Date
Nov. 27, 2024, 3:37 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 28.458626] ================================================================== [ 28.460749] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 28.461601] Read of size 1 at addr ffff888101ab9950 by task kunit_try_catch/267 [ 28.462856] [ 28.463800] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.464830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.465887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.467601] Call Trace: [ 28.468519] <TASK> [ 28.468747] dump_stack_lvl+0x73/0xb0 [ 28.469118] print_report+0xd1/0x640 [ 28.469673] ? __virt_addr_valid+0x1db/0x2d0 [ 28.470258] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.471200] kasan_report+0x102/0x140 [ 28.471674] ? kasan_strings+0xa0f/0xb60 [ 28.472411] ? kasan_strings+0xa0f/0xb60 [ 28.473190] __asan_report_load1_noabort+0x18/0x20 [ 28.473613] kasan_strings+0xa0f/0xb60 [ 28.474288] ? __pfx_kasan_strings+0x10/0x10 [ 28.474750] ? __schedule+0xc3e/0x2790 [ 28.475664] ? __pfx_read_tsc+0x10/0x10 [ 28.476296] ? ktime_get_ts64+0x84/0x230 [ 28.476701] kunit_try_run_case+0x1b3/0x490 [ 28.477859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.478416] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.479331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.479871] ? __kthread_parkme+0x82/0x160 [ 28.480710] ? preempt_count_sub+0x50/0x80 [ 28.481566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.481876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.483210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.483452] kthread+0x257/0x310 [ 28.483629] ? __pfx_kthread+0x10/0x10 [ 28.483810] ret_from_fork+0x41/0x80 [ 28.484257] ? __pfx_kthread+0x10/0x10 [ 28.484917] ret_from_fork_asm+0x1a/0x30 [ 28.485690] </TASK> [ 28.486299] [ 28.486639] Allocated by task 267: [ 28.487338] kasan_save_stack+0x3d/0x60 [ 28.488395] kasan_save_track+0x18/0x40 [ 28.489217] kasan_save_alloc_info+0x3b/0x50 [ 28.489676] __kasan_kmalloc+0xb7/0xc0 [ 28.490566] __kmalloc_cache_noprof+0x184/0x410 [ 28.491369] kasan_strings+0xb3/0xb60 [ 28.491761] kunit_try_run_case+0x1b3/0x490 [ 28.492400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.492936] kthread+0x257/0x310 [ 28.493838] ret_from_fork+0x41/0x80 [ 28.494618] ret_from_fork_asm+0x1a/0x30 [ 28.494979] [ 28.495793] Freed by task 267: [ 28.496160] kasan_save_stack+0x3d/0x60 [ 28.496900] kasan_save_track+0x18/0x40 [ 28.497466] kasan_save_free_info+0x3f/0x60 [ 28.497862] __kasan_slab_free+0x56/0x70 [ 28.499055] kfree+0x123/0x3f0 [ 28.499344] kasan_strings+0x13a/0xb60 [ 28.500485] kunit_try_run_case+0x1b3/0x490 [ 28.501546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.502288] kthread+0x257/0x310 [ 28.502610] ret_from_fork+0x41/0x80 [ 28.502969] ret_from_fork_asm+0x1a/0x30 [ 28.503471] [ 28.503717] The buggy address belongs to the object at ffff888101ab9940 [ 28.503717] which belongs to the cache kmalloc-32 of size 32 [ 28.505119] The buggy address is located 16 bytes inside of [ 28.505119] freed 32-byte region [ffff888101ab9940, ffff888101ab9960) [ 28.506902] [ 28.507430] The buggy address belongs to the physical page: [ 28.508508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.509407] flags: 0x200000000000000(node=0|zone=2) [ 28.510472] page_type: f5(slab) [ 28.510814] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.511773] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.513900] page dumped because: kasan: bad access detected [ 28.514508] [ 28.514769] Memory state around the buggy address: [ 28.515816] ffff888101ab9800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.517152] ffff888101ab9880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.517637] >ffff888101ab9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.518161] ^ [ 28.518696] ffff888101ab9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.519213] ffff888101ab9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.520012] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 28.407556] ================================================================== [ 28.408651] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 28.409417] Read of size 1 at addr ffff888101ab9950 by task kunit_try_catch/267 [ 28.410387] [ 28.410638] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.411551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.411866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.412930] Call Trace: [ 28.413166] <TASK> [ 28.413405] dump_stack_lvl+0x73/0xb0 [ 28.414026] print_report+0xd1/0x640 [ 28.414782] ? __virt_addr_valid+0x1db/0x2d0 [ 28.415484] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.416156] kasan_report+0x102/0x140 [ 28.416570] ? strcmp+0xb0/0xc0 [ 28.416842] ? strcmp+0xb0/0xc0 [ 28.417320] __asan_report_load1_noabort+0x18/0x20 [ 28.418268] strcmp+0xb0/0xc0 [ 28.418700] kasan_strings+0x2e9/0xb60 [ 28.419027] ? __pfx_kasan_strings+0x10/0x10 [ 28.419962] ? __schedule+0xc3e/0x2790 [ 28.420424] ? __pfx_read_tsc+0x10/0x10 [ 28.420917] ? ktime_get_ts64+0x84/0x230 [ 28.421496] kunit_try_run_case+0x1b3/0x490 [ 28.421820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.423015] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.423639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.424389] ? __kthread_parkme+0x82/0x160 [ 28.424863] ? preempt_count_sub+0x50/0x80 [ 28.425423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.425855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.426694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.427328] kthread+0x257/0x310 [ 28.428602] ? __pfx_kthread+0x10/0x10 [ 28.429163] ret_from_fork+0x41/0x80 [ 28.429682] ? __pfx_kthread+0x10/0x10 [ 28.430211] ret_from_fork_asm+0x1a/0x30 [ 28.430647] </TASK> [ 28.431176] [ 28.431362] Allocated by task 267: [ 28.431744] kasan_save_stack+0x3d/0x60 [ 28.432603] kasan_save_track+0x18/0x40 [ 28.433194] kasan_save_alloc_info+0x3b/0x50 [ 28.433573] __kasan_kmalloc+0xb7/0xc0 [ 28.434142] __kmalloc_cache_noprof+0x184/0x410 [ 28.434609] kasan_strings+0xb3/0xb60 [ 28.435281] kunit_try_run_case+0x1b3/0x490 [ 28.435754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.436501] kthread+0x257/0x310 [ 28.437302] ret_from_fork+0x41/0x80 [ 28.437602] ret_from_fork_asm+0x1a/0x30 [ 28.438215] [ 28.438452] Freed by task 267: [ 28.438779] kasan_save_stack+0x3d/0x60 [ 28.439620] kasan_save_track+0x18/0x40 [ 28.440188] kasan_save_free_info+0x3f/0x60 [ 28.440573] __kasan_slab_free+0x56/0x70 [ 28.441287] kfree+0x123/0x3f0 [ 28.441609] kasan_strings+0x13a/0xb60 [ 28.442171] kunit_try_run_case+0x1b3/0x490 [ 28.442754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.443518] kthread+0x257/0x310 [ 28.444074] ret_from_fork+0x41/0x80 [ 28.444904] ret_from_fork_asm+0x1a/0x30 [ 28.445423] [ 28.445739] The buggy address belongs to the object at ffff888101ab9940 [ 28.445739] which belongs to the cache kmalloc-32 of size 32 [ 28.447026] The buggy address is located 16 bytes inside of [ 28.447026] freed 32-byte region [ffff888101ab9940, ffff888101ab9960) [ 28.447896] [ 28.448287] The buggy address belongs to the physical page: [ 28.448853] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.449954] flags: 0x200000000000000(node=0|zone=2) [ 28.450863] page_type: f5(slab) [ 28.451438] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.452304] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.452792] page dumped because: kasan: bad access detected [ 28.453561] [ 28.453728] Memory state around the buggy address: [ 28.454524] ffff888101ab9800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.455248] ffff888101ab9880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.455861] >ffff888101ab9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.457108] ^ [ 28.457406] ffff888101ab9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.457682] ffff888101ab9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.457949] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 28.353433] ================================================================== [ 28.354509] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 28.355597] Read of size 1 at addr ffff888101ab9950 by task kunit_try_catch/267 [ 28.356377] [ 28.356803] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.357902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.358507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.359250] Call Trace: [ 28.359612] <TASK> [ 28.359830] dump_stack_lvl+0x73/0xb0 [ 28.360469] print_report+0xd1/0x640 [ 28.360755] ? __virt_addr_valid+0x1db/0x2d0 [ 28.361137] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.363013] kasan_report+0x102/0x140 [ 28.363819] ? strrchr+0x64/0x70 [ 28.364469] ? strrchr+0x64/0x70 [ 28.364885] __asan_report_load1_noabort+0x18/0x20 [ 28.365601] strrchr+0x64/0x70 [ 28.366086] kasan_strings+0x24c/0xb60 [ 28.366450] ? __pfx_kasan_strings+0x10/0x10 [ 28.366958] ? __schedule+0xc3e/0x2790 [ 28.367494] ? __pfx_read_tsc+0x10/0x10 [ 28.368323] ? ktime_get_ts64+0x84/0x230 [ 28.368876] kunit_try_run_case+0x1b3/0x490 [ 28.369354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.370286] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.371060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.371556] ? __kthread_parkme+0x82/0x160 [ 28.372183] ? preempt_count_sub+0x50/0x80 [ 28.372727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.373397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.374074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.374768] kthread+0x257/0x310 [ 28.375178] ? __pfx_kthread+0x10/0x10 [ 28.375904] ret_from_fork+0x41/0x80 [ 28.376465] ? __pfx_kthread+0x10/0x10 [ 28.376896] ret_from_fork_asm+0x1a/0x30 [ 28.377678] </TASK> [ 28.378031] [ 28.378317] Allocated by task 267: [ 28.378818] kasan_save_stack+0x3d/0x60 [ 28.379211] kasan_save_track+0x18/0x40 [ 28.379832] kasan_save_alloc_info+0x3b/0x50 [ 28.380509] __kasan_kmalloc+0xb7/0xc0 [ 28.380800] __kmalloc_cache_noprof+0x184/0x410 [ 28.381580] kasan_strings+0xb3/0xb60 [ 28.382167] kunit_try_run_case+0x1b3/0x490 [ 28.383141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.383699] kthread+0x257/0x310 [ 28.384144] ret_from_fork+0x41/0x80 [ 28.384562] ret_from_fork_asm+0x1a/0x30 [ 28.385440] [ 28.385653] Freed by task 267: [ 28.386175] kasan_save_stack+0x3d/0x60 [ 28.386765] kasan_save_track+0x18/0x40 [ 28.387311] kasan_save_free_info+0x3f/0x60 [ 28.388224] __kasan_slab_free+0x56/0x70 [ 28.388559] kfree+0x123/0x3f0 [ 28.389113] kasan_strings+0x13a/0xb60 [ 28.389490] kunit_try_run_case+0x1b3/0x490 [ 28.389918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.390810] kthread+0x257/0x310 [ 28.391246] ret_from_fork+0x41/0x80 [ 28.391778] ret_from_fork_asm+0x1a/0x30 [ 28.392360] [ 28.392754] The buggy address belongs to the object at ffff888101ab9940 [ 28.392754] which belongs to the cache kmalloc-32 of size 32 [ 28.393763] The buggy address is located 16 bytes inside of [ 28.393763] freed 32-byte region [ffff888101ab9940, ffff888101ab9960) [ 28.395074] [ 28.395580] The buggy address belongs to the physical page: [ 28.396111] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.397054] flags: 0x200000000000000(node=0|zone=2) [ 28.397653] page_type: f5(slab) [ 28.398199] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.398971] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.399798] page dumped because: kasan: bad access detected [ 28.400497] [ 28.400738] Memory state around the buggy address: [ 28.401528] ffff888101ab9800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.402115] ffff888101ab9880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.403365] >ffff888101ab9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.404162] ^ [ 28.404812] ffff888101ab9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.405711] ffff888101ab9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.406478] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 28.293898] ================================================================== [ 28.295111] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 28.296123] Read of size 1 at addr ffff888101ab9950 by task kunit_try_catch/267 [ 28.296727] [ 28.297708] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.298692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.299457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.300553] Call Trace: [ 28.301312] <TASK> [ 28.301625] dump_stack_lvl+0x73/0xb0 [ 28.302535] print_report+0xd1/0x640 [ 28.303191] ? __virt_addr_valid+0x1db/0x2d0 [ 28.304261] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.305001] kasan_report+0x102/0x140 [ 28.305623] ? strchr+0x9c/0xc0 [ 28.306417] ? strchr+0x9c/0xc0 [ 28.306938] __asan_report_load1_noabort+0x18/0x20 [ 28.307720] strchr+0x9c/0xc0 [ 28.308114] kasan_strings+0x1b1/0xb60 [ 28.308515] ? __pfx_kasan_strings+0x10/0x10 [ 28.308958] ? __schedule+0xc3e/0x2790 [ 28.309589] ? __pfx_read_tsc+0x10/0x10 [ 28.309882] ? ktime_get_ts64+0x84/0x230 [ 28.310575] kunit_try_run_case+0x1b3/0x490 [ 28.311451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.312207] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.312736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.313612] ? __kthread_parkme+0x82/0x160 [ 28.314444] ? preempt_count_sub+0x50/0x80 [ 28.314968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.315839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.316594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.317584] kthread+0x257/0x310 [ 28.317928] ? __pfx_kthread+0x10/0x10 [ 28.318804] ret_from_fork+0x41/0x80 [ 28.319419] ? __pfx_kthread+0x10/0x10 [ 28.320040] ret_from_fork_asm+0x1a/0x30 [ 28.320786] </TASK> [ 28.321214] [ 28.321388] Allocated by task 267: [ 28.321917] kasan_save_stack+0x3d/0x60 [ 28.322636] kasan_save_track+0x18/0x40 [ 28.323526] kasan_save_alloc_info+0x3b/0x50 [ 28.324105] __kasan_kmalloc+0xb7/0xc0 [ 28.324719] __kmalloc_cache_noprof+0x184/0x410 [ 28.325422] kasan_strings+0xb3/0xb60 [ 28.326246] kunit_try_run_case+0x1b3/0x490 [ 28.326910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.327465] kthread+0x257/0x310 [ 28.327934] ret_from_fork+0x41/0x80 [ 28.328576] ret_from_fork_asm+0x1a/0x30 [ 28.329026] [ 28.329612] Freed by task 267: [ 28.329960] kasan_save_stack+0x3d/0x60 [ 28.330604] kasan_save_track+0x18/0x40 [ 28.331265] kasan_save_free_info+0x3f/0x60 [ 28.331835] __kasan_slab_free+0x56/0x70 [ 28.332373] kfree+0x123/0x3f0 [ 28.333047] kasan_strings+0x13a/0xb60 [ 28.333509] kunit_try_run_case+0x1b3/0x490 [ 28.334068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.334687] kthread+0x257/0x310 [ 28.335747] ret_from_fork+0x41/0x80 [ 28.336297] ret_from_fork_asm+0x1a/0x30 [ 28.336848] [ 28.337151] The buggy address belongs to the object at ffff888101ab9940 [ 28.337151] which belongs to the cache kmalloc-32 of size 32 [ 28.338680] The buggy address is located 16 bytes inside of [ 28.338680] freed 32-byte region [ffff888101ab9940, ffff888101ab9960) [ 28.340116] [ 28.340516] The buggy address belongs to the physical page: [ 28.340998] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.341818] flags: 0x200000000000000(node=0|zone=2) [ 28.342776] page_type: f5(slab) [ 28.343259] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.344069] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.345265] page dumped because: kasan: bad access detected [ 28.345846] [ 28.346100] Memory state around the buggy address: [ 28.346847] ffff888101ab9800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.348100] ffff888101ab9880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.348854] >ffff888101ab9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.349616] ^ [ 28.350325] ffff888101ab9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.351346] ffff888101ab9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.352307] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 28.235640] ================================================================== [ 28.236918] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 28.237773] Read of size 1 at addr ffff888101ab8758 by task kunit_try_catch/265 [ 28.239394] [ 28.239594] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.240477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.240665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.241123] Call Trace: [ 28.241545] <TASK> [ 28.242305] dump_stack_lvl+0x73/0xb0 [ 28.243204] print_report+0xd1/0x640 [ 28.243522] ? __virt_addr_valid+0x1db/0x2d0 [ 28.244329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.244853] kasan_report+0x102/0x140 [ 28.245281] ? memcmp+0x1b4/0x1d0 [ 28.245646] ? memcmp+0x1b4/0x1d0 [ 28.246070] __asan_report_load1_noabort+0x18/0x20 [ 28.246486] memcmp+0x1b4/0x1d0 [ 28.247693] kasan_memcmp+0x190/0x390 [ 28.248102] ? trace_hardirqs_on+0x37/0xe0 [ 28.248533] ? __pfx_kasan_memcmp+0x10/0x10 [ 28.248968] ? finish_task_switch.isra.0+0x153/0x700 [ 28.249966] ? __switch_to+0x5d9/0xf60 [ 28.250293] ? __pfx_read_tsc+0x10/0x10 [ 28.251646] ? ktime_get_ts64+0x84/0x230 [ 28.252617] kunit_try_run_case+0x1b3/0x490 [ 28.253089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.253553] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.254044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.254560] ? __kthread_parkme+0x82/0x160 [ 28.255024] ? preempt_count_sub+0x50/0x80 [ 28.256135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.256507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.257774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.258645] kthread+0x257/0x310 [ 28.259504] ? __pfx_kthread+0x10/0x10 [ 28.260322] ret_from_fork+0x41/0x80 [ 28.261125] ? __pfx_kthread+0x10/0x10 [ 28.261809] ret_from_fork_asm+0x1a/0x30 [ 28.262478] </TASK> [ 28.262666] [ 28.263657] Allocated by task 265: [ 28.264086] kasan_save_stack+0x3d/0x60 [ 28.264964] kasan_save_track+0x18/0x40 [ 28.265530] kasan_save_alloc_info+0x3b/0x50 [ 28.266156] __kasan_kmalloc+0xb7/0xc0 [ 28.266629] __kmalloc_cache_noprof+0x184/0x410 [ 28.267732] kasan_memcmp+0xb8/0x390 [ 28.268107] kunit_try_run_case+0x1b3/0x490 [ 28.269424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.270393] kthread+0x257/0x310 [ 28.270577] ret_from_fork+0x41/0x80 [ 28.270750] ret_from_fork_asm+0x1a/0x30 [ 28.270967] [ 28.271404] The buggy address belongs to the object at ffff888101ab8740 [ 28.271404] which belongs to the cache kmalloc-32 of size 32 [ 28.274280] The buggy address is located 0 bytes to the right of [ 28.274280] allocated 24-byte region [ffff888101ab8740, ffff888101ab8758) [ 28.276189] [ 28.276336] The buggy address belongs to the physical page: [ 28.277447] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab8 [ 28.278699] flags: 0x200000000000000(node=0|zone=2) [ 28.279580] page_type: f5(slab) [ 28.279859] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.281056] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.281768] page dumped because: kasan: bad access detected [ 28.282296] [ 28.282498] Memory state around the buggy address: [ 28.282953] ffff888101ab8600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.283763] ffff888101ab8680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.285340] >ffff888101ab8700: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.286033] ^ [ 28.286403] ffff888101ab8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.287240] ffff888101ab8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.288330] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 28.179804] ================================================================== [ 28.180918] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 28.181503] Read of size 1 at addr ffff888101ab97d8 by task kunit_try_catch/263 [ 28.183149] [ 28.183569] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.185568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.186881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.188233] Call Trace: [ 28.188486] <TASK> [ 28.188679] dump_stack_lvl+0x73/0xb0 [ 28.189665] print_report+0xd1/0x640 [ 28.190462] ? __virt_addr_valid+0x1db/0x2d0 [ 28.190782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.191916] kasan_report+0x102/0x140 [ 28.192256] ? memchr+0x79/0x90 [ 28.193378] ? memchr+0x79/0x90 [ 28.193746] __asan_report_load1_noabort+0x18/0x20 [ 28.194212] memchr+0x79/0x90 [ 28.195093] kasan_memchr+0x163/0x320 [ 28.195789] ? __pfx_kasan_memchr+0x10/0x10 [ 28.196571] ? __schedule+0xc3e/0x2790 [ 28.196856] ? __pfx_read_tsc+0x10/0x10 [ 28.197729] ? ktime_get_ts64+0x84/0x230 [ 28.198535] kunit_try_run_case+0x1b3/0x490 [ 28.198928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.199908] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.200511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.201753] ? __kthread_parkme+0x82/0x160 [ 28.202191] ? preempt_count_sub+0x50/0x80 [ 28.203072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.203753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.204789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.206294] kthread+0x257/0x310 [ 28.207390] ? __pfx_kthread+0x10/0x10 [ 28.207798] ret_from_fork+0x41/0x80 [ 28.208740] ? __pfx_kthread+0x10/0x10 [ 28.209042] ret_from_fork_asm+0x1a/0x30 [ 28.209959] </TASK> [ 28.210260] [ 28.210595] Allocated by task 263: [ 28.210979] kasan_save_stack+0x3d/0x60 [ 28.211472] kasan_save_track+0x18/0x40 [ 28.212168] kasan_save_alloc_info+0x3b/0x50 [ 28.212553] __kasan_kmalloc+0xb7/0xc0 [ 28.213190] __kmalloc_cache_noprof+0x184/0x410 [ 28.213619] kasan_memchr+0xad/0x320 [ 28.214036] kunit_try_run_case+0x1b3/0x490 [ 28.214703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.215248] kthread+0x257/0x310 [ 28.215859] ret_from_fork+0x41/0x80 [ 28.216152] ret_from_fork_asm+0x1a/0x30 [ 28.216751] [ 28.217295] The buggy address belongs to the object at ffff888101ab97c0 [ 28.217295] which belongs to the cache kmalloc-32 of size 32 [ 28.218065] The buggy address is located 0 bytes to the right of [ 28.218065] allocated 24-byte region [ffff888101ab97c0, ffff888101ab97d8) [ 28.219675] [ 28.219895] The buggy address belongs to the physical page: [ 28.220479] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.221393] flags: 0x200000000000000(node=0|zone=2) [ 28.221715] page_type: f5(slab) [ 28.222230] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.223120] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.224269] page dumped because: kasan: bad access detected [ 28.224654] [ 28.224866] Memory state around the buggy address: [ 28.225548] ffff888101ab9680: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.226380] ffff888101ab9700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.227346] >ffff888101ab9780: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.228245] ^ [ 28.228703] ffff888101ab9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.229468] ffff888101ab9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.230427] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 25.656472] ================================================================== [ 25.657074] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 25.657762] Free of addr ffff888102699d60 by task kunit_try_catch/200 [ 25.658451] [ 25.658790] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.660201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.661169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.662294] Call Trace: [ 25.662529] <TASK> [ 25.662829] dump_stack_lvl+0x73/0xb0 [ 25.663621] print_report+0xd1/0x640 [ 25.664255] ? __virt_addr_valid+0x1db/0x2d0 [ 25.664691] ? kfree_sensitive+0x2e/0x90 [ 25.665257] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.665772] ? kfree_sensitive+0x2e/0x90 [ 25.666179] kasan_report_invalid_free+0xc0/0xf0 [ 25.666762] ? kfree_sensitive+0x2e/0x90 [ 25.667580] ? kfree_sensitive+0x2e/0x90 [ 25.668131] check_slab_allocation+0x101/0x130 [ 25.668853] __kasan_slab_pre_free+0x28/0x40 [ 25.669551] kfree+0xf1/0x3f0 [ 25.669810] ? kfree_sensitive+0x2e/0x90 [ 25.670459] kfree_sensitive+0x2e/0x90 [ 25.670883] kmalloc_double_kzfree+0x19d/0x360 [ 25.671662] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.672181] ? __schedule+0xc3e/0x2790 [ 25.672950] ? __pfx_read_tsc+0x10/0x10 [ 25.673546] ? ktime_get_ts64+0x84/0x230 [ 25.674091] kunit_try_run_case+0x1b3/0x490 [ 25.674721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.675559] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.676119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.676740] ? __kthread_parkme+0x82/0x160 [ 25.677156] ? preempt_count_sub+0x50/0x80 [ 25.677770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.678388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.678909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.679603] kthread+0x257/0x310 [ 25.679959] ? __pfx_kthread+0x10/0x10 [ 25.680864] ret_from_fork+0x41/0x80 [ 25.681511] ? __pfx_kthread+0x10/0x10 [ 25.681913] ret_from_fork_asm+0x1a/0x30 [ 25.682601] </TASK> [ 25.683061] [ 25.683315] Allocated by task 200: [ 25.683899] kasan_save_stack+0x3d/0x60 [ 25.684832] kasan_save_track+0x18/0x40 [ 25.685430] kasan_save_alloc_info+0x3b/0x50 [ 25.685868] __kasan_kmalloc+0xb7/0xc0 [ 25.686584] __kmalloc_cache_noprof+0x184/0x410 [ 25.686950] kmalloc_double_kzfree+0xaa/0x360 [ 25.687689] kunit_try_run_case+0x1b3/0x490 [ 25.688476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.689324] kthread+0x257/0x310 [ 25.689709] ret_from_fork+0x41/0x80 [ 25.690277] ret_from_fork_asm+0x1a/0x30 [ 25.690649] [ 25.691055] Freed by task 200: [ 25.691442] kasan_save_stack+0x3d/0x60 [ 25.692228] kasan_save_track+0x18/0x40 [ 25.692750] kasan_save_free_info+0x3f/0x60 [ 25.693424] __kasan_slab_free+0x56/0x70 [ 25.694142] kfree+0x123/0x3f0 [ 25.694514] kfree_sensitive+0x67/0x90 [ 25.695062] kmalloc_double_kzfree+0x12c/0x360 [ 25.695570] kunit_try_run_case+0x1b3/0x490 [ 25.696458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.697091] kthread+0x257/0x310 [ 25.697387] ret_from_fork+0x41/0x80 [ 25.697816] ret_from_fork_asm+0x1a/0x30 [ 25.698575] [ 25.698859] The buggy address belongs to the object at ffff888102699d60 [ 25.698859] which belongs to the cache kmalloc-16 of size 16 [ 25.699863] The buggy address is located 0 bytes inside of [ 25.699863] 16-byte region [ffff888102699d60, ffff888102699d70) [ 25.700889] [ 25.701460] The buggy address belongs to the physical page: [ 25.702325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 25.702969] flags: 0x200000000000000(node=0|zone=2) [ 25.703655] page_type: f5(slab) [ 25.703925] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.704664] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.705648] page dumped because: kasan: bad access detected [ 25.706408] [ 25.706576] Memory state around the buggy address: [ 25.706975] ffff888102699c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 25.707586] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 25.708473] >ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.709241] ^ [ 25.709605] ffff888102699d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.710642] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.711287] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 25.599443] ================================================================== [ 25.601143] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 25.602505] Read of size 1 at addr ffff888102699d60 by task kunit_try_catch/200 [ 25.603441] [ 25.603657] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.605747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.606045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.607548] Call Trace: [ 25.608134] <TASK> [ 25.608416] dump_stack_lvl+0x73/0xb0 [ 25.609408] print_report+0xd1/0x640 [ 25.609670] ? __virt_addr_valid+0x1db/0x2d0 [ 25.610225] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.610742] kasan_report+0x102/0x140 [ 25.611428] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.612227] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.613233] ? kmalloc_double_kzfree+0x19d/0x360 [ 25.613752] __kasan_check_byte+0x3d/0x50 [ 25.614371] kfree_sensitive+0x22/0x90 [ 25.614842] kmalloc_double_kzfree+0x19d/0x360 [ 25.615510] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.615861] ? __schedule+0xc3e/0x2790 [ 25.616553] ? __pfx_read_tsc+0x10/0x10 [ 25.616977] ? ktime_get_ts64+0x84/0x230 [ 25.617756] kunit_try_run_case+0x1b3/0x490 [ 25.618466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.619162] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.619738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.620467] ? __kthread_parkme+0x82/0x160 [ 25.621342] ? preempt_count_sub+0x50/0x80 [ 25.621753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.622412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.622957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.623604] kthread+0x257/0x310 [ 25.624223] ? __pfx_kthread+0x10/0x10 [ 25.624583] ret_from_fork+0x41/0x80 [ 25.625043] ? __pfx_kthread+0x10/0x10 [ 25.625430] ret_from_fork_asm+0x1a/0x30 [ 25.625821] </TASK> [ 25.626442] [ 25.626626] Allocated by task 200: [ 25.627229] kasan_save_stack+0x3d/0x60 [ 25.627611] kasan_save_track+0x18/0x40 [ 25.628321] kasan_save_alloc_info+0x3b/0x50 [ 25.628640] __kasan_kmalloc+0xb7/0xc0 [ 25.629186] __kmalloc_cache_noprof+0x184/0x410 [ 25.629768] kmalloc_double_kzfree+0xaa/0x360 [ 25.630721] kunit_try_run_case+0x1b3/0x490 [ 25.631385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.632153] kthread+0x257/0x310 [ 25.632516] ret_from_fork+0x41/0x80 [ 25.632932] ret_from_fork_asm+0x1a/0x30 [ 25.633350] [ 25.633735] Freed by task 200: [ 25.634439] kasan_save_stack+0x3d/0x60 [ 25.634776] kasan_save_track+0x18/0x40 [ 25.635481] kasan_save_free_info+0x3f/0x60 [ 25.635877] __kasan_slab_free+0x56/0x70 [ 25.636543] kfree+0x123/0x3f0 [ 25.637050] kfree_sensitive+0x67/0x90 [ 25.637463] kmalloc_double_kzfree+0x12c/0x360 [ 25.637872] kunit_try_run_case+0x1b3/0x490 [ 25.638723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.639422] kthread+0x257/0x310 [ 25.639683] ret_from_fork+0x41/0x80 [ 25.640186] ret_from_fork_asm+0x1a/0x30 [ 25.640542] [ 25.640801] The buggy address belongs to the object at ffff888102699d60 [ 25.640801] which belongs to the cache kmalloc-16 of size 16 [ 25.641707] The buggy address is located 0 bytes inside of [ 25.641707] freed 16-byte region [ffff888102699d60, ffff888102699d70) [ 25.643266] [ 25.643446] The buggy address belongs to the physical page: [ 25.644403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 25.644851] flags: 0x200000000000000(node=0|zone=2) [ 25.645576] page_type: f5(slab) [ 25.646363] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.647214] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.647778] page dumped because: kasan: bad access detected [ 25.648548] [ 25.648699] Memory state around the buggy address: [ 25.649496] ffff888102699c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 25.650365] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 25.651236] >ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.651853] ^ [ 25.652587] ffff888102699d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.653639] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.654567] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 25.479808] ================================================================== [ 25.480854] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 25.481746] Write of size 33 at addr ffff888101a9ef00 by task kunit_try_catch/194 [ 25.482552] [ 25.482725] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.483538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.484066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.485380] Call Trace: [ 25.485680] <TASK> [ 25.486196] dump_stack_lvl+0x73/0xb0 [ 25.486649] print_report+0xd1/0x640 [ 25.487185] ? __virt_addr_valid+0x1db/0x2d0 [ 25.487547] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.488279] kasan_report+0x102/0x140 [ 25.488678] ? kmalloc_uaf_memset+0x1a4/0x360 [ 25.489373] ? kmalloc_uaf_memset+0x1a4/0x360 [ 25.489743] kasan_check_range+0x10c/0x1c0 [ 25.490252] __asan_memset+0x27/0x50 [ 25.490705] kmalloc_uaf_memset+0x1a4/0x360 [ 25.491259] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 25.491677] ? __schedule+0xc3e/0x2790 [ 25.492214] ? __pfx_read_tsc+0x10/0x10 [ 25.492653] ? ktime_get_ts64+0x84/0x230 [ 25.493183] kunit_try_run_case+0x1b3/0x490 [ 25.493644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.494192] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.494837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.495358] ? __kthread_parkme+0x82/0x160 [ 25.495907] ? preempt_count_sub+0x50/0x80 [ 25.496332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.496942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.497526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.498173] kthread+0x257/0x310 [ 25.498598] ? __pfx_kthread+0x10/0x10 [ 25.498891] ret_from_fork+0x41/0x80 [ 25.499398] ? __pfx_kthread+0x10/0x10 [ 25.499800] ret_from_fork_asm+0x1a/0x30 [ 25.500365] </TASK> [ 25.500664] [ 25.500923] Allocated by task 194: [ 25.501307] kasan_save_stack+0x3d/0x60 [ 25.501734] kasan_save_track+0x18/0x40 [ 25.502339] kasan_save_alloc_info+0x3b/0x50 [ 25.502713] __kasan_kmalloc+0xb7/0xc0 [ 25.503219] __kmalloc_cache_noprof+0x184/0x410 [ 25.503660] kmalloc_uaf_memset+0xaa/0x360 [ 25.504259] kunit_try_run_case+0x1b3/0x490 [ 25.504770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.505395] kthread+0x257/0x310 [ 25.505864] ret_from_fork+0x41/0x80 [ 25.506235] ret_from_fork_asm+0x1a/0x30 [ 25.506813] [ 25.507161] Freed by task 194: [ 25.507432] kasan_save_stack+0x3d/0x60 [ 25.508061] kasan_save_track+0x18/0x40 [ 25.508527] kasan_save_free_info+0x3f/0x60 [ 25.508892] __kasan_slab_free+0x56/0x70 [ 25.509494] kfree+0x123/0x3f0 [ 25.509776] kmalloc_uaf_memset+0x12c/0x360 [ 25.510363] kunit_try_run_case+0x1b3/0x490 [ 25.510799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.511375] kthread+0x257/0x310 [ 25.511796] ret_from_fork+0x41/0x80 [ 25.512218] ret_from_fork_asm+0x1a/0x30 [ 25.512780] [ 25.513069] The buggy address belongs to the object at ffff888101a9ef00 [ 25.513069] which belongs to the cache kmalloc-64 of size 64 [ 25.514082] The buggy address is located 0 bytes inside of [ 25.514082] freed 64-byte region [ffff888101a9ef00, ffff888101a9ef40) [ 25.515266] [ 25.515453] The buggy address belongs to the physical page: [ 25.516001] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9e [ 25.516801] flags: 0x200000000000000(node=0|zone=2) [ 25.517404] page_type: f5(slab) [ 25.517670] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.518601] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.519513] page dumped because: kasan: bad access detected [ 25.519952] [ 25.520261] Memory state around the buggy address: [ 25.520826] ffff888101a9ee00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.521584] ffff888101a9ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.522212] >ffff888101a9ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.522951] ^ [ 25.523401] ffff888101a9ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.524111] ffff888101a9f000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.524722] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 25.373563] ================================================================== [ 25.375091] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 25.376433] Read of size 64 at addr ffff888102a49284 by task kunit_try_catch/190 [ 25.377490] [ 25.377669] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.379032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.379738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.380761] Call Trace: [ 25.381069] <TASK> [ 25.381295] dump_stack_lvl+0x73/0xb0 [ 25.381683] print_report+0xd1/0x640 [ 25.382041] ? __virt_addr_valid+0x1db/0x2d0 [ 25.382447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.383265] kasan_report+0x102/0x140 [ 25.383568] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 25.384162] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 25.384774] kasan_check_range+0x10c/0x1c0 [ 25.385337] __asan_memmove+0x27/0x70 [ 25.385846] kmalloc_memmove_invalid_size+0x170/0x330 [ 25.386376] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 25.386977] ? __schedule+0xc3e/0x2790 [ 25.387513] ? __pfx_read_tsc+0x10/0x10 [ 25.387846] ? ktime_get_ts64+0x84/0x230 [ 25.388450] kunit_try_run_case+0x1b3/0x490 [ 25.388915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.389421] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.390097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.390551] ? __kthread_parkme+0x82/0x160 [ 25.390850] ? preempt_count_sub+0x50/0x80 [ 25.391446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.392221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.392835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.393447] kthread+0x257/0x310 [ 25.393708] ? __pfx_kthread+0x10/0x10 [ 25.394218] ret_from_fork+0x41/0x80 [ 25.394709] ? __pfx_kthread+0x10/0x10 [ 25.395186] ret_from_fork_asm+0x1a/0x30 [ 25.395519] </TASK> [ 25.395710] [ 25.396033] Allocated by task 190: [ 25.396687] kasan_save_stack+0x3d/0x60 [ 25.397248] kasan_save_track+0x18/0x40 [ 25.397552] kasan_save_alloc_info+0x3b/0x50 [ 25.397850] __kasan_kmalloc+0xb7/0xc0 [ 25.398380] __kmalloc_cache_noprof+0x184/0x410 [ 25.399126] kmalloc_memmove_invalid_size+0xad/0x330 [ 25.399452] kunit_try_run_case+0x1b3/0x490 [ 25.400108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.400670] kthread+0x257/0x310 [ 25.400918] ret_from_fork+0x41/0x80 [ 25.401215] ret_from_fork_asm+0x1a/0x30 [ 25.401790] [ 25.402137] The buggy address belongs to the object at ffff888102a49280 [ 25.402137] which belongs to the cache kmalloc-64 of size 64 [ 25.403090] The buggy address is located 4 bytes inside of [ 25.403090] allocated 64-byte region [ffff888102a49280, ffff888102a492c0) [ 25.404364] [ 25.404561] The buggy address belongs to the physical page: [ 25.404885] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a49 [ 25.405855] flags: 0x200000000000000(node=0|zone=2) [ 25.406367] page_type: f5(slab) [ 25.406615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.407759] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.408715] page dumped because: kasan: bad access detected [ 25.409650] [ 25.409930] Memory state around the buggy address: [ 25.410463] ffff888102a49180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.412149] ffff888102a49200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.412715] >ffff888102a49280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.413791] ^ [ 25.414384] ffff888102a49300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.415544] ffff888102a49380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.416455] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 25.314754] ================================================================== [ 25.315967] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 25.317589] Read of size 18446744073709551614 at addr ffff888101a9ed04 by task kunit_try_catch/188 [ 25.319540] [ 25.320203] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.321240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.321558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.322580] Call Trace: [ 25.322921] <TASK> [ 25.323240] dump_stack_lvl+0x73/0xb0 [ 25.323715] print_report+0xd1/0x640 [ 25.324392] ? __virt_addr_valid+0x1db/0x2d0 [ 25.324822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.326329] kasan_report+0x102/0x140 [ 25.326717] ? kmalloc_memmove_negative_size+0x172/0x330 [ 25.327839] ? kmalloc_memmove_negative_size+0x172/0x330 [ 25.328539] kasan_check_range+0x10c/0x1c0 [ 25.329205] __asan_memmove+0x27/0x70 [ 25.329663] kmalloc_memmove_negative_size+0x172/0x330 [ 25.330481] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 25.331671] ? __schedule+0xc3e/0x2790 [ 25.332724] ? __pfx_read_tsc+0x10/0x10 [ 25.333108] ? ktime_get_ts64+0x84/0x230 [ 25.334139] kunit_try_run_case+0x1b3/0x490 [ 25.334522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.335017] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.335710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.336728] ? __kthread_parkme+0x82/0x160 [ 25.337165] ? preempt_count_sub+0x50/0x80 [ 25.337597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.338788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.339493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.340240] kthread+0x257/0x310 [ 25.340538] ? __pfx_kthread+0x10/0x10 [ 25.341071] ret_from_fork+0x41/0x80 [ 25.341620] ? __pfx_kthread+0x10/0x10 [ 25.342368] ret_from_fork_asm+0x1a/0x30 [ 25.342775] </TASK> [ 25.343339] [ 25.343540] Allocated by task 188: [ 25.343920] kasan_save_stack+0x3d/0x60 [ 25.344914] kasan_save_track+0x18/0x40 [ 25.345214] kasan_save_alloc_info+0x3b/0x50 [ 25.345719] __kasan_kmalloc+0xb7/0xc0 [ 25.346327] __kmalloc_cache_noprof+0x184/0x410 [ 25.346778] kmalloc_memmove_negative_size+0xad/0x330 [ 25.347244] kunit_try_run_case+0x1b3/0x490 [ 25.347832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.348537] kthread+0x257/0x310 [ 25.348886] ret_from_fork+0x41/0x80 [ 25.349306] ret_from_fork_asm+0x1a/0x30 [ 25.349589] [ 25.349772] The buggy address belongs to the object at ffff888101a9ed00 [ 25.349772] which belongs to the cache kmalloc-64 of size 64 [ 25.351247] The buggy address is located 4 bytes inside of [ 25.351247] 64-byte region [ffff888101a9ed00, ffff888101a9ed40) [ 25.352772] [ 25.354205] The buggy address belongs to the physical page: [ 25.354850] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9e [ 25.356284] flags: 0x200000000000000(node=0|zone=2) [ 25.357547] page_type: f5(slab) [ 25.357843] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.358592] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.359977] page dumped because: kasan: bad access detected [ 25.360896] [ 25.361191] Memory state around the buggy address: [ 25.361689] ffff888101a9ec00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 25.362651] ffff888101a9ec80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.363306] >ffff888101a9ed00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.363860] ^ [ 25.364520] ffff888101a9ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.366083] ffff888101a9ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.366682] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 25.259772] ================================================================== [ 25.260961] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 25.261688] Write of size 16 at addr ffff888102a4a369 by task kunit_try_catch/186 [ 25.263755] [ 25.263970] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.264782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.265166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.266164] Call Trace: [ 25.266803] <TASK> [ 25.267819] dump_stack_lvl+0x73/0xb0 [ 25.268332] print_report+0xd1/0x640 [ 25.268689] ? __virt_addr_valid+0x1db/0x2d0 [ 25.269303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.269757] kasan_report+0x102/0x140 [ 25.270807] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.271828] ? kmalloc_oob_memset_16+0x167/0x330 [ 25.272450] kasan_check_range+0x10c/0x1c0 [ 25.272849] __asan_memset+0x27/0x50 [ 25.273437] kmalloc_oob_memset_16+0x167/0x330 [ 25.274160] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 25.274717] ? __schedule+0x1ba9/0x2790 [ 25.275860] ? __pfx_read_tsc+0x10/0x10 [ 25.276636] ? ktime_get_ts64+0x84/0x230 [ 25.277253] kunit_try_run_case+0x1b3/0x490 [ 25.277705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.278664] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.279594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.280458] ? __kthread_parkme+0x82/0x160 [ 25.280821] ? preempt_count_sub+0x50/0x80 [ 25.281798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.282605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.283425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.284409] kthread+0x257/0x310 [ 25.284762] ? __pfx_kthread+0x10/0x10 [ 25.285470] ret_from_fork+0x41/0x80 [ 25.285777] ? __pfx_kthread+0x10/0x10 [ 25.286745] ret_from_fork_asm+0x1a/0x30 [ 25.287408] </TASK> [ 25.287728] [ 25.288122] Allocated by task 186: [ 25.288490] kasan_save_stack+0x3d/0x60 [ 25.289358] kasan_save_track+0x18/0x40 [ 25.289817] kasan_save_alloc_info+0x3b/0x50 [ 25.290358] __kasan_kmalloc+0xb7/0xc0 [ 25.290762] __kmalloc_cache_noprof+0x184/0x410 [ 25.291576] kmalloc_oob_memset_16+0xad/0x330 [ 25.292172] kunit_try_run_case+0x1b3/0x490 [ 25.292678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.293511] kthread+0x257/0x310 [ 25.294064] ret_from_fork+0x41/0x80 [ 25.294557] ret_from_fork_asm+0x1a/0x30 [ 25.294878] [ 25.295390] The buggy address belongs to the object at ffff888102a4a300 [ 25.295390] which belongs to the cache kmalloc-128 of size 128 [ 25.296530] The buggy address is located 105 bytes inside of [ 25.296530] allocated 120-byte region [ffff888102a4a300, ffff888102a4a378) [ 25.297974] [ 25.298384] The buggy address belongs to the physical page: [ 25.298840] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.299718] flags: 0x200000000000000(node=0|zone=2) [ 25.300392] page_type: f5(slab) [ 25.300810] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.301827] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.302615] page dumped because: kasan: bad access detected [ 25.303412] [ 25.303597] Memory state around the buggy address: [ 25.304071] ffff888102a4a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.304628] ffff888102a4a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.305575] >ffff888102a4a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.306483] ^ [ 25.307350] ffff888102a4a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.308242] ffff888102a4a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.308831] ================================================================== [ 25.104401] ================================================================== [ 25.105522] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 25.106647] Write of size 2 at addr ffff888101aa3477 by task kunit_try_catch/180 [ 25.107576] [ 25.108438] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.109761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.110205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.111069] Call Trace: [ 25.111412] <TASK> [ 25.112054] dump_stack_lvl+0x73/0xb0 [ 25.113324] print_report+0xd1/0x640 [ 25.113729] ? __virt_addr_valid+0x1db/0x2d0 [ 25.114772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.115331] kasan_report+0x102/0x140 [ 25.116156] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.116864] ? kmalloc_oob_memset_2+0x167/0x330 [ 25.117512] kasan_check_range+0x10c/0x1c0 [ 25.117945] __asan_memset+0x27/0x50 [ 25.118907] kmalloc_oob_memset_2+0x167/0x330 [ 25.119542] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.119953] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 25.121340] kunit_try_run_case+0x1b3/0x490 [ 25.121717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.122650] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.123525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.124158] ? __kthread_parkme+0x82/0x160 [ 25.125144] ? preempt_count_sub+0x50/0x80 [ 25.125372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.125582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.125827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.126328] kthread+0x257/0x310 [ 25.126780] ? __pfx_kthread+0x10/0x10 [ 25.127317] ret_from_fork+0x41/0x80 [ 25.127822] ? __pfx_kthread+0x10/0x10 [ 25.128241] ret_from_fork_asm+0x1a/0x30 [ 25.128755] </TASK> [ 25.128943] [ 25.129115] Allocated by task 180: [ 25.129929] kasan_save_stack+0x3d/0x60 [ 25.130861] kasan_save_track+0x18/0x40 [ 25.131266] kasan_save_alloc_info+0x3b/0x50 [ 25.131569] __kasan_kmalloc+0xb7/0xc0 [ 25.131835] __kmalloc_cache_noprof+0x184/0x410 [ 25.132778] kmalloc_oob_memset_2+0xad/0x330 [ 25.133680] kunit_try_run_case+0x1b3/0x490 [ 25.134255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.135101] kthread+0x257/0x310 [ 25.135374] ret_from_fork+0x41/0x80 [ 25.135641] ret_from_fork_asm+0x1a/0x30 [ 25.135934] [ 25.136420] The buggy address belongs to the object at ffff888101aa3400 [ 25.136420] which belongs to the cache kmalloc-128 of size 128 [ 25.137760] The buggy address is located 119 bytes inside of [ 25.137760] allocated 120-byte region [ffff888101aa3400, ffff888101aa3478) [ 25.138905] [ 25.139183] The buggy address belongs to the physical page: [ 25.139821] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa3 [ 25.140654] flags: 0x200000000000000(node=0|zone=2) [ 25.141081] page_type: f5(slab) [ 25.141508] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.142649] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.143417] page dumped because: kasan: bad access detected [ 25.143846] [ 25.144227] Memory state around the buggy address: [ 25.144815] ffff888101aa3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.145571] ffff888101aa3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.146192] >ffff888101aa3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.147005] ^ [ 25.148329] ffff888101aa3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.149170] ffff888101aa3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.149714] ================================================================== [ 25.155340] ================================================================== [ 25.156597] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 25.157702] Write of size 4 at addr ffff888101aa3575 by task kunit_try_catch/182 [ 25.158437] [ 25.159193] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.160099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.160493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.161466] Call Trace: [ 25.161671] <TASK> [ 25.162353] dump_stack_lvl+0x73/0xb0 [ 25.162868] print_report+0xd1/0x640 [ 25.163532] ? __virt_addr_valid+0x1db/0x2d0 [ 25.163841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.164709] kasan_report+0x102/0x140 [ 25.165338] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.165822] ? kmalloc_oob_memset_4+0x167/0x330 [ 25.166724] kasan_check_range+0x10c/0x1c0 [ 25.167411] __asan_memset+0x27/0x50 [ 25.167822] kmalloc_oob_memset_4+0x167/0x330 [ 25.168503] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 25.169103] ? __schedule+0xc3e/0x2790 [ 25.169541] ? __pfx_read_tsc+0x10/0x10 [ 25.170261] ? ktime_get_ts64+0x84/0x230 [ 25.170714] kunit_try_run_case+0x1b3/0x490 [ 25.171435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.172119] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.172633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.173355] ? __kthread_parkme+0x82/0x160 [ 25.173749] ? preempt_count_sub+0x50/0x80 [ 25.174569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.175194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.175827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.176534] kthread+0x257/0x310 [ 25.177126] ? __pfx_kthread+0x10/0x10 [ 25.177530] ret_from_fork+0x41/0x80 [ 25.177880] ? __pfx_kthread+0x10/0x10 [ 25.178624] ret_from_fork_asm+0x1a/0x30 [ 25.179306] </TASK> [ 25.179614] [ 25.179889] Allocated by task 182: [ 25.180433] kasan_save_stack+0x3d/0x60 [ 25.181079] kasan_save_track+0x18/0x40 [ 25.181513] kasan_save_alloc_info+0x3b/0x50 [ 25.182093] __kasan_kmalloc+0xb7/0xc0 [ 25.182853] __kmalloc_cache_noprof+0x184/0x410 [ 25.183607] kmalloc_oob_memset_4+0xad/0x330 [ 25.184231] kunit_try_run_case+0x1b3/0x490 [ 25.184658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.185342] kthread+0x257/0x310 [ 25.185747] ret_from_fork+0x41/0x80 [ 25.186267] ret_from_fork_asm+0x1a/0x30 [ 25.186586] [ 25.186843] The buggy address belongs to the object at ffff888101aa3500 [ 25.186843] which belongs to the cache kmalloc-128 of size 128 [ 25.188131] The buggy address is located 117 bytes inside of [ 25.188131] allocated 120-byte region [ffff888101aa3500, ffff888101aa3578) [ 25.189523] [ 25.189760] The buggy address belongs to the physical page: [ 25.190585] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa3 [ 25.191598] flags: 0x200000000000000(node=0|zone=2) [ 25.192196] page_type: f5(slab) [ 25.192622] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.193472] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.194306] page dumped because: kasan: bad access detected [ 25.194871] [ 25.195403] Memory state around the buggy address: [ 25.195833] ffff888101aa3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.196805] ffff888101aa3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.198274] >ffff888101aa3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.199612] ^ [ 25.200682] ffff888101aa3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.201384] ffff888101aa3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.202472] ================================================================== [ 25.208544] ================================================================== [ 25.209800] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 25.210459] Write of size 8 at addr ffff888102a4a271 by task kunit_try_catch/184 [ 25.211035] [ 25.212222] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.213024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.213814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.214825] Call Trace: [ 25.215128] <TASK> [ 25.215809] dump_stack_lvl+0x73/0xb0 [ 25.216251] print_report+0xd1/0x640 [ 25.217142] ? __virt_addr_valid+0x1db/0x2d0 [ 25.217760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.218508] kasan_report+0x102/0x140 [ 25.219177] ? kmalloc_oob_memset_8+0x167/0x330 [ 25.219408] ? kmalloc_oob_memset_8+0x167/0x330 [ 25.219622] kasan_check_range+0x10c/0x1c0 [ 25.219816] __asan_memset+0x27/0x50 [ 25.220015] kmalloc_oob_memset_8+0x167/0x330 [ 25.221262] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 25.222244] ? __schedule+0xc3e/0x2790 [ 25.222872] ? __pfx_read_tsc+0x10/0x10 [ 25.223622] ? ktime_get_ts64+0x84/0x230 [ 25.224084] kunit_try_run_case+0x1b3/0x490 [ 25.224881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.225620] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.226090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.226760] ? __kthread_parkme+0x82/0x160 [ 25.227431] ? preempt_count_sub+0x50/0x80 [ 25.228091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.228793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.229498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.230028] kthread+0x257/0x310 [ 25.230664] ? __pfx_kthread+0x10/0x10 [ 25.231210] ret_from_fork+0x41/0x80 [ 25.231833] ? __pfx_kthread+0x10/0x10 [ 25.232321] ret_from_fork_asm+0x1a/0x30 [ 25.233021] </TASK> [ 25.233255] [ 25.233669] Allocated by task 184: [ 25.233913] kasan_save_stack+0x3d/0x60 [ 25.234578] kasan_save_track+0x18/0x40 [ 25.235086] kasan_save_alloc_info+0x3b/0x50 [ 25.235423] __kasan_kmalloc+0xb7/0xc0 [ 25.236213] __kmalloc_cache_noprof+0x184/0x410 [ 25.236730] kmalloc_oob_memset_8+0xad/0x330 [ 25.237044] kunit_try_run_case+0x1b3/0x490 [ 25.237688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.238329] kthread+0x257/0x310 [ 25.239022] ret_from_fork+0x41/0x80 [ 25.239472] ret_from_fork_asm+0x1a/0x30 [ 25.239757] [ 25.240102] The buggy address belongs to the object at ffff888102a4a200 [ 25.240102] which belongs to the cache kmalloc-128 of size 128 [ 25.241656] The buggy address is located 113 bytes inside of [ 25.241656] allocated 120-byte region [ffff888102a4a200, ffff888102a4a278) [ 25.242681] [ 25.242838] The buggy address belongs to the physical page: [ 25.243745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.244726] flags: 0x200000000000000(node=0|zone=2) [ 25.245064] page_type: f5(slab) [ 25.245546] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.246747] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.247454] page dumped because: kasan: bad access detected [ 25.248119] [ 25.248529] Memory state around the buggy address: [ 25.248942] ffff888102a4a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.249620] ffff888102a4a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.250482] >ffff888102a4a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.251399] ^ [ 25.252393] ffff888102a4a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.253211] ffff888102a4a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.254057] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 25.058879] ================================================================== [ 25.059882] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 25.060904] Write of size 128 at addr ffff888102a46d00 by task kunit_try_catch/178 [ 25.061624] [ 25.061873] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.062714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.063085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.064072] Call Trace: [ 25.064435] <TASK> [ 25.064643] dump_stack_lvl+0x73/0xb0 [ 25.065124] print_report+0xd1/0x640 [ 25.065589] ? __virt_addr_valid+0x1db/0x2d0 [ 25.066014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.066544] kasan_report+0x102/0x140 [ 25.067033] ? kmalloc_oob_in_memset+0x160/0x320 [ 25.067890] ? kmalloc_oob_in_memset+0x160/0x320 [ 25.068567] kasan_check_range+0x10c/0x1c0 [ 25.069141] __asan_memset+0x27/0x50 [ 25.069425] kmalloc_oob_in_memset+0x160/0x320 [ 25.069933] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 25.070367] ? __schedule+0xc3e/0x2790 [ 25.070836] ? __pfx_read_tsc+0x10/0x10 [ 25.071401] ? ktime_get_ts64+0x84/0x230 [ 25.071829] kunit_try_run_case+0x1b3/0x490 [ 25.072433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.072812] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.073422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.073845] ? __kthread_parkme+0x82/0x160 [ 25.074231] ? preempt_count_sub+0x50/0x80 [ 25.074630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.075607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.076290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.076764] kthread+0x257/0x310 [ 25.077138] ? __pfx_kthread+0x10/0x10 [ 25.077834] ret_from_fork+0x41/0x80 [ 25.078219] ? __pfx_kthread+0x10/0x10 [ 25.078661] ret_from_fork_asm+0x1a/0x30 [ 25.079105] </TASK> [ 25.079481] [ 25.079703] Allocated by task 178: [ 25.080086] kasan_save_stack+0x3d/0x60 [ 25.080455] kasan_save_track+0x18/0x40 [ 25.080761] kasan_save_alloc_info+0x3b/0x50 [ 25.081357] __kasan_kmalloc+0xb7/0xc0 [ 25.081744] __kmalloc_cache_noprof+0x184/0x410 [ 25.082108] kmalloc_oob_in_memset+0xad/0x320 [ 25.082429] kunit_try_run_case+0x1b3/0x490 [ 25.082925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.083851] kthread+0x257/0x310 [ 25.084329] ret_from_fork+0x41/0x80 [ 25.084597] ret_from_fork_asm+0x1a/0x30 [ 25.084874] [ 25.085399] The buggy address belongs to the object at ffff888102a46d00 [ 25.085399] which belongs to the cache kmalloc-128 of size 128 [ 25.086734] The buggy address is located 0 bytes inside of [ 25.086734] allocated 120-byte region [ffff888102a46d00, ffff888102a46d78) [ 25.087864] [ 25.088042] The buggy address belongs to the physical page: [ 25.088378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a46 [ 25.089466] flags: 0x200000000000000(node=0|zone=2) [ 25.090243] page_type: f5(slab) [ 25.091912] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.092722] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.093180] page dumped because: kasan: bad access detected [ 25.093505] [ 25.093648] Memory state around the buggy address: [ 25.093847] ffff888102a46c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.094558] ffff888102a46c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.096118] >ffff888102a46d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.096730] ^ [ 25.097288] ffff888102a46d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.097846] ffff888102a46e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.098404] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 25.530604] ================================================================== [ 25.531718] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 25.532482] Read of size 1 at addr ffff888101aa6028 by task kunit_try_catch/196 [ 25.533169] [ 25.533663] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.535233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.535909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.537139] Call Trace: [ 25.537582] <TASK> [ 25.537854] dump_stack_lvl+0x73/0xb0 [ 25.538369] print_report+0xd1/0x640 [ 25.539317] ? __virt_addr_valid+0x1db/0x2d0 [ 25.539833] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.540646] kasan_report+0x102/0x140 [ 25.541168] ? kmalloc_uaf2+0x4aa/0x520 [ 25.541571] ? kmalloc_uaf2+0x4aa/0x520 [ 25.542262] __asan_report_load1_noabort+0x18/0x20 [ 25.543092] kmalloc_uaf2+0x4aa/0x520 [ 25.543717] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 25.544195] ? finish_task_switch.isra.0+0x153/0x700 [ 25.544833] ? __switch_to+0x5d9/0xf60 [ 25.545459] ? __schedule+0xc3e/0x2790 [ 25.545973] ? __pfx_read_tsc+0x10/0x10 [ 25.546526] ? ktime_get_ts64+0x84/0x230 [ 25.547262] kunit_try_run_case+0x1b3/0x490 [ 25.547852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.548526] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.549416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.549881] ? __kthread_parkme+0x82/0x160 [ 25.550544] ? preempt_count_sub+0x50/0x80 [ 25.551015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.551561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.552493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.553077] kthread+0x257/0x310 [ 25.553757] ? __pfx_kthread+0x10/0x10 [ 25.554091] ret_from_fork+0x41/0x80 [ 25.554798] ? __pfx_kthread+0x10/0x10 [ 25.555492] ret_from_fork_asm+0x1a/0x30 [ 25.556197] </TASK> [ 25.556498] [ 25.556741] Allocated by task 196: [ 25.557422] kasan_save_stack+0x3d/0x60 [ 25.557759] kasan_save_track+0x18/0x40 [ 25.558360] kasan_save_alloc_info+0x3b/0x50 [ 25.558957] __kasan_kmalloc+0xb7/0xc0 [ 25.559621] __kmalloc_cache_noprof+0x184/0x410 [ 25.560551] kmalloc_uaf2+0xc7/0x520 [ 25.561643] kunit_try_run_case+0x1b3/0x490 [ 25.561973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.563040] kthread+0x257/0x310 [ 25.563704] ret_from_fork+0x41/0x80 [ 25.563883] ret_from_fork_asm+0x1a/0x30 [ 25.564853] [ 25.565231] Freed by task 196: [ 25.566135] kasan_save_stack+0x3d/0x60 [ 25.566620] kasan_save_track+0x18/0x40 [ 25.567265] kasan_save_free_info+0x3f/0x60 [ 25.567866] __kasan_slab_free+0x56/0x70 [ 25.568419] kfree+0x123/0x3f0 [ 25.568689] kmalloc_uaf2+0x14d/0x520 [ 25.570320] kunit_try_run_case+0x1b3/0x490 [ 25.570704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.571665] kthread+0x257/0x310 [ 25.572592] ret_from_fork+0x41/0x80 [ 25.572961] ret_from_fork_asm+0x1a/0x30 [ 25.573840] [ 25.574490] The buggy address belongs to the object at ffff888101aa6000 [ 25.574490] which belongs to the cache kmalloc-64 of size 64 [ 25.575709] The buggy address is located 40 bytes inside of [ 25.575709] freed 64-byte region [ffff888101aa6000, ffff888101aa6040) [ 25.577032] [ 25.577468] The buggy address belongs to the physical page: [ 25.578414] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa6 [ 25.579049] flags: 0x200000000000000(node=0|zone=2) [ 25.579556] page_type: f5(slab) [ 25.580476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.581668] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.582736] page dumped because: kasan: bad access detected [ 25.583869] [ 25.584037] Memory state around the buggy address: [ 25.584515] ffff888101aa5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.585847] ffff888101aa5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.586635] >ffff888101aa6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.587879] ^ [ 25.588295] ffff888101aa6080: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 25.589529] ffff888101aa6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.590070] ================================================================== [ 25.007414] ================================================================== [ 25.008339] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 25.008960] Read of size 16 at addr ffff888101a26640 by task kunit_try_catch/176 [ 25.009612] [ 25.009921] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.010843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.011332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.012477] Call Trace: [ 25.012759] <TASK> [ 25.013293] dump_stack_lvl+0x73/0xb0 [ 25.013672] print_report+0xd1/0x640 [ 25.014332] ? __virt_addr_valid+0x1db/0x2d0 [ 25.014736] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.015311] kasan_report+0x102/0x140 [ 25.016078] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.016825] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.017547] __asan_report_load16_noabort+0x18/0x20 [ 25.018083] kmalloc_uaf_16+0x47d/0x4c0 [ 25.018645] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 25.019076] ? __schedule+0xc3e/0x2790 [ 25.019622] ? __pfx_read_tsc+0x10/0x10 [ 25.020256] ? ktime_get_ts64+0x84/0x230 [ 25.021172] kunit_try_run_case+0x1b3/0x490 [ 25.021628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.022384] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.022721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.023252] ? __kthread_parkme+0x82/0x160 [ 25.023785] ? preempt_count_sub+0x50/0x80 [ 25.024551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.025043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.025501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.026096] kthread+0x257/0x310 [ 25.026564] ? __pfx_kthread+0x10/0x10 [ 25.027075] ret_from_fork+0x41/0x80 [ 25.027603] ? __pfx_kthread+0x10/0x10 [ 25.027903] ret_from_fork_asm+0x1a/0x30 [ 25.028243] </TASK> [ 25.028567] [ 25.028795] Allocated by task 176: [ 25.029548] kasan_save_stack+0x3d/0x60 [ 25.030102] kasan_save_track+0x18/0x40 [ 25.030527] kasan_save_alloc_info+0x3b/0x50 [ 25.030826] __kasan_kmalloc+0xb7/0xc0 [ 25.031149] __kmalloc_cache_noprof+0x184/0x410 [ 25.031706] kmalloc_uaf_16+0x15c/0x4c0 [ 25.032162] kunit_try_run_case+0x1b3/0x490 [ 25.032827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.033518] kthread+0x257/0x310 [ 25.033830] ret_from_fork+0x41/0x80 [ 25.034322] ret_from_fork_asm+0x1a/0x30 [ 25.034913] [ 25.035089] Freed by task 176: [ 25.035399] kasan_save_stack+0x3d/0x60 [ 25.035941] kasan_save_track+0x18/0x40 [ 25.036234] kasan_save_free_info+0x3f/0x60 [ 25.037281] __kasan_slab_free+0x56/0x70 [ 25.037646] kfree+0x123/0x3f0 [ 25.038102] kmalloc_uaf_16+0x1d7/0x4c0 [ 25.038448] kunit_try_run_case+0x1b3/0x490 [ 25.038744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.039276] kthread+0x257/0x310 [ 25.040025] ret_from_fork+0x41/0x80 [ 25.040606] ret_from_fork_asm+0x1a/0x30 [ 25.041196] [ 25.041427] The buggy address belongs to the object at ffff888101a26640 [ 25.041427] which belongs to the cache kmalloc-16 of size 16 [ 25.042206] The buggy address is located 0 bytes inside of [ 25.042206] freed 16-byte region [ffff888101a26640, ffff888101a26650) [ 25.043456] [ 25.043653] The buggy address belongs to the physical page: [ 25.044331] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a26 [ 25.044883] flags: 0x200000000000000(node=0|zone=2) [ 25.045761] page_type: f5(slab) [ 25.046039] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.046489] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.047300] page dumped because: kasan: bad access detected [ 25.047876] [ 25.048116] Memory state around the buggy address: [ 25.048710] ffff888101a26500: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 25.049731] ffff888101a26580: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.050263] >ffff888101a26600: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 25.050678] ^ [ 25.051054] ffff888101a26680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.051852] ffff888101a26700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.052631] ================================================================== [ 25.421754] ================================================================== [ 25.423529] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 25.424183] Read of size 1 at addr ffff888101a26668 by task kunit_try_catch/192 [ 25.424705] [ 25.424970] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.425782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.426467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.427418] Call Trace: [ 25.427640] <TASK> [ 25.428071] dump_stack_lvl+0x73/0xb0 [ 25.428430] print_report+0xd1/0x640 [ 25.428833] ? __virt_addr_valid+0x1db/0x2d0 [ 25.429393] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.429816] kasan_report+0x102/0x140 [ 25.430114] ? kmalloc_uaf+0x322/0x380 [ 25.431173] ? kmalloc_uaf+0x322/0x380 [ 25.431497] __asan_report_load1_noabort+0x18/0x20 [ 25.432020] kmalloc_uaf+0x322/0x380 [ 25.432408] ? __pfx_kmalloc_uaf+0x10/0x10 [ 25.432729] ? __schedule+0xc3e/0x2790 [ 25.433382] ? __pfx_read_tsc+0x10/0x10 [ 25.433865] ? ktime_get_ts64+0x84/0x230 [ 25.434694] kunit_try_run_case+0x1b3/0x490 [ 25.435117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.435675] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.436293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.436675] ? __kthread_parkme+0x82/0x160 [ 25.436970] ? preempt_count_sub+0x50/0x80 [ 25.437566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.438420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.439197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.439573] kthread+0x257/0x310 [ 25.440030] ? __pfx_kthread+0x10/0x10 [ 25.440601] ret_from_fork+0x41/0x80 [ 25.441198] ? __pfx_kthread+0x10/0x10 [ 25.441542] ret_from_fork_asm+0x1a/0x30 [ 25.441967] </TASK> [ 25.442269] [ 25.442434] Allocated by task 192: [ 25.442869] kasan_save_stack+0x3d/0x60 [ 25.443229] kasan_save_track+0x18/0x40 [ 25.443859] kasan_save_alloc_info+0x3b/0x50 [ 25.444448] __kasan_kmalloc+0xb7/0xc0 [ 25.444771] __kmalloc_cache_noprof+0x184/0x410 [ 25.445385] kmalloc_uaf+0xab/0x380 [ 25.445646] kunit_try_run_case+0x1b3/0x490 [ 25.446390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.447260] kthread+0x257/0x310 [ 25.447527] ret_from_fork+0x41/0x80 [ 25.448086] ret_from_fork_asm+0x1a/0x30 [ 25.448578] [ 25.448787] Freed by task 192: [ 25.449291] kasan_save_stack+0x3d/0x60 [ 25.449585] kasan_save_track+0x18/0x40 [ 25.449857] kasan_save_free_info+0x3f/0x60 [ 25.451521] __kasan_slab_free+0x56/0x70 [ 25.452246] kfree+0x123/0x3f0 [ 25.452864] kmalloc_uaf+0x12d/0x380 [ 25.453341] kunit_try_run_case+0x1b3/0x490 [ 25.453757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.455329] kthread+0x257/0x310 [ 25.455567] ret_from_fork+0x41/0x80 [ 25.456812] ret_from_fork_asm+0x1a/0x30 [ 25.457382] [ 25.457529] The buggy address belongs to the object at ffff888101a26660 [ 25.457529] which belongs to the cache kmalloc-16 of size 16 [ 25.459473] The buggy address is located 8 bytes inside of [ 25.459473] freed 16-byte region [ffff888101a26660, ffff888101a26670) [ 25.461218] [ 25.461383] The buggy address belongs to the physical page: [ 25.461700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a26 [ 25.463068] flags: 0x200000000000000(node=0|zone=2) [ 25.463710] page_type: f5(slab) [ 25.464036] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.465406] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.466094] page dumped because: kasan: bad access detected [ 25.466577] [ 25.466782] Memory state around the buggy address: [ 25.467839] ffff888101a26500: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 25.468924] ffff888101a26580: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.470109] >ffff888101a26600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.471210] ^ [ 25.472294] ffff888101a26680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.472855] ffff888101a26700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.473871] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 24.956534] ================================================================== [ 24.957648] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 24.959122] Write of size 16 at addr ffff888102699d20 by task kunit_try_catch/174 [ 24.960827] [ 24.961507] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.962374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.962956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.963782] Call Trace: [ 24.964055] <TASK> [ 24.964713] dump_stack_lvl+0x73/0xb0 [ 24.965528] print_report+0xd1/0x640 [ 24.965924] ? __virt_addr_valid+0x1db/0x2d0 [ 24.966271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.967568] kasan_report+0x102/0x140 [ 24.968425] ? kmalloc_oob_16+0x454/0x4a0 [ 24.969101] ? kmalloc_oob_16+0x454/0x4a0 [ 24.969677] __asan_report_store16_noabort+0x1b/0x30 [ 24.970496] kmalloc_oob_16+0x454/0x4a0 [ 24.970905] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 24.971861] ? __schedule+0xc3e/0x2790 [ 24.972330] ? __pfx_read_tsc+0x10/0x10 [ 24.972624] ? ktime_get_ts64+0x84/0x230 [ 24.973118] kunit_try_run_case+0x1b3/0x490 [ 24.973856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.974340] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.974940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.975525] ? __kthread_parkme+0x82/0x160 [ 24.976169] ? preempt_count_sub+0x50/0x80 [ 24.976652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.976971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.977873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.978611] kthread+0x257/0x310 [ 24.979362] ? __pfx_kthread+0x10/0x10 [ 24.979825] ret_from_fork+0x41/0x80 [ 24.980222] ? __pfx_kthread+0x10/0x10 [ 24.980500] ret_from_fork_asm+0x1a/0x30 [ 24.981211] </TASK> [ 24.981585] [ 24.981840] Allocated by task 174: [ 24.982460] kasan_save_stack+0x3d/0x60 [ 24.982801] kasan_save_track+0x18/0x40 [ 24.983186] kasan_save_alloc_info+0x3b/0x50 [ 24.983855] __kasan_kmalloc+0xb7/0xc0 [ 24.984255] __kmalloc_cache_noprof+0x184/0x410 [ 24.985172] kmalloc_oob_16+0xa9/0x4a0 [ 24.985571] kunit_try_run_case+0x1b3/0x490 [ 24.985866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.986659] kthread+0x257/0x310 [ 24.987226] ret_from_fork+0x41/0x80 [ 24.987494] ret_from_fork_asm+0x1a/0x30 [ 24.987802] [ 24.988176] The buggy address belongs to the object at ffff888102699d20 [ 24.988176] which belongs to the cache kmalloc-16 of size 16 [ 24.989560] The buggy address is located 0 bytes inside of [ 24.989560] allocated 13-byte region [ffff888102699d20, ffff888102699d2d) [ 24.990689] [ 24.990848] The buggy address belongs to the physical page: [ 24.991638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 24.992702] flags: 0x200000000000000(node=0|zone=2) [ 24.993466] page_type: f5(slab) [ 24.993715] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.994521] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.995664] page dumped because: kasan: bad access detected [ 24.996363] [ 24.996591] Memory state around the buggy address: [ 24.997095] ffff888102699c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 24.997802] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 24.998689] >ffff888102699d00: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 24.999112] ^ [ 24.999516] ffff888102699d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.000613] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.001525] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 24.885240] ================================================================== [ 24.886267] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 24.886798] Read of size 1 at addr ffff888100999a00 by task kunit_try_catch/172 [ 24.888455] [ 24.889357] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.889878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.890528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.891398] Call Trace: [ 24.892103] <TASK> [ 24.892316] dump_stack_lvl+0x73/0xb0 [ 24.892698] print_report+0xd1/0x640 [ 24.893607] ? __virt_addr_valid+0x1db/0x2d0 [ 24.894771] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.895946] kasan_report+0x102/0x140 [ 24.896552] ? krealloc_uaf+0x53e/0x5e0 [ 24.896927] ? krealloc_uaf+0x53e/0x5e0 [ 24.897865] __asan_report_load1_noabort+0x18/0x20 [ 24.898383] krealloc_uaf+0x53e/0x5e0 [ 24.898572] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.898762] ? finish_task_switch.isra.0+0x153/0x700 [ 24.899300] ? __switch_to+0x5d9/0xf60 [ 24.899771] ? __schedule+0xc3e/0x2790 [ 24.900285] ? __pfx_read_tsc+0x10/0x10 [ 24.900743] ? ktime_get_ts64+0x84/0x230 [ 24.902254] kunit_try_run_case+0x1b3/0x490 [ 24.902873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.903460] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.903836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.904749] ? __kthread_parkme+0x82/0x160 [ 24.905684] ? preempt_count_sub+0x50/0x80 [ 24.906388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.906890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.908065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.908559] kthread+0x257/0x310 [ 24.908903] ? __pfx_kthread+0x10/0x10 [ 24.909801] ret_from_fork+0x41/0x80 [ 24.910746] ? __pfx_kthread+0x10/0x10 [ 24.911146] ret_from_fork_asm+0x1a/0x30 [ 24.911601] </TASK> [ 24.911815] [ 24.912306] Allocated by task 172: [ 24.912944] kasan_save_stack+0x3d/0x60 [ 24.913515] kasan_save_track+0x18/0x40 [ 24.913914] kasan_save_alloc_info+0x3b/0x50 [ 24.915372] __kasan_kmalloc+0xb7/0xc0 [ 24.915765] __kmalloc_cache_noprof+0x184/0x410 [ 24.916234] krealloc_uaf+0xbc/0x5e0 [ 24.916920] kunit_try_run_case+0x1b3/0x490 [ 24.917568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.918635] kthread+0x257/0x310 [ 24.919043] ret_from_fork+0x41/0x80 [ 24.919528] ret_from_fork_asm+0x1a/0x30 [ 24.920121] [ 24.920297] Freed by task 172: [ 24.921118] kasan_save_stack+0x3d/0x60 [ 24.921519] kasan_save_track+0x18/0x40 [ 24.922808] kasan_save_free_info+0x3f/0x60 [ 24.923200] __kasan_slab_free+0x56/0x70 [ 24.923800] kfree+0x123/0x3f0 [ 24.924495] krealloc_uaf+0x13e/0x5e0 [ 24.925247] kunit_try_run_case+0x1b3/0x490 [ 24.925677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.926941] kthread+0x257/0x310 [ 24.927831] ret_from_fork+0x41/0x80 [ 24.928492] ret_from_fork_asm+0x1a/0x30 [ 24.929387] [ 24.929570] The buggy address belongs to the object at ffff888100999a00 [ 24.929570] which belongs to the cache kmalloc-256 of size 256 [ 24.931235] The buggy address is located 0 bytes inside of [ 24.931235] freed 256-byte region [ffff888100999a00, ffff888100999b00) [ 24.932581] [ 24.933043] The buggy address belongs to the physical page: [ 24.933757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.934551] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.935519] flags: 0x200000000000040(head|node=0|zone=2) [ 24.936360] page_type: f5(slab) [ 24.936616] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.937561] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.938581] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.939663] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.940564] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.941435] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.942552] page dumped because: kasan: bad access detected [ 24.943626] [ 24.943824] Memory state around the buggy address: [ 24.944635] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.945506] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.946047] >ffff888100999a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.947542] ^ [ 24.947863] ffff888100999a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.948807] ffff888100999b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.949829] ================================================================== [ 24.825910] ================================================================== [ 24.827351] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 24.827955] Read of size 1 at addr ffff888100999a00 by task kunit_try_catch/172 [ 24.829397] [ 24.829732] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.830897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.831600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.832674] Call Trace: [ 24.833272] <TASK> [ 24.833496] dump_stack_lvl+0x73/0xb0 [ 24.833888] print_report+0xd1/0x640 [ 24.834808] ? __virt_addr_valid+0x1db/0x2d0 [ 24.835529] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.836490] kasan_report+0x102/0x140 [ 24.836677] ? krealloc_uaf+0x1b9/0x5e0 [ 24.836863] ? krealloc_uaf+0x1b9/0x5e0 [ 24.837870] ? krealloc_uaf+0x1b9/0x5e0 [ 24.838721] __kasan_check_byte+0x3d/0x50 [ 24.839549] krealloc_noprof+0x3f/0x340 [ 24.840028] krealloc_uaf+0x1b9/0x5e0 [ 24.840392] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.840745] ? finish_task_switch.isra.0+0x153/0x700 [ 24.841433] ? __switch_to+0x5d9/0xf60 [ 24.841796] ? __schedule+0xc3e/0x2790 [ 24.842510] ? __pfx_read_tsc+0x10/0x10 [ 24.842888] ? ktime_get_ts64+0x84/0x230 [ 24.843476] kunit_try_run_case+0x1b3/0x490 [ 24.844171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.844614] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.845374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.845889] ? __kthread_parkme+0x82/0x160 [ 24.846486] ? preempt_count_sub+0x50/0x80 [ 24.847051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.847629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.848446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.848904] kthread+0x257/0x310 [ 24.849276] ? __pfx_kthread+0x10/0x10 [ 24.849682] ret_from_fork+0x41/0x80 [ 24.850399] ? __pfx_kthread+0x10/0x10 [ 24.850690] ret_from_fork_asm+0x1a/0x30 [ 24.851394] </TASK> [ 24.851716] [ 24.852008] Allocated by task 172: [ 24.852292] kasan_save_stack+0x3d/0x60 [ 24.852778] kasan_save_track+0x18/0x40 [ 24.853294] kasan_save_alloc_info+0x3b/0x50 [ 24.853637] __kasan_kmalloc+0xb7/0xc0 [ 24.854463] __kmalloc_cache_noprof+0x184/0x410 [ 24.855097] krealloc_uaf+0xbc/0x5e0 [ 24.855555] kunit_try_run_case+0x1b3/0x490 [ 24.856221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.856579] kthread+0x257/0x310 [ 24.857140] ret_from_fork+0x41/0x80 [ 24.857599] ret_from_fork_asm+0x1a/0x30 [ 24.858419] [ 24.858677] Freed by task 172: [ 24.859208] kasan_save_stack+0x3d/0x60 [ 24.859648] kasan_save_track+0x18/0x40 [ 24.860137] kasan_save_free_info+0x3f/0x60 [ 24.860633] __kasan_slab_free+0x56/0x70 [ 24.861243] kfree+0x123/0x3f0 [ 24.861632] krealloc_uaf+0x13e/0x5e0 [ 24.862321] kunit_try_run_case+0x1b3/0x490 [ 24.862828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.863372] kthread+0x257/0x310 [ 24.863668] ret_from_fork+0x41/0x80 [ 24.864266] ret_from_fork_asm+0x1a/0x30 [ 24.864577] [ 24.864794] The buggy address belongs to the object at ffff888100999a00 [ 24.864794] which belongs to the cache kmalloc-256 of size 256 [ 24.866645] The buggy address is located 0 bytes inside of [ 24.866645] freed 256-byte region [ffff888100999a00, ffff888100999b00) [ 24.867837] [ 24.868306] The buggy address belongs to the physical page: [ 24.868887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.869820] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.871127] flags: 0x200000000000040(head|node=0|zone=2) [ 24.871491] page_type: f5(slab) [ 24.872137] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.872815] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.873644] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.874594] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.875369] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.876268] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.877141] page dumped because: kasan: bad access detected [ 24.877525] [ 24.877757] Memory state around the buggy address: [ 24.878639] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.879560] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.880406] >ffff888100999a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.881256] ^ [ 24.881580] ffff888100999a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.882508] ffff888100999b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.883315] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 24.601603] ================================================================== [ 24.603541] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 24.604122] Write of size 1 at addr ffff888102cc20c9 by task kunit_try_catch/170 [ 24.604862] [ 24.605328] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.606278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.606868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.607912] Call Trace: [ 24.608369] <TASK> [ 24.608800] dump_stack_lvl+0x73/0xb0 [ 24.609440] print_report+0xd1/0x640 [ 24.609879] ? __virt_addr_valid+0x1db/0x2d0 [ 24.610631] ? kasan_addr_to_slab+0x11/0xa0 [ 24.611335] kasan_report+0x102/0x140 [ 24.612155] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.612742] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.613772] __asan_report_store1_noabort+0x1b/0x30 [ 24.614675] krealloc_less_oob_helper+0xd72/0x11d0 [ 24.615543] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.616243] ? finish_task_switch.isra.0+0x153/0x700 [ 24.616708] ? __switch_to+0x5d9/0xf60 [ 24.617512] ? __schedule+0xc3e/0x2790 [ 24.618165] ? __pfx_read_tsc+0x10/0x10 [ 24.619141] krealloc_large_less_oob+0x1c/0x30 [ 24.620489] kunit_try_run_case+0x1b3/0x490 [ 24.620879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.621770] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.622266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.623370] ? __kthread_parkme+0x82/0x160 [ 24.623666] ? preempt_count_sub+0x50/0x80 [ 24.624483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.625408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.626490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.627161] kthread+0x257/0x310 [ 24.627550] ? __pfx_kthread+0x10/0x10 [ 24.628673] ret_from_fork+0x41/0x80 [ 24.629036] ? __pfx_kthread+0x10/0x10 [ 24.630387] ret_from_fork_asm+0x1a/0x30 [ 24.630787] </TASK> [ 24.631185] [ 24.632023] The buggy address belongs to the physical page: [ 24.632857] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 24.633846] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.635199] flags: 0x200000000000040(head|node=0|zone=2) [ 24.635691] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.636955] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.638638] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.639940] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.640688] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 24.641433] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.642594] page dumped because: kasan: bad access detected [ 24.643264] [ 24.643414] Memory state around the buggy address: [ 24.644403] ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.645241] ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.646374] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.647175] ^ [ 24.647842] ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.649065] ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.649833] ================================================================== [ 24.777450] ================================================================== [ 24.778627] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 24.779405] Write of size 1 at addr ffff888102cc20eb by task kunit_try_catch/170 [ 24.779687] [ 24.779789] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.780618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.782150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.782763] Call Trace: [ 24.782897] <TASK> [ 24.783590] dump_stack_lvl+0x73/0xb0 [ 24.784442] print_report+0xd1/0x640 [ 24.785269] ? __virt_addr_valid+0x1db/0x2d0 [ 24.785723] ? kasan_addr_to_slab+0x11/0xa0 [ 24.786197] kasan_report+0x102/0x140 [ 24.786571] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.787391] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.788262] __asan_report_store1_noabort+0x1b/0x30 [ 24.788709] krealloc_less_oob_helper+0xd49/0x11d0 [ 24.789501] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.790133] ? finish_task_switch.isra.0+0x153/0x700 [ 24.790562] ? __switch_to+0x5d9/0xf60 [ 24.791045] ? __schedule+0xc3e/0x2790 [ 24.791597] ? __pfx_read_tsc+0x10/0x10 [ 24.792788] krealloc_large_less_oob+0x1c/0x30 [ 24.793517] kunit_try_run_case+0x1b3/0x490 [ 24.794538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.794914] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.795492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.795735] ? __kthread_parkme+0x82/0x160 [ 24.796380] ? preempt_count_sub+0x50/0x80 [ 24.796765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.797832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.798755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.799527] kthread+0x257/0x310 [ 24.800093] ? __pfx_kthread+0x10/0x10 [ 24.800720] ret_from_fork+0x41/0x80 [ 24.801524] ? __pfx_kthread+0x10/0x10 [ 24.802021] ret_from_fork_asm+0x1a/0x30 [ 24.802783] </TASK> [ 24.803621] [ 24.803788] The buggy address belongs to the physical page: [ 24.804309] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 24.806044] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.806710] flags: 0x200000000000040(head|node=0|zone=2) [ 24.807324] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.808358] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.809097] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.810074] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.811034] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 24.812211] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.813009] page dumped because: kasan: bad access detected [ 24.813566] [ 24.813760] Memory state around the buggy address: [ 24.814215] ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.815332] ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.815864] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.817310] ^ [ 24.818068] ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.818891] ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.819902] ================================================================== [ 24.307314] ================================================================== [ 24.307733] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 24.309620] Write of size 1 at addr ffff8881009998da by task kunit_try_catch/166 [ 24.310751] [ 24.311564] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.312767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.314050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.314763] Call Trace: [ 24.315254] <TASK> [ 24.315948] dump_stack_lvl+0x73/0xb0 [ 24.317406] print_report+0xd1/0x640 [ 24.317774] ? __virt_addr_valid+0x1db/0x2d0 [ 24.318662] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.319237] kasan_report+0x102/0x140 [ 24.320548] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.320822] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.322035] __asan_report_store1_noabort+0x1b/0x30 [ 24.322921] krealloc_less_oob_helper+0xec8/0x11d0 [ 24.323768] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.324606] ? finish_task_switch.isra.0+0x153/0x700 [ 24.325517] ? __switch_to+0x5d9/0xf60 [ 24.325908] ? __schedule+0xc3e/0x2790 [ 24.326716] ? __pfx_read_tsc+0x10/0x10 [ 24.327490] krealloc_less_oob+0x1c/0x30 [ 24.328481] kunit_try_run_case+0x1b3/0x490 [ 24.328879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.329739] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.330589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.331398] ? __kthread_parkme+0x82/0x160 [ 24.332501] ? preempt_count_sub+0x50/0x80 [ 24.332897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.333774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.334685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.335505] kthread+0x257/0x310 [ 24.335833] ? __pfx_kthread+0x10/0x10 [ 24.336773] ret_from_fork+0x41/0x80 [ 24.337417] ? __pfx_kthread+0x10/0x10 [ 24.337853] ret_from_fork_asm+0x1a/0x30 [ 24.338262] </TASK> [ 24.338604] [ 24.338964] Allocated by task 166: [ 24.339616] kasan_save_stack+0x3d/0x60 [ 24.340501] kasan_save_track+0x18/0x40 [ 24.341626] kasan_save_alloc_info+0x3b/0x50 [ 24.342116] __kasan_krealloc+0x190/0x1f0 [ 24.343097] krealloc_noprof+0xf3/0x340 [ 24.344167] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.344691] krealloc_less_oob+0x1c/0x30 [ 24.345290] kunit_try_run_case+0x1b3/0x490 [ 24.345654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.346241] kthread+0x257/0x310 [ 24.346747] ret_from_fork+0x41/0x80 [ 24.347288] ret_from_fork_asm+0x1a/0x30 [ 24.347630] [ 24.347886] The buggy address belongs to the object at ffff888100999800 [ 24.347886] which belongs to the cache kmalloc-256 of size 256 [ 24.349407] The buggy address is located 17 bytes to the right of [ 24.349407] allocated 201-byte region [ffff888100999800, ffff8881009998c9) [ 24.350500] [ 24.350654] The buggy address belongs to the physical page: [ 24.351454] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.352447] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.353231] flags: 0x200000000000040(head|node=0|zone=2) [ 24.353566] page_type: f5(slab) [ 24.354378] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.355342] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.355965] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.356846] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.357621] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.358792] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.359600] page dumped because: kasan: bad access detected [ 24.360551] [ 24.360785] Memory state around the buggy address: [ 24.361384] ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.362327] ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.363596] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.364420] ^ [ 24.365576] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.366772] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.367843] ================================================================== [ 24.447797] ================================================================== [ 24.448860] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 24.449889] Write of size 1 at addr ffff8881009998eb by task kunit_try_catch/166 [ 24.451052] [ 24.451402] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.452395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.453262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.454343] Call Trace: [ 24.454850] <TASK> [ 24.455241] dump_stack_lvl+0x73/0xb0 [ 24.455962] print_report+0xd1/0x640 [ 24.456386] ? __virt_addr_valid+0x1db/0x2d0 [ 24.456819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.457838] kasan_report+0x102/0x140 [ 24.458201] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.459127] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 24.459681] __asan_report_store1_noabort+0x1b/0x30 [ 24.460581] krealloc_less_oob_helper+0xd49/0x11d0 [ 24.461004] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.461719] ? finish_task_switch.isra.0+0x153/0x700 [ 24.462469] ? __switch_to+0x5d9/0xf60 [ 24.462954] ? __schedule+0xc3e/0x2790 [ 24.463794] ? __pfx_read_tsc+0x10/0x10 [ 24.464564] krealloc_less_oob+0x1c/0x30 [ 24.464964] kunit_try_run_case+0x1b3/0x490 [ 24.465944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.466643] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.467341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.467819] ? __kthread_parkme+0x82/0x160 [ 24.468699] ? preempt_count_sub+0x50/0x80 [ 24.469130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.469848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.470773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.471705] kthread+0x257/0x310 [ 24.472074] ? __pfx_kthread+0x10/0x10 [ 24.472599] ret_from_fork+0x41/0x80 [ 24.473378] ? __pfx_kthread+0x10/0x10 [ 24.473869] ret_from_fork_asm+0x1a/0x30 [ 24.474835] </TASK> [ 24.475400] [ 24.475613] Allocated by task 166: [ 24.476346] kasan_save_stack+0x3d/0x60 [ 24.476807] kasan_save_track+0x18/0x40 [ 24.477599] kasan_save_alloc_info+0x3b/0x50 [ 24.478342] __kasan_krealloc+0x190/0x1f0 [ 24.478686] krealloc_noprof+0xf3/0x340 [ 24.479106] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.479965] krealloc_less_oob+0x1c/0x30 [ 24.480833] kunit_try_run_case+0x1b3/0x490 [ 24.481498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.482374] kthread+0x257/0x310 [ 24.482969] ret_from_fork+0x41/0x80 [ 24.483455] ret_from_fork_asm+0x1a/0x30 [ 24.484389] [ 24.484649] The buggy address belongs to the object at ffff888100999800 [ 24.484649] which belongs to the cache kmalloc-256 of size 256 [ 24.486255] The buggy address is located 34 bytes to the right of [ 24.486255] allocated 201-byte region [ffff888100999800, ffff8881009998c9) [ 24.487839] [ 24.488215] The buggy address belongs to the physical page: [ 24.489017] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.489883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.490761] flags: 0x200000000000040(head|node=0|zone=2) [ 24.491008] page_type: f5(slab) [ 24.491546] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.492717] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.493517] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.494756] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.495736] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.496517] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.497682] page dumped because: kasan: bad access detected [ 24.498178] [ 24.498422] Memory state around the buggy address: [ 24.499382] ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.500010] ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.500846] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.501872] ^ [ 24.502692] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.503618] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.504497] ================================================================== [ 24.368621] ================================================================== [ 24.370924] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 24.371731] Write of size 1 at addr ffff8881009998ea by task kunit_try_catch/166 [ 24.373775] [ 24.374421] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.376182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.377339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.379973] Call Trace: [ 24.380430] <TASK> [ 24.380803] dump_stack_lvl+0x73/0xb0 [ 24.381928] print_report+0xd1/0x640 [ 24.382875] ? __virt_addr_valid+0x1db/0x2d0 [ 24.383729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.384547] kasan_report+0x102/0x140 [ 24.385584] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.386534] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.388677] __asan_report_store1_noabort+0x1b/0x30 [ 24.389629] krealloc_less_oob_helper+0xe92/0x11d0 [ 24.390890] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.391915] ? finish_task_switch.isra.0+0x153/0x700 [ 24.392590] ? __switch_to+0x5d9/0xf60 [ 24.393579] ? __schedule+0xc3e/0x2790 [ 24.394896] ? __pfx_read_tsc+0x10/0x10 [ 24.395793] krealloc_less_oob+0x1c/0x30 [ 24.396763] kunit_try_run_case+0x1b3/0x490 [ 24.397422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.397839] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.398435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.399170] ? __kthread_parkme+0x82/0x160 [ 24.399553] ? preempt_count_sub+0x50/0x80 [ 24.400292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.400815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.401646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.402367] kthread+0x257/0x310 [ 24.402841] ? __pfx_kthread+0x10/0x10 [ 24.403515] ret_from_fork+0x41/0x80 [ 24.404068] ? __pfx_kthread+0x10/0x10 [ 24.404431] ret_from_fork_asm+0x1a/0x30 [ 24.405176] </TASK> [ 24.405364] [ 24.405753] Allocated by task 166: [ 24.406359] kasan_save_stack+0x3d/0x60 [ 24.406672] kasan_save_track+0x18/0x40 [ 24.407358] kasan_save_alloc_info+0x3b/0x50 [ 24.407660] __kasan_krealloc+0x190/0x1f0 [ 24.408483] krealloc_noprof+0xf3/0x340 [ 24.409051] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.409803] krealloc_less_oob+0x1c/0x30 [ 24.410837] kunit_try_run_case+0x1b3/0x490 [ 24.411667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.413118] kthread+0x257/0x310 [ 24.413944] ret_from_fork+0x41/0x80 [ 24.415226] ret_from_fork_asm+0x1a/0x30 [ 24.416432] [ 24.416793] The buggy address belongs to the object at ffff888100999800 [ 24.416793] which belongs to the cache kmalloc-256 of size 256 [ 24.418304] The buggy address is located 33 bytes to the right of [ 24.418304] allocated 201-byte region [ffff888100999800, ffff8881009998c9) [ 24.421173] [ 24.421366] The buggy address belongs to the physical page: [ 24.422116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.422803] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.423751] flags: 0x200000000000040(head|node=0|zone=2) [ 24.424483] page_type: f5(slab) [ 24.424897] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.425927] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.426805] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.428954] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.429831] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.431766] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.433382] page dumped because: kasan: bad access detected [ 24.434355] [ 24.434632] Memory state around the buggy address: [ 24.434965] ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.436579] ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.438303] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.440261] ^ [ 24.443043] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.443452] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.445009] ================================================================== [ 24.696139] ================================================================== [ 24.697138] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 24.697667] Write of size 1 at addr ffff888102cc20da by task kunit_try_catch/170 [ 24.698805] [ 24.699056] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.699609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.700452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.701791] Call Trace: [ 24.702031] <TASK> [ 24.702227] dump_stack_lvl+0x73/0xb0 [ 24.702521] print_report+0xd1/0x640 [ 24.703655] ? __virt_addr_valid+0x1db/0x2d0 [ 24.704588] ? kasan_addr_to_slab+0x11/0xa0 [ 24.705022] kasan_report+0x102/0x140 [ 24.705313] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.706041] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 24.707084] __asan_report_store1_noabort+0x1b/0x30 [ 24.708070] krealloc_less_oob_helper+0xec8/0x11d0 [ 24.708690] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.709667] ? finish_task_switch.isra.0+0x153/0x700 [ 24.710242] ? __switch_to+0x5d9/0xf60 [ 24.710870] ? __schedule+0xc3e/0x2790 [ 24.711742] ? __pfx_read_tsc+0x10/0x10 [ 24.712605] krealloc_large_less_oob+0x1c/0x30 [ 24.713525] kunit_try_run_case+0x1b3/0x490 [ 24.713870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.714808] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.715580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.716521] ? __kthread_parkme+0x82/0x160 [ 24.716830] ? preempt_count_sub+0x50/0x80 [ 24.717843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.718730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.720049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.720836] kthread+0x257/0x310 [ 24.721631] ? __pfx_kthread+0x10/0x10 [ 24.722745] ret_from_fork+0x41/0x80 [ 24.723304] ? __pfx_kthread+0x10/0x10 [ 24.723775] ret_from_fork_asm+0x1a/0x30 [ 24.724774] </TASK> [ 24.725088] [ 24.726005] The buggy address belongs to the physical page: [ 24.726528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 24.727715] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.728628] flags: 0x200000000000040(head|node=0|zone=2) [ 24.728976] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.729296] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.729581] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.729865] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.730496] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 24.731482] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.732352] page dumped because: kasan: bad access detected [ 24.732829] [ 24.733428] Memory state around the buggy address: [ 24.734146] ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.734705] ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.735623] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.736284] ^ [ 24.736720] ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.737760] ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.738591] ================================================================== [ 24.246386] ================================================================== [ 24.248854] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 24.249831] Write of size 1 at addr ffff8881009998d0 by task kunit_try_catch/166 [ 24.251171] [ 24.251375] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.252265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.252673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.253574] Call Trace: [ 24.253870] <TASK> [ 24.254305] dump_stack_lvl+0x73/0xb0 [ 24.255460] print_report+0xd1/0x640 [ 24.256100] ? __virt_addr_valid+0x1db/0x2d0 [ 24.256778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.257540] kasan_report+0x102/0x140 [ 24.258131] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.259131] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.259591] __asan_report_store1_noabort+0x1b/0x30 [ 24.260218] krealloc_less_oob_helper+0xe25/0x11d0 [ 24.261104] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.261587] ? finish_task_switch.isra.0+0x153/0x700 [ 24.262046] ? __switch_to+0x5d9/0xf60 [ 24.263194] ? __schedule+0xc3e/0x2790 [ 24.263841] ? __pfx_read_tsc+0x10/0x10 [ 24.264577] krealloc_less_oob+0x1c/0x30 [ 24.265323] kunit_try_run_case+0x1b3/0x490 [ 24.266190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.266605] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.267627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.268162] ? __kthread_parkme+0x82/0x160 [ 24.268778] ? preempt_count_sub+0x50/0x80 [ 24.269631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.270503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.271164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.271799] kthread+0x257/0x310 [ 24.272502] ? __pfx_kthread+0x10/0x10 [ 24.273159] ret_from_fork+0x41/0x80 [ 24.273599] ? __pfx_kthread+0x10/0x10 [ 24.274018] ret_from_fork_asm+0x1a/0x30 [ 24.275062] </TASK> [ 24.275751] [ 24.275906] Allocated by task 166: [ 24.276735] kasan_save_stack+0x3d/0x60 [ 24.277344] kasan_save_track+0x18/0x40 [ 24.277598] kasan_save_alloc_info+0x3b/0x50 [ 24.278577] __kasan_krealloc+0x190/0x1f0 [ 24.279075] krealloc_noprof+0xf3/0x340 [ 24.279455] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.279954] krealloc_less_oob+0x1c/0x30 [ 24.280668] kunit_try_run_case+0x1b3/0x490 [ 24.281123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.281486] kthread+0x257/0x310 [ 24.282000] ret_from_fork+0x41/0x80 [ 24.283101] ret_from_fork_asm+0x1a/0x30 [ 24.283427] [ 24.283708] The buggy address belongs to the object at ffff888100999800 [ 24.283708] which belongs to the cache kmalloc-256 of size 256 [ 24.284671] The buggy address is located 7 bytes to the right of [ 24.284671] allocated 201-byte region [ffff888100999800, ffff8881009998c9) [ 24.286793] [ 24.287076] The buggy address belongs to the physical page: [ 24.287401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.288742] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.289864] flags: 0x200000000000040(head|node=0|zone=2) [ 24.291051] page_type: f5(slab) [ 24.291848] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.293288] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.294458] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.295096] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.296941] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.298018] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.298708] page dumped because: kasan: bad access detected [ 24.300049] [ 24.300414] Memory state around the buggy address: [ 24.301363] ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.301727] ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.302090] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.303660] ^ [ 24.304380] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.305440] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.306228] ================================================================== [ 24.739427] ================================================================== [ 24.739864] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 24.740784] Write of size 1 at addr ffff888102cc20ea by task kunit_try_catch/170 [ 24.741588] [ 24.741809] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.743060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.743506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.744373] Call Trace: [ 24.744680] <TASK> [ 24.745307] dump_stack_lvl+0x73/0xb0 [ 24.745692] print_report+0xd1/0x640 [ 24.746179] ? __virt_addr_valid+0x1db/0x2d0 [ 24.746731] ? kasan_addr_to_slab+0x11/0xa0 [ 24.747428] kasan_report+0x102/0x140 [ 24.747796] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.748579] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 24.749418] __asan_report_store1_noabort+0x1b/0x30 [ 24.749880] krealloc_less_oob_helper+0xe92/0x11d0 [ 24.750580] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.751259] ? finish_task_switch.isra.0+0x153/0x700 [ 24.751705] ? __switch_to+0x5d9/0xf60 [ 24.752262] ? __schedule+0xc3e/0x2790 [ 24.752690] ? __pfx_read_tsc+0x10/0x10 [ 24.753549] krealloc_large_less_oob+0x1c/0x30 [ 24.754087] kunit_try_run_case+0x1b3/0x490 [ 24.754625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.755223] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.755673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.756357] ? __kthread_parkme+0x82/0x160 [ 24.756672] ? preempt_count_sub+0x50/0x80 [ 24.757390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.758009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.758633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.759294] kthread+0x257/0x310 [ 24.759571] ? __pfx_kthread+0x10/0x10 [ 24.760141] ret_from_fork+0x41/0x80 [ 24.760601] ? __pfx_kthread+0x10/0x10 [ 24.761211] ret_from_fork_asm+0x1a/0x30 [ 24.761735] </TASK> [ 24.762132] [ 24.762292] The buggy address belongs to the physical page: [ 24.763054] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 24.763745] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.764550] flags: 0x200000000000040(head|node=0|zone=2) [ 24.765245] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.766164] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.766677] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.767550] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.768385] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 24.769389] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.770012] page dumped because: kasan: bad access detected [ 24.770459] [ 24.770663] Memory state around the buggy address: [ 24.771065] ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.771938] ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.772759] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.773292] ^ [ 24.774421] ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.775228] ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.776481] ================================================================== [ 24.651083] ================================================================== [ 24.651736] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 24.653977] Write of size 1 at addr ffff888102cc20d0 by task kunit_try_catch/170 [ 24.654728] [ 24.655042] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.656539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.657590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.658743] Call Trace: [ 24.659160] <TASK> [ 24.659627] dump_stack_lvl+0x73/0xb0 [ 24.660474] print_report+0xd1/0x640 [ 24.660755] ? __virt_addr_valid+0x1db/0x2d0 [ 24.661415] ? kasan_addr_to_slab+0x11/0xa0 [ 24.662217] kasan_report+0x102/0x140 [ 24.662621] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.663324] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 24.663757] __asan_report_store1_noabort+0x1b/0x30 [ 24.664297] krealloc_less_oob_helper+0xe25/0x11d0 [ 24.665439] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.665915] ? finish_task_switch.isra.0+0x153/0x700 [ 24.666650] ? __switch_to+0x5d9/0xf60 [ 24.667096] ? __schedule+0xc3e/0x2790 [ 24.667718] ? __pfx_read_tsc+0x10/0x10 [ 24.668271] krealloc_large_less_oob+0x1c/0x30 [ 24.669020] kunit_try_run_case+0x1b3/0x490 [ 24.669592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.670277] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.670615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.671582] ? __kthread_parkme+0x82/0x160 [ 24.672287] ? preempt_count_sub+0x50/0x80 [ 24.672793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.673456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.674144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.674797] kthread+0x257/0x310 [ 24.675316] ? __pfx_kthread+0x10/0x10 [ 24.676022] ret_from_fork+0x41/0x80 [ 24.676404] ? __pfx_kthread+0x10/0x10 [ 24.676683] ret_from_fork_asm+0x1a/0x30 [ 24.677616] </TASK> [ 24.677916] [ 24.678326] The buggy address belongs to the physical page: [ 24.678900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 24.679466] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.680737] flags: 0x200000000000040(head|node=0|zone=2) [ 24.681553] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.682565] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.683600] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.684508] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.685754] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 24.687046] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.687878] page dumped because: kasan: bad access detected [ 24.688532] [ 24.688891] Memory state around the buggy address: [ 24.689806] ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.690864] ffff888102cc2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.691712] >ffff888102cc2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.692530] ^ [ 24.693614] ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.694422] ffff888102cc2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.695059] ================================================================== [ 24.193763] ================================================================== [ 24.194892] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 24.195700] Write of size 1 at addr ffff8881009998c9 by task kunit_try_catch/166 [ 24.196335] [ 24.196589] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.197912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.198675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.199774] Call Trace: [ 24.200545] <TASK> [ 24.200828] dump_stack_lvl+0x73/0xb0 [ 24.201593] print_report+0xd1/0x640 [ 24.202389] ? __virt_addr_valid+0x1db/0x2d0 [ 24.202858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.203358] kasan_report+0x102/0x140 [ 24.203737] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.204221] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 24.204681] __asan_report_store1_noabort+0x1b/0x30 [ 24.205156] krealloc_less_oob_helper+0xd72/0x11d0 [ 24.205668] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.206358] ? finish_task_switch.isra.0+0x153/0x700 [ 24.206725] ? __switch_to+0x5d9/0xf60 [ 24.207397] ? __schedule+0xc3e/0x2790 [ 24.207779] ? __pfx_read_tsc+0x10/0x10 [ 24.208403] krealloc_less_oob+0x1c/0x30 [ 24.208897] kunit_try_run_case+0x1b3/0x490 [ 24.209442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.209865] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.210494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.211193] ? __kthread_parkme+0x82/0x160 [ 24.211586] ? preempt_count_sub+0x50/0x80 [ 24.212229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.212705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.213449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.214076] kthread+0x257/0x310 [ 24.214512] ? __pfx_kthread+0x10/0x10 [ 24.215054] ret_from_fork+0x41/0x80 [ 24.215397] ? __pfx_kthread+0x10/0x10 [ 24.215874] ret_from_fork_asm+0x1a/0x30 [ 24.216471] </TASK> [ 24.216684] [ 24.217039] Allocated by task 166: [ 24.217400] kasan_save_stack+0x3d/0x60 [ 24.217791] kasan_save_track+0x18/0x40 [ 24.218340] kasan_save_alloc_info+0x3b/0x50 [ 24.218836] __kasan_krealloc+0x190/0x1f0 [ 24.219355] krealloc_noprof+0xf3/0x340 [ 24.219832] krealloc_less_oob_helper+0x1ab/0x11d0 [ 24.220484] krealloc_less_oob+0x1c/0x30 [ 24.220792] kunit_try_run_case+0x1b3/0x490 [ 24.221454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.222086] kthread+0x257/0x310 [ 24.222515] ret_from_fork+0x41/0x80 [ 24.222903] ret_from_fork_asm+0x1a/0x30 [ 24.223514] [ 24.223753] The buggy address belongs to the object at ffff888100999800 [ 24.223753] which belongs to the cache kmalloc-256 of size 256 [ 24.225494] The buggy address is located 0 bytes to the right of [ 24.225494] allocated 201-byte region [ffff888100999800, ffff8881009998c9) [ 24.226683] [ 24.226885] The buggy address belongs to the physical page: [ 24.228569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100998 [ 24.229105] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.230243] flags: 0x200000000000040(head|node=0|zone=2) [ 24.230608] page_type: f5(slab) [ 24.231551] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.232626] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.233468] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.234727] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.235912] head: 0200000000000001 ffffea0004026601 ffffffffffffffff 0000000000000000 [ 24.236657] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.237549] page dumped because: kasan: bad access detected [ 24.238299] [ 24.238694] Memory state around the buggy address: [ 24.239575] ffff888100999780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.240449] ffff888100999800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.241379] >ffff888100999880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.242128] ^ [ 24.242856] ffff888100999900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.243876] ffff888100999980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.245085] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 24.551877] ================================================================== [ 24.553278] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 24.553687] Write of size 1 at addr ffff888102c5a0f0 by task kunit_try_catch/168 [ 24.554765] [ 24.555493] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.556448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.556849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.558258] Call Trace: [ 24.558543] <TASK> [ 24.558863] dump_stack_lvl+0x73/0xb0 [ 24.559501] print_report+0xd1/0x640 [ 24.559892] ? __virt_addr_valid+0x1db/0x2d0 [ 24.561040] ? kasan_addr_to_slab+0x11/0xa0 [ 24.561843] kasan_report+0x102/0x140 [ 24.562908] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.563567] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.564242] __asan_report_store1_noabort+0x1b/0x30 [ 24.564462] krealloc_more_oob_helper+0x7ed/0x930 [ 24.564669] ? __schedule+0xc3e/0x2790 [ 24.564851] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.565372] ? finish_task_switch.isra.0+0x153/0x700 [ 24.566487] ? __switch_to+0x5d9/0xf60 [ 24.566833] ? __schedule+0xc3e/0x2790 [ 24.567691] ? __pfx_read_tsc+0x10/0x10 [ 24.568386] krealloc_large_more_oob+0x1c/0x30 [ 24.569591] kunit_try_run_case+0x1b3/0x490 [ 24.570481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.570955] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.571710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.572413] ? __kthread_parkme+0x82/0x160 [ 24.572806] ? preempt_count_sub+0x50/0x80 [ 24.573288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.574185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.574602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.575739] kthread+0x257/0x310 [ 24.576203] ? __pfx_kthread+0x10/0x10 [ 24.576699] ret_from_fork+0x41/0x80 [ 24.577114] ? __pfx_kthread+0x10/0x10 [ 24.577415] ret_from_fork_asm+0x1a/0x30 [ 24.578199] </TASK> [ 24.578420] [ 24.578750] The buggy address belongs to the physical page: [ 24.579603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 24.580499] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.581756] flags: 0x200000000000040(head|node=0|zone=2) [ 24.582630] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.583503] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.584573] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.584867] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.586397] head: 0200000000000002 ffffea00040b1601 ffffffffffffffff 0000000000000000 [ 24.587096] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.587774] page dumped because: kasan: bad access detected [ 24.588783] [ 24.589514] Memory state around the buggy address: [ 24.590356] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.591636] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.592657] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.593290] ^ [ 24.594375] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.595135] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.596578] ================================================================== [ 24.509754] ================================================================== [ 24.510821] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 24.511600] Write of size 1 at addr ffff888102c5a0eb by task kunit_try_catch/168 [ 24.513524] [ 24.513730] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.515596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.515926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.516906] Call Trace: [ 24.517829] <TASK> [ 24.518164] dump_stack_lvl+0x73/0xb0 [ 24.518382] print_report+0xd1/0x640 [ 24.518558] ? __virt_addr_valid+0x1db/0x2d0 [ 24.518756] ? kasan_addr_to_slab+0x11/0xa0 [ 24.519120] kasan_report+0x102/0x140 [ 24.519820] ? krealloc_more_oob_helper+0x823/0x930 [ 24.521044] ? krealloc_more_oob_helper+0x823/0x930 [ 24.521844] __asan_report_store1_noabort+0x1b/0x30 [ 24.522643] krealloc_more_oob_helper+0x823/0x930 [ 24.523415] ? __schedule+0xc3e/0x2790 [ 24.524108] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.524574] ? finish_task_switch.isra.0+0x153/0x700 [ 24.525120] ? __switch_to+0x5d9/0xf60 [ 24.525519] ? __schedule+0xc3e/0x2790 [ 24.525933] ? __pfx_read_tsc+0x10/0x10 [ 24.526428] krealloc_large_more_oob+0x1c/0x30 [ 24.527419] kunit_try_run_case+0x1b3/0x490 [ 24.528086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.528575] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.529736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.530170] ? __kthread_parkme+0x82/0x160 [ 24.531191] ? preempt_count_sub+0x50/0x80 [ 24.531603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.532082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.532692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.533423] kthread+0x257/0x310 [ 24.533791] ? __pfx_kthread+0x10/0x10 [ 24.534284] ret_from_fork+0x41/0x80 [ 24.534811] ? __pfx_kthread+0x10/0x10 [ 24.535293] ret_from_fork_asm+0x1a/0x30 [ 24.535822] </TASK> [ 24.536280] [ 24.536527] The buggy address belongs to the physical page: [ 24.536884] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 24.537688] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.538674] flags: 0x200000000000040(head|node=0|zone=2) [ 24.539176] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.540105] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.540949] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.541783] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.542698] head: 0200000000000002 ffffea00040b1601 ffffffffffffffff 0000000000000000 [ 24.543318] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.543941] page dumped because: kasan: bad access detected [ 24.544409] [ 24.544718] Memory state around the buggy address: [ 24.545367] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.546156] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.547179] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.547921] ^ [ 24.548784] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.549763] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.550678] ================================================================== [ 24.084821] ================================================================== [ 24.085442] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 24.085739] Write of size 1 at addr ffff8881003a2aeb by task kunit_try_catch/164 [ 24.086110] [ 24.086291] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.087017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.087514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.088379] Call Trace: [ 24.088583] <TASK> [ 24.088774] dump_stack_lvl+0x73/0xb0 [ 24.089149] print_report+0xd1/0x640 [ 24.089727] ? __virt_addr_valid+0x1db/0x2d0 [ 24.090373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.091107] kasan_report+0x102/0x140 [ 24.091624] ? krealloc_more_oob_helper+0x823/0x930 [ 24.091966] ? krealloc_more_oob_helper+0x823/0x930 [ 24.092383] __asan_report_store1_noabort+0x1b/0x30 [ 24.093146] krealloc_more_oob_helper+0x823/0x930 [ 24.093747] ? __schedule+0xc3e/0x2790 [ 24.094403] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.095193] ? finish_task_switch.isra.0+0x153/0x700 [ 24.095755] ? __switch_to+0x5d9/0xf60 [ 24.096204] ? __schedule+0xc3e/0x2790 [ 24.096807] ? __pfx_read_tsc+0x10/0x10 [ 24.097464] krealloc_more_oob+0x1c/0x30 [ 24.097943] kunit_try_run_case+0x1b3/0x490 [ 24.098580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.099135] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.099638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.100380] ? __kthread_parkme+0x82/0x160 [ 24.100815] ? preempt_count_sub+0x50/0x80 [ 24.101688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.102140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.102708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.103275] kthread+0x257/0x310 [ 24.103685] ? __pfx_kthread+0x10/0x10 [ 24.104213] ret_from_fork+0x41/0x80 [ 24.104661] ? __pfx_kthread+0x10/0x10 [ 24.105162] ret_from_fork_asm+0x1a/0x30 [ 24.105634] </TASK> [ 24.105865] [ 24.106222] Allocated by task 164: [ 24.106525] kasan_save_stack+0x3d/0x60 [ 24.107005] kasan_save_track+0x18/0x40 [ 24.107496] kasan_save_alloc_info+0x3b/0x50 [ 24.107799] __kasan_krealloc+0x190/0x1f0 [ 24.108700] krealloc_noprof+0xf3/0x340 [ 24.109267] krealloc_more_oob_helper+0x1aa/0x930 [ 24.109661] krealloc_more_oob+0x1c/0x30 [ 24.110418] kunit_try_run_case+0x1b3/0x490 [ 24.110902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.111538] kthread+0x257/0x310 [ 24.112088] ret_from_fork+0x41/0x80 [ 24.112703] ret_from_fork_asm+0x1a/0x30 [ 24.113196] [ 24.113459] The buggy address belongs to the object at ffff8881003a2a00 [ 24.113459] which belongs to the cache kmalloc-256 of size 256 [ 24.114749] The buggy address is located 0 bytes to the right of [ 24.114749] allocated 235-byte region [ffff8881003a2a00, ffff8881003a2aeb) [ 24.115950] [ 24.116229] The buggy address belongs to the physical page: [ 24.116749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a2 [ 24.117813] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.118724] flags: 0x200000000000040(head|node=0|zone=2) [ 24.119206] page_type: f5(slab) [ 24.119731] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.120723] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.121536] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.122290] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.123071] head: 0200000000000001 ffffea000400e881 ffffffffffffffff 0000000000000000 [ 24.123841] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.124727] page dumped because: kasan: bad access detected [ 24.125369] [ 24.125714] Memory state around the buggy address: [ 24.126127] ffff8881003a2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.126964] ffff8881003a2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.127733] >ffff8881003a2a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.128498] ^ [ 24.129078] ffff8881003a2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.129616] ffff8881003a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.130351] ================================================================== [ 24.132134] ================================================================== [ 24.133283] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 24.134122] Write of size 1 at addr ffff8881003a2af0 by task kunit_try_catch/164 [ 24.134886] [ 24.135291] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.136445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.136975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.137900] Call Trace: [ 24.138406] <TASK> [ 24.138675] dump_stack_lvl+0x73/0xb0 [ 24.139624] print_report+0xd1/0x640 [ 24.140042] ? __virt_addr_valid+0x1db/0x2d0 [ 24.140496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.142100] kasan_report+0x102/0x140 [ 24.142465] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.143151] ? krealloc_more_oob_helper+0x7ed/0x930 [ 24.143775] __asan_report_store1_noabort+0x1b/0x30 [ 24.144704] krealloc_more_oob_helper+0x7ed/0x930 [ 24.145166] ? __schedule+0xc3e/0x2790 [ 24.145557] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.146011] ? finish_task_switch.isra.0+0x153/0x700 [ 24.146781] ? __switch_to+0x5d9/0xf60 [ 24.147134] ? __schedule+0xc3e/0x2790 [ 24.147928] ? __pfx_read_tsc+0x10/0x10 [ 24.148668] krealloc_more_oob+0x1c/0x30 [ 24.149307] kunit_try_run_case+0x1b3/0x490 [ 24.149870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.150390] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.150807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.151710] ? __kthread_parkme+0x82/0x160 [ 24.152142] ? preempt_count_sub+0x50/0x80 [ 24.152870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.153680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.154292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.155316] kthread+0x257/0x310 [ 24.155681] ? __pfx_kthread+0x10/0x10 [ 24.156800] ret_from_fork+0x41/0x80 [ 24.157245] ? __pfx_kthread+0x10/0x10 [ 24.157655] ret_from_fork_asm+0x1a/0x30 [ 24.158808] </TASK> [ 24.159447] [ 24.159636] Allocated by task 164: [ 24.159894] kasan_save_stack+0x3d/0x60 [ 24.160925] kasan_save_track+0x18/0x40 [ 24.161670] kasan_save_alloc_info+0x3b/0x50 [ 24.161872] __kasan_krealloc+0x190/0x1f0 [ 24.162126] krealloc_noprof+0xf3/0x340 [ 24.162725] krealloc_more_oob_helper+0x1aa/0x930 [ 24.163500] krealloc_more_oob+0x1c/0x30 [ 24.164286] kunit_try_run_case+0x1b3/0x490 [ 24.164774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.165406] kthread+0x257/0x310 [ 24.165688] ret_from_fork+0x41/0x80 [ 24.166256] ret_from_fork_asm+0x1a/0x30 [ 24.166779] [ 24.167091] The buggy address belongs to the object at ffff8881003a2a00 [ 24.167091] which belongs to the cache kmalloc-256 of size 256 [ 24.168260] The buggy address is located 5 bytes to the right of [ 24.168260] allocated 235-byte region [ffff8881003a2a00, ffff8881003a2aeb) [ 24.169413] [ 24.169671] The buggy address belongs to the physical page: [ 24.170332] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a2 [ 24.171229] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.172051] flags: 0x200000000000040(head|node=0|zone=2) [ 24.172792] page_type: f5(slab) [ 24.173706] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.174691] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.175524] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.176167] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.176801] head: 0200000000000001 ffffea000400e881 ffffffffffffffff 0000000000000000 [ 24.177312] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 24.178497] page dumped because: kasan: bad access detected [ 24.178917] [ 24.179428] Memory state around the buggy address: [ 24.179783] ffff8881003a2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.181243] ffff8881003a2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.181894] >ffff8881003a2a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.182592] ^ [ 24.183706] ffff8881003a2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.185378] ffff8881003a2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.186454] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 23.587181] ================================================================== [ 23.587588] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 23.589035] Read of size 1 at addr ffff888101a9d180 by task kunit_try_catch/144 [ 23.590605] [ 23.591325] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.591898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.592694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.593642] Call Trace: [ 23.593773] <TASK> [ 23.593893] dump_stack_lvl+0x73/0xb0 [ 23.594455] print_report+0xd1/0x640 [ 23.594660] ? __virt_addr_valid+0x1db/0x2d0 [ 23.594862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.596431] kasan_report+0x102/0x140 [ 23.597066] ? kmalloc_oob_right+0x68c/0x7f0 [ 23.598120] ? kmalloc_oob_right+0x68c/0x7f0 [ 23.598597] __asan_report_load1_noabort+0x18/0x20 [ 23.599587] kmalloc_oob_right+0x68c/0x7f0 [ 23.600302] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.601031] ? __schedule+0xc3e/0x2790 [ 23.601431] ? __pfx_read_tsc+0x10/0x10 [ 23.602221] ? ktime_get_ts64+0x84/0x230 [ 23.603029] kunit_try_run_case+0x1b3/0x490 [ 23.603684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.604399] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.604892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.606081] ? __kthread_parkme+0x82/0x160 [ 23.606630] ? preempt_count_sub+0x50/0x80 [ 23.607784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.608673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.609359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.609882] kthread+0x257/0x310 [ 23.610840] ? __pfx_kthread+0x10/0x10 [ 23.611585] ret_from_fork+0x41/0x80 [ 23.612182] ? __pfx_kthread+0x10/0x10 [ 23.612831] ret_from_fork_asm+0x1a/0x30 [ 23.613467] </TASK> [ 23.613774] [ 23.614423] Allocated by task 144: [ 23.614906] kasan_save_stack+0x3d/0x60 [ 23.615749] kasan_save_track+0x18/0x40 [ 23.616146] kasan_save_alloc_info+0x3b/0x50 [ 23.617303] __kasan_kmalloc+0xb7/0xc0 [ 23.617807] __kmalloc_cache_noprof+0x184/0x410 [ 23.619038] kmalloc_oob_right+0xaa/0x7f0 [ 23.619442] kunit_try_run_case+0x1b3/0x490 [ 23.620232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.620921] kthread+0x257/0x310 [ 23.621676] ret_from_fork+0x41/0x80 [ 23.622645] ret_from_fork_asm+0x1a/0x30 [ 23.623020] [ 23.623303] The buggy address belongs to the object at ffff888101a9d100 [ 23.623303] which belongs to the cache kmalloc-128 of size 128 [ 23.624668] The buggy address is located 13 bytes to the right of [ 23.624668] allocated 115-byte region [ffff888101a9d100, ffff888101a9d173) [ 23.625325] [ 23.626325] The buggy address belongs to the physical page: [ 23.626781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9d [ 23.628053] flags: 0x200000000000000(node=0|zone=2) [ 23.629055] page_type: f5(slab) [ 23.629657] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.630919] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.631942] page dumped because: kasan: bad access detected [ 23.632743] [ 23.632933] Memory state around the buggy address: [ 23.633678] ffff888101a9d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.634872] ffff888101a9d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.635880] >ffff888101a9d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.636682] ^ [ 23.637044] ffff888101a9d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.638440] ffff888101a9d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.639363] ================================================================== [ 23.471866] ================================================================== [ 23.473262] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 23.474582] Write of size 1 at addr ffff888101a9d173 by task kunit_try_catch/144 [ 23.475396] [ 23.477362] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241127 #1 [ 23.478765] Tainted: [N]=TEST [ 23.479557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.481402] Call Trace: [ 23.481781] <TASK> [ 23.482892] dump_stack_lvl+0x73/0xb0 [ 23.483550] print_report+0xd1/0x640 [ 23.483951] ? __virt_addr_valid+0x1db/0x2d0 [ 23.484519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.485097] kasan_report+0x102/0x140 [ 23.485494] ? kmalloc_oob_right+0x6f2/0x7f0 [ 23.485973] ? kmalloc_oob_right+0x6f2/0x7f0 [ 23.486375] __asan_report_store1_noabort+0x1b/0x30 [ 23.487323] kmalloc_oob_right+0x6f2/0x7f0 [ 23.487685] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.488548] ? __schedule+0xc3e/0x2790 [ 23.488938] ? __pfx_read_tsc+0x10/0x10 [ 23.489590] ? ktime_get_ts64+0x84/0x230 [ 23.490244] kunit_try_run_case+0x1b3/0x490 [ 23.491261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.491655] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.492471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.493043] ? __kthread_parkme+0x82/0x160 [ 23.493474] ? preempt_count_sub+0x50/0x80 [ 23.493971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.494682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.495668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.496487] kthread+0x257/0x310 [ 23.496976] ? __pfx_kthread+0x10/0x10 [ 23.497431] ret_from_fork+0x41/0x80 [ 23.497950] ? __pfx_kthread+0x10/0x10 [ 23.498336] ret_from_fork_asm+0x1a/0x30 [ 23.499410] </TASK> [ 23.499755] [ 23.500122] Allocated by task 144: [ 23.500792] kasan_save_stack+0x3d/0x60 [ 23.501686] kasan_save_track+0x18/0x40 [ 23.502076] kasan_save_alloc_info+0x3b/0x50 [ 23.502767] __kasan_kmalloc+0xb7/0xc0 [ 23.503178] __kmalloc_cache_noprof+0x184/0x410 [ 23.504459] kmalloc_oob_right+0xaa/0x7f0 [ 23.504810] kunit_try_run_case+0x1b3/0x490 [ 23.505428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.505915] kthread+0x257/0x310 [ 23.506332] ret_from_fork+0x41/0x80 [ 23.506948] ret_from_fork_asm+0x1a/0x30 [ 23.507813] [ 23.508382] The buggy address belongs to the object at ffff888101a9d100 [ 23.508382] which belongs to the cache kmalloc-128 of size 128 [ 23.509961] The buggy address is located 0 bytes to the right of [ 23.509961] allocated 115-byte region [ffff888101a9d100, ffff888101a9d173) [ 23.511532] [ 23.512045] The buggy address belongs to the physical page: [ 23.513255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9d [ 23.514903] flags: 0x200000000000000(node=0|zone=2) [ 23.516468] page_type: f5(slab) [ 23.517445] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.518511] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.520114] page dumped because: kasan: bad access detected [ 23.520663] [ 23.520878] Memory state around the buggy address: [ 23.522487] ffff888101a9d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.523330] ffff888101a9d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.524399] >ffff888101a9d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.525208] ^ [ 23.526306] ffff888101a9d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.527040] ffff888101a9d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.527740] ================================================================== [ 23.531490] ================================================================== [ 23.532149] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 23.532810] Write of size 1 at addr ffff888101a9d178 by task kunit_try_catch/144 [ 23.534528] [ 23.535127] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.536147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.537312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.538115] Call Trace: [ 23.538336] <TASK> [ 23.538900] dump_stack_lvl+0x73/0xb0 [ 23.539607] print_report+0xd1/0x640 [ 23.540442] ? __virt_addr_valid+0x1db/0x2d0 [ 23.541344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.541899] kasan_report+0x102/0x140 [ 23.542739] ? kmalloc_oob_right+0x6bf/0x7f0 [ 23.543507] ? kmalloc_oob_right+0x6bf/0x7f0 [ 23.544374] __asan_report_store1_noabort+0x1b/0x30 [ 23.544917] kmalloc_oob_right+0x6bf/0x7f0 [ 23.546038] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 23.546620] ? __schedule+0xc3e/0x2790 [ 23.547621] ? __pfx_read_tsc+0x10/0x10 [ 23.547977] ? ktime_get_ts64+0x84/0x230 [ 23.548518] kunit_try_run_case+0x1b3/0x490 [ 23.549631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.550520] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.551282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.551743] ? __kthread_parkme+0x82/0x160 [ 23.552692] ? preempt_count_sub+0x50/0x80 [ 23.553331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.553812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.554828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.555661] kthread+0x257/0x310 [ 23.556372] ? __pfx_kthread+0x10/0x10 [ 23.557275] ret_from_fork+0x41/0x80 [ 23.557662] ? __pfx_kthread+0x10/0x10 [ 23.558715] ret_from_fork_asm+0x1a/0x30 [ 23.559266] </TASK> [ 23.559874] [ 23.560288] Allocated by task 144: [ 23.560603] kasan_save_stack+0x3d/0x60 [ 23.561086] kasan_save_track+0x18/0x40 [ 23.561766] kasan_save_alloc_info+0x3b/0x50 [ 23.562354] __kasan_kmalloc+0xb7/0xc0 [ 23.563372] __kmalloc_cache_noprof+0x184/0x410 [ 23.563779] kmalloc_oob_right+0xaa/0x7f0 [ 23.564596] kunit_try_run_case+0x1b3/0x490 [ 23.565199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.565906] kthread+0x257/0x310 [ 23.566437] ret_from_fork+0x41/0x80 [ 23.566825] ret_from_fork_asm+0x1a/0x30 [ 23.567830] [ 23.567977] The buggy address belongs to the object at ffff888101a9d100 [ 23.567977] which belongs to the cache kmalloc-128 of size 128 [ 23.570119] The buggy address is located 5 bytes to the right of [ 23.570119] allocated 115-byte region [ffff888101a9d100, ffff888101a9d173) [ 23.572247] [ 23.572840] The buggy address belongs to the physical page: [ 23.573465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9d [ 23.575162] flags: 0x200000000000000(node=0|zone=2) [ 23.575767] page_type: f5(slab) [ 23.576322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.577328] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.578499] page dumped because: kasan: bad access detected [ 23.579275] [ 23.579446] Memory state around the buggy address: [ 23.579845] ffff888101a9d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.581267] ffff888101a9d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.581884] >ffff888101a9d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.583382] ^ [ 23.583930] ffff888101a9d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.585027] ffff888101a9d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.585802] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 222.234352] WARNING: CPU: 1 PID: 2236 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 222.235558] Modules linked in: [ 222.236186] CPU: 1 UID: 0 PID: 2236 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241127 #1 [ 222.237748] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.238620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.239829] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 222.240778] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.242488] RSP: 0000:ffff888105337ce8 EFLAGS: 00010286 [ 222.242960] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 222.244104] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffba0096bc [ 222.244847] RBP: ffff888105337d10 R08: 0000000000000000 R09: ffffed1020a49940 [ 222.245740] R10: ffff88810524ca07 R11: 0000000000000000 R12: ffffffffba0096a8 [ 222.246547] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105337da8 [ 222.247679] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 222.248516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.249202] CR2: 00007ffff7ffe000 CR3: 00000001598b8000 CR4: 00000000000006f0 [ 222.250077] DR0: ffffffffbbfeb1a4 DR1: ffffffffbbfeb1a9 DR2: ffffffffbbfeb1aa [ 222.251059] DR3: ffffffffbbfeb1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.251665] Call Trace: [ 222.252192] <TASK> [ 222.252552] ? show_regs+0x68/0x80 [ 222.253201] ? __warn+0xd5/0x260 [ 222.253696] ? drm_rect_calc_vscale+0x130/0x190 [ 222.254476] ? report_bug+0x278/0x2e0 [ 222.255221] ? handle_bug+0x5c/0xb0 [ 222.255778] ? exc_invalid_op+0x1c/0x50 [ 222.256280] ? asm_exc_invalid_op+0x1f/0x30 [ 222.257127] ? drm_rect_calc_vscale+0x130/0x190 [ 222.257860] drm_test_rect_calc_vscale+0x109/0x270 [ 222.258793] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 222.259560] ? __schedule+0xc3e/0x2790 [ 222.260001] ? __pfx_read_tsc+0x10/0x10 [ 222.260448] ? ktime_get_ts64+0x84/0x230 [ 222.261035] kunit_try_run_case+0x1b3/0x490 [ 222.261511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.262488] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.263102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.263870] ? __kthread_parkme+0x82/0x160 [ 222.264476] ? preempt_count_sub+0x50/0x80 [ 222.265170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.265770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.266399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.267119] kthread+0x257/0x310 [ 222.267451] ? __pfx_kthread+0x10/0x10 [ 222.268365] ret_from_fork+0x41/0x80 [ 222.268701] ? __pfx_kthread+0x10/0x10 [ 222.269183] ret_from_fork_asm+0x1a/0x30 [ 222.270169] </TASK> [ 222.270386] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 222.276423] WARNING: CPU: 0 PID: 2238 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 222.278615] Modules linked in: [ 222.279060] CPU: 0 UID: 0 PID: 2238 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241127 #1 [ 222.280806] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.282119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.282860] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 222.283807] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.286126] RSP: 0000:ffff8881051f7ce8 EFLAGS: 00010286 [ 222.286561] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 222.287047] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffba0096f4 [ 222.288034] RBP: ffff8881051f7d10 R08: 0000000000000000 R09: ffffed1020a49960 [ 222.288513] R10: ffff88810524cb07 R11: 0000000000000000 R12: ffffffffba0096e0 [ 222.289120] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881051f7da8 [ 222.289947] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 222.290522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.290999] CR2: ffffffffffffffff CR3: 00000001598b8000 CR4: 00000000000006f0 [ 222.291837] DR0: ffffffffbbfeb1a0 DR1: ffffffffbbfeb1a1 DR2: ffffffffbbfeb1a3 [ 222.292445] DR3: ffffffffbbfeb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.293156] Call Trace: [ 222.293652] <TASK> [ 222.293942] ? show_regs+0x68/0x80 [ 222.294260] ? __warn+0xd5/0x260 [ 222.294867] ? drm_rect_calc_vscale+0x130/0x190 [ 222.295535] ? report_bug+0x278/0x2e0 [ 222.295854] ? handle_bug+0x5c/0xb0 [ 222.296445] ? exc_invalid_op+0x1c/0x50 [ 222.296948] ? asm_exc_invalid_op+0x1f/0x30 [ 222.297514] ? drm_rect_calc_vscale+0x130/0x190 [ 222.298370] drm_test_rect_calc_vscale+0x109/0x270 [ 222.298843] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 222.299705] ? __schedule+0xc3e/0x2790 [ 222.300389] ? __pfx_read_tsc+0x10/0x10 [ 222.300853] ? ktime_get_ts64+0x84/0x230 [ 222.301532] kunit_try_run_case+0x1b3/0x490 [ 222.302209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.302536] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.303084] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.304062] ? __kthread_parkme+0x82/0x160 [ 222.304407] ? preempt_count_sub+0x50/0x80 [ 222.305084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.305520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.306507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.306902] kthread+0x257/0x310 [ 222.307349] ? __pfx_kthread+0x10/0x10 [ 222.307825] ret_from_fork+0x41/0x80 [ 222.308380] ? __pfx_kthread+0x10/0x10 [ 222.308827] ret_from_fork_asm+0x1a/0x30 [ 222.309666] </TASK> [ 222.310058] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 222.130264] WARNING: CPU: 0 PID: 2224 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 222.131567] Modules linked in: [ 222.132459] CPU: 0 UID: 0 PID: 2224 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241127 #1 [ 222.134077] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.134775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.136155] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 222.137226] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.139199] RSP: 0000:ffff888104977ce8 EFLAGS: 00010286 [ 222.139447] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 222.140232] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffba0096c0 [ 222.140825] RBP: ffff888104977d10 R08: 0000000000000000 R09: ffffed1020a4e660 [ 222.141345] R10: ffff888105273307 R11: 0000000000000000 R12: ffffffffba0096a8 [ 222.142503] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104977da8 [ 222.144144] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 222.145301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.146426] CR2: ffffffffffffffff CR3: 00000001598b8000 CR4: 00000000000006f0 [ 222.147196] DR0: ffffffffbbfeb1a0 DR1: ffffffffbbfeb1a1 DR2: ffffffffbbfeb1a3 [ 222.148089] DR3: ffffffffbbfeb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.148937] Call Trace: [ 222.149226] <TASK> [ 222.149485] ? show_regs+0x68/0x80 [ 222.150444] ? __warn+0xd5/0x260 [ 222.150831] ? drm_rect_calc_hscale+0x125/0x190 [ 222.152200] ? report_bug+0x278/0x2e0 [ 222.152640] ? handle_bug+0x5c/0xb0 [ 222.153009] ? exc_invalid_op+0x1c/0x50 [ 222.153339] ? asm_exc_invalid_op+0x1f/0x30 [ 222.153878] ? drm_rect_calc_hscale+0x125/0x190 [ 222.154254] drm_test_rect_calc_hscale+0x109/0x270 [ 222.155371] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 222.156391] ? __schedule+0xc3e/0x2790 [ 222.156780] ? __pfx_read_tsc+0x10/0x10 [ 222.157496] ? ktime_get_ts64+0x84/0x230 [ 222.158273] kunit_try_run_case+0x1b3/0x490 [ 222.158855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.159527] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.160361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.161183] ? __kthread_parkme+0x82/0x160 [ 222.161692] ? preempt_count_sub+0x50/0x80 [ 222.162673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.163292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.163948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.164682] kthread+0x257/0x310 [ 222.165035] ? __pfx_kthread+0x10/0x10 [ 222.165665] ret_from_fork+0x41/0x80 [ 222.166752] ? __pfx_kthread+0x10/0x10 [ 222.167621] ret_from_fork_asm+0x1a/0x30 [ 222.168218] </TASK> [ 222.168489] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 222.174676] WARNING: CPU: 0 PID: 2226 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 222.175720] Modules linked in: [ 222.176080] CPU: 0 UID: 0 PID: 2226 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241127 #1 [ 222.177001] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 222.177548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 222.178519] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 222.179118] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 222.180973] RSP: 0000:ffff8881036d7ce8 EFLAGS: 00010286 [ 222.181493] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 222.182264] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffba0096f8 [ 222.183151] RBP: ffff8881036d7d10 R08: 0000000000000000 R09: ffffed1020a4e6a0 [ 222.183747] R10: ffff888105273507 R11: 0000000000000000 R12: ffffffffba0096e0 [ 222.184373] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881036d7da8 [ 222.185313] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 222.186233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.186831] CR2: ffffffffffffffff CR3: 00000001598b8000 CR4: 00000000000006f0 [ 222.188679] DR0: ffffffffbbfeb1a0 DR1: ffffffffbbfeb1a1 DR2: ffffffffbbfeb1a3 [ 222.189986] DR3: ffffffffbbfeb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 222.190656] Call Trace: [ 222.190852] <TASK> [ 222.191198] ? show_regs+0x68/0x80 [ 222.191786] ? __warn+0xd5/0x260 [ 222.192631] ? drm_rect_calc_hscale+0x125/0x190 [ 222.193892] ? report_bug+0x278/0x2e0 [ 222.194550] ? handle_bug+0x5c/0xb0 [ 222.195076] ? exc_invalid_op+0x1c/0x50 [ 222.195464] ? asm_exc_invalid_op+0x1f/0x30 [ 222.196027] ? drm_rect_calc_hscale+0x125/0x190 [ 222.196556] drm_test_rect_calc_hscale+0x109/0x270 [ 222.198073] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 222.198699] ? __schedule+0xc3e/0x2790 [ 222.199390] ? __pfx_read_tsc+0x10/0x10 [ 222.200191] ? ktime_get_ts64+0x84/0x230 [ 222.200678] kunit_try_run_case+0x1b3/0x490 [ 222.201207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.202051] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 222.202819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 222.203608] ? __kthread_parkme+0x82/0x160 [ 222.204148] ? preempt_count_sub+0x50/0x80 [ 222.204636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 222.205418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 222.206725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 222.207632] kthread+0x257/0x310 [ 222.207823] ? __pfx_kthread+0x10/0x10 [ 222.208007] ret_from_fork+0x41/0x80 [ 222.208183] ? __pfx_kthread+0x10/0x10 [ 222.208363] ret_from_fork_asm+0x1a/0x30 [ 222.208568] </TASK> [ 222.209376] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 220.790478] WARNING: CPU: 0 PID: 2032 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 220.791691] Modules linked in: [ 220.792110] CPU: 0 UID: 0 PID: 2032 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241127 #1 [ 220.792868] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 220.793377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 220.794107] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 220.794510] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 220.796149] RSP: 0000:ffff888104f07ba0 EFLAGS: 00010246 [ 220.796677] RAX: dffffc0000000000 RBX: ffff888104f07c98 RCX: 0000000000000000 [ 220.797329] RDX: 1ffff110209e0f9c RSI: ffff888104f07c98 RDI: ffff888104f07ce0 [ 220.798060] RBP: ffff888104f07be0 R08: ffff888104afb000 R09: ffffffffb9fb6280 [ 220.798718] R10: 0000000000000003 R11: 00000000ffffffff R12: ffff888104afb000 [ 220.799370] R13: ffff888100317b20 R14: ffff888104f07c18 R15: ffff888104f07e28 [ 220.800070] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 220.800766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.801365] CR2: ffffffffffffffff CR3: 00000001598b8000 CR4: 00000000000006f0 [ 220.802124] DR0: ffffffffbbfeb1a0 DR1: ffffffffbbfeb1a1 DR2: ffffffffbbfeb1a3 [ 220.802687] DR3: ffffffffbbfeb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 220.803410] Call Trace: [ 220.803685] <TASK> [ 220.804102] ? show_regs+0x68/0x80 [ 220.804547] ? __warn+0xd5/0x260 [ 220.805101] ? drm_framebuffer_init+0x44/0x300 [ 220.805570] ? report_bug+0x278/0x2e0 [ 220.806123] ? handle_bug+0x5c/0xb0 [ 220.806465] ? exc_invalid_op+0x1c/0x50 [ 220.806963] ? asm_exc_invalid_op+0x1f/0x30 [ 220.807468] ? drm_framebuffer_init+0x44/0x300 [ 220.807996] ? add_dr+0xc1/0x1d0 [ 220.808440] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 220.809072] ? add_dr+0x148/0x1d0 [ 220.809512] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 220.810281] ? __drmm_add_action+0x1a4/0x280 [ 220.810791] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.811371] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.812147] ? __drmm_add_action_or_reset+0x22/0x50 [ 220.812676] ? __schedule+0xc3e/0x2790 [ 220.813278] ? __pfx_read_tsc+0x10/0x10 [ 220.813671] ? ktime_get_ts64+0x84/0x230 [ 220.814253] kunit_try_run_case+0x1b3/0x490 [ 220.814719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.815295] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 220.816030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 220.816602] ? __kthread_parkme+0x82/0x160 [ 220.817172] ? preempt_count_sub+0x50/0x80 [ 220.817603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.818189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 220.818713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 220.819456] kthread+0x257/0x310 [ 220.819986] ? __pfx_kthread+0x10/0x10 [ 220.820523] ret_from_fork+0x41/0x80 [ 220.821004] ? __pfx_kthread+0x10/0x10 [ 220.821474] ret_from_fork_asm+0x1a/0x30 [ 220.822186] </TASK> [ 220.822545] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 220.724259] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 220.725235] WARNING: CPU: 1 PID: 2028 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 220.727411] Modules linked in: [ 220.727791] CPU: 1 UID: 0 PID: 2028 Comm: kunit_try_catch Tainted: G B D N 6.12.0-next-20241127 #1 [ 220.728795] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 220.729523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 220.730406] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 220.731028] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 04 05 80 00 48 c7 c1 80 12 fb b9 4c 89 fa 48 c7 c7 e0 12 fb b9 48 89 c6 e8 cb 76 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 220.732555] RSP: 0000:ffff888104d27bd8 EFLAGS: 00010282 [ 220.733251] RAX: 0000000000000000 RBX: ffff888104d27cb0 RCX: 1ffffffff75a42ec [ 220.733928] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 220.734545] RBP: ffff888104d27c00 R08: 0000000000000000 R09: fffffbfff75a42ec [ 220.735257] R10: 0000000000000003 R11: 0000000000027520 R12: ffff888104d27c88 [ 220.735816] R13: ffff888104c95000 R14: ffff888107e50000 R15: ffff888104c42500 [ 220.736550] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 220.737162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.738024] CR2: 00007ffff7ffe000 CR3: 00000001598b8000 CR4: 00000000000006f0 [ 220.738729] DR0: ffffffffbbfeb1a4 DR1: ffffffffbbfeb1a9 DR2: ffffffffbbfeb1aa [ 220.739484] DR3: ffffffffbbfeb1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 220.740342] Call Trace: [ 220.740696] <TASK> [ 220.741040] ? show_regs+0x68/0x80 [ 220.741510] ? __warn+0xd5/0x260 [ 220.741781] ? drm_framebuffer_free+0x136/0x1b0 [ 220.742483] ? report_bug+0x278/0x2e0 [ 220.743651] ? handle_bug+0x5c/0xb0 [ 220.744142] ? exc_invalid_op+0x1c/0x50 [ 220.745113] ? asm_exc_invalid_op+0x1f/0x30 [ 220.745706] ? drm_framebuffer_free+0x136/0x1b0 [ 220.746287] ? drm_framebuffer_free+0x135/0x1b0 [ 220.746768] drm_test_framebuffer_free+0x1ac/0x610 [ 220.747324] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 220.747848] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.748597] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 220.749422] ? __drmm_add_action_or_reset+0x22/0x50 [ 220.749841] ? __schedule+0xc3e/0x2790 [ 220.750496] ? __pfx_read_tsc+0x10/0x10 [ 220.750952] ? ktime_get_ts64+0x84/0x230 [ 220.751488] kunit_try_run_case+0x1b3/0x490 [ 220.752336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.752762] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 220.753464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 220.754074] ? __kthread_parkme+0x82/0x160 [ 220.754508] ? preempt_count_sub+0x50/0x80 [ 220.755086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 220.755604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 220.756259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 220.757211] kthread+0x257/0x310 [ 220.757477] ? __pfx_kthread+0x10/0x10 [ 220.757986] ret_from_fork+0x41/0x80 [ 220.758573] ? __pfx_kthread+0x10/0x10 [ 220.758929] ret_from_fork_asm+0x1a/0x30 [ 220.759338] </TASK> [ 220.759810] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 173.553030] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.197716] ================================================================== [ 39.198417] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.198417] [ 39.199459] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#147): [ 39.200846] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.201749] kunit_try_run_case+0x1b3/0x490 [ 39.202537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.203299] kthread+0x257/0x310 [ 39.203575] ret_from_fork+0x41/0x80 [ 39.204204] ret_from_fork_asm+0x1a/0x30 [ 39.204853] [ 39.205303] kfence-#147: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.205303] [ 39.206060] allocated by task 331 on cpu 0 at 39.197460s (0.008596s ago): [ 39.206746] test_alloc+0x35f/0x10d0 [ 39.207115] test_kmalloc_aligned_oob_read+0x106/0x570 [ 39.207532] kunit_try_run_case+0x1b3/0x490 [ 39.207918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.208488] kthread+0x257/0x310 [ 39.208751] ret_from_fork+0x41/0x80 [ 39.209220] ret_from_fork_asm+0x1a/0x30 [ 39.209532] [ 39.209722] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 39.210643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.211163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.211836] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 35.869489] ================================================================== [ 35.870154] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 35.870154] [ 35.870788] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#115): [ 35.872204] test_corruption+0x132/0x3e0 [ 35.872665] kunit_try_run_case+0x1b3/0x490 [ 35.873047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.873556] kthread+0x257/0x310 [ 35.873900] ret_from_fork+0x41/0x80 [ 35.874447] ret_from_fork_asm+0x1a/0x30 [ 35.874755] [ 35.875016] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.875016] [ 35.875752] allocated by task 321 on cpu 0 at 35.869345s (0.006403s ago): [ 35.876588] test_alloc+0x2a7/0x10d0 [ 35.876870] test_corruption+0xe7/0x3e0 [ 35.877420] kunit_try_run_case+0x1b3/0x490 [ 35.877823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.878219] kthread+0x257/0x310 [ 35.878637] ret_from_fork+0x41/0x80 [ 35.879087] ret_from_fork_asm+0x1a/0x30 [ 35.879476] [ 35.879633] freed by task 321 on cpu 0 at 35.869415s (0.010215s ago): [ 35.880616] test_corruption+0x132/0x3e0 [ 35.880941] kunit_try_run_case+0x1b3/0x490 [ 35.881449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.882025] kthread+0x257/0x310 [ 35.882396] ret_from_fork+0x41/0x80 [ 35.882804] ret_from_fork_asm+0x1a/0x30 [ 35.883341] [ 35.883530] CPU: 0 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.884524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.884799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.885368] ================================================================== [ 35.973406] ================================================================== [ 35.974201] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 35.974201] [ 35.975014] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#116): [ 35.976008] test_corruption+0x217/0x3e0 [ 35.977031] kunit_try_run_case+0x1b3/0x490 [ 35.977541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.978631] kthread+0x257/0x310 [ 35.978963] ret_from_fork+0x41/0x80 [ 35.979674] ret_from_fork_asm+0x1a/0x30 [ 35.980133] [ 35.980862] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.980862] [ 35.982123] allocated by task 321 on cpu 0 at 35.973291s (0.008828s ago): [ 35.982644] test_alloc+0x2a7/0x10d0 [ 35.983021] test_corruption+0x1cc/0x3e0 [ 35.983825] kunit_try_run_case+0x1b3/0x490 [ 35.984380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.985425] kthread+0x257/0x310 [ 35.985800] ret_from_fork+0x41/0x80 [ 35.986685] ret_from_fork_asm+0x1a/0x30 [ 35.986964] [ 35.987264] freed by task 321 on cpu 0 at 35.973347s (0.013913s ago): [ 35.987816] test_corruption+0x217/0x3e0 [ 35.988798] kunit_try_run_case+0x1b3/0x490 [ 35.989342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.990011] kthread+0x257/0x310 [ 35.990618] ret_from_fork+0x41/0x80 [ 35.991232] ret_from_fork_asm+0x1a/0x30 [ 35.991572] [ 35.991838] CPU: 0 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.992803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.993265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.994510] ================================================================== [ 35.765574] ================================================================== [ 35.766252] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 35.766252] [ 35.766907] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#114): [ 35.767710] test_corruption+0x2e1/0x3e0 [ 35.768092] kunit_try_run_case+0x1b3/0x490 [ 35.768592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.769214] kthread+0x257/0x310 [ 35.769545] ret_from_fork+0x41/0x80 [ 35.769837] ret_from_fork_asm+0x1a/0x30 [ 35.770366] [ 35.770678] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.770678] [ 35.771506] allocated by task 319 on cpu 0 at 35.765318s (0.006184s ago): [ 35.772008] test_alloc+0x35f/0x10d0 [ 35.772473] test_corruption+0x1cc/0x3e0 [ 35.772844] kunit_try_run_case+0x1b3/0x490 [ 35.773430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.773866] kthread+0x257/0x310 [ 35.774228] ret_from_fork+0x41/0x80 [ 35.774671] ret_from_fork_asm+0x1a/0x30 [ 35.775212] [ 35.775371] freed by task 319 on cpu 0 at 35.765422s (0.009945s ago): [ 35.775767] test_corruption+0x2e1/0x3e0 [ 35.776246] kunit_try_run_case+0x1b3/0x490 [ 35.776875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.777694] kthread+0x257/0x310 [ 35.778028] ret_from_fork+0x41/0x80 [ 35.778459] ret_from_fork_asm+0x1a/0x30 [ 35.778842] [ 35.779042] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.779966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.780601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.781549] ================================================================== [ 35.661598] ================================================================== [ 35.662462] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 35.662462] [ 35.663111] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#113): [ 35.664750] test_corruption+0x2d4/0x3e0 [ 35.665268] kunit_try_run_case+0x1b3/0x490 [ 35.665737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.666305] kthread+0x257/0x310 [ 35.666729] ret_from_fork+0x41/0x80 [ 35.667149] ret_from_fork_asm+0x1a/0x30 [ 35.667611] [ 35.667816] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.667816] [ 35.668750] allocated by task 319 on cpu 0 at 35.661315s (0.007432s ago): [ 35.669786] test_alloc+0x35f/0x10d0 [ 35.670119] test_corruption+0xe7/0x3e0 [ 35.670412] kunit_try_run_case+0x1b3/0x490 [ 35.671166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.671664] kthread+0x257/0x310 [ 35.671933] ret_from_fork+0x41/0x80 [ 35.672411] ret_from_fork_asm+0x1a/0x30 [ 35.672786] [ 35.672945] freed by task 319 on cpu 0 at 35.661428s (0.011514s ago): [ 35.673397] test_corruption+0x2d4/0x3e0 [ 35.673868] kunit_try_run_case+0x1b3/0x490 [ 35.674426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.675032] kthread+0x257/0x310 [ 35.675371] ret_from_fork+0x41/0x80 [ 35.675807] ret_from_fork_asm+0x1a/0x30 [ 35.676340] [ 