/0x5e0 [ 30.430080] kasan_report+0xc8/0x118 [ 30.430923] __asan_report_store1_noabort+0x20/0x30 [ 30.431629] krealloc_more_oob_helper+0x614/0x680 [ 30.432354] krealloc_more_oob+0x20/0x38 [ 30.433267] kunit_try_run_case+0x14c/0x3d0 [ 30.433968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.434722] kthread+0x24c/0x2d0 [ 30.435376] ret_from_fork+0x10/0x20 [ 30.435935] [ 30.436297] Allocated by task 145: [ 30.436839] kasan_save_stack+0x3c/0x68 [ 30.437484] kasan_save_track+0x20/0x40 [ 30.438114] kasan_save_alloc_info+0x40/0x58 [ 30.438660] __kasan_krealloc+0x118/0x178 [ 30.439132] krealloc_noprof+0x128/0x360 [ 30.439780] krealloc_more_oob_helper+0x168/0x680 [ 30.440502] krealloc_more_oob+0x20/0x38 [ 30.441745] kunit_try_run_case+0x14c/0x3d0 [ 30.442356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.443208] kthread+0x24c/0x2d0 [ 30.443766] ret_from_fork+0x10/0x20 [ 30.444745] [ 30.445073] The buggy address belongs to the object at fff00000c4481c00 [ 30.445073] which belongs to the cache kmalloc-256 of size 256 [ 30.445991] The buggy address is located 0 bytes to the right of [ 30.445991] allocated 235-byte region [fff00000c4481c00, fff00000c4481ceb) [ 30.447560] [ 30.447993] The buggy address belongs to the physical page: [ 30.448823] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104480 [ 30.450034] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.451104] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.452109] page_type: f5(slab) [ 30.453030] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.453994] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.454837] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 30.455988] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.457455] head: 0bfffe0000000001 ffffc1ffc3112001 ffffffffffffffff 0000000000000000 [ 30.458526] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 30.459555] page dumped because: kasan: bad access detected [ 30.460508] [ 30.460788] Memory state around the buggy address: [ 30.461272] fff00000c4481b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.462681] fff00000c4481c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.463657] >fff00000c4481c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 30.464819] ^ [ 30.465700] fff00000c4481d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.466499] fff00000c4481d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.467220] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 30.380960] ================================================================== [ 30.382464] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 30.383336] Read of size 1 at addr fff00000c6530000 by task kunit_try_catch/143 [ 30.384254] [ 30.384704] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.386246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.387021] Hardware name: linux,dummy-virt (DT) [ 30.387594] Call trace: [ 30.387988] show_stack+0x20/0x38 (C) [ 30.388513] dump_stack_lvl+0x8c/0xd0 [ 30.389080] print_report+0x118/0x5e0 [ 30.390144] kasan_report+0xc8/0x118 [ 30.390747] __asan_report_load1_noabort+0x20/0x30 [ 30.391692] page_alloc_uaf+0x328/0x350 [ 30.392326] kunit_try_run_case+0x14c/0x3d0 [ 30.393216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.394122] kthread+0x24c/0x2d0 [ 30.394861] ret_from_fork+0x10/0x20 [ 30.395501] [ 30.396115] The buggy address belongs to the physical page: [ 30.396884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106530 [ 30.397697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.398228] page_type: f0(buddy) [ 30.398829] raw: 0bfffe0000000000 fff00000ff6150e0 fff00000ff6150e0 0000000000000000 [ 30.399658] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 30.400562] page dumped because: kasan: bad access detected [ 30.401273] [ 30.401666] Memory state around the buggy address: [ 30.402307] fff00000c652ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.403269] fff00000c652ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.404103] >fff00000c6530000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.404823] ^ [ 30.405393] fff00000c6530080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.406191] fff00000c6530100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.407045] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 30.326082] ================================================================== [ 30.327467] BUG: KASAN: invalid-free in kfree+0x278/0x3d0 [ 30.328375] Free of addr fff00000c6464001 by task kunit_try_catch/139 [ 30.330009] [ 30.330375] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.331440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.332767] Hardware name: linux,dummy-virt (DT) [ 30.333502] Call trace: [ 30.334051] show_stack+0x20/0x38 (C) [ 30.334996] dump_stack_lvl+0x8c/0xd0 [ 30.335757] print_report+0x118/0x5e0 [ 30.336320] kasan_report_invalid_free+0xb0/0xd8 [ 30.337074] __kasan_kfree_large+0x5c/0xa8 [ 30.337610] free_large_kmalloc+0x58/0x140 [ 30.338183] kfree+0x278/0x3d0 [ 30.338717] kmalloc_large_invalid_free+0x108/0x270 [ 30.339328] kunit_try_run_case+0x14c/0x3d0 [ 30.340015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.340805] kthread+0x24c/0x2d0 [ 30.341398] ret_from_fork+0x10/0x20 [ 30.341933] [ 30.342313] The buggy address belongs to the physical page: [ 30.342932] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.343806] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.344673] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.345560] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.346403] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.347225] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.348124] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.349050] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.349975] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.350782] page dumped because: kasan: bad access detected [ 30.351368] [ 30.351722] Memory state around the buggy address: [ 30.352373] fff00000c6463f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.353151] fff00000c6463f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.353935] >fff00000c6464000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.354711] ^ [ 30.355194] fff00000c6464080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.356057] fff00000c6464100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.356838] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 30.287036] ================================================================== [ 30.288144] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 30.289023] Read of size 1 at addr fff00000c6464000 by task kunit_try_catch/137 [ 30.290165] [ 30.290963] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.292742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.293412] Hardware name: linux,dummy-virt (DT) [ 30.294014] Call trace: [ 30.294510] show_stack+0x20/0x38 (C) [ 30.295201] dump_stack_lvl+0x8c/0xd0 [ 30.295879] print_report+0x118/0x5e0 [ 30.296833] kasan_report+0xc8/0x118 [ 30.297482] __asan_report_load1_noabort+0x20/0x30 [ 30.298093] kmalloc_large_uaf+0x2cc/0x2f8 [ 30.298645] kunit_try_run_case+0x14c/0x3d0 [ 30.299820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.300790] kthread+0x24c/0x2d0 [ 30.301558] ret_from_fork+0x10/0x20 [ 30.302255] [ 30.302682] The buggy address belongs to the physical page: [ 30.303609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.305169] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.306117] raw: 0bfffe0000000000 ffffc1ffc3191a08 fff00000da506f80 0000000000000000 [ 30.307042] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 30.307921] page dumped because: kasan: bad access detected [ 30.308687] [ 30.309042] Memory state around the buggy address: [ 30.309809] fff00000c6463f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.310777] fff00000c6463f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.311690] >fff00000c6464000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.312875] ^ [ 30.314166] fff00000c6464080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.314926] fff00000c6464100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.315713] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 30.243120] ================================================================== [ 30.244144] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 30.246018] Write of size 1 at addr fff00000c646600a by task kunit_try_catch/135 [ 30.247126] [ 30.247726] CPU: 1 UID: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.249442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.250098] Hardware name: linux,dummy-virt (DT) [ 30.250844] Call trace: [ 30.251416] show_stack+0x20/0x38 (C) [ 30.252047] dump_stack_lvl+0x8c/0xd0 [ 30.252678] print_report+0x118/0x5e0 [ 30.253679] kasan_report+0xc8/0x118 [ 30.254070] __asan_report_store1_noabort+0x20/0x30 [ 30.255068] kmalloc_large_oob_right+0x278/0x2b8 [ 30.255401] kunit_try_run_case+0x14c/0x3d0 [ 