Date
Nov. 28, 2024, 2:36 a.m.
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 214.098809] WARNING: CPU: 1 PID: 2226 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 214.100415] Modules linked in: [ 214.100932] CPU: 1 UID: 0 PID: 2226 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241128 #1 [ 214.102293] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 214.102809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 214.103877] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 214.104530] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 214.106148] RSP: 0000:ffff888107057ce8 EFLAGS: 00010286 [ 214.106871] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 214.107986] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff93409778 [ 214.108904] RBP: ffff888107057d10 R08: 0000000000000000 R09: ffffed1020b07720 [ 214.109699] R10: ffff88810583b907 R11: 0000000000000000 R12: ffffffff93409760 [ 214.110473] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107057da8 [ 214.111036] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 214.111751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.112521] CR2: 00007ffff7ffe000 CR3: 000000001a2b8000 CR4: 00000000000006f0 [ 214.113129] DR0: ffffffff953eb1a4 DR1: ffffffff953eb1a9 DR2: ffffffff953eb1aa [ 214.113931] DR3: ffffffff953eb1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 214.114643] Call Trace: [ 214.115313] <TASK> [ 214.115559] ? show_regs+0x68/0x80 [ 214.116149] ? __warn+0xd5/0x260 [ 214.116568] ? drm_rect_calc_hscale+0x125/0x190 [ 214.117148] ? report_bug+0x278/0x2e0 [ 214.117668] ? handle_bug+0x5c/0xb0 [ 214.118222] ? exc_invalid_op+0x1c/0x50 [ 214.119056] ? asm_exc_invalid_op+0x1f/0x30 [ 214.119457] ? drm_rect_calc_hscale+0x125/0x190 [ 214.120063] drm_test_rect_calc_hscale+0x109/0x270 [ 214.120691] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 214.121360] ? __schedule+0xc3e/0x2790 [ 214.121688] ? __pfx_read_tsc+0x10/0x10 [ 214.122131] ? ktime_get_ts64+0x84/0x230 [ 214.122824] kunit_try_run_case+0x1b3/0x490 [ 214.123533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.123897] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 214.124528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 214.125050] ? __kthread_parkme+0x82/0x160 [ 214.125885] ? preempt_count_sub+0x50/0x80 [ 214.126773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.127215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 214.127869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 214.128597] kthread+0x257/0x310 [ 214.128935] ? __pfx_kthread+0x10/0x10 [ 214.129418] ret_from_fork+0x41/0x80 [ 214.129861] ? __pfx_kthread+0x10/0x10 [ 214.130227] ret_from_fork_asm+0x1a/0x30 [ 214.130699] </TASK> [ 214.131300] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 214.059745] WARNING: CPU: 0 PID: 2224 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 214.060360] Modules linked in: [ 214.060918] CPU: 0 UID: 0 PID: 2224 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241128 #1 [ 214.062259] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 214.063482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 214.064562] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 214.065075] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 214.067118] RSP: 0000:ffff888107057ce8 EFLAGS: 00010286 [ 214.067792] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 214.068155] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff93409740 [ 214.068998] RBP: ffff888107057d10 R08: 0000000000000000 R09: ffffed1020b07700 [ 214.069836] R10: ffff88810583b807 R11: 0000000000000000 R12: ffffffff93409728 [ 214.070723] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107057da8 [ 214.071707] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 214.072547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.073453] CR2: 00007ffff7ffe000 CR3: 000000001a2b8000 CR4: 00000000000006f0 [ 214.074401] DR0: ffffffff953eb1a0 DR1: ffffffff953eb1a1 DR2: ffffffff953eb1a3 [ 214.075235] DR3: ffffffff953eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 214.075870] Call Trace: [ 214.076423] <TASK> [ 214.076749] ? show_regs+0x68/0x80 [ 214.077359] ? __warn+0xd5/0x260 [ 214.077779] ? drm_rect_calc_hscale+0x125/0x190 [ 214.078239] ? report_bug+0x278/0x2e0 [ 214.078600] ? handle_bug+0x5c/0xb0 [ 214.079054] ? exc_invalid_op+0x1c/0x50 [ 214.079624] ? asm_exc_invalid_op+0x1f/0x30 [ 214.080028] ? drm_rect_calc_hscale+0x125/0x190 [ 214.080808] drm_test_rect_calc_hscale+0x109/0x270 [ 214.081485] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 214.082465] ? __schedule+0xc3e/0x2790 [ 214.082843] ? __pfx_read_tsc+0x10/0x10 [ 214.083472] ? ktime_get_ts64+0x84/0x230 [ 214.083825] kunit_try_run_case+0x1b3/0x490 [ 214.084514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.085109] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 214.085782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 214.086481] ? __kthread_parkme+0x82/0x160 [ 214.086937] ? preempt_count_sub+0x50/0x80 [ 214.087671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.088379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 214.089053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 214.089780] kthread+0x257/0x310 [ 214.090351] ? __pfx_kthread+0x10/0x10 [ 214.090833] ret_from_fork+0x41/0x80 [ 214.091537] ? __pfx_kthread+0x10/0x10 [ 214.092322] ret_from_fork_asm+0x1a/0x30 [ 214.092740] </TASK> [ 214.093270] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 212.742507] WARNING: CPU: 0 PID: 2032 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 212.743228] Modules linked in: [ 212.743661] CPU: 0 UID: 0 PID: 2032 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241128 #1 [ 212.744703] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 212.745899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 212.747226] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 212.747910] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 212.749573] RSP: 0000:ffff888106e7fba0 EFLAGS: 00010246 [ 212.750148] RAX: dffffc0000000000 RBX: ffff888106e7fc98 RCX: 0000000000000000 [ 212.750653] RDX: 1ffff11020dcff9c RSI: ffff888106e7fc98 RDI: ffff888106e7fce0 [ 212.751396] RBP: ffff888106e7fbe0 R08: ffff8881066d7000 R09: ffffffff933b6300 [ 212.751983] R10: 0000000000000003 R11: 00000000ffffffff R12: ffff8881066d7000 [ 212.752677] R13: ffff888100317b20 R14: ffff888106e7fc18 R15: ffff888106e7fe28 [ 212.753398] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 212.754082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.754726] CR2: 00007ffff7ffe000 CR3: 000000001a2b8000 CR4: 00000000000006f0 [ 212.755429] DR0: ffffffff953eb1a0 DR1: ffffffff953eb1a1 DR2: ffffffff953eb1a3 [ 212.756520] DR3: ffffffff953eb1a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 212.757114] Call Trace: [ 212.757333] <TASK> [ 212.757814] ? show_regs+0x68/0x80 [ 212.758625] ? __warn+0xd5/0x260 [ 212.759050] ? drm_framebuffer_init+0x44/0x300 [ 212.759601] ? report_bug+0x278/0x2e0 [ 212.760309] ? handle_bug+0x5c/0xb0 [ 212.760834] ? exc_invalid_op+0x1c/0x50 [ 212.761573] ? asm_exc_invalid_op+0x1f/0x30 [ 212.762019] ? drm_framebuffer_init+0x44/0x300 [ 212.762715] ? add_dr+0xc1/0x1d0 [ 212.763068] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 212.763871] ? add_dr+0x148/0x1d0 [ 212.764417] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 212.765060] ? __drmm_add_action+0x1a4/0x280 [ 212.765546] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 212.766528] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 212.767160] ? __drmm_add_action_or_reset+0x22/0x50 [ 212.768122] ? __schedule+0xc3e/0x2790 [ 212.768511] ? __pfx_read_tsc+0x10/0x10 [ 212.768842] ? ktime_get_ts64+0x84/0x230 [ 212.769144] kunit_try_run_case+0x1b3/0x490 [ 212.769774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 212.770340] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 212.770725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 212.771344] ? __kthread_parkme+0x82/0x160 [ 212.772568] ? preempt_count_sub+0x50/0x80 [ 212.772893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 212.773811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 212.774452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 212.774941] kthread+0x257/0x310 [ 212.775741] ? __pfx_kthread+0x10/0x10 [ 212.776329] ret_from_fork+0x41/0x80 [ 212.776843] ? __pfx_kthread+0x10/0x10 [ 212.777293] ret_from_fork_asm+0x1a/0x30 [ 212.777657] </TASK> [ 212.777991] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 212.667710] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 212.668616] WARNING: CPU: 1 PID: 2028 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 212.671106] Modules linked in: [ 212.671730] CPU: 1 UID: 0 PID: 2028 Comm: kunit_try_catch Tainted: G B D N 6.12.0-next-20241128 #1 [ 212.672706] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 212.672910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 212.674441] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 212.675673] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 04 05 80 00 48 c7 c1 00 13 3b 93 4c 89 fa 48 c7 c7 60 13 3b 93 48 89 c6 e8 2b 73 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 212.677009] RSP: 0000:ffff888106ed7bd8 EFLAGS: 00010282 [ 212.677735] RAX: 0000000000000000 RBX: ffff888106ed7cb0 RCX: 1ffffffff28242fc [ 212.678974] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 212.680297] RBP: ffff888106ed7c00 R08: 0000000000000000 R09: fffffbfff28242fc [ 212.680995] R10: 0000000000000003 R11: 00000000000279d8 R12: ffff888106ed7c88 [ 212.681910] R13: ffff888106855000 R14: ffff888106b41000 R15: ffff888106c87200 [ 212.682709] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 212.683956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.685583] CR2: 00007ffff7ffe000 CR3: 000000001a2b8000 CR4: 00000000000006f0 [ 212.686616] DR0: ffffffff953eb1a4 DR1: ffffffff953eb1a9 DR2: ffffffff953eb1aa [ 212.687499] DR3: ffffffff953eb1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 212.688514] Call Trace: [ 212.688880] <TASK> [ 212.689330] ? show_regs+0x68/0x80 [ 212.689970] ? __warn+0xd5/0x260 [ 212.690508] ? drm_framebuffer_free+0x136/0x1b0 [ 212.691910] ? report_bug+0x278/0x2e0 [ 212.692435] ? handle_bug+0x5c/0xb0 [ 212.692864] ? exc_invalid_op+0x1c/0x50 [ 212.693248] ? asm_exc_invalid_op+0x1f/0x30 [ 212.693728] ? drm_framebuffer_free+0x136/0x1b0 [ 212.694141] ? drm_framebuffer_free+0x135/0x1b0 [ 212.695273] drm_test_framebuffer_free+0x1ac/0x610 [ 212.696098] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 212.697021] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 212.697762] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 212.698327] ? __drmm_add_action_or_reset+0x22/0x50 [ 212.699070] ? __schedule+0xc3e/0x2790 [ 212.700370] ? __pfx_read_tsc+0x10/0x10 [ 212.700781] ? ktime_get_ts64+0x84/0x230 [ 212.701222] kunit_try_run_case+0x1b3/0x490 [ 212.702364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 212.702858] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 212.703886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 212.704741] ? __kthread_parkme+0x82/0x160 [ 212.705584] ? preempt_count_sub+0x50/0x80 [ 212.706029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 212.706582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 212.707085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 212.708333] kthread+0x257/0x310 [ 212.708886] ? __pfx_kthread+0x10/0x10 [ 212.709711] ret_from_fork+0x41/0x80 [ 212.710180] ? __pfx_kthread+0x10/0x10 [ 212.710682] ret_from_fork_asm+0x1a/0x30 [ 212.711503] </TASK> [ 212.711797] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 38.279695] ================================================================== [ 38.280564] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 38.280564] [ 38.281785] Invalid read at 0x(____ptrval____): [ 38.282358] test_invalid_access+0xf1/0x210 [ 38.282906] kunit_try_run_case+0x1b3/0x490 [ 38.283460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.284178] kthread+0x257/0x310 [ 38.284611] ret_from_fork+0x41/0x80 [ 38.284993] ret_from_fork_asm+0x1a/0x30 [ 38.285616] [ 38.285890] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 38.286825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.287359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.288238] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 166.442065] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 