35.676580] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.677158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.677633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.678680] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 63.846352] ================================================================== [ 63.847028] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 63.847028] [ 63.847605] Use-after-free read at 0x(____ptrval____) (in kfence-#153): [ 63.848476] test_krealloc+0x6fd/0xbe0 [ 63.849135] kunit_try_run_case+0x1b3/0x490 [ 63.849789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.850742] kthread+0x257/0x310 [ 63.851247] ret_from_fork+0x41/0x80 [ 63.851625] ret_from_fork_asm+0x1a/0x30 [ 63.852103] [ 63.852340] kfence-#153: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 63.852340] [ 63.853109] allocated by task 345 on cpu 0 at 63.845277s (0.007827s ago): [ 63.853671] test_alloc+0x35f/0x10d0 [ 63.854185] test_krealloc+0xae/0xbe0 [ 63.854554] kunit_try_run_case+0x1b3/0x490 [ 63.854987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.855515] kthread+0x257/0x310 [ 63.855847] ret_from_fork+0x41/0x80 [ 63.856302] ret_from_fork_asm+0x1a/0x30 [ 63.856804] [ 63.857064] freed by task 345 on cpu 0 at 63.845618s (0.011442s ago): [ 63.857580] krealloc_noprof+0x108/0x340 [ 63.858142] test_krealloc+0x227/0xbe0 [ 63.858471] kunit_try_run_case+0x1b3/0x490 [ 63.858947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.859551] kthread+0x257/0x310 [ 63.859905] ret_from_fork+0x41/0x80 [ 63.860405] ret_from_fork_asm+0x1a/0x30 [ 63.860697] [ 63.860904] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 63.861862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.862385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.863149] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 63.758349] ================================================================== [ 63.758997] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.758997] [ 63.760141] Use-after-free read at 0x(____ptrval____) (in kfence-#152): [ 63.761326] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.761686] kunit_try_run_case+0x1b3/0x490 [ 63.762429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.763007] kthread+0x257/0x310 [ 63.763356] ret_from_fork+0x41/0x80 [ 63.763941] ret_from_fork_asm+0x1a/0x30 [ 63.764765] [ 63.765030] kfence-#152: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 63.765030] [ 63.765827] allocated by task 343 on cpu 0 at 63.741511s (0.024312s ago): [ 63.766572] test_alloc+0x2a7/0x10d0 [ 63.766921] test_memcache_typesafe_by_rcu+0x170/0x670 [ 63.767358] kunit_try_run_case+0x1b3/0x490 [ 63.767872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.768957] kthread+0x257/0x310 [ 63.769574] ret_from_fork+0x41/0x80 [ 63.770073] ret_from_fork_asm+0x1a/0x30 [ 63.770503] [ 63.770664] freed by task 343 on cpu 0 at 63.741603s (0.029057s ago): [ 63.771279] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 63.771951] kunit_try_run_case+0x1b3/0x490 [ 63.772377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.772737] kthread+0x257/0x310 [ 63.773211] ret_from_fork+0x41/0x80 [ 63.773578] ret_from_fork_asm+0x1a/0x30 [ 63.774062] [ 63.774288] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 63.775077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.775456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.776257] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 39.541812] ================================================================== [ 39.542756] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 39.542756] [ 39.543547] Invalid read at 0x(____ptrval____): [ 39.544619] test_invalid_access+0xf1/0x210 [ 39.545766] kunit_try_run_case+0x1b3/0x490 [ 39.546518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.547260] kthread+0x257/0x310 [ 39.547781] ret_from_fork+0x41/0x80 [ 39.548262] ret_from_fork_asm+0x1a/0x30 [ 39.548950] [ 39.549533] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 39.550895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.551839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.553483] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 39.301602] ================================================================== [ 39.302349] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.302349] [ 39.303100] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#148): [ 39.304362] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.304713] kunit_try_run_case+0x1b3/0x490 [ 39.305447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.306149] kthread+0x257/0x310 [ 39.306492] ret_from_fork+0x41/0x80 [ 39.307003] ret_from_fork_asm+0x1a/0x30 [ 39.307591] [ 39.307799] kfence-#148: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.307799] [ 39.308899] allocated by task 333 on cpu 0 at 39.301331s (0.007564s ago): [ 39.309764] test_alloc+0x35f/0x10d0 [ 39.310359] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 39.310898] kunit_try_run_case+0x1b3/0x490 [ 39.311460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.312133] kthread+0x257/0x310 [ 39.312590] ret_from_fork+0x41/0x80 [ 39.312904] ret_from_fork_asm+0x1a/0x30 [ 39.313542] [ 39.313707] freed by task 333 on cpu 0 at 39.301487s (0.012215s ago): [ 39.314569] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.315338] kunit_try_run_case+0x1b3/0x490 [ 39.316117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.316976] kthread+0x257/0x310 [ 39.317592] ret_from_fork+0x41/0x80 [ 39.317976] ret_from_fork_asm+0x1a/0x30 [ 39.318662] [ 39.318874] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 39.320516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.320928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.321611] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 32.735112] ================================================================== [ 32.736461] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 32.737199] Write of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 32.737829] [ 32.738190] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.739243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.739683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.740594] Call Trace: [ 32.741072] <TASK> [ 32.741437] dump_stack_lvl+0x73/0xb0 [ 32.741834] print_report+0xd1/0x640 [ 32.742385] ? __virt_addr_valid+0x1db/0x2d0 [ 32.742762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.743353] kasan_report+0x102/0x140 [ 32.743658] ? _copy_from_user+0x33/0xa0 [ 32.744106] ? _copy_from_user+0x33/0xa0 [ 32.744622] kasan_check_range+0x10c/0x1c0 [ 32.745194] __kasan_check_write+0x18/0x20 [ 32.745496] _copy_from_user+0x33/0xa0 [ 32.745940] copy_user_test_oob+0x2bf/0x10f0 [ 32.746535] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.746966] ? finish_task_switch.isra.0+0x153/0x700 [ 32.747598] ? __switch_to+0x5d9/0xf60 [ 32.747931] ? __schedule+0xc3e/0x2790 [ 32.748465] ? __pfx_read_tsc+0x10/0x10 [ 32.748839] ? ktime_get_ts64+0x84/0x230 [ 32.749336] kunit_try_run_case+0x1b3/0x490 [ 32.749836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.750408] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.750934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.751529] ? __kthread_parkme+0x82/0x160 [ 32.751855] ? preempt_count_sub+0x50/0x80 [ 32.752394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.752803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.753522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.753976] kthread+0x257/0x310 [ 32.754422] ? __pfx_kthread+0x10/0x10 [ 32.754764] ret_from_fork+0x41/0x80 [ 32.755279] ? __pfx_kthread+0x10/0x10 [ 32.755690] ret_from_fork_asm+0x1a/0x30 [ 32.756181] </TASK> [ 32.756513] [ 32.756761] Allocated by task 293: [ 32.757260] kasan_save_stack+0x3d/0x60 [ 32.757548] kasan_save_track+0x18/0x40 [ 32.758140] kasan_save_alloc_info+0x3b/0x50 [ 32.758506] __kasan_kmalloc+0xb7/0xc0 [ 32.758937] __kmalloc_noprof+0x1c4/0x500 [ 32.759496] kunit_kmalloc_array+0x25/0x60 [ 32.759895] copy_user_test_oob+0xac/0x10f0 [ 32.760368] kunit_try_run_case+0x1b3/0x490 [ 32.760872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.761414] kthread+0x257/0x310 [ 32.761724] ret_from_fork+0x41/0x80 [ 32.762063] ret_from_fork_asm+0x1a/0x30 [ 32.762576] [ 32.762833] The buggy address belongs to the object at ffff888102a58900 [ 32.762833] which belongs to the cache kmalloc-128 of size 128 [ 32.763931] The buggy address is located 0 bytes inside of [ 32.763931] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 32.766090] [ 32.766324] The buggy address belongs to the physical page: [ 32.766749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 32.767451] flags: 0x200000000000000(node=0|zone=2) [ 32.767910] page_type: f5(slab) [ 32.768375] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.769137] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.769795] page dumped because: kasan: bad access detected [ 32.770465] [ 32.770698] Memory state around the buggy address: [ 32.771213] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.771825] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.772555] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.773112] ^ [ 32.773854] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.774470] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.775233] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 32.665522] ================================================================== [ 32.666485] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 32.667439] Write of size 8 at addr ffff888101ac1178 by task kunit_try_catch/289 [ 32.668112] [ 32.668446] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.669527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.669969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.670883] Call Trace: [ 32.671158] <TASK> [ 32.671356] dump_stack_lvl+0x73/0xb0 [ 32.671868] print_report+0xd1/0x640 [ 32.672476] ? __virt_addr_valid+0x1db/0x2d0 [ 32.673447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.674376] kasan_report+0x102/0x140 [ 32.674892] ? copy_to_kernel_nofault+0x99/0x260 [ 32.675358] ? copy_to_kernel_nofault+0x99/0x260 [ 32.675926] kasan_check_range+0x10c/0x1c0 [ 32.676674] __kasan_check_write+0x18/0x20 [ 32.677112] copy_to_kernel_nofault+0x99/0x260 [ 32.677767] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 32.678189] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.678568] ? finish_task_switch.isra.0+0x153/0x700 [ 32.679217] ? __schedule+0xc3e/0x2790 [ 32.679760] ? trace_hardirqs_on+0x37/0xe0 [ 32.680440] ? __pfx_read_tsc+0x10/0x10 [ 32.680893] ? ktime_get_ts64+0x84/0x230 [ 32.681478] kunit_try_run_case+0x1b3/0x490 [ 32.682184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.682534] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.682861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.683394] ? __kthread_parkme+0x82/0x160 [ 32.683822] ? preempt_count_sub+0x50/0x80 [ 32.685416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.687207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.688260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.688797] kthread+0x257/0x310 [ 32.689756] ? __pfx_kthread+0x10/0x10 [ 32.690296] ret_from_fork+0x41/0x80 [ 32.690702] ? __pfx_kthread+0x10/0x10 [ 32.691205] ret_from_fork_asm+0x1a/0x30 [ 32.691572] </TASK> [ 32.691886] [ 32.692296] Allocated by task 289: [ 32.692779] kasan_save_stack+0x3d/0x60 [ 32.693152] kasan_save_track+0x18/0x40 [ 32.693761] kasan_save_alloc_info+0x3b/0x50 [ 32.694654] __kasan_kmalloc+0xb7/0xc0 [ 32.695237] __kmalloc_cache_noprof+0x184/0x410 [ 32.695604] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.696401] kunit_try_run_case+0x1b3/0x490 [ 32.696781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.697546] kthread+0x257/0x310 [ 32.698331] ret_from_fork+0x41/0x80 [ 32.698789] ret_from_fork_asm+0x1a/0x30 [ 32.699100] [ 32.699287] The buggy address belongs to the object at ffff888101ac1100 [ 32.699287] which belongs to the cache kmalloc-128 of size 128 [ 32.700634] The buggy address is located 0 bytes to the right of [ 32.700634] allocated 120-byte region [ffff888101ac1100, ffff888101ac1178) [ 32.702944] [ 32.703301] The buggy address belongs to the physical page: [ 32.703876] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac1 [ 32.704354] flags: 0x200000000000000(node=0|zone=2) [ 32.705060] page_type: f5(slab) [ 32.705609] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.706738] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.707214] page dumped because: kasan: bad access detected [ 32.708070] [ 32.708549] Memory state around the buggy address: [ 32.709139] ffff888101ac1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.709762] ffff888101ac1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.710557] >ffff888101ac1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.711592] ^ [ 32.712077] ffff888101ac1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.712859] ffff888101ac1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.713612] ================================================================== [ 32.618398] ================================================================== [ 32.619835] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 32.620718] Read of size 8 at addr ffff888101ac1178 by task kunit_try_catch/289 [ 32.621503] [ 32.621786] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.623554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.623978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.625341] Call Trace: [ 32.625627] <TASK> [ 32.625893] dump_stack_lvl+0x73/0xb0 [ 32.626317] print_report+0xd1/0x640 [ 32.626727] ? __virt_addr_valid+0x1db/0x2d0 [ 32.627930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.628862] kasan_report+0x102/0x140 [ 32.629716] ? copy_to_kernel_nofault+0x225/0x260 [ 32.630299] ? copy_to_kernel_nofault+0x225/0x260 [ 32.630871] __asan_report_load8_noabort+0x18/0x20 [ 32.631479] copy_to_kernel_nofault+0x225/0x260 [ 32.632008] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 32.632458] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.633283] ? finish_task_switch.isra.0+0x153/0x700 [ 32.633752] ? __schedule+0xc3e/0x2790 [ 32.634179] ? trace_hardirqs_on+0x37/0xe0 [ 32.634699] ? __pfx_read_tsc+0x10/0x10 [ 32.635173] ? ktime_get_ts64+0x84/0x230 [ 32.635896] kunit_try_run_case+0x1b3/0x490 [ 32.636600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.637199] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.637794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.638288] ? __kthread_parkme+0x82/0x160 [ 32.638827] ? preempt_count_sub+0x50/0x80 [ 32.639305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.640073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.640797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.641529] kthread+0x257/0x310 [ 32.642151] ? __pfx_kthread+0x10/0x10 [ 32.642845] ret_from_fork+0x41/0x80 [ 32.643184] ? __pfx_kthread+0x10/0x10 [ 32.643741] ret_from_fork_asm+0x1a/0x30 [ 32.644165] </TASK> [ 32.644477] [ 32.644700] Allocated by task 289: [ 32.645276] kasan_save_stack+0x3d/0x60 [ 32.645585] kasan_save_track+0x18/0x40 [ 32.645869] kasan_save_alloc_info+0x3b/0x50 [ 32.646391] __kasan_kmalloc+0xb7/0xc0 [ 32.647110] __kmalloc_cache_noprof+0x184/0x410 [ 32.647933] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.648549] kunit_try_run_case+0x1b3/0x490 [ 32.649200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.649555] kthread+0x257/0x310 [ 32.649844] ret_from_fork+0x41/0x80 [ 32.650467] ret_from_fork_asm+0x1a/0x30 [ 32.651115] [ 32.651421] The buggy address belongs to the object at ffff888101ac1100 [ 32.651421] which belongs to the cache kmalloc-128 of size 128 [ 32.652952] The buggy address is located 0 bytes to the right of [ 32.652952] allocated 120-byte region [ffff888101ac1100, ffff888101ac1178) [ 32.653934] [ 32.654257] The buggy address belongs to the physical page: [ 32.655121] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac1 [ 32.655932] flags: 0x200000000000000(node=0|zone=2) [ 32.656448] page_type: f5(slab) [ 32.656708] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.657547] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.658743] page dumped because: kasan: bad access detected [ 32.659394] [ 32.659551] Memory state around the buggy address: [ 32.659868] ffff888101ac1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.661065] ffff888101ac1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.661735] >ffff888101ac1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.662280] ^ [ 32.663031] ffff888101ac1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.663720] ffff888101ac1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.664370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 30.742459] ================================================================== [ 30.743595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 30.744434] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.745319] [ 30.745558] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.746650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.747183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.748157] Call Trace: [ 30.748505] <TASK> [ 30.748894] dump_stack_lvl+0x73/0xb0 [ 30.749371] print_report+0xd1/0x640 [ 30.749966] ? __virt_addr_valid+0x1db/0x2d0 [ 30.750696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.751346] kasan_report+0x102/0x140 [ 30.751960] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.752430] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.753087] kasan_check_range+0x10c/0x1c0 [ 30.753660] __kasan_check_write+0x18/0x20 [ 30.754165] kasan_atomics_helper+0xfaa/0x5450 [ 30.754746] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.755354] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.756071] ? kasan_atomics+0x153/0x310 [ 30.756585] kasan_atomics+0x1dd/0x310 [ 30.757226] ? __pfx_kasan_atomics+0x10/0x10 [ 30.757677] ? __pfx_read_tsc+0x10/0x10 [ 30.758409] ? ktime_get_ts64+0x84/0x230 [ 30.758813] kunit_try_run_case+0x1b3/0x490 [ 30.759417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.759834] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.760522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.761095] ? __kthread_parkme+0x82/0x160 [ 30.761510] ? preempt_count_sub+0x50/0x80 [ 30.762111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.762739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.763621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.764379] kthread+0x257/0x310 [ 30.764741] ? __pfx_kthread+0x10/0x10 [ 30.765299] ret_from_fork+0x41/0x80 [ 30.765863] ? __pfx_kthread+0x10/0x10 [ 30.766471] ret_from_fork_asm+0x1a/0x30 [ 30.766950] </TASK> [ 30.767391] [ 30.767644] Allocated by task 273: [ 30.768016] kasan_save_stack+0x3d/0x60 [ 30.768597] kasan_save_track+0x18/0x40 [ 30.769278] kasan_save_alloc_info+0x3b/0x50 [ 30.769818] __kasan_kmalloc+0xb7/0xc0 [ 30.770292] __kmalloc_cache_noprof+0x184/0x410 [ 30.770937] kasan_atomics+0x96/0x310 [ 30.771289] kunit_try_run_case+0x1b3/0x490 [ 30.771820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.772617] kthread+0x257/0x310 [ 30.773013] ret_from_fork+0x41/0x80 [ 30.773757] ret_from_fork_asm+0x1a/0x30 [ 30.774362] [ 30.774607] The buggy address belongs to the object at ffff888101aba780 [ 30.774607] which belongs to the cache kmalloc-64 of size 64 [ 30.776707] The buggy address is located 0 bytes to the right of [ 30.776707] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.778506] [ 30.778676] The buggy address belongs to the physical page: [ 30.779080] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.780432] flags: 0x200000000000000(node=0|zone=2) [ 30.780847] page_type: f5(slab) [ 30.781650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.782567] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.783285] page dumped because: kasan: bad access detected [ 30.784131] [ 30.784557] Memory state around the buggy address: [ 30.785285] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.786572] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.787237] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.788252] ^ [ 30.788756] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.789127] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.789792] ================================================================== [ 31.837116] ================================================================== [ 31.837873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 31.839215] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.839755] [ 31.839930] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.841444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.842044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.843095] Call Trace: [ 31.843575] <TASK> [ 31.843828] dump_stack_lvl+0x73/0xb0 [ 31.844603] print_report+0xd1/0x640 [ 31.844975] ? __virt_addr_valid+0x1db/0x2d0 [ 31.845655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.846312] kasan_report+0x102/0x140 [ 31.846686] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.847148] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.847959] kasan_check_range+0x10c/0x1c0 [ 31.848553] __kasan_check_write+0x18/0x20 [ 31.849155] kasan_atomics_helper+0x1b23/0x5450 [ 31.849733] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.850439] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.850862] ? kasan_atomics+0x153/0x310 [ 31.851722] kasan_atomics+0x1dd/0x310 [ 31.852219] ? __pfx_kasan_atomics+0x10/0x10 [ 31.852850] ? __pfx_read_tsc+0x10/0x10 [ 31.853427] ? ktime_get_ts64+0x84/0x230 [ 31.853967] kunit_try_run_case+0x1b3/0x490 [ 31.854582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.855052] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.855879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.856549] ? __kthread_parkme+0x82/0x160 [ 31.857175] ? preempt_count_sub+0x50/0x80 [ 31.857797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.858503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.859270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.859916] kthread+0x257/0x310 [ 31.860383] ? __pfx_kthread+0x10/0x10 [ 31.860760] ret_from_fork+0x41/0x80 [ 31.861645] ? __pfx_kthread+0x10/0x10 [ 31.862027] ret_from_fork_asm+0x1a/0x30 [ 31.862551] </TASK> [ 31.863075] [ 31.863364] Allocated by task 273: [ 31.863727] kasan_save_stack+0x3d/0x60 [ 31.864682] kasan_save_track+0x18/0x40 [ 31.865079] kasan_save_alloc_info+0x3b/0x50 [ 31.865537] __kasan_kmalloc+0xb7/0xc0 [ 31.865915] __kmalloc_cache_noprof+0x184/0x410 [ 31.866753] kasan_atomics+0x96/0x310 [ 31.867359] kunit_try_run_case+0x1b3/0x490 [ 31.867904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.868522] kthread+0x257/0x310 [ 31.868816] ret_from_fork+0x41/0x80 [ 31.869651] ret_from_fork_asm+0x1a/0x30 [ 31.870080] [ 31.870291] The buggy address belongs to the object at ffff888101aba780 [ 31.870291] which belongs to the cache kmalloc-64 of size 64 [ 31.871628] The buggy address is located 0 bytes to the right of [ 31.871628] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.873031] [ 31.873242] The buggy address belongs to the physical page: [ 31.873759] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.874812] flags: 0x200000000000000(node=0|zone=2) [ 31.875376] page_type: f5(slab) [ 31.875956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.876766] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.877633] page dumped because: kasan: bad access detected [ 31.878211] [ 31.878409] Memory state around the buggy address: [ 31.879275] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.879886] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.880749] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.881548] ^ [ 31.882107] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.882935] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.883540] ================================================================== [ 30.924233] ================================================================== [ 30.924650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 30.925881] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.926591] [ 30.926783] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.927886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.928489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.929248] Call Trace: [ 30.929613] <TASK> [ 30.929942] dump_stack_lvl+0x73/0xb0 [ 30.930363] print_report+0xd1/0x640 [ 30.930904] ? __virt_addr_valid+0x1db/0x2d0 [ 30.931536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.932192] kasan_report+0x102/0x140 [ 30.932720] ? kasan_atomics_helper+0x1149/0x5450 [ 30.933304] ? kasan_atomics_helper+0x1149/0x5450 [ 30.933773] kasan_check_range+0x10c/0x1c0 [ 30.935078] __kasan_check_write+0x18/0x20 [ 30.935601] kasan_atomics_helper+0x1149/0x5450 [ 30.936405] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.936634] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.936842] ? kasan_atomics+0x153/0x310 [ 30.937150] kasan_atomics+0x1dd/0x310 [ 30.937855] ? __pfx_kasan_atomics+0x10/0x10 [ 30.938336] ? __pfx_read_tsc+0x10/0x10 [ 30.938779] ? ktime_get_ts64+0x84/0x230 [ 30.939704] kunit_try_run_case+0x1b3/0x490 [ 30.940256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.940617] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.941192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.941614] ? __kthread_parkme+0x82/0x160 [ 30.942092] ? preempt_count_sub+0x50/0x80 [ 30.942863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.943556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.944487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.945384] kthread+0x257/0x310 [ 30.945803] ? __pfx_kthread+0x10/0x10 [ 30.946126] ret_from_fork+0x41/0x80 [ 30.946634] ? __pfx_kthread+0x10/0x10 [ 30.947022] ret_from_fork_asm+0x1a/0x30 [ 30.947378] </TASK> [ 30.947716] [ 30.947949] Allocated by task 273: [ 30.948371] kasan_save_stack+0x3d/0x60 [ 30.948825] kasan_save_track+0x18/0x40 [ 30.949274] kasan_save_alloc_info+0x3b/0x50 [ 30.949582] __kasan_kmalloc+0xb7/0xc0 [ 30.950084] __kmalloc_cache_noprof+0x184/0x410 [ 30.950637] kasan_atomics+0x96/0x310 [ 30.950912] kunit_try_run_case+0x1b3/0x490 [ 30.951509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.952087] kthread+0x257/0x310 [ 30.952428] ret_from_fork+0x41/0x80 [ 30.952778] ret_from_fork_asm+0x1a/0x30 [ 30.953269] [ 30.953469] The buggy address belongs to the object at ffff888101aba780 [ 30.953469] which belongs to the cache kmalloc-64 of size 64 [ 30.954255] The buggy address is located 0 bytes to the right of [ 30.954255] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.955425] [ 30.955587] The buggy address belongs to the physical page: [ 30.955998] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.956944] flags: 0x200000000000000(node=0|zone=2) [ 30.957277] page_type: f5(slab) [ 30.957523] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.959081] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.959633] page dumped because: kasan: bad access detected [ 30.959977] [ 30.960279] Memory state around the buggy address: [ 30.960870] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.961815] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.962500] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.963162] ^ [ 30.963577] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.964203] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.964615] ================================================================== [ 31.184647] ================================================================== [ 31.185376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 31.185916] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.186844] [ 31.187034] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.188519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.189010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.189919] Call Trace: [ 31.190400] <TASK> [ 31.190836] dump_stack_lvl+0x73/0xb0 [ 31.191234] print_report+0xd1/0x640 [ 31.191907] ? __virt_addr_valid+0x1db/0x2d0 [ 31.192315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.192933] kasan_report+0x102/0x140 [ 31.193566] ? kasan_atomics_helper+0x13b6/0x5450 [ 31.194146] ? kasan_atomics_helper+0x13b6/0x5450 [ 31.194726] kasan_check_range+0x10c/0x1c0 [ 31.195410] __kasan_check_read+0x15/0x20 [ 31.195873] kasan_atomics_helper+0x13b6/0x5450 [ 31.196574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.197438] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.197884] ? kasan_atomics+0x153/0x310 [ 31.198443] kasan_atomics+0x1dd/0x310 [ 31.198952] ? __pfx_kasan_atomics+0x10/0x10 [ 31.199519] ? __pfx_read_tsc+0x10/0x10 [ 31.199818] ? ktime_get_ts64+0x84/0x230 [ 31.200247] kunit_try_run_case+0x1b3/0x490 [ 31.200833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.201534] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.201948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.202762] ? __kthread_parkme+0x82/0x160 [ 31.203391] ? preempt_count_sub+0x50/0x80 [ 31.203769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.204637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.205440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.205957] kthread+0x257/0x310 [ 31.206430] ? __pfx_kthread+0x10/0x10 [ 31.206942] ret_from_fork+0x41/0x80 [ 31.207459] ? __pfx_kthread+0x10/0x10 [ 31.207959] ret_from_fork_asm+0x1a/0x30 [ 31.208304] </TASK> [ 31.208611] [ 31.208965] Allocated by task 273: [ 31.209724] kasan_save_stack+0x3d/0x60 [ 31.210089] kasan_save_track+0x18/0x40 [ 31.210786] kasan_save_alloc_info+0x3b/0x50 [ 31.211268] __kasan_kmalloc+0xb7/0xc0 [ 31.211651] __kmalloc_cache_noprof+0x184/0x410 [ 31.212110] kasan_atomics+0x96/0x310 [ 31.212494] kunit_try_run_case+0x1b3/0x490 [ 31.213103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.213524] kthread+0x257/0x310 [ 31.213967] ret_from_fork+0x41/0x80 [ 31.214502] ret_from_fork_asm+0x1a/0x30 [ 31.214896] [ 31.215245] The buggy address belongs to the object at ffff888101aba780 [ 31.215245] which belongs to the cache kmalloc-64 of size 64 [ 31.216270] The buggy address is located 0 bytes to the right of [ 31.216270] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.217261] [ 31.217621] The buggy address belongs to the physical page: [ 31.218506] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.219305] flags: 0x200000000000000(node=0|zone=2) [ 31.219808] page_type: f5(slab) [ 31.220392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.221262] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.221778] page dumped because: kasan: bad access detected [ 31.222541] [ 31.222782] Memory state around the buggy address: [ 31.223220] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.224099] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.224952] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.225753] ^ [ 31.226372] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.227199] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.227809] ================================================================== [ 31.740189] ================================================================== [ 31.740812] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 31.741718] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.742512] [ 31.742833] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.743714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.744202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.744862] Call Trace: [ 31.745379] <TASK> [ 31.745730] dump_stack_lvl+0x73/0xb0 [ 31.746205] print_report+0xd1/0x640 [ 31.746718] ? __virt_addr_valid+0x1db/0x2d0 [ 31.747494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.748079] kasan_report+0x102/0x140 [ 31.748497] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.748968] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.749699] kasan_check_range+0x10c/0x1c0 [ 31.750096] __kasan_check_write+0x18/0x20 [ 31.750713] kasan_atomics_helper+0x19e4/0x5450 [ 31.751312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.751836] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.752398] ? kasan_atomics+0x153/0x310 [ 31.752960] kasan_atomics+0x1dd/0x310 [ 31.753326] ? __pfx_kasan_atomics+0x10/0x10 [ 31.753767] ? __pfx_read_tsc+0x10/0x10 [ 31.754533] ? ktime_get_ts64+0x84/0x230 [ 31.754929] kunit_try_run_case+0x1b3/0x490 [ 31.755447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.756078] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.756511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.757082] ? __kthread_parkme+0x82/0x160 [ 31.757634] ? preempt_count_sub+0x50/0x80 [ 31.757945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.758691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.759160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.759882] kthread+0x257/0x310 [ 31.760515] ? __pfx_kthread+0x10/0x10 [ 31.760950] ret_from_fork+0x41/0x80 [ 31.761446] ? __pfx_kthread+0x10/0x10 [ 31.761728] ret_from_fork_asm+0x1a/0x30 [ 31.762358] </TASK> [ 31.762699] [ 31.763095] Allocated by task 273: [ 31.763398] kasan_save_stack+0x3d/0x60 [ 31.763880] kasan_save_track+0x18/0x40 [ 31.764464] kasan_save_alloc_info+0x3b/0x50 [ 31.764945] __kasan_kmalloc+0xb7/0xc0 [ 31.765475] __kmalloc_cache_noprof+0x184/0x410 [ 31.766009] kasan_atomics+0x96/0x310 [ 31.766561] kunit_try_run_case+0x1b3/0x490 [ 31.766908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.768476] kthread+0x257/0x310 [ 31.768763] ret_from_fork+0x41/0x80 [ 31.769437] ret_from_fork_asm+0x1a/0x30 [ 31.769924] [ 31.770243] The buggy address belongs to the object at ffff888101aba780 [ 31.770243] which belongs to the cache kmalloc-64 of size 64 [ 31.771452] The buggy address is located 0 bytes to the right of [ 31.771452] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.772806] [ 31.773192] The buggy address belongs to the physical page: [ 31.773901] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.775166] flags: 0x200000000000000(node=0|zone=2) [ 31.775694] page_type: f5(slab) [ 31.776088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.776787] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.777373] page dumped because: kasan: bad access detected [ 31.778164] [ 31.778524] Memory state around the buggy address: [ 31.779467] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.780296] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.782120] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.782921] ^ [ 31.783421] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.784172] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.784446] ================================================================== [ 30.643111] ================================================================== [ 30.643703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 30.645474] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.646396] [ 30.646616] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.647681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.648241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.648805] Call Trace: [ 30.648945] <TASK> [ 30.649182] dump_stack_lvl+0x73/0xb0 [ 30.649688] print_report+0xd1/0x640 [ 30.650430] ? __virt_addr_valid+0x1db/0x2d0 [ 30.650864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.651485] kasan_report+0x102/0x140 [ 30.651800] ? kasan_atomics_helper+0xe79/0x5450 [ 30.652551] ? kasan_atomics_helper+0xe79/0x5450 [ 30.653440] kasan_check_range+0x10c/0x1c0 [ 30.653973] __kasan_check_write+0x18/0x20 [ 30.654429] kasan_atomics_helper+0xe79/0x5450 [ 30.654849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.655536] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.656140] ? kasan_atomics+0x153/0x310 [ 30.656642] kasan_atomics+0x1dd/0x310 [ 30.657145] ? __pfx_kasan_atomics+0x10/0x10 [ 30.657731] ? __pfx_read_tsc+0x10/0x10 [ 30.658325] ? ktime_get_ts64+0x84/0x230 [ 30.658783] kunit_try_run_case+0x1b3/0x490 [ 30.659742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.660693] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.661358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.661784] ? __kthread_parkme+0x82/0x160 [ 30.662409] ? preempt_count_sub+0x50/0x80 [ 30.663492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.663928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.664605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.665653] kthread+0x257/0x310 [ 30.666638] ? __pfx_kthread+0x10/0x10 [ 30.667055] ret_from_fork+0x41/0x80 [ 30.667735] ? __pfx_kthread+0x10/0x10 [ 30.668434] ret_from_fork_asm+0x1a/0x30 [ 30.668792] </TASK> [ 30.669092] [ 30.669678] Allocated by task 273: [ 30.670035] kasan_save_stack+0x3d/0x60 [ 30.670427] kasan_save_track+0x18/0x40 [ 30.670800] kasan_save_alloc_info+0x3b/0x50 [ 30.671660] __kasan_kmalloc+0xb7/0xc0 [ 30.672040] __kmalloc_cache_noprof+0x184/0x410 [ 30.672800] kasan_atomics+0x96/0x310 [ 30.673473] kunit_try_run_case+0x1b3/0x490 [ 30.673947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.674834] kthread+0x257/0x310 [ 30.675307] ret_from_fork+0x41/0x80 [ 30.675733] ret_from_fork_asm+0x1a/0x30 [ 30.676491] [ 30.676812] The buggy address belongs to the object at ffff888101aba780 [ 30.676812] which belongs to the cache kmalloc-64 of size 64 [ 30.678150] The buggy address is located 0 bytes to the right of [ 30.678150] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.680006] [ 30.680630] The buggy address belongs to the physical page: [ 30.681378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.682020] flags: 0x200000000000000(node=0|zone=2) [ 30.682603] page_type: f5(slab) [ 30.682898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.683810] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.684657] page dumped because: kasan: bad access detected [ 30.685306] [ 30.685553] Memory state around the buggy address: [ 30.686652] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.687339] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.688028] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.689284] ^ [ 30.689864] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.690793] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.691669] ================================================================== [ 30.388178] ================================================================== [ 30.388575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 30.390431] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.391250] [ 30.391362] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.391732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.391909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.393235] Call Trace: [ 30.393523] <TASK> [ 30.393809] dump_stack_lvl+0x73/0xb0 [ 30.394358] print_report+0xd1/0x640 [ 30.394647] ? __virt_addr_valid+0x1db/0x2d0 [ 30.395265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.395856] kasan_report+0x102/0x140 [ 30.396337] ? kasan_atomics_helper+0xac8/0x5450 [ 30.396877] ? kasan_atomics_helper+0xac8/0x5450 [ 30.397467] kasan_check_range+0x10c/0x1c0 [ 30.397783] __kasan_check_write+0x18/0x20 [ 30.398437] kasan_atomics_helper+0xac8/0x5450 [ 30.398748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.399266] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.399781] ? kasan_atomics+0x153/0x310 [ 30.400255] kasan_atomics+0x1dd/0x310 [ 30.400668] ? __pfx_kasan_atomics+0x10/0x10 [ 30.401151] ? __pfx_read_tsc+0x10/0x10 [ 30.401618] ? ktime_get_ts64+0x84/0x230 [ 30.401952] kunit_try_run_case+0x1b3/0x490 [ 30.402503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.402974] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.403426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.403950] ? __kthread_parkme+0x82/0x160 [ 30.404486] ? preempt_count_sub+0x50/0x80 [ 30.405071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.405556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.406195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.406811] kthread+0x257/0x310 [ 30.407153] ? __pfx_kthread+0x10/0x10 [ 30.407697] ret_from_fork+0x41/0x80 [ 30.408327] ? __pfx_kthread+0x10/0x10 [ 30.408732] ret_from_fork_asm+0x1a/0x30 [ 30.409148] </TASK> [ 30.409476] [ 30.409760] Allocated by task 273: [ 30.410253] kasan_save_stack+0x3d/0x60 [ 30.410688] kasan_save_track+0x18/0x40 [ 30.411420] kasan_save_alloc_info+0x3b/0x50 [ 30.412266] __kasan_kmalloc+0xb7/0xc0 [ 30.413050] __kmalloc_cache_noprof+0x184/0x410 [ 30.413493] kasan_atomics+0x96/0x310 [ 30.413921] kunit_try_run_case+0x1b3/0x490 [ 30.414605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.415083] kthread+0x257/0x310 [ 30.415467] ret_from_fork+0x41/0x80 [ 30.415888] ret_from_fork_asm+0x1a/0x30 [ 30.416368] [ 30.416622] The buggy address belongs to the object at ffff888101aba780 [ 30.416622] which belongs to the cache kmalloc-64 of size 64 [ 30.417674] The buggy address is located 0 bytes to the right of [ 30.417674] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.418957] [ 30.419299] The buggy address belongs to the physical page: [ 30.419806] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.420647] flags: 0x200000000000000(node=0|zone=2) [ 30.421209] page_type: f5(slab) [ 30.421662] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.422490] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.423257] page dumped because: kasan: bad access detected [ 30.423813] [ 30.424066] Memory state around the buggy address: [ 30.424626] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.425458] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.426186] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.426834] ^ [ 30.427436] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.427976] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.428576] ================================================================== [ 31.364354] ================================================================== [ 31.365337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 31.366586] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.367407] [ 31.367645] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.368595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.369153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.369835] Call Trace: [ 31.370301] <TASK> [ 31.370743] dump_stack_lvl+0x73/0xb0 [ 31.371243] print_report+0xd1/0x640 [ 31.371552] ? __virt_addr_valid+0x1db/0x2d0 [ 31.372187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.372761] kasan_report+0x102/0x140 [ 31.373266] ? kasan_atomics_helper+0x151e/0x5450 [ 31.373785] ? kasan_atomics_helper+0x151e/0x5450 [ 31.374498] kasan_check_range+0x10c/0x1c0 [ 31.374911] __kasan_check_write+0x18/0x20 [ 31.375595] kasan_atomics_helper+0x151e/0x5450 [ 31.376119] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.376622] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.377230] ? kasan_atomics+0x153/0x310 [ 31.377740] kasan_atomics+0x1dd/0x310 [ 31.378294] ? __pfx_kasan_atomics+0x10/0x10 [ 31.378900] ? __pfx_read_tsc+0x10/0x10 [ 31.379445] ? ktime_get_ts64+0x84/0x230 [ 31.379913] kunit_try_run_case+0x1b3/0x490 [ 31.380431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.380926] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.381376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.381975] ? __kthread_parkme+0x82/0x160 [ 31.382488] ? preempt_count_sub+0x50/0x80 [ 31.383101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.383536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.384180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.385101] kthread+0x257/0x310 [ 31.385577] ? __pfx_kthread+0x10/0x10 [ 31.385947] ret_from_fork+0x41/0x80 [ 31.386627] ? __pfx_kthread+0x10/0x10 [ 31.387116] ret_from_fork_asm+0x1a/0x30 [ 31.387537] </TASK> [ 31.388032] [ 31.388331] Allocated by task 273: [ 31.388579] kasan_save_stack+0x3d/0x60 [ 31.389108] kasan_save_track+0x18/0x40 [ 31.389574] kasan_save_alloc_info+0x3b/0x50 [ 31.389933] __kasan_kmalloc+0xb7/0xc0 [ 31.390688] __kmalloc_cache_noprof+0x184/0x410 [ 31.391308] kasan_atomics+0x96/0x310 [ 31.391730] kunit_try_run_case+0x1b3/0x490 [ 31.392146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.392621] kthread+0x257/0x310 [ 31.393110] ret_from_fork+0x41/0x80 [ 31.393722] ret_from_fork_asm+0x1a/0x30 [ 31.394303] [ 31.394545] The buggy address belongs to the object at ffff888101aba780 [ 31.394545] which belongs to the cache kmalloc-64 of size 64 [ 31.395471] The buggy address is located 0 bytes to the right of [ 31.395471] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.396504] [ 31.396707] The buggy address belongs to the physical page: [ 31.397267] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.398761] flags: 0x200000000000000(node=0|zone=2) [ 31.399607] page_type: f5(slab) [ 31.400468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.401101] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.401794] page dumped because: kasan: bad access detected [ 31.402401] [ 31.402641] Memory state around the buggy address: [ 31.403225] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.403842] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.404566] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.405310] ^ [ 31.405701] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.406482] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.407017] ================================================================== [ 29.601623] ================================================================== [ 29.603205] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 29.603923] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.604658] [ 29.605751] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.607174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.607740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.608781] Call Trace: [ 29.609002] <TASK> [ 29.609555] dump_stack_lvl+0x73/0xb0 [ 29.610000] print_report+0xd1/0x640 [ 29.610872] ? __virt_addr_valid+0x1db/0x2d0 [ 29.611859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.612500] kasan_report+0x102/0x140 [ 29.613224] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.613850] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.614507] __asan_report_store4_noabort+0x1b/0x30 [ 29.615641] kasan_atomics_helper+0x4ba4/0x5450 [ 29.616182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.616866] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.617667] ? kasan_atomics+0x153/0x310 [ 29.618092] kasan_atomics+0x1dd/0x310 [ 29.618870] ? __pfx_kasan_atomics+0x10/0x10 [ 29.619741] ? __pfx_read_tsc+0x10/0x10 [ 29.620403] ? ktime_get_ts64+0x84/0x230 [ 29.620872] kunit_try_run_case+0x1b3/0x490 [ 29.621866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.622502] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.623156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.624293] ? __kthread_parkme+0x82/0x160 [ 29.625192] ? preempt_count_sub+0x50/0x80 [ 29.625664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.626511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.626956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.627692] kthread+0x257/0x310 [ 29.628190] ? __pfx_kthread+0x10/0x10 [ 29.628796] ret_from_fork+0x41/0x80 [ 29.629171] ? __pfx_kthread+0x10/0x10 [ 29.629929] ret_from_fork_asm+0x1a/0x30 [ 29.630667] </TASK> [ 29.630965] [ 29.631293] Allocated by task 273: [ 29.631710] kasan_save_stack+0x3d/0x60 [ 29.632267] kasan_save_track+0x18/0x40 [ 29.632716] kasan_save_alloc_info+0x3b/0x50 [ 29.633574] __kasan_kmalloc+0xb7/0xc0 [ 29.633963] __kmalloc_cache_noprof+0x184/0x410 [ 29.634627] kasan_atomics+0x96/0x310 [ 29.635305] kunit_try_run_case+0x1b3/0x490 [ 29.635885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.636475] kthread+0x257/0x310 [ 29.637215] ret_from_fork+0x41/0x80 [ 29.637581] ret_from_fork_asm+0x1a/0x30 [ 29.638130] [ 29.638330] The buggy address belongs to the object at ffff888101aba780 [ 29.638330] which belongs to the cache kmalloc-64 of size 64 [ 29.639352] The buggy address is located 0 bytes to the right of [ 29.639352] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.640657] [ 29.640886] The buggy address belongs to the physical page: [ 29.641603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.642528] flags: 0x200000000000000(node=0|zone=2) [ 29.643045] page_type: f5(slab) [ 29.643693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.644573] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.645506] page dumped because: kasan: bad access detected [ 29.646061] [ 29.646551] Memory state around the buggy address: [ 29.647057] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.648241] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.648803] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.649663] ^ [ 29.650302] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.651047] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.651928] ================================================================== [ 32.108340] ================================================================== [ 32.109227] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 32.109938] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.110626] [ 32.110906] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.111727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.112058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.112904] Call Trace: [ 32.113297] <TASK> [ 32.113637] dump_stack_lvl+0x73/0xb0 [ 32.114115] print_report+0xd1/0x640 [ 32.114537] ? __virt_addr_valid+0x1db/0x2d0 [ 32.115058] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.115544] kasan_report+0x102/0x140 [ 32.116092] ? kasan_atomics_helper+0x1eab/0x5450 [ 32.116449] ? kasan_atomics_helper+0x1eab/0x5450 [ 32.117113] kasan_check_range+0x10c/0x1c0 [ 32.117497] __kasan_check_write+0x18/0x20 [ 32.117797] kasan_atomics_helper+0x1eab/0x5450 [ 32.118385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.118726] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.119499] ? kasan_atomics+0x153/0x310 [ 32.120240] kasan_atomics+0x1dd/0x310 [ 32.120932] ? __pfx_kasan_atomics+0x10/0x10 [ 32.121768] ? __pfx_read_tsc+0x10/0x10 [ 32.122295] ? ktime_get_ts64+0x84/0x230 [ 32.122776] kunit_try_run_case+0x1b3/0x490 [ 32.123371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.123859] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.124390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.124919] ? __kthread_parkme+0x82/0x160 [ 32.125437] ? preempt_count_sub+0x50/0x80 [ 32.126003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.126630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.127200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.127822] kthread+0x257/0x310 [ 32.128386] ? __pfx_kthread+0x10/0x10 [ 32.128790] ret_from_fork+0x41/0x80 [ 32.129391] ? __pfx_kthread+0x10/0x10 [ 32.129775] ret_from_fork_asm+0x1a/0x30 [ 32.130314] </TASK> [ 32.130676] [ 32.130921] Allocated by task 273: [ 32.131418] kasan_save_stack+0x3d/0x60 [ 32.131846] kasan_save_track+0x18/0x40 [ 32.132358] kasan_save_alloc_info+0x3b/0x50 [ 32.132778] __kasan_kmalloc+0xb7/0xc0 [ 32.133309] __kmalloc_cache_noprof+0x184/0x410 [ 32.133901] kasan_atomics+0x96/0x310 [ 32.134455] kunit_try_run_case+0x1b3/0x490 [ 32.134921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.135569] kthread+0x257/0x310 [ 32.135958] ret_from_fork+0x41/0x80 [ 32.136369] ret_from_fork_asm+0x1a/0x30 [ 32.136831] [ 32.137199] The buggy address belongs to the object at ffff888101aba780 [ 32.137199] which belongs to the cache kmalloc-64 of size 64 [ 32.138242] The buggy address is located 0 bytes to the right of [ 32.138242] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.139418] [ 32.139671] The buggy address belongs to the physical page: [ 32.140096] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.140894] flags: 0x200000000000000(node=0|zone=2) [ 32.141443] page_type: f5(slab) [ 32.141697] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.142649] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.143331] page dumped because: kasan: bad access detected [ 32.143845] [ 32.144142] Memory state around the buggy address: [ 32.144648] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.145409] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.146134] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.146869] ^ [ 32.147382] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.148056] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.148707] ================================================================== [ 32.353925] ================================================================== [ 32.354454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 32.355069] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.355853] [ 32.356198] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.357001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.357372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.358207] Call Trace: [ 32.358440] <TASK> [ 32.358636] dump_stack_lvl+0x73/0xb0 [ 32.359159] print_report+0xd1/0x640 [ 32.359565] ? __virt_addr_valid+0x1db/0x2d0 [ 32.359947] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.360626] kasan_report+0x102/0x140 [ 32.361003] ? kasan_atomics_helper+0x4fb4/0x5450 [ 32.361455] ? kasan_atomics_helper+0x4fb4/0x5450 [ 32.361886] __asan_report_load8_noabort+0x18/0x20 [ 32.362399] kasan_atomics_helper+0x4fb4/0x5450 [ 32.362965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.363608] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.364101] ? kasan_atomics+0x153/0x310 [ 32.364595] kasan_atomics+0x1dd/0x310 [ 32.364927] ? __pfx_kasan_atomics+0x10/0x10 [ 32.365411] ? __pfx_read_tsc+0x10/0x10 [ 32.365805] ? ktime_get_ts64+0x84/0x230 [ 32.366274] kunit_try_run_case+0x1b3/0x490 [ 32.366786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.367263] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.367747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.368218] ? __kthread_parkme+0x82/0x160 [ 32.368665] ? preempt_count_sub+0x50/0x80 [ 32.368974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.369585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.370327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.370762] kthread+0x257/0x310 [ 32.371190] ? __pfx_kthread+0x10/0x10 [ 32.371565] ret_from_fork+0x41/0x80 [ 32.372072] ? __pfx_kthread+0x10/0x10 [ 32.372418] ret_from_fork_asm+0x1a/0x30 [ 32.372874] </TASK> [ 32.373153] [ 32.373312] Allocated by task 273: [ 32.373552] kasan_save_stack+0x3d/0x60 [ 32.373836] kasan_save_track+0x18/0x40 [ 32.374311] kasan_save_alloc_info+0x3b/0x50 [ 32.374859] __kasan_kmalloc+0xb7/0xc0 [ 32.375442] __kmalloc_cache_noprof+0x184/0x410 [ 32.375959] kasan_atomics+0x96/0x310 [ 32.376260] kunit_try_run_case+0x1b3/0x490 [ 32.376700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.377404] kthread+0x257/0x310 [ 32.377895] ret_from_fork+0x41/0x80 [ 32.378500] ret_from_fork_asm+0x1a/0x30 [ 32.378970] [ 32.379251] The buggy address belongs to the object at ffff888101aba780 [ 32.379251] which belongs to the cache kmalloc-64 of size 64 [ 32.380308] The buggy address is located 0 bytes to the right of [ 32.380308] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.381585] [ 32.382003] The buggy address belongs to the physical page: [ 32.382487] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.383418] flags: 0x200000000000000(node=0|zone=2) [ 32.383967] page_type: f5(slab) [ 32.384458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.385275] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.385908] page dumped because: kasan: bad access detected [ 32.386653] [ 32.386909] Memory state around the buggy address: [ 32.387516] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.388284] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.389009] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.389535] ^ [ 32.389965] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.390708] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.391135] ================================================================== [ 32.437516] ================================================================== [ 32.438275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 32.438832] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.439526] [ 32.439727] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.440479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.440756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.441802] Call Trace: [ 32.442257] <TASK> [ 32.442465] dump_stack_lvl+0x73/0xb0 [ 32.442759] print_report+0xd1/0x640 [ 32.443404] ? __virt_addr_valid+0x1db/0x2d0 [ 32.444331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.445180] kasan_report+0x102/0x140 [ 32.445578] ? kasan_atomics_helper+0x4fa7/0x5450 [ 32.445914] ? kasan_atomics_helper+0x4fa7/0x5450 [ 32.446587] __asan_report_load8_noabort+0x18/0x20 [ 32.447315] kasan_atomics_helper+0x4fa7/0x5450 [ 32.447900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.448661] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.449336] ? kasan_atomics+0x153/0x310 [ 32.449671] kasan_atomics+0x1dd/0x310 [ 32.450384] ? __pfx_kasan_atomics+0x10/0x10 [ 32.450836] ? __pfx_read_tsc+0x10/0x10 [ 32.451490] ? ktime_get_ts64+0x84/0x230 [ 32.452045] kunit_try_run_case+0x1b3/0x490 [ 32.452519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.453344] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.453895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.454474] ? __kthread_parkme+0x82/0x160 [ 32.454883] ? preempt_count_sub+0x50/0x80 [ 32.455345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.455937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.456579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.457223] kthread+0x257/0x310 [ 32.457717] ? __pfx_kthread+0x10/0x10 [ 32.458208] ret_from_fork+0x41/0x80 [ 32.458628] ? __pfx_kthread+0x10/0x10 [ 32.459156] ret_from_fork_asm+0x1a/0x30 [ 32.459748] </TASK> [ 32.459954] [ 32.460268] Allocated by task 273: [ 32.460841] kasan_save_stack+0x3d/0x60 [ 32.461224] kasan_save_track+0x18/0x40 [ 32.461670] kasan_save_alloc_info+0x3b/0x50 [ 32.462166] __kasan_kmalloc+0xb7/0xc0 [ 32.462471] __kmalloc_cache_noprof+0x184/0x410 [ 32.462838] kasan_atomics+0x96/0x310 [ 32.463414] kunit_try_run_case+0x1b3/0x490 [ 32.463886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.464357] kthread+0x257/0x310 [ 32.464745] ret_from_fork+0x41/0x80 [ 32.465319] ret_from_fork_asm+0x1a/0x30 [ 32.465804] [ 32.466086] The buggy address belongs to the object at ffff888101aba780 [ 32.466086] which belongs to the cache kmalloc-64 of size 64 [ 32.467232] The buggy address is located 0 bytes to the right of [ 32.467232] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.468294] [ 32.468539] The buggy address belongs to the physical page: [ 32.469197] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.469793] flags: 0x200000000000000(node=0|zone=2) [ 32.470459] page_type: f5(slab) [ 32.470811] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.471904] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.473148] page dumped because: kasan: bad access detected [ 32.473739] [ 32.474023] Memory state around the buggy address: [ 32.474740] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.475845] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.477065] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.477680] ^ [ 32.478624] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.479582] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.480167] ================================================================== [ 32.533735] ================================================================== [ 32.535016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 32.536229] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.537387] [ 32.537603] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.539036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.539729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.540698] Call Trace: [ 32.541003] <TASK> [ 32.541354] dump_stack_lvl+0x73/0xb0 [ 32.542281] print_report+0xd1/0x640 [ 32.542702] ? __virt_addr_valid+0x1db/0x2d0 [ 32.543787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.544633] kasan_report+0x102/0x140 [ 32.545024] ? kasan_atomics_helper+0x5117/0x5450 [ 32.545851] ? kasan_atomics_helper+0x5117/0x5450 [ 32.546595] __asan_report_load8_noabort+0x18/0x20 [ 32.547018] kasan_atomics_helper+0x5117/0x5450 [ 32.547825] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.548351] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.549143] ? kasan_atomics+0x153/0x310 [ 32.549589] kasan_atomics+0x1dd/0x310 [ 32.549969] ? __pfx_kasan_atomics+0x10/0x10 [ 32.550825] ? __pfx_read_tsc+0x10/0x10 [ 32.551452] ? ktime_get_ts64+0x84/0x230 [ 32.551820] kunit_try_run_case+0x1b3/0x490 [ 32.552682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.553382] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.553857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.554953] ? __kthread_parkme+0x82/0x160 [ 32.555563] ? preempt_count_sub+0x50/0x80 [ 32.556029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.556565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.557736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.558646] kthread+0x257/0x310 [ 32.559319] ? __pfx_kthread+0x10/0x10 [ 32.559769] ret_from_fork+0x41/0x80 [ 32.560332] ? __pfx_kthread+0x10/0x10 [ 32.560769] ret_from_fork_asm+0x1a/0x30 [ 32.561163] </TASK> [ 32.561384] [ 32.561769] Allocated by task 273: [ 32.562252] kasan_save_stack+0x3d/0x60 [ 32.562755] kasan_save_track+0x18/0x40 [ 32.563568] kasan_save_alloc_info+0x3b/0x50 [ 32.564527] __kasan_kmalloc+0xb7/0xc0 [ 32.565419] __kmalloc_cache_noprof+0x184/0x410 [ 32.565880] kasan_atomics+0x96/0x310 [ 32.566915] kunit_try_run_case+0x1b3/0x490 [ 32.567714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.568329] kthread+0x257/0x310 [ 32.568827] ret_from_fork+0x41/0x80 [ 32.569146] ret_from_fork_asm+0x1a/0x30 [ 32.569776] [ 32.570003] The buggy address belongs to the object at ffff888101aba780 [ 32.570003] which belongs to the cache kmalloc-64 of size 64 [ 32.570935] The buggy address is located 0 bytes to the right of [ 32.570935] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.572192] [ 32.572478] The buggy address belongs to the physical page: [ 32.573049] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.573568] flags: 0x200000000000000(node=0|zone=2) [ 32.574248] page_type: f5(slab) [ 32.574671] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.575453] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.576227] page dumped because: kasan: bad access detected [ 32.576700] [ 32.576858] Memory state around the buggy address: [ 32.577518] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.578194] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.578928] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.579658] ^ [ 32.580145] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.580692] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.581655] ================================================================== [ 30.595638] ================================================================== [ 30.596648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 30.597675] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.598555] [ 30.598833] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.599688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.600342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.600974] Call Trace: [ 30.601451] <TASK> [ 30.601784] dump_stack_lvl+0x73/0xb0 [ 30.602460] print_report+0xd1/0x640 [ 30.602957] ? __virt_addr_valid+0x1db/0x2d0 [ 30.603493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.604203] kasan_report+0x102/0x140 [ 30.604684] ? kasan_atomics_helper+0xde1/0x5450 [ 30.605391] ? kasan_atomics_helper+0xde1/0x5450 [ 30.606075] kasan_check_range+0x10c/0x1c0 [ 30.606517] __kasan_check_write+0x18/0x20 [ 30.607145] kasan_atomics_helper+0xde1/0x5450 [ 30.607609] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.608095] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.608619] ? kasan_atomics+0x153/0x310 [ 30.609138] kasan_atomics+0x1dd/0x310 [ 30.609458] ? __pfx_kasan_atomics+0x10/0x10 [ 30.609780] ? __pfx_read_tsc+0x10/0x10 [ 30.610405] ? ktime_get_ts64+0x84/0x230 [ 30.611183] kunit_try_run_case+0x1b3/0x490 [ 30.611634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.612333] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.612778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.613256] ? __kthread_parkme+0x82/0x160 [ 30.613867] ? preempt_count_sub+0x50/0x80 [ 30.614511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.614843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.615901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.616410] kthread+0x257/0x310 [ 30.616884] ? __pfx_kthread+0x10/0x10 [ 30.617368] ret_from_fork+0x41/0x80 [ 30.618003] ? __pfx_kthread+0x10/0x10 [ 30.618519] ret_from_fork_asm+0x1a/0x30 [ 30.618891] </TASK> [ 30.619450] [ 30.619655] Allocated by task 273: [ 30.620202] kasan_save_stack+0x3d/0x60 [ 30.620517] kasan_save_track+0x18/0x40 [ 30.621022] kasan_save_alloc_info+0x3b/0x50 [ 30.621376] __kasan_kmalloc+0xb7/0xc0 [ 30.621867] __kmalloc_cache_noprof+0x184/0x410 [ 30.622682] kasan_atomics+0x96/0x310 [ 30.622962] kunit_try_run_case+0x1b3/0x490 [ 30.623284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.623669] kthread+0x257/0x310 [ 30.624138] ret_from_fork+0x41/0x80 [ 30.624739] ret_from_fork_asm+0x1a/0x30 [ 30.625503] [ 30.625883] The buggy address belongs to the object at ffff888101aba780 [ 30.625883] which belongs to the cache kmalloc-64 of size 64 [ 30.626819] The buggy address is located 0 bytes to the right of [ 30.626819] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.628519] [ 30.629369] The buggy address belongs to the physical page: [ 30.630675] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.631593] flags: 0x200000000000000(node=0|zone=2) [ 30.632237] page_type: f5(slab) [ 30.632767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.633556] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.634693] page dumped because: kasan: bad access detected [ 30.635416] [ 30.635866] Memory state around the buggy address: [ 30.636495] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.637582] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.638226] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.639500] ^ [ 30.640005] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.640882] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.641796] ================================================================== [ 29.549392] ================================================================== [ 29.550762] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 29.551739] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.552532] [ 29.553321] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.554531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.555164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.556170] Call Trace: [ 29.556809] <TASK> [ 29.557181] dump_stack_lvl+0x73/0xb0 [ 29.557518] print_report+0xd1/0x640 [ 29.558016] ? __virt_addr_valid+0x1db/0x2d0 [ 29.558810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.559707] kasan_report+0x102/0x140 [ 29.560408] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.560863] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.561576] __asan_report_load4_noabort+0x18/0x20 [ 29.562299] kasan_atomics_helper+0x4bbe/0x5450 [ 29.562880] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.563805] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.564478] ? kasan_atomics+0x153/0x310 [ 29.564952] kasan_atomics+0x1dd/0x310 [ 29.565617] ? __pfx_kasan_atomics+0x10/0x10 [ 29.566266] ? __pfx_read_tsc+0x10/0x10 [ 29.566822] ? ktime_get_ts64+0x84/0x230 [ 29.567632] kunit_try_run_case+0x1b3/0x490 [ 29.568236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.568774] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.569540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.570132] ? __kthread_parkme+0x82/0x160 [ 29.570674] ? preempt_count_sub+0x50/0x80 [ 29.571468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.571848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.572607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.573251] kthread+0x257/0x310 [ 29.573776] ? __pfx_kthread+0x10/0x10 [ 29.574455] ret_from_fork+0x41/0x80 [ 29.574948] ? __pfx_kthread+0x10/0x10 [ 29.575832] ret_from_fork_asm+0x1a/0x30 [ 29.576483] </TASK> [ 29.576747] [ 29.577159] Allocated by task 273: [ 29.577466] kasan_save_stack+0x3d/0x60 [ 29.577900] kasan_save_track+0x18/0x40 [ 29.578434] kasan_save_alloc_info+0x3b/0x50 [ 29.578957] __kasan_kmalloc+0xb7/0xc0 [ 29.579251] __kmalloc_cache_noprof+0x184/0x410 [ 29.580183] kasan_atomics+0x96/0x310 [ 29.580756] kunit_try_run_case+0x1b3/0x490 [ 29.581266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.581957] kthread+0x257/0x310 [ 29.582395] ret_from_fork+0x41/0x80 [ 29.583575] ret_from_fork_asm+0x1a/0x30 [ 29.584072] [ 29.584302] The buggy address belongs to the object at ffff888101aba780 [ 29.584302] which belongs to the cache kmalloc-64 of size 64 [ 29.585657] The buggy address is located 0 bytes to the right of [ 29.585657] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.587427] [ 29.587702] The buggy address belongs to the physical page: [ 29.588402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.589329] flags: 0x200000000000000(node=0|zone=2) [ 29.589948] page_type: f5(slab) [ 29.590583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.591326] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.592232] page dumped because: kasan: bad access detected [ 29.592964] [ 29.593559] Memory state around the buggy address: [ 29.594090] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.594901] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.596055] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.597352] ^ [ 29.597854] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.598895] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.599712] ================================================================== [ 29.802635] ================================================================== [ 29.803171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 29.804087] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.804517] [ 29.804682] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.806745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.807168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.808060] Call Trace: [ 29.808259] <TASK> [ 29.808771] dump_stack_lvl+0x73/0xb0 [ 29.809294] print_report+0xd1/0x640 [ 29.809648] ? __virt_addr_valid+0x1db/0x2d0 [ 29.810874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.811258] kasan_report+0x102/0x140 [ 29.811906] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.812751] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.813391] __asan_report_load4_noabort+0x18/0x20 [ 29.814078] kasan_atomics_helper+0x4b56/0x5450 [ 29.814610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.814941] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.815678] ? kasan_atomics+0x153/0x310 [ 29.816245] kasan_atomics+0x1dd/0x310 [ 29.816782] ? __pfx_kasan_atomics+0x10/0x10 [ 29.817570] ? __pfx_read_tsc+0x10/0x10 [ 29.818255] ? ktime_get_ts64+0x84/0x230 [ 29.818703] kunit_try_run_case+0x1b3/0x490 [ 29.819310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.819757] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.820416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.820874] ? __kthread_parkme+0x82/0x160 [ 29.821639] ? preempt_count_sub+0x50/0x80 [ 29.822210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.822664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.823529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.823955] kthread+0x257/0x310 [ 29.824777] ? __pfx_kthread+0x10/0x10 [ 29.825541] ret_from_fork+0x41/0x80 [ 29.825881] ? __pfx_kthread+0x10/0x10 [ 29.826446] ret_from_fork_asm+0x1a/0x30 [ 29.826891] </TASK> [ 29.827408] [ 29.827577] Allocated by task 273: [ 29.827917] kasan_save_stack+0x3d/0x60 [ 29.828433] kasan_save_track+0x18/0x40 [ 29.828795] kasan_save_alloc_info+0x3b/0x50 [ 29.829232] __kasan_kmalloc+0xb7/0xc0 [ 29.829840] __kmalloc_cache_noprof+0x184/0x410 [ 29.830802] kasan_atomics+0x96/0x310 [ 29.831284] kunit_try_run_case+0x1b3/0x490 [ 29.832026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.832905] kthread+0x257/0x310 [ 29.833340] ret_from_fork+0x41/0x80 [ 29.834151] ret_from_fork_asm+0x1a/0x30 [ 29.834558] [ 29.835046] The buggy address belongs to the object at ffff888101aba780 [ 29.835046] which belongs to the cache kmalloc-64 of size 64 [ 29.836441] The buggy address is located 0 bytes to the right of [ 29.836441] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.837872] [ 29.838094] The buggy address belongs to the physical page: [ 29.839101] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.839762] flags: 0x200000000000000(node=0|zone=2) [ 29.840405] page_type: f5(slab) [ 29.840944] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.842165] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.842788] page dumped because: kasan: bad access detected [ 29.843454] [ 29.843790] Memory state around the buggy address: [ 29.844531] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.845687] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.846649] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.847140] ^ [ 29.847730] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.848458] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.849578] ================================================================== [ 31.322225] ================================================================== [ 31.323303] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 31.323855] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.324297] [ 31.324555] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.325761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.326086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.327122] Call Trace: [ 31.327469] <TASK> [ 31.327685] dump_stack_lvl+0x73/0xb0 [ 31.327975] print_report+0xd1/0x640 [ 31.328540] ? __virt_addr_valid+0x1db/0x2d0 [ 31.329113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.329580] kasan_report+0x102/0x140 [ 31.330120] ? kasan_atomics_helper+0x50d6/0x5450 [ 31.330654] ? kasan_atomics_helper+0x50d6/0x5450 [ 31.331254] __asan_report_store8_noabort+0x1b/0x30 [ 31.331781] kasan_atomics_helper+0x50d6/0x5450 [ 31.332344] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.332893] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.333469] ? kasan_atomics+0x153/0x310 [ 31.333947] kasan_atomics+0x1dd/0x310 [ 31.334515] ? __pfx_kasan_atomics+0x10/0x10 [ 31.334946] ? __pfx_read_tsc+0x10/0x10 [ 31.336178] ? ktime_get_ts64+0x84/0x230 [ 31.336650] kunit_try_run_case+0x1b3/0x490 [ 31.337084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.338539] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.338977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.339501] ? __kthread_parkme+0x82/0x160 [ 31.339898] ? preempt_count_sub+0x50/0x80 [ 31.340314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.340768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.341374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.341773] kthread+0x257/0x310 [ 31.342433] ? __pfx_kthread+0x10/0x10 [ 31.343052] ret_from_fork+0x41/0x80 [ 31.343663] ? __pfx_kthread+0x10/0x10 [ 31.344194] ret_from_fork_asm+0x1a/0x30 [ 31.344693] </TASK> [ 31.345155] [ 31.345328] Allocated by task 273: [ 31.345570] kasan_save_stack+0x3d/0x60 [ 31.346286] kasan_save_track+0x18/0x40 [ 31.346790] kasan_save_alloc_info+0x3b/0x50 [ 31.347380] __kasan_kmalloc+0xb7/0xc0 [ 31.347777] __kmalloc_cache_noprof+0x184/0x410 [ 31.348255] kasan_atomics+0x96/0x310 [ 31.348641] kunit_try_run_case+0x1b3/0x490 [ 31.349234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.349781] kthread+0x257/0x310 [ 31.350272] ret_from_fork+0x41/0x80 [ 31.350633] ret_from_fork_asm+0x1a/0x30 [ 31.350964] [ 31.351304] The buggy address belongs to the object at ffff888101aba780 [ 31.351304] which belongs to the cache kmalloc-64 of size 64 [ 31.352502] The buggy address is located 0 bytes to the right of [ 31.352502] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.353743] [ 31.354064] The buggy address belongs to the physical page: [ 31.354650] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.355325] flags: 0x200000000000000(node=0|zone=2) [ 31.355915] page_type: f5(slab) [ 31.356395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.357191] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.357913] page dumped because: kasan: bad access detected [ 31.358413] [ 31.358571] Memory state around the buggy address: [ 31.359231] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.359901] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.360741] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.361365] ^ [ 31.361844] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.362586] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.363312] ================================================================== [ 29.956578] ================================================================== [ 29.957307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 29.958237] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.959020] [ 29.959191] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.960883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.961197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.962251] Call Trace: [ 29.962792] <TASK> [ 29.963437] dump_stack_lvl+0x73/0xb0 [ 29.963798] print_report+0xd1/0x640 [ 29.964458] ? __virt_addr_valid+0x1db/0x2d0 [ 29.965051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.965659] kasan_report+0x102/0x140 [ 29.966236] ? kasan_atomics_helper+0x566/0x5450 [ 29.967337] ? kasan_atomics_helper+0x566/0x5450 [ 29.967952] kasan_check_range+0x10c/0x1c0 [ 29.968565] __kasan_check_write+0x18/0x20 [ 29.969065] kasan_atomics_helper+0x566/0x5450 [ 29.969834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.970527] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.971189] ? kasan_atomics+0x153/0x310 [ 29.971705] kasan_atomics+0x1dd/0x310 [ 29.972473] ? __pfx_kasan_atomics+0x10/0x10 [ 29.973372] ? __pfx_read_tsc+0x10/0x10 [ 29.973935] ? ktime_get_ts64+0x84/0x230 [ 29.974609] kunit_try_run_case+0x1b3/0x490 [ 29.975293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.976006] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.976682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.977579] ? __kthread_parkme+0x82/0x160 [ 29.978068] ? preempt_count_sub+0x50/0x80 [ 29.978527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.979248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.979853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.981079] kthread+0x257/0x310 [ 29.981395] ? __pfx_kthread+0x10/0x10 [ 29.981605] ret_from_fork+0x41/0x80 [ 29.981785] ? __pfx_kthread+0x10/0x10 [ 29.983099] ret_from_fork_asm+0x1a/0x30 [ 29.983804] </TASK> [ 29.984083] [ 29.984423] Allocated by task 273: [ 29.985147] kasan_save_stack+0x3d/0x60 [ 29.986292] kasan_save_track+0x18/0x40 [ 29.987302] kasan_save_alloc_info+0x3b/0x50 [ 29.987740] __kasan_kmalloc+0xb7/0xc0 [ 29.988774] __kmalloc_cache_noprof+0x184/0x410 [ 29.989531] kasan_atomics+0x96/0x310 [ 29.989932] kunit_try_run_case+0x1b3/0x490 [ 29.991268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.991899] kthread+0x257/0x310 [ 29.992646] ret_from_fork+0x41/0x80 [ 29.993483] ret_from_fork_asm+0x1a/0x30 [ 29.993869] [ 29.994590] The buggy address belongs to the object at ffff888101aba780 [ 29.994590] which belongs to the cache kmalloc-64 of size 64 [ 29.996036] The buggy address is located 0 bytes to the right of [ 29.996036] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.997259] [ 29.997789] The buggy address belongs to the physical page: [ 29.998463] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.999465] flags: 0x200000000000000(node=0|zone=2) [ 29.999965] page_type: f5(slab) [ 30.000259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.001189] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.002649] page dumped because: kasan: bad access detected [ 30.003219] [ 30.003589] Memory state around the buggy address: [ 30.004104] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.005301] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.005908] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.006598] ^ [ 30.007443] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.008283] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.008853] ================================================================== [ 30.469849] ================================================================== [ 30.470605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 30.471345] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.471943] [ 30.472251] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.472864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.473352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.473959] Call Trace: [ 30.474223] <TASK> [ 30.474540] dump_stack_lvl+0x73/0xb0 [ 30.475052] print_report+0xd1/0x640 [ 30.475516] ? __virt_addr_valid+0x1db/0x2d0 [ 30.476084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.476463] kasan_report+0x102/0x140 [ 30.476936] ? kasan_atomics_helper+0xc71/0x5450 [ 30.477526] ? kasan_atomics_helper+0xc71/0x5450 [ 30.477979] kasan_check_range+0x10c/0x1c0 [ 30.478481] __kasan_check_write+0x18/0x20 [ 30.478911] kasan_atomics_helper+0xc71/0x5450 [ 30.479297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.479897] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.480407] ? kasan_atomics+0x153/0x310 [ 30.480742] kasan_atomics+0x1dd/0x310 [ 30.481290] ? __pfx_kasan_atomics+0x10/0x10 [ 30.481752] ? __pfx_read_tsc+0x10/0x10 [ 30.482161] ? ktime_get_ts64+0x84/0x230 [ 30.482480] kunit_try_run_case+0x1b3/0x490 [ 30.483067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.483613] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.484195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.484555] ? __kthread_parkme+0x82/0x160 [ 30.484852] ? preempt_count_sub+0x50/0x80 [ 30.485395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.485953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.486685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.487329] kthread+0x257/0x310 [ 30.487623] ? __pfx_kthread+0x10/0x10 [ 30.488122] ret_from_fork+0x41/0x80 [ 30.488405] ? __pfx_kthread+0x10/0x10 [ 30.488687] ret_from_fork_asm+0x1a/0x30 [ 30.489265] </TASK> [ 30.489559] [ 30.489804] Allocated by task 273: [ 30.490117] kasan_save_stack+0x3d/0x60 [ 30.490409] kasan_save_track+0x18/0x40 [ 30.490883] kasan_save_alloc_info+0x3b/0x50 [ 30.491506] __kasan_kmalloc+0xb7/0xc0 [ 30.491934] __kmalloc_cache_noprof+0x184/0x410 [ 30.492331] kasan_atomics+0x96/0x310 [ 30.492613] kunit_try_run_case+0x1b3/0x490 [ 30.493180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.493780] kthread+0x257/0x310 [ 30.494273] ret_from_fork+0x41/0x80 [ 30.494582] ret_from_fork_asm+0x1a/0x30 [ 30.494873] [ 30.495099] The buggy address belongs to the object at ffff888101aba780 [ 30.495099] which belongs to the cache kmalloc-64 of size 64 [ 30.496470] The buggy address is located 0 bytes to the right of [ 30.496470] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.497520] [ 30.497693] The buggy address belongs to the physical page: [ 30.498228] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.498901] flags: 0x200000000000000(node=0|zone=2) [ 30.499415] page_type: f5(slab) [ 30.499747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.500449] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.500978] page