30.255692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.256439] kthread+0x24c/0x2d0 [ 30.257137] ret_from_fork+0x10/0x20 [ 30.258280] [ 30.258659] The buggy address belongs to the physical page: [ 30.259368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 30.260430] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.261565] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.262590] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.263517] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.264484] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.265810] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.266708] head: 0bfffe0000000002 ffffc1ffc3191901 ffffffffffffffff 0000000000000000 [ 30.267609] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.268524] page dumped because: kasan: bad access detected [ 30.269609] [ 30.270020] Memory state around the buggy address: [ 30.270612] fff00000c6465f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.271430] fff00000c6465f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.272705] >fff00000c6466000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.273606] ^ [ 30.274094] fff00000c6466080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.275013] fff00000c6466100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.275865] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 30.186462] ================================================================== [ 30.187569] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 30.188260] Write of size 1 at addr fff00000c1645f00 by task kunit_try_catch/133 [ 30.189152] [ 30.189535] CPU: 0 UID: 0 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.190435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.192045] Hardware name: linux,dummy-virt (DT) [ 30.193028] Call trace: [ 30.193467] show_stack+0x20/0x38 (C) [ 30.194100] dump_stack_lvl+0x8c/0xd0 [ 30.194713] print_report+0x118/0x5e0 [ 30.195365] kasan_report+0xc8/0x118 [ 30.195996] __asan_report_store1_noabort+0x20/0x30 [ 30.197527] kmalloc_big_oob_right+0x2a4/0x2f0 [ 30.198194] kunit_try_run_case+0x14c/0x3d0 [ 30.198740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.199635] kthread+0x24c/0x2d0 [ 30.200154] ret_from_fork+0x10/0x20 [ 30.201169] [ 30.201491] Allocated by task 133: [ 30.202051] kasan_save_stack+0x3c/0x68 [ 30.202627] kasan_save_track+0x20/0x40 [ 30.203253] kasan_save_alloc_info+0x40/0x58 [ 30.203842] __kasan_kmalloc+0xd4/0xd8 [ 30.205155] __kmalloc_cache_noprof+0x15c/0x3c8 [ 30.205892] kmalloc_big_oob_right+0xb8/0x2f0 [ 30.206439] kunit_try_run_case+0x14c/0x3d0 [ 30.207107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.207793] kthread+0x24c/0x2d0 [ 30.208956] ret_from_fork+0x10/0x20 [ 30.209484] [ 30.209786] The buggy address belongs to the object at fff00000c1644000 [ 30.209786] which belongs to the cache kmalloc-8k of size 8192 [ 30.211077] The buggy address is located 0 bytes to the right of [ 30.211077] allocated 7936-byte region [fff00000c1644000, fff00000c1645f00) [ 30.213297] [ 30.213674] The buggy address belongs to the physical page: [ 30.214350] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101640 [ 30.215205] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.216185] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.217483] page_type: f5(slab) [ 30.218005] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 30.218890] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 30.219818] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 30.221351] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 30.222211] head: 0bfffe0000000003 ffffc1ffc3059001 ffffffffffffffff 0000000000000000 [ 30.223088] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 30.223881] page dumped because: kasan: bad access detected [ 30.225149] [ 30.225507] Memory state around the buggy address: [ 30.226042] fff00000c1645e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.226869] fff00000c1645e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.227679] >fff00000c1645f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.229067] ^ [ 30.229607] fff00000c1645f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.230759] fff00000c1646000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.231606] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 30.101852] ================================================================== [ 30.102986] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x414/0x490 [ 30.103794] Write of size 1 at addr fff00000c6089f78 by task kunit_try_catch/131 [ 30.104703] [ 30.105064] CPU: 0 UID: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.106131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.106729] Hardware name: linux,dummy-virt (DT) [ 30.107321] Call trace: [ 30.107768] show_stack+0x20/0x38 (C) [ 30.109019] dump_stack_lvl+0x8c/0xd0 [ 30.109602] print_report+0x118/0x5e0 [ 30.110313] kasan_report+0xc8/0x118 [ 30.110762] __asan_report_store1_noabort+0x20/0x30 [ 30.111315] kmalloc_track_caller_oob_right+0x414/0x490 [ 30.111839] kunit_try_run_case+0x14c/0x3d0 [ 30.113550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.114485] kthread+0x24c/0x2d0 [ 30.115000] ret_from_fork+0x10/0x20 [ 30.115504] [ 30.115839] Allocated by task 131: [ 30.116981] kasan_save_stack+0x3c/0x68 [ 30.117434] kasan_save_track+0x20/0x40 [ 30.117956] kasan_save_alloc_info+0x40/0x58 [ 30.119141] __kasan_kmalloc+0xd4/0xd8 [ 30.119873] __kmalloc_node_track_caller_noprof+0x184/0x4b8 [ 30.120837] kmalloc_track_caller_oob_right+0xa8/0x490 [ 30.122017] kunit_try_run_case+0x14c/0x3d0 [ 30.122587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.123262] kthread+0x24c/0x2d0 [ 30.123722] ret_from_fork+0x10/0x20 [ 30.124688] [ 30.125346] The buggy address belongs to the object at fff00000c6089f00 [ 30.125346] which belongs to the cache kmalloc-128 of size 128 [ 30.126282] The buggy address is located 0 bytes to the right of [ 30.126282] allocated 120-byte region [fff00000c6089f00, fff00000c6089f78) [ 30.127678] [ 30.128117] The buggy address belongs to the physical page: [ 30.129491] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106089 [ 30.130635] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.131603] page_type: f5(slab) [ 30.132333] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.133229] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 30.133821] page dumped because: kasan: bad access detected [ 30.134563] [ 30.134862] Memory state around the buggy address: [ 30.135509] fff00000c6089e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.136863] fff00000c6089e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.138189] >fff00000c6089f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.138962] ^ [ 30.139732] fff00000c6089f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.140778] fff00000c608a000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 30.142248] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 30.046311] ================================================================== [ 30.047284] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 30.048117] Read of size 1 at addr fff00000c6407000 by task kunit_try_catch/129 [ 30.049344] [ 30.049806] CPU: 1 UID: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 30.051056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.051687] Hardware name: linux,dummy-virt (DT) [ 30.052614] Call trace: [ 30.053107] show_stack+0x20/0x38 (C) [ 30.053734] dump_stack_lvl+0x8c/0xd0 [ 30.054419] print_report+0x118/0x5e0 [ 30.055032] kasan_report+0xc8/0x118 [ 30.055718] __asan_report_load1_noabort+0x20/0x30 [ 30.056739] kmalloc_node_oob_right+0x2f4/0x330 [ 30.057344] kunit_try_run_case+0x14c/0x3d0 [ 30.058066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.058820] kthread+0x24c/0x2d0 [ 30.059457] ret_from_fork+0x10/0x20 [ 30.060023] [ 30.060444] Allocated by task 129: [ 30.061383] kasan_save_stack+0x3c/0x68 [ 30.062065] kasan_save_track+0x20/0x40 [ 30.062589] kasan_save_alloc_info+0x40/0x58 [ 30.063257] __kasan_kmalloc+0xd4/0xd8 [ 30.063785] __kmalloc_cache_node_noprof+0x164/0x3d0 [ 30.064707] kmalloc_node_oob_right+0xbc/0x330 [ 30.065484] kunit_try_run_case+0x14c/0x3d0 [ 30.066082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.066661] kthread+0x24c/0x2d0 [ 30.067265] ret_from_fork+0x10/0x20 [ 30.067892] [ 30.068276] The buggy address belongs to the object at fff00000c6406000 [ 30.068276] which belongs to the cache kmalloc-4k of size 4096 [ 30.070501] The buggy address is located 0 bytes to the right of [ 30.070501] allocated 4096-byte region [fff00000c6406000, fff00000c6407000) [ 30.071736] [ 30.072156] The buggy address belongs to the physical page: [ 30.073113] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106400 [ 30.074482] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.075365] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.076248] page_type: f5(slab) [ 30.077085] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 30.078013] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 