dumped because: kasan: bad access detected [ 30.501376] [ 30.501641] Memory state around the buggy address: [ 30.502261] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.502793] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.503584] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.504337] ^ [ 30.504801] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.505442] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.506259] ================================================================== [ 30.507044] ================================================================== [ 30.507784] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 30.509705] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.511088] [ 30.511344] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.512136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.512512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.513299] Call Trace: [ 30.513548] <TASK> [ 30.513880] dump_stack_lvl+0x73/0xb0 [ 30.514409] print_report+0xd1/0x640 [ 30.514771] ? __virt_addr_valid+0x1db/0x2d0 [ 30.515251] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.515759] kasan_report+0x102/0x140 [ 30.516410] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.516767] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.517313] __asan_report_load4_noabort+0x18/0x20 [ 30.518127] kasan_atomics_helper+0x4a86/0x5450 [ 30.518610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.519081] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.519479] ? kasan_atomics+0x153/0x310 [ 30.520085] kasan_atomics+0x1dd/0x310 [ 30.520630] ? __pfx_kasan_atomics+0x10/0x10 [ 30.521303] ? __pfx_read_tsc+0x10/0x10 [ 30.521672] ? ktime_get_ts64+0x84/0x230 [ 30.522350] kunit_try_run_case+0x1b3/0x490 [ 30.522937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.523517] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.524061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.524742] ? __kthread_parkme+0x82/0x160 [ 30.525482] ? preempt_count_sub+0x50/0x80 [ 30.525946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.526659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.527573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.528140] kthread+0x257/0x310 [ 30.528585] ? __pfx_kthread+0x10/0x10 [ 30.529014] ret_from_fork+0x41/0x80 [ 30.529528] ? __pfx_kthread+0x10/0x10 [ 30.529924] ret_from_fork_asm+0x1a/0x30 [ 30.530615] </TASK> [ 30.530912] [ 30.531321] Allocated by task 273: [ 30.531636] kasan_save_stack+0x3d/0x60 [ 30.532403] kasan_save_track+0x18/0x40 [ 30.532799] kasan_save_alloc_info+0x3b/0x50 [ 30.533655] __kasan_kmalloc+0xb7/0xc0 [ 30.534263] __kmalloc_cache_noprof+0x184/0x410 [ 30.534796] kasan_atomics+0x96/0x310 [ 30.535177] kunit_try_run_case+0x1b3/0x490 [ 30.535625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.536295] kthread+0x257/0x310 [ 30.536813] ret_from_fork+0x41/0x80 [ 30.537471] ret_from_fork_asm+0x1a/0x30 [ 30.537960] [ 30.538327] The buggy address belongs to the object at ffff888101aba780 [ 30.538327] which belongs to the cache kmalloc-64 of size 64 [ 30.539589] The buggy address is located 0 bytes to the right of [ 30.539589] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.540854] [ 30.541227] The buggy address belongs to the physical page: [ 30.541855] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.542839] flags: 0x200000000000000(node=0|zone=2) [ 30.543488] page_type: f5(slab) [ 30.543911] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.544842] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.545706] page dumped because: kasan: bad access detected [ 30.546364] [ 30.546686] Memory state around the buggy address: [ 30.547289] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.548016] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.548845] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.549639] ^ [ 30.550268] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.550924] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.551771] ================================================================== [ 31.696467] ================================================================== [ 31.697508] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 31.698118] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.698936] [ 31.699216] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.700202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.700618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.701670] Call Trace: [ 31.701967] <TASK> [ 31.702365] dump_stack_lvl+0x73/0xb0 [ 31.702814] print_report+0xd1/0x640 [ 31.703370] ? __virt_addr_valid+0x1db/0x2d0 [ 31.703825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.704464] kasan_report+0x102/0x140 [ 31.704902] ? kasan_atomics_helper+0x194b/0x5450 [ 31.705785] ? kasan_atomics_helper+0x194b/0x5450 [ 31.706571] kasan_check_range+0x10c/0x1c0 [ 31.707097] __kasan_check_write+0x18/0x20 [ 31.707643] kasan_atomics_helper+0x194b/0x5450 [ 31.708320] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.708691] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.709392] ? kasan_atomics+0x153/0x310 [ 31.709884] kasan_atomics+0x1dd/0x310 [ 31.710402] ? __pfx_kasan_atomics+0x10/0x10 [ 31.711208] ? __pfx_read_tsc+0x10/0x10 [ 31.711763] ? ktime_get_ts64+0x84/0x230 [ 31.712236] kunit_try_run_case+0x1b3/0x490 [ 31.712838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.713630] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.714106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.714655] ? __kthread_parkme+0x82/0x160 [ 31.715236] ? preempt_count_sub+0x50/0x80 [ 31.715558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.715889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.716677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.717296] kthread+0x257/0x310 [ 31.717563] ? __pfx_kthread+0x10/0x10 [ 31.718190] ret_from_fork+0x41/0x80 [ 31.718779] ? __pfx_kthread+0x10/0x10 [ 31.719335] ret_from_fork_asm+0x1a/0x30 [ 31.719797] </TASK> [ 31.720122] [ 31.720367] Allocated by task 273: [ 31.720660] kasan_save_stack+0x3d/0x60 [ 31.720945] kasan_save_track+0x18/0x40 [ 31.721252] kasan_save_alloc_info+0x3b/0x50 [ 31.722080] __kasan_kmalloc+0xb7/0xc0 [ 31.722593] __kmalloc_cache_noprof+0x184/0x410 [ 31.723144] kasan_atomics+0x96/0x310 [ 31.723426] kunit_try_run_case+0x1b3/0x490 [ 31.724031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.724624] kthread+0x257/0x310 [ 31.725092] ret_from_fork+0x41/0x80 [ 31.725482] ret_from_fork_asm+0x1a/0x30 [ 31.725921] [ 31.726359] The buggy address belongs to the object at ffff888101aba780 [ 31.726359] which belongs to the cache kmalloc-64 of size 64 [ 31.727538] The buggy address is located 0 bytes to the right of [ 31.727538] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.728808] [ 31.729077] The buggy address belongs to the physical page: [ 31.729571] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.730058] flags: 0x200000000000000(node=0|zone=2) [ 31.730717] page_type: f5(slab) [ 31.731286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.731791] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.732851] page dumped because: kasan: bad access detected [ 31.733464] [ 31.733740] Memory state around the buggy address: [ 31.734382] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.735070] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.735784] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.736716] ^ [ 31.737124] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.738404] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.739121] ================================================================== [ 31.273294] ================================================================== [ 31.274577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 31.275695] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.276939] [ 31.277596] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.278739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.279863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.281085] Call Trace: [ 31.281368] <TASK> [ 31.281626] dump_stack_lvl+0x73/0xb0 [ 31.282730] print_report+0xd1/0x640 [ 31.283477] ? __virt_addr_valid+0x1db/0x2d0 [ 31.283899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.284704] kasan_report+0x102/0x140 [ 31.285557] ? kasan_atomics_helper+0x1468/0x5450 [ 31.286296] ? kasan_atomics_helper+0x1468/0x5450 [ 31.286814] kasan_check_range+0x10c/0x1c0 [ 31.287718] __kasan_check_write+0x18/0x20 [ 31.288127] kasan_atomics_helper+0x1468/0x5450 [ 31.288841] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.289528] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.290263] ? kasan_atomics+0x153/0x310 [ 31.290701] kasan_atomics+0x1dd/0x310 [ 31.291102] ? __pfx_kasan_atomics+0x10/0x10 [ 31.292324] ? __pfx_read_tsc+0x10/0x10 [ 31.292934] ? ktime_get_ts64+0x84/0x230 [ 31.293599] kunit_try_run_case+0x1b3/0x490 [ 31.294393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.294889] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.295744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.296561] ? __kthread_parkme+0x82/0x160 [ 31.296976] ? preempt_count_sub+0x50/0x80 [ 31.297729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.298621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.299535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.300041] kthread+0x257/0x310 [ 31.300555] ? __pfx_kthread+0x10/0x10 [ 31.301310] ret_from_fork+0x41/0x80 [ 31.301781] ? __pfx_kthread+0x10/0x10 [ 31.302442] ret_from_fork_asm+0x1a/0x30 [ 31.303171] </TASK> [ 31.303370] [ 31.303598] Allocated by task 273: [ 31.304378] kasan_save_stack+0x3d/0x60 [ 31.304788] kasan_save_track+0x18/0x40 [ 31.305754] kasan_save_alloc_info+0x3b/0x50 [ 31.306250] __kasan_kmalloc+0xb7/0xc0 [ 31.306551] __kmalloc_cache_noprof+0x184/0x410 [ 31.307133] kasan_atomics+0x96/0x310 [ 31.307447] kunit_try_run_case+0x1b3/0x490 [ 31.307921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.308596] kthread+0x257/0x310 [ 31.308961] ret_from_fork+0x41/0x80 [ 31.309320] ret_from_fork_asm+0x1a/0x30 [ 31.309750] [ 31.310092] The buggy address belongs to the object at ffff888101aba780 [ 31.310092] which belongs to the cache kmalloc-64 of size 64 [ 31.311282] The buggy address is located 0 bytes to the right of [ 31.311282] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.312246] [ 31.312407] The buggy address belongs to the physical page: [ 31.313077] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.313960] flags: 0x200000000000000(node=0|zone=2) [ 31.314453] page_type: f5(slab) [ 31.314804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.315566] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.316230] page dumped because: kasan: bad access detected [ 31.316776] [ 31.317105] Memory state around the buggy address: [ 31.317497] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.318131] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.319076] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.319608] ^ [ 31.320057] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.320716] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.321446] ================================================================== [ 31.228876] ================================================================== [ 31.229760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 31.230637] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.231135] [ 31.231308] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.232727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.233019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.234397] Call Trace: [ 31.234697] <TASK> [ 31.235140] dump_stack_lvl+0x73/0xb0 [ 31.235483] print_report+0xd1/0x640 [ 31.236094] ? __virt_addr_valid+0x1db/0x2d0 [ 31.236488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.237156] kasan_report+0x102/0x140 [ 31.237560] ? kasan_atomics_helper+0x4eb0/0x5450 [ 31.237897] ? kasan_atomics_helper+0x4eb0/0x5450 [ 31.238791] __asan_report_load8_noabort+0x18/0x20 [ 31.239304] kasan_atomics_helper+0x4eb0/0x5450 [ 31.239858] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.240606] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.241139] ? kasan_atomics+0x153/0x310 [ 31.241629] kasan_atomics+0x1dd/0x310 [ 31.242196] ? __pfx_kasan_atomics+0x10/0x10 [ 31.242529] ? __pfx_read_tsc+0x10/0x10 [ 31.243284] ? ktime_get_ts64+0x84/0x230 [ 31.243902] kunit_try_run_case+0x1b3/0x490 [ 31.244440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.244970] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.245613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.246138] ? __kthread_parkme+0x82/0x160 [ 31.246756] ? preempt_count_sub+0x50/0x80 [ 31.247207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.247794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.248562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.249430] kthread+0x257/0x310 [ 31.249855] ? __pfx_kthread+0x10/0x10 [ 31.250319] ret_from_fork+0x41/0x80 [ 31.250658] ? __pfx_kthread+0x10/0x10 [ 31.251430] ret_from_fork_asm+0x1a/0x30 [ 31.251776] </TASK> [ 31.252103] [ 31.252455] Allocated by task 273: [ 31.252868] kasan_save_stack+0x3d/0x60 [ 31.253381] kasan_save_track+0x18/0x40 [ 31.253744] kasan_save_alloc_info+0x3b/0x50 [ 31.254398] __kasan_kmalloc+0xb7/0xc0 [ 31.254875] __kmalloc_cache_noprof+0x184/0x410 [ 31.255204] kasan_atomics+0x96/0x310 [ 31.255882] kunit_try_run_case+0x1b3/0x490 [ 31.256422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.256888] kthread+0x257/0x310 [ 31.257583] ret_from_fork+0x41/0x80 [ 31.257974] ret_from_fork_asm+0x1a/0x30 [ 31.258534] [ 31.258768] The buggy address belongs to the object at ffff888101aba780 [ 31.258768] which belongs to the cache kmalloc-64 of size 64 [ 31.259891] The buggy address is located 0 bytes to the right of [ 31.259891] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.260934] [ 31.261360] The buggy address belongs to the physical page: [ 31.262086] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.262807] flags: 0x200000000000000(node=0|zone=2) [ 31.263565] page_type: f5(slab) [ 31.263940] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.264662] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.265647] page dumped because: kasan: bad access detected [ 31.266243] [ 31.266603] Memory state around the buggy address: [ 31.267084] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.267640] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.268518] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.269220] ^ [ 31.269651] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.270380] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.271068] ================================================================== [ 30.831413] ================================================================== [ 30.833331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 30.834029] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.834460] [ 30.834716] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.836500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.836954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.838249] Call Trace: [ 30.838472] <TASK> [ 30.838822] dump_stack_lvl+0x73/0xb0 [ 30.839643] print_report+0xd1/0x640 [ 30.839959] ? __virt_addr_valid+0x1db/0x2d0 [ 30.840722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.841216] kasan_report+0x102/0x140 [ 30.842019] ? kasan_atomics_helper+0x107a/0x5450 [ 30.842424] ? kasan_atomics_helper+0x107a/0x5450 [ 30.843052] kasan_check_range+0x10c/0x1c0 [ 30.843538] __kasan_check_write+0x18/0x20 [ 30.844041] kasan_atomics_helper+0x107a/0x5450 [ 30.844496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.845159] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.845947] ? kasan_atomics+0x153/0x310 [ 30.846670] kasan_atomics+0x1dd/0x310 [ 30.847400] ? __pfx_kasan_atomics+0x10/0x10 [ 30.847893] ? __pfx_read_tsc+0x10/0x10 [ 30.848237] ? ktime_get_ts64+0x84/0x230 [ 30.848771] kunit_try_run_case+0x1b3/0x490 [ 30.849263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.850433] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.851025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.851948] ? __kthread_parkme+0x82/0x160 [ 30.852575] ? preempt_count_sub+0x50/0x80 [ 30.853263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.853924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.855201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.855694] kthread+0x257/0x310 [ 30.856443] ? __pfx_kthread+0x10/0x10 [ 30.857020] ret_from_fork+0x41/0x80 [ 30.857697] ? __pfx_kthread+0x10/0x10 [ 30.858371] ret_from_fork_asm+0x1a/0x30 [ 30.859011] </TASK> [ 30.859740] [ 30.859933] Allocated by task 273: [ 30.860207] kasan_save_stack+0x3d/0x60 [ 30.861028] kasan_save_track+0x18/0x40 [ 30.861653] kasan_save_alloc_info+0x3b/0x50 [ 30.862541] __kasan_kmalloc+0xb7/0xc0 [ 30.863141] __kmalloc_cache_noprof+0x184/0x410 [ 30.863857] kasan_atomics+0x96/0x310 [ 30.864439] kunit_try_run_case+0x1b3/0x490 [ 30.864777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.865587] kthread+0x257/0x310 [ 30.865858] ret_from_fork+0x41/0x80 [ 30.866758] ret_from_fork_asm+0x1a/0x30 [ 30.867336] [ 30.867554] The buggy address belongs to the object at ffff888101aba780 [ 30.867554] which belongs to the cache kmalloc-64 of size 64 [ 30.869416] The buggy address is located 0 bytes to the right of [ 30.869416] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.870657] [ 30.871251] The buggy address belongs to the physical page: [ 30.871801] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.872938] flags: 0x200000000000000(node=0|zone=2) [ 30.873399] page_type: f5(slab) [ 30.873860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.874482] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.875318] page dumped because: kasan: bad access detected [ 30.875817] [ 30.876135] Memory state around the buggy address: [ 30.876637] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.877557] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.878242] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.879078] ^ [ 30.879471] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.880109] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.880772] ================================================================== [ 31.008757] ================================================================== [ 31.009623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 31.010600] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.011597] [ 31.011770] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.013123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.013626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.014494] Call Trace: [ 31.015013] <TASK> [ 31.015295] dump_stack_lvl+0x73/0xb0 [ 31.015591] print_report+0xd1/0x640 [ 31.015875] ? __virt_addr_valid+0x1db/0x2d0 [ 31.016524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.017212] kasan_report+0x102/0x140 [ 31.017862] ? kasan_atomics_helper+0x1218/0x5450 [ 31.018625] ? kasan_atomics_helper+0x1218/0x5450 [ 31.018973] kasan_check_range+0x10c/0x1c0 [ 31.019310] __kasan_check_write+0x18/0x20 [ 31.019820] kasan_atomics_helper+0x1218/0x5450 [ 31.020517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.021081] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.021849] ? kasan_atomics+0x153/0x310 [ 31.022555] kasan_atomics+0x1dd/0x310 [ 31.023106] ? __pfx_kasan_atomics+0x10/0x10 [ 31.023479] ? __pfx_read_tsc+0x10/0x10 [ 31.023768] ? ktime_get_ts64+0x84/0x230 [ 31.024095] kunit_try_run_case+0x1b3/0x490 [ 31.024701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.025370] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.025970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.026693] ? __kthread_parkme+0x82/0x160 [ 31.027271] ? preempt_count_sub+0x50/0x80 [ 31.027631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.027961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.028824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.029714] kthread+0x257/0x310 [ 31.030089] ? __pfx_kthread+0x10/0x10 [ 31.030741] ret_from_fork+0x41/0x80 [ 31.031122] ? __pfx_kthread+0x10/0x10 [ 31.031625] ret_from_fork_asm+0x1a/0x30 [ 31.032822] </TASK> [ 31.033098] [ 31.033250] Allocated by task 273: [ 31.033935] kasan_save_stack+0x3d/0x60 [ 31.034290] kasan_save_track+0x18/0x40 [ 31.034941] kasan_save_alloc_info+0x3b/0x50 [ 31.035717] __kasan_kmalloc+0xb7/0xc0 [ 31.035974] __kmalloc_cache_noprof+0x184/0x410 [ 31.036740] kasan_atomics+0x96/0x310 [ 31.037268] kunit_try_run_case+0x1b3/0x490 [ 31.037648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.038315] kthread+0x257/0x310 [ 31.038581] ret_from_fork+0x41/0x80 [ 31.039263] ret_from_fork_asm+0x1a/0x30 [ 31.039859] [ 31.040163] The buggy address belongs to the object at ffff888101aba780 [ 31.040163] which belongs to the cache kmalloc-64 of size 64 [ 31.041595] The buggy address is located 0 bytes to the right of [ 31.041595] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.042917] [ 31.043357] The buggy address belongs to the physical page: [ 31.043908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.044740] flags: 0x200000000000000(node=0|zone=2) [ 31.045388] page_type: f5(slab) [ 31.045553] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.045843] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.046480] page dumped because: kasan: bad access detected [ 31.046924] [ 31.047216] Memory state around the buggy address: [ 31.047671] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.048275] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.048786] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.049667] ^ [ 31.050221] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.050924] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.051499] ================================================================== [ 30.010201] ================================================================== [ 30.011199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 30.012395] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.013143] [ 30.013318] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.014836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.015537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.016619] Call Trace: [ 30.016832] <TASK> [ 30.017047] dump_stack_lvl+0x73/0xb0 [ 30.017616] print_report+0xd1/0x640 [ 30.018270] ? __virt_addr_valid+0x1db/0x2d0 [ 30.019255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.019726] kasan_report+0x102/0x140 [ 30.020247] ? kasan_atomics_helper+0x5ff/0x5450 [ 30.020751] ? kasan_atomics_helper+0x5ff/0x5450 [ 30.021476] kasan_check_range+0x10c/0x1c0 [ 30.022422] __kasan_check_write+0x18/0x20 [ 30.023371] kasan_atomics_helper+0x5ff/0x5450 [ 30.023914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.024580] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.025285] ? kasan_atomics+0x153/0x310 [ 30.026197] kasan_atomics+0x1dd/0x310 [ 30.026614] ? __pfx_kasan_atomics+0x10/0x10 [ 30.027419] ? __pfx_read_tsc+0x10/0x10 [ 30.027765] ? ktime_get_ts64+0x84/0x230 [ 30.028427] kunit_try_run_case+0x1b3/0x490 [ 30.029094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.029848] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.030596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.031466] ? __kthread_parkme+0x82/0x160 [ 30.031897] ? preempt_count_sub+0x50/0x80 [ 30.032624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.033049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.033635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.034553] kthread+0x257/0x310 [ 30.035336] ? __pfx_kthread+0x10/0x10 [ 30.036126] ret_from_fork+0x41/0x80 [ 30.036563] ? __pfx_kthread+0x10/0x10 [ 30.037169] ret_from_fork_asm+0x1a/0x30 [ 30.037604] </TASK> [ 30.038075] [ 30.038259] Allocated by task 273: [ 30.038877] kasan_save_stack+0x3d/0x60 [ 30.039240] kasan_save_track+0x18/0x40 [ 30.040195] kasan_save_alloc_info+0x3b/0x50 [ 30.040528] __kasan_kmalloc+0xb7/0xc0 [ 30.041115] __kmalloc_cache_noprof+0x184/0x410 [ 30.041583] kasan_atomics+0x96/0x310 [ 30.042296] kunit_try_run_case+0x1b3/0x490 [ 30.042735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.043440] kthread+0x257/0x310 [ 30.043741] ret_from_fork+0x41/0x80 [ 30.044312] ret_from_fork_asm+0x1a/0x30 [ 30.045009] [ 30.045522] The buggy address belongs to the object at ffff888101aba780 [ 30.045522] which belongs to the cache kmalloc-64 of size 64 [ 30.046790] The buggy address is located 0 bytes to the right of [ 30.046790] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.047908] [ 30.048178] The buggy address belongs to the physical page: [ 30.049332] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.050156] flags: 0x200000000000000(node=0|zone=2) [ 30.050663] page_type: f5(slab) [ 30.050910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.051822] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.052825] page dumped because: kasan: bad access detected [ 30.053467] [ 30.053644] Memory state around the buggy address: [ 30.054289] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.055148] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.055858] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.056946] ^ [ 30.057528] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.058562] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.059236] ================================================================== [ 30.881819] ================================================================== [ 30.882331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 30.883105] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.883842] [ 30.884039] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.885207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.886048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.886852] Call Trace: [ 30.887113] <TASK> [ 30.887469] dump_stack_lvl+0x73/0xb0 [ 30.887969] print_report+0xd1/0x640 [ 30.888549] ? __virt_addr_valid+0x1db/0x2d0 [ 30.888906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.889719] kasan_report+0x102/0x140 [ 30.890264] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.890643] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.891010] __asan_report_load4_noabort+0x18/0x20 [ 30.891713] kasan_atomics_helper+0x4a1e/0x5450 [ 30.892368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.892961] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.893443] ? kasan_atomics+0x153/0x310 [ 30.893965] kasan_atomics+0x1dd/0x310 [ 30.894323] ? __pfx_kasan_atomics+0x10/0x10 [ 30.894779] ? __pfx_read_tsc+0x10/0x10 [ 30.895453] ? ktime_get_ts64+0x84/0x230 [ 30.895844] kunit_try_run_case+0x1b3/0x490 [ 30.896350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.896953] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.897572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.898146] ? __kthread_parkme+0x82/0x160 [ 30.898500] ? preempt_count_sub+0x50/0x80 [ 30.899001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.899449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.900306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.900846] kthread+0x257/0x310 [ 30.901134] ? __pfx_kthread+0x10/0x10 [ 30.901699] ret_from_fork+0x41/0x80 [ 30.902286] ? __pfx_kthread+0x10/0x10 [ 30.902639] ret_from_fork_asm+0x1a/0x30 [ 30.904470] </TASK> [ 30.904787] [ 30.905066] Allocated by task 273: [ 30.905424] kasan_save_stack+0x3d/0x60 [ 30.905797] kasan_save_track+0x18/0x40 [ 30.906200] kasan_save_alloc_info+0x3b/0x50 [ 30.906583] __kasan_kmalloc+0xb7/0xc0 [ 30.907270] __kmalloc_cache_noprof+0x184/0x410 [ 30.907978] kasan_atomics+0x96/0x310 [ 30.908755] kunit_try_run_case+0x1b3/0x490 [ 30.909522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.909888] kthread+0x257/0x310 [ 30.910415] ret_from_fork+0x41/0x80 [ 30.910874] ret_from_fork_asm+0x1a/0x30 [ 30.911394] [ 30.911621] The buggy address belongs to the object at ffff888101aba780 [ 30.911621] which belongs to the cache kmalloc-64 of size 64 [ 30.912654] The buggy address is located 0 bytes to the right of [ 30.912654] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.913764] [ 30.914121] The buggy address belongs to the physical page: [ 30.914580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.915524] flags: 0x200000000000000(node=0|zone=2) [ 30.916120] page_type: f5(slab) [ 30.916410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.917210] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.917775] page dumped because: kasan: bad access detected [ 30.918385] [ 30.918677] Memory state around the buggy address: [ 30.919201] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.919872] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.920525] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.921197] ^ [ 30.921798] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.922463] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.923269] ================================================================== [ 31.454289] ================================================================== [ 31.455292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 31.456182] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.457482] [ 31.457795] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.459639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.460437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.461378] Call Trace: [ 31.461631] <TASK> [ 31.461896] dump_stack_lvl+0x73/0xb0 [ 31.462779] print_report+0xd1/0x640 [ 31.463556] ? __virt_addr_valid+0x1db/0x2d0 [ 31.464015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.464650] kasan_report+0x102/0x140 [ 31.465671] ? kasan_atomics_helper+0x1650/0x5450 [ 31.466429] ? kasan_atomics_helper+0x1650/0x5450 [ 31.466945] kasan_check_range+0x10c/0x1c0 [ 31.467525] __kasan_check_write+0x18/0x20 [ 31.468016] kasan_atomics_helper+0x1650/0x5450 [ 31.468858] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.469456] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.470605] ? kasan_atomics+0x153/0x310 [ 31.471017] kasan_atomics+0x1dd/0x310 [ 31.471902] ? __pfx_kasan_atomics+0x10/0x10 [ 31.472535] ? __pfx_read_tsc+0x10/0x10 [ 31.473007] ? ktime_get_ts64+0x84/0x230 [ 31.473842] kunit_try_run_case+0x1b3/0x490 [ 31.474538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.474934] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.476125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.476602] ? __kthread_parkme+0x82/0x160 [ 31.477568] ? preempt_count_sub+0x50/0x80 [ 31.478005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.478904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.479761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.480884] kthread+0x257/0x310 [ 31.481272] ? __pfx_kthread+0x10/0x10 [ 31.481891] ret_from_fork+0x41/0x80 [ 31.482370] ? __pfx_kthread+0x10/0x10 [ 31.482736] ret_from_fork_asm+0x1a/0x30 [ 31.483735] </TASK> [ 31.483975] [ 31.484182] Allocated by task 273: [ 31.484933] kasan_save_stack+0x3d/0x60 [ 31.485596] kasan_save_track+0x18/0x40 [ 31.486592] kasan_save_alloc_info+0x3b/0x50 [ 31.487032] __kasan_kmalloc+0xb7/0xc0 [ 31.487830] __kmalloc_cache_noprof+0x184/0x410 [ 31.488649] kasan_atomics+0x96/0x310 [ 31.489052] kunit_try_run_case+0x1b3/0x490 [ 31.489799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.490311] kthread+0x257/0x310 [ 31.490667] ret_from_fork+0x41/0x80 [ 31.491024] ret_from_fork_asm+0x1a/0x30 [ 31.491832] [ 31.492015] The buggy address belongs to the object at ffff888101aba780 [ 31.492015] which belongs to the cache kmalloc-64 of size 64 [ 31.494282] The buggy address is located 0 bytes to the right of [ 31.494282] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.495742] [ 31.495855] The buggy address belongs to the physical page: [ 31.496151] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.497720] flags: 0x200000000000000(node=0|zone=2) [ 31.498115] page_type: f5(slab) [ 31.498554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.499693] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.500685] page dumped because: kasan: bad access detected [ 31.501140] [ 31.501430] Memory state around the buggy address: [ 31.502414] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.503309] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.504256] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.504904] ^ [ 31.505647] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.506741] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.507511] ================================================================== [ 31.785010] ================================================================== [ 31.785532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 31.786703] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.789137] [ 31.789483] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.791423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.792090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.793287] Call Trace: [ 31.793634] <TASK> [ 31.794276] dump_stack_lvl+0x73/0xb0 [ 31.794734] print_report+0xd1/0x640 [ 31.795188] ? __virt_addr_valid+0x1db/0x2d0 [ 31.795651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.796632] kasan_report+0x102/0x140 [ 31.797218] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.797837] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.798561] kasan_check_range+0x10c/0x1c0 [ 31.799348] __kasan_check_write+0x18/0x20 [ 31.799974] kasan_atomics_helper+0x1a80/0x5450 [ 31.800828] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.801413] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.801966] ? kasan_atomics+0x153/0x310 [ 31.802855] kasan_atomics+0x1dd/0x310 [ 31.803645] ? __pfx_kasan_atomics+0x10/0x10 [ 31.804017] ? __pfx_read_tsc+0x10/0x10 [ 31.804592] ? ktime_get_ts64+0x84/0x230 [ 31.805294] kunit_try_run_case+0x1b3/0x490 [ 31.805925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.806510] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.806951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.807842] ? __kthread_parkme+0x82/0x160 [ 31.808758] ? preempt_count_sub+0x50/0x80 [ 31.809482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.809916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.810734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.811584] kthread+0x257/0x310 [ 31.811958] ? __pfx_kthread+0x10/0x10 [ 31.812810] ret_from_fork+0x41/0x80 [ 31.813412] ? __pfx_kthread+0x10/0x10 [ 31.813815] ret_from_fork_asm+0x1a/0x30 [ 31.814551] </TASK> [ 31.814820] [ 31.815014] Allocated by task 273: [ 31.815475] kasan_save_stack+0x3d/0x60 [ 31.816408] kasan_save_track+0x18/0x40 [ 31.816767] kasan_save_alloc_info+0x3b/0x50 [ 31.817527] __kasan_kmalloc+0xb7/0xc0 [ 31.817849] __kmalloc_cache_noprof+0x184/0x410 [ 31.818602] kasan_atomics+0x96/0x310 [ 31.819289] kunit_try_run_case+0x1b3/0x490 [ 31.819697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.820542] kthread+0x257/0x310 [ 31.820898] ret_from_fork+0x41/0x80 [ 31.821476] ret_from_fork_asm+0x1a/0x30 [ 31.821933] [ 31.822473] The buggy address belongs to the object at ffff888101aba780 [ 31.822473] which belongs to the cache kmalloc-64 of size 64 [ 31.823767] The buggy address is located 0 bytes to the right of [ 31.823767] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.824907] [ 31.825450] The buggy address belongs to the physical page: [ 31.826079] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.826812] flags: 0x200000000000000(node=0|zone=2) [ 31.827532] page_type: f5(slab) [ 31.828115] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.828925] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.829921] page dumped because: kasan: bad access detected [ 31.830482] [ 31.830651] Memory state around the buggy address: [ 31.831130] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.832203] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.832916] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.833902] ^ [ 31.834592] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.835388] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.835952] ================================================================== [ 30.110874] ================================================================== [ 30.112040] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 30.113166] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.113519] [ 30.113632] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.114034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.114902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.115701] Call Trace: [ 30.115912] <TASK> [ 30.116138] dump_stack_lvl+0x73/0xb0 [ 30.116642] print_report+0xd1/0x640 [ 30.117101] ? __virt_addr_valid+0x1db/0x2d0 [ 30.117422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.118133] kasan_report+0x102/0x140 [ 30.118823] ? kasan_atomics_helper+0x730/0x5450 [ 30.119561] ? kasan_atomics_helper+0x730/0x5450 [ 30.120348] kasan_check_range+0x10c/0x1c0 [ 30.120969] __kasan_check_write+0x18/0x20 [ 30.121572] kasan_atomics_helper+0x730/0x5450 [ 30.121929] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.122428] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.123259] ? kasan_atomics+0x153/0x310 [ 30.123858] kasan_atomics+0x1dd/0x310 [ 30.124474] ? __pfx_kasan_atomics+0x10/0x10 [ 30.125017] ? __pfx_read_tsc+0x10/0x10 [ 30.125449] ? ktime_get_ts64+0x84/0x230 [ 30.125932] kunit_try_run_case+0x1b3/0x490 [ 30.126823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.128081] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.128679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.129419] ? __kthread_parkme+0x82/0x160 [ 30.129848] ? preempt_count_sub+0x50/0x80 [ 30.130763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.131559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.132505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.133008] kthread+0x257/0x310 [ 30.133417] ? __pfx_kthread+0x10/0x10 [ 30.133845] ret_from_fork+0x41/0x80 [ 30.134532] ? __pfx_kthread+0x10/0x10 [ 30.135498] ret_from_fork_asm+0x1a/0x30 [ 30.135810] </TASK> [ 30.136132] [ 30.136374] Allocated by task 273: [ 30.136752] kasan_save_stack+0x3d/0x60 [ 30.137584] kasan_save_track+0x18/0x40 [ 30.138022] kasan_save_alloc_info+0x3b/0x50 [ 30.138612] __kasan_kmalloc+0xb7/0xc0 [ 30.139375] __kmalloc_cache_noprof+0x184/0x410 [ 30.140444] kasan_atomics+0x96/0x310 [ 30.140763] kunit_try_run_case+0x1b3/0x490 [ 30.141256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.141826] kthread+0x257/0x310 [ 30.142178] ret_from_fork+0x41/0x80 [ 30.142595] ret_from_fork_asm+0x1a/0x30 [ 30.143101] [ 30.143292] The buggy address belongs to the object at ffff888101aba780 [ 30.143292] which belongs to the cache kmalloc-64 of size 64 [ 30.144624] The buggy address is located 0 bytes to the right of [ 30.144624] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.145460] [ 30.145766] The buggy address belongs to the physical page: [ 30.146276] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.147089] flags: 0x200000000000000(node=0|zone=2) [ 30.147530] page_type: f5(slab) [ 30.147858] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.148464] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.149381] page dumped because: kasan: bad access detected [ 30.149782] [ 30.150036] Memory state around the buggy address: [ 30.150504] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.151143] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.151715] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.152463] ^ [ 30.152923] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.153574] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.154169] ================================================================== [ 32.149482] ================================================================== [ 32.149901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 32.150721] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.151408] [ 32.151678] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.152671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.153088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.154054] Call Trace: [ 32.154375] <TASK> [ 32.154740] dump_stack_lvl+0x73/0xb0 [ 32.155301] print_report+0xd1/0x640 [ 32.155631] ? __virt_addr_valid+0x1db/0x2d0 [ 32.156245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.156771] kasan_report+0x102/0x140 [ 32.157343] ? kasan_atomics_helper+0x1f44/0x5450 [ 32.157860] ? kasan_atomics_helper+0x1f44/0x5450 [ 32.158438] kasan_check_range+0x10c/0x1c0 [ 32.158786] __kasan_check_write+0x18/0x20 [ 32.159392] kasan_atomics_helper+0x1f44/0x5450 [ 32.159841] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.160450] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.160912] ? kasan_atomics+0x153/0x310 [ 32.161521] kasan_atomics+0x1dd/0x310 [ 32.162128] ? __pfx_kasan_atomics+0x10/0x10 [ 32.162540] ? __pfx_read_tsc+0x10/0x10 [ 32.162911] ? ktime_get_ts64+0x84/0x230 [ 32.163467] kunit_try_run_case+0x1b3/0x490 [ 32.163881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.164495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.165061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.165664] ? __kthread_parkme+0x82/0x160 [ 32.166182] ? preempt_count_sub+0x50/0x80 [ 32.166728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.167278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.167861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.168377] kthread+0x257/0x310 [ 32.168865] ? __pfx_kthread+0x10/0x10 [ 32.169393] ret_from_fork+0x41/0x80 [ 32.169744] ? __pfx_kthread+0x10/0x10 [ 32.170339] ret_from_fork_asm+0x1a/0x30 [ 32.170809] </TASK> [ 32.171220] [ 32.171439] Allocated by task 273: [ 32.171844] kasan_save_stack+0x3d/0x60 [ 32.172419] kasan_save_track+0x18/0x40 [ 32.172814] kasan_save_alloc_info+0x3b/0x50 [ 32.173427] __kasan_kmalloc+0xb7/0xc0 [ 32.173871] __kmalloc_cache_noprof+0x184/0x410 [ 32.174539] kasan_atomics+0x96/0x310 [ 32.174941] kunit_try_run_case+0x1b3/0x490 [ 32.175404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.175950] kthread+0x257/0x310 [ 32.176437] ret_from_fork+0x41/0x80 [ 32.176907] ret_from_fork_asm+0x1a/0x30 [ 32.177383] [ 32.177580] The buggy address belongs to the object at ffff888101aba780 [ 32.177580] which belongs to the cache kmalloc-64 of size 64 [ 32.178439] The buggy address is located 0 bytes to the right of [ 32.178439] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.179882] [ 32.180818] The buggy address belongs to the physical page: [ 32.181487] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.182039] flags: 0x200000000000000(node=0|zone=2) [ 32.182573] page_type: f5(slab) [ 32.182851] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.183973] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.184451] page dumped because: kasan: bad access detected [ 32.184894] [ 32.185094] Memory state around the buggy address: [ 32.185541] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.186072] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.186629] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.187321] ^ [ 32.187717] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.188423] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.188887] ================================================================== [ 31.607765] ================================================================== [ 31.608587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 31.609301] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.610337] [ 31.610760] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.613225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.613677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.615595] Call Trace: [ 31.615972] <TASK> [ 31.616240] dump_stack_lvl+0x73/0xb0 [ 31.616744] print_report+0xd1/0x640 [ 31.617197] ? __virt_addr_valid+0x1db/0x2d0 [ 31.617789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.618427] kasan_report+0x102/0x140 [ 31.619067] ? kasan_atomics_helper+0x1819/0x5450 [ 31.619451] ? kasan_atomics_helper+0x1819/0x5450 [ 31.620023] kasan_check_range+0x10c/0x1c0 [ 31.620632] __kasan_check_write+0x18/0x20 [ 31.621288] kasan_atomics_helper+0x1819/0x5450 [ 31.621861] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.622510] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.623182] ? kasan_atomics+0x153/0x310 [ 31.623624] kasan_atomics+0x1dd/0x310 [ 31.624186] ? __pfx_kasan_atomics+0x10/0x10 [ 31.624505] ? __pfx_read_tsc+0x10/0x10 [ 31.625200] ? ktime_get_ts64+0x84/0x230 [ 31.625716] kunit_try_run_case+0x1b3/0x490 [ 31.626220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.626664] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.627617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.628103] ? __kthread_parkme+0x82/0x160 [ 31.628738] ? preempt_count_sub+0x50/0x80 [ 31.629298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.629838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.630452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.631178] kthread+0x257/0x310 [ 31.631672] ? __pfx_kthread+0x10/0x10 [ 31.632075] ret_from_fork+0x41/0x80 [ 31.632731] ? __pfx_kthread+0x10/0x10 [ 31.633130] ret_from_fork_asm+0x1a/0x30 [ 31.633507] </TASK> [ 31.633836] [ 31.634033] Allocated by task 273: [ 31.634444] kasan_save_stack+0x3d/0x60 [ 31.634893] kasan_save_track+0x18/0x40 [ 31.635434] kasan_save_alloc_info+0x3b/0x50 [ 31.635879] __kasan_kmalloc+0xb7/0xc0 [ 31.636543] __kmalloc_cache_noprof+0x184/0x410 [ 31.636886] kasan_atomics+0x96/0x310 [ 31.637420] kunit_try_run_case+0x1b3/0x490 [ 31.637937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.638409] kthread+0x257/0x310 [ 31.638906] ret_from_fork+0x41/0x80 [ 31.639462] ret_from_fork_asm+0x1a/0x30 [ 31.640021] [ 31.640292] The buggy address belongs to the object at ffff888101aba780 [ 31.640292] which belongs to the cache kmalloc-64 of size 64 [ 31.641403] The buggy address is located 0 bytes to the right of [ 31.641403] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.643130] [ 31.644146] The buggy address belongs to the physical page: [ 31.644728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.645578] flags: 0x200000000000000(node=0|zone=2) [ 31.646068] page_type: f5(slab) [ 31.646506] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.647174] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.648102] page dumped because: kasan: bad access detected [ 31.648532] [ 31.648783] Memory state around the buggy address: [ 31.649492] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.650168] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.650963] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.651704] ^ [ 31.652222] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.652906] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.653558] ================================================================== [ 30.194092] ================================================================== [ 30.194906] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 30.195594] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.196224] [ 30.196456] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.197050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.197542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.198500] Call Trace: [ 30.198834] <TASK> [ 30.199052] dump_stack_lvl+0x73/0xb0 [ 30.199346] print_report+0xd1/0x640 [ 30.199627] ? __virt_addr_valid+0x1db/0x2d0 [ 30.199944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.200624] kasan_report+0x102/0x140 [ 30.201132] ? kasan_atomics_helper+0x861/0x5450 [ 30.201839] ? kasan_atomics_helper+0x861/0x5450 [ 30.202537] kasan_check_range+0x10c/0x1c0 [ 30.202959] __kasan_check_write+0x18/0x20 [ 30.203365] kasan_atomics_helper+0x861/0x5450 [ 30.203810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.204476] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.204907] ? kasan_atomics+0x153/0x310 [ 30.205481] kasan_atomics+0x1dd/0x310 [ 30.205782] ? __pfx_kasan_atomics+0x10/0x10 [ 30.206211] ? __pfx_read_tsc+0x10/0x10 [ 30.206930] ? ktime_get_ts64+0x84/0x230 [ 30.207468] kunit_try_run_case+0x1b3/0x490 [ 30.207861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.208354] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.208691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.209049] ? __kthread_parkme+0x82/0x160 [ 30.209588] ? preempt_count_sub+0x50/0x80 [ 30.210221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.210810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.211399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.211865] kthread+0x257/0x310 [ 30.212281] ? __pfx_kthread+0x10/0x10 [ 30.212706] ret_from_fork+0x41/0x80 [ 30.213030] ? __pfx_kthread+0x10/0x10 [ 30.213496] ret_from_fork_asm+0x1a/0x30 [ 30.213886] </TASK> [ 30.214231] [ 30.214402] Allocated by task 273: [ 30.214648] kasan_save_stack+0x3d/0x60 [ 30.214927] kasan_save_track+0x18/0x40 [ 30.215400] kasan_save_alloc_info+0x3b/0x50 [ 30.215952] __kasan_kmalloc+0xb7/0xc0 [ 30.216472] __kmalloc_cache_noprof+0x184/0x410 [ 30.216855] kasan_atomics+0x96/0x310 [ 30.217158] kunit_try_run_case+0x1b3/0x490 [ 30.217654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.219932] kthread+0x257/0x310 [ 30.220925] ret_from_fork+0x41/0x80 [ 30.221747] ret_from_fork_asm+0x1a/0x30 [ 30.222581] [ 30.222744] The buggy address belongs to the object at ffff888101aba780 [ 30.222744] which belongs to the cache kmalloc-64 of size 64 [ 30.224434] The buggy address is located 0 bytes to the right of [ 30.224434] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.225756] [ 30.226409] The buggy address belongs to the physical page: [ 30.227101] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.227955] flags: 0x200000000000000(node=0|zone=2) [ 30.228573] page_type: f5(slab) [ 30.229002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.230122] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.230799] page dumped because: kasan: bad access detected [ 30.231706] [ 30.231877] Memory state around the buggy address: [ 30.232194] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.233502] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.234380] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.235277] ^ [ 30.235660] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.236320] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.236891] ================================================================== [ 32.025237] ================================================================== [ 32.025754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 32.027428] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.028693] [ 32.029505] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.029900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.030175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.031710] Call Trace: [ 32.032069] <TASK> [ 32.032478] dump_stack_lvl+0x73/0xb0 [ 32.032852] print_report+0xd1/0x640 [ 32.033253] ? __virt_addr_valid+0x1db/0x2d0 [ 32.033547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.033895] kasan_report+0x102/0x140 [ 32.034216] ? kasan_atomics_helper+0x1d7b/0x5450 [ 32.034563] ? kasan_atomics_helper+0x1d7b/0x5450 [ 32.034918] kasan_check_range+0x10c/0x1c0 [ 32.035291] __kasan_check_write+0x18/0x20 [ 32.035768] kasan_atomics_helper+0x1d7b/0x5450 [ 32.036336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.036667] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.036971] ? kasan_atomics+0x153/0x310 [ 32.037283] kasan_atomics+0x1dd/0x310 [ 32.037555] ? __pfx_kasan_atomics+0x10/0x10 [ 32.037872] ? __pfx_read_tsc+0x10/0x10 [ 32.038216] ? ktime_get_ts64+0x84/0x230 [ 32.038539] kunit_try_run_case+0x1b3/0x490 [ 32.038977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.039647] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.039976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.040655] ? __kthread_parkme+0x82/0x160 [ 32.040950] ? preempt_count_sub+0x50/0x80 [ 32.041371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.041903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.042583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.043251] kthread+0x257/0x310 [ 32.043578] ? __pfx_kthread+0x10/0x10 [ 32.044254] ret_from_fork+0x41/0x80 [ 32.044689] ? __pfx_kthread+0x10/0x10 [ 32.044978] ret_from_fork_asm+0x1a/0x30 [ 32.045640] </TASK> [ 32.045960] [ 32.046312] Allocated by task 273: [ 32.046631] kasan_save_stack+0x3d/0x60 [ 32.046915] kasan_save_track+0x18/0x40 [ 32.047254] kasan_save_alloc_info+0x3b/0x50 [ 32.047559] __kasan_kmalloc+0xb7/0xc0 [ 32.048161] __kmalloc_cache_noprof+0x184/0x410 [ 32.048744] kasan_atomics+0x96/0x310 [ 32.049321] kunit_try_run_case+0x1b3/0x490 [ 32.049874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.050674] kthread+0x257/0x310 [ 32.051231] ret_from_fork+0x41/0x80 [ 32.051603] ret_from_fork_asm+0x1a/0x30 [ 32.052045] [ 32.052337] The buggy address belongs to the object at ffff888101aba780 [ 32.052337] which belongs to the cache kmalloc-64 of size 64 [ 32.053570] The buggy address is located 0 bytes to the right of [ 32.053570] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.054724] [ 32.054963] The buggy address belongs to the physical page: [ 32.055586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.056382] flags: 0x200000000000000(node=0|zone=2) [ 32.056881] page_type: f5(slab) [ 32.057349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.057790] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.058633] page dumped because: kasan: bad access detected [ 32.059336] [ 32.059514] Memory state around the buggy address: [ 32.059821] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.060719] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.062514] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.063115] ^ [ 32.063541] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.064592] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.065154] ================================================================== [ 31.559488] ================================================================== [ 31.561462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 31.562105] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.562878] [ 31.563773] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.564630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.564811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.565264] Call Trace: [ 31.565720] <TASK> [ 31.566094] dump_stack_lvl+0x73/0xb0 [ 31.566601] print_report+0xd1/0x640 [ 31.567130] ? __virt_addr_valid+0x1db/0x2d0 [ 31.567566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.568207] kasan_report+0x102/0x140 [ 31.568874] ? kasan_atomics_helper+0x1780/0x5450 [ 31.569550] ? kasan_atomics_helper+0x1780/0x5450 [ 31.570266] kasan_check_range+0x10c/0x1c0 [ 31.570843] __kasan_check_write+0x18/0x20 [ 31.571323] kasan_atomics_helper+0x1780/0x5450 [ 31.571751] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.572820] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.573471] ? kasan_atomics+0x153/0x310 [ 31.574082] kasan_atomics+0x1dd/0x310 [ 31.574639] ? __pfx_kasan_atomics+0x10/0x10 [ 31.575261] ? __pfx_read_tsc+0x10/0x10 [ 31.575607] ? ktime_get_ts64+0x84/0x230 [ 31.576014] kunit_try_run_case+0x1b3/0x490 [ 31.576871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.577654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.578418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.578775] ? __kthread_parkme+0x82/0x160 [ 31.580054] ? preempt_count_sub+0x50/0x80 [ 31.580592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.580907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.581655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.582342] kthread+0x257/0x310 [ 31.582775] ? __pfx_kthread+0x10/0x10 [ 31.583324] ret_from_fork+0x41/0x80 [ 31.583879] ? __pfx_kthread+0x10/0x10 [ 31.584595] ret_from_fork_asm+0x1a/0x30 [ 31.585281] </TASK> [ 31.585622] [ 31.585908] Allocated by task 273: [ 31.586529] kasan_save_stack+0x3d/0x60 [ 31.587057] kasan_save_track+0x18/0x40 [ 31.587503] kasan_save_alloc_info+0x3b/0x50 [ 31.588177] __kasan_kmalloc+0xb7/0xc0 [ 31.588634] __kmalloc_cache_noprof+0x184/0x410 [ 31.589229] kasan_atomics+0x96/0x310 [ 31.589645] kunit_try_run_case+0x1b3/0x490 [ 31.590247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.591068] kthread+0x257/0x310 [ 31.591341] ret_from_fork+0x41/0x80 [ 31.592033] ret_from_fork_asm+0x1a/0x30 [ 31.592356] [ 31.592605] The buggy address belongs to the object at ffff888101aba780 [ 31.592605] which belongs to the cache kmalloc-64 of size 64 [ 31.593818] The buggy address is located 0 bytes to the right of [ 31.593818] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.595299] [ 31.595467] The buggy address belongs to the physical page: [ 31.596394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.597215] flags: 0x200000000000000(node=0|zone=2) [ 31.597918] page_type: f5(slab) [ 31.598381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.599462] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.600359] page dumped because: kasan: bad access detected [ 31.601057] [ 31.601423] Memory state around the buggy address: [ 31.602000] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.602850] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.603662] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.604612] ^ [ 31.605133] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.605915] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.606891] ================================================================== [ 32.316871] ================================================================== [ 32.317398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 32.318190] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.318812] [ 32.319096] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.319934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.320271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.321242] Call Trace: [ 32.321521] <TASK> [ 32.321718] dump_stack_lvl+0x73/0xb0 [ 32.322242] print_report+0xd1/0x640 [ 32.322724] ? __virt_addr_valid+0x1db/0x2d0 [ 32.323180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.323694] kasan_report+0x102/0x140 [ 32.324092] ? kasan_atomics_helper+0x20c9/0x5450 [ 32.324581] ? kasan_atomics_helper+0x20c9/0x5450 [ 32.325097] kasan_check_range+0x10c/0x1c0 [ 32.325611] __kasan_check_write+0x18/0x20 [ 32.325931] kasan_atomics_helper+0x20c9/0x5450 [ 32.326314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.326918] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.327512] ? kasan_atomics+0x153/0x310 [ 32.327847] kasan_atomics+0x1dd/0x310 [ 32.328396] ? __pfx_kasan_atomics+0x10/0x10 [ 32.328925] ? __pfx_read_tsc+0x10/0x10 [ 32.329398] ? ktime_get_ts64+0x84/0x230 [ 32.329810] kunit_try_run_case+0x1b3/0x490 [ 32.330266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.330677] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.331063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.331653] ? __kthread_parkme+0x82/0x160 [ 32.332199] ? preempt_count_sub+0x50/0x80 [ 32.332543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.333181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.333717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.334307] kthread+0x257/0x310 [ 32.334757] ? __pfx_kthread+0x10/0x10 [ 32.335192] ret_from_fork+0x41/0x80 [ 32.335579] ? __pfx_kthread+0x10/0x10 [ 32.336067] ret_from_fork_asm+0x1a/0x30 [ 32.336412] </TASK> [ 32.336721] [ 32.336893] Allocated by task 273: [ 32.337350] kasan_save_stack+0x3d/0x60 [ 32.337625] kasan_save_track+0x18/0x40 [ 32.337911] kasan_save_alloc_info+0x3b/0x50 [ 32.338513] __kasan_kmalloc+0xb7/0xc0 [ 32.339060] __kmalloc_cache_noprof+0x184/0x410 [ 32.339505] kasan_atomics+0x96/0x310 [ 32.339899] kunit_try_run_case+0x1b3/0x490 [ 32.340349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.340735] kthread+0x257/0x310 [ 32.341006] ret_from_fork+0x41/0x80 [ 32.341527] ret_from_fork_asm+0x1a/0x30 [ 32.342063] [ 32.342313] The buggy address belongs to the object at ffff888101aba780 [ 32.342313] which belongs to the cache kmalloc-64 of size 64 [ 32.343207] The buggy address is located 0 bytes to the right of [ 32.343207] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.344329] [ 32.344571] The buggy address belongs to the physical page: [ 32.345199] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.345767] flags: 0x200000000000000(node=0|zone=2) [ 32.346152] page_type: f5(slab) [ 32.346555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.347489] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.348151] page dumped because: kasan: bad access detected [ 32.348480] [ 32.348726] Memory state around the buggy address: [ 32.349358] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.350190] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.350787] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.351396] ^ [ 32.351768] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.352405] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.353063] ================================================================== [ 30.553036] ================================================================== [ 30.553696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 30.556000] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.557005] [ 30.557312] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.558447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.558863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.559832] Call Trace: [ 30.560075] <TASK> [ 30.560447] dump_stack_lvl+0x73/0xb0 [ 30.560904] print_report+0xd1/0x640 [ 30.561277] ? __virt_addr_valid+0x1db/0x2d0 [ 30.561772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.562491] kasan_report+0x102/0x140 [ 30.562844] ? kasan_atomics_helper+0xd48/0x5450 [ 30.563484] ? kasan_atomics_helper+0xd48/0x5450 [ 30.563927] kasan_check_range+0x10c/0x1c0 [ 30.564262] __kasan_check_write+0x18/0x20 [ 30.564765] kasan_atomics_helper+0xd48/0x5450 [ 30.565390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.566070] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.566523] ? kasan_atomics+0x153/0x310 [ 30.566943] kasan_atomics+0x1dd/0x310 [ 30.567311] ? __pfx_kasan_atomics+0x10/0x10 [ 30.567788] ? __pfx_read_tsc+0x10/0x10 [ 30.568411] ? ktime_get_ts64+0x84/0x230 [ 30.568762] kunit_try_run_case+0x1b3/0x490 [ 30.569534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.569916] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.570650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.571313] ? __kthread_parkme+0x82/0x160 [ 30.571763] ? preempt_count_sub+0x50/0x80 [ 30.572271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.572713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.573534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.574183] kthread+0x257/0x310 [ 30.574574] ? __pfx_kthread+0x10/0x10 [ 30.575003] ret_from_fork+0x41/0x80 [ 30.575512] ? __pfx_kthread+0x10/0x10 [ 30.575909] ret_from_fork_asm+0x1a/0x30 [ 30.576478] </TASK> [ 30.576673] [ 30.576961] Allocated by task 273: [ 30.577351] kasan_save_stack+0x3d/0x60 [ 30.577765] kasan_save_track+0x18/0x40 [ 30.578107] kasan_save_alloc_info+0x3b/0x50 [ 30.578674] __kasan_kmalloc+0xb7/0xc0 [ 30.579020] __kmalloc_cache_noprof+0x184/0x410 [ 30.579705] kasan_atomics+0x96/0x310 [ 30.580001] kunit_try_run_case+0x1b3/0x490 [ 30.580535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.581019] kthread+0x257/0x310 [ 30.581276] ret_from_fork+0x41/0x80 [ 30.582068] ret_from_fork_asm+0x1a/0x30 [ 30.582494] [ 30.582751] The buggy address belongs to the object at ffff888101aba780 [ 30.582751] which belongs to the cache kmalloc-64 of size 64 [ 30.583746] The buggy address is located 0 bytes to the right of [ 30.583746] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.585076] [ 30.585282] The buggy address belongs to the physical page: [ 30.585739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.586429] flags: 0x200000000000000(node=0|zone=2) [ 30.587143] page_type: f5(slab) [ 30.587580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.588042] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.588469] page dumped because: kasan: bad access detected [ 30.589163] [ 30.589506] Memory state around the buggy address: [ 30.590139] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.590767] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.591918] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.592606] ^ [ 30.592922] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.593457] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.594477] ================================================================== [ 31.931635] ================================================================== [ 31.932214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 31.932818] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.933964] [ 31.934375] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.935047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.935626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.936696] Call Trace: [ 31.937149] <TASK> [ 31.937398] dump_stack_lvl+0x73/0xb0 [ 31.937848] print_report+0xd1/0x640 [ 31.938375] ? __virt_addr_valid+0x1db/0x2d0 [ 31.938952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.939498] kasan_report+0x102/0x140 [ 31.939797] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.940711] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.941424] __asan_report_load8_noabort+0x18/0x20 [ 31.942209] kasan_atomics_helper+0x4f32/0x5450 [ 31.942610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.943101] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.943803] ? kasan_atomics+0x153/0x310 [ 31.944504] kasan_atomics+0x1dd/0x310 [ 31.944973] ? __pfx_kasan_atomics+0x10/0x10 [ 31.945453] ? __pfx_read_tsc+0x10/0x10 [ 31.946124] ? ktime_get_ts64+0x84/0x230 [ 31.946538] kunit_try_run_case+0x1b3/0x490 [ 31.947170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.947639] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.948233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.948703] ? __kthread_parkme+0x82/0x160 [ 31.949260] ? preempt_count_sub+0x50/0x80 [ 31.949698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.950341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.950944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.951783] kthread+0x257/0x310 [ 31.952603] ? __pfx_kthread+0x10/0x10 [ 31.953371] ret_from_fork+0x41/0x80 [ 31.953923] ? __pfx_kthread+0x10/0x10 [ 31.954438] ret_from_fork_asm+0x1a/0x30 [ 31.954894] </TASK> [ 31.955316] [ 31.955566] Allocated by task 273: [ 31.956005] kasan_save_stack+0x3d/0x60 [ 31.956418] kasan_save_track+0x18/0x40 [ 31.956805] kasan_save_alloc_info+0x3b/0x50 [ 31.957370] __kasan_kmalloc+0xb7/0xc0 [ 31.957723] __kmalloc_cache_noprof+0x184/0x410 [ 31.958335] kasan_atomics+0x96/0x310 [ 31.958891] kunit_try_run_case+0x1b3/0x490 [ 31.959433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.960005] kthread+0x257/0x310 [ 31.960295] ret_from_fork+0x41/0x80 [ 31.960836] ret_from_fork_asm+0x1a/0x30 [ 31.961445] [ 31.961689] The buggy address belongs to the object at ffff888101aba780 [ 31.961689] which belongs to the cache kmalloc-64 of size 64 [ 31.962536] The buggy address is located 0 bytes to the right of [ 31.962536] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.964146] [ 31.964379] The buggy address belongs to the physical page: [ 31.964890] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.965776] flags: 0x200000000000000(node=0|zone=2) [ 31.966387] page_type: f5(slab) [ 31.966846] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.967781] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.968229] page dumped because: kasan: bad access detected [ 31.969009] [ 31.969268] Memory state around the buggy address: [ 31.969769] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.970504] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.971038] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.971935] ^ [ 31.972533] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.973541] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.974024] ================================================================== [ 30.965829] ================================================================== [ 30.966395] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 30.967501] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.967921] [ 30.968255] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.969766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.970148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.971199] Call Trace: [ 30.971564] <TASK> [ 30.971920] dump_stack_lvl+0x73/0xb0 [ 30.972320] print_report+0xd1/0x640 [ 30.972807] ? __virt_addr_valid+0x1db/0x2d0 [ 30.973517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.974213] kasan_report+0x102/0x140 [ 30.974615] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.975327] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.975693] __asan_report_load4_noabort+0x18/0x20 [ 30.976371] kasan_atomics_helper+0x4a04/0x5450 [ 30.976768] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.977450] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.978068] ? kasan_atomics+0x153/0x310 [ 30.978730] kasan_atomics+0x1dd/0x310 [ 30.979260] ? __pfx_kasan_atomics+0x10/0x10 [ 30.979820] ? __pfx_read_tsc+0x10/0x10 [ 30.980360] ? ktime_get_ts64+0x84/0x230 [ 30.980886] kunit_try_run_case+0x1b3/0x490 [ 30.981303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.982056] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.982536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.983212] ? __kthread_parkme+0x82/0x160 [ 30.983640] ? preempt_count_sub+0x50/0x80 [ 30.984213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.984543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.984929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.985872] kthread+0x257/0x310 [ 30.986434] ? __pfx_kthread+0x10/0x10 [ 30.986725] ret_from_fork+0x41/0x80 [ 30.987078] ? __pfx_kthread+0x10/0x10 [ 30.987664] ret_from_fork_asm+0x1a/0x30 [ 30.988330] </TASK> [ 30.988705] [ 30.988880] Allocated by task 273: [ 30.989388] kasan_save_stack+0x3d/0x60 [ 30.989677] kasan_save_track+0x18/0x40 [ 30.990176] kasan_save_alloc_info+0x3b/0x50 [ 30.990782] __kasan_kmalloc+0xb7/0xc0 [ 30.991452] __kmalloc_cache_noprof+0x184/0x410 [ 30.991975] kasan_atomics+0x96/0x310 [ 30.992466] kunit_try_run_case+0x1b3/0x490 [ 30.992954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.993544] kthread+0x257/0x310 [ 30.994017] ret_from_fork+0x41/0x80 [ 30.994514] ret_from_fork_asm+0x1a/0x30 [ 30.995051] [ 30.995395] The buggy address belongs to the object at ffff888101aba780 [ 30.995395] which belongs to the cache kmalloc-64 of size 64 [ 30.996292] The buggy address is located 0 bytes to the right of [ 30.996292] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.997738] [ 30.998080] The buggy address belongs to the physical page: [ 30.998431] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.998879] flags: 0x200000000000000(node=0|zone=2) [ 30.999746] page_type: f5(slab) [ 31.000364] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.001241] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.001665] page dumped because: kasan: bad access detected [ 31.002631] [ 31.002846] Memory state around the buggy address: [ 31.003502] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.004344] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.005032] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.005628] ^ [ 31.006174] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.006776] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.007440] ================================================================== [ 31.139414] ================================================================== [ 31.140072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 31.140884] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.141840] [ 31.142236] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.143053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.143572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.144176] Call Trace: [ 31.144420] <TASK> [ 31.144778] dump_stack_lvl+0x73/0xb0 [ 31.145366] print_report+0xd1/0x640 [ 31.145810] ? __virt_addr_valid+0x1db/0x2d0 [ 31.146586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.147213] kasan_report+0x102/0x140 [ 31.148843] ? kasan_atomics_helper+0x49d0/0x5450 [ 31.149688] ? kasan_atomics_helper+0x49d0/0x5450 [ 31.150607] __asan_report_load4_noabort+0x18/0x20 [ 31.151357] kasan_atomics_helper+0x49d0/0x5450 [ 31.151827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.152683] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.153520] ? kasan_atomics+0x153/0x310 [ 31.154169] kasan_atomics+0x1dd/0x310 [ 31.154647] ? __pfx_kasan_atomics+0x10/0x10 [ 31.155595] ? __pfx_read_tsc+0x10/0x10 [ 31.156019] ? ktime_get_ts64+0x84/0x230 [ 31.156584] kunit_try_run_case+0x1b3/0x490 [ 31.157096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.157649] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.158402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.158851] ? __kthread_parkme+0x82/0x160 [ 31.159418] ? preempt_count_sub+0x50/0x80 [ 31.159776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.160648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.161186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.161785] kthread+0x257/0x310 [ 31.162326] ? __pfx_kthread+0x10/0x10 [ 31.162836] ret_from_fork+0x41/0x80 [ 31.163342] ? __pfx_kthread+0x10/0x10 [ 31.163944] ret_from_fork_asm+0x1a/0x30 [ 31.164669] </TASK> [ 31.164977] [ 31.165244] Allocated by task 273: [ 31.165518] kasan_save_stack+0x3d/0x60 [ 31.166092] kasan_save_track+0x18/0x40 [ 31.166738] kasan_save_alloc_info+0x3b/0x50 [ 31.167071] __kasan_kmalloc+0xb7/0xc0 [ 31.167551] __kmalloc_cache_noprof+0x184/0x410 [ 31.168210] kasan_atomics+0x96/0x310 [ 31.168694] kunit_try_run_case+0x1b3/0x490 [ 31.169310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.169702] kthread+0x257/0x310 [ 31.169959] ret_from_fork+0x41/0x80 [ 31.170534] ret_from_fork_asm+0x1a/0x30 [ 31.171199] [ 31.171494] The buggy address belongs to the object at ffff888101aba780 [ 31.171494] which belongs to the cache kmalloc-64 of size 64 [ 31.172363] The buggy address is located 0 bytes to the right of [ 31.172363] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.173706] [ 31.173930] The buggy address belongs to the physical page: [ 31.174525] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.175009] flags: 0x200000000000000(node=0|zone=2) [ 31.175589] page_type: f5(slab) [ 31.176076] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.177013] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.177608] page dumped because: kasan: bad access detected [ 31.178095] [ 31.178461] Memory state around the buggy address: [ 31.179161] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.179771] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.180668] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.181413] ^ [ 31.182099] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.182777] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.183593] ================================================================== [ 30.790718] ================================================================== [ 30.791849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 30.792716] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.793500] [ 30.793677] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.794821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.795412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.795920] Call Trace: [ 30.796299] <TASK> [ 30.796605] dump_stack_lvl+0x73/0xb0 [ 30.797237] print_report+0xd1/0x640 [ 30.797728] ? __virt_addr_valid+0x1db/0x2d0 [ 30.798144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.799160] kasan_report+0x102/0x140 [ 30.799427] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.800007] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.800674] __asan_report_load4_noabort+0x18/0x20 [ 30.801241] kasan_atomics_helper+0x4a38/0x5450 [ 30.801805] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.802424] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.802783] ? kasan_atomics+0x153/0x310 [ 30.803134] kasan_atomics+0x1dd/0x310 [ 30.803410] ? __pfx_kasan_atomics+0x10/0x10 [ 30.803702] ? __pfx_read_tsc+0x10/0x10 [ 30.803968] ? ktime_get_ts64+0x84/0x230 [ 30.804322] kunit_try_run_case+0x1b3/0x490 [ 30.804646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.805226] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.805696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.806099] ? __kthread_parkme+0x82/0x160 [ 30.806677] ? preempt_count_sub+0x50/0x80 [ 30.807306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.807689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.808558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.809177] kthread+0x257/0x310 [ 30.809482] ? __pfx_kthread+0x10/0x10 [ 30.810071] ret_from_fork+0x41/0x80 [ 30.810507] ? __pfx_kthread+0x10/0x10 [ 30.810976] ret_from_fork_asm+0x1a/0x30 [ 30.811369] </TASK> [ 30.811730] [ 30.812050] Allocated by task 273: [ 30.812497] kasan_save_stack+0x3d/0x60 [ 30.812932] kasan_save_track+0x18/0x40 [ 30.813410] kasan_save_alloc_info+0x3b/0x50 [ 30.813845] __kasan_kmalloc+0xb7/0xc0 [ 30.814417] __kmalloc_cache_noprof+0x184/0x410 [ 30.814829] kasan_atomics+0x96/0x310 [ 30.815414] kunit_try_run_case+0x1b3/0x490 [ 30.815868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.816512] kthread+0x257/0x310 [ 30.816959] ret_from_fork+0x41/0x80 [ 30.817430] ret_from_fork_asm+0x1a/0x30 [ 30.817733] [ 30.817937] The buggy address belongs to the object at ffff888101aba780 [ 30.817937] which belongs to the cache kmalloc-64 of size 64 [ 30.819581] The buggy address is located 0 bytes to the right of [ 30.819581] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.820652] [ 30.820812] The buggy address belongs to the physical page: [ 30.821532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.822150] flags: 0x200000000000000(node=0|zone=2) [ 30.822664] page_type: f5(slab) [ 30.823173] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.823783] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.824668] page dumped because: kasan: bad access detected [ 30.825198] [ 30.825359] Memory state around the buggy address: [ 30.825962] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.826759] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.827552] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.828256] ^ [ 30.828749] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.829526] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.830226] ================================================================== [ 32.190063] ================================================================== [ 32.191856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 32.192426] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.193413] [ 32.194271] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.195426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.195710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.196747] Call Trace: [ 32.197659] <TASK> [ 32.197873] dump_stack_lvl+0x73/0xb0 [ 32.198210] print_report+0xd1/0x640 [ 32.198670] ? __virt_addr_valid+0x1db/0x2d0 [ 32.199523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.200165] kasan_report+0x102/0x140 [ 32.200797] ? kasan_atomics_helper+0x4f73/0x5450 [ 32.201613] ? kasan_atomics_helper+0x4f73/0x5450 [ 32.202298] __asan_report_load8_noabort+0x18/0x20 [ 32.202966] kasan_atomics_helper+0x4f73/0x5450 [ 32.203834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.204196] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.204787] ? kasan_atomics+0x153/0x310 [ 32.205730] kasan_atomics+0x1dd/0x310 [ 32.206127] ? __pfx_kasan_atomics+0x10/0x10 [ 32.206829] ? __pfx_read_tsc+0x10/0x10 [ 32.207517] ? ktime_get_ts64+0x84/0x230 [ 32.207932] kunit_try_run_case+0x1b3/0x490 [ 32.208693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.209256] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.210001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.210735] ? __kthread_parkme+0x82/0x160 [ 32.211485] ? preempt_count_sub+0x50/0x80 [ 32.211901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.212953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.213494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.214272] kthread+0x257/0x310 [ 32.214655] ? __pfx_kthread+0x10/0x10 [ 32.215500] ret_from_fork+0x41/0x80 [ 32.215946] ? __pfx_kthread+0x10/0x10 [ 32.216901] ret_from_fork_asm+0x1a/0x30 [ 32.217733] </TASK> [ 32.218236] [ 32.218416] Allocated by task 273: [ 32.219308] kasan_save_stack+0x3d/0x60 [ 32.219747] kasan_save_track+0x18/0x40 [ 32.220256] kasan_save_alloc_info+0x3b/0x50 [ 32.220463] __kasan_kmalloc+0xb7/0xc0 [ 32.220640] __kmalloc_cache_noprof+0x184/0x410 [ 32.220835] kasan_atomics+0x96/0x310 [ 32.221048] kunit_try_run_case+0x1b3/0x490 [ 32.221627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.222998] kthread+0x257/0x310 [ 32.223442] ret_from_fork+0x41/0x80 [ 32.223654] ret_from_fork_asm+0x1a/0x30 [ 32.223840] [ 32.223936] The buggy address belongs to the object at ffff888101aba780 [ 32.223936] which belongs to the cache kmalloc-64 of size 64 [ 32.225935] The buggy address is located 0 bytes to the right of [ 32.225935] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.226793] [ 32.226896] The buggy address belongs to the physical page: [ 32.227304] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.228713] flags: 0x200000000000000(node=0|zone=2) [ 32.229075] page_type: f5(slab) [ 32.229611] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.230577] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.231290] page dumped because: kasan: bad access detected [ 32.231812] [ 32.232471] Memory state around the buggy address: [ 32.233356] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.234070] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.234605] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.235208] ^ [ 32.235661] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.236343] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.236956] ================================================================== [ 30.285112] ================================================================== [ 30.286959] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 30.287645] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.288600] [ 30.288788] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.290019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.290717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.291870] Call Trace: [ 30.292608] <TASK> [ 30.292842] dump_stack_lvl+0x73/0xb0 [ 30.293747] print_report+0xd1/0x640 [ 30.294496] ? __virt_addr_valid+0x1db/0x2d0 [ 30.294926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.295815] kasan_report+0x102/0x140 [ 30.296599] ? kasan_atomics_helper+0x993/0x5450 [ 30.297276] ? kasan_atomics_helper+0x993/0x5450 [ 30.297912] kasan_check_range+0x10c/0x1c0 [ 30.298669] __kasan_check_write+0x18/0x20 [ 30.299094] kasan_atomics_helper+0x993/0x5450 [ 30.300151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.300586] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.301038] ? kasan_atomics+0x153/0x310 [ 30.301921] kasan_atomics+0x1dd/0x310 [ 30.302654] ? __pfx_kasan_atomics+0x10/0x10 [ 30.303345] ? __pfx_read_tsc+0x10/0x10 [ 30.303821] ? ktime_get_ts64+0x84/0x230 [ 30.304630] kunit_try_run_case+0x1b3/0x490 [ 30.305450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.305957] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.306455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.307863] ? __kthread_parkme+0x82/0x160 [ 30.308380] ? preempt_count_sub+0x50/0x80 [ 30.308858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.309705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.310597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.311766] kthread+0x257/0x310 [ 30.312104] ? __pfx_kthread+0x10/0x10 [ 30.313014] ret_from_fork+0x41/0x80 [ 30.313517] ? __pfx_kthread+0x10/0x10 [ 30.313924] ret_from_fork_asm+0x1a/0x30 [ 30.314938] </TASK> [ 30.315154] [ 30.315595] Allocated by task 273: [ 30.315864] kasan_save_stack+0x3d/0x60 [ 30.316666] kasan_save_track+0x18/0x40 [ 30.317605] kasan_save_alloc_info+0x3b/0x50 [ 30.318050] __kasan_kmalloc+0xb7/0xc0 [ 30.318844] __kmalloc_cache_noprof+0x184/0x410 [ 30.319658] kasan_atomics+0x96/0x310 [ 30.320577] kunit_try_run_case+0x1b3/0x490 [ 30.320963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.321908] kthread+0x257/0x310 [ 30.322402] ret_from_fork+0x41/0x80 [ 30.322654] ret_from_fork_asm+0x1a/0x30 [ 30.323546] [ 30.323767] The buggy address belongs to the object at ffff888101aba780 [ 30.323767] which belongs to the cache kmalloc-64 of size 64 [ 30.325615] The buggy address is located 0 bytes to the right of [ 30.325615] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.327408] [ 30.327588] The buggy address belongs to the physical page: [ 30.328503] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.329367] flags: 0x200000000000000(node=0|zone=2) [ 30.329950] page_type: f5(slab) [ 30.330401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.331541] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.332447] page dumped because: kasan: bad access detected [ 30.332776] [ 30.333430] Memory state around the buggy address: [ 30.333950] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.334595] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.335636] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.336401] ^ [ 30.337317] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.338006] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.339453] ================================================================== [ 32.237859] ================================================================== [ 32.238546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 32.239299] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.239877] [ 32.240119] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.240930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.241325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.242077] Call Trace: [ 32.242406] <TASK> [ 32.242712] dump_stack_lvl+0x73/0xb0 [ 32.243138] print_report+0xd1/0x640 [ 32.243440] ? __virt_addr_valid+0x1db/0x2d0 [ 32.243862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.244519] kasan_report+0x102/0x140 [ 32.244839] ? kasan_atomics_helper+0x2007/0x5450 [ 32.245387] ? kasan_atomics_helper+0x2007/0x5450 [ 32.245979] kasan_check_range+0x10c/0x1c0 [ 32.246496] __kasan_check_write+0x18/0x20 [ 32.246957] kasan_atomics_helper+0x2007/0x5450 [ 32.247368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.247925] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.248429] ? kasan_atomics+0x153/0x310 [ 32.248819] kasan_atomics+0x1dd/0x310 [ 32.249250] ? __pfx_kasan_atomics+0x10/0x10 [ 32.249743] ? __pfx_read_tsc+0x10/0x10 [ 32.250159] ? ktime_get_ts64+0x84/0x230 [ 32.250662] kunit_try_run_case+0x1b3/0x490 [ 32.251211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.251548] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.252184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.252557] ? __kthread_parkme+0x82/0x160 [ 32.252861] ? preempt_count_sub+0x50/0x80 [ 32.253242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.253844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.254610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.255077] kthread+0x257/0x310 [ 32.255351] ? __pfx_kthread+0x10/0x10 [ 32.255838] ret_from_fork+0x41/0x80 [ 32.256377] ? __pfx_kthread+0x10/0x10 [ 32.256856] ret_from_fork_asm+0x1a/0x30 [ 32.258267] </TASK> [ 32.258614] [ 32.258857] Allocated by task 273: [ 32.259229] kasan_save_stack+0x3d/0x60 [ 32.259646] kasan_save_track+0x18/0x40 [ 32.260650] kasan_save_alloc_info+0x3b/0x50 [ 32.261529] __kasan_kmalloc+0xb7/0xc0 [ 32.262065] __kmalloc_cache_noprof+0x184/0x410 [ 32.262536] kasan_atomics+0x96/0x310 [ 32.262844] kunit_try_run_case+0x1b3/0x490 [ 32.263359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.263750] kthread+0x257/0x310 [ 32.264228] ret_from_fork+0x41/0x80 [ 32.264525] ret_from_fork_asm+0x1a/0x30 [ 32.264960] [ 32.265193] The buggy address belongs to the object at ffff888101aba780 [ 32.265193] which belongs to the cache kmalloc-64 of size 64 [ 32.266254] The buggy address is located 0 bytes to the right of [ 32.266254] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.267235] [ 32.267471] The buggy address belongs to the physical page: [ 32.267892] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.268674] flags: 0x200000000000000(node=0|zone=2) [ 32.269118] page_type: f5(slab) [ 32.269550] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.270211] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.270979] page dumped because: kasan: bad access detected [ 32.271404] [ 32.271643] Memory state around the buggy address: [ 32.272226] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.272662] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.273434] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.274084] ^ [ 32.274565] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.275154] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.275828] ================================================================== [ 31.508621] ================================================================== [ 31.510020] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 31.511373] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.512491] [ 31.512673] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.513705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.514074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.515214] Call Trace: [ 31.515689] <TASK> [ 31.516582] dump_stack_lvl+0x73/0xb0 [ 31.516963] print_report+0xd1/0x640 [ 31.517729] ? __virt_addr_valid+0x1db/0x2d0 [ 31.518721] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.519616] kasan_report+0x102/0x140 [ 31.520016] ? kasan_atomics_helper+0x16e8/0x5450 [ 31.521123] ? kasan_atomics_helper+0x16e8/0x5450 [ 31.521579] kasan_check_range+0x10c/0x1c0 [ 31.521999] __kasan_check_write+0x18/0x20 [ 31.522863] kasan_atomics_helper+0x16e8/0x5450 [ 31.523921] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.524827] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.525399] ? kasan_atomics+0x153/0x310 [ 31.525825] kasan_atomics+0x1dd/0x310 [ 31.526743] ? __pfx_kasan_atomics+0x10/0x10 [ 31.527283] ? __pfx_read_tsc+0x10/0x10 [ 31.527855] ? ktime_get_ts64+0x84/0x230 [ 31.528541] kunit_try_run_case+0x1b3/0x490 [ 31.528969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.529718] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.530435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.531090] ? __kthread_parkme+0x82/0x160 [ 31.531731] ? preempt_count_sub+0x50/0x80 [ 31.532461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.532889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.533783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.534332] kthread+0x257/0x310 [ 31.534521] ? __pfx_kthread+0x10/0x10 [ 31.534704] ret_from_fork+0x41/0x80 [ 31.534881] ? __pfx_kthread+0x10/0x10 [ 31.535141] ret_from_fork_asm+0x1a/0x30 [ 31.535460] </TASK> [ 31.535908] [ 31.536319] Allocated by task 273: [ 31.536566] kasan_save_stack+0x3d/0x60 [ 31.536848] kasan_save_track+0x18/0x40 [ 31.537313] kasan_save_alloc_info+0x3b/0x50 [ 31.538001] __kasan_kmalloc+0xb7/0xc0 [ 31.538323] __kmalloc_cache_noprof+0x184/0x410 [ 31.539167] kasan_atomics+0x96/0x310 [ 31.539769] kunit_try_run_case+0x1b3/0x490 [ 31.540374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.541090] kthread+0x257/0x310 [ 31.541634] ret_from_fork+0x41/0x80 [ 31.542086] ret_from_fork_asm+0x1a/0x30 [ 31.542713] [ 31.542947] The buggy address belongs to the object at ffff888101aba780 [ 31.542947] which belongs to the cache kmalloc-64 of size 64 [ 31.544250] The buggy address is located 0 bytes to the right of [ 31.544250] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.545702] [ 31.545807] The buggy address belongs to the physical page: [ 31.546072] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.547565] flags: 0x200000000000000(node=0|zone=2) [ 31.548025] page_type: f5(slab) [ 31.548905] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.549708] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.551134] page dumped because: kasan: bad access detected [ 31.551648] [ 31.551903] Memory state around the buggy address: [ 31.553089] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.553765] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.554587] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.555782] ^ [ 31.556180] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.557620] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.558504] ================================================================== [ 30.693305] ================================================================== [ 30.694706] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 30.695520] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.696571] [ 30.696804] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.697938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.698459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.699671] Call Trace: [ 30.699915] <TASK> [ 30.700116] dump_stack_lvl+0x73/0xb0 [ 30.701009] print_report+0xd1/0x640 [ 30.701427] ? __virt_addr_valid+0x1db/0x2d0 [ 30.702172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.702738] kasan_report+0x102/0x140 [ 30.703433] ? kasan_atomics_helper+0xf11/0x5450 [ 30.704121] ? kasan_atomics_helper+0xf11/0x5450 [ 30.704622] kasan_check_range+0x10c/0x1c0 [ 30.705381] __kasan_check_write+0x18/0x20 [ 30.706031] kasan_atomics_helper+0xf11/0x5450 [ 30.706800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.707761] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.708205] ? kasan_atomics+0x153/0x310 [ 30.708691] kasan_atomics+0x1dd/0x310 [ 30.709095] ? __pfx_kasan_atomics+0x10/0x10 [ 30.710098] ? __pfx_read_tsc+0x10/0x10 [ 30.710738] ? ktime_get_ts64+0x84/0x230 [ 30.711440] kunit_try_run_case+0x1b3/0x490 [ 30.711867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.712650] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.713389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.714082] ? __kthread_parkme+0x82/0x160 [ 30.714723] ? preempt_count_sub+0x50/0x80 [ 30.715400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.715857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.716356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.717266] kthread+0x257/0x310 [ 30.717611] ? __pfx_kthread+0x10/0x10 [ 30.718200] ret_from_fork+0x41/0x80 [ 30.718796] ? __pfx_kthread+0x10/0x10 [ 30.719311] ret_from_fork_asm+0x1a/0x30 [ 30.719904] </TASK> [ 30.720191] [ 30.720572] Allocated by task 273: [ 30.721016] kasan_save_stack+0x3d/0x60 [ 30.721568] kasan_save_track+0x18/0x40 [ 30.722190] kasan_save_alloc_info+0x3b/0x50 [ 30.722681] __kasan_kmalloc+0xb7/0xc0 [ 30.723136] __kmalloc_cache_noprof+0x184/0x410 [ 30.723706] kasan_atomics+0x96/0x310 [ 30.724381] kunit_try_run_case+0x1b3/0x490 [ 30.724953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.725622] kthread+0x257/0x310 [ 30.726357] ret_from_fork+0x41/0x80 [ 30.726748] ret_from_fork_asm+0x1a/0x30 [ 30.727500] [ 30.727722] The buggy address belongs to the object at ffff888101aba780 [ 30.727722] which belongs to the cache kmalloc-64 of size 64 [ 30.729093] The buggy address is located 0 bytes to the right of [ 30.729093] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.730302] [ 30.730630] The buggy address belongs to the physical page: [ 30.731219] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.732233] flags: 0x200000000000000(node=0|zone=2) [ 30.732617] page_type: f5(slab) [ 30.733029] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.733802] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.734798] page dumped because: kasan: bad access detected [ 30.735470] [ 30.735711] Memory state around the buggy address: [ 30.736228] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.737182] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.737941] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.738785] ^ [ 30.739397] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.740184] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.740837] ================================================================== [ 31.094269] ================================================================== [ 31.094697] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 31.095255] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.096325] [ 31.096502] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.097312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.098312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.099657] Call Trace: [ 31.099795] <TASK> [ 31.099916] dump_stack_lvl+0x73/0xb0 [ 31.100205] print_report+0xd1/0x640 [ 31.100796] ? __virt_addr_valid+0x1db/0x2d0 [ 31.101694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.102191] kasan_report+0x102/0x140 [ 31.102949] ? kasan_atomics_helper+0x12e7/0x5450 [ 31.103598] ? kasan_atomics_helper+0x12e7/0x5450 [ 31.104168] kasan_check_range+0x10c/0x1c0 [ 31.104603] __kasan_check_write+0x18/0x20 [ 31.105554] kasan_atomics_helper+0x12e7/0x5450 [ 31.106074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.106761] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.107561] ? kasan_atomics+0x153/0x310 [ 31.107971] kasan_atomics+0x1dd/0x310 [ 31.108650] ? __pfx_kasan_atomics+0x10/0x10 [ 31.109570] ? __pfx_read_tsc+0x10/0x10 [ 31.109974] ? ktime_get_ts64+0x84/0x230 [ 31.110673] kunit_try_run_case+0x1b3/0x490 [ 31.111385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.111853] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.112698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.113560] ? __kthread_parkme+0x82/0x160 [ 31.114233] ? preempt_count_sub+0x50/0x80 [ 31.114660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.115494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.116128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.116664] kthread+0x257/0x310 [ 31.117695] ? __pfx_kthread+0x10/0x10 [ 31.118536] ret_from_fork+0x41/0x80 [ 31.118949] ? __pfx_kthread+0x10/0x10 [ 31.119444] ret_from_fork_asm+0x1a/0x30 [ 31.120025] </TASK> [ 31.120398] [ 31.120650] Allocated by task 273: [ 31.121048] kasan_save_stack+0x3d/0x60 [ 31.121489] kasan_save_track+0x18/0x40 [ 31.121879] kasan_save_alloc_info+0x3b/0x50 [ 31.122318] __kasan_kmalloc+0xb7/0xc0 [ 31.123032] __kmalloc_cache_noprof+0x184/0x410 [ 31.123347] kasan_atomics+0x96/0x310 [ 31.123893] kunit_try_run_case+0x1b3/0x490 [ 31.124391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.124855] kthread+0x257/0x310 [ 31.125522] ret_from_fork+0x41/0x80 [ 31.125977] ret_from_fork_asm+0x1a/0x30 [ 31.126312] [ 31.126551] The buggy address belongs to the object at ffff888101aba780 [ 31.126551] which belongs to the cache kmalloc-64 of size 64 [ 31.127624] The buggy address is located 0 bytes to the right of [ 31.127624] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.128963] [ 31.129144] The buggy address belongs to the physical page: [ 31.129803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.130377] flags: 0x200000000000000(node=0|zone=2) [ 31.130934] page_type: f5(slab) [ 31.131200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.132033] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.133201] page dumped because: kasan: bad access detected [ 31.133758] [ 31.133925] Memory state around the buggy address: [ 31.134540] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.135149] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.135959] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.136605] ^ [ 31.137171] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.137695] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.138661] ================================================================== [ 31.654734] ================================================================== [ 31.655206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 31.656049] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.656831] [ 31.657020] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.658678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.659024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.659801] Call Trace: [ 31.660277] <TASK> [ 31.660626] dump_stack_lvl+0x73/0xb0 [ 31.661109] print_report+0xd1/0x640 [ 31.661465] ? __virt_addr_valid+0x1db/0x2d0 [ 31.661962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.662716] kasan_report+0x102/0x140 [ 31.663255] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.663870] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.664391] kasan_check_range+0x10c/0x1c0 [ 31.664917] __kasan_check_write+0x18/0x20 [ 31.665359] kasan_atomics_helper+0x18b2/0x5450 [ 31.666011] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.666576] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.667266] ? kasan_atomics+0x153/0x310 [ 31.667598] kasan_atomics+0x1dd/0x310 [ 31.668144] ? __pfx_kasan_atomics+0x10/0x10 [ 31.668687] ? __pfx_read_tsc+0x10/0x10 [ 31.669243] ? ktime_get_ts64+0x84/0x230 [ 31.669686] kunit_try_run_case+0x1b3/0x490 [ 31.670295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.670852] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.671479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.672083] ? __kthread_parkme+0x82/0x160 [ 31.672530] ? preempt_count_sub+0x50/0x80 [ 31.672960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.673543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.674211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.674836] kthread+0x257/0x310 [ 31.675279] ? __pfx_kthread+0x10/0x10 [ 31.675710] ret_from_fork+0x41/0x80 [ 31.676005] ? __pfx_kthread+0x10/0x10 [ 31.676453] ret_from_fork_asm+0x1a/0x30 [ 31.677065] </TASK> [ 31.677377] [ 31.677638] Allocated by task 273: [ 31.678074] kasan_save_stack+0x3d/0x60 [ 31.678471] kasan_save_track+0x18/0x40 [ 31.678999] kasan_save_alloc_info+0x3b/0x50 [ 31.679512] __kasan_kmalloc+0xb7/0xc0 [ 31.680026] __kmalloc_cache_noprof+0x184/0x410 [ 31.680537] kasan_atomics+0x96/0x310 [ 31.680882] kunit_try_run_case+0x1b3/0x490 [ 31.681207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.682146] kthread+0x257/0x310 [ 31.682668] ret_from_fork+0x41/0x80 [ 31.683027] ret_from_fork_asm+0x1a/0x30 [ 31.683463] [ 31.683741] The buggy address belongs to the object at ffff888101aba780 [ 31.683741] which belongs to the cache kmalloc-64 of size 64 [ 31.684926] The buggy address is located 0 bytes to the right of [ 31.684926] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.686216] [ 31.686436] The buggy address belongs to the physical page: [ 31.686778] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.687640] flags: 0x200000000000000(node=0|zone=2) [ 31.688096] page_type: f5(slab) [ 31.688336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.689401] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.690102] page dumped because: kasan: bad access detected [ 31.690538] [ 31.690697] Memory state around the buggy address: [ 31.691307] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.691976] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.692686] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.693447] ^ [ 31.694023] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.694587] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.695523] ================================================================== [ 30.429584] ================================================================== [ 30.430209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 30.430924] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.431718] [ 30.431905] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.432832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.433367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.434172] Call Trace: [ 30.434520] <TASK> [ 30.434743] dump_stack_lvl+0x73/0xb0 [ 30.435275] print_report+0xd1/0x640 [ 30.435572] ? __virt_addr_valid+0x1db/0x2d0 [ 30.436123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.436683] kasan_report+0x102/0x140 [ 30.437049] ? kasan_atomics_helper+0xb6b/0x5450 [ 30.437590] ? kasan_atomics_helper+0xb6b/0x5450 [ 30.438205] kasan_check_range+0x10c/0x1c0 [ 30.438664] __kasan_check_write+0x18/0x20 [ 30.439242] kasan_atomics_helper+0xb6b/0x5450 [ 30.439615] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.440214] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.440732] ? kasan_atomics+0x153/0x310 [ 30.441138] kasan_atomics+0x1dd/0x310 [ 30.441662] ? __pfx_kasan_atomics+0x10/0x10 [ 30.442187] ? __pfx_read_tsc+0x10/0x10 [ 30.442564] ? ktime_get_ts64+0x84/0x230 [ 30.443747] kunit_try_run_case+0x1b3/0x490 [ 30.444337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.444771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.445247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.445690] ? __kthread_parkme+0x82/0x160 [ 30.446557] ? preempt_count_sub+0x50/0x80 [ 30.447023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.447557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.448164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.448700] kthread+0x257/0x310 [ 30.449225] ? __pfx_kthread+0x10/0x10 [ 30.449617] ret_from_fork+0x41/0x80 [ 30.450295] ? __pfx_kthread+0x10/0x10 [ 30.450699] ret_from_fork_asm+0x1a/0x30 [ 30.451451] </TASK> [ 30.451636] [ 30.451793] Allocated by task 273: [ 30.452174] kasan_save_stack+0x3d/0x60 [ 30.452647] kasan_save_track+0x18/0x40 [ 30.453642] kasan_save_alloc_info+0x3b/0x50 [ 30.454213] __kasan_kmalloc+0xb7/0xc0 [ 30.454689] __kmalloc_cache_noprof+0x184/0x410 [ 30.455210] kasan_atomics+0x96/0x310 [ 30.455487] kunit_try_run_case+0x1b3/0x490 [ 30.456003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.456619] kthread+0x257/0x310 [ 30.456965] ret_from_fork+0x41/0x80 [ 30.457304] ret_from_fork_asm+0x1a/0x30 [ 30.457794] [ 30.458097] The buggy address belongs to the object at ffff888101aba780 [ 30.458097] which belongs to the cache kmalloc-64 of size 64 [ 30.459124] The buggy address is located 0 bytes to the right of [ 30.459124] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.459941] [ 30.460248] The buggy address belongs to the physical page: [ 30.460796] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.461589] flags: 0x200000000000000(node=0|zone=2) [ 30.462062] page_type: f5(slab) [ 30.462318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.463170] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.463776] page dumped because: kasan: bad access detected [ 30.464337] [ 30.464567] Memory state around the buggy address: [ 30.464869] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.465664] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.466394] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.466820] ^ [ 30.467402] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.467954] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.468585] ================================================================== [ 29.905596] ================================================================== [ 29.906448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 29.907831] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.908369] [ 29.908640] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.910182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.910941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.912284] Call Trace: [ 29.912615] <TASK> [ 29.913056] dump_stack_lvl+0x73/0xb0 [ 29.913839] print_report+0xd1/0x640 [ 29.914434] ? __virt_addr_valid+0x1db/0x2d0 [ 29.914910] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.915773] kasan_report+0x102/0x140 [ 29.916479] ? kasan_atomics_helper+0x4b3c/0x5450 [ 29.917070] ? kasan_atomics_helper+0x4b3c/0x5450 [ 29.918002] __asan_report_store4_noabort+0x1b/0x30 [ 29.918815] kasan_atomics_helper+0x4b3c/0x5450 [ 29.919525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.920210] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.920779] ? kasan_atomics+0x153/0x310 [ 29.921433] kasan_atomics+0x1dd/0x310 [ 29.922336] ? __pfx_kasan_atomics+0x10/0x10 [ 29.922840] ? __pfx_read_tsc+0x10/0x10 [ 29.923466] ? ktime_get_ts64+0x84/0x230 [ 29.924593] kunit_try_run_case+0x1b3/0x490 [ 29.925585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.926091] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.926804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.927375] ? __kthread_parkme+0x82/0x160 [ 29.927828] ? preempt_count_sub+0x50/0x80 [ 29.928445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.928836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.929576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.930333] kthread+0x257/0x310 [ 29.930865] ? __pfx_kthread+0x10/0x10 [ 29.931584] ret_from_fork+0x41/0x80 [ 29.931920] ? __pfx_kthread+0x10/0x10 [ 29.932500] ret_from_fork_asm+0x1a/0x30 [ 29.933250] </TASK> [ 29.933463] [ 29.933769] Allocated by task 273: [ 29.934152] kasan_save_stack+0x3d/0x60 [ 29.934745] kasan_save_track+0x18/0x40 [ 29.935237] kasan_save_alloc_info+0x3b/0x50 [ 29.935853] __kasan_kmalloc+0xb7/0xc0 [ 29.936662] __kmalloc_cache_noprof+0x184/0x410 [ 29.937126] kasan_atomics+0x96/0x310 [ 29.937411] kunit_try_run_case+0x1b3/0x490 [ 29.938131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.938941] kthread+0x257/0x310 [ 29.939520] ret_from_fork+0x41/0x80 [ 29.940201] ret_from_fork_asm+0x1a/0x30 [ 29.940638] [ 29.941024] The buggy address belongs to the object at ffff888101aba780 [ 29.941024] which belongs to the cache kmalloc-64 of size 64 [ 29.942314] The buggy address is located 0 bytes to the right of [ 29.942314] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.943844] [ 29.944291] The buggy address belongs to the physical page: [ 29.944811] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.945555] flags: 0x200000000000000(node=0|zone=2) [ 29.946210] page_type: f5(slab) [ 29.946806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.947919] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.948675] page dumped because: kasan: bad access detected [ 29.949080] [ 29.949309] Memory state around the buggy address: [ 29.949832] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.950516] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.951674] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.953077] ^ [ 29.953583] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.954273] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.955590] ================================================================== [ 32.276713] ================================================================== [ 32.277629] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 32.280121] Read of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.280562] [ 32.280782] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.281739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.282220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.282939] Call Trace: [ 32.283389] <TASK> [ 32.283732] dump_stack_lvl+0x73/0xb0 [ 32.284212] print_report+0xd1/0x640 [ 32.284498] ? __virt_addr_valid+0x1db/0x2d0 [ 32.285142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.285815] kasan_report+0x102/0x140 [ 32.286269] ? kasan_atomics_helper+0x4f9a/0x5450 [ 32.286833] ? kasan_atomics_helper+0x4f9a/0x5450 [ 32.287306] __asan_report_load8_noabort+0x18/0x20 [ 32.287860] kasan_atomics_helper+0x4f9a/0x5450 [ 32.288358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.288741] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.289396] ? kasan_atomics+0x153/0x310 [ 32.289803] kasan_atomics+0x1dd/0x310 [ 32.290283] ? __pfx_kasan_atomics+0x10/0x10 [ 32.290645] ? __pfx_read_tsc+0x10/0x10 [ 32.291204] ? ktime_get_ts64+0x84/0x230 [ 32.291564] kunit_try_run_case+0x1b3/0x490 [ 32.292143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.292541] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.293007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.293432] ? __kthread_parkme+0x82/0x160 [ 32.293958] ? preempt_count_sub+0x50/0x80 [ 32.294404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.294855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.295519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.296160] kthread+0x257/0x310 [ 32.296516] ? __pfx_kthread+0x10/0x10 [ 32.296971] ret_from_fork+0x41/0x80 [ 32.297361] ? __pfx_kthread+0x10/0x10 [ 32.297818] ret_from_fork_asm+0x1a/0x30 [ 32.298394] </TASK> [ 32.298652] [ 32.298810] Allocated by task 273: [ 32.299219] kasan_save_stack+0x3d/0x60 [ 32.299726] kasan_save_track+0x18/0x40 [ 32.300149] kasan_save_alloc_info+0x3b/0x50 [ 32.300549] __kasan_kmalloc+0xb7/0xc0 [ 32.300957] __kmalloc_cache_noprof+0x184/0x410 [ 32.301463] kasan_atomics+0x96/0x310 [ 32.301865] kunit_try_run_case+0x1b3/0x490 [ 32.302411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.302932] kthread+0x257/0x310 [ 32.303247] ret_from_fork+0x41/0x80 [ 32.303710] ret_from_fork_asm+0x1a/0x30 [ 32.304271] [ 32.304429] The buggy address belongs to the object at ffff888101aba780 [ 32.304429] which belongs to the cache kmalloc-64 of size 64 [ 32.305583] The buggy address is located 0 bytes to the right of [ 32.305583] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.306627] [ 32.306871] The buggy address belongs to the physical page: [ 32.307439] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.308086] flags: 0x200000000000000(node=0|zone=2) [ 32.308401] page_type: f5(slab) [ 32.308728] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.309658] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.310425] page dumped because: kasan: bad access detected [ 32.310869] [ 32.311135] Memory state around the buggy address: [ 32.311530] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.312228] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.312793] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.313456] ^ [ 32.313875] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.314497] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.315160] ================================================================== [ 31.976078] ================================================================== [ 31.976566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 31.977502] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.978012] [ 31.978336] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.979540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.979950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.980810] Call Trace: [ 31.981305] <TASK> [ 31.981654] dump_stack_lvl+0x73/0xb0 [ 31.982115] print_report+0xd1/0x640 [ 31.982611] ? __virt_addr_valid+0x1db/0x2d0 [ 31.983650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.984907] kasan_report+0x102/0x140 [ 31.985533] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.986248] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.986747] kasan_check_range+0x10c/0x1c0 [ 31.987215] __kasan_check_write+0x18/0x20 [ 31.987647] kasan_atomics_helper+0x1ce2/0x5450 [ 31.988606] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.989338] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.989754] ? kasan_atomics+0x153/0x310 [ 31.990554] kasan_atomics+0x1dd/0x310 [ 31.991017] ? __pfx_kasan_atomics+0x10/0x10 [ 31.991766] ? __pfx_read_tsc+0x10/0x10 [ 31.992540] ? ktime_get_ts64+0x84/0x230 [ 31.993012] kunit_try_run_case+0x1b3/0x490 [ 31.993704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.994457] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.994917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.995800] ? __kthread_parkme+0x82/0x160 [ 31.996218] ? preempt_count_sub+0x50/0x80 [ 31.996423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.996638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.996887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.997338] kthread+0x257/0x310 [ 31.998011] ? __pfx_kthread+0x10/0x10 [ 31.998664] ret_from_fork+0x41/0x80 [ 31.999458] ? __pfx_kthread+0x10/0x10 [ 32.000309] ret_from_fork_asm+0x1a/0x30 [ 32.001234] </TASK> [ 32.001438] [ 32.001797] Allocated by task 273: [ 32.002649] kasan_save_stack+0x3d/0x60 [ 32.003137] kasan_save_track+0x18/0x40 [ 32.003955] kasan_save_alloc_info+0x3b/0x50 [ 32.004858] __kasan_kmalloc+0xb7/0xc0 [ 32.005174] __kmalloc_cache_noprof+0x184/0x410 [ 32.005939] kasan_atomics+0x96/0x310 [ 32.006431] kunit_try_run_case+0x1b3/0x490 [ 32.006795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.007736] kthread+0x257/0x310 [ 32.008447] ret_from_fork+0x41/0x80 [ 32.008815] ret_from_fork_asm+0x1a/0x30 [ 32.009410] [ 32.009614] The buggy address belongs to the object at ffff888101aba780 [ 32.009614] which belongs to the cache kmalloc-64 of size 64 [ 32.011498] The buggy address is located 0 bytes to the right of [ 32.011498] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.012034] [ 32.012348] The buggy address belongs to the physical page: [ 32.013656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.014407] flags: 0x200000000000000(node=0|zone=2) [ 32.014849] page_type: f5(slab) [ 32.015183] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.015820] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.017071] page dumped because: kasan: bad access detected [ 32.017928] [ 32.018308] Memory state around the buggy address: [ 32.018809] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.019816] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.020969] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.021925] ^ [ 32.022570] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.023442] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.024186] ================================================================== [ 31.884652] ================================================================== [ 31.886241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 31.886867] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.887791] [ 31.888066] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.889937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.890468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.892143] Call Trace: [ 31.892376] <TASK> [ 31.892802] dump_stack_lvl+0x73/0xb0 [ 31.893348] print_report+0xd1/0x640 [ 31.893842] ? __virt_addr_valid+0x1db/0x2d0 [ 31.894309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.895172] kasan_report+0x102/0x140 [ 31.896260] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.896776] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.897500] kasan_check_range+0x10c/0x1c0 [ 31.898030] __kasan_check_write+0x18/0x20 [ 31.898808] kasan_atomics_helper+0x1c19/0x5450 [ 31.899228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.899804] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.900343] ? kasan_atomics+0x153/0x310 [ 31.900660] kasan_atomics+0x1dd/0x310 [ 31.901209] ? __pfx_kasan_atomics+0x10/0x10 [ 31.901864] ? __pfx_read_tsc+0x10/0x10 [ 31.902360] ? ktime_get_ts64+0x84/0x230 [ 31.902665] kunit_try_run_case+0x1b3/0x490 [ 31.903382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.903927] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.904454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.904809] ? __kthread_parkme+0x82/0x160 [ 31.905550] ? preempt_count_sub+0x50/0x80 [ 31.906080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.906640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.907524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.907909] kthread+0x257/0x310 [ 31.908432] ? __pfx_kthread+0x10/0x10 [ 31.908813] ret_from_fork+0x41/0x80 [ 31.909371] ? __pfx_kthread+0x10/0x10 [ 31.909851] ret_from_fork_asm+0x1a/0x30 [ 31.910448] </TASK> [ 31.910832] [ 31.911239] Allocated by task 273: [ 31.911795] kasan_save_stack+0x3d/0x60 [ 31.912225] kasan_save_track+0x18/0x40 [ 31.912814] kasan_save_alloc_info+0x3b/0x50 [ 31.913262] __kasan_kmalloc+0xb7/0xc0 [ 31.913657] __kmalloc_cache_noprof+0x184/0x410 [ 31.914189] kasan_atomics+0x96/0x310 [ 31.914692] kunit_try_run_case+0x1b3/0x490 [ 31.915258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.915853] kthread+0x257/0x310 [ 31.916394] ret_from_fork+0x41/0x80 [ 31.916673] ret_from_fork_asm+0x1a/0x30 [ 31.917254] [ 31.917675] The buggy address belongs to the object at ffff888101aba780 [ 31.917675] which belongs to the cache kmalloc-64 of size 64 [ 31.918575] The buggy address is located 0 bytes to the right of [ 31.918575] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.919927] [ 31.920534] The buggy address belongs to the physical page: [ 31.920873] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.921828] flags: 0x200000000000000(node=0|zone=2) [ 31.922370] page_type: f5(slab) [ 31.922854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.923663] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.924606] page dumped because: kasan: bad access detected [ 31.925146] [ 31.925462] Memory state around the buggy address: [ 31.926099] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.926759] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.927707] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.928405] ^ [ 31.929001] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.929636] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.930319] ================================================================== [ 32.066773] ================================================================== [ 32.067469] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 32.068267] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.068876] [ 32.069372] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.070072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.070514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.072254] Call Trace: [ 32.072617] <TASK> [ 32.072942] dump_stack_lvl+0x73/0xb0 [ 32.073613] print_report+0xd1/0x640 [ 32.073804] ? __virt_addr_valid+0x1db/0x2d0 [ 32.074078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.075210] kasan_report+0x102/0x140 [ 32.076096] ? kasan_atomics_helper+0x1e13/0x5450 [ 32.077064] ? kasan_atomics_helper+0x1e13/0x5450 [ 32.077406] kasan_check_range+0x10c/0x1c0 [ 32.077710] __kasan_check_write+0x18/0x20 [ 32.078082] kasan_atomics_helper+0x1e13/0x5450 [ 32.078804] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.079632] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.080430] ? kasan_atomics+0x153/0x310 [ 32.080811] kasan_atomics+0x1dd/0x310 [ 32.081737] ? __pfx_kasan_atomics+0x10/0x10 [ 32.082925] ? __pfx_read_tsc+0x10/0x10 [ 32.083382] ? ktime_get_ts64+0x84/0x230 [ 32.083834] kunit_try_run_case+0x1b3/0x490 [ 32.084267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.084604] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.085154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.085626] ? __kthread_parkme+0x82/0x160 [ 32.086014] ? preempt_count_sub+0x50/0x80 [ 32.086428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.086875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.087485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.088134] kthread+0x257/0x310 [ 32.088553] ? __pfx_kthread+0x10/0x10 [ 32.088977] ret_from_fork+0x41/0x80 [ 32.089499] ? __pfx_kthread+0x10/0x10 [ 32.089808] ret_from_fork_asm+0x1a/0x30 [ 32.090376] </TASK> [ 32.090678] [ 32.090921] Allocated by task 273: [ 32.091314] kasan_save_stack+0x3d/0x60 [ 32.091694] kasan_save_track+0x18/0x40 [ 32.092061] kasan_save_alloc_info+0x3b/0x50 [ 32.092597] __kasan_kmalloc+0xb7/0xc0 [ 32.093072] __kmalloc_cache_noprof+0x184/0x410 [ 32.093379] kasan_atomics+0x96/0x310 [ 32.093845] kunit_try_run_case+0x1b3/0x490 [ 32.094301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.094775] kthread+0x257/0x310 [ 32.095261] ret_from_fork+0x41/0x80 [ 32.095745] ret_from_fork_asm+0x1a/0x30 [ 32.096224] [ 32.096459] The buggy address belongs to the object at ffff888101aba780 [ 32.096459] which belongs to the cache kmalloc-64 of size 64 [ 32.097178] The buggy address is located 0 bytes to the right of [ 32.097178] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.098427] [ 32.098587] The buggy address belongs to the physical page: [ 32.099196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.100046] flags: 0x200000000000000(node=0|zone=2) [ 32.100453] page_type: f5(slab) [ 32.100799] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.101353] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.102266] page dumped because: kasan: bad access detected [ 32.102784] [ 32.103046] Memory state around the buggy address: [ 32.103459] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.104077] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.104592] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.105276] ^ [ 32.105793] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.106455] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.106979] ================================================================== [ 32.481874] ================================================================== [ 32.482864] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 32.483625] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.484571] [ 32.484796] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.486501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.486855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.487864] Call Trace: [ 32.488278] <TASK> [ 32.488514] dump_stack_lvl+0x73/0xb0 [ 32.488943] print_report+0xd1/0x640 [ 32.489523] ? __virt_addr_valid+0x1db/0x2d0 [ 32.490524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.491357] kasan_report+0x102/0x140 [ 32.491964] ? kasan_atomics_helper+0x224d/0x5450 [ 32.492529] ? kasan_atomics_helper+0x224d/0x5450 [ 32.493371] kasan_check_range+0x10c/0x1c0 [ 32.493881] __kasan_check_write+0x18/0x20 [ 32.494865] kasan_atomics_helper+0x224d/0x5450 [ 32.495928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.496526] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.496965] ? kasan_atomics+0x153/0x310 [ 32.497872] kasan_atomics+0x1dd/0x310 [ 32.498623] ? __pfx_kasan_atomics+0x10/0x10 [ 32.499039] ? __pfx_read_tsc+0x10/0x10 [ 32.499658] ? ktime_get_ts64+0x84/0x230 [ 32.500608] kunit_try_run_case+0x1b3/0x490 [ 32.501036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.501782] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.502550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.503020] ? __kthread_parkme+0x82/0x160 [ 32.503722] ? preempt_count_sub+0x50/0x80 [ 32.504526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.505594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.506266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.506522] kthread+0x257/0x310 [ 32.506690] ? __pfx_kthread+0x10/0x10 [ 32.506873] ret_from_fork+0x41/0x80 [ 32.507122] ? __pfx_kthread+0x10/0x10 [ 32.507409] ret_from_fork_asm+0x1a/0x30 [ 32.508003] </TASK> [ 32.508814] [ 32.509223] Allocated by task 273: [ 32.509483] kasan_save_stack+0x3d/0x60 [ 32.509869] kasan_save_track+0x18/0x40 [ 32.510564] kasan_save_alloc_info+0x3b/0x50 [ 32.511282] __kasan_kmalloc+0xb7/0xc0 [ 32.511679] __kmalloc_cache_noprof+0x184/0x410 [ 32.512952] kasan_atomics+0x96/0x310 [ 32.513372] kunit_try_run_case+0x1b3/0x490 [ 32.514029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.514858] kthread+0x257/0x310 [ 32.515788] ret_from_fork+0x41/0x80 [ 32.516244] ret_from_fork_asm+0x1a/0x30 [ 32.516525] [ 32.517036] The buggy address belongs to the object at ffff888101aba780 [ 32.517036] which belongs to the cache kmalloc-64 of size 64 [ 32.518202] The buggy address is located 0 bytes to the right of [ 32.518202] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.519275] [ 32.519558] The buggy address belongs to the physical page: [ 32.520135] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.521001] flags: 0x200000000000000(node=0|zone=2) [ 32.521943] page_type: f5(slab) [ 32.522649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.523889] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.524923] page dumped because: kasan: bad access detected [ 32.525474] [ 32.525709] Memory state around the buggy address: [ 32.526921] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.527760] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.528824] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.529810] ^ [ 32.530127] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.530953] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.531875] ================================================================== [ 31.052697] ================================================================== [ 31.053461] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 31.054209] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.054747] [ 31.054915] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.056203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.056617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.057459] Call Trace: [ 31.057669] <TASK> [ 31.057956] dump_stack_lvl+0x73/0xb0 [ 31.058627] print_report+0xd1/0x640 [ 31.059180] ? __virt_addr_valid+0x1db/0x2d0 [ 31.059582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.060387] kasan_report+0x102/0x140 [ 31.060833] ? kasan_atomics_helper+0x49ea/0x5450 [ 31.061748] ? kasan_atomics_helper+0x49ea/0x5450 [ 31.062478] __asan_report_load4_noabort+0x18/0x20 [ 31.063088] kasan_atomics_helper+0x49ea/0x5450 [ 31.063605] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.064240] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.064658] ? kasan_atomics+0x153/0x310 [ 31.065308] kasan_atomics+0x1dd/0x310 [ 31.065691] ? __pfx_kasan_atomics+0x10/0x10 [ 31.066327] ? __pfx_read_tsc+0x10/0x10 [ 31.066903] ? ktime_get_ts64+0x84/0x230 [ 31.067498] kunit_try_run_case+0x1b3/0x490 [ 31.067996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.068665] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.069141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.069806] ? __kthread_parkme+0x82/0x160 [ 31.070206] ? preempt_count_sub+0x50/0x80 [ 31.070820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.071266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.071850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.072461] kthread+0x257/0x310 [ 31.072835] ? __pfx_kthread+0x10/0x10 [ 31.073415] ret_from_fork+0x41/0x80 [ 31.073887] ? __pfx_kthread+0x10/0x10 [ 31.074357] ret_from_fork_asm+0x1a/0x30 [ 31.074915] </TASK> [ 31.075319] [ 31.075481] Allocated by task 273: [ 31.075894] kasan_save_stack+0x3d/0x60 [ 31.076380] kasan_save_track+0x18/0x40 [ 31.076733] kasan_save_alloc_info+0x3b/0x50 [ 31.077365] __kasan_kmalloc+0xb7/0xc0 [ 31.077701] __kmalloc_cache_noprof+0x184/0x410 [ 31.078437] kasan_atomics+0x96/0x310 [ 31.078761] kunit_try_run_case+0x1b3/0x490 [ 31.079265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.079801] kthread+0x257/0x310 [ 31.080338] ret_from_fork+0x41/0x80 [ 31.080673] ret_from_fork_asm+0x1a/0x30 [ 31.081227] [ 31.081507] The buggy address belongs to the object at ffff888101aba780 [ 31.081507] which belongs to the cache kmalloc-64 of size 64 [ 31.082589] The buggy address is located 0 bytes to the right of [ 31.082589] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.083778] [ 31.084094] The buggy address belongs to the physical page: [ 31.084649] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.085437] flags: 0x200000000000000(node=0|zone=2) [ 31.085976] page_type: f5(slab) [ 31.086437] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.087186] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.087958] page dumped because: kasan: bad access detected [ 31.088548] [ 31.088814] Memory state around the buggy address: [ 31.089301] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.090073] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.090771] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.091577] ^ [ 31.092235] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.092769] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.093426] ================================================================== [ 29.750913] ================================================================== [ 29.751515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 29.752594] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.754011] [ 29.754288] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.756225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.757363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.758111] Call Trace: [ 29.759244] <TASK> [ 29.759461] dump_stack_lvl+0x73/0xb0 [ 29.759873] print_report+0xd1/0x640 [ 29.760310] ? __virt_addr_valid+0x1db/0x2d0 [ 29.760719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.761507] kasan_report+0x102/0x140 [ 29.762513] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.763617] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.764466] kasan_check_range+0x10c/0x1c0 [ 29.765006] __kasan_check_read+0x15/0x20 [ 29.765808] kasan_atomics_helper+0x3e0/0x5450 [ 29.766584] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.767529] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.768545] ? kasan_atomics+0x153/0x310 [ 29.769223] kasan_atomics+0x1dd/0x310 [ 29.770262] ? __pfx_kasan_atomics+0x10/0x10 [ 29.770928] ? __pfx_read_tsc+0x10/0x10 [ 29.771485] ? ktime_get_ts64+0x84/0x230 [ 29.771885] kunit_try_run_case+0x1b3/0x490 [ 29.772263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.772796] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.773352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.774406] ? __kthread_parkme+0x82/0x160 [ 29.774686] ? preempt_count_sub+0x50/0x80 [ 29.775488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.776104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.776722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.777481] kthread+0x257/0x310 [ 29.777812] ? __pfx_kthread+0x10/0x10 [ 29.778623] ret_from_fork+0x41/0x80 [ 29.779103] ? __pfx_kthread+0x10/0x10 [ 29.779647] ret_from_fork_asm+0x1a/0x30 [ 29.780281] </TASK> [ 29.780666] [ 29.780845] Allocated by task 273: [ 29.781430] kasan_save_stack+0x3d/0x60 [ 29.781846] kasan_save_track+0x18/0x40 [ 29.782466] kasan_save_alloc_info+0x3b/0x50 [ 29.783356] __kasan_kmalloc+0xb7/0xc0 [ 29.783854] __kmalloc_cache_noprof+0x184/0x410 [ 29.784550] kasan_atomics+0x96/0x310 [ 29.785217] kunit_try_run_case+0x1b3/0x490 [ 29.785611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.786439] kthread+0x257/0x310 [ 29.786805] ret_from_fork+0x41/0x80 [ 29.787545] ret_from_fork_asm+0x1a/0x30 [ 29.788121] [ 29.788301] The buggy address belongs to the object at ffff888101aba780 [ 29.788301] which belongs to the cache kmalloc-64 of size 64 [ 29.789462] The buggy address is located 0 bytes to the right of [ 29.789462] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.790819] [ 29.791279] The buggy address belongs to the physical page: [ 29.791770] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.792772] flags: 0x200000000000000(node=0|zone=2) [ 29.793508] page_type: f5(slab) [ 29.793879] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.795107] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.795759] page dumped because: kasan: bad access detected [ 29.796550] [ 29.796769] Memory state around the buggy address: [ 29.797457] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.798115] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.798751] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.799357] ^ [ 29.799879] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.800937] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.801669] ================================================================== [ 31.408243] ================================================================== [ 31.409380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 31.410227] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 31.410855] [ 31.411215] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 31.412077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.412436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.413462] Call Trace: [ 31.413753] <TASK> [ 31.413962] dump_stack_lvl+0x73/0xb0 [ 31.414542] print_report+0xd1/0x640 [ 31.414956] ? __virt_addr_valid+0x1db/0x2d0 [ 31.415432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.416100] kasan_report+0x102/0x140 [ 31.416514] ? kasan_atomics_helper+0x15b7/0x5450 [ 31.417145] ? kasan_atomics_helper+0x15b7/0x5450 [ 31.417658] kasan_check_range+0x10c/0x1c0 [ 31.418083] __kasan_check_write+0x18/0x20 [ 31.418827] kasan_atomics_helper+0x15b7/0x5450 [ 31.419460] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.419924] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.420522] ? kasan_atomics+0x153/0x310 [ 31.421102] kasan_atomics+0x1dd/0x310 [ 31.421444] ? __pfx_kasan_atomics+0x10/0x10 [ 31.421905] ? __pfx_read_tsc+0x10/0x10 [ 31.422444] ? ktime_get_ts64+0x84/0x230 [ 31.422895] kunit_try_run_case+0x1b3/0x490 [ 31.423631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.424312] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.424657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.425501] ? __kthread_parkme+0x82/0x160 [ 31.425807] ? preempt_count_sub+0x50/0x80 [ 31.426467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.426967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.427668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.428765] kthread+0x257/0x310 [ 31.429656] ? __pfx_kthread+0x10/0x10 [ 31.430087] ret_from_fork+0x41/0x80 [ 31.430570] ? __pfx_kthread+0x10/0x10 [ 31.431212] ret_from_fork_asm+0x1a/0x30 [ 31.432177] </TASK> [ 31.432401] [ 31.432597] Allocated by task 273: [ 31.433283] kasan_save_stack+0x3d/0x60 [ 31.433718] kasan_save_track+0x18/0x40 [ 31.434648] kasan_save_alloc_info+0x3b/0x50 [ 31.435259] __kasan_kmalloc+0xb7/0xc0 [ 31.435755] __kmalloc_cache_noprof+0x184/0x410 [ 31.436586] kasan_atomics+0x96/0x310 [ 31.437292] kunit_try_run_case+0x1b3/0x490 [ 31.437707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.438529] kthread+0x257/0x310 [ 31.439147] ret_from_fork+0x41/0x80 [ 31.439717] ret_from_fork_asm+0x1a/0x30 [ 31.440124] [ 31.440689] The buggy address belongs to the object at ffff888101aba780 [ 31.440689] which belongs to the cache kmalloc-64 of size 64 [ 31.441758] The buggy address is located 0 bytes to the right of [ 31.441758] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 31.443633] [ 31.443852] The buggy address belongs to the physical page: [ 31.444893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 31.445801] flags: 0x200000000000000(node=0|zone=2) [ 31.446591] page_type: f5(slab) [ 31.446963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.447816] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 31.448896] page dumped because: kasan: bad access detected [ 31.449315] [ 31.449419] Memory state around the buggy address: [ 31.449617] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.449888] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.450216] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.450498] ^ [ 31.450701] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.450968] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.452382] ================================================================== [ 29.702687] ================================================================== [ 29.703235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 29.704112] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.705084] [ 29.705299] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.706688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.707056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.708406] Call Trace: [ 29.708755] <TASK> [ 29.709125] dump_stack_lvl+0x73/0xb0 [ 29.709738] print_report+0xd1/0x640 [ 29.710197] ? __virt_addr_valid+0x1db/0x2d0 [ 29.710821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.711484] kasan_report+0x102/0x140 [ 29.712356] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.712843] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.713401] __asan_report_store4_noabort+0x1b/0x30 [ 29.714112] kasan_atomics_helper+0x4b70/0x5450 [ 29.714672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.715159] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.715818] ? kasan_atomics+0x153/0x310 [ 29.716944] kasan_atomics+0x1dd/0x310 [ 29.717374] ? __pfx_kasan_atomics+0x10/0x10 [ 29.717790] ? __pfx_read_tsc+0x10/0x10 [ 29.719089] ? ktime_get_ts64+0x84/0x230 [ 29.719743] kunit_try_run_case+0x1b3/0x490 [ 29.720760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.721448] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.722061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.722543] ? __kthread_parkme+0x82/0x160 [ 29.722956] ? preempt_count_sub+0x50/0x80 [ 29.723469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.724246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.725048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.725624] kthread+0x257/0x310 [ 29.726107] ? __pfx_kthread+0x10/0x10 [ 29.726538] ret_from_fork+0x41/0x80 [ 29.727054] ? __pfx_kthread+0x10/0x10 [ 29.727748] ret_from_fork_asm+0x1a/0x30 [ 29.728305] </TASK> [ 29.728706] [ 29.728937] Allocated by task 273: [ 29.729655] kasan_save_stack+0x3d/0x60 [ 29.729932] kasan_save_track+0x18/0x40 [ 29.730489] kasan_save_alloc_info+0x3b/0x50 [ 29.731347] __kasan_kmalloc+0xb7/0xc0 [ 29.731620] __kmalloc_cache_noprof+0x184/0x410 [ 29.732474] kasan_atomics+0x96/0x310 [ 29.733344] kunit_try_run_case+0x1b3/0x490 [ 29.733698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.734500] kthread+0x257/0x310 [ 29.734760] ret_from_fork+0x41/0x80 [ 29.735440] ret_from_fork_asm+0x1a/0x30 [ 29.735883] [ 29.736060] The buggy address belongs to the object at ffff888101aba780 [ 29.736060] which belongs to the cache kmalloc-64 of size 64 [ 29.737553] The buggy address is located 0 bytes to the right of [ 29.737553] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.738637] [ 29.738890] The buggy address belongs to the physical page: [ 29.739280] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.740550] flags: 0x200000000000000(node=0|zone=2) [ 29.740865] page_type: f5(slab) [ 29.741607] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.742463] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.743179] page dumped because: kasan: bad access detected [ 29.743976] [ 29.744179] Memory state around the buggy address: [ 29.744830] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.745850] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.746840] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.747557] ^ [ 29.748136] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.748923] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.749906] ================================================================== [ 30.155229] ================================================================== [ 30.155783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 30.156616] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.157779] [ 30.157955] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.158804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.159318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.160021] Call Trace: [ 30.160364] <TASK> [ 30.160581] dump_stack_lvl+0x73/0xb0 [ 30.160917] print_report+0xd1/0x640 [ 30.161646] ? __virt_addr_valid+0x1db/0x2d0 [ 30.162018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.162400] kasan_report+0x102/0x140 [ 30.162693] ? kasan_atomics_helper+0x7c8/0x5450 [ 30.163229] ? kasan_atomics_helper+0x7c8/0x5450 [ 30.163834] kasan_check_range+0x10c/0x1c0 [ 30.164575] __kasan_check_write+0x18/0x20 [ 30.164876] kasan_atomics_helper+0x7c8/0x5450 [ 30.165223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.165784] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.166558] ? kasan_atomics+0x153/0x310 [ 30.167120] kasan_atomics+0x1dd/0x310 [ 30.167586] ? __pfx_kasan_atomics+0x10/0x10 [ 30.168016] ? __pfx_read_tsc+0x10/0x10 [ 30.168482] ? ktime_get_ts64+0x84/0x230 [ 30.168781] kunit_try_run_case+0x1b3/0x490 [ 30.169532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.169910] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.170504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.171088] ? __kthread_parkme+0x82/0x160 [ 30.171551] ? preempt_count_sub+0x50/0x80 [ 30.171862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.172521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.173227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.173591] kthread+0x257/0x310 [ 30.174196] ? __pfx_kthread+0x10/0x10 [ 30.174670] ret_from_fork+0x41/0x80 [ 30.175241] ? __pfx_kthread+0x10/0x10 [ 30.175553] ret_from_fork_asm+0x1a/0x30 [ 30.176014] </TASK> [ 30.176305] [ 30.176618] Allocated by task 273: [ 30.176968] kasan_save_stack+0x3d/0x60 [ 30.177300] kasan_save_track+0x18/0x40 [ 30.177582] kasan_save_alloc_info+0x3b/0x50 [ 30.178116] __kasan_kmalloc+0xb7/0xc0 [ 30.178652] __kmalloc_cache_noprof+0x184/0x410 [ 30.178965] kasan_atomics+0x96/0x310 [ 30.179263] kunit_try_run_case+0x1b3/0x490 [ 30.179943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.180578] kthread+0x257/0x310 [ 30.181015] ret_from_fork+0x41/0x80 [ 30.181292] ret_from_fork_asm+0x1a/0x30 [ 30.181576] [ 30.181737] The buggy address belongs to the object at ffff888101aba780 [ 30.181737] which belongs to the cache kmalloc-64 of size 64 [ 30.183328] The buggy address is located 0 bytes to the right of [ 30.183328] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.184229] [ 30.184488] The buggy address belongs to the physical page: [ 30.185108] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.185713] flags: 0x200000000000000(node=0|zone=2) [ 30.186337] page_type: f5(slab) [ 30.186638] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.187136] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.187961] page dumped because: kasan: bad access detected [ 30.188620] [ 30.188857] Memory state around the buggy address: [ 30.189290] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.189711] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.190146] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.190934] ^ [ 30.191538] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.192563] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.193178] ================================================================== [ 29.851620] ================================================================== [ 29.852338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 29.853327] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.854016] [ 29.854677] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.855892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.856782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.857783] Call Trace: [ 29.858553] <TASK> [ 29.858874] dump_stack_lvl+0x73/0xb0 [ 29.859473] print_report+0xd1/0x640 [ 29.860113] ? __virt_addr_valid+0x1db/0x2d0 [ 29.860522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.861339] kasan_report+0x102/0x140 [ 29.862040] ? kasan_atomics_helper+0x4a1/0x5450 [ 29.862713] ? kasan_atomics_helper+0x4a1/0x5450 [ 29.863537] kasan_check_range+0x10c/0x1c0 [ 29.864199] __kasan_check_write+0x18/0x20 [ 29.865142] kasan_atomics_helper+0x4a1/0x5450 [ 29.865716] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.866583] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.867242] ? kasan_atomics+0x153/0x310 [ 29.868088] kasan_atomics+0x1dd/0x310 [ 29.868568] ? __pfx_kasan_atomics+0x10/0x10 [ 29.869306] ? __pfx_read_tsc+0x10/0x10 [ 29.869767] ? ktime_get_ts64+0x84/0x230 [ 29.870380] kunit_try_run_case+0x1b3/0x490 [ 29.870946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.871764] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.872316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.872906] ? __kthread_parkme+0x82/0x160 [ 29.873603] ? preempt_count_sub+0x50/0x80 [ 29.874138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.875286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.876114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.876721] kthread+0x257/0x310 [ 29.877216] ? __pfx_kthread+0x10/0x10 [ 29.877738] ret_from_fork+0x41/0x80 [ 29.878269] ? __pfx_kthread+0x10/0x10 [ 29.878980] ret_from_fork_asm+0x1a/0x30 [ 29.880014] </TASK> [ 29.880251] [ 29.880691] Allocated by task 273: [ 29.881119] kasan_save_stack+0x3d/0x60 [ 29.881810] kasan_save_track+0x18/0x40 [ 29.882306] kasan_save_alloc_info+0x3b/0x50 [ 29.883567] __kasan_kmalloc+0xb7/0xc0 [ 29.884066] __kmalloc_cache_noprof+0x184/0x410 [ 29.884920] kasan_atomics+0x96/0x310 [ 29.885471] kunit_try_run_case+0x1b3/0x490 [ 29.886194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.886740] kthread+0x257/0x310 [ 29.887217] ret_from_fork+0x41/0x80 [ 29.887669] ret_from_fork_asm+0x1a/0x30 [ 29.888646] [ 29.888804] The buggy address belongs to the object at ffff888101aba780 [ 29.888804] which belongs to the cache kmalloc-64 of size 64 [ 29.890262] The buggy address is located 0 bytes to the right of [ 29.890262] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.891904] [ 29.892480] The buggy address belongs to the physical page: [ 29.893481] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.894179] flags: 0x200000000000000(node=0|zone=2) [ 29.894906] page_type: f5(slab) [ 29.895410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.896372] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.897709] page dumped because: kasan: bad access detected [ 29.898311] [ 29.898584] Memory state around the buggy address: [ 29.899134] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.900009] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.900939] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.902073] ^ [ 29.902814] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.903695] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.904604] ================================================================== [ 29.652953] ================================================================== [ 29.654250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 29.654952] Read of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 29.655998] [ 29.656301] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.657372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.657907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.658855] Call Trace: [ 29.659321] <TASK> [ 29.659725] dump_stack_lvl+0x73/0xb0 [ 29.660469] print_report+0xd1/0x640 [ 29.660951] ? __virt_addr_valid+0x1db/0x2d0 [ 29.661400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.662394] kasan_report+0x102/0x140 [ 29.662779] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.663404] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.664458] __asan_report_load4_noabort+0x18/0x20 [ 29.665081] kasan_atomics_helper+0x4b8a/0x5450 [ 29.665626] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.666302] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.666764] ? kasan_atomics+0x153/0x310 [ 29.667613] kasan_atomics+0x1dd/0x310 [ 29.667909] ? __pfx_kasan_atomics+0x10/0x10 [ 29.668411] ? __pfx_read_tsc+0x10/0x10 [ 29.669314] ? ktime_get_ts64+0x84/0x230 [ 29.669829] kunit_try_run_case+0x1b3/0x490 [ 29.670285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.670779] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.671310] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.672194] ? __kthread_parkme+0x82/0x160 [ 29.672568] ? preempt_count_sub+0x50/0x80 [ 29.673193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.673698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.674715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.675593] kthread+0x257/0x310 [ 29.676093] ? __pfx_kthread+0x10/0x10 [ 29.676776] ret_from_fork+0x41/0x80 [ 29.677476] ? __pfx_kthread+0x10/0x10 [ 29.677881] ret_from_fork_asm+0x1a/0x30 [ 29.679274] </TASK> [ 29.679503] [ 29.679646] Allocated by task 273: [ 29.680092] kasan_save_stack+0x3d/0x60 [ 29.680638] kasan_save_track+0x18/0x40 [ 29.681204] kasan_save_alloc_info+0x3b/0x50 [ 29.681882] __kasan_kmalloc+0xb7/0xc0 [ 29.682396] __kmalloc_cache_noprof+0x184/0x410 [ 29.683351] kasan_atomics+0x96/0x310 [ 29.683812] kunit_try_run_case+0x1b3/0x490 [ 29.684287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.685195] kthread+0x257/0x310 [ 29.685559] ret_from_fork+0x41/0x80 [ 29.686296] ret_from_fork_asm+0x1a/0x30 [ 29.686657] [ 29.687196] The buggy address belongs to the object at ffff888101aba780 [ 29.687196] which belongs to the cache kmalloc-64 of size 64 [ 29.688331] The buggy address is located 0 bytes to the right of [ 29.688331] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 29.689602] [ 29.690139] The buggy address belongs to the physical page: [ 29.690510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.691569] flags: 0x200000000000000(node=0|zone=2) [ 29.692510] page_type: f5(slab) [ 29.692891] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.693703] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 29.694766] page dumped because: kasan: bad access detected [ 29.695485] [ 29.695661] Memory state around the buggy address: [ 29.696524] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.697556] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.698430] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.699117] ^ [ 29.699799] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.700790] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.701777] ================================================================== [ 30.238560] ================================================================== [ 30.240272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 30.240865] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.241450] [ 30.241656] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.242285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.242978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.243910] Call Trace: [ 30.244399] <TASK> [ 30.244783] dump_stack_lvl+0x73/0xb0 [ 30.245322] print_report+0xd1/0x640 [ 30.245692] ? __virt_addr_valid+0x1db/0x2d0 [ 30.246250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.246942] kasan_report+0x102/0x140 [ 30.247331] ? kasan_atomics_helper+0x8fa/0x5450 [ 30.247894] ? kasan_atomics_helper+0x8fa/0x5450 [ 30.248597] kasan_check_range+0x10c/0x1c0 [ 30.249084] __kasan_check_write+0x18/0x20 [ 30.249441] kasan_atomics_helper+0x8fa/0x5450 [ 30.249869] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.250865] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.251619] ? kasan_atomics+0x153/0x310 [ 30.252607] kasan_atomics+0x1dd/0x310 [ 30.252810] ? __pfx_kasan_atomics+0x10/0x10 [ 30.253120] ? __pfx_read_tsc+0x10/0x10 [ 30.254004] ? ktime_get_ts64+0x84/0x230 [ 30.254358] kunit_try_run_case+0x1b3/0x490 [ 30.254570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.254783] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.255230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.255884] ? __kthread_parkme+0x82/0x160 [ 30.256935] ? preempt_count_sub+0x50/0x80 [ 30.257353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.258165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.258896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.259667] kthread+0x257/0x310 [ 30.259931] ? __pfx_kthread+0x10/0x10 [ 30.260496] ret_from_fork+0x41/0x80 [ 30.261192] ? __pfx_kthread+0x10/0x10 [ 30.261806] ret_from_fork_asm+0x1a/0x30 [ 30.262481] </TASK> [ 30.262792] [ 30.263196] Allocated by task 273: [ 30.263613] kasan_save_stack+0x3d/0x60 [ 30.264002] kasan_save_track+0x18/0x40 [ 30.264660] kasan_save_alloc_info+0x3b/0x50 [ 30.265161] __kasan_kmalloc+0xb7/0xc0 [ 30.265673] __kmalloc_cache_noprof+0x184/0x410 [ 30.266568] kasan_atomics+0x96/0x310 [ 30.267198] kunit_try_run_case+0x1b3/0x490 [ 30.267752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.268216] kthread+0x257/0x310 [ 30.268752] ret_from_fork+0x41/0x80 [ 30.269361] ret_from_fork_asm+0x1a/0x30 [ 30.269888] [ 30.270363] The buggy address belongs to the object at ffff888101aba780 [ 30.270363] which belongs to the cache kmalloc-64 of size 64 [ 30.271739] The buggy address is located 0 bytes to the right of [ 30.271739] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.273283] [ 30.273507] The buggy address belongs to the physical page: [ 30.274078] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.275637] flags: 0x200000000000000(node=0|zone=2) [ 30.276061] page_type: f5(slab) [ 30.276478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.277538] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.278486] page dumped because: kasan: bad access detected [ 30.279355] [ 30.279564] Memory state around the buggy address: [ 30.279860] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.280751] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.281377] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.281651] ^ [ 30.281850] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.282223] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.283372] ================================================================== [ 32.392309] ================================================================== [ 32.393053] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 32.393725] Write of size 8 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 32.396635] [ 32.396835] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.398338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.398649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.399556] Call Trace: [ 32.399899] <TASK> [ 32.400325] dump_stack_lvl+0x73/0xb0 [ 32.400872] print_report+0xd1/0x640 [ 32.401306] ? __virt_addr_valid+0x1db/0x2d0 [ 32.401795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.402227] kasan_report+0x102/0x140 [ 32.403042] ? kasan_atomics_helper+0x218b/0x5450 [ 32.403693] ? kasan_atomics_helper+0x218b/0x5450 [ 32.404218] kasan_check_range+0x10c/0x1c0 [ 32.404834] __kasan_check_write+0x18/0x20 [ 32.405297] kasan_atomics_helper+0x218b/0x5450 [ 32.406024] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.406636] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.407171] ? kasan_atomics+0x153/0x310 [ 32.407378] kasan_atomics+0x1dd/0x310 [ 32.407567] ? __pfx_kasan_atomics+0x10/0x10 [ 32.407771] ? __pfx_read_tsc+0x10/0x10 [ 32.407950] ? ktime_get_ts64+0x84/0x230 [ 32.408422] kunit_try_run_case+0x1b3/0x490 [ 32.409191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.410015] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.410624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.411147] ? __kthread_parkme+0x82/0x160 [ 32.411778] ? preempt_count_sub+0x50/0x80 [ 32.412376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.412945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.413559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.414319] kthread+0x257/0x310 [ 32.414636] ? __pfx_kthread+0x10/0x10 [ 32.415078] ret_from_fork+0x41/0x80 [ 32.415473] ? __pfx_kthread+0x10/0x10 [ 32.415845] ret_from_fork_asm+0x1a/0x30 [ 32.416387] </TASK> [ 32.416580] [ 32.416737] Allocated by task 273: [ 32.417312] kasan_save_stack+0x3d/0x60 [ 32.417874] kasan_save_track+0x18/0x40 [ 32.418398] kasan_save_alloc_info+0x3b/0x50 [ 32.418855] __kasan_kmalloc+0xb7/0xc0 [ 32.419203] __kmalloc_cache_noprof+0x184/0x410 [ 32.419856] kasan_atomics+0x96/0x310 [ 32.420457] kunit_try_run_case+0x1b3/0x490 [ 32.421119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.421811] kthread+0x257/0x310 [ 32.422262] ret_from_fork+0x41/0x80 [ 32.422767] ret_from_fork_asm+0x1a/0x30 [ 32.423386] [ 32.423564] The buggy address belongs to the object at ffff888101aba780 [ 32.423564] which belongs to the cache kmalloc-64 of size 64 [ 32.424870] The buggy address is located 0 bytes to the right of [ 32.424870] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 32.426175] [ 32.426340] The buggy address belongs to the physical page: [ 32.427162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 32.428079] flags: 0x200000000000000(node=0|zone=2) [ 32.428633] page_type: f5(slab) [ 32.429138] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.429839] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 32.430653] page dumped because: kasan: bad access detected [ 32.431297] [ 32.431636] Memory state around the buggy address: [ 32.432201] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.432906] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.433718] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.434499] ^ [ 32.434975] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.435661] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.436449] ================================================================== [ 30.340905] ================================================================== [ 30.341582] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 30.343377] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.343938] [ 30.344279] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.345547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.345902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.347423] Call Trace: [ 30.347577] <TASK> [ 30.347702] dump_stack_lvl+0x73/0xb0 [ 30.347891] print_report+0xd1/0x640 [ 30.348263] ? __virt_addr_valid+0x1db/0x2d0 [ 30.349316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.350005] kasan_report+0x102/0x140 [ 30.350887] ? kasan_atomics_helper+0xa2c/0x5450 [ 30.351585] ? kasan_atomics_helper+0xa2c/0x5450 [ 30.352239] kasan_check_range+0x10c/0x1c0 [ 30.352680] __kasan_check_write+0x18/0x20 [ 30.353110] kasan_atomics_helper+0xa2c/0x5450 [ 30.354014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.354768] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.355578] ? kasan_atomics+0x153/0x310 [ 30.356199] kasan_atomics+0x1dd/0x310 [ 30.356640] ? __pfx_kasan_atomics+0x10/0x10 [ 30.357422] ? __pfx_read_tsc+0x10/0x10 [ 30.357822] ? ktime_get_ts64+0x84/0x230 [ 30.358286] kunit_try_run_case+0x1b3/0x490 [ 30.358728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.359273] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.359634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.360462] ? __kthread_parkme+0x82/0x160 [ 30.360865] ? preempt_count_sub+0x50/0x80 [ 30.361570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.361974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.362676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.363343] kthread+0x257/0x310 [ 30.363808] ? __pfx_kthread+0x10/0x10 [ 30.364382] ret_from_fork+0x41/0x80 [ 30.364866] ? __pfx_kthread+0x10/0x10 [ 30.365353] ret_from_fork_asm+0x1a/0x30 [ 30.365952] </TASK> [ 30.366443] [ 30.366644] Allocated by task 273: [ 30.367191] kasan_save_stack+0x3d/0x60 [ 30.367668] kasan_save_track+0x18/0x40 [ 30.368255] kasan_save_alloc_info+0x3b/0x50 [ 30.368763] __kasan_kmalloc+0xb7/0xc0 [ 30.369123] __kmalloc_cache_noprof+0x184/0x410 [ 30.369719] kasan_atomics+0x96/0x310 [ 30.370285] kunit_try_run_case+0x1b3/0x490 [ 30.370682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.371314] kthread+0x257/0x310 [ 30.371745] ret_from_fork+0x41/0x80 [ 30.372300] ret_from_fork_asm+0x1a/0x30 [ 30.372596] [ 30.372951] The buggy address belongs to the object at ffff888101aba780 [ 30.372951] which belongs to the cache kmalloc-64 of size 64 [ 30.374196] The buggy address is located 0 bytes to the right of [ 30.374196] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.375542] [ 30.375741] The buggy address belongs to the physical page: [ 30.376408] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.377206] flags: 0x200000000000000(node=0|zone=2) [ 30.377638] page_type: f5(slab) [ 30.378099] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.379184] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.379766] page dumped because: kasan: bad access detected [ 30.380050] [ 30.380233] Memory state around the buggy address: [ 30.380588] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.381936] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.382735] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.383951] ^ [ 30.384654] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.385891] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.387247] ================================================================== [ 30.060826] ================================================================== [ 30.062411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 30.063916] Write of size 4 at addr ffff888101aba7b0 by task kunit_try_catch/273 [ 30.064887] [ 30.065234] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 30.066232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.066711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.067607] Call Trace: [ 30.067939] <TASK> [ 30.068227] dump_stack_lvl+0x73/0xb0 [ 30.068768] print_report+0xd1/0x640 [ 30.069187] ? __virt_addr_valid+0x1db/0x2d0 [ 30.069760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.070464] kasan_report+0x102/0x140 [ 30.070789] ? kasan_atomics_helper+0x698/0x5450 [ 30.071567] ? kasan_atomics_helper+0x698/0x5450 [ 30.072319] kasan_check_range+0x10c/0x1c0 [ 30.072844] __kasan_check_write+0x18/0x20 [ 30.073394] kasan_atomics_helper+0x698/0x5450 [ 30.073945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.074669] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.075196] ? kasan_atomics+0x153/0x310 [ 30.075779] kasan_atomics+0x1dd/0x310 [ 30.076231] ? __pfx_kasan_atomics+0x10/0x10 [ 30.076765] ? __pfx_read_tsc+0x10/0x10 [ 30.077381] ? ktime_get_ts64+0x84/0x230 [ 30.077903] kunit_try_run_case+0x1b3/0x490 [ 30.078572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.079136] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.079634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.080312] ? __kthread_parkme+0x82/0x160 [ 30.080873] ? preempt_count_sub+0x50/0x80 [ 30.081412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.082085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.082747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.083459] kthread+0x257/0x310 [ 30.083823] ? __pfx_kthread+0x10/0x10 [ 30.084266] ret_from_fork+0x41/0x80 [ 30.084643] ? __pfx_kthread+0x10/0x10 [ 30.085130] ret_from_fork_asm+0x1a/0x30 [ 30.085743] </TASK> [ 30.086275] [ 30.086505] Allocated by task 273: [ 30.087027] kasan_save_stack+0x3d/0x60 [ 30.087526] kasan_save_track+0x18/0x40 [ 30.088061] kasan_save_alloc_info+0x3b/0x50 [ 30.088592] __kasan_kmalloc+0xb7/0xc0 [ 30.089410] __kmalloc_cache_noprof+0x184/0x410 [ 30.089861] kasan_atomics+0x96/0x310 [ 30.090885] kunit_try_run_case+0x1b3/0x490 [ 30.091429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.092326] kthread+0x257/0x310 [ 30.092903] ret_from_fork+0x41/0x80 [ 30.093480] ret_from_fork_asm+0x1a/0x30 [ 30.094088] [ 30.094531] The buggy address belongs to the object at ffff888101aba780 [ 30.094531] which belongs to the cache kmalloc-64 of size 64 [ 30.095633] The buggy address is located 0 bytes to the right of [ 30.095633] allocated 48-byte region [ffff888101aba780, ffff888101aba7b0) [ 30.096662] [ 30.096851] The buggy address belongs to the physical page: [ 30.097823] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 30.099055] flags: 0x200000000000000(node=0|zone=2) [ 30.099659] page_type: f5(slab) [ 30.100272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.100972] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 30.102182] page dumped because: kasan: bad access detected [ 30.102639] [ 30.102893] Memory state around the buggy address: [ 30.103719] ffff888101aba680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.104962] ffff888101aba700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.105736] >ffff888101aba780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.106827] ^ [ 30.107494] ffff888101aba800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.108445] ffff888101aba880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.109721] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 29.387549] ================================================================== [ 29.388267] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.390171] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.391064] [ 29.391234] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.392752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.393203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.394766] Call Trace: [ 29.395730] <TASK> [ 29.396031] dump_stack_lvl+0x73/0xb0 [ 29.396770] print_report+0xd1/0x640 [ 29.397384] ? __virt_addr_valid+0x1db/0x2d0 [ 29.398216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.399115] kasan_report+0x102/0x140 [ 29.399655] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.400737] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.401571] kasan_check_range+0x10c/0x1c0 [ 29.402019] __kasan_check_write+0x18/0x20 [ 29.402957] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.403914] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.404919] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.405593] ? kasan_bitops_generic+0x93/0x1c0 [ 29.406448] kasan_bitops_generic+0x122/0x1c0 [ 29.406870] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.408076] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.408825] kunit_try_run_case+0x1b3/0x490 [ 29.409601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.410480] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.411585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.412445] ? __kthread_parkme+0x82/0x160 [ 29.412724] ? preempt_count_sub+0x50/0x80 [ 29.413213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.413605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.414275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.415247] kthread+0x257/0x310 [ 29.415640] ? __pfx_kthread+0x10/0x10 [ 29.416202] ret_from_fork+0x41/0x80 [ 29.416506] ? __pfx_kthread+0x10/0x10 [ 29.417051] ret_from_fork_asm+0x1a/0x30 [ 29.417556] </TASK> [ 29.417813] [ 29.418164] Allocated by task 269: [ 29.418479] kasan_save_stack+0x3d/0x60 [ 29.418863] kasan_save_track+0x18/0x40 [ 29.419221] kasan_save_alloc_info+0x3b/0x50 [ 29.419824] __kasan_kmalloc+0xb7/0xc0 [ 29.420454] __kmalloc_cache_noprof+0x184/0x410 [ 29.420905] kasan_bitops_generic+0x93/0x1c0 [ 29.421362] kunit_try_run_case+0x1b3/0x490 [ 29.421819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.422387] kthread+0x257/0x310 [ 29.423060] ret_from_fork+0x41/0x80 [ 29.423332] ret_from_fork_asm+0x1a/0x30 [ 29.424164] [ 29.424368] The buggy address belongs to the object at ffff888102699d80 [ 29.424368] which belongs to the cache kmalloc-16 of size 16 [ 29.425290] The buggy address is located 8 bytes inside of [ 29.425290] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.426289] [ 29.426661] The buggy address belongs to the physical page: [ 29.427065] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.428095] flags: 0x200000000000000(node=0|zone=2) [ 29.428439] page_type: f5(slab) [ 29.429115] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.429547] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.430799] page dumped because: kasan: bad access detected [ 29.431375] [ 29.431607] Memory state around the buggy address: [ 29.431910] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.433098] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.433543] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.434168] ^ [ 29.434559] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.435316] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.436407] ================================================================== [ 29.488404] ================================================================== [ 29.489443] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.491099] Read of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.491834] [ 29.492114] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.493498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.493945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.495336] Call Trace: [ 29.495560] <TASK> [ 29.495756] dump_stack_lvl+0x73/0xb0 [ 29.496593] print_report+0xd1/0x640 [ 29.497097] ? __virt_addr_valid+0x1db/0x2d0 [ 29.497518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.498747] kasan_report+0x102/0x140 [ 29.499637] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.500759] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.501656] __asan_report_load8_noabort+0x18/0x20 [ 29.502382] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.503105] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.503790] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.504280] ? kasan_bitops_generic+0x93/0x1c0 [ 29.505095] kasan_bitops_generic+0x122/0x1c0 [ 29.505590] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.506244] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.507173] kunit_try_run_case+0x1b3/0x490 [ 29.507639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.508371] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.508860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.509548] ? __kthread_parkme+0x82/0x160 [ 29.509966] ? preempt_count_sub+0x50/0x80 [ 29.510926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.511680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.512393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.513270] kthread+0x257/0x310 [ 29.513686] ? __pfx_kthread+0x10/0x10 [ 29.514057] ret_from_fork+0x41/0x80 [ 29.515004] ? __pfx_kthread+0x10/0x10 [ 29.515298] ret_from_fork_asm+0x1a/0x30 [ 29.516195] </TASK> [ 29.516419] [ 29.516743] Allocated by task 269: [ 29.517087] kasan_save_stack+0x3d/0x60 [ 29.517822] kasan_save_track+0x18/0x40 [ 29.518477] kasan_save_alloc_info+0x3b/0x50 [ 29.519437] __kasan_kmalloc+0xb7/0xc0 [ 29.519852] __kmalloc_cache_noprof+0x184/0x410 [ 29.520434] kasan_bitops_generic+0x93/0x1c0 [ 29.520778] kunit_try_run_case+0x1b3/0x490 [ 29.521350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.522172] kthread+0x257/0x310 [ 29.522891] ret_from_fork+0x41/0x80 [ 29.523498] ret_from_fork_asm+0x1a/0x30 [ 29.523949] [ 29.524123] The buggy address belongs to the object at ffff888102699d80 [ 29.524123] which belongs to the cache kmalloc-16 of size 16 [ 29.525464] The buggy address is located 8 bytes inside of [ 29.525464] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.527465] [ 29.527773] The buggy address belongs to the physical page: [ 29.528328] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.529411] flags: 0x200000000000000(node=0|zone=2) [ 29.529971] page_type: f5(slab) [ 29.530324] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.531278] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.532634] page dumped because: kasan: bad access detected [ 29.533056] [ 29.533516] Memory state around the buggy address: [ 29.534080] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.534873] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.535638] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.536572] ^ [ 29.536870] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.538018] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.539132] ================================================================== [ 29.114111] ================================================================== [ 29.114838] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.115894] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.116655] [ 29.116905] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.118393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.118820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.119651] Call Trace: [ 29.120307] <TASK> [ 29.120772] dump_stack_lvl+0x73/0xb0 [ 29.121502] print_report+0xd1/0x640 [ 29.121852] ? __virt_addr_valid+0x1db/0x2d0 [ 29.122427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.123043] kasan_report+0x102/0x140 [ 29.123329] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.124226] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.125400] kasan_check_range+0x10c/0x1c0 [ 29.125916] __kasan_check_write+0x18/0x20 [ 29.126336] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.127314] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.128263] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.128733] ? kasan_bitops_generic+0x93/0x1c0 [ 29.129271] kasan_bitops_generic+0x122/0x1c0 [ 29.129818] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.130516] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.131025] kunit_try_run_case+0x1b3/0x490 [ 29.131481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.132033] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.132810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.133420] ? __kthread_parkme+0x82/0x160 [ 29.133894] ? preempt_count_sub+0x50/0x80 [ 29.134454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.135187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.135639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.136573] kthread+0x257/0x310 [ 29.136893] ? __pfx_kthread+0x10/0x10 [ 29.137201] ret_from_fork+0x41/0x80 [ 29.137853] ? __pfx_kthread+0x10/0x10 [ 29.138593] ret_from_fork_asm+0x1a/0x30 [ 29.139026] </TASK> [ 29.139403] [ 29.139627] Allocated by task 269: [ 29.140251] kasan_save_stack+0x3d/0x60 [ 29.140764] kasan_save_track+0x18/0x40 [ 29.141215] kasan_save_alloc_info+0x3b/0x50 [ 29.141717] __kasan_kmalloc+0xb7/0xc0 [ 29.142460] __kmalloc_cache_noprof+0x184/0x410 [ 29.142898] kasan_bitops_generic+0x93/0x1c0 [ 29.143560] kunit_try_run_case+0x1b3/0x490 [ 29.144188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.145128] kthread+0x257/0x310 [ 29.145613] ret_from_fork+0x41/0x80 [ 29.145920] ret_from_fork_asm+0x1a/0x30 [ 29.146814] [ 29.147044] The buggy address belongs to the object at ffff888102699d80 [ 29.147044] which belongs to the cache kmalloc-16 of size 16 [ 29.148216] The buggy address is located 8 bytes inside of [ 29.148216] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.150005] [ 29.150525] The buggy address belongs to the physical page: [ 29.150903] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.151741] flags: 0x200000000000000(node=0|zone=2) [ 29.152725] page_type: f5(slab) [ 29.153222] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.154384] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.155238] page dumped because: kasan: bad access detected [ 29.155637] [ 29.155789] Memory state around the buggy address: [ 29.156404] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.157546] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.158216] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.158638] ^ [ 29.159606] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160353] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.161429] ================================================================== [ 29.218589] ================================================================== [ 29.219105] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.219750] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.221242] [ 29.221408] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.222759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.223271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.224090] Call Trace: [ 29.224324] <TASK> [ 29.224625] dump_stack_lvl+0x73/0xb0 [ 29.225105] print_report+0xd1/0x640 [ 29.226317] ? __virt_addr_valid+0x1db/0x2d0 [ 29.227500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.228375] kasan_report+0x102/0x140 [ 29.229349] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.230030] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.230786] kasan_check_range+0x10c/0x1c0 [ 29.231526] __kasan_check_write+0x18/0x20 [ 29.232267] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.233027] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.233843] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.234852] ? kasan_bitops_generic+0x93/0x1c0 [ 29.235801] kasan_bitops_generic+0x122/0x1c0 [ 29.236403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.236895] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.238084] kunit_try_run_case+0x1b3/0x490 [ 29.238618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.239437] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.239929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.240698] ? __kthread_parkme+0x82/0x160 [ 29.241375] ? preempt_count_sub+0x50/0x80 [ 29.241927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.242842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.243751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.244484] kthread+0x257/0x310 [ 29.245060] ? __pfx_kthread+0x10/0x10 [ 29.245515] ret_from_fork+0x41/0x80 [ 29.246024] ? __pfx_kthread+0x10/0x10 [ 29.246501] ret_from_fork_asm+0x1a/0x30 [ 29.246891] </TASK> [ 29.247179] [ 29.247914] Allocated by task 269: [ 29.248181] kasan_save_stack+0x3d/0x60 [ 29.248845] kasan_save_track+0x18/0x40 [ 29.249795] kasan_save_alloc_info+0x3b/0x50 [ 29.250201] __kasan_kmalloc+0xb7/0xc0 [ 29.251131] __kmalloc_cache_noprof+0x184/0x410 [ 29.251485] kasan_bitops_generic+0x93/0x1c0 [ 29.252940] kunit_try_run_case+0x1b3/0x490 [ 29.253738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.254593] kthread+0x257/0x310 [ 29.255029] ret_from_fork+0x41/0x80 [ 29.255669] ret_from_fork_asm+0x1a/0x30 [ 29.256053] [ 29.256418] The buggy address belongs to the object at ffff888102699d80 [ 29.256418] which belongs to the cache kmalloc-16 of size 16 [ 29.257790] The buggy address is located 8 bytes inside of [ 29.257790] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.260063] [ 29.260516] The buggy address belongs to the physical page: [ 29.260865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.262678] flags: 0x200000000000000(node=0|zone=2) [ 29.263402] page_type: f5(slab) [ 29.263777] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.264543] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.265538] page dumped because: kasan: bad access detected [ 29.265904] [ 29.266206] Memory state around the buggy address: [ 29.267324] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.268037] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.269379] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.270069] ^ [ 29.270895] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.271468] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.272865] ================================================================== [ 29.162101] ================================================================== [ 29.163654] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.165135] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.166279] [ 29.166508] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.168346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.168592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.169340] Call Trace: [ 29.169777] <TASK> [ 29.170437] dump_stack_lvl+0x73/0xb0 [ 29.171311] print_report+0xd1/0x640 [ 29.171739] ? __virt_addr_valid+0x1db/0x2d0 [ 29.172686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.173589] kasan_report+0x102/0x140 [ 29.173915] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.175251] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.175856] kasan_check_range+0x10c/0x1c0 [ 29.176902] __kasan_check_write+0x18/0x20 [ 29.177506] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.178469] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.179274] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.179931] ? kasan_bitops_generic+0x93/0x1c0 [ 29.180558] kasan_bitops_generic+0x122/0x1c0 [ 29.181695] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.182476] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.182945] kunit_try_run_case+0x1b3/0x490 [ 29.183912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.184554] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.185774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.186700] ? __kthread_parkme+0x82/0x160 [ 29.187151] ? preempt_count_sub+0x50/0x80 [ 29.187608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.188511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.189000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.189881] kthread+0x257/0x310 [ 29.190655] ? __pfx_kthread+0x10/0x10 [ 29.190919] ret_from_fork+0x41/0x80 [ 29.191765] ? __pfx_kthread+0x10/0x10 [ 29.192481] ret_from_fork_asm+0x1a/0x30 [ 29.193291] </TASK> [ 29.193421] [ 29.193514] Allocated by task 269: [ 29.193667] kasan_save_stack+0x3d/0x60 [ 29.193847] kasan_save_track+0x18/0x40 [ 29.194197] kasan_save_alloc_info+0x3b/0x50 [ 29.194871] __kasan_kmalloc+0xb7/0xc0 [ 29.195588] __kmalloc_cache_noprof+0x184/0x410 [ 29.196606] kasan_bitops_generic+0x93/0x1c0 [ 29.197356] kunit_try_run_case+0x1b3/0x490 [ 29.197867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.198641] kthread+0x257/0x310 [ 29.199569] ret_from_fork+0x41/0x80 [ 29.200185] ret_from_fork_asm+0x1a/0x30 [ 29.200681] [ 29.200872] The buggy address belongs to the object at ffff888102699d80 [ 29.200872] which belongs to the cache kmalloc-16 of size 16 [ 29.202848] The buggy address is located 8 bytes inside of [ 29.202848] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.204732] [ 29.205291] The buggy address belongs to the physical page: [ 29.206421] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.207420] flags: 0x200000000000000(node=0|zone=2) [ 29.208362] page_type: f5(slab) [ 29.208687] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.209769] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.210870] page dumped because: kasan: bad access detected [ 29.211381] [ 29.211578] Memory state around the buggy address: [ 29.212016] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.212665] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.213926] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.214652] ^ [ 29.214814] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.215707] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.216975] ================================================================== [ 29.330097] ================================================================== [ 29.330892] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.333254] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.333826] [ 29.334045] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.334857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.335727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.337205] Call Trace: [ 29.337490] <TASK> [ 29.337738] dump_stack_lvl+0x73/0xb0 [ 29.339038] print_report+0xd1/0x640 [ 29.339710] ? __virt_addr_valid+0x1db/0x2d0 [ 29.340666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.341329] kasan_report+0x102/0x140 [ 29.342312] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.343545] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.344196] kasan_check_range+0x10c/0x1c0 [ 29.345434] __kasan_check_write+0x18/0x20 [ 29.345861] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.346863] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.347545] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.348466] ? kasan_bitops_generic+0x93/0x1c0 [ 29.349223] kasan_bitops_generic+0x122/0x1c0 [ 29.349807] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.350547] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.351059] kunit_try_run_case+0x1b3/0x490 [ 29.351464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.351919] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.353069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.353967] ? __kthread_parkme+0x82/0x160 [ 29.354822] ? preempt_count_sub+0x50/0x80 [ 29.355277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.356111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.357100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.357824] kthread+0x257/0x310 [ 29.358214] ? __pfx_kthread+0x10/0x10 [ 29.359337] ret_from_fork+0x41/0x80 [ 29.360027] ? __pfx_kthread+0x10/0x10 [ 29.360388] ret_from_fork_asm+0x1a/0x30 [ 29.361058] </TASK> [ 29.361400] [ 29.362164] Allocated by task 269: [ 29.362597] kasan_save_stack+0x3d/0x60 [ 29.363442] kasan_save_track+0x18/0x40 [ 29.364377] kasan_save_alloc_info+0x3b/0x50 [ 29.364588] __kasan_kmalloc+0xb7/0xc0 [ 29.364762] __kmalloc_cache_noprof+0x184/0x410 [ 29.365130] kasan_bitops_generic+0x93/0x1c0 [ 29.366111] kunit_try_run_case+0x1b3/0x490 [ 29.367062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.367880] kthread+0x257/0x310 [ 29.368846] ret_from_fork+0x41/0x80 [ 29.369332] ret_from_fork_asm+0x1a/0x30 [ 29.370125] [ 29.370390] The buggy address belongs to the object at ffff888102699d80 [ 29.370390] which belongs to the cache kmalloc-16 of size 16 [ 29.371251] The buggy address is located 8 bytes inside of [ 29.371251] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.373106] [ 29.373606] The buggy address belongs to the physical page: [ 29.374020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.375239] flags: 0x200000000000000(node=0|zone=2) [ 29.375896] page_type: f5(slab) [ 29.376859] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.378198] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.379038] page dumped because: kasan: bad access detected [ 29.379822] [ 29.380287] Memory state around the buggy address: [ 29.380764] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.382274] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.382784] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.384087] ^ [ 29.384656] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386041] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386805] ================================================================== [ 29.062179] ================================================================== [ 29.062602] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.065270] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.066072] [ 29.066440] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.067637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.068237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.069310] Call Trace: [ 29.069621] <TASK> [ 29.070258] dump_stack_lvl+0x73/0xb0 [ 29.070558] print_report+0xd1/0x640 [ 29.071007] ? __virt_addr_valid+0x1db/0x2d0 [ 29.071877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.073224] kasan_report+0x102/0x140 [ 29.073580] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.074465] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.075025] kasan_check_range+0x10c/0x1c0 [ 29.075777] __kasan_check_write+0x18/0x20 [ 29.076664] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.077487] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.078333] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.078793] ? kasan_bitops_generic+0x93/0x1c0 [ 29.079641] kasan_bitops_generic+0x122/0x1c0 [ 29.080738] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.081303] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.081775] kunit_try_run_case+0x1b3/0x490 [ 29.082809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.083456] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.084313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.085093] ? __kthread_parkme+0x82/0x160 [ 29.085639] ? preempt_count_sub+0x50/0x80 [ 29.086479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.087019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.087481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.088139] kthread+0x257/0x310 [ 29.088494] ? __pfx_kthread+0x10/0x10 [ 29.088786] ret_from_fork+0x41/0x80 [ 29.089641] ? __pfx_kthread+0x10/0x10 [ 29.090389] ret_from_fork_asm+0x1a/0x30 [ 29.091150] </TASK> [ 29.091568] [ 29.091838] Allocated by task 269: [ 29.092687] kasan_save_stack+0x3d/0x60 [ 29.093362] kasan_save_track+0x18/0x40 [ 29.093810] kasan_save_alloc_info+0x3b/0x50 [ 29.094540] __kasan_kmalloc+0xb7/0xc0 [ 29.095261] __kmalloc_cache_noprof+0x184/0x410 [ 29.095755] kasan_bitops_generic+0x93/0x1c0 [ 29.096488] kunit_try_run_case+0x1b3/0x490 [ 29.096969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.097748] kthread+0x257/0x310 [ 29.098503] ret_from_fork+0x41/0x80 [ 29.099183] ret_from_fork_asm+0x1a/0x30 [ 29.099642] [ 29.099835] The buggy address belongs to the object at ffff888102699d80 [ 29.099835] which belongs to the cache kmalloc-16 of size 16 [ 29.101181] The buggy address is located 8 bytes inside of [ 29.101181] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.101953] [ 29.102218] The buggy address belongs to the physical page: [ 29.103209] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.103758] flags: 0x200000000000000(node=0|zone=2) [ 29.104259] page_type: f5(slab) [ 29.104948] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.106078] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.106890] page dumped because: kasan: bad access detected [ 29.107601] [ 29.107881] Memory state around the buggy address: [ 29.108337] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.109335] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.110546] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.111283] ^ [ 29.111593] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.112500] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.113344] ================================================================== [ 29.437105] ================================================================== [ 29.437889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.438559] Read of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.439666] [ 29.439865] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.441572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.443532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.444405] Call Trace: [ 29.444609] <TASK> [ 29.445545] dump_stack_lvl+0x73/0xb0 [ 29.445957] print_report+0xd1/0x640 [ 29.446435] ? __virt_addr_valid+0x1db/0x2d0 [ 29.446844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.447525] kasan_report+0x102/0x140 [ 29.447899] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.448598] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.449121] kasan_check_range+0x10c/0x1c0 [ 29.449932] __kasan_check_read+0x15/0x20 [ 29.450371] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.451034] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.451575] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.452318] ? kasan_bitops_generic+0x93/0x1c0 [ 29.452701] kasan_bitops_generic+0x122/0x1c0 [ 29.453300] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.453941] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.454655] kunit_try_run_case+0x1b3/0x490 [ 29.455270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.455607] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.456236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.456751] ? __kthread_parkme+0x82/0x160 [ 29.457304] ? preempt_count_sub+0x50/0x80 [ 29.457609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.458171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.458609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.459789] kthread+0x257/0x310 [ 29.460098] ? __pfx_kthread+0x10/0x10 [ 29.460782] ret_from_fork+0x41/0x80 [ 29.461230] ? __pfx_kthread+0x10/0x10 [ 29.461583] ret_from_fork_asm+0x1a/0x30 [ 29.461930] </TASK> [ 29.462262] [ 29.462773] Allocated by task 269: [ 29.463308] kasan_save_stack+0x3d/0x60 [ 29.463734] kasan_save_track+0x18/0x40 [ 29.464288] kasan_save_alloc_info+0x3b/0x50 [ 29.464735] __kasan_kmalloc+0xb7/0xc0 [ 29.465061] __kmalloc_cache_noprof+0x184/0x410 [ 29.465364] kasan_bitops_generic+0x93/0x1c0 [ 29.465913] kunit_try_run_case+0x1b3/0x490 [ 29.467074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.467528] kthread+0x257/0x310 [ 29.467777] ret_from_fork+0x41/0x80 [ 29.468429] ret_from_fork_asm+0x1a/0x30 [ 29.468900] [ 29.469190] The buggy address belongs to the object at ffff888102699d80 [ 29.469190] which belongs to the cache kmalloc-16 of size 16 [ 29.469961] The buggy address is located 8 bytes inside of [ 29.469961] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.471603] [ 29.471784] The buggy address belongs to the physical page: [ 29.472283] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.473477] flags: 0x200000000000000(node=0|zone=2) [ 29.474113] page_type: f5(slab) [ 29.474570] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.476844] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.478747] page dumped because: kasan: bad access detected [ 29.479421] [ 29.479660] Memory state around the buggy address: [ 29.481125] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.481687] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.482737] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.484430] ^ [ 29.484673] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.485972] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.487597] ================================================================== [ 29.274577] ================================================================== [ 29.275650] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.276585] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.277911] [ 29.278224] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.280498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.280860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.281792] Call Trace: [ 29.282243] <TASK> [ 29.282488] dump_stack_lvl+0x73/0xb0 [ 29.283342] print_report+0xd1/0x640 [ 29.283861] ? __virt_addr_valid+0x1db/0x2d0 [ 29.284469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.284958] kasan_report+0x102/0x140 [ 29.285834] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.287077] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.287832] kasan_check_range+0x10c/0x1c0 [ 29.288642] __kasan_check_write+0x18/0x20 [ 29.289613] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.290499] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.290966] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.291457] ? kasan_bitops_generic+0x93/0x1c0 [ 29.291916] kasan_bitops_generic+0x122/0x1c0 [ 29.292363] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.292847] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.293672] kunit_try_run_case+0x1b3/0x490 [ 29.294412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.295276] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.295882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.296449] ? __kthread_parkme+0x82/0x160 [ 29.296867] ? preempt_count_sub+0x50/0x80 [ 29.297670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.298291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.299125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.299861] kthread+0x257/0x310 [ 29.300527] ? __pfx_kthread+0x10/0x10 [ 29.300976] ret_from_fork+0x41/0x80 [ 29.301345] ? __pfx_kthread+0x10/0x10 [ 29.301773] ret_from_fork_asm+0x1a/0x30 [ 29.302742] </TASK> [ 29.303340] [ 29.303698] Allocated by task 269: [ 29.304313] kasan_save_stack+0x3d/0x60 [ 29.305077] kasan_save_track+0x18/0x40 [ 29.305558] kasan_save_alloc_info+0x3b/0x50 [ 29.306374] __kasan_kmalloc+0xb7/0xc0 [ 29.307053] __kmalloc_cache_noprof+0x184/0x410 [ 29.307639] kasan_bitops_generic+0x93/0x1c0 [ 29.308422] kunit_try_run_case+0x1b3/0x490 [ 29.308851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.309684] kthread+0x257/0x310 [ 29.310388] ret_from_fork+0x41/0x80 [ 29.310963] ret_from_fork_asm+0x1a/0x30 [ 29.311682] [ 29.311864] The buggy address belongs to the object at ffff888102699d80 [ 29.311864] which belongs to the cache kmalloc-16 of size 16 [ 29.313464] The buggy address is located 8 bytes inside of [ 29.313464] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.313918] [ 29.314785] The buggy address belongs to the physical page: [ 29.316039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.317257] flags: 0x200000000000000(node=0|zone=2) [ 29.317855] page_type: f5(slab) [ 29.319001] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.319907] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.320955] page dumped because: kasan: bad access detected [ 29.321906] [ 29.322081] Memory state around the buggy address: [ 29.323184] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.324003] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.325073] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.325829] ^ [ 29.326385] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.327440] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.328726] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 28.903550] ================================================================== [ 28.904841] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.906030] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.907713] [ 28.908425] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.910193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.911485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.912257] Call Trace: [ 28.912568] <TASK> [ 28.912782] dump_stack_lvl+0x73/0xb0 [ 28.913220] print_report+0xd1/0x640 [ 28.914381] ? __virt_addr_valid+0x1db/0x2d0 [ 28.914622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.914856] kasan_report+0x102/0x140 [ 28.915266] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.916620] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.917693] kasan_check_range+0x10c/0x1c0 [ 28.918601] __kasan_check_write+0x18/0x20 [ 28.919404] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 28.919891] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.920853] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.921475] ? kasan_bitops_generic+0x93/0x1c0 [ 28.922530] kasan_bitops_generic+0x117/0x1c0 [ 28.922980] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.923734] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.924447] kunit_try_run_case+0x1b3/0x490 [ 28.924882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.925611] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.926505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.927152] ? __kthread_parkme+0x82/0x160 [ 28.927889] ? preempt_count_sub+0x50/0x80 [ 28.928833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.929710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.931012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.931684] kthread+0x257/0x310 [ 28.932266] ? __pfx_kthread+0x10/0x10 [ 28.932647] ret_from_fork+0x41/0x80 [ 28.933074] ? __pfx_kthread+0x10/0x10 [ 28.933670] ret_from_fork_asm+0x1a/0x30 [ 28.934529] </TASK> [ 28.934846] [ 28.935236] Allocated by task 269: [ 28.935644] kasan_save_stack+0x3d/0x60 [ 28.936403] kasan_save_track+0x18/0x40 [ 28.936865] kasan_save_alloc_info+0x3b/0x50 [ 28.937491] __kasan_kmalloc+0xb7/0xc0 [ 28.938379] __kmalloc_cache_noprof+0x184/0x410 [ 28.938708] kasan_bitops_generic+0x93/0x1c0 [ 28.939415] kunit_try_run_case+0x1b3/0x490 [ 28.940002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.940606] kthread+0x257/0x310 [ 28.941048] ret_from_fork+0x41/0x80 [ 28.941346] ret_from_fork_asm+0x1a/0x30 [ 28.941924] [ 28.942264] The buggy address belongs to the object at ffff888102699d80 [ 28.942264] which belongs to the cache kmalloc-16 of size 16 [ 28.943783] The buggy address is located 8 bytes inside of [ 28.943783] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.944928] [ 28.946142] The buggy address belongs to the physical page: [ 28.946641] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.947347] flags: 0x200000000000000(node=0|zone=2) [ 28.947777] page_type: f5(slab) [ 28.948430] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.949501] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.950293] page dumped because: kasan: bad access detected [ 28.951132] [ 28.951577] Memory state around the buggy address: [ 28.951882] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 28.953087] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.954369] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.955201] ^ [ 28.955763] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.956898] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.957699] ================================================================== [ 28.794637] ================================================================== [ 28.795563] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.797222] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.798096] [ 28.799200] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.799959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.800810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.801768] Call Trace: [ 28.802454] <TASK> [ 28.802683] dump_stack_lvl+0x73/0xb0 [ 28.803494] print_report+0xd1/0x640 [ 28.803868] ? __virt_addr_valid+0x1db/0x2d0 [ 28.804485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.805085] kasan_report+0x102/0x140 [ 28.805695] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.806406] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.807158] kasan_check_range+0x10c/0x1c0 [ 28.807690] __kasan_check_write+0x18/0x20 [ 28.808161] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 28.809105] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.809672] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.810309] ? kasan_bitops_generic+0x93/0x1c0 [ 28.810889] kasan_bitops_generic+0x117/0x1c0 [ 28.811486] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.812372] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.812902] kunit_try_run_case+0x1b3/0x490 [ 28.813481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.813881] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.814566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.815187] ? __kthread_parkme+0x82/0x160 [ 28.815627] ? preempt_count_sub+0x50/0x80 [ 28.816395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.816819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.817263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.818225] kthread+0x257/0x310 [ 28.818527] ? __pfx_kthread+0x10/0x10 [ 28.819030] ret_from_fork+0x41/0x80 [ 28.819757] ? __pfx_kthread+0x10/0x10 [ 28.820351] ret_from_fork_asm+0x1a/0x30 [ 28.820904] </TASK> [ 28.821230] [ 28.821475] Allocated by task 269: [ 28.821873] kasan_save_stack+0x3d/0x60 [ 28.823383] kasan_save_track+0x18/0x40 [ 28.824309] kasan_save_alloc_info+0x3b/0x50 [ 28.824783] __kasan_kmalloc+0xb7/0xc0 [ 28.825714] __kmalloc_cache_noprof+0x184/0x410 [ 28.826458] kasan_bitops_generic+0x93/0x1c0 [ 28.827258] kunit_try_run_case+0x1b3/0x490 [ 28.827645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.827881] kthread+0x257/0x310 [ 28.828758] ret_from_fork+0x41/0x80 [ 28.829346] ret_from_fork_asm+0x1a/0x30 [ 28.830278] [ 28.830650] The buggy address belongs to the object at ffff888102699d80 [ 28.830650] which belongs to the cache kmalloc-16 of size 16 [ 28.831612] The buggy address is located 8 bytes inside of [ 28.831612] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.832614] [ 28.832811] The buggy address belongs to the physical page: [ 28.834250] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.834574] flags: 0x200000000000000(node=0|zone=2) [ 28.834778] page_type: f5(slab) [ 28.834930] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.836102] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.837359] page dumped because: kasan: bad access detected [ 28.837690] [ 28.837946] Memory state around the buggy address: [ 28.839003] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 28.839809] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.841309] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.841957] ^ [ 28.842501] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.843419] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.844331] ================================================================== [ 28.845841] ================================================================== [ 28.847011] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.848860] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.850183] [ 28.850472] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.851655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.852328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.853597] Call Trace: [ 28.854296] <TASK> [ 28.854765] dump_stack_lvl+0x73/0xb0 [ 28.855147] print_report+0xd1/0x640 [ 28.855417] ? __virt_addr_valid+0x1db/0x2d0 [ 28.855627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.855861] kasan_report+0x102/0x140 [ 28.856208] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.856606] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.857843] kasan_check_range+0x10c/0x1c0 [ 28.858701] __kasan_check_write+0x18/0x20 [ 28.859734] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 28.860904] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.862182] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.862633] ? kasan_bitops_generic+0x93/0x1c0 [ 28.863632] kasan_bitops_generic+0x117/0x1c0 [ 28.864761] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.865562] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.866589] kunit_try_run_case+0x1b3/0x490 [ 28.867052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.868124] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.868829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.869637] ? __kthread_parkme+0x82/0x160 [ 28.870781] ? preempt_count_sub+0x50/0x80 [ 28.871515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.872617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.873535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.874015] kthread+0x257/0x310 [ 28.874730] ? __pfx_kthread+0x10/0x10 [ 28.875369] ret_from_fork+0x41/0x80 [ 28.876253] ? __pfx_kthread+0x10/0x10 [ 28.876673] ret_from_fork_asm+0x1a/0x30 [ 28.877610] </TASK> [ 28.877835] [ 28.878493] Allocated by task 269: [ 28.879028] kasan_save_stack+0x3d/0x60 [ 28.879517] kasan_save_track+0x18/0x40 [ 28.879871] kasan_save_alloc_info+0x3b/0x50 [ 28.880785] __kasan_kmalloc+0xb7/0xc0 [ 28.881083] __kmalloc_cache_noprof+0x184/0x410 [ 28.882413] kasan_bitops_generic+0x93/0x1c0 [ 28.882841] kunit_try_run_case+0x1b3/0x490 [ 28.883593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.884353] kthread+0x257/0x310 [ 28.884748] ret_from_fork+0x41/0x80 [ 28.885581] ret_from_fork_asm+0x1a/0x30 [ 28.886583] [ 28.886728] The buggy address belongs to the object at ffff888102699d80 [ 28.886728] which belongs to the cache kmalloc-16 of size 16 [ 28.888716] The buggy address is located 8 bytes inside of [ 28.888716] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.890612] [ 28.890715] The buggy address belongs to the physical page: [ 28.891038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.892425] flags: 0x200000000000000(node=0|zone=2) [ 28.893033] page_type: f5(slab) [ 28.893479] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.894533] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.895315] page dumped because: kasan: bad access detected [ 28.896057] [ 28.896224] Memory state around the buggy address: [ 28.897143] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 28.897882] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.898755] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.899718] ^ [ 28.900034] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.900622] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.902300] ================================================================== [ 29.009445] ================================================================== [ 29.009975] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.011293] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 29.011873] [ 29.012104] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 29.013080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.013906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.014631] Call Trace: [ 29.015158] <TASK> [ 29.015721] dump_stack_lvl+0x73/0xb0 [ 29.016471] print_report+0xd1/0x640 [ 29.016835] ? __virt_addr_valid+0x1db/0x2d0 [ 29.017512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.018405] kasan_report+0x102/0x140 [ 29.019455] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.020285] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.020879] kasan_check_range+0x10c/0x1c0 [ 29.021673] __kasan_check_write+0x18/0x20 [ 29.022409] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.023261] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.023865] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.024502] ? kasan_bitops_generic+0x93/0x1c0 [ 29.025280] kasan_bitops_generic+0x117/0x1c0 [ 29.025791] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.026206] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.027084] kunit_try_run_case+0x1b3/0x490 [ 29.027525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.028230] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.028626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.029906] ? __kthread_parkme+0x82/0x160 [ 29.030535] ? preempt_count_sub+0x50/0x80 [ 29.031330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.032210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.032798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.033800] kthread+0x257/0x310 [ 29.034158] ? __pfx_kthread+0x10/0x10 [ 29.034703] ret_from_fork+0x41/0x80 [ 29.035350] ? __pfx_kthread+0x10/0x10 [ 29.035773] ret_from_fork_asm+0x1a/0x30 [ 29.036814] </TASK> [ 29.037530] [ 29.037785] Allocated by task 269: [ 29.038681] kasan_save_stack+0x3d/0x60 [ 29.039219] kasan_save_track+0x18/0x40 [ 29.039772] kasan_save_alloc_info+0x3b/0x50 [ 29.040387] __kasan_kmalloc+0xb7/0xc0 [ 29.040749] __kmalloc_cache_noprof+0x184/0x410 [ 29.041485] kasan_bitops_generic+0x93/0x1c0 [ 29.042104] kunit_try_run_case+0x1b3/0x490 [ 29.043186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.043730] kthread+0x257/0x310 [ 29.044530] ret_from_fork+0x41/0x80 [ 29.044821] ret_from_fork_asm+0x1a/0x30 [ 29.045426] [ 29.046211] The buggy address belongs to the object at ffff888102699d80 [ 29.046211] which belongs to the cache kmalloc-16 of size 16 [ 29.046696] The buggy address is located 8 bytes inside of [ 29.046696] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 29.047766] [ 29.048066] The buggy address belongs to the physical page: [ 29.048715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 29.049783] flags: 0x200000000000000(node=0|zone=2) [ 29.051021] page_type: f5(slab) [ 29.051960] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.053629] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.054517] page dumped because: kasan: bad access detected [ 29.054877] [ 29.055169] Memory state around the buggy address: [ 29.055736] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.057298] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.058031] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.059045] ^ [ 29.059584] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.060593] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.061154] ================================================================== [ 28.639340] ================================================================== [ 28.640510] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.641420] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.642330] [ 28.642625] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.644159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.644685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.646535] Call Trace: [ 28.646873] <TASK> [ 28.647681] dump_stack_lvl+0x73/0xb0 [ 28.648066] print_report+0xd1/0x640 [ 28.648877] ? __virt_addr_valid+0x1db/0x2d0 [ 28.649664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.651266] kasan_report+0x102/0x140 [ 28.651793] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.652407] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.653591] kasan_check_range+0x10c/0x1c0 [ 28.654023] __kasan_check_write+0x18/0x20 [ 28.654775] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 28.655639] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.655900] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.657262] ? kasan_bitops_generic+0x93/0x1c0 [ 28.658335] kasan_bitops_generic+0x117/0x1c0 [ 28.658803] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.659643] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.660511] kunit_try_run_case+0x1b3/0x490 [ 28.661668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.662205] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.662682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.663241] ? __kthread_parkme+0x82/0x160 [ 28.664395] ? preempt_count_sub+0x50/0x80 [ 28.664790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.666069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.666763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.667634] kthread+0x257/0x310 [ 28.668429] ? __pfx_kthread+0x10/0x10 [ 28.668719] ret_from_fork+0x41/0x80 [ 28.669570] ? __pfx_kthread+0x10/0x10 [ 28.669953] ret_from_fork_asm+0x1a/0x30 [ 28.670753] </TASK> [ 28.671069] [ 28.671710] Allocated by task 269: [ 28.672214] kasan_save_stack+0x3d/0x60 [ 28.672877] kasan_save_track+0x18/0x40 [ 28.673710] kasan_save_alloc_info+0x3b/0x50 [ 28.674816] __kasan_kmalloc+0xb7/0xc0 [ 28.675432] __kmalloc_cache_noprof+0x184/0x410 [ 28.676643] kasan_bitops_generic+0x93/0x1c0 [ 28.677033] kunit_try_run_case+0x1b3/0x490 [ 28.677529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.677947] kthread+0x257/0x310 [ 28.678787] ret_from_fork+0x41/0x80 [ 28.679704] ret_from_fork_asm+0x1a/0x30 [ 28.680334] [ 28.680484] The buggy address belongs to the object at ffff888102699d80 [ 28.680484] which belongs to the cache kmalloc-16 of size 16 [ 28.681899] The buggy address is located 8 bytes inside of [ 28.681899] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.683177] [ 28.683494] The buggy address belongs to the physical page: [ 28.683939] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.684802] flags: 0x200000000000000(node=0|zone=2) [ 28.685668] page_type: f5(slab) [ 28.685951] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.686965] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.687944] page dumped because: kasan: bad access detected [ 28.688540] [ 28.688739] Memory state around the buggy address: [ 28.689506] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 28.690447] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.691078] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.692003] ^ [ 28.692550] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.693203] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.694092] ================================================================== [ 28.744787] ================================================================== [ 28.745501] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.746024] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.746900] [ 28.747091] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.748137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.748712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.749810] Call Trace: [ 28.750427] <TASK> [ 28.750832] dump_stack_lvl+0x73/0xb0 [ 28.751174] print_report+0xd1/0x640 [ 28.752170] ? __virt_addr_valid+0x1db/0x2d0 [ 28.752579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.753169] kasan_report+0x102/0x140 [ 28.753455] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.754273] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.755232] kasan_check_range+0x10c/0x1c0 [ 28.755664] __kasan_check_write+0x18/0x20 [ 28.756630] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 28.757220] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.758089] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.758585] ? kasan_bitops_generic+0x93/0x1c0 [ 28.759243] kasan_bitops_generic+0x117/0x1c0 [ 28.759619] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.760270] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.760876] kunit_try_run_case+0x1b3/0x490 [ 28.762440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.762916] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.763508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.763954] ? __kthread_parkme+0x82/0x160 [ 28.764640] ? preempt_count_sub+0x50/0x80 [ 28.765093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.766095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.766610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.767468] kthread+0x257/0x310 [ 28.768121] ? __pfx_kthread+0x10/0x10 [ 28.768675] ret_from_fork+0x41/0x80 [ 28.769247] ? __pfx_kthread+0x10/0x10 [ 28.769856] ret_from_fork_asm+0x1a/0x30 [ 28.770565] </TASK> [ 28.770906] [ 28.771173] Allocated by task 269: [ 28.771741] kasan_save_stack+0x3d/0x60 [ 28.772287] kasan_save_track+0x18/0x40 [ 28.773273] kasan_save_alloc_info+0x3b/0x50 [ 28.773683] __kasan_kmalloc+0xb7/0xc0 [ 28.774028] __kmalloc_cache_noprof+0x184/0x410 [ 28.774691] kasan_bitops_generic+0x93/0x1c0 [ 28.775330] kunit_try_run_case+0x1b3/0x490 [ 28.775871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.776657] kthread+0x257/0x310 [ 28.777111] ret_from_fork+0x41/0x80 [ 28.777786] ret_from_fork_asm+0x1a/0x30 [ 28.778300] [ 28.778684] The buggy address belongs to the object at ffff888102699d80 [ 28.778684] which belongs to the cache kmalloc-16 of size 16 [ 28.779661] The buggy address is located 8 bytes inside of [ 28.779661] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.781673] [ 28.781832] The buggy address belongs to the physical page: [ 28.782410] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.783455] flags: 0x200000000000000(node=0|zone=2) [ 28.783854] page_type: f5(slab) [ 28.784364] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.785399] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.786159] page dumped because: kasan: bad access detected [ 28.786676] [ 28.786893] Memory state around the buggy address: [ 28.787551] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 28.788348] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.789131] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.790288] ^ [ 28.790666] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.792573] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.793473] ================================================================== [ 28.958734] ================================================================== [ 28.959500] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.961449] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.962458] [ 28.962653] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.963643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.964004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.964703] Call Trace: [ 28.964942] <TASK> [ 28.966057] dump_stack_lvl+0x73/0xb0 [ 28.966457] print_report+0xd1/0x640 [ 28.966733] ? __virt_addr_valid+0x1db/0x2d0 [ 28.967460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.968527] kasan_report+0x102/0x140 [ 28.968920] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.970080] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.970899] kasan_check_range+0x10c/0x1c0 [ 28.972128] __kasan_check_write+0x18/0x20 [ 28.973209] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 28.973463] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.973716] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.973924] ? kasan_bitops_generic+0x93/0x1c0 [ 28.974955] kasan_bitops_generic+0x117/0x1c0 [ 28.975974] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.976862] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.977735] kunit_try_run_case+0x1b3/0x490 [ 28.978506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.979205] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.979671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.980274] ? __kthread_parkme+0x82/0x160 [ 28.980682] ? preempt_count_sub+0x50/0x80 [ 28.981128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.982087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.982752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.983289] kthread+0x257/0x310 [ 28.983632] ? __pfx_kthread+0x10/0x10 [ 28.984343] ret_from_fork+0x41/0x80 [ 28.984789] ? __pfx_kthread+0x10/0x10 [ 28.985378] ret_from_fork_asm+0x1a/0x30 [ 28.985939] </TASK> [ 28.986904] [ 28.987362] Allocated by task 269: [ 28.987605] kasan_save_stack+0x3d/0x60 [ 28.988184] kasan_save_track+0x18/0x40 [ 28.988748] kasan_save_alloc_info+0x3b/0x50 [ 28.989261] __kasan_kmalloc+0xb7/0xc0 [ 28.989551] __kmalloc_cache_noprof+0x184/0x410 [ 28.990307] kasan_bitops_generic+0x93/0x1c0 [ 28.990722] kunit_try_run_case+0x1b3/0x490 [ 28.991054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.992073] kthread+0x257/0x310 [ 28.992655] ret_from_fork+0x41/0x80 [ 28.993023] ret_from_fork_asm+0x1a/0x30 [ 28.993655] [ 28.993829] The buggy address belongs to the object at ffff888102699d80 [ 28.993829] which belongs to the cache kmalloc-16 of size 16 [ 28.995260] The buggy address is located 8 bytes inside of [ 28.995260] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.996617] [ 28.996831] The buggy address belongs to the physical page: [ 28.997182] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.998249] flags: 0x200000000000000(node=0|zone=2) [ 28.999088] page_type: f5(slab) [ 28.999532] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.000798] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 29.001533] page dumped because: kasan: bad access detected [ 29.002014] [ 29.002174] Memory state around the buggy address: [ 29.002944] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 29.003823] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.004978] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.006488] ^ [ 29.006651] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.006916] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.008084] ================================================================== [ 28.695601] ================================================================== [ 28.696332] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.697188] Write of size 8 at addr ffff888102699d88 by task kunit_try_catch/269 [ 28.697898] [ 28.698929] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.700426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.700912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.701708] Call Trace: [ 28.702344] <TASK> [ 28.702604] dump_stack_lvl+0x73/0xb0 [ 28.703150] print_report+0xd1/0x640 [ 28.703763] ? __virt_addr_valid+0x1db/0x2d0 [ 28.704197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.705093] kasan_report+0x102/0x140 [ 28.705498] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.706102] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.706756] kasan_check_range+0x10c/0x1c0 [ 28.707622] __kasan_check_write+0x18/0x20 [ 28.707952] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 28.708753] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.709451] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.710078] ? kasan_bitops_generic+0x93/0x1c0 [ 28.710862] kasan_bitops_generic+0x117/0x1c0 [ 28.711297] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.711805] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.712700] kunit_try_run_case+0x1b3/0x490 [ 28.713218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.713930] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.714586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.715756] ? __kthread_parkme+0x82/0x160 [ 28.716182] ? preempt_count_sub+0x50/0x80 [ 28.716881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.717444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.718004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.718805] kthread+0x257/0x310 [ 28.719209] ? __pfx_kthread+0x10/0x10 [ 28.719753] ret_from_fork+0x41/0x80 [ 28.720699] ? __pfx_kthread+0x10/0x10 [ 28.721087] ret_from_fork_asm+0x1a/0x30 [ 28.721571] </TASK> [ 28.722040] [ 28.722519] Allocated by task 269: [ 28.722842] kasan_save_stack+0x3d/0x60 [ 28.723247] kasan_save_track+0x18/0x40 [ 28.724094] kasan_save_alloc_info+0x3b/0x50 [ 28.724469] __kasan_kmalloc+0xb7/0xc0 [ 28.725041] __kmalloc_cache_noprof+0x184/0x410 [ 28.725450] kasan_bitops_generic+0x93/0x1c0 [ 28.726186] kunit_try_run_case+0x1b3/0x490 [ 28.726587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.727136] kthread+0x257/0x310 [ 28.727803] ret_from_fork+0x41/0x80 [ 28.728498] ret_from_fork_asm+0x1a/0x30 [ 28.729024] [ 28.729194] The buggy address belongs to the object at ffff888102699d80 [ 28.729194] which belongs to the cache kmalloc-16 of size 16 [ 28.730389] The buggy address is located 8 bytes inside of [ 28.730389] allocated 9-byte region [ffff888102699d80, ffff888102699d89) [ 28.731942] [ 28.732354] The buggy address belongs to the physical page: [ 28.732802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 28.733789] flags: 0x200000000000000(node=0|zone=2) [ 28.734433] page_type: f5(slab) [ 28.734683] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.735946] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 28.737648] page dumped because: kasan: bad access detected [ 28.738089] [ 28.738344] Memory state around the buggy address: [ 28.738953] ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 28.739716] ffff888102699d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.740738] >ffff888102699d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.741367] ^ [ 28.742048] ffff888102699e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.742536] ffff888102699e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.743532] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 28.574431] ================================================================== [ 28.575651] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 28.576769] Read of size 1 at addr ffff888101ab9950 by task kunit_try_catch/267 [ 28.577401] [ 28.577670] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.578776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.580050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.580808] Call Trace: [ 28.581473] <TASK> [ 28.581659] dump_stack_lvl+0x73/0xb0 [ 28.582408] print_report+0xd1/0x640 [ 28.583049] ? __virt_addr_valid+0x1db/0x2d0 [ 28.583687] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.584461] kasan_report+0x102/0x140 [ 28.584880] ? strnlen+0x73/0x80 [ 28.585574] ? strnlen+0x73/0x80 [ 28.586373] __asan_report_load1_noabort+0x18/0x20 [ 28.587236] strnlen+0x73/0x80 [ 28.587638] kasan_strings+0x4cc/0xb60 [ 28.588275] ? __pfx_kasan_strings+0x10/0x10 [ 28.588742] ? __schedule+0xc3e/0x2790 [ 28.589341] ? __pfx_read_tsc+0x10/0x10 [ 28.589839] ? ktime_get_ts64+0x84/0x230 [ 28.590445] kunit_try_run_case+0x1b3/0x490 [ 28.591268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.591806] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.592552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.593504] ? __kthread_parkme+0x82/0x160 [ 28.594035] ? preempt_count_sub+0x50/0x80 [ 28.594771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.595610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.596386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.597053] kthread+0x257/0x310 [ 28.597641] ? __pfx_kthread+0x10/0x10 [ 28.598811] ret_from_fork+0x41/0x80 [ 28.599267] ? __pfx_kthread+0x10/0x10 [ 28.599766] ret_from_fork_asm+0x1a/0x30 [ 28.600315] </TASK> [ 28.600674] [ 28.601061] Allocated by task 267: [ 28.601347] kasan_save_stack+0x3d/0x60 [ 28.601868] kasan_save_track+0x18/0x40 [ 28.602828] kasan_save_alloc_info+0x3b/0x50 [ 28.603433] __kasan_kmalloc+0xb7/0xc0 [ 28.604223] __kmalloc_cache_noprof+0x184/0x410 [ 28.605195] kasan_strings+0xb3/0xb60 [ 28.605628] kunit_try_run_case+0x1b3/0x490 [ 28.606481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.607520] kthread+0x257/0x310 [ 28.607900] ret_from_fork+0x41/0x80 [ 28.608674] ret_from_fork_asm+0x1a/0x30 [ 28.609167] [ 28.609433] Freed by task 267: [ 28.610259] kasan_save_stack+0x3d/0x60 [ 28.610790] kasan_save_track+0x18/0x40 [ 28.611464] kasan_save_free_info+0x3f/0x60 [ 28.612446] __kasan_slab_free+0x56/0x70 [ 28.613399] kfree+0x123/0x3f0 [ 28.613873] kasan_strings+0x13a/0xb60 [ 28.614212] kunit_try_run_case+0x1b3/0x490 [ 28.615262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.616325] kthread+0x257/0x310 [ 28.616691] ret_from_fork+0x41/0x80 [ 28.617258] ret_from_fork_asm+0x1a/0x30 [ 28.617557] [ 28.617923] The buggy address belongs to the object at ffff888101ab9940 [ 28.617923] which belongs to the cache kmalloc-32 of size 32 [ 28.619366] The buggy address is located 16 bytes inside of [ 28.619366] freed 32-byte region [ffff888101ab9940, ffff888101ab9960) [ 28.621298] [ 28.621491] The buggy address belongs to the physical page: [ 28.622079] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.623047] flags: 0x200000000000000(node=0|zone=2) [ 28.623692] page_type: f5(slab) [ 28.624184] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.624905] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.625694] page dumped because: kasan: bad access detected [ 28.626459] [ 28.626659] Memory state around the buggy address: [ 28.627152] ffff888101ab9800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.627567] ffff888101ab9880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.629015] >ffff888101ab9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.629604] ^ [ 28.629962] ffff888101ab9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.631265] ffff888101ab9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.631924] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 28.520924] ================================================================== [ 28.521813] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 28.522486] Read of size 1 at addr ffff888101ab9950 by task kunit_try_catch/267 [ 28.522907] [ 28.523614] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.525354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.525633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.526395] Call Trace: [ 28.526689] <TASK> [ 28.526948] dump_stack_lvl+0x73/0xb0 [ 28.527502] print_report+0xd1/0x640 [ 28.527797] ? __virt_addr_valid+0x1db/0x2d0 [ 28.529320] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.530404] kasan_report+0x102/0x140 [ 28.531110] ? strlen+0x8f/0xb0 [ 28.531689] ? strlen+0x8f/0xb0 [ 28.532347] __asan_report_load1_noabort+0x18/0x20 [ 28.532808] strlen+0x8f/0xb0 [ 28.533655] kasan_strings+0x432/0xb60 [ 28.534375] ? __pfx_kasan_strings+0x10/0x10 [ 28.535094] ? __schedule+0xc3e/0x2790 [ 28.535790] ? __pfx_read_tsc+0x10/0x10 [ 28.536665] ? ktime_get_ts64+0x84/0x230 [ 28.537394] kunit_try_run_case+0x1b3/0x490 [ 28.537817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.539101] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.539593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.541031] ? __kthread_parkme+0x82/0x160 [ 28.541818] ? preempt_count_sub+0x50/0x80 [ 28.542525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.543519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.544501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.545701] kthread+0x257/0x310 [ 28.546154] ? __pfx_kthread+0x10/0x10 [ 28.546364] ret_from_fork+0x41/0x80 [ 28.546546] ? __pfx_kthread+0x10/0x10 [ 28.546726] ret_from_fork_asm+0x1a/0x30 [ 28.547071] </TASK> [ 28.547421] [ 28.547581] Allocated by task 267: [ 28.547822] kasan_save_stack+0x3d/0x60 [ 28.548357] kasan_save_track+0x18/0x40 [ 28.548866] kasan_save_alloc_info+0x3b/0x50 [ 28.549437] __kasan_kmalloc+0xb7/0xc0 [ 28.549714] __kmalloc_cache_noprof+0x184/0x410 [ 28.550080] kasan_strings+0xb3/0xb60 [ 28.550368] kunit_try_run_case+0x1b3/0x490 [ 28.551162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.551809] kthread+0x257/0x310 [ 28.552561] ret_from_fork+0x41/0x80 [ 28.553209] ret_from_fork_asm+0x1a/0x30 [ 28.553709] [ 28.554130] Freed by task 267: [ 28.554507] kasan_save_stack+0x3d/0x60 [ 28.554839] kasan_save_track+0x18/0x40 [ 28.555452] kasan_save_free_info+0x3f/0x60 [ 28.556113] __kasan_slab_free+0x56/0x70 [ 28.556543] kfree+0x123/0x3f0 [ 28.556801] kasan_strings+0x13a/0xb60 [ 28.557663] kunit_try_run_case+0x1b3/0x490 [ 28.558263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.558820] kthread+0x257/0x310 [ 28.559378] ret_from_fork+0x41/0x80 [ 28.559796] ret_from_fork_asm+0x1a/0x30 [ 28.560290] [ 28.560527] The buggy address belongs to the object at ffff888101ab9940 [ 28.560527] which belongs to the cache kmalloc-32 of size 32 [ 28.561489] The buggy address is located 16 bytes inside of [ 28.561489] freed 32-byte region [ffff888101ab9940, ffff888101ab9960) [ 28.562957] [ 28.563339] The buggy address belongs to the physical page: [ 28.563715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 28.564655] flags: 0x200000000000000(node=0|zone=2) [ 28.565186] page_type: f5(slab) [ 28.565618] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.566439] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 28.567351] page dumped because: kasan: bad access detected [ 28.567816] [ 28.568208] Memory state around the buggy address: [ 28.568722] ffff888101ab9800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.569540] ffff888101ab9880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.570332] >ffff888101ab9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 28.570946] ^ [ 28.571597] ffff888101ab9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.572186] ffff888101ab9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.572896] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 35.453504] ================================================================== [ 35.454174] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 35.454174] [ 35.455037] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 35.455529] test_invalid_addr_free+0x1e3/0x260 [ 35.456006] kunit_try_run_case+0x1b3/0x490 [ 35.456425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.456881] kthread+0x257/0x310 [ 35.457587] ret_from_fork+0x41/0x80 [ 35.458315] ret_from_fork_asm+0x1a/0x30 [ 35.459078] [ 35.459475] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.459475] [ 35.460848] allocated by task 315 on cpu 1 at 35.453377s (0.007467s ago): [ 35.461575] test_alloc+0x35f/0x10d0 [ 35.462125] test_invalid_addr_free+0xdc/0x260 [ 35.462532] kunit_try_run_case+0x1b3/0x490 [ 35.463060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.463501] kthread+0x257/0x310 [ 35.463887] ret_from_fork+0x41/0x80 [ 35.464472] ret_from_fork_asm+0x1a/0x30 [ 35.464904] [ 35.465186] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.466188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.466585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.467495] ================================================================== [ 35.557349] ================================================================== [ 35.557912] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 35.557912] [ 35.558650] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 35.559300] test_invalid_addr_free+0xfc/0x260 [ 35.559755] kunit_try_run_case+0x1b3/0x490 [ 35.560322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.560797] kthread+0x257/0x310 [ 35.561081] ret_from_fork+0x41/0x80 [ 35.561525] ret_from_fork_asm+0x1a/0x30 [ 35.562155] [ 35.562362] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.562362] [ 35.563070] allocated by task 317 on cpu 0 at 35.557261s (0.005805s ago): [ 35.563600] test_alloc+0x2a7/0x10d0 [ 35.563931] test_invalid_addr_free+0xdc/0x260 [ 35.564512] kunit_try_run_case+0x1b3/0x490 [ 35.565015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.565425] kthread+0x257/0x310 [ 35.565678] ret_from_fork+0x41/0x80 [ 35.566181] ret_from_fork_asm+0x1a/0x30 [ 35.566699] [ 35.566903] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.567783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.568082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.569062] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 35.245618] ================================================================== [ 35.246322] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 35.246322] [ 35.247000] Invalid free of 0x(____ptrval____) (in kfence-#109): [ 35.247612] test_double_free+0x1d5/0x260 [ 35.247956] kunit_try_run_case+0x1b3/0x490 [ 35.248348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.248897] kthread+0x257/0x310 [ 35.249291] ret_from_fork+0x41/0x80 [ 35.249618] ret_from_fork_asm+0x1a/0x30 [ 35.250117] [ 35.250336] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.250336] [ 35.251003] allocated by task 311 on cpu 0 at 35.245315s (0.005683s ago): [ 35.251804] test_alloc+0x35f/0x10d0 [ 35.252224] test_double_free+0xdc/0x260 [ 35.252642] kunit_try_run_case+0x1b3/0x490 [ 35.252939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.253609] kthread+0x257/0x310 [ 35.254060] ret_from_fork+0x41/0x80 [ 35.254335] ret_from_fork_asm+0x1a/0x30 [ 35.254801] [ 35.255080] freed by task 311 on cpu 0 at 35.245399s (0.009677s ago): [ 35.255513] test_double_free+0x1e2/0x260 [ 35.255961] kunit_try_run_case+0x1b3/0x490 [ 35.256515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.256903] kthread+0x257/0x310 [ 35.257546] ret_from_fork+0x41/0x80 [ 35.257836] ret_from_fork_asm+0x1a/0x30 [ 35.258146] [ 35.258336] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.259406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.259684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.261270] ================================================================== [ 35.349543] ================================================================== [ 35.350270] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 35.350270] [ 35.350821] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 35.351406] test_double_free+0x113/0x260 [ 35.351887] kunit_try_run_case+0x1b3/0x490 [ 35.352216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.352948] kthread+0x257/0x310 [ 35.353362] ret_from_fork+0x41/0x80 [ 35.353715] ret_from_fork_asm+0x1a/0x30 [ 35.354061] [ 35.354322] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.354322] [ 35.354910] allocated by task 313 on cpu 1 at 35.349291s (0.005615s ago): [ 35.355833] test_alloc+0x2a7/0x10d0 [ 35.356150] test_double_free+0xdc/0x260 [ 35.356646] kunit_try_run_case+0x1b3/0x490 [ 35.357025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.357583] kthread+0x257/0x310 [ 35.357838] ret_from_fork+0x41/0x80 [ 35.358398] ret_from_fork_asm+0x1a/0x30 [ 35.358774] [ 35.358970] freed by task 313 on cpu 1 at 35.349350s (0.009617s ago): [ 35.359518] test_double_free+0xfb/0x260 [ 35.359905] kunit_try_run_case+0x1b3/0x490 [ 35.360469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.360818] kthread+0x257/0x310 [ 35.361185] ret_from_fork+0x41/0x80 [ 35.361666] ret_from_fork_asm+0x1a/0x30 [ 35.362153] [ 35.362433] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 35.363023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.363512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.364412] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 34.829566] ================================================================== [ 34.830155] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 34.830155] [ 34.831273] Use-after-free read at 0x(____ptrval____) (in kfence-#105): [ 34.832568] test_use_after_free_read+0x12a/0x270 [ 34.833593] kunit_try_run_case+0x1b3/0x490 [ 34.834013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.834818] kthread+0x257/0x310 [ 34.835401] ret_from_fork+0x41/0x80 [ 34.835951] ret_from_fork_asm+0x1a/0x30 [ 34.836454] [ 34.836660] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.836660] [ 34.838422] allocated by task 303 on cpu 0 at 34.829311s (0.009108s ago): [ 34.839558] test_alloc+0x35f/0x10d0 [ 34.839909] test_use_after_free_read+0xdd/0x270 [ 34.840324] kunit_try_run_case+0x1b3/0x490 [ 34.840745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.841585] kthread+0x257/0x310 [ 34.841907] ret_from_fork+0x41/0x80 [ 34.842270] ret_from_fork_asm+0x1a/0x30 [ 34.842854] [ 34.843320] freed by task 303 on cpu 0 at 34.829389s (0.013768s ago): [ 34.844091] test_use_after_free_read+0x1e9/0x270 [ 34.844572] kunit_try_run_case+0x1b3/0x490 [ 34.844909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.845616] kthread+0x257/0x310 [ 34.846410] ret_from_fork+0x41/0x80 [ 34.846765] ret_from_fork_asm+0x1a/0x30 [ 34.847660] [ 34.848140] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 34.849027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.849777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.851531] ================================================================== [ 34.933439] ================================================================== [ 34.934150] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 34.934150] [ 34.934887] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 34.935788] test_use_after_free_read+0x12a/0x270 [ 34.936363] kunit_try_run_case+0x1b3/0x490 [ 34.936800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.937679] kthread+0x257/0x310 [ 34.938034] ret_from_fork+0x41/0x80 [ 34.938230] ret_from_fork_asm+0x1a/0x30 [ 34.938428] [ 34.938527] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.938527] [ 34.938863] allocated by task 305 on cpu 0 at 34.933303s (0.005557s ago): [ 34.939431] test_alloc+0x2a7/0x10d0 [ 34.939857] test_use_after_free_read+0xdd/0x270 [ 34.940291] kunit_try_run_case+0x1b3/0x490 [ 34.940958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.941882] kthread+0x257/0x310 [ 34.942322] ret_from_fork+0x41/0x80 [ 34.942999] ret_from_fork_asm+0x1a/0x30 [ 34.943691] [ 34.944048] freed by task 305 on cpu 0 at 34.933361s (0.010683s ago): [ 34.944797] test_use_after_free_read+0xfc/0x270 [ 34.945386] kunit_try_run_case+0x1b3/0x490 [ 34.945727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.946277] kthread+0x257/0x310 [ 34.946684] ret_from_fork+0x41/0x80 [ 34.947034] ret_from_fork_asm+0x1a/0x30 [ 34.947871] [ 34.948228] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 34.949693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.950319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.950941] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 34.725380] ================================================================== [ 34.726001] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 34.726001] [ 34.726607] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#104): [ 34.726897] test_out_of_bounds_write+0x10e/0x260 [ 34.727249] kunit_try_run_case+0x1b3/0x490 [ 34.727662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.728826] kthread+0x257/0x310 [ 34.729424] ret_from_fork+0x41/0x80 [ 34.729924] ret_from_fork_asm+0x1a/0x30 [ 34.730422] [ 34.730801] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.730801] [ 34.731862] allocated by task 301 on cpu 0 at 34.725311s (0.006547s ago): [ 34.732959] test_alloc+0x2a7/0x10d0 [ 34.733345] test_out_of_bounds_write+0xd5/0x260 [ 34.733791] kunit_try_run_case+0x1b3/0x490 [ 34.734324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.734718] kthread+0x257/0x310 [ 34.735233] ret_from_fork+0x41/0x80 [ 34.735726] ret_from_fork_asm+0x1a/0x30 [ 34.736337] [ 34.736710] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 34.737710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.738161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.739171] ================================================================== [ 34.621431] ================================================================== [ 34.622123] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 34.622123] [ 34.623029] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 34.623718] test_out_of_bounds_write+0x10e/0x260 [ 34.624214] kunit_try_run_case+0x1b3/0x490 [ 34.624933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.625494] kthread+0x257/0x310 [ 34.626018] ret_from_fork+0x41/0x80 [ 34.626531] ret_from_fork_asm+0x1a/0x30 [ 34.626925] [ 34.627386] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.627386] [ 34.628320] allocated by task 299 on cpu 1 at 34.621304s (0.007011s ago): [ 34.629050] test_alloc+0x35f/0x10d0 [ 34.629393] test_out_of_bounds_write+0xd5/0x260 [ 34.629849] kunit_try_run_case+0x1b3/0x490 [ 34.630411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.630864] kthread+0x257/0x310 [ 34.631446] ret_from_fork+0x41/0x80 [ 34.631910] ret_from_fork_asm+0x1a/0x30 [ 34.632253] [ 34.632442] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 34.633698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.634286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.635119] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 33.893470] ================================================================== [ 33.894175] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.894175] [ 33.894920] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#96): [ 33.896293] test_out_of_bounds_read+0x217/0x4e0 [ 33.896653] kunit_try_run_case+0x1b3/0x490 [ 33.897227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.897742] kthread+0x257/0x310 [ 33.898224] ret_from_fork+0x41/0x80 [ 33.898645] ret_from_fork_asm+0x1a/0x30 [ 33.899209] [ 33.899430] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.899430] [ 33.900420] allocated by task 295 on cpu 0 at 33.893263s (0.007153s ago): [ 33.901125] test_alloc+0x35f/0x10d0 [ 33.901524] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.901931] kunit_try_run_case+0x1b3/0x490 [ 33.902657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.903187] kthread+0x257/0x310 [ 33.903672] ret_from_fork+0x41/0x80 [ 33.904207] ret_from_fork_asm+0x1a/0x30 [ 33.904820] [ 33.905064] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 33.905920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.906416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.907216] ================================================================== [ 34.517322] ================================================================== [ 34.518024] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 34.518024] [ 34.518902] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#102): [ 34.519392] test_out_of_bounds_read+0x217/0x4e0 [ 34.519801] kunit_try_run_case+0x1b3/0x490 [ 34.520429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.520909] kthread+0x257/0x310 [ 34.521227] ret_from_fork+0x41/0x80 [ 34.521517] ret_from_fork_asm+0x1a/0x30 [ 34.521848] [ 34.522124] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.522124] [ 34.523227] allocated by task 297 on cpu 1 at 34.517264s (0.005959s ago): [ 34.523712] test_alloc+0x2a7/0x10d0 [ 34.524298] test_out_of_bounds_read+0x1e3/0x4e0 [ 34.524710] kunit_try_run_case+0x1b3/0x490 [ 34.525043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.525659] kthread+0x257/0x310 [ 34.526142] ret_from_fork+0x41/0x80 [ 34.526624] ret_from_fork_asm+0x1a/0x30 [ 34.527039] [ 34.527266] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 34.528328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.528814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.529553] ================================================================== [ 34.101342] ================================================================== [ 34.102008] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 34.102008] [ 34.103105] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#98): [ 34.103794] test_out_of_bounds_read+0x127/0x4e0 [ 34.104737] kunit_try_run_case+0x1b3/0x490 [ 