30.079031] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 30.079929] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 30.080955] head: 0bfffe0000000003 ffffc1ffc3190001 ffffffffffffffff 0000000000000000 [ 30.082241] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 30.083352] page dumped because: kasan: bad access detected [ 30.084205] [ 30.084882] Memory state around the buggy address: [ 30.085427] fff00000c6406f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.086269] fff00000c6406f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.087150] >fff00000c6407000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.087976] ^ [ 30.088883] fff00000c6407080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.089793] fff00000c6407100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.090676] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 29.991427] ================================================================== [ 29.992820] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 29.994601] Read of size 1 at addr fff00000c599a7ff by task kunit_try_catch/127 [ 29.995386] [ 29.995870] CPU: 1 UID: 0 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.997137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.998098] Hardware name: linux,dummy-virt (DT) [ 29.998597] Call trace: [ 29.999066] show_stack+0x20/0x38 (C) [ 29.999700] dump_stack_lvl+0x8c/0xd0 [ 30.000618] print_report+0x118/0x5e0 [ 30.001217] kasan_report+0xc8/0x118 [ 30.001773] __asan_report_load1_noabort+0x20/0x30 [ 30.002404] kmalloc_oob_left+0x2ec/0x320 [ 30.003068] kunit_try_run_case+0x14c/0x3d0 [ 30.003707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.004724] kthread+0x24c/0x2d0 [ 30.005285] ret_from_fork+0x10/0x20 [ 30.005858] [ 30.006185] Allocated by task 28: [ 30.006732] kasan_save_stack+0x3c/0x68 [ 30.007260] kasan_save_track+0x20/0x40 [ 30.007862] kasan_save_alloc_info+0x40/0x58 [ 30.009022] __kasan_kmalloc+0xd4/0xd8 [ 30.009438] __kmalloc_node_track_caller_noprof+0x184/0x4b8 [ 30.009979] kstrdup+0x54/0xc8 [ 30.010375] devtmpfs_work_loop+0x384/0x590 [ 30.011051] devtmpfsd+0x50/0x58 [ 30.011614] kthread+0x24c/0x2d0 [ 30.012196] ret_from_fork+0x10/0x20 [ 30.012842] [ 30.013261] Freed by task 28: [ 30.013806] kasan_save_stack+0x3c/0x68 [ 30.014457] kasan_save_track+0x20/0x40 [ 30.015088] kasan_save_free_info+0x4c/0x78 [ 30.015821] __kasan_slab_free+0x6c/0x98 [ 30.016470] kfree+0x114/0x3d0 [ 30.017052] devtmpfs_work_loop+0x498/0x590 [ 30.017620] devtmpfsd+0x50/0x58 [ 30.018185] kthread+0x24c/0x2d0 [ 30.018752] ret_from_fork+0x10/0x20 [ 30.019397] [ 30.019736] The buggy address belongs to the object at fff00000c599a7e0 [ 30.019736] which belongs to the cache kmalloc-16 of size 16 [ 30.021157] The buggy address is located 15 bytes to the right of [ 30.021157] allocated 16-byte region [fff00000c599a7e0, fff00000c599a7f0) [ 30.022356] [ 30.022739] The buggy address belongs to the physical page: [ 30.023456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599a [ 30.024365] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.025095] page_type: f5(slab) [ 30.025692] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 30.026626] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 30.027560] page dumped because: kasan: bad access detected [ 30.028231] [ 30.028590] Memory state around the buggy address: [ 30.029222] fff00000c599a680: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 30.029986] fff00000c599a700: 00 02 fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 30.030788] >fff00000c599a780: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 30.031438] ^ [ 30.032365] fff00000c599a800: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.033036] fff00000c599a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.033948] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 29.940046] ================================================================== [ 29.941381] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 29.942092] Read of size 1 at addr fff00000c6089b80 by task kunit_try_catch/125 [ 29.943003] [ 29.943394] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.944323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.944942] Hardware name: linux,dummy-virt (DT) [ 29.945601] Call trace: [ 29.947045] show_stack+0x20/0x38 (C) [ 29.947619] dump_stack_lvl+0x8c/0xd0 [ 29.948017] print_report+0x118/0x5e0 [ 29.948707] kasan_report+0xc8/0x118 [ 29.949833] __asan_report_load1_noabort+0x20/0x30 [ 29.950498] kmalloc_oob_right+0x5d0/0x660 [ 29.950996] kunit_try_run_case+0x14c/0x3d0 [ 29.951665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.952685] kthread+0x24c/0x2d0 [ 29.953186] ret_from_fork+0x10/0x20 [ 29.953848] [ 29.954140] Allocated by task 125: [ 29.954916] kasan_save_stack+0x3c/0x68 [ 29.955958] kasan_save_track+0x20/0x40 [ 29.956888] kasan_save_alloc_info+0x40/0x58 [ 29.957581] __kasan_kmalloc+0xd4/0xd8 [ 29.958206] __kmalloc_cache_noprof+0x15c/0x3c8 [ 29.958890] kmalloc_oob_right+0xb0/0x660 [ 29.959414] kunit_try_run_case+0x14c/0x3d0 [ 29.959999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.960973] kthread+0x24c/0x2d0 [ 29.961987] ret_from_fork+0x10/0x20 [ 29.962345] [ 29.962637] The buggy address belongs to the object at fff00000c6089b00 [ 29.962637] which belongs to the cache kmalloc-128 of size 128 [ 29.963708] The buggy address is located 13 bytes to the right of [ 29.963708] allocated 115-byte region [fff00000c6089b00, fff00000c6089b73) [ 29.966005] [ 29.966419] The buggy address belongs to the physical page: [ 29.967193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106089 [ 29.968461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.969553] page_type: f5(slab) [ 29.970022] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.971071] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 29.971981] page dumped because: kasan: bad access detected [ 29.972816] [ 29.973435] Memory state around the buggy address: [ 29.974307] fff00000c6089a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.975386] fff00000c6089b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.976461] >fff00000c6089b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.977527] ^ [ 29.978380] fff00000c6089c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.979314] fff00000c6089c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.980163] ================================================================== [ 29.844775] ================================================================== [ 29.846610] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 29.848854] Write of size 1 at addr fff00000c6089b73 by task kunit_try_catch/125 [ 29.849650] [ 29.851558] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241126 #1 [ 29.853008] Tainted: [N]=TEST [ 29.853484] Hardware name: linux,dummy-virt (DT) [ 29.854580] Call trace: [ 29.856218] show_stack+0x20/0x38 (C) [ 29.857118] dump_stack_lvl+0x8c/0xd0 [ 29.857772] print_report+0x118/0x5e0 [ 29.858312] kasan_report+0xc8/0x118 [ 29.859181] __asan_report_store1_noabort+0x20/0x30 [ 29.860025] kmalloc_oob_right+0x5a4/0x660 [ 29.861500] kunit_try_run_case+0x14c/0x3d0 [ 29.862293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.863022] kthread+0x24c/0x2d0 [ 29.863729] ret_from_fork+0x10/0x20 [ 29.865102] [ 29.865629] Allocated by task 125: [ 29.866548] kasan_save_stack+0x3c/0x68 [ 29.867247] kasan_save_track+0x20/0x40 [ 29.867725] kasan_save_alloc_info+0x40/0x58 [ 29.868333] __kasan_kmalloc+0xd4/0xd8 [ 29.868857] __kmalloc_cache_noprof+0x15c/0x3c8 [ 29.869478] kmalloc_oob_right+0xb0/0x660 [ 29.870054] kunit_try_run_case+0x14c/0x3d0 [ 29.870706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.871682] kthread+0x24c/0x2d0 [ 29.872228] ret_from_fork+0x10/0x20 [ 29.873488] [ 29.874252] The buggy address belongs to the object at fff00000c6089b00 [ 29.874252] which belongs to the cache kmalloc-128 of size 128 [ 29.876127] The buggy address is located 0 bytes to the right of [ 29.876127] allocated 115-byte region [fff00000c6089b00, fff00000c6089b73) [ 29.877550] [ 29.878166] The buggy address belongs to the physical page: [ 29.879416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106089 [ 29.880755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.882270] page_type: f5(slab) [ 29.883432] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.884749] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 29.885809] page dumped because: kasan: bad access detected [ 29.886530] [ 29.886879] Memory state around the buggy address: [ 29.888122] fff00000c6089a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.889022] fff00000c6089a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.889759] >fff00000c6089b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.891016] ^ [ 29.892098] fff00000c6089b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.893202] fff00000c6089c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.894258] ================================================================== [ 