34.105246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.106313] kthread+0x257/0x310 [ 34.106657] ret_from_fork+0x41/0x80 [ 34.107162] ret_from_fork_asm+0x1a/0x30 [ 34.107855] [ 34.108090] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.108090] [ 34.108766] allocated by task 297 on cpu 1 at 34.101270s (0.007493s ago): [ 34.109502] test_alloc+0x2a7/0x10d0 [ 34.110029] test_out_of_bounds_read+0xee/0x4e0 [ 34.110695] kunit_try_run_case+0x1b3/0x490 [ 34.111390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.112229] kthread+0x257/0x310 [ 34.112900] ret_from_fork+0x41/0x80 [ 34.113844] ret_from_fork_asm+0x1a/0x30 [ 34.114290] [ 34.114675] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 34.115565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.115921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.116729] ================================================================== [ 33.582730] ================================================================== [ 33.583648] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 33.583648] [ 33.584577] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#93): [ 33.585852] test_out_of_bounds_read+0x127/0x4e0 [ 33.586567] kunit_try_run_case+0x1b3/0x490 [ 33.587014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.587489] kthread+0x257/0x310 [ 33.588127] ret_from_fork+0x41/0x80 [ 33.588618] ret_from_fork_asm+0x1a/0x30 [ 33.589720] [ 33.590591] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.590591] [ 33.591836] allocated by task 295 on cpu 0 at 33.581273s (0.010440s ago): [ 33.593406] test_alloc+0x35f/0x10d0 [ 33.593826] test_out_of_bounds_read+0xee/0x4e0 [ 33.594741] kunit_try_run_case+0x1b3/0x490 [ 33.595174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.595901] kthread+0x257/0x310 [ 33.596297] ret_from_fork+0x41/0x80 [ 33.596689] ret_from_fork_asm+0x1a/0x30 [ 33.597430] [ 33.597957] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 33.599382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.599834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.601178] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 33.015522] ================================================================== [ 33.017013] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 33.017677] Write of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 33.018943] [ 33.019270] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 33.020484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.020962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.022136] Call Trace: [ 33.022471] <TASK> [ 33.022900] dump_stack_lvl+0x73/0xb0 [ 33.023279] print_report+0xd1/0x640 [ 33.024003] ? __virt_addr_valid+0x1db/0x2d0 [ 33.024559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.025001] kasan_report+0x102/0x140 [ 33.025485] ? strncpy_from_user+0x2e/0x1e0 [ 33.025927] ? strncpy_from_user+0x2e/0x1e0 [ 33.026467] kasan_check_range+0x10c/0x1c0 [ 33.027028] __kasan_check_write+0x18/0x20 [ 33.027560] strncpy_from_user+0x2e/0x1e0 [ 33.027864] ? __kasan_check_read+0x15/0x20 [ 33.028777] copy_user_test_oob+0x761/0x10f0 [ 33.030315] ? __pfx_copy_user_test_oob+0x10/0x10 [ 33.030771] ? finish_task_switch.isra.0+0x153/0x700 [ 33.031589] ? __switch_to+0x5d9/0xf60 [ 33.032008] ? __schedule+0xc3e/0x2790 [ 33.032736] ? __pfx_read_tsc+0x10/0x10 [ 33.033403] ? ktime_get_ts64+0x84/0x230 [ 33.033821] kunit_try_run_case+0x1b3/0x490 [ 33.034623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.035111] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.035969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.036692] ? __kthread_parkme+0x82/0x160 [ 33.037393] ? preempt_count_sub+0x50/0x80 [ 33.037817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.038582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.039126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.039620] kthread+0x257/0x310 [ 33.039959] ? __pfx_kthread+0x10/0x10 [ 33.040670] ret_from_fork+0x41/0x80 [ 33.040939] ? __pfx_kthread+0x10/0x10 [ 33.041598] ret_from_fork_asm+0x1a/0x30 [ 33.042156] </TASK> [ 33.042498] [ 33.042686] Allocated by task 293: [ 33.043321] kasan_save_stack+0x3d/0x60 [ 33.043820] kasan_save_track+0x18/0x40 [ 33.044455] kasan_save_alloc_info+0x3b/0x50 [ 33.044781] __kasan_kmalloc+0xb7/0xc0 [ 33.045406] __kmalloc_noprof+0x1c4/0x500 [ 33.045870] kunit_kmalloc_array+0x25/0x60 [ 33.046427] copy_user_test_oob+0xac/0x10f0 [ 33.046942] kunit_try_run_case+0x1b3/0x490 [ 33.047455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.047954] kthread+0x257/0x310 [ 33.048402] ret_from_fork+0x41/0x80 [ 33.049118] ret_from_fork_asm+0x1a/0x30 [ 33.049504] [ 33.049855] The buggy address belongs to the object at ffff888102a58900 [ 33.049855] which belongs to the cache kmalloc-128 of size 128 [ 33.051523] The buggy address is located 0 bytes inside of [ 33.051523] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 33.051967] [ 33.052173] The buggy address belongs to the physical page: [ 33.052630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 33.053504] flags: 0x200000000000000(node=0|zone=2) [ 33.053828] page_type: f5(slab) [ 33.054309] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 33.055288] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.055896] page dumped because: kasan: bad access detected [ 33.056651] [ 33.056906] Memory state around the buggy address: [ 33.057544] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.058363] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.059091] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.059813] ^ [ 33.060620] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.061402] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.061677] ================================================================== [ 33.062656] ================================================================== [ 33.063631] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 33.064716] Write of size 1 at addr ffff888102a58978 by task kunit_try_catch/293 [ 33.065703] [ 33.065884] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 33.067227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.067915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.069021] Call Trace: [ 33.069390] <TASK> [ 33.069705] dump_stack_lvl+0x73/0xb0 [ 33.070039] print_report+0xd1/0x640 [ 33.070358] ? __virt_addr_valid+0x1db/0x2d0 [ 33.070851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.071673] kasan_report+0x102/0x140 [ 33.072337] ? strncpy_from_user+0x1a7/0x1e0 [ 33.073102] ? strncpy_from_user+0x1a7/0x1e0 [ 33.073850] __asan_report_store1_noabort+0x1b/0x30 [ 33.074774] strncpy_from_user+0x1a7/0x1e0 [ 33.075341] copy_user_test_oob+0x761/0x10f0 [ 33.075773] ? __pfx_copy_user_test_oob+0x10/0x10 [ 33.076396] ? finish_task_switch.isra.0+0x153/0x700 [ 33.076783] ? __switch_to+0x5d9/0xf60 [ 33.077281] ? __schedule+0xc3e/0x2790 [ 33.077595] ? __pfx_read_tsc+0x10/0x10 [ 33.078070] ? ktime_get_ts64+0x84/0x230 [ 33.078513] kunit_try_run_case+0x1b3/0x490 [ 33.078978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.079463] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.079919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.080402] ? __kthread_parkme+0x82/0x160 [ 33.080826] ? preempt_count_sub+0x50/0x80 [ 33.081289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.081836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.082340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.082974] kthread+0x257/0x310 [ 33.083354] ? __pfx_kthread+0x10/0x10 [ 33.083802] ret_from_fork+0x41/0x80 [ 33.084229] ? __pfx_kthread+0x10/0x10 [ 33.084567] ret_from_fork_asm+0x1a/0x30 [ 33.085162] </TASK> [ 33.085407] [ 33.085569] Allocated by task 293: [ 33.086048] kasan_save_stack+0x3d/0x60 [ 33.086450] kasan_save_track+0x18/0x40 [ 33.086820] kasan_save_alloc_info+0x3b/0x50 [ 33.087296] __kasan_kmalloc+0xb7/0xc0 [ 33.087643] __kmalloc_noprof+0x1c4/0x500 [ 33.088137] kunit_kmalloc_array+0x25/0x60 [ 33.088607] copy_user_test_oob+0xac/0x10f0 [ 33.088920] kunit_try_run_case+0x1b3/0x490 [ 33.089308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.089922] kthread+0x257/0x310 [ 33.090331] ret_from_fork+0x41/0x80 [ 33.090618] ret_from_fork_asm+0x1a/0x30 [ 33.091265] [ 33.091499] The buggy address belongs to the object at ffff888102a58900 [ 33.091499] which belongs to the cache kmalloc-128 of size 128 [ 33.092631] The buggy address is located 0 bytes to the right of [ 33.092631] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 33.093969] [ 33.094886] The buggy address belongs to the physical page: [ 33.095463] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 33.095897] flags: 0x200000000000000(node=0|zone=2) [ 33.096542] page_type: f5(slab) [ 33.097193] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 33.097935] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.098550] page dumped because: kasan: bad access detected [ 33.099155] [ 33.099332] Memory state around the buggy address: [ 33.099835] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.100490] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.101162] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.101719] ^ [ 33.102404] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.102976] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.103762] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 32.875087] ================================================================== [ 32.875719] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 32.876394] Read of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 32.876976] [ 32.877289] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.877937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.878432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.879152] Call Trace: [ 32.879493] <TASK> [ 32.879804] dump_stack_lvl+0x73/0xb0 [ 32.880302] print_report+0xd1/0x640 [ 32.880663] ? __virt_addr_valid+0x1db/0x2d0 [ 32.881142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.881784] kasan_report+0x102/0x140 [ 32.882237] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.882764] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.883371] kasan_check_range+0x10c/0x1c0 [ 32.883700] __kasan_check_read+0x15/0x20 [ 32.884294] copy_user_test_oob+0x4ab/0x10f0 [ 32.884720] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.885312] ? finish_task_switch.isra.0+0x153/0x700 [ 32.885734] ? __switch_to+0x5d9/0xf60 [ 32.886140] ? __schedule+0xc3e/0x2790 [ 32.886569] ? __pfx_read_tsc+0x10/0x10 [ 32.886945] ? ktime_get_ts64+0x84/0x230 [ 32.887340] kunit_try_run_case+0x1b3/0x490 [ 32.887780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.888295] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.888709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.889360] ? __kthread_parkme+0x82/0x160 [ 32.889847] ? preempt_count_sub+0x50/0x80 [ 32.890388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.890810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.891911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.893083] kthread+0x257/0x310 [ 32.893904] ? __pfx_kthread+0x10/0x10 [ 32.894521] ret_from_fork+0x41/0x80 [ 32.894923] ? __pfx_kthread+0x10/0x10 [ 32.895206] ret_from_fork_asm+0x1a/0x30 [ 32.896163] </TASK> [ 32.896394] [ 32.896554] Allocated by task 293: [ 32.896902] kasan_save_stack+0x3d/0x60 [ 32.897826] kasan_save_track+0x18/0x40 [ 32.898374] kasan_save_alloc_info+0x3b/0x50 [ 32.898893] __kasan_kmalloc+0xb7/0xc0 [ 32.899326] __kmalloc_noprof+0x1c4/0x500 [ 32.899901] kunit_kmalloc_array+0x25/0x60 [ 32.900391] copy_user_test_oob+0xac/0x10f0 [ 32.900820] kunit_try_run_case+0x1b3/0x490 [ 32.902034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.902505] kthread+0x257/0x310 [ 32.902929] ret_from_fork+0x41/0x80 [ 32.903298] ret_from_fork_asm+0x1a/0x30 [ 32.903752] [ 32.903945] The buggy address belongs to the object at ffff888102a58900 [ 32.903945] which belongs to the cache kmalloc-128 of size 128 [ 32.904858] The buggy address is located 0 bytes inside of [ 32.904858] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 32.906197] [ 32.906390] The buggy address belongs to the physical page: [ 32.907043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 32.907775] flags: 0x200000000000000(node=0|zone=2) [ 32.908622] page_type: f5(slab) [ 32.909440] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.910165] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.910893] page dumped because: kasan: bad access detected [ 32.911242] [ 32.911495] Memory state around the buggy address: [ 32.912098] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.912678] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.913823] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.914569] ^ [ 32.915579] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.916419] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.917879] ================================================================== [ 32.919201] ================================================================== [ 32.919737] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 32.921231] Write of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 32.921919] [ 32.922703] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.924244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.924697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.926012] Call Trace: [ 32.926320] <TASK> [ 32.926737] dump_stack_lvl+0x73/0xb0 [ 32.927438] print_report+0xd1/0x640 [ 32.928014] ? __virt_addr_valid+0x1db/0x2d0 [ 32.928613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.929119] kasan_report+0x102/0x140 [ 32.929964] ? copy_user_test_oob+0x558/0x10f0 [ 32.930446] ? copy_user_test_oob+0x558/0x10f0 [ 32.931163] kasan_check_range+0x10c/0x1c0 [ 32.931876] __kasan_check_write+0x18/0x20 [ 32.932605] copy_user_test_oob+0x558/0x10f0 [ 32.933319] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.933896] ? finish_task_switch.isra.0+0x153/0x700 [ 32.934468] ? __switch_to+0x5d9/0xf60 [ 32.934853] ? __schedule+0xc3e/0x2790 [ 32.935239] ? __pfx_read_tsc+0x10/0x10 [ 32.936137] ? ktime_get_ts64+0x84/0x230 [ 32.936764] kunit_try_run_case+0x1b3/0x490 [ 32.937409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.938084] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.938541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.939004] ? __kthread_parkme+0x82/0x160 [ 32.939792] ? preempt_count_sub+0x50/0x80 [ 32.940430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.940853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.941886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.942670] kthread+0x257/0x310 [ 32.943291] ? __pfx_kthread+0x10/0x10 [ 32.943662] ret_from_fork+0x41/0x80 [ 32.944045] ? __pfx_kthread+0x10/0x10 [ 32.944439] ret_from_fork_asm+0x1a/0x30 [ 32.944836] </TASK> [ 32.945665] [ 32.945848] Allocated by task 293: [ 32.946117] kasan_save_stack+0x3d/0x60 [ 32.946883] kasan_save_track+0x18/0x40 [ 32.947475] kasan_save_alloc_info+0x3b/0x50 [ 32.948133] __kasan_kmalloc+0xb7/0xc0 [ 32.948680] __kmalloc_noprof+0x1c4/0x500 [ 32.949259] kunit_kmalloc_array+0x25/0x60 [ 32.949676] copy_user_test_oob+0xac/0x10f0 [ 32.950104] kunit_try_run_case+0x1b3/0x490 [ 32.950896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.951561] kthread+0x257/0x310 [ 32.951963] ret_from_fork+0x41/0x80 [ 32.952540] ret_from_fork_asm+0x1a/0x30 [ 32.953022] [ 32.953333] The buggy address belongs to the object at ffff888102a58900 [ 32.953333] which belongs to the cache kmalloc-128 of size 128 [ 32.954458] The buggy address is located 0 bytes inside of [ 32.954458] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 32.954901] [ 32.955066] The buggy address belongs to the physical page: [ 32.955486] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 32.956383] flags: 0x200000000000000(node=0|zone=2) [ 32.957271] page_type: f5(slab) [ 32.957878] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.958949] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.960082] page dumped because: kasan: bad access detected [ 32.960307] [ 32.960403] Memory state around the buggy address: [ 32.960601] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.960871] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.961629] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.963483] ^ [ 32.964114] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.964816] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.966119] ================================================================== [ 32.832200] ================================================================== [ 32.832840] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 32.833587] Write of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 32.834270] [ 32.834563] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.835444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.836016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.836788] Call Trace: [ 32.837124] <TASK> [ 32.837389] dump_stack_lvl+0x73/0xb0 [ 32.837900] print_report+0xd1/0x640 [ 32.838510] ? __virt_addr_valid+0x1db/0x2d0 [ 32.838973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.839597] kasan_report+0x102/0x140 [ 32.840151] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.840615] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.841327] kasan_check_range+0x10c/0x1c0 [ 32.841705] __kasan_check_write+0x18/0x20 [ 32.842215] copy_user_test_oob+0x3fe/0x10f0 [ 32.842890] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.843316] ? finish_task_switch.isra.0+0x153/0x700 [ 32.843928] ? __switch_to+0x5d9/0xf60 [ 32.844286] ? __schedule+0xc3e/0x2790 [ 32.844850] ? __pfx_read_tsc+0x10/0x10 [ 32.845419] ? ktime_get_ts64+0x84/0x230 [ 32.845790] kunit_try_run_case+0x1b3/0x490 [ 32.846635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.847061] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.847793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.848463] ? __kthread_parkme+0x82/0x160 [ 32.848942] ? preempt_count_sub+0x50/0x80 [ 32.849408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.850063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.850776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.851587] kthread+0x257/0x310 [ 32.852089] ? __pfx_kthread+0x10/0x10 [ 32.852514] ret_from_fork+0x41/0x80 [ 32.852911] ? __pfx_kthread+0x10/0x10 [ 32.853651] ret_from_fork_asm+0x1a/0x30 [ 32.854206] </TASK> [ 32.854509] [ 32.854786] Allocated by task 293: [ 32.855089] kasan_save_stack+0x3d/0x60 [ 32.855638] kasan_save_track+0x18/0x40 [ 32.856756] kasan_save_alloc_info+0x3b/0x50 [ 32.857641] __kasan_kmalloc+0xb7/0xc0 [ 32.857835] __kmalloc_noprof+0x1c4/0x500 [ 32.858110] kunit_kmalloc_array+0x25/0x60 [ 32.858926] copy_user_test_oob+0xac/0x10f0 [ 32.859463] kunit_try_run_case+0x1b3/0x490 [ 32.860311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.860793] kthread+0x257/0x310 [ 32.861304] ret_from_fork+0x41/0x80 [ 32.861637] ret_from_fork_asm+0x1a/0x30 [ 32.862003] [ 32.862280] The buggy address belongs to the object at ffff888102a58900 [ 32.862280] which belongs to the cache kmalloc-128 of size 128 [ 32.863303] The buggy address is located 0 bytes inside of [ 32.863303] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 32.864412] [ 32.864578] The buggy address belongs to the physical page: [ 32.865136] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 32.865727] flags: 0x200000000000000(node=0|zone=2) [ 32.866258] page_type: f5(slab) [ 32.866515] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.867352] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.867866] page dumped because: kasan: bad access detected [ 32.868523] [ 32.868731] Memory state around the buggy address: [ 32.869211] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.869811] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.870401] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.871193] ^ [ 32.871666] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.872482] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.872952] ================================================================== [ 32.967216] ================================================================== [ 32.967790] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 32.968760] Read of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 32.969466] [ 32.970222] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.971636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.972375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.973840] Call Trace: [ 32.974173] <TASK> [ 32.974303] dump_stack_lvl+0x73/0xb0 [ 32.974505] print_report+0xd1/0x640 [ 32.974691] ? __virt_addr_valid+0x1db/0x2d0 [ 32.974893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.975243] kasan_report+0x102/0x140 [ 32.975529] ? copy_user_test_oob+0x605/0x10f0 [ 32.976829] ? copy_user_test_oob+0x605/0x10f0 [ 32.977544] kasan_check_range+0x10c/0x1c0 [ 32.978001] __kasan_check_read+0x15/0x20 [ 32.978638] copy_user_test_oob+0x605/0x10f0 [ 32.978857] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.979647] ? finish_task_switch.isra.0+0x153/0x700 [ 32.980505] ? __switch_to+0x5d9/0xf60 [ 32.981249] ? __schedule+0xc3e/0x2790 [ 32.981884] ? __pfx_read_tsc+0x10/0x10 [ 32.982875] ? ktime_get_ts64+0x84/0x230 [ 32.983404] kunit_try_run_case+0x1b3/0x490 [ 32.983854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.984811] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.985637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.986386] ? __kthread_parkme+0x82/0x160 [ 32.986826] ? preempt_count_sub+0x50/0x80 [ 32.987442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.987948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.988411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.989161] kthread+0x257/0x310 [ 32.989587] ? __pfx_kthread+0x10/0x10 [ 32.990003] ret_from_fork+0x41/0x80 [ 32.990514] ? __pfx_kthread+0x10/0x10 [ 32.991095] ret_from_fork_asm+0x1a/0x30 [ 32.991555] </TASK> [ 32.991918] [ 32.992500] Allocated by task 293: [ 32.992876] kasan_save_stack+0x3d/0x60 [ 32.993898] kasan_save_track+0x18/0x40 [ 32.994900] kasan_save_alloc_info+0x3b/0x50 [ 32.995546] __kasan_kmalloc+0xb7/0xc0 [ 32.995942] __kmalloc_noprof+0x1c4/0x500 [ 32.996381] kunit_kmalloc_array+0x25/0x60 [ 32.996803] copy_user_test_oob+0xac/0x10f0 [ 32.997764] kunit_try_run_case+0x1b3/0x490 [ 32.998516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.999799] kthread+0x257/0x310 [ 33.000518] ret_from_fork+0x41/0x80 [ 33.001228] ret_from_fork_asm+0x1a/0x30 [ 33.001443] [ 33.001543] The buggy address belongs to the object at ffff888102a58900 [ 33.001543] which belongs to the cache kmalloc-128 of size 128 [ 33.002003] The buggy address is located 0 bytes inside of [ 33.002003] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 33.002936] [ 33.003261] The buggy address belongs to the physical page: [ 33.004229] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 33.005089] flags: 0x200000000000000(node=0|zone=2) [ 33.005638] page_type: f5(slab) [ 33.006027] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 33.006893] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.007774] page dumped because: kasan: bad access detected [ 33.008657] [ 33.009017] Memory state around the buggy address: [ 33.009541] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.010417] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.011185] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.012132] ^ [ 33.012826] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.013605] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.014448] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 32.781089] ================================================================== [ 32.781683] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 32.782263] Read of size 121 at addr ffff888102a58900 by task kunit_try_catch/293 [ 32.783019] [ 32.783393] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 32.784285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.784645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.785616] Call Trace: [ 32.786272] <TASK> [ 32.786751] dump_stack_lvl+0x73/0xb0 [ 32.787468] print_report+0xd1/0x640 [ 32.787963] ? __virt_addr_valid+0x1db/0x2d0 [ 32.788776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.789499] kasan_report+0x102/0x140 [ 32.789913] ? _copy_to_user+0x4a/0x70 [ 32.790654] ? _copy_to_user+0x4a/0x70 [ 32.791417] kasan_check_range+0x10c/0x1c0 [ 32.792197] __kasan_check_read+0x15/0x20 [ 32.792600] _copy_to_user+0x4a/0x70 [ 32.792928] copy_user_test_oob+0x365/0x10f0 [ 32.793489] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.794246] ? finish_task_switch.isra.0+0x153/0x700 [ 32.794786] ? __switch_to+0x5d9/0xf60 [ 32.795629] ? __schedule+0xc3e/0x2790 [ 32.796539] ? __pfx_read_tsc+0x10/0x10 [ 32.797030] ? ktime_get_ts64+0x84/0x230 [ 32.797422] kunit_try_run_case+0x1b3/0x490 [ 32.797900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.798706] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.799367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.799732] ? __kthread_parkme+0x82/0x160 [ 32.800326] ? preempt_count_sub+0x50/0x80 [ 32.800893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.801416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.802021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.802602] kthread+0x257/0x310 [ 32.803062] ? __pfx_kthread+0x10/0x10 [ 32.803469] ret_from_fork+0x41/0x80 [ 32.803972] ? __pfx_kthread+0x10/0x10 [ 32.804482] ret_from_fork_asm+0x1a/0x30 [ 32.804937] </TASK> [ 32.805320] [ 32.805545] Allocated by task 293: [ 32.806012] kasan_save_stack+0x3d/0x60 [ 32.806388] kasan_save_track+0x18/0x40 [ 32.806881] kasan_save_alloc_info+0x3b/0x50 [ 32.807592] __kasan_kmalloc+0xb7/0xc0 [ 32.808055] __kmalloc_noprof+0x1c4/0x500 [ 32.808445] kunit_kmalloc_array+0x25/0x60 [ 32.809071] copy_user_test_oob+0xac/0x10f0 [ 32.809444] kunit_try_run_case+0x1b3/0x490 [ 32.809890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.810641] kthread+0x257/0x310 [ 32.811276] ret_from_fork+0x41/0x80 [ 32.811562] ret_from_fork_asm+0x1a/0x30 [ 32.812081] [ 32.812350] The buggy address belongs to the object at ffff888102a58900 [ 32.812350] which belongs to the cache kmalloc-128 of size 128 [ 32.813263] The buggy address is located 0 bytes inside of [ 32.813263] allocated 120-byte region [ffff888102a58900, ffff888102a58978) [ 32.814459] [ 32.814812] The buggy address belongs to the physical page: [ 32.815278] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 32.816213] flags: 0x200000000000000(node=0|zone=2) [ 32.816548] page_type: f5(slab) [ 32.816795] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.817754] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.818619] page dumped because: kasan: bad access detected [ 32.819132] [ 32.819512] Memory state around the buggy address: [ 32.820137] ffff888102a58800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.820863] ffff888102a58880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.821349] >ffff888102a58900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.822219] ^ [ 32.822917] ffff888102a58980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.823629] ffff888102a58a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.824401] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 28.136889] ================================================================== [ 28.137951] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 28.138566] Read of size 1 at addr ffff888102d67caa by task kunit_try_catch/261 [ 28.139355] [ 28.139661] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.140762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.141588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.142829] Call Trace: [ 28.143471] <TASK> [ 28.143679] dump_stack_lvl+0x73/0xb0 [ 28.144585] print_report+0xd1/0x640 [ 28.145117] ? __virt_addr_valid+0x1db/0x2d0 [ 28.145635] ? kasan_addr_to_slab+0x11/0xa0 [ 28.146302] kasan_report+0x102/0x140 [ 28.146711] ? kasan_alloca_oob_right+0x328/0x390 [ 28.147550] ? kasan_alloca_oob_right+0x328/0x390 [ 28.148356] __asan_report_load1_noabort+0x18/0x20 [ 28.149155] kasan_alloca_oob_right+0x328/0x390 [ 28.149595] ? trace_event_raw_event_sched_wake_idle_without_ipi+0x160/0x180 [ 28.150308] ? __schedule+0xc3e/0x2790 [ 28.150905] ? trace_hardirqs_on+0x37/0xe0 [ 28.151879] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 28.152344] ? __schedule+0xc3e/0x2790 [ 28.152640] ? __pfx_read_tsc+0x10/0x10 [ 28.153498] ? ktime_get_ts64+0x84/0x230 [ 28.153918] kunit_try_run_case+0x1b3/0x490 [ 28.154463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.154951] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.155637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.156106] ? __kthread_parkme+0x82/0x160 [ 28.156628] ? preempt_count_sub+0x50/0x80 [ 28.157439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.157975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.158791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.159464] kthread+0x257/0x310 [ 28.159748] ? __pfx_kthread+0x10/0x10 [ 28.160286] ret_from_fork+0x41/0x80 [ 28.161017] ? __pfx_kthread+0x10/0x10 [ 28.161303] ret_from_fork_asm+0x1a/0x30 [ 28.162038] </TASK> [ 28.162449] [ 28.162703] The buggy address belongs to stack of task kunit_try_catch/261 [ 28.163589] [ 28.163852] The buggy address belongs to the physical page: [ 28.164300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d67 [ 28.165285] flags: 0x200000000000000(node=0|zone=2) [ 28.165768] raw: 0200000000000000 ffffea00040b59c8 ffffea00040b59c8 0000000000000000 [ 28.166547] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.167455] page dumped because: kasan: bad access detected [ 28.167847] [ 28.168429] Memory state around the buggy address: [ 28.169181] ffff888102d67b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.169797] ffff888102d67c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.170671] >ffff888102d67c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 28.171474] ^ [ 28.172259] ffff888102d67d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 28.173123] ffff888102d67d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.173718] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 28.094455] ================================================================== [ 28.095405] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 28.096272] Read of size 1 at addr ffff888102d87c9f by task kunit_try_catch/259 [ 28.096819] [ 28.097095] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.098207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.098576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.099239] Call Trace: [ 28.099535] <TASK> [ 28.099781] dump_stack_lvl+0x73/0xb0 [ 28.100560] print_report+0xd1/0x640 [ 28.100939] ? __virt_addr_valid+0x1db/0x2d0 [ 28.101274] ? kasan_addr_to_slab+0x11/0xa0 [ 28.101858] kasan_report+0x102/0x140 [ 28.102852] ? kasan_alloca_oob_left+0x31f/0x380 [ 28.103443] ? kasan_alloca_oob_left+0x31f/0x380 [ 28.103809] __asan_report_load1_noabort+0x18/0x20 [ 28.104623] kasan_alloca_oob_left+0x31f/0x380 [ 28.105164] ? __schedule+0xc3e/0x2790 [ 28.105470] ? finish_task_switch.isra.0+0x153/0x700 [ 28.106034] ? finish_task_switch.isra.0+0x156/0x700 [ 28.106480] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 28.107125] ? __schedule+0xc3e/0x2790 [ 28.107648] ? __pfx_read_tsc+0x10/0x10 [ 28.107943] ? ktime_get_ts64+0x84/0x230 [ 28.108352] kunit_try_run_case+0x1b3/0x490 [ 28.109077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.109746] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.110307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.110814] ? __kthread_parkme+0x82/0x160 [ 28.111154] ? preempt_count_sub+0x50/0x80 [ 28.111600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.112542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.113286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.113709] kthread+0x257/0x310 [ 28.114044] ? __pfx_kthread+0x10/0x10 [ 28.114840] ret_from_fork+0x41/0x80 [ 28.115417] ? __pfx_kthread+0x10/0x10 [ 28.115698] ret_from_fork_asm+0x1a/0x30 [ 28.116253] </TASK> [ 28.116699] [ 28.116892] The buggy address belongs to stack of task kunit_try_catch/259 [ 28.117741] [ 28.117892] The buggy address belongs to the physical page: [ 28.118762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d87 [ 28.119685] flags: 0x200000000000000(node=0|zone=2) [ 28.120610] raw: 0200000000000000 ffffea00040b61c8 ffffea00040b61c8 0000000000000000 [ 28.121515] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.122626] page dumped because: kasan: bad access detected [ 28.123317] [ 28.123514] Memory state around the buggy address: [ 28.124229] ffff888102d87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.124700] ffff888102d87c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.126198] >ffff888102d87c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 28.126934] ^ [ 28.127849] ffff888102d87d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 28.129289] ffff888102d87d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.130052] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 28.045574] ================================================================== [ 28.047228] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 28.048482] Read of size 1 at addr ffff888102d4fd72 by task kunit_try_catch/257 [ 28.049647] [ 28.049827] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.051493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.051897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.052903] Call Trace: [ 28.053470] <TASK> [ 28.053713] dump_stack_lvl+0x73/0xb0 [ 28.054599] print_report+0xd1/0x640 [ 28.055158] ? __virt_addr_valid+0x1db/0x2d0 [ 28.055585] ? kasan_addr_to_slab+0x11/0xa0 [ 28.056218] kasan_report+0x102/0x140 [ 28.056693] ? kasan_stack_oob+0x2ae/0x300 [ 28.057187] ? kasan_stack_oob+0x2ae/0x300 [ 28.057716] __asan_report_load1_noabort+0x18/0x20 [ 28.058672] kasan_stack_oob+0x2ae/0x300 [ 28.059166] ? __pfx_kasan_stack_oob+0x10/0x10 [ 28.059657] ? finish_task_switch.isra.0+0x153/0x700 [ 28.060438] ? __switch_to+0x5d9/0xf60 [ 28.060829] ? __schedule+0xc3e/0x2790 [ 28.061469] ? __pfx_read_tsc+0x10/0x10 [ 28.061858] ? ktime_get_ts64+0x84/0x230 [ 28.062775] kunit_try_run_case+0x1b3/0x490 [ 28.063600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.063966] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.064652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.065243] ? __kthread_parkme+0x82/0x160 [ 28.065725] ? preempt_count_sub+0x50/0x80 [ 28.066230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.067053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.067858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.068396] kthread+0x257/0x310 [ 28.069089] ? __pfx_kthread+0x10/0x10 [ 28.069381] ret_from_fork+0x41/0x80 [ 28.069873] ? __pfx_kthread+0x10/0x10 [ 28.070426] ret_from_fork_asm+0x1a/0x30 [ 28.071041] </TASK> [ 28.071601] [ 28.072044] The buggy address belongs to stack of task kunit_try_catch/257 [ 28.073020] and is located at offset 138 in frame: [ 28.073671] kasan_stack_oob+0x0/0x300 [ 28.074482] [ 28.074934] This frame has 4 objects: [ 28.075914] [48, 49) '__assertion' [ 28.076452] [64, 72) 'array' [ 28.076777] [96, 112) '__assertion' [ 28.077120] [128, 138) 'stack_array' [ 28.077506] [ 28.078676] The buggy address belongs to the physical page: [ 28.079325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d4f [ 28.080614] flags: 0x200000000000000(node=0|zone=2) [ 28.081107] raw: 0200000000000000 ffffea00040b53c8 ffffea00040b53c8 0000000000000000 [ 28.081822] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.082833] page dumped because: kasan: bad access detected [ 28.083593] [ 28.083844] Memory state around the buggy address: [ 28.084686] ffff888102d4fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.085683] ffff888102d4fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.086740] >ffff888102d4fd00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 28.087531] ^ [ 28.088497] ffff888102d4fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.089113] ffff888102d4fe00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 28.089697] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 27.998367] ================================================================== [ 28.000165] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 28.001133] Read of size 1 at addr ffffffffbbffcc2d by task kunit_try_catch/253 [ 28.002377] [ 28.002591] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 28.004032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.004798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.006060] Call Trace: [ 28.006599] <TASK> [ 28.007089] dump_stack_lvl+0x73/0xb0 [ 28.007868] print_report+0xd1/0x640 [ 28.008362] ? __virt_addr_valid+0x1db/0x2d0 [ 28.009215] ? kasan_addr_to_slab+0x11/0xa0 [ 28.009654] kasan_report+0x102/0x140 [ 28.010067] ? kasan_global_oob_right+0x288/0x2d0 [ 28.010560] ? kasan_global_oob_right+0x288/0x2d0 [ 28.011963] __asan_report_load1_noabort+0x18/0x20 [ 28.012796] kasan_global_oob_right+0x288/0x2d0 [ 28.013073] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 28.013802] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 28.014608] kunit_try_run_case+0x1b3/0x490 [ 28.015488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.015949] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.016421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.016894] ? __kthread_parkme+0x82/0x160 [ 28.017365] ? preempt_count_sub+0x50/0x80 [ 28.017823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.018742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.019515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.020327] kthread+0x257/0x310 [ 28.020594] ? __pfx_kthread+0x10/0x10 [ 28.021333] ret_from_fork+0x41/0x80 [ 28.021929] ? __pfx_kthread+0x10/0x10 [ 28.022615] ret_from_fork_asm+0x1a/0x30 [ 28.023249] </TASK> [ 28.023595] [ 28.023916] The buggy address belongs to the variable: [ 28.024873] global_array+0xd/0x40 [ 28.025305] [ 28.025608] The buggy address belongs to the physical page: [ 28.025963] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15abfc [ 28.026761] flags: 0x200000000002000(reserved|node=0|zone=2) [ 28.027487] raw: 0200000000002000 ffffea00056aff08 ffffea00056aff08 0000000000000000 [ 28.028383] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.029649] page dumped because: kasan: bad access detected [ 28.030318] [ 28.030539] Memory state around the buggy address: [ 28.031168] ffffffffbbffcb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.032419] ffffffffbbffcb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.033221] >ffffffffbbffcc00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 28.034162] ^ [ 28.034701] ffffffffbbffcc80: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 28.035545] ffffffffbbffcd00: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 28.036431] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 27.875603] ================================================================== [ 27.876586] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.878184] Free of addr ffff888102a55101 by task kunit_try_catch/249 [ 27.878872] [ 27.879512] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.880772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.881536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.883371] Call Trace: [ 27.883665] <TASK> [ 27.884731] dump_stack_lvl+0x73/0xb0 [ 27.885287] print_report+0xd1/0x640 [ 27.885876] ? __virt_addr_valid+0x1db/0x2d0 [ 27.886691] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.887531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.888396] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.889217] kasan_report_invalid_free+0xc0/0xf0 [ 27.890244] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.890793] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.891790] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.892735] check_slab_allocation+0x11f/0x130 [ 27.893493] __kasan_mempool_poison_object+0x91/0x1d0 [ 27.894205] mempool_free+0x2ec/0x380 [ 27.894585] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.895664] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 27.896364] ? finish_task_switch.isra.0+0x153/0x700 [ 27.897127] mempool_kmalloc_invalid_free+0xb1/0x100 [ 27.897809] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 27.898755] ? __switch_to+0x5d9/0xf60 [ 27.899494] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.900192] ? __pfx_mempool_kfree+0x10/0x10 [ 27.900485] ? __pfx_read_tsc+0x10/0x10 [ 27.901304] ? ktime_get_ts64+0x84/0x230 [ 27.901943] kunit_try_run_case+0x1b3/0x490 [ 27.903196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.904091] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.904667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.905525] ? __kthread_parkme+0x82/0x160 [ 27.906591] ? preempt_count_sub+0x50/0x80 [ 27.907322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.907826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.908496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.909199] kthread+0x257/0x310 [ 27.909652] ? __pfx_kthread+0x10/0x10 [ 27.910563] ret_from_fork+0x41/0x80 [ 27.910975] ? __pfx_kthread+0x10/0x10 [ 27.911628] ret_from_fork_asm+0x1a/0x30 [ 27.912100] </TASK> [ 27.912539] [ 27.912858] Allocated by task 249: [ 27.913308] kasan_save_stack+0x3d/0x60 [ 27.913910] kasan_save_track+0x18/0x40 [ 27.914496] kasan_save_alloc_info+0x3b/0x50 [ 27.914909] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.915926] remove_element+0x11e/0x190 [ 27.916559] mempool_alloc_preallocated+0x4d/0x90 [ 27.916921] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 27.917791] mempool_kmalloc_invalid_free+0xb1/0x100 [ 27.918191] kunit_try_run_case+0x1b3/0x490 [ 27.918908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.919715] kthread+0x257/0x310 [ 27.920229] ret_from_fork+0x41/0x80 [ 27.920669] ret_from_fork_asm+0x1a/0x30 [ 27.921331] [ 27.921631] The buggy address belongs to the object at ffff888102a55100 [ 27.921631] which belongs to the cache kmalloc-128 of size 128 [ 27.922722] The buggy address is located 1 bytes inside of [ 27.922722] 128-byte region [ffff888102a55100, ffff888102a55180) [ 27.923946] [ 27.924404] The buggy address belongs to the physical page: [ 27.925305] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a55 [ 27.925897] flags: 0x200000000000000(node=0|zone=2) [ 27.926752] page_type: f5(slab) [ 27.927036] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.927774] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.928644] page dumped because: kasan: bad access detected [ 27.929023] [ 27.929321] Memory state around the buggy address: [ 27.930478] ffff888102a55000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.930964] ffff888102a55080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.931685] >ffff888102a55100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.932678] ^ [ 27.933228] ffff888102a55180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.934468] ffff888102a55200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.935219] ================================================================== [ 27.941175] ================================================================== [ 27.942559] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.943450] Free of addr ffff888102ce0001 by task kunit_try_catch/251 [ 27.944105] [ 27.945195] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.946717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.947199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.948253] Call Trace: [ 27.948558] <TASK> [ 27.948820] dump_stack_lvl+0x73/0xb0 [ 27.950268] print_report+0xd1/0x640 [ 27.950649] ? __virt_addr_valid+0x1db/0x2d0 [ 27.951536] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.952090] ? kasan_addr_to_slab+0x11/0xa0 [ 27.952607] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.953567] kasan_report_invalid_free+0xc0/0xf0 [ 27.954417] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.955319] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.955918] __kasan_mempool_poison_object+0x102/0x1d0 [ 27.957092] mempool_free+0x2ec/0x380 [ 27.958328] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.958832] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 27.959564] ? finish_task_switch.isra.0+0x153/0x700 [ 27.960571] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 27.961170] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 27.961755] ? __switch_to+0x5d9/0xf60 [ 27.962788] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.963291] ? __pfx_mempool_kfree+0x10/0x10 [ 27.963927] ? __pfx_read_tsc+0x10/0x10 [ 27.964847] ? ktime_get_ts64+0x84/0x230 [ 27.965581] kunit_try_run_case+0x1b3/0x490 [ 27.966677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.967198] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.967674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.968429] ? __kthread_parkme+0x82/0x160 [ 27.969291] ? preempt_count_sub+0x50/0x80 [ 27.969916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.971073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.971666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.972415] kthread+0x257/0x310 [ 27.972755] ? __pfx_kthread+0x10/0x10 [ 27.973480] ret_from_fork+0x41/0x80 [ 27.973866] ? __pfx_kthread+0x10/0x10 [ 27.974737] ret_from_fork_asm+0x1a/0x30 [ 27.975354] </TASK> [ 27.975713] [ 27.975872] The buggy address belongs to the physical page: [ 27.976603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce0 [ 27.977631] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.978323] flags: 0x200000000000040(head|node=0|zone=2) [ 27.979468] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.979773] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.980796] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.982585] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.983859] head: 0200000000000002 ffffea00040b3801 ffffffffffffffff 0000000000000000 [ 27.985432] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.985732] page dumped because: kasan: bad access detected [ 27.985947] [ 27.986263] Memory state around the buggy address: [ 27.986567] ffff888102cdff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.986841] ffff888102cdff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.988110] >ffff888102ce0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.989415] ^ [ 27.989761] ffff888102ce0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.991220] ffff888102ce0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.991852] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 27.773844] ================================================================== [ 27.775852] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.776665] Free of addr ffff888102cdc000 by task kunit_try_catch/245 [ 27.777210] [ 27.777399] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.779642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.780332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.781830] Call Trace: [ 27.782374] <TASK> [ 27.782601] dump_stack_lvl+0x73/0xb0 [ 27.783405] print_report+0xd1/0x640 [ 27.783772] ? __virt_addr_valid+0x1db/0x2d0 [ 27.784612] ? mempool_double_free_helper+0x185/0x370 [ 27.785378] ? kasan_addr_to_slab+0x11/0xa0 [ 27.786015] ? mempool_double_free_helper+0x185/0x370 [ 27.786814] kasan_report_invalid_free+0xc0/0xf0 [ 27.787799] ? mempool_double_free_helper+0x185/0x370 [ 27.788788] ? mempool_double_free_helper+0x185/0x370 [ 27.789415] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 27.790371] mempool_free+0x2ec/0x380 [ 27.790782] mempool_double_free_helper+0x185/0x370 [ 27.791807] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.792698] ? finish_task_switch.isra.0+0x153/0x700 [ 27.793701] mempool_kmalloc_large_double_free+0xb1/0x100 [ 27.794511] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 27.795308] ? __switch_to+0x5d9/0xf60 [ 27.795736] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.796122] ? __pfx_mempool_kfree+0x10/0x10 [ 27.796713] ? __pfx_read_tsc+0x10/0x10 [ 27.797065] ? ktime_get_ts64+0x84/0x230 [ 27.797476] kunit_try_run_case+0x1b3/0x490 [ 27.798425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.799047] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.799555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.800460] ? __kthread_parkme+0x82/0x160 [ 27.801085] ? preempt_count_sub+0x50/0x80 [ 27.801548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.802227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.802893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.803577] kthread+0x257/0x310 [ 27.804086] ? __pfx_kthread+0x10/0x10 [ 27.804862] ret_from_fork+0x41/0x80 [ 27.805854] ? __pfx_kthread+0x10/0x10 [ 27.806570] ret_from_fork_asm+0x1a/0x30 [ 27.807119] </TASK> [ 27.807710] [ 27.807908] The buggy address belongs to the physical page: [ 27.808609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cdc [ 27.809719] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.810848] flags: 0x200000000000040(head|node=0|zone=2) [ 27.811619] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.812565] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.813454] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.814173] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.814892] head: 0200000000000002 ffffea00040b3701 ffffffffffffffff 0000000000000000 [ 27.815719] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.816625] page dumped because: kasan: bad access detected [ 27.817181] [ 27.817471] Memory state around the buggy address: [ 27.818038] ffff888102cdbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.818878] ffff888102cdbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.819512] >ffff888102cdc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.820324] ^ [ 27.820765] ffff888102cdc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.821711] ffff888102cdc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.822764] ================================================================== [ 27.828596] ================================================================== [ 27.829849] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.831304] Free of addr ffff888102c6c000 by task kunit_try_catch/247 [ 27.832490] [ 27.832773] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.833903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.834649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.836323] Call Trace: [ 27.836773] <TASK> [ 27.837012] dump_stack_lvl+0x73/0xb0 [ 27.838041] print_report+0xd1/0x640 [ 27.838447] ? __virt_addr_valid+0x1db/0x2d0 [ 27.839085] ? mempool_double_free_helper+0x185/0x370 [ 27.839615] ? kasan_addr_to_slab+0x11/0xa0 [ 27.840454] ? mempool_double_free_helper+0x185/0x370 [ 27.841244] kasan_report_invalid_free+0xc0/0xf0 [ 27.841728] ? mempool_double_free_helper+0x185/0x370 [ 27.842732] ? mempool_double_free_helper+0x185/0x370 [ 27.843277] __kasan_mempool_poison_pages+0x115/0x130 [ 27.843539] mempool_free+0x290/0x380 [ 27.843731] mempool_double_free_helper+0x185/0x370 [ 27.844062] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.845391] ? finish_task_switch.isra.0+0x153/0x700 [ 27.846767] mempool_page_alloc_double_free+0xac/0x100 [ 27.847471] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 27.848350] ? __switch_to+0x5d9/0xf60 [ 27.848904] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 27.849424] ? __pfx_mempool_free_pages+0x10/0x10 [ 27.849651] ? __pfx_read_tsc+0x10/0x10 [ 27.849833] ? ktime_get_ts64+0x84/0x230 [ 27.850208] kunit_try_run_case+0x1b3/0x490 [ 27.851001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.852170] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.852740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.853215] ? __kthread_parkme+0x82/0x160 [ 27.853836] ? preempt_count_sub+0x50/0x80 [ 27.854572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.855123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.855961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.856671] kthread+0x257/0x310 [ 27.857120] ? __pfx_kthread+0x10/0x10 [ 27.858000] ret_from_fork+0x41/0x80 [ 27.858671] ? __pfx_kthread+0x10/0x10 [ 27.859295] ret_from_fork_asm+0x1a/0x30 [ 27.859670] </TASK> [ 27.860122] [ 27.860363] The buggy address belongs to the physical page: [ 27.860769] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c6c [ 27.861448] flags: 0x200000000000000(node=0|zone=2) [ 27.862384] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.863049] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.863781] page dumped because: kasan: bad access detected [ 27.864443] [ 27.864961] Memory state around the buggy address: [ 27.865442] ffff888102c6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.866445] ffff888102c6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.867191] >ffff888102c6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.868145] ^ [ 27.868480] ffff888102c6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.869347] ffff888102c6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.870484] ================================================================== [ 27.699324] ================================================================== [ 27.700517] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 27.702098] Free of addr ffff888101ab3800 by task kunit_try_catch/243 [ 27.703342] [ 27.703550] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.705035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.705416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.706279] Call Trace: [ 27.707306] <TASK> [ 27.707802] dump_stack_lvl+0x73/0xb0 [ 27.708486] print_report+0xd1/0x640 [ 27.708917] ? __virt_addr_valid+0x1db/0x2d0 [ 27.709669] ? mempool_double_free_helper+0x185/0x370 [ 27.710499] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.711553] ? mempool_double_free_helper+0x185/0x370 [ 27.712542] kasan_report_invalid_free+0xc0/0xf0 [ 27.713125] ? mempool_double_free_helper+0x185/0x370 [ 27.713573] ? mempool_double_free_helper+0x185/0x370 [ 27.714052] ? mempool_double_free_helper+0x185/0x370 [ 27.715410] check_slab_allocation+0x101/0x130 [ 27.715795] __kasan_mempool_poison_object+0x91/0x1d0 [ 27.716381] mempool_free+0x2ec/0x380 [ 27.716790] mempool_double_free_helper+0x185/0x370 [ 27.717840] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 27.719044] ? finish_task_switch.isra.0+0x153/0x700 [ 27.719560] mempool_kmalloc_double_free+0xb1/0x100 [ 27.719789] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 27.720622] ? __switch_to+0x5d9/0xf60 [ 27.720916] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.721599] ? __pfx_mempool_kfree+0x10/0x10 [ 27.722361] ? __pfx_read_tsc+0x10/0x10 [ 27.722868] ? ktime_get_ts64+0x84/0x230 [ 27.723685] kunit_try_run_case+0x1b3/0x490 [ 27.724467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.725182] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.725660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.726299] ? __kthread_parkme+0x82/0x160 [ 27.726789] ? preempt_count_sub+0x50/0x80 [ 27.727355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.727726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.728713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.729524] kthread+0x257/0x310 [ 27.729882] ? __pfx_kthread+0x10/0x10 [ 27.730745] ret_from_fork+0x41/0x80 [ 27.731473] ? __pfx_kthread+0x10/0x10 [ 27.731873] ret_from_fork_asm+0x1a/0x30 [ 27.732551] </TASK> [ 27.732852] [ 27.733418] Allocated by task 243: [ 27.733766] kasan_save_stack+0x3d/0x60 [ 27.734756] kasan_save_track+0x18/0x40 [ 27.735734] kasan_save_alloc_info+0x3b/0x50 [ 27.736366] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.736906] remove_element+0x11e/0x190 [ 27.737514] mempool_alloc_preallocated+0x4d/0x90 [ 27.738620] mempool_double_free_helper+0x8b/0x370 [ 27.739041] mempool_kmalloc_double_free+0xb1/0x100 [ 27.739585] kunit_try_run_case+0x1b3/0x490 [ 27.740002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.740473] kthread+0x257/0x310 [ 27.740793] ret_from_fork+0x41/0x80 [ 27.741654] ret_from_fork_asm+0x1a/0x30 [ 27.741927] [ 27.742177] Freed by task 243: [ 27.743300] kasan_save_stack+0x3d/0x60 [ 27.743799] kasan_save_track+0x18/0x40 [ 27.744436] kasan_save_free_info+0x3f/0x60 [ 27.745183] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.745591] mempool_free+0x2ec/0x380 [ 27.746509] mempool_double_free_helper+0x10a/0x370 [ 27.746927] mempool_kmalloc_double_free+0xb1/0x100 [ 27.747547] kunit_try_run_case+0x1b3/0x490 [ 27.747966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.749080] kthread+0x257/0x310 [ 27.749390] ret_from_fork+0x41/0x80 [ 27.749670] ret_from_fork_asm+0x1a/0x30 [ 27.750524] [ 27.750767] The buggy address belongs to the object at ffff888101ab3800 [ 27.750767] which belongs to the cache kmalloc-128 of size 128 [ 27.752563] The buggy address is located 0 bytes inside of [ 27.752563] 128-byte region [ffff888101ab3800, ffff888101ab3880) [ 27.753916] [ 27.754253] The buggy address belongs to the physical page: [ 27.754845] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab3 [ 27.756544] flags: 0x200000000000000(node=0|zone=2) [ 27.756962] page_type: f5(slab) [ 27.757479] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.759205] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.759800] page dumped because: kasan: bad access detected [ 27.760542] [ 27.760858] Memory state around the buggy address: [ 27.761284] ffff888101ab3700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.762745] ffff888101ab3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.763679] >ffff888101ab3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.764656] ^ [ 27.765097] ffff888101ab3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.765681] ffff888101ab3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.766801] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 27.661080] ================================================================== [ 27.662280] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.662607] Read of size 1 at addr ffff888102cdc000 by task kunit_try_catch/241 [ 27.662884] [ 27.663050] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.664893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.665505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.666313] Call Trace: [ 27.666577] <TASK> [ 27.666945] dump_stack_lvl+0x73/0xb0 [ 27.667538] print_report+0xd1/0x640 [ 27.668000] ? __virt_addr_valid+0x1db/0x2d0 [ 27.668590] ? kasan_addr_to_slab+0x11/0xa0 [ 27.669127] kasan_report+0x102/0x140 [ 27.669615] ? mempool_uaf_helper+0x394/0x400 [ 27.670215] ? mempool_uaf_helper+0x394/0x400 [ 27.670613] __asan_report_load1_noabort+0x18/0x20 [ 27.671362] mempool_uaf_helper+0x394/0x400 [ 27.671801] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.672444] ? irqentry_exit+0x2a/0x60 [ 27.672956] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.673527] mempool_page_alloc_uaf+0xb1/0x100 [ 27.674212] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 27.674693] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 27.675230] ? __pfx_mempool_free_pages+0x10/0x10 [ 27.675715] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 27.676196] kunit_try_run_case+0x1b3/0x490 [ 27.676651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.677206] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.677665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.678300] ? __kthread_parkme+0x82/0x160 [ 27.678688] ? preempt_count_sub+0x50/0x80 [ 27.679251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.679656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.680363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.680892] kthread+0x257/0x310 [ 27.681371] ? __pfx_kthread+0x10/0x10 [ 27.681699] ret_from_fork+0x41/0x80 [ 27.682283] ? __pfx_kthread+0x10/0x10 [ 27.682626] ret_from_fork_asm+0x1a/0x30 [ 27.683257] </TASK> [ 27.683511] [ 27.683667] The buggy address belongs to the physical page: [ 27.684460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cdc [ 27.685144] flags: 0x200000000000000(node=0|zone=2) [ 27.685683] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.686553] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.687293] page dumped because: kasan: bad access detected [ 27.687846] [ 27.688177] Memory state around the buggy address: [ 27.688590] ffff888102cdbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.689385] ffff888102cdbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.690102] >ffff888102cdc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.690768] ^ [ 27.691219] ffff888102cdc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.691925] ffff888102cdc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.692583] ================================================================== [ 27.461558] ================================================================== [ 27.463396] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.464973] Read of size 1 at addr ffff888102c6c000 by task kunit_try_catch/237 [ 27.467528] [ 27.468119] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.469303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.470199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.471482] Call Trace: [ 27.472254] <TASK> [ 27.472879] dump_stack_lvl+0x73/0xb0 [ 27.473863] print_report+0xd1/0x640 [ 27.474810] ? __virt_addr_valid+0x1db/0x2d0 [ 27.475783] ? kasan_addr_to_slab+0x11/0xa0 [ 27.476704] kasan_report+0x102/0x140 [ 27.477694] ? mempool_uaf_helper+0x394/0x400 [ 27.478578] ? mempool_uaf_helper+0x394/0x400 [ 27.479671] __asan_report_load1_noabort+0x18/0x20 [ 27.480659] mempool_uaf_helper+0x394/0x400 [ 27.481472] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.482547] ? finish_task_switch.isra.0+0x153/0x700 [ 27.483665] mempool_kmalloc_large_uaf+0xb3/0x100 [ 27.484776] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 27.485659] ? __switch_to+0x5d9/0xf60 [ 27.486685] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.487622] ? __pfx_mempool_kfree+0x10/0x10 [ 27.488799] ? __pfx_read_tsc+0x10/0x10 [ 27.489853] ? ktime_get_ts64+0x84/0x230 [ 27.490896] kunit_try_run_case+0x1b3/0x490 [ 27.492145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.493404] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.494107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.495320] ? __kthread_parkme+0x82/0x160 [ 27.496172] ? preempt_count_sub+0x50/0x80 [ 27.496973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.498515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.499681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.500940] kthread+0x257/0x310 [ 27.501768] ? __pfx_kthread+0x10/0x10 [ 27.502849] ret_from_fork+0x41/0x80 [ 27.503743] ? __pfx_kthread+0x10/0x10 [ 27.504611] ret_from_fork_asm+0x1a/0x30 [ 27.505316] </TASK> [ 27.505853] [ 27.506461] The buggy address belongs to the physical page: [ 27.507089] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c6c [ 27.508397] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.509241] flags: 0x200000000000040(head|node=0|zone=2) [ 27.510183] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.511442] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.512552] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.513733] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.514880] head: 0200000000000002 ffffea00040b1b01 ffffffffffffffff 0000000000000000 [ 27.515890] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.516961] page dumped because: kasan: bad access detected [ 27.517932] [ 27.518642] Memory state around the buggy address: [ 27.519322] ffff888102c6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.520605] ffff888102c6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.521574] >ffff888102c6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.522760] ^ [ 27.523669] ffff888102c6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.524453] ffff888102c6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.525575] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 27.547401] ================================================================== [ 27.549895] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.551544] Read of size 1 at addr ffff888101ab8240 by task kunit_try_catch/239 [ 27.552492] [ 27.553073] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.555319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.555820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.557724] Call Trace: [ 27.558760] <TASK> [ 27.559702] dump_stack_lvl+0x73/0xb0 [ 27.561078] print_report+0xd1/0x640 [ 27.562255] ? __virt_addr_valid+0x1db/0x2d0 [ 27.563504] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.564644] kasan_report+0x102/0x140 [ 27.564969] ? mempool_uaf_helper+0x394/0x400 [ 27.566301] ? mempool_uaf_helper+0x394/0x400 [ 27.567436] __asan_report_load1_noabort+0x18/0x20 [ 27.569109] mempool_uaf_helper+0x394/0x400 [ 27.570053] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.571728] ? ret_from_fork+0x41/0x80 [ 27.572701] mempool_slab_uaf+0xae/0x100 [ 27.573520] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 27.574376] ? __switch_to+0x5d9/0xf60 [ 27.575324] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 27.576309] ? __pfx_mempool_free_slab+0x10/0x10 [ 27.577140] ? __pfx_read_tsc+0x10/0x10 [ 27.577843] ? ktime_get_ts64+0x84/0x230 [ 27.578625] kunit_try_run_case+0x1b3/0x490 [ 27.579630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.580440] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.581846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.583682] ? __kthread_parkme+0x82/0x160 [ 27.584709] ? preempt_count_sub+0x50/0x80 [ 27.585797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.587603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.588680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.589947] kthread+0x257/0x310 [ 27.590587] ? __pfx_kthread+0x10/0x10 [ 27.591932] ret_from_fork+0x41/0x80 [ 27.592539] ? __pfx_kthread+0x10/0x10 [ 27.593573] ret_from_fork_asm+0x1a/0x30 [ 27.596331] </TASK> [ 27.596744] [ 27.597139] Allocated by task 239: [ 27.598658] kasan_save_stack+0x3d/0x60 [ 27.599631] kasan_save_track+0x18/0x40 [ 27.600436] kasan_save_alloc_info+0x3b/0x50 [ 27.601683] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 27.602774] remove_element+0x11e/0x190 [ 27.603412] mempool_alloc_preallocated+0x4d/0x90 [ 27.604937] mempool_uaf_helper+0x97/0x400 [ 27.606546] mempool_slab_uaf+0xae/0x100 [ 27.607618] kunit_try_run_case+0x1b3/0x490 [ 27.608551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.609535] kthread+0x257/0x310 [ 27.609951] ret_from_fork+0x41/0x80 [ 27.610652] ret_from_fork_asm+0x1a/0x30 [ 27.611931] [ 27.612450] Freed by task 239: [ 27.613503] kasan_save_stack+0x3d/0x60 [ 27.614308] kasan_save_track+0x18/0x40 [ 27.615557] kasan_save_free_info+0x3f/0x60 [ 27.616652] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.617724] mempool_free+0x2ec/0x380 [ 27.618673] mempool_uaf_helper+0x11b/0x400 [ 27.619308] mempool_slab_uaf+0xae/0x100 [ 27.620146] kunit_try_run_case+0x1b3/0x490 [ 27.621049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.622135] kthread+0x257/0x310 [ 27.622909] ret_from_fork+0x41/0x80 [ 27.623775] ret_from_fork_asm+0x1a/0x30 [ 27.624236] [ 27.624640] The buggy address belongs to the object at ffff888101ab8240 [ 27.624640] which belongs to the cache test_cache of size 123 [ 27.625755] The buggy address is located 0 bytes inside of [ 27.625755] freed 123-byte region [ffff888101ab8240, ffff888101ab82bb) [ 27.628524] [ 27.628798] The buggy address belongs to the physical page: [ 27.629926] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab8 [ 27.630783] flags: 0x200000000000000(node=0|zone=2) [ 27.632201] page_type: f5(slab) [ 27.633082] raw: 0200000000000000 ffff888101ab4140 dead000000000122 0000000000000000 [ 27.633789] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 27.634383] page dumped because: kasan: bad access detected [ 27.635691] [ 27.636120] Memory state around the buggy address: [ 27.636936] ffff888101ab8100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.638042] ffff888101ab8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.639489] >ffff888101ab8200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 27.640157] ^ [ 27.640929] ffff888101ab8280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.641684] ffff888101ab8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.642956] ================================================================== [ 27.351031] ================================================================== [ 27.352457] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 27.353707] Read of size 1 at addr ffff888102a52400 by task kunit_try_catch/235 [ 27.354917] [ 27.355644] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.357120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.358080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.359151] Call Trace: [ 27.359836] <TASK> [ 27.360386] dump_stack_lvl+0x73/0xb0 [ 27.361432] print_report+0xd1/0x640 [ 27.362455] ? __virt_addr_valid+0x1db/0x2d0 [ 27.363540] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.364473] kasan_report+0x102/0x140 [ 27.365522] ? mempool_uaf_helper+0x394/0x400 [ 27.366622] ? mempool_uaf_helper+0x394/0x400 [ 27.367534] __asan_report_load1_noabort+0x18/0x20 [ 27.368217] mempool_uaf_helper+0x394/0x400 [ 27.369395] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 27.370526] ? ret_from_fork+0x41/0x80 [ 27.371378] ? kthread+0x257/0x310 [ 27.372263] ? ret_from_fork_asm+0x1a/0x30 [ 27.373326] ? ret_from_fork_asm+0x1a/0x30 [ 27.374194] mempool_kmalloc_uaf+0xb3/0x100 [ 27.374840] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 27.375906] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.376710] ? __pfx_mempool_kfree+0x10/0x10 [ 27.377628] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 27.378839] kunit_try_run_case+0x1b3/0x490 [ 27.379623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.380312] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.381462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.382486] ? __kthread_parkme+0x82/0x160 [ 27.383515] ? preempt_count_sub+0x50/0x80 [ 27.384502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.385517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.386710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.387946] kthread+0x257/0x310 [ 27.388713] ? __pfx_kthread+0x10/0x10 [ 27.389670] ret_from_fork+0x41/0x80 [ 27.390605] ? __pfx_kthread+0x10/0x10 [ 27.391436] ret_from_fork_asm+0x1a/0x30 [ 27.392949] </TASK> [ 27.393503] [ 27.394089] Allocated by task 235: [ 27.394929] kasan_save_stack+0x3d/0x60 [ 27.395741] kasan_save_track+0x18/0x40 [ 27.396740] kasan_save_alloc_info+0x3b/0x50 [ 27.397749] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.398913] remove_element+0x11e/0x190 [ 27.399889] mempool_alloc_preallocated+0x4d/0x90 [ 27.400682] mempool_uaf_helper+0x97/0x400 [ 27.401624] mempool_kmalloc_uaf+0xb3/0x100 [ 27.402625] kunit_try_run_case+0x1b3/0x490 [ 27.403369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.404481] kthread+0x257/0x310 [ 27.405332] ret_from_fork+0x41/0x80 [ 27.406227] ret_from_fork_asm+0x1a/0x30 [ 27.407209] [ 27.407795] Freed by task 235: [ 27.408638] kasan_save_stack+0x3d/0x60 [ 27.409301] kasan_save_track+0x18/0x40 [ 27.410458] kasan_save_free_info+0x3f/0x60 [ 27.411207] __kasan_mempool_poison_object+0x131/0x1d0 [ 27.412357] mempool_free+0x2ec/0x380 [ 27.413148] mempool_uaf_helper+0x11b/0x400 [ 27.413946] mempool_kmalloc_uaf+0xb3/0x100 [ 27.415119] kunit_try_run_case+0x1b3/0x490 [ 27.415697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.416840] kthread+0x257/0x310 [ 27.417570] ret_from_fork+0x41/0x80 [ 27.418170] ret_from_fork_asm+0x1a/0x30 [ 27.419039] [ 27.419540] The buggy address belongs to the object at ffff888102a52400 [ 27.419540] which belongs to the cache kmalloc-128 of size 128 [ 27.420707] The buggy address is located 0 bytes inside of [ 27.420707] freed 128-byte region [ffff888102a52400, ffff888102a52480) [ 27.422541] [ 27.423083] The buggy address belongs to the physical page: [ 27.423951] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a52 [ 27.425171] flags: 0x200000000000000(node=0|zone=2) [ 27.427304] page_type: f5(slab) [ 27.428971] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.429917] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 27.431570] page dumped because: kasan: bad access detected [ 27.432742] [ 27.434133] Memory state around the buggy address: [ 27.434722] ffff888102a52300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.436924] ffff888102a52380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.437796] >ffff888102a52400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.439411] ^ [ 27.440453] ffff888102a52480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.441816] ffff888102a52500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.443522] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 27.240591] ================================================================== [ 27.241853] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.242593] Read of size 1 at addr ffff888101ab62bb by task kunit_try_catch/233 [ 27.243348] [ 27.243665] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.245508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.246019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.247246] Call Trace: [ 27.247601] <TASK> [ 27.248041] dump_stack_lvl+0x73/0xb0 [ 27.248464] print_report+0xd1/0x640 [ 27.248849] ? __virt_addr_valid+0x1db/0x2d0 [ 27.249324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.249835] kasan_report+0x102/0x140 [ 27.250702] ? mempool_oob_right_helper+0x31a/0x380 [ 27.251628] ? mempool_oob_right_helper+0x31a/0x380 [ 27.252668] __asan_report_load1_noabort+0x18/0x20 [ 27.253454] mempool_oob_right_helper+0x31a/0x380 [ 27.254426] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.254964] ? finish_task_switch.isra.0+0x153/0x700 [ 27.255826] mempool_slab_oob_right+0xb1/0x100 [ 27.256623] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 27.257526] ? __switch_to+0x5d9/0xf60 [ 27.257904] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 27.258616] ? __pfx_mempool_free_slab+0x10/0x10 [ 27.259118] ? __pfx_read_tsc+0x10/0x10 [ 27.259497] ? ktime_get_ts64+0x84/0x230 [ 27.259897] kunit_try_run_case+0x1b3/0x490 [ 27.260353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.260792] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.261265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.261827] ? __kthread_parkme+0x82/0x160 [ 27.263336] ? preempt_count_sub+0x50/0x80 [ 27.264043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.264807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.265829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.266786] kthread+0x257/0x310 [ 27.267646] ? __pfx_kthread+0x10/0x10 [ 27.268392] ret_from_fork+0x41/0x80 [ 27.268771] ? __pfx_kthread+0x10/0x10 [ 27.269502] ret_from_fork_asm+0x1a/0x30 [ 27.269949] </TASK> [ 27.270152] [ 27.270307] Allocated by task 233: [ 27.271916] kasan_save_stack+0x3d/0x60 [ 27.272859] kasan_save_track+0x18/0x40 [ 27.273416] kasan_save_alloc_info+0x3b/0x50 [ 27.273876] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 27.274759] remove_element+0x11e/0x190 [ 27.275579] mempool_alloc_preallocated+0x4d/0x90 [ 27.276544] mempool_oob_right_helper+0x8b/0x380 [ 27.277007] mempool_slab_oob_right+0xb1/0x100 [ 27.277668] kunit_try_run_case+0x1b3/0x490 [ 27.278566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.279455] kthread+0x257/0x310 [ 27.279851] ret_from_fork+0x41/0x80 [ 27.281319] ret_from_fork_asm+0x1a/0x30 [ 27.282659] [ 27.283034] The buggy address belongs to the object at ffff888101ab6240 [ 27.283034] which belongs to the cache test_cache of size 123 [ 27.283945] The buggy address is located 0 bytes to the right of [ 27.283945] allocated 123-byte region [ffff888101ab6240, ffff888101ab62bb) [ 27.287277] [ 27.287853] The buggy address belongs to the physical page: [ 27.289840] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab6 [ 27.291745] flags: 0x200000000000000(node=0|zone=2) [ 27.292910] page_type: f5(slab) [ 27.295095] raw: 0200000000000000 ffff888101ab4000 dead000000000122 0000000000000000 [ 27.296687] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 27.299396] page dumped because: kasan: bad access detected [ 27.300353] [ 27.301431] Memory state around the buggy address: [ 27.302224] ffff888101ab6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.303920] ffff888101ab6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 27.307123] >ffff888101ab6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 27.308722] ^ [ 27.310709] ffff888101ab6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.312804] ffff888101ab6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.315486] ================================================================== [ 27.187683] ================================================================== [ 27.189012] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.189592] Read of size 1 at addr ffff888102cde001 by task kunit_try_catch/231 [ 27.190184] [ 27.190397] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.191706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.192911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.194705] Call Trace: [ 27.194959] <TASK> [ 27.195620] dump_stack_lvl+0x73/0xb0 [ 27.196272] print_report+0xd1/0x640 [ 27.197011] ? __virt_addr_valid+0x1db/0x2d0 [ 27.197944] ? kasan_addr_to_slab+0x11/0xa0 [ 27.198570] kasan_report+0x102/0x140 [ 27.199138] ? mempool_oob_right_helper+0x31a/0x380 [ 27.199819] ? mempool_oob_right_helper+0x31a/0x380 [ 27.200717] __asan_report_load1_noabort+0x18/0x20 [ 27.201684] mempool_oob_right_helper+0x31a/0x380 [ 27.202434] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.202685] ? finish_task_switch.isra.0+0x153/0x700 [ 27.202912] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 27.204229] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 27.204766] ? __switch_to+0x5d9/0xf60 [ 27.205637] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.206579] ? __pfx_mempool_kfree+0x10/0x10 [ 27.206977] ? __pfx_read_tsc+0x10/0x10 [ 27.207711] ? ktime_get_ts64+0x84/0x230 [ 27.208393] kunit_try_run_case+0x1b3/0x490 [ 27.208739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.209789] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.210404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.211414] ? __kthread_parkme+0x82/0x160 [ 27.211852] ? preempt_count_sub+0x50/0x80 [ 27.212284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.212773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.213222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.214253] kthread+0x257/0x310 [ 27.214785] ? __pfx_kthread+0x10/0x10 [ 27.215172] ret_from_fork+0x41/0x80 [ 27.215774] ? __pfx_kthread+0x10/0x10 [ 27.216363] ret_from_fork_asm+0x1a/0x30 [ 27.216853] </TASK> [ 27.217313] [ 27.217505] The buggy address belongs to the physical page: [ 27.218442] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cdc [ 27.219717] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.220516] flags: 0x200000000000040(head|node=0|zone=2) [ 27.221059] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.222051] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.222360] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.222650] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.222938] head: 0200000000000002 ffffea00040b3701 ffffffffffffffff 0000000000000000 [ 27.224792] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.225787] page dumped because: kasan: bad access detected [ 27.226453] [ 27.226651] Memory state around the buggy address: [ 27.227633] ffff888102cddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.229004] ffff888102cddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.230287] >ffff888102cde000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.230914] ^ [ 27.231539] ffff888102cde080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.232433] ffff888102cde100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.233117] ================================================================== [ 27.130315] ================================================================== [ 27.131352] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.132842] Read of size 1 at addr ffff888102a4ef73 by task kunit_try_catch/229 [ 27.133332] [ 27.133519] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 27.134495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.134853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.135677] Call Trace: [ 27.136022] <TASK> [ 27.136369] dump_stack_lvl+0x73/0xb0 [ 27.136859] print_report+0xd1/0x640 [ 27.137529] ? __virt_addr_valid+0x1db/0x2d0 [ 27.138249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.138763] kasan_report+0x102/0x140 [ 27.139340] ? mempool_oob_right_helper+0x31a/0x380 [ 27.140257] ? mempool_oob_right_helper+0x31a/0x380 [ 27.140779] __asan_report_load1_noabort+0x18/0x20 [ 27.141537] mempool_oob_right_helper+0x31a/0x380 [ 27.142050] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.142975] ? finish_task_switch.isra.0+0x153/0x700 [ 27.143831] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.144496] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 27.145207] ? __switch_to+0x5d9/0xf60 [ 27.145764] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.146899] ? __pfx_mempool_kfree+0x10/0x10 [ 27.147311] ? __pfx_read_tsc+0x10/0x10 [ 27.147753] ? ktime_get_ts64+0x84/0x230 [ 27.148647] kunit_try_run_case+0x1b3/0x490 [ 27.149072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.149816] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.150624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.151074] ? __kthread_parkme+0x82/0x160 [ 27.151713] ? preempt_count_sub+0x50/0x80 [ 27.152186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.152633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.153625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.154471] kthread+0x257/0x310 [ 27.154852] ? __pfx_kthread+0x10/0x10 [ 27.155685] ret_from_fork+0x41/0x80 [ 27.156050] ? __pfx_kthread+0x10/0x10 [ 27.156886] ret_from_fork_asm+0x1a/0x30 [ 27.157374] </TASK> [ 27.157854] [ 27.158093] Allocated by task 229: [ 27.159203] kasan_save_stack+0x3d/0x60 [ 27.159566] kasan_save_track+0x18/0x40 [ 27.160278] kasan_save_alloc_info+0x3b/0x50 [ 27.160742] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.161799] remove_element+0x11e/0x190 [ 27.162164] mempool_alloc_preallocated+0x4d/0x90 [ 27.162607] mempool_oob_right_helper+0x8b/0x380 [ 27.163313] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.163961] kunit_try_run_case+0x1b3/0x490 [ 27.164499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.164752] kthread+0x257/0x310 [ 27.164912] ret_from_fork+0x41/0x80 [ 27.165166] ret_from_fork_asm+0x1a/0x30 [ 27.166291] [ 27.166560] The buggy address belongs to the object at ffff888102a4ef00 [ 27.166560] which belongs to the cache kmalloc-128 of size 128 [ 27.168609] The buggy address is located 0 bytes to the right of [ 27.168609] allocated 115-byte region [ffff888102a4ef00, ffff888102a4ef73) [ 27.169851] [ 27.170340] The buggy address belongs to the physical page: [ 27.170771] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 27.171800] flags: 0x200000000000000(node=0|zone=2) [ 27.172308] page_type: f5(slab) [ 27.172552] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.173886] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 27.174677] page dumped because: kasan: bad access detected [ 27.175020] [ 27.175497] Memory state around the buggy address: [ 27.175973] ffff888102a4ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.176971] ffff888102a4ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.177568] >ffff888102a4ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.178788] ^ [ 27.179971] ffff888102a4ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.180701] ffff888102a4f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.181344] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 26.519208] ================================================================== [ 26.520270] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 26.521151] Read of size 1 at addr ffff888101a54b40 by task kunit_try_catch/223 [ 26.521850] [ 26.522943] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 26.524395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.524807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.526153] Call Trace: [ 26.526476] <TASK> [ 26.526746] dump_stack_lvl+0x73/0xb0 [ 26.527145] print_report+0xd1/0x640 [ 26.527542] ? __virt_addr_valid+0x1db/0x2d0 [ 26.527956] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.529309] kasan_report+0x102/0x140 [ 26.529709] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.530284] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.530806] ? kmem_cache_double_destroy+0x1bd/0x380 [ 26.531539] __kasan_check_byte+0x3d/0x50 [ 26.532222] kmem_cache_destroy+0x25/0x1d0 [ 26.533069] kmem_cache_double_destroy+0x1bd/0x380 [ 26.533568] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 26.534462] ? finish_task_switch.isra.0+0x153/0x700 [ 26.535705] ? __switch_to+0x5d9/0xf60 [ 26.536240] ? __pfx_empty_cache_ctor+0x10/0x10 [ 26.536662] ? __pfx_read_tsc+0x10/0x10 [ 26.537859] ? ktime_get_ts64+0x84/0x230 [ 26.538462] kunit_try_run_case+0x1b3/0x490 [ 26.538887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.539835] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.540469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.540965] ? __kthread_parkme+0x82/0x160 [ 26.541290] ? preempt_count_sub+0x50/0x80 [ 26.541897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.542501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.543333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.543885] kthread+0x257/0x310 [ 26.544327] ? __pfx_kthread+0x10/0x10 [ 26.544610] ret_from_fork+0x41/0x80 [ 26.545243] ? __pfx_kthread+0x10/0x10 [ 26.546042] ret_from_fork_asm+0x1a/0x30 [ 26.547346] </TASK> [ 26.547604] [ 26.547796] Allocated by task 223: [ 26.548902] kasan_save_stack+0x3d/0x60 [ 26.549194] kasan_save_track+0x18/0x40 [ 26.549654] kasan_save_alloc_info+0x3b/0x50 [ 26.550392] __kasan_slab_alloc+0x91/0xa0 [ 26.551109] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.551850] __kmem_cache_create_args+0x177/0x250 [ 26.552199] kmem_cache_double_destroy+0xd3/0x380 [ 26.552756] kunit_try_run_case+0x1b3/0x490 [ 26.553713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.554524] kthread+0x257/0x310 [ 26.554878] ret_from_fork+0x41/0x80 [ 26.555687] ret_from_fork_asm+0x1a/0x30 [ 26.556278] [ 26.556501] Freed by task 223: [ 26.556826] kasan_save_stack+0x3d/0x60 [ 26.558481] kasan_save_track+0x18/0x40 [ 26.558882] kasan_save_free_info+0x3f/0x60 [ 26.559826] __kasan_slab_free+0x56/0x70 [ 26.560550] kmem_cache_free+0x120/0x420 [ 26.560816] slab_kmem_cache_release+0x2e/0x40 [ 26.561352] kmem_cache_release+0x16/0x20 [ 26.562428] kobject_put+0x181/0x450 [ 26.562856] sysfs_slab_release+0x16/0x20 [ 26.563599] kmem_cache_destroy+0xf0/0x1d0 [ 26.563811] kmem_cache_double_destroy+0x14c/0x380 [ 26.564469] kunit_try_run_case+0x1b3/0x490 [ 26.565426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.566235] kthread+0x257/0x310 [ 26.566486] ret_from_fork+0x41/0x80 [ 26.567450] ret_from_fork_asm+0x1a/0x30 [ 26.567844] [ 26.568052] The buggy address belongs to the object at ffff888101a54b40 [ 26.568052] which belongs to the cache kmem_cache of size 208 [ 26.569782] The buggy address is located 0 bytes inside of [ 26.569782] freed 208-byte region [ffff888101a54b40, ffff888101a54c10) [ 26.571046] [ 26.571524] The buggy address belongs to the physical page: [ 26.572165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 26.573478] flags: 0x200000000000000(node=0|zone=2) [ 26.574617] page_type: f5(slab) [ 26.574946] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 26.575735] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 26.576646] page dumped because: kasan: bad access detected [ 26.577437] [ 26.577685] Memory state around the buggy address: [ 26.578691] ffff888101a54a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.579353] ffff888101a54a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 26.579946] >ffff888101a54b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 26.581120] ^ [ 26.581772] ffff888101a54b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.582628] ffff888101a54c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.583609] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 26.424625] ================================================================== [ 26.425760] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.426402] Read of size 1 at addr ffff888101aae000 by task kunit_try_catch/221 [ 26.427507] [ 26.427796] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 26.428907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.429366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.430550] Call Trace: [ 26.430966] <TASK> [ 26.431820] dump_stack_lvl+0x73/0xb0 [ 26.432258] print_report+0xd1/0x640 [ 26.433261] ? __virt_addr_valid+0x1db/0x2d0 [ 26.433757] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.434555] kasan_report+0x102/0x140 [ 26.435046] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.435472] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.436167] __asan_report_load1_noabort+0x18/0x20 [ 26.436583] kmem_cache_rcu_uaf+0x3e5/0x510 [ 26.437208] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 26.438163] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.439092] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 26.439575] kunit_try_run_case+0x1b3/0x490 [ 26.440089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.440680] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.441183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.441718] ? __kthread_parkme+0x82/0x160 [ 26.442189] ? preempt_count_sub+0x50/0x80 [ 26.442801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.443429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.444110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.444641] kthread+0x257/0x310 [ 26.445244] ? __pfx_kthread+0x10/0x10 [ 26.445642] ret_from_fork+0x41/0x80 [ 26.446203] ? __pfx_kthread+0x10/0x10 [ 26.446557] ret_from_fork_asm+0x1a/0x30 [ 26.447333] </TASK> [ 26.447595] [ 26.447809] Allocated by task 221: [ 26.448292] kasan_save_stack+0x3d/0x60 [ 26.448715] kasan_save_track+0x18/0x40 [ 26.449226] kasan_save_alloc_info+0x3b/0x50 [ 26.449698] __kasan_slab_alloc+0x91/0xa0 [ 26.450258] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.450781] kmem_cache_rcu_uaf+0x156/0x510 [ 26.451496] kunit_try_run_case+0x1b3/0x490 [ 26.452200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.452596] kthread+0x257/0x310 [ 26.452888] ret_from_fork+0x41/0x80 [ 26.453568] ret_from_fork_asm+0x1a/0x30 [ 26.454069] [ 26.454295] Freed by task 0: [ 26.454528] kasan_save_stack+0x3d/0x60 [ 26.455248] kasan_save_track+0x18/0x40 [ 26.455711] kasan_save_free_info+0x3f/0x60 [ 26.456361] __kasan_slab_free+0x56/0x70 [ 26.456652] slab_free_after_rcu_debug+0xe4/0x310 [ 26.457385] rcu_core+0x680/0x1d70 [ 26.457782] rcu_core_si+0x12/0x20 [ 26.458396] handle_softirqs+0x209/0x720 [ 26.458693] __irq_exit_rcu+0xc9/0x110 [ 26.459431] irq_exit_rcu+0x12/0x20 [ 26.459867] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.460293] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.460778] [ 26.460931] Last potentially related work creation: [ 26.461630] kasan_save_stack+0x3d/0x60 [ 26.462172] __kasan_record_aux_stack+0xae/0xc0 [ 26.462596] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.463482] kmem_cache_free+0x284/0x420 [ 26.463768] kmem_cache_rcu_uaf+0x195/0x510 [ 26.464431] kunit_try_run_case+0x1b3/0x490 [ 26.464742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.465510] kthread+0x257/0x310 [ 26.465816] ret_from_fork+0x41/0x80 [ 26.466413] ret_from_fork_asm+0x1a/0x30 [ 26.466763] [ 26.467220] The buggy address belongs to the object at ffff888101aae000 [ 26.467220] which belongs to the cache test_cache of size 200 [ 26.468368] The buggy address is located 0 bytes inside of [ 26.468368] freed 200-byte region [ffff888101aae000, ffff888101aae0c8) [ 26.469556] [ 26.469773] The buggy address belongs to the physical page: [ 26.470473] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aae [ 26.471377] flags: 0x200000000000000(node=0|zone=2) [ 26.471860] page_type: f5(slab) [ 26.472265] raw: 0200000000000000 ffff888101a54a00 dead000000000122 0000000000000000 [ 26.473025] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.473643] page dumped because: kasan: bad access detected [ 26.474366] [ 26.474551] Memory state around the buggy address: [ 26.475383] ffff888101aadf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.476131] ffff888101aadf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.476822] >ffff888101aae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.478071] ^ [ 26.478548] ffff888101aae080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.479484] ffff888101aae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.480108] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 26.327881] ================================================================== [ 26.329724] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 26.330453] Free of addr ffff888102a52001 by task kunit_try_catch/219 [ 26.331806] [ 26.332201] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 26.333474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.333799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.335067] Call Trace: [ 26.335300] <TASK> [ 26.335591] dump_stack_lvl+0x73/0xb0 [ 26.336025] print_report+0xd1/0x640 [ 26.336408] ? __virt_addr_valid+0x1db/0x2d0 [ 26.336866] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.338123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.338833] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.339736] kasan_report_invalid_free+0xc0/0xf0 [ 26.340512] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.341340] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.342151] check_slab_allocation+0x11f/0x130 [ 26.342852] __kasan_slab_pre_free+0x28/0x40 [ 26.343610] kmem_cache_free+0xee/0x420 [ 26.344637] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.345327] ? kmem_cache_invalid_free+0x1d9/0x470 [ 26.346240] kmem_cache_invalid_free+0x1d9/0x470 [ 26.346759] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 26.348213] ? finish_task_switch.isra.0+0x153/0x700 [ 26.348949] ? __switch_to+0x5d9/0xf60 [ 26.349664] ? __pfx_read_tsc+0x10/0x10 [ 26.349856] ? ktime_get_ts64+0x84/0x230 [ 26.350884] kunit_try_run_case+0x1b3/0x490 [ 26.351676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.352687] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.353806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.354956] ? __kthread_parkme+0x82/0x160 [ 26.355468] ? preempt_count_sub+0x50/0x80 [ 26.355669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.355874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.357294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.358487] kthread+0x257/0x310 [ 26.359292] ? __pfx_kthread+0x10/0x10 [ 26.360175] ret_from_fork+0x41/0x80 [ 26.360443] ? __pfx_kthread+0x10/0x10 [ 26.360643] ret_from_fork_asm+0x1a/0x30 [ 26.360846] </TASK> [ 26.360962] [ 26.361186] Allocated by task 219: [ 26.361587] kasan_save_stack+0x3d/0x60 [ 26.362176] kasan_save_track+0x18/0x40 [ 26.362866] kasan_save_alloc_info+0x3b/0x50 [ 26.363466] __kasan_slab_alloc+0x91/0xa0 [ 26.363837] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.364468] kmem_cache_invalid_free+0x158/0x470 [ 26.365187] kunit_try_run_case+0x1b3/0x490 [ 26.365488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.366275] kthread+0x257/0x310 [ 26.366728] ret_from_fork+0x41/0x80 [ 26.367505] ret_from_fork_asm+0x1a/0x30 [ 26.368185] [ 26.368438] The buggy address belongs to the object at ffff888102a52000 [ 26.368438] which belongs to the cache test_cache of size 200 [ 26.369613] The buggy address is located 1 bytes inside of [ 26.369613] 200-byte region [ffff888102a52000, ffff888102a520c8) [ 26.370669] [ 26.371133] The buggy address belongs to the physical page: [ 26.371710] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a52 [ 26.373030] flags: 0x200000000000000(node=0|zone=2) [ 26.373716] page_type: f5(slab) [ 26.374399] raw: 0200000000000000 ffff88810166ab40 dead000000000122 0000000000000000 [ 26.375522] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.376578] page dumped because: kasan: bad access detected [ 26.377068] [ 26.377259] Memory state around the buggy address: [ 26.377673] ffff888102a51f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.378691] ffff888102a51f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.379457] >ffff888102a52000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.380355] ^ [ 26.380823] ffff888102a52080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.381644] ffff888102a52100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.382483] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 26.258694] ================================================================== [ 26.259687] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 26.260750] Free of addr ffff888101aab000 by task kunit_try_catch/217 [ 26.261487] [ 26.261705] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 26.263226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.263670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.264778] Call Trace: [ 26.265349] <TASK> [ 26.265655] dump_stack_lvl+0x73/0xb0 [ 26.266470] print_report+0xd1/0x640 [ 26.267087] ? __virt_addr_valid+0x1db/0x2d0 [ 26.267613] ? kmem_cache_double_free+0x1e6/0x490 [ 26.268321] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.269066] ? kmem_cache_double_free+0x1e6/0x490 [ 26.269642] kasan_report_invalid_free+0xc0/0xf0 [ 26.270451] ? kmem_cache_double_free+0x1e6/0x490 [ 26.271104] ? kmem_cache_double_free+0x1e6/0x490 [ 26.271617] check_slab_allocation+0x101/0x130 [ 26.272314] __kasan_slab_pre_free+0x28/0x40 [ 26.272881] kmem_cache_free+0xee/0x420 [ 26.273405] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.274051] ? kmem_cache_double_free+0x1e6/0x490 [ 26.274830] kmem_cache_double_free+0x1e6/0x490 [ 26.275516] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 26.276250] ? finish_task_switch.isra.0+0x153/0x700 [ 26.276703] ? __switch_to+0x5d9/0xf60 [ 26.277232] ? __pfx_read_tsc+0x10/0x10 [ 26.277586] ? ktime_get_ts64+0x84/0x230 [ 26.278006] kunit_try_run_case+0x1b3/0x490 [ 26.278438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.278884] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.279543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.279883] ? __kthread_parkme+0x82/0x160 [ 26.280671] ? preempt_count_sub+0x50/0x80 [ 26.281398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.282065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.282646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.283493] kthread+0x257/0x310 [ 26.284103] ? __pfx_kthread+0x10/0x10 [ 26.284593] ret_from_fork+0x41/0x80 [ 26.285174] ? __pfx_kthread+0x10/0x10 [ 26.285655] ret_from_fork_asm+0x1a/0x30 [ 26.286296] </TASK> [ 26.286543] [ 26.286795] Allocated by task 217: [ 26.287593] kasan_save_stack+0x3d/0x60 [ 26.288257] kasan_save_track+0x18/0x40 [ 26.288728] kasan_save_alloc_info+0x3b/0x50 [ 26.289387] __kasan_slab_alloc+0x91/0xa0 [ 26.290101] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.290611] kmem_cache_double_free+0x150/0x490 [ 26.291401] kunit_try_run_case+0x1b3/0x490 [ 26.291705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.292563] kthread+0x257/0x310 [ 26.292821] ret_from_fork+0x41/0x80 [ 26.293482] ret_from_fork_asm+0x1a/0x30 [ 26.294167] [ 26.294410] Freed by task 217: [ 26.294836] kasan_save_stack+0x3d/0x60 [ 26.295452] kasan_save_track+0x18/0x40 [ 26.295875] kasan_save_free_info+0x3f/0x60 [ 26.296583] __kasan_slab_free+0x56/0x70 [ 26.297231] kmem_cache_free+0x120/0x420 [ 26.297744] kmem_cache_double_free+0x16b/0x490 [ 26.298417] kunit_try_run_case+0x1b3/0x490 [ 26.299214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.299759] kthread+0x257/0x310 [ 26.300303] ret_from_fork+0x41/0x80 [ 26.300739] ret_from_fork_asm+0x1a/0x30 [ 26.301395] [ 26.301602] The buggy address belongs to the object at ffff888101aab000 [ 26.301602] which belongs to the cache test_cache of size 200 [ 26.302829] The buggy address is located 0 bytes inside of [ 26.302829] 200-byte region [ffff888101aab000, ffff888101aab0c8) [ 26.303784] [ 26.304333] The buggy address belongs to the physical page: [ 26.304870] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aab [ 26.305587] flags: 0x200000000000000(node=0|zone=2) [ 26.306330] page_type: f5(slab) [ 26.306790] raw: 0200000000000000 ffff888101a548c0 dead000000000122 0000000000000000 [ 26.307665] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.308698] page dumped because: kasan: bad access detected [ 26.309373] [ 26.309659] Memory state around the buggy address: [ 26.310366] ffff888101aaaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.311225] ffff888101aaaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.311840] >ffff888101aab000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.312826] ^ [ 26.313299] ffff888101aab080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.313933] ffff888101aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.314513] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 26.192614] ================================================================== [ 26.193879] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 26.194494] Read of size 1 at addr ffff888102a510c8 by task kunit_try_catch/215 [ 26.194772] [ 26.194881] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 26.196174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.196496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.198286] Call Trace: [ 26.198557] <TASK> [ 26.199122] dump_stack_lvl+0x73/0xb0 [ 26.199833] print_report+0xd1/0x640 [ 26.200344] ? __virt_addr_valid+0x1db/0x2d0 [ 26.201040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.201614] kasan_report+0x102/0x140 [ 26.202019] ? kmem_cache_oob+0x404/0x530 [ 26.202945] ? kmem_cache_oob+0x404/0x530 [ 26.203635] __asan_report_load1_noabort+0x18/0x20 [ 26.204262] kmem_cache_oob+0x404/0x530 [ 26.204646] ? __pfx_kmem_cache_oob+0x10/0x10 [ 26.205347] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.205794] ? __pfx_kmem_cache_oob+0x10/0x10 [ 26.206244] kunit_try_run_case+0x1b3/0x490 [ 26.206949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.207554] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.207914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.208684] ? __kthread_parkme+0x82/0x160 [ 26.209112] ? preempt_count_sub+0x50/0x80 [ 26.209681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.210429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.211232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.211972] kthread+0x257/0x310 [ 26.212397] ? __pfx_kthread+0x10/0x10 [ 26.212896] ret_from_fork+0x41/0x80 [ 26.213542] ? __pfx_kthread+0x10/0x10 [ 26.214073] ret_from_fork_asm+0x1a/0x30 [ 26.214473] </TASK> [ 26.214842] [ 26.215305] Allocated by task 215: [ 26.215671] kasan_save_stack+0x3d/0x60 [ 26.216264] kasan_save_track+0x18/0x40 [ 26.216773] kasan_save_alloc_info+0x3b/0x50 [ 26.217335] __kasan_slab_alloc+0x91/0xa0 [ 26.217732] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 26.218590] kmem_cache_oob+0x158/0x530 [ 26.218970] kunit_try_run_case+0x1b3/0x490 [ 26.219567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.220452] kthread+0x257/0x310 [ 26.220772] ret_from_fork+0x41/0x80 [ 26.221299] ret_from_fork_asm+0x1a/0x30 [ 26.221875] [ 26.222330] The buggy address belongs to the object at ffff888102a51000 [ 26.222330] which belongs to the cache test_cache of size 200 [ 26.223515] The buggy address is located 0 bytes to the right of [ 26.223515] allocated 200-byte region [ffff888102a51000, ffff888102a510c8) [ 26.224732] [ 26.224890] The buggy address belongs to the physical page: [ 26.226067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a51 [ 26.226869] flags: 0x200000000000000(node=0|zone=2) [ 26.227514] page_type: f5(slab) [ 26.227882] raw: 0200000000000000 ffff88810166aa00 dead000000000122 0000000000000000 [ 26.230141] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 26.230579] page dumped because: kasan: bad access detected [ 26.231558] [ 26.231711] Memory state around the buggy address: [ 26.232555] ffff888102a50f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.233438] ffff888102a51000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.234061] >ffff888102a51080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.234681] ^ [ 26.235540] ffff888102a51100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.236449] ffff888102a51180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.237247] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 26.121891] ================================================================== [ 26.122863] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 26.124466] Read of size 8 at addr ffff888101aa5480 by task kunit_try_catch/208 [ 26.125511] [ 26.125627] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 26.126107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.126875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.128408] Call Trace: [ 26.128798] <TASK> [ 26.129256] dump_stack_lvl+0x73/0xb0 [ 26.129880] print_report+0xd1/0x640 [ 26.130676] ? __virt_addr_valid+0x1db/0x2d0 [ 26.131182] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.132096] kasan_report+0x102/0x140 [ 26.133030] ? workqueue_uaf+0x4d8/0x560 [ 26.133586] ? workqueue_uaf+0x4d8/0x560 [ 26.134540] __asan_report_load8_noabort+0x18/0x20 [ 26.135052] workqueue_uaf+0x4d8/0x560 [ 26.135702] ? __pfx_workqueue_uaf+0x10/0x10 [ 26.136500] ? __schedule+0xc3e/0x2790 [ 26.136805] ? __pfx_read_tsc+0x10/0x10 [ 26.137585] ? ktime_get_ts64+0x84/0x230 [ 26.138163] ? irqentry_exit+0x2a/0x60 [ 26.138539] kunit_try_run_case+0x1b3/0x490 [ 26.139011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.139441] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.139958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.140443] ? __kthread_parkme+0x82/0x160 [ 26.140793] ? preempt_count_sub+0x50/0x80 [ 26.141445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.142112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.142616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.143131] kthread+0x257/0x310 [ 26.143737] ? __pfx_kthread+0x10/0x10 [ 26.144076] ret_from_fork+0x41/0x80 [ 26.144565] ? __pfx_kthread+0x10/0x10 [ 26.145012] ret_from_fork_asm+0x1a/0x30 [ 26.145485] </TASK> [ 26.145677] [ 26.145866] Allocated by task 208: [ 26.146272] kasan_save_stack+0x3d/0x60 [ 26.147035] kasan_save_track+0x18/0x40 [ 26.147411] kasan_save_alloc_info+0x3b/0x50 [ 26.147709] __kasan_kmalloc+0xb7/0xc0 [ 26.148228] __kmalloc_cache_noprof+0x184/0x410 [ 26.148884] workqueue_uaf+0x153/0x560 [ 26.149284] kunit_try_run_case+0x1b3/0x490 [ 26.149579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.150552] kthread+0x257/0x310 [ 26.150818] ret_from_fork+0x41/0x80 [ 26.151418] ret_from_fork_asm+0x1a/0x30 [ 26.151908] [ 26.152341] Freed by task 70: [ 26.152636] kasan_save_stack+0x3d/0x60 [ 26.152911] kasan_save_track+0x18/0x40 [ 26.153507] kasan_save_free_info+0x3f/0x60 [ 26.153954] __kasan_slab_free+0x56/0x70 [ 26.154390] kfree+0x123/0x3f0 [ 26.154629] workqueue_uaf_work+0x12/0x20 [ 26.154909] process_one_work+0x5ee/0xf60 [ 26.155458] worker_thread+0x720/0x1300 [ 26.155974] kthread+0x257/0x310 [ 26.157788] ret_from_fork+0x41/0x80 [ 26.158280] ret_from_fork_asm+0x1a/0x30 [ 26.158570] [ 26.158722] Last potentially related work creation: [ 26.159340] kasan_save_stack+0x3d/0x60 [ 26.159808] __kasan_record_aux_stack+0xae/0xc0 [ 26.160387] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.161168] __queue_work+0x67e/0xf70 [ 26.161519] queue_work_on+0x74/0xa0 [ 26.161884] workqueue_uaf+0x26e/0x560 [ 26.162619] kunit_try_run_case+0x1b3/0x490 [ 26.162914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.163874] kthread+0x257/0x310 [ 26.164407] ret_from_fork+0x41/0x80 [ 26.164713] ret_from_fork_asm+0x1a/0x30 [ 26.165020] [ 26.165179] The buggy address belongs to the object at ffff888101aa5480 [ 26.165179] which belongs to the cache kmalloc-32 of size 32 [ 26.166792] The buggy address is located 0 bytes inside of [ 26.166792] freed 32-byte region [ffff888101aa5480, ffff888101aa54a0) [ 26.168052] [ 26.168236] The buggy address belongs to the physical page: [ 26.168667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa5 [ 26.169349] flags: 0x200000000000000(node=0|zone=2) [ 26.170104] page_type: f5(slab) [ 26.170428] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.170860] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 26.171929] page dumped because: kasan: bad access detected [ 26.172427] [ 26.172628] Memory state around the buggy address: [ 26.173358] ffff888101aa5380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.173860] ffff888101aa5400: 00 00 05 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.174790] >ffff888101aa5480: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 26.175489] ^ [ 26.175727] ffff888101aa5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.176145] ffff888101aa5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.177324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 26.047359] ================================================================== [ 26.049063] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 26.049612] Read of size 4 at addr ffff888102a4c040 by task swapper/0/0 [ 26.050507] [ 26.051108] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.12.0-next-20241127 #1 [ 26.052065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.052543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.053257] Call Trace: [ 26.053546] <IRQ> [ 26.053892] dump_stack_lvl+0x73/0xb0 [ 26.054351] print_report+0xd1/0x640 [ 26.054718] ? __virt_addr_valid+0x1db/0x2d0 [ 26.055541] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.056147] kasan_report+0x102/0x140 [ 26.056643] ? rcu_uaf_reclaim+0x50/0x60 [ 26.057388] ? rcu_uaf_reclaim+0x50/0x60 [ 26.057839] __asan_report_load4_noabort+0x18/0x20 [ 26.058218] rcu_uaf_reclaim+0x50/0x60 [ 26.058888] rcu_core+0x680/0x1d70 [ 26.059435] ? __pfx_rcu_core+0x10/0x10 [ 26.059627] ? ktime_get+0x69/0x150 [ 26.059801] ? handle_softirqs+0x18e/0x720 [ 26.060035] rcu_core_si+0x12/0x20 [ 26.060298] handle_softirqs+0x209/0x720 [ 26.060720] ? hrtimer_interrupt+0x2fe/0x780 [ 26.061115] ? __pfx_handle_softirqs+0x10/0x10 [ 26.061781] __irq_exit_rcu+0xc9/0x110 [ 26.062418] irq_exit_rcu+0x12/0x20 [ 26.062974] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.063552] </IRQ> [ 26.063798] <TASK> [ 26.064073] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.064777] RIP: 0010:default_idle+0xf/0x20 [ 26.065489] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d f3 f5 34 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 26.067060] RSP: 0000:ffffffffbac07df0 EFLAGS: 00010202 [ 26.067700] RAX: ffff88815b000000 RBX: ffffffffbac1a680 RCX: ffffffffb990b345 [ 26.068406] RDX: ffffed102b606b23 RSI: 0000000000000004 RDI: 000000000003c3d4 [ 26.069093] RBP: ffffffffbac07df8 R08: 0000000000000001 R09: ffffed102b606b22 [ 26.069714] R10: ffff88815b035913 R11: 0000000000000000 R12: 0000000000000000 [ 26.070402] R13: fffffbfff75834d0 R14: ffffffffbb772bd0 R15: 0000000000000000 [ 26.071224] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 26.071706] ? arch_cpu_idle+0xd/0x20 [ 26.072088] default_idle_call+0x48/0x80 [ 26.072547] do_idle+0x310/0x3c0 [ 26.072972] ? __pfx_do_idle+0x10/0x10 [ 26.073388] ? schedule+0x75/0x310 [ 26.073697] ? trace_preempt_on+0x20/0xc0 [ 26.074207] ? schedule+0x86/0x310 [ 26.074586] ? preempt_count_sub+0x50/0x80 [ 26.075107] cpu_startup_entry+0x5c/0x70 [ 26.075472] rest_init+0x11a/0x140 [ 26.075890] ? acpi_subsystem_init+0x5d/0x150 [ 26.076379] start_kernel+0x320/0x400 [ 26.076696] x86_64_start_reservations+0x1c/0x30 [ 26.077326] x86_64_start_kernel+0xcf/0xe0 [ 26.077802] common_startup_64+0x12c/0x138 [ 26.078231] </TASK> [ 26.078559] [ 26.078793] Allocated by task 206: [ 26.079163] kasan_save_stack+0x3d/0x60 [ 26.079443] kasan_save_track+0x18/0x40 [ 26.079910] kasan_save_alloc_info+0x3b/0x50 [ 26.080493] __kasan_kmalloc+0xb7/0xc0 [ 26.080807] __kmalloc_cache_noprof+0x184/0x410 [ 26.081389] rcu_uaf+0xb1/0x330 [ 26.081738] kunit_try_run_case+0x1b3/0x490 [ 26.082268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.082703] kthread+0x257/0x310 [ 26.083054] ret_from_fork+0x41/0x80 [ 26.083496] ret_from_fork_asm+0x1a/0x30 [ 26.083836] [ 26.084007] Freed by task 0: [ 26.084371] kasan_save_stack+0x3d/0x60 [ 26.084802] kasan_save_track+0x18/0x40 [ 26.085250] kasan_save_free_info+0x3f/0x60 [ 26.085546] __kasan_slab_free+0x56/0x70 [ 26.085851] kfree+0x123/0x3f0 [ 26.086328] rcu_uaf_reclaim+0x1f/0x60 [ 26.086809] rcu_core+0x680/0x1d70 [ 26.087220] rcu_core_si+0x12/0x20 [ 26.087477] handle_softirqs+0x209/0x720 [ 26.087915] __irq_exit_rcu+0xc9/0x110 [ 26.088412] irq_exit_rcu+0x12/0x20 [ 26.088832] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.090577] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.091622] [ 26.091869] Last potentially related work creation: [ 26.092718] kasan_save_stack+0x3d/0x60 [ 26.093375] __kasan_record_aux_stack+0xae/0xc0 [ 26.094037] kasan_record_aux_stack_noalloc+0xf/0x20 [ 26.094614] __call_rcu_common.constprop.0+0x72/0xaa0 [ 26.095482] call_rcu+0x12/0x20 [ 26.095798] rcu_uaf+0x169/0x330 [ 26.096355] kunit_try_run_case+0x1b3/0x490 [ 26.096864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.097738] kthread+0x257/0x310 [ 26.098407] ret_from_fork+0x41/0x80 [ 26.098922] ret_from_fork_asm+0x1a/0x30 [ 26.099813] [ 26.100105] The buggy address belongs to the object at ffff888102a4c040 [ 26.100105] which belongs to the cache kmalloc-32 of size 32 [ 26.101324] The buggy address is located 0 bytes inside of [ 26.101324] freed 32-byte region [ffff888102a4c040, ffff888102a4c060) [ 26.102897] [ 26.103149] The buggy address belongs to the physical page: [ 26.103455] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4c [ 26.104364] flags: 0x200000000000000(node=0|zone=2) [ 26.104791] page_type: f5(slab) [ 26.105587] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.106413] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 26.107252] page dumped because: kasan: bad access detected [ 26.107790] [ 26.108061] Memory state around the buggy address: [ 26.108933] ffff888102a4bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.109757] ffff888102a4bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.110613] >ffff888102a4c000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.111478] ^ [ 26.112088] ffff888102a4c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.112804] ffff888102a4c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.113842] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 25.872511] ================================================================== [ 25.873510] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 25.874482] Read of size 1 at addr ffff888102a4af00 by task kunit_try_catch/204 [ 25.875111] [ 25.875286] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.876479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.876803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.877829] Call Trace: [ 25.878361] <TASK> [ 25.878661] dump_stack_lvl+0x73/0xb0 [ 25.879307] print_report+0xd1/0x640 [ 25.879676] ? __virt_addr_valid+0x1db/0x2d0 [ 25.880443] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.881226] kasan_report+0x102/0x140 [ 25.881647] ? ksize_uaf+0x19e/0x6c0 [ 25.882317] ? ksize_uaf+0x19e/0x6c0 [ 25.882863] ? ksize_uaf+0x19e/0x6c0 [ 25.883474] __kasan_check_byte+0x3d/0x50 [ 25.884139] ksize+0x20/0x60 [ 25.884519] ksize_uaf+0x19e/0x6c0 [ 25.885072] ? __pfx_ksize_uaf+0x10/0x10 [ 25.885611] ? __schedule+0xc3e/0x2790 [ 25.886191] ? __pfx_read_tsc+0x10/0x10 [ 25.886600] ? ktime_get_ts64+0x84/0x230 [ 25.887293] kunit_try_run_case+0x1b3/0x490 [ 25.887756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.888560] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.889296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.889881] ? __kthread_parkme+0x82/0x160 [ 25.890363] ? preempt_count_sub+0x50/0x80 [ 25.890777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.891166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.891686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.892354] kthread+0x257/0x310 [ 25.892751] ? __pfx_kthread+0x10/0x10 [ 25.893456] ret_from_fork+0x41/0x80 [ 25.893808] ? __pfx_kthread+0x10/0x10 [ 25.894487] ret_from_fork_asm+0x1a/0x30 [ 25.894832] </TASK> [ 25.895336] [ 25.895625] Allocated by task 204: [ 25.896281] kasan_save_stack+0x3d/0x60 [ 25.896568] kasan_save_track+0x18/0x40 [ 25.897249] kasan_save_alloc_info+0x3b/0x50 [ 25.897748] __kasan_kmalloc+0xb7/0xc0 [ 25.898304] __kmalloc_cache_noprof+0x184/0x410 [ 25.898769] ksize_uaf+0xab/0x6c0 [ 25.899340] kunit_try_run_case+0x1b3/0x490 [ 25.899756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.900616] kthread+0x257/0x310 [ 25.900860] ret_from_fork+0x41/0x80 [ 25.901765] ret_from_fork_asm+0x1a/0x30 [ 25.902376] [ 25.902524] Freed by task 204: [ 25.903154] kasan_save_stack+0x3d/0x60 [ 25.903537] kasan_save_track+0x18/0x40 [ 25.903878] kasan_save_free_info+0x3f/0x60 [ 25.904545] __kasan_slab_free+0x56/0x70 [ 25.905134] kfree+0x123/0x3f0 [ 25.905513] ksize_uaf+0x12d/0x6c0 [ 25.906088] kunit_try_run_case+0x1b3/0x490 [ 25.906527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.907338] kthread+0x257/0x310 [ 25.907655] ret_from_fork+0x41/0x80 [ 25.908347] ret_from_fork_asm+0x1a/0x30 [ 25.908662] [ 25.909138] The buggy address belongs to the object at ffff888102a4af00 [ 25.909138] which belongs to the cache kmalloc-128 of size 128 [ 25.910463] The buggy address is located 0 bytes inside of [ 25.910463] freed 128-byte region [ffff888102a4af00, ffff888102a4af80) [ 25.911636] [ 25.912132] The buggy address belongs to the physical page: [ 25.912643] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.913586] flags: 0x200000000000000(node=0|zone=2) [ 25.914235] page_type: f5(slab) [ 25.914503] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.915406] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.916107] page dumped because: kasan: bad access detected [ 25.916915] [ 25.917157] Memory state around the buggy address: [ 25.917923] ffff888102a4ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.919414] ffff888102a4ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.920283] >ffff888102a4af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.920784] ^ [ 25.921514] ffff888102a4af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.922524] ffff888102a4b000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.923475] ================================================================== [ 25.926653] ================================================================== [ 25.927354] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 25.927913] Read of size 1 at addr ffff888102a4af00 by task kunit_try_catch/204 [ 25.928750] [ 25.929283] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.930093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.930867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.932019] Call Trace: [ 25.932598] <TASK> [ 25.932723] dump_stack_lvl+0x73/0xb0 [ 25.932907] print_report+0xd1/0x640 [ 25.933203] ? __virt_addr_valid+0x1db/0x2d0 [ 25.933564] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.934548] kasan_report+0x102/0x140 [ 25.934962] ? ksize_uaf+0x600/0x6c0 [ 25.935836] ? ksize_uaf+0x600/0x6c0 [ 25.936756] __asan_report_load1_noabort+0x18/0x20 [ 25.937319] ksize_uaf+0x600/0x6c0 [ 25.937792] ? __pfx_ksize_uaf+0x10/0x10 [ 25.938511] ? __schedule+0xc3e/0x2790 [ 25.938922] ? __pfx_read_tsc+0x10/0x10 [ 25.939348] ? ktime_get_ts64+0x84/0x230 [ 25.939748] kunit_try_run_case+0x1b3/0x490 [ 25.940281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.940614] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.941335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.941818] ? __kthread_parkme+0x82/0x160 [ 25.942507] ? preempt_count_sub+0x50/0x80 [ 25.943070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.943612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.944210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.944941] kthread+0x257/0x310 [ 25.945427] ? __pfx_kthread+0x10/0x10 [ 25.945870] ret_from_fork+0x41/0x80 [ 25.946437] ? __pfx_kthread+0x10/0x10 [ 25.946965] ret_from_fork_asm+0x1a/0x30 [ 25.947644] </TASK> [ 25.947959] [ 25.948352] Allocated by task 204: [ 25.948948] kasan_save_stack+0x3d/0x60 [ 25.949416] kasan_save_track+0x18/0x40 [ 25.949860] kasan_save_alloc_info+0x3b/0x50 [ 25.950712] __kasan_kmalloc+0xb7/0xc0 [ 25.951453] __kmalloc_cache_noprof+0x184/0x410 [ 25.951931] ksize_uaf+0xab/0x6c0 [ 25.952980] kunit_try_run_case+0x1b3/0x490 [ 25.953667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.954294] kthread+0x257/0x310 [ 25.955292] ret_from_fork+0x41/0x80 [ 25.955651] ret_from_fork_asm+0x1a/0x30 [ 25.956065] [ 25.956703] Freed by task 204: [ 25.957107] kasan_save_stack+0x3d/0x60 [ 25.957407] kasan_save_track+0x18/0x40 [ 25.957862] kasan_save_free_info+0x3f/0x60 [ 25.958975] __kasan_slab_free+0x56/0x70 [ 25.959416] kfree+0x123/0x3f0 [ 25.959742] ksize_uaf+0x12d/0x6c0 [ 25.960416] kunit_try_run_case+0x1b3/0x490 [ 25.960980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.961673] kthread+0x257/0x310 [ 25.962087] ret_from_fork+0x41/0x80 [ 25.962821] ret_from_fork_asm+0x1a/0x30 [ 25.963430] [ 25.963627] The buggy address belongs to the object at ffff888102a4af00 [ 25.963627] which belongs to the cache kmalloc-128 of size 128 [ 25.965177] The buggy address is located 0 bytes inside of [ 25.965177] freed 128-byte region [ffff888102a4af00, ffff888102a4af80) [ 25.966275] [ 25.966447] The buggy address belongs to the physical page: [ 25.966958] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.968025] flags: 0x200000000000000(node=0|zone=2) [ 25.968409] page_type: f5(slab) [ 25.969019] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.969741] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.970589] page dumped because: kasan: bad access detected [ 25.971299] [ 25.971624] Memory state around the buggy address: [ 25.972301] ffff888102a4ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.972881] ffff888102a4ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.973702] >ffff888102a4af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.974501] ^ [ 25.974906] ffff888102a4af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.975908] ffff888102a4b000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.976682] ================================================================== [ 25.979399] ================================================================== [ 25.980411] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 25.981003] Read of size 1 at addr ffff888102a4af78 by task kunit_try_catch/204 [ 25.981632] [ 25.982149] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.982958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.983616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.984554] Call Trace: [ 25.984876] <TASK> [ 25.985290] dump_stack_lvl+0x73/0xb0 [ 25.985781] print_report+0xd1/0x640 [ 25.986399] ? __virt_addr_valid+0x1db/0x2d0 [ 25.987209] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.987707] kasan_report+0x102/0x140 [ 25.988433] ? ksize_uaf+0x5e6/0x6c0 [ 25.988731] ? ksize_uaf+0x5e6/0x6c0 [ 25.989307] __asan_report_load1_noabort+0x18/0x20 [ 25.989684] ksize_uaf+0x5e6/0x6c0 [ 25.990301] ? __pfx_ksize_uaf+0x10/0x10 [ 25.990685] ? __schedule+0xc3e/0x2790 [ 25.991404] ? __pfx_read_tsc+0x10/0x10 [ 25.992082] ? ktime_get_ts64+0x84/0x230 [ 25.992868] kunit_try_run_case+0x1b3/0x490 [ 25.993320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.994029] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.994566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.994917] ? __kthread_parkme+0x82/0x160 [ 25.995573] ? preempt_count_sub+0x50/0x80 [ 25.996046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.996649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.997299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.997933] kthread+0x257/0x310 [ 25.998429] ? __pfx_kthread+0x10/0x10 [ 25.998816] ret_from_fork+0x41/0x80 [ 25.999308] ? __pfx_kthread+0x10/0x10 [ 25.999716] ret_from_fork_asm+0x1a/0x30 [ 26.000123] </TASK> [ 26.000444] [ 26.000693] Allocated by task 204: [ 26.001200] kasan_save_stack+0x3d/0x60 [ 26.001562] kasan_save_track+0x18/0x40 [ 26.001951] kasan_save_alloc_info+0x3b/0x50 [ 26.002271] __kasan_kmalloc+0xb7/0xc0 [ 26.002642] __kmalloc_cache_noprof+0x184/0x410 [ 26.003251] ksize_uaf+0xab/0x6c0 [ 26.003835] kunit_try_run_case+0x1b3/0x490 [ 26.004354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.004793] kthread+0x257/0x310 [ 26.005062] ret_from_fork+0x41/0x80 [ 26.005401] ret_from_fork_asm+0x1a/0x30 [ 26.005923] [ 26.006352] Freed by task 204: [ 26.006770] kasan_save_stack+0x3d/0x60 [ 26.007521] kasan_save_track+0x18/0x40 [ 26.007799] kasan_save_free_info+0x3f/0x60 [ 26.008465] __kasan_slab_free+0x56/0x70 [ 26.008961] kfree+0x123/0x3f0 [ 26.009331] ksize_uaf+0x12d/0x6c0 [ 26.009899] kunit_try_run_case+0x1b3/0x490 [ 26.010229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.010647] kthread+0x257/0x310 [ 26.012113] ret_from_fork+0x41/0x80 [ 26.013078] ret_from_fork_asm+0x1a/0x30 [ 26.014105] [ 26.014410] The buggy address belongs to the object at ffff888102a4af00 [ 26.014410] which belongs to the cache kmalloc-128 of size 128 [ 26.015797] The buggy address is located 120 bytes inside of [ 26.015797] freed 128-byte region [ffff888102a4af00, ffff888102a4af80) [ 26.017876] [ 26.018110] The buggy address belongs to the physical page: [ 26.018430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 26.018743] flags: 0x200000000000000(node=0|zone=2) [ 26.018945] page_type: f5(slab) [ 26.019191] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.020419] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 26.021257] page dumped because: kasan: bad access detected [ 26.021704] [ 26.022058] Memory state around the buggy address: [ 26.022822] ffff888102a4ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.023578] ffff888102a4ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.024163] >ffff888102a4af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.024695] ^ [ 26.025301] ffff888102a4af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.026166] ffff888102a4b000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.027126] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 25.766134] ================================================================== [ 25.767184] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.767830] Read of size 1 at addr ffff888102a4ae78 by task kunit_try_catch/202 [ 25.768617] [ 25.768788] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.769939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.770383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.771367] Call Trace: [ 25.771592] <TASK> [ 25.771811] dump_stack_lvl+0x73/0xb0 [ 25.773010] print_report+0xd1/0x640 [ 25.774186] ? __virt_addr_valid+0x1db/0x2d0 [ 25.775286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.775887] kasan_report+0x102/0x140 [ 25.776549] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.777332] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.778160] __asan_report_load1_noabort+0x18/0x20 [ 25.778806] ksize_unpoisons_memory+0x7eb/0x9b0 [ 25.779853] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.780571] ? finish_task_switch.isra.0+0x153/0x700 [ 25.781522] ? __switch_to+0x5d9/0xf60 [ 25.782429] ? __schedule+0xc3e/0x2790 [ 25.783176] ? __pfx_read_tsc+0x10/0x10 [ 25.783865] ? ktime_get_ts64+0x84/0x230 [ 25.784659] kunit_try_run_case+0x1b3/0x490 [ 25.785466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.785757] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.786068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.786382] ? __kthread_parkme+0x82/0x160 [ 25.786654] ? preempt_count_sub+0x50/0x80 [ 25.786939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.787370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.788071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.788724] kthread+0x257/0x310 [ 25.790145] ? __pfx_kthread+0x10/0x10 [ 25.790701] ret_from_fork+0x41/0x80 [ 25.791135] ? __pfx_kthread+0x10/0x10 [ 25.791905] ret_from_fork_asm+0x1a/0x30 [ 25.792644] </TASK> [ 25.793016] [ 25.793779] Allocated by task 202: [ 25.794350] kasan_save_stack+0x3d/0x60 [ 25.794663] kasan_save_track+0x18/0x40 [ 25.795537] kasan_save_alloc_info+0x3b/0x50 [ 25.796239] __kasan_kmalloc+0xb7/0xc0 [ 25.796627] __kmalloc_cache_noprof+0x184/0x410 [ 25.797667] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.798096] kunit_try_run_case+0x1b3/0x490 [ 25.798804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.799594] kthread+0x257/0x310 [ 25.800404] ret_from_fork+0x41/0x80 [ 25.800839] ret_from_fork_asm+0x1a/0x30 [ 25.801406] [ 25.801660] The buggy address belongs to the object at ffff888102a4ae00 [ 25.801660] which belongs to the cache kmalloc-128 of size 128 [ 25.802415] The buggy address is located 5 bytes to the right of [ 25.802415] allocated 115-byte region [ffff888102a4ae00, ffff888102a4ae73) [ 25.804589] [ 25.805009] The buggy address belongs to the physical page: [ 25.805522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.806187] flags: 0x200000000000000(node=0|zone=2) [ 25.806580] page_type: f5(slab) [ 25.806961] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.808139] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.808629] page dumped because: kasan: bad access detected [ 25.809352] [ 25.809600] Memory state around the buggy address: [ 25.810348] ffff888102a4ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.810866] ffff888102a4ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.812091] >ffff888102a4ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.812696] ^ [ 25.813612] ffff888102a4ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.814473] ffff888102a4af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.815165] ================================================================== [ 25.818169] ================================================================== [ 25.818777] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.820654] Read of size 1 at addr ffff888102a4ae7f by task kunit_try_catch/202 [ 25.821891] [ 25.822268] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.824043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.824415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.825310] Call Trace: [ 25.825621] <TASK> [ 25.826054] dump_stack_lvl+0x73/0xb0 [ 25.826562] print_report+0xd1/0x640 [ 25.826910] ? __virt_addr_valid+0x1db/0x2d0 [ 25.827739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.828558] kasan_report+0x102/0x140 [ 25.829192] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.829745] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.830355] __asan_report_load1_noabort+0x18/0x20 [ 25.831314] ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.831959] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.832755] ? finish_task_switch.isra.0+0x153/0x700 [ 25.833594] ? __switch_to+0x5d9/0xf60 [ 25.834347] ? __schedule+0xc3e/0x2790 [ 25.834705] ? __pfx_read_tsc+0x10/0x10 [ 25.835371] ? ktime_get_ts64+0x84/0x230 [ 25.835874] kunit_try_run_case+0x1b3/0x490 [ 25.836754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.837699] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.838478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.839056] ? __kthread_parkme+0x82/0x160 [ 25.839692] ? preempt_count_sub+0x50/0x80 [ 25.840524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.841499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.842337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.842796] kthread+0x257/0x310 [ 25.843221] ? __pfx_kthread+0x10/0x10 [ 25.843683] ret_from_fork+0x41/0x80 [ 25.844488] ? __pfx_kthread+0x10/0x10 [ 25.845110] ret_from_fork_asm+0x1a/0x30 [ 25.845525] </TASK> [ 25.845848] [ 25.846270] Allocated by task 202: [ 25.846694] kasan_save_stack+0x3d/0x60 [ 25.847134] kasan_save_track+0x18/0x40 [ 25.847763] kasan_save_alloc_info+0x3b/0x50 [ 25.848335] __kasan_kmalloc+0xb7/0xc0 [ 25.848800] __kmalloc_cache_noprof+0x184/0x410 [ 25.849779] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.850348] kunit_try_run_case+0x1b3/0x490 [ 25.850920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.851657] kthread+0x257/0x310 [ 25.851938] ret_from_fork+0x41/0x80 [ 25.852502] ret_from_fork_asm+0x1a/0x30 [ 25.852925] [ 25.853188] The buggy address belongs to the object at ffff888102a4ae00 [ 25.853188] which belongs to the cache kmalloc-128 of size 128 [ 25.854719] The buggy address is located 12 bytes to the right of [ 25.854719] allocated 115-byte region [ffff888102a4ae00, ffff888102a4ae73) [ 25.856053] [ 25.856272] The buggy address belongs to the physical page: [ 25.856978] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.858058] flags: 0x200000000000000(node=0|zone=2) [ 25.858830] page_type: f5(slab) [ 25.859341] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.860043] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.861322] page dumped because: kasan: bad access detected [ 25.861891] [ 25.862186] Memory state around the buggy address: [ 25.862783] ffff888102a4ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.863618] ffff888102a4ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.864423] >ffff888102a4ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.865241] ^ [ 25.865905] ffff888102a4ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.866643] ffff888102a4af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.867494] ================================================================== [ 25.717628] ================================================================== [ 25.719355] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 25.719965] Read of size 1 at addr ffff888102a4ae73 by task kunit_try_catch/202 [ 25.721293] [ 25.721466] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 25.722770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.723491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.724800] Call Trace: [ 25.725052] <TASK> [ 25.725472] dump_stack_lvl+0x73/0xb0 [ 25.725882] print_report+0xd1/0x640 [ 25.726812] ? __virt_addr_valid+0x1db/0x2d0 [ 25.727279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.728242] kasan_report+0x102/0x140 [ 25.728428] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 25.728641] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 25.728859] __asan_report_load1_noabort+0x18/0x20 [ 25.729206] ksize_unpoisons_memory+0x81e/0x9b0 [ 25.729732] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.731303] ? finish_task_switch.isra.0+0x153/0x700 [ 25.731737] ? __switch_to+0x5d9/0xf60 [ 25.732384] ? __schedule+0xc3e/0x2790 [ 25.732812] ? __pfx_read_tsc+0x10/0x10 [ 25.733556] ? ktime_get_ts64+0x84/0x230 [ 25.734078] kunit_try_run_case+0x1b3/0x490 [ 25.734557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.735000] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.735915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.736550] ? __kthread_parkme+0x82/0x160 [ 25.737282] ? preempt_count_sub+0x50/0x80 [ 25.737759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.738586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.739158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.739819] kthread+0x257/0x310 [ 25.740900] ? __pfx_kthread+0x10/0x10 [ 25.741406] ret_from_fork+0x41/0x80 [ 25.741813] ? __pfx_kthread+0x10/0x10 [ 25.742228] ret_from_fork_asm+0x1a/0x30 [ 25.743058] </TASK> [ 25.743236] [ 25.743424] Allocated by task 202: [ 25.743855] kasan_save_stack+0x3d/0x60 [ 25.744269] kasan_save_track+0x18/0x40 [ 25.744662] kasan_save_alloc_info+0x3b/0x50 [ 25.745395] __kasan_kmalloc+0xb7/0xc0 [ 25.746183] __kmalloc_cache_noprof+0x184/0x410 [ 25.746862] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.748270] kunit_try_run_case+0x1b3/0x490 [ 25.748709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.749647] kthread+0x257/0x310 [ 25.749884] ret_from_fork+0x41/0x80 [ 25.750547] ret_from_fork_asm+0x1a/0x30 [ 25.751126] [ 25.751377] The buggy address belongs to the object at ffff888102a4ae00 [ 25.751377] which belongs to the cache kmalloc-128 of size 128 [ 25.752569] The buggy address is located 0 bytes to the right of [ 25.752569] allocated 115-byte region [ffff888102a4ae00, ffff888102a4ae73) [ 25.753607] [ 25.753899] The buggy address belongs to the physical page: [ 25.754504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4a [ 25.755339] flags: 0x200000000000000(node=0|zone=2) [ 25.755896] page_type: f5(slab) [ 25.756373] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.757142] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 25.758153] page dumped because: kasan: bad access detected [ 25.759045] [ 25.759263] Memory state around the buggy address: [ 25.759798] ffff888102a4ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.760524] ffff888102a4ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.761105] >ffff888102a4ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.761950] ^ [ 25.762847] ffff888102a4ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.763570] ffff888102a4af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.764313] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 24.043809] ================================================================== [ 24.045288] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 24.046070] Read of size 1 at addr ffff888102d70000 by task kunit_try_catch/162 [ 24.047134] [ 24.047632] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 24.049076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.049647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.050589] Call Trace: [ 24.050863] <TASK> [ 24.051416] dump_stack_lvl+0x73/0xb0 [ 24.051876] print_report+0xd1/0x640 [ 24.052625] ? __virt_addr_valid+0x1db/0x2d0 [ 24.052951] ? kasan_addr_to_slab+0x11/0xa0 [ 24.053763] kasan_report+0x102/0x140 [ 24.054367] ? page_alloc_uaf+0x358/0x3d0 [ 24.054786] ? page_alloc_uaf+0x358/0x3d0 [ 24.055796] __asan_report_load1_noabort+0x18/0x20 [ 24.056529] page_alloc_uaf+0x358/0x3d0 [ 24.057055] ? __pfx_page_alloc_uaf+0x10/0x10 [ 24.057890] ? __schedule+0xc3e/0x2790 [ 24.058505] ? __pfx_read_tsc+0x10/0x10 [ 24.058887] ? ktime_get_ts64+0x84/0x230 [ 24.059536] kunit_try_run_case+0x1b3/0x490 [ 24.060098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.060739] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.061273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.061972] ? __kthread_parkme+0x82/0x160 [ 24.062494] ? preempt_count_sub+0x50/0x80 [ 24.063234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.063773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.064695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.065333] kthread+0x257/0x310 [ 24.065842] ? __pfx_kthread+0x10/0x10 [ 24.066401] ret_from_fork+0x41/0x80 [ 24.067033] ? __pfx_kthread+0x10/0x10 [ 24.067502] ret_from_fork_asm+0x1a/0x30 [ 24.067936] </TASK> [ 24.068446] [ 24.068653] The buggy address belongs to the physical page: [ 24.069000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d70 [ 24.069936] flags: 0x200000000000000(node=0|zone=2) [ 24.070525] page_type: f0(buddy) [ 24.070921] raw: 0200000000000000 ffff88817fffc4a0 ffff88817fffc4a0 0000000000000000 [ 24.071711] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 24.072763] page dumped because: kasan: bad access detected [ 24.073296] [ 24.073826] Memory state around the buggy address: [ 24.074675] ffff888102d6ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.075388] ffff888102d6ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.076378] >ffff888102d70000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.076868] ^ [ 24.077454] ffff888102d70080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.078380] ffff888102d70100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.079306] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 23.984677] ================================================================== [ 23.986048] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 23.987619] Free of addr ffff888102cc0001 by task kunit_try_catch/158 [ 23.988611] [ 23.988899] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.990602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.991271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.992206] Call Trace: [ 23.992466] <TASK> [ 23.992718] dump_stack_lvl+0x73/0xb0 [ 23.993102] print_report+0xd1/0x640 [ 23.993448] ? __virt_addr_valid+0x1db/0x2d0 [ 23.993830] ? kfree+0x271/0x3f0 [ 23.995135] ? kasan_addr_to_slab+0x11/0xa0 [ 23.995970] ? kfree+0x271/0x3f0 [ 23.996760] kasan_report_invalid_free+0xc0/0xf0 [ 23.997599] ? kfree+0x271/0x3f0 [ 23.997897] ? kfree+0x271/0x3f0 [ 23.998448] __kasan_kfree_large+0x86/0xd0 [ 23.999305] free_large_kmalloc+0x3b/0xd0 [ 23.999664] kfree+0x271/0x3f0 [ 23.999842] kmalloc_large_invalid_free+0x121/0x2b0 [ 24.000928] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 24.001567] ? __schedule+0xc3e/0x2790 [ 24.002563] ? __pfx_read_tsc+0x10/0x10 [ 24.003031] ? ktime_get_ts64+0x84/0x230 [ 24.003782] kunit_try_run_case+0x1b3/0x490 [ 24.004163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.004759] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.005913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.006867] ? __kthread_parkme+0x82/0x160 [ 24.007507] ? preempt_count_sub+0x50/0x80 [ 24.008250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.008664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.009851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.010676] kthread+0x257/0x310 [ 24.011477] ? __pfx_kthread+0x10/0x10 [ 24.012128] ret_from_fork+0x41/0x80 [ 24.012840] ? __pfx_kthread+0x10/0x10 [ 24.013467] ret_from_fork_asm+0x1a/0x30 [ 24.014269] </TASK> [ 24.014543] [ 24.014748] The buggy address belongs to the physical page: [ 24.015826] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 24.016901] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.017931] flags: 0x200000000000040(head|node=0|zone=2) [ 24.018733] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.019929] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.021086] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.021764] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.023518] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 24.024251] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.024800] page dumped because: kasan: bad access detected [ 24.025696] [ 24.025937] Memory state around the buggy address: [ 24.026897] ffff888102cbff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.028039] ffff888102cbff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.029613] >ffff888102cc0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.030292] ^ [ 24.031062] ffff888102cc0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.032356] ffff888102cc0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.032964] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 23.945198] ================================================================== [ 23.946571] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 23.947484] Read of size 1 at addr ffff888102c54000 by task kunit_try_catch/156 [ 23.948278] [ 23.948573] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.949710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.950134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.950901] Call Trace: [ 23.951328] <TASK> [ 23.951708] dump_stack_lvl+0x73/0xb0 [ 23.952326] print_report+0xd1/0x640 [ 23.952786] ? __virt_addr_valid+0x1db/0x2d0 [ 23.953424] ? kasan_addr_to_slab+0x11/0xa0 [ 23.953868] kasan_report+0x102/0x140 [ 23.954538] ? kmalloc_large_uaf+0x2f3/0x340 [ 23.955277] ? kmalloc_large_uaf+0x2f3/0x340 [ 23.955842] __asan_report_load1_noabort+0x18/0x20 [ 23.956586] kmalloc_large_uaf+0x2f3/0x340 [ 23.957267] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 23.957855] ? __schedule+0xc3e/0x2790 [ 23.958641] ? __pfx_read_tsc+0x10/0x10 [ 23.959137] ? ktime_get_ts64+0x84/0x230 [ 23.959663] kunit_try_run_case+0x1b3/0x490 [ 23.960450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.961059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.961595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.962194] ? __kthread_parkme+0x82/0x160 [ 23.962785] ? preempt_count_sub+0x50/0x80 [ 23.963203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.963949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.964670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.965279] kthread+0x257/0x310 [ 23.965689] ? __pfx_kthread+0x10/0x10 [ 23.966304] ret_from_fork+0x41/0x80 [ 23.967075] ? __pfx_kthread+0x10/0x10 [ 23.967759] ret_from_fork_asm+0x1a/0x30 [ 23.968406] </TASK> [ 23.968690] [ 23.968944] The buggy address belongs to the physical page: [ 23.969590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c54 [ 23.970367] flags: 0x200000000000000(node=0|zone=2) [ 23.971310] raw: 0200000000000000 ffffea00040b1608 ffff88815b13f000 0000000000000000 [ 23.971964] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 23.972696] page dumped because: kasan: bad access detected [ 23.973432] [ 23.973837] Memory state around the buggy address: [ 23.974450] ffff888102c53f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.975167] ffff888102c53f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.976367] >ffff888102c54000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.976634] ^ [ 23.976783] ffff888102c54080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.978170] ffff888102c54100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.979024] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 23.897098] ================================================================== [ 23.898294] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 23.899643] Write of size 1 at addr ffff888102cc200a by task kunit_try_catch/154 [ 23.901467] [ 23.901837] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.902900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.903442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.904373] Call Trace: [ 23.904708] <TASK> [ 23.905400] dump_stack_lvl+0x73/0xb0 [ 23.905799] print_report+0xd1/0x640 [ 23.906506] ? __virt_addr_valid+0x1db/0x2d0 [ 23.907042] ? kasan_addr_to_slab+0x11/0xa0 [ 23.907465] kasan_report+0x102/0x140 [ 23.907841] ? kmalloc_large_oob_right+0x2eb/0x340 [ 23.908428] ? kmalloc_large_oob_right+0x2eb/0x340 [ 23.908770] __asan_report_store1_noabort+0x1b/0x30 [ 23.909647] kmalloc_large_oob_right+0x2eb/0x340 [ 23.910377] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 23.910883] ? __schedule+0xc3e/0x2790 [ 23.911441] ? __pfx_read_tsc+0x10/0x10 [ 23.911725] ? ktime_get_ts64+0x84/0x230 [ 23.912499] kunit_try_run_case+0x1b3/0x490 [ 23.913376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.914143] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.914630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.915344] ? __kthread_parkme+0x82/0x160 [ 23.915728] ? preempt_count_sub+0x50/0x80 [ 23.916522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.917308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.917851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.918524] kthread+0x257/0x310 [ 23.918853] ? __pfx_kthread+0x10/0x10 [ 23.919471] ret_from_fork+0x41/0x80 [ 23.919852] ? __pfx_kthread+0x10/0x10 [ 23.920567] ret_from_fork_asm+0x1a/0x30 [ 23.921409] </TASK> [ 23.921772] [ 23.922321] The buggy address belongs to the physical page: [ 23.922848] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 23.923954] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.924888] flags: 0x200000000000040(head|node=0|zone=2) [ 23.925615] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.926750] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.927671] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.928677] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.929810] head: 0200000000000002 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 23.930654] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.931530] page dumped because: kasan: bad access detected [ 23.932642] [ 23.932848] Memory state around the buggy address: [ 23.933841] ffff888102cc1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.934826] ffff888102cc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.935911] >ffff888102cc2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.936632] ^ [ 23.937063] ffff888102cc2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.938209] ffff888102cc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.938934] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 23.839858] ================================================================== [ 23.841956] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 23.843130] Write of size 1 at addr ffff88810211df00 by task kunit_try_catch/152 [ 23.843808] [ 23.844047] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.844800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.845174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.845875] Call Trace: [ 23.846239] <TASK> [ 23.846512] dump_stack_lvl+0x73/0xb0 [ 23.847471] print_report+0xd1/0x640 [ 23.847777] ? __virt_addr_valid+0x1db/0x2d0 [ 23.848874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.850417] kasan_report+0x102/0x140 [ 23.850780] ? kmalloc_big_oob_right+0x318/0x370 [ 23.851312] ? kmalloc_big_oob_right+0x318/0x370 [ 23.851785] __asan_report_store1_noabort+0x1b/0x30 [ 23.852704] kmalloc_big_oob_right+0x318/0x370 [ 23.853558] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 23.854219] ? __schedule+0xc3e/0x2790 [ 23.854959] ? __pfx_read_tsc+0x10/0x10 [ 23.855695] ? ktime_get_ts64+0x84/0x230 [ 23.856128] kunit_try_run_case+0x1b3/0x490 [ 23.856534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.856959] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.857844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.858762] ? __kthread_parkme+0x82/0x160 [ 23.859403] ? preempt_count_sub+0x50/0x80 [ 23.859963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.860687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.861334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.862170] kthread+0x257/0x310 [ 23.862571] ? __pfx_kthread+0x10/0x10 [ 23.863371] ret_from_fork+0x41/0x80 [ 23.863971] ? __pfx_kthread+0x10/0x10 [ 23.864577] ret_from_fork_asm+0x1a/0x30 [ 23.865229] </TASK> [ 23.865516] [ 23.866136] Allocated by task 152: [ 23.866416] kasan_save_stack+0x3d/0x60 [ 23.866865] kasan_save_track+0x18/0x40 [ 23.867344] kasan_save_alloc_info+0x3b/0x50 [ 23.867785] __kasan_kmalloc+0xb7/0xc0 [ 23.868764] __kmalloc_cache_noprof+0x184/0x410 [ 23.869187] kmalloc_big_oob_right+0xaa/0x370 [ 23.869933] kunit_try_run_case+0x1b3/0x490 [ 23.870393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.871259] kthread+0x257/0x310 [ 23.871815] ret_from_fork+0x41/0x80 [ 23.872214] ret_from_fork_asm+0x1a/0x30 [ 23.872911] [ 23.873217] The buggy address belongs to the object at ffff88810211c000 [ 23.873217] which belongs to the cache kmalloc-8k of size 8192 [ 23.874483] The buggy address is located 0 bytes to the right of [ 23.874483] allocated 7936-byte region [ffff88810211c000, ffff88810211df00) [ 23.876216] [ 23.876504] The buggy address belongs to the physical page: [ 23.877407] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102118 [ 23.878287] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.879396] flags: 0x200000000000040(head|node=0|zone=2) [ 23.879852] page_type: f5(slab) [ 23.880501] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 23.881340] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 23.882343] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 23.883290] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 23.884259] head: 0200000000000003 ffffea0004084601 ffffffffffffffff 0000000000000000 [ 23.884968] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 23.886086] page dumped because: kasan: bad access detected [ 23.886524] [ 23.887173] Memory state around the buggy address: [ 23.887586] ffff88810211de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.888694] ffff88810211de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.889476] >ffff88810211df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.890307] ^ [ 23.890590] ffff88810211df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.891451] ffff88810211e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.892057] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 23.793454] ================================================================== [ 23.794396] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.795231] Write of size 1 at addr ffff888101a9d678 by task kunit_try_catch/150 [ 23.795749] [ 23.796212] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.797178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.797557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.798577] Call Trace: [ 23.798812] <TASK> [ 23.799636] dump_stack_lvl+0x73/0xb0 [ 23.800343] print_report+0xd1/0x640 [ 23.800716] ? __virt_addr_valid+0x1db/0x2d0 [ 23.801159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.801661] kasan_report+0x102/0x140 [ 23.802239] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.803234] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.803670] __asan_report_store1_noabort+0x1b/0x30 [ 23.804246] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 23.804692] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 23.805531] ? __schedule+0xc3e/0x2790 [ 23.806067] ? __pfx_read_tsc+0x10/0x10 [ 23.806527] ? ktime_get_ts64+0x84/0x230 [ 23.807070] kunit_try_run_case+0x1b3/0x490 [ 23.807505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.808034] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.808624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.809257] ? __kthread_parkme+0x82/0x160 [ 23.809573] ? preempt_count_sub+0x50/0x80 [ 23.810407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.810810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.811560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.812313] kthread+0x257/0x310 [ 23.812627] ? __pfx_kthread+0x10/0x10 [ 23.813241] ret_from_fork+0x41/0x80 [ 23.813652] ? __pfx_kthread+0x10/0x10 [ 23.814036] ret_from_fork_asm+0x1a/0x30 [ 23.814395] </TASK> [ 23.814672] [ 23.814926] Allocated by task 150: [ 23.815258] kasan_save_stack+0x3d/0x60 [ 23.815601] kasan_save_track+0x18/0x40 [ 23.816229] kasan_save_alloc_info+0x3b/0x50 [ 23.816579] __kasan_kmalloc+0xb7/0xc0 [ 23.817356] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.817844] kmalloc_track_caller_oob_right+0x19b/0x530 [ 23.818600] kunit_try_run_case+0x1b3/0x490 [ 23.819010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.819656] kthread+0x257/0x310 [ 23.820102] ret_from_fork+0x41/0x80 [ 23.820563] ret_from_fork_asm+0x1a/0x30 [ 23.820878] [ 23.821319] The buggy address belongs to the object at ffff888101a9d600 [ 23.821319] which belongs to the cache kmalloc-128 of size 128 [ 23.822599] The buggy address is located 0 bytes to the right of [ 23.822599] allocated 120-byte region [ffff888101a9d600, ffff888101a9d678) [ 23.823723] [ 23.824150] The buggy address belongs to the physical page: [ 23.824673] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9d [ 23.825455] flags: 0x200000000000000(node=0|zone=2) [ 23.826130] page_type: f5(slab) [ 23.826390] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.827537] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.828216] page dumped because: kasan: bad access detected [ 23.828816] [ 23.829260] Memory state around the buggy address: [ 23.829675] ffff888101a9d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.830452] ffff888101a9d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.831134] >ffff888101a9d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.831590] ^ [ 23.832422] ffff888101a9d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.833152] ffff888101a9d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.833891] ================================================================== [ 23.750861] ================================================================== [ 23.752798] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.753676] Write of size 1 at addr ffff888101a9d578 by task kunit_try_catch/150 [ 23.754429] [ 23.755068] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.756218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.756590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.757229] Call Trace: [ 23.757571] <TASK> [ 23.757818] dump_stack_lvl+0x73/0xb0 [ 23.758407] print_report+0xd1/0x640 [ 23.758843] ? __virt_addr_valid+0x1db/0x2d0 [ 23.759389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.760050] kasan_report+0x102/0x140 [ 23.760513] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.761196] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.761742] __asan_report_store1_noabort+0x1b/0x30 [ 23.762473] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 23.763231] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 23.763672] ? __schedule+0xc3e/0x2790 [ 23.764297] ? __pfx_read_tsc+0x10/0x10 [ 23.764650] ? ktime_get_ts64+0x84/0x230 [ 23.765243] kunit_try_run_case+0x1b3/0x490 [ 23.765740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.766416] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.766838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.767742] ? __kthread_parkme+0x82/0x160 [ 23.768428] ? preempt_count_sub+0x50/0x80 [ 23.768874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.769436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.769931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.770439] kthread+0x257/0x310 [ 23.770845] ? __pfx_kthread+0x10/0x10 [ 23.771385] ret_from_fork+0x41/0x80 [ 23.771692] ? __pfx_kthread+0x10/0x10 [ 23.772347] ret_from_fork_asm+0x1a/0x30 [ 23.772681] </TASK> [ 23.773285] [ 23.773535] Allocated by task 150: [ 23.773841] kasan_save_stack+0x3d/0x60 [ 23.774412] kasan_save_track+0x18/0x40 [ 23.774690] kasan_save_alloc_info+0x3b/0x50 [ 23.775368] __kasan_kmalloc+0xb7/0xc0 [ 23.775701] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.776411] kmalloc_track_caller_oob_right+0x9a/0x530 [ 23.776774] kunit_try_run_case+0x1b3/0x490 [ 23.777407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.777837] kthread+0x257/0x310 [ 23.778202] ret_from_fork+0x41/0x80 [ 23.778577] ret_from_fork_asm+0x1a/0x30 [ 23.778957] [ 23.779471] The buggy address belongs to the object at ffff888101a9d500 [ 23.779471] which belongs to the cache kmalloc-128 of size 128 [ 23.780653] The buggy address is located 0 bytes to the right of [ 23.780653] allocated 120-byte region [ffff888101a9d500, ffff888101a9d578) [ 23.781822] [ 23.782220] The buggy address belongs to the physical page: [ 23.782740] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9d [ 23.783491] flags: 0x200000000000000(node=0|zone=2) [ 23.784362] page_type: f5(slab) [ 23.784683] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.785545] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.786362] page dumped because: kasan: bad access detected [ 23.786883] [ 23.787303] Memory state around the buggy address: [ 23.787776] ffff888101a9d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.788675] ffff888101a9d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.789520] >ffff888101a9d500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.790073] ^ [ 23.790546] ffff888101a9d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.791461] ffff888101a9d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.792136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 23.696395] ================================================================== [ 23.697800] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 23.698686] Read of size 1 at addr ffff8881028c5000 by task kunit_try_catch/148 [ 23.699401] [ 23.699888] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.701665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.702217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.703075] Call Trace: [ 23.703357] <TASK> [ 23.703611] dump_stack_lvl+0x73/0xb0 [ 23.704055] print_report+0xd1/0x640 [ 23.704341] ? __virt_addr_valid+0x1db/0x2d0 [ 23.704967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.706739] kasan_report+0x102/0x140 [ 23.707464] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 23.707883] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 23.708584] __asan_report_load1_noabort+0x18/0x20 [ 23.709422] kmalloc_node_oob_right+0x36b/0x3d0 [ 23.710149] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 23.710446] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 23.710678] kunit_try_run_case+0x1b3/0x490 [ 23.710878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.711211] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.712105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.712941] ? __kthread_parkme+0x82/0x160 [ 23.713784] ? preempt_count_sub+0x50/0x80 [ 23.714429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.715470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.716577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.717142] kthread+0x257/0x310 [ 23.717589] ? __pfx_kthread+0x10/0x10 [ 23.717960] ret_from_fork+0x41/0x80 [ 23.718470] ? __pfx_kthread+0x10/0x10 [ 23.719312] ret_from_fork_asm+0x1a/0x30 [ 23.720196] </TASK> [ 23.720531] [ 23.720681] Allocated by task 148: [ 23.721162] kasan_save_stack+0x3d/0x60 [ 23.721737] kasan_save_track+0x18/0x40 [ 23.722496] kasan_save_alloc_info+0x3b/0x50 [ 23.722841] __kasan_kmalloc+0xb7/0xc0 [ 23.723401] __kmalloc_cache_node_noprof+0x183/0x410 [ 23.724484] kmalloc_node_oob_right+0xac/0x3d0 [ 23.724857] kunit_try_run_case+0x1b3/0x490 [ 23.725444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.725890] kthread+0x257/0x310 [ 23.726235] ret_from_fork+0x41/0x80 [ 23.726636] ret_from_fork_asm+0x1a/0x30 [ 23.727368] [ 23.727625] The buggy address belongs to the object at ffff8881028c4000 [ 23.727625] which belongs to the cache kmalloc-4k of size 4096 [ 23.728555] The buggy address is located 0 bytes to the right of [ 23.728555] allocated 4096-byte region [ffff8881028c4000, ffff8881028c5000) [ 23.729712] [ 23.729871] The buggy address belongs to the physical page: [ 23.730712] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c0 [ 23.732140] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.732819] flags: 0x200000000000040(head|node=0|zone=2) [ 23.733736] page_type: f5(slab) [ 23.734235] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 23.734882] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 23.735806] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 23.736723] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 23.737611] head: 0200000000000003 ffffea00040a3001 ffffffffffffffff 0000000000000000 [ 23.738743] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 23.739494] page dumped because: kasan: bad access detected [ 23.740095] [ 23.740305] Memory state around the buggy address: [ 23.740846] ffff8881028c4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.741587] ffff8881028c4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.742414] >ffff8881028c5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.743161] ^ [ 23.743625] ffff8881028c5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.744393] ffff8881028c5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.745106] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 23.645363] ================================================================== [ 23.646556] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 23.647373] Read of size 1 at addr ffff888102699cff by task kunit_try_catch/146 [ 23.648884] [ 23.649251] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241127 #1 [ 23.650753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.651147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.651775] Call Trace: [ 23.652263] <TASK> [ 23.652645] dump_stack_lvl+0x73/0xb0 [ 23.653032] print_report+0xd1/0x640 [ 23.653581] ? __virt_addr_valid+0x1db/0x2d0 [ 23.654341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.654855] kasan_report+0x102/0x140 [ 23.655431] ? kmalloc_oob_left+0x363/0x3c0 [ 23.656002] ? kmalloc_oob_left+0x363/0x3c0 [ 23.656629] __asan_report_load1_noabort+0x18/0x20 [ 23.657299] kmalloc_oob_left+0x363/0x3c0 [ 23.657916] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 23.658672] ? __schedule+0xc3e/0x2790 [ 23.659314] ? __pfx_read_tsc+0x10/0x10 [ 23.659701] ? ktime_get_ts64+0x84/0x230 [ 23.660279] kunit_try_run_case+0x1b3/0x490 [ 23.660797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.661379] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.662064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.662572] ? __kthread_parkme+0x82/0x160 [ 23.663313] ? preempt_count_sub+0x50/0x80 [ 23.663934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.664499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.664896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.665518] kthread+0x257/0x310 [ 23.665870] ? __pfx_kthread+0x10/0x10 [ 23.666579] ret_from_fork+0x41/0x80 [ 23.667090] ? __pfx_kthread+0x10/0x10 [ 23.667544] ret_from_fork_asm+0x1a/0x30 [ 23.668262] </TASK> [ 23.668517] [ 23.668670] Allocated by task 10: [ 23.669315] kasan_save_stack+0x3d/0x60 [ 23.669855] kasan_save_track+0x18/0x40 [ 23.670294] kasan_save_alloc_info+0x3b/0x50 [ 23.670872] __kasan_kmalloc+0xb7/0xc0 [ 23.671425] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 23.672035] kvasprintf+0xc6/0x150 [ 23.672300] __kthread_create_on_node+0x18c/0x3a0 [ 23.673252] kthread_create_on_node+0xa8/0xe0 [ 23.673682] create_worker+0x3c8/0x7a0 [ 23.674118] worker_thread+0x97d/0x1300 [ 23.674587] kthread+0x257/0x310 [ 23.675269] ret_from_fork+0x41/0x80 [ 23.675685] ret_from_fork_asm+0x1a/0x30 [ 23.676296] [ 23.676451] The buggy address belongs to the object at ffff888102699ce0 [ 23.676451] which belongs to the cache kmalloc-16 of size 16 [ 23.677834] The buggy address is located 19 bytes to the right of [ 23.677834] allocated 12-byte region [ffff888102699ce0, ffff888102699cec) [ 23.679130] [ 23.679440] The buggy address belongs to the physical page: [ 23.679841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102699 [ 23.680703] flags: 0x200000000000000(node=0|zone=2) [ 23.681325] page_type: f5(slab) [ 23.681798] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.682550] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 23.683662] page dumped because: kasan: bad access detected [ 23.684260] [ 23.684523] Memory state around the buggy address: [ 23.685016] ffff888102699b80: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 23.685567] ffff888102699c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 23.686426] >ffff888102699c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 04 fc fc [ 23.687322] ^ [ 23.687939] ffff888102699d00: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.688856] ffff888102699d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.689539] ==================================================================