29.898685] ================================================================== [ 29.899516] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 29.900327] Write of size 1 at addr fff00000c6089b78 by task kunit_try_catch/125 [ 29.901846] [ 29.902166] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 29.902958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.903549] Hardware name: linux,dummy-virt (DT) [ 29.904059] Call trace: [ 29.904802] show_stack+0x20/0x38 (C) [ 29.905470] dump_stack_lvl+0x8c/0xd0 [ 29.906545] print_report+0x118/0x5e0 [ 29.907639] kasan_report+0xc8/0x118 [ 29.908176] __asan_report_store1_noabort+0x20/0x30 [ 29.909271] kmalloc_oob_right+0x538/0x660 [ 29.909846] kunit_try_run_case+0x14c/0x3d0 [ 29.910492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.911357] kthread+0x24c/0x2d0 [ 29.911813] ret_from_fork+0x10/0x20 [ 29.912711] [ 29.913133] Allocated by task 125: [ 29.913681] kasan_save_stack+0x3c/0x68 [ 29.914313] kasan_save_track+0x20/0x40 [ 29.914798] kasan_save_alloc_info+0x40/0x58 [ 29.915640] __kasan_kmalloc+0xd4/0xd8 [ 29.916269] __kmalloc_cache_noprof+0x15c/0x3c8 [ 29.917147] kmalloc_oob_right+0xb0/0x660 [ 29.917925] kunit_try_run_case+0x14c/0x3d0 [ 29.918413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.919320] kthread+0x24c/0x2d0 [ 29.919931] ret_from_fork+0x10/0x20 [ 29.920686] [ 29.921145] The buggy address belongs to the object at fff00000c6089b00 [ 29.921145] which belongs to the cache kmalloc-128 of size 128 [ 29.922190] The buggy address is located 5 bytes to the right of [ 29.922190] allocated 115-byte region [fff00000c6089b00, fff00000c6089b73) [ 29.923781] [ 29.924276] The buggy address belongs to the physical page: [ 29.925081] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106089 [ 29.926589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.927345] page_type: f5(slab) [ 29.928164] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.929654] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 29.930626] page dumped because: kasan: bad access detected [ 29.931339] [ 29.931677] Memory state around the buggy address: [ 29.932418] fff00000c6089a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.933279] fff00000c6089a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.934099] >fff00000c6089b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.935612] ^ [ 29.936441] fff00000c6089b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.937786] fff00000c6089c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.938580] ==================================================================
Failure - log-parser-boot - internal-error-oops-oops-preempt-smp
KNOWN ISSUE - kunit_test_null_dereference internal oops on qemu-arm64 KUNIT KASAN
[ 146.635955] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 146.637063] Modules linked in: [ 146.637831] CPU: 1 UID: 0 PID: 621 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241126 #1 [ 146.639029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 146.639654] Hardware name: linux,dummy-virt (DT) [ 146.640919] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 146.642546] pc : kunit_test_null_dereference+0x70/0x170 [ 146.643544] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 146.644428] sp : ffff800083497dc0 [ 146.645218] x29: ffff800083497e20 x28: 0000000000000000 x27: 0000000000000000 [ 146.646497] x26: 0000000000000000 x25: 0000000000000000 x24: fff00000cbf20400 [ 146.647583] x23: ffff946f149c9710 x22: ffff946f149d22d0 x21: fff00000cbf20408 [ 146.649160] x20: 1ffff00010692fb8 x19: ffff8000800879f0 x18: 00000000949a4fe8 [ 146.650065] x17: 0000000000000000 x16: fff00000da502ca0 x15: 00000000307ed146 [ 146.651044] x14: 00000000f1f1f1f1 x13: fff00000da502c98 x12: fffd8000190d611a [ 146.652088] x11: 1ffe0000190d6119 x10: fffd8000190d6119 x9 : ffff946f149c9798 [ 146.653526] x8 : ffff800083497cb8 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 146.654596] x5 : ffff700010692fb8 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 146.655632] x2 : dfff800000000000 x1 : fff00000c86b0000 x0 : ffff8000800879f0 [ 146.657149] Call trace: [ 146.657637] kunit_test_null_dereference+0x70/0x170 (P) [ 146.658589] kunit_generic_run_threadfn_adapter+0x88/0x100 (L) [ 146.659445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 146.660198] kthread+0x24c/0x2d0 [ 146.660955] ret_from_fork+0x10/0x20 [ 146.662277] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 146.663519] ---[ end trace 0000000000000000 ]---