62.804798] ================================================================== [ 62.805616] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 62.805616] [ 62.806320] Use-after-free read at 0x(____ptrval____) (in kfence-#184): [ 62.806895] test_krealloc+0x6fd/0xbe0 [ 62.807683] kunit_try_run_case+0x1b3/0x490 [ 62.808120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.808715] kthread+0x257/0x310 [ 62.809084] ret_from_fork+0x41/0x80 [ 62.809473] ret_from_fork_asm+0x1a/0x30 [ 62.809772] [ 62.810034] kfence-#184: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 62.810034] [ 62.811020] allocated by task 345 on cpu 0 at 62.803792s (0.007224s ago): [ 62.811655] test_alloc+0x35f/0x10d0 [ 62.812117] test_krealloc+0xae/0xbe0 [ 62.812711] kunit_try_run_case+0x1b3/0x490 [ 62.813331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.813832] kthread+0x257/0x310 [ 62.814180] ret_from_fork+0x41/0x80 [ 62.814669] ret_from_fork_asm+0x1a/0x30 [ 62.815133] [ 62.815428] freed by task 345 on cpu 0 at 62.804127s (0.011297s ago): [ 62.815882] krealloc_noprof+0x108/0x340 [ 62.816560] test_krealloc+0x227/0xbe0 [ 62.816850] kunit_try_run_case+0x1b3/0x490 [ 62.817589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.818106] kthread+0x257/0x310 [ 62.818483] ret_from_fork+0x41/0x80 [ 62.818750] ret_from_fork_asm+0x1a/0x30 [ 62.819294] [ 62.819615] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 62.820605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.821066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 62.821920] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 62.716661] ================================================================== [ 62.717466] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 62.717466] [ 62.718248] Use-after-free read at 0x(____ptrval____) (in kfence-#183): [ 62.719554] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 62.720399] kunit_try_run_case+0x1b3/0x490 [ 62.720825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.721368] kthread+0x257/0x310 [ 62.721711] ret_from_fork+0x41/0x80 [ 62.722035] ret_from_fork_asm+0x1a/0x30 [ 62.722477] [ 62.722770] kfence-#183: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 62.722770] [ 62.724042] allocated by task 343 on cpu 0 at 62.699731s (0.024307s ago): [ 62.725219] test_alloc+0x2a7/0x10d0 [ 62.725667] test_memcache_typesafe_by_rcu+0x170/0x670 [ 62.726340] kunit_try_run_case+0x1b3/0x490 [ 62.726751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.727237] kthread+0x257/0x310 [ 62.727658] ret_from_fork+0x41/0x80 [ 62.727923] ret_from_fork_asm+0x1a/0x30 [ 62.728440] [ 62.728647] freed by task 343 on cpu 0 at 62.699850s (0.028793s ago): [ 62.729422] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 62.730080] kunit_try_run_case+0x1b3/0x490 [ 62.730567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.731113] kthread+0x257/0x310 [ 62.731578] ret_from_fork+0x41/0x80 [ 62.732050] ret_from_fork_asm+0x1a/0x30 [ 62.732551] [ 62.732821] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 62.733738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.734356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 62.735218] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 20.946302] ================================================================== [ 20.947115] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 20.948028] Write of size 1 at addr ffff888102bba0f0 by task kunit_try_catch/168 [ 20.949798] [ 20.950071] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.951863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.952815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.954380] Call Trace: [ 20.954834] <TASK> [ 20.955286] dump_stack_lvl+0x73/0xb0 [ 20.956042] print_report+0xd1/0x640 [ 20.956841] ? __virt_addr_valid+0x1db/0x2d0 [ 20.957438] ? kasan_addr_to_slab+0x11/0xa0 [ 20.957896] kasan_report+0x102/0x140 [ 20.958430] ? krealloc_more_oob_helper+0x7ed/0x930 [ 20.959009] ? krealloc_more_oob_helper+0x7ed/0x930 [ 20.959985] __asan_report_store1_noabort+0x1b/0x30 [ 20.960369] krealloc_more_oob_helper+0x7ed/0x930 [ 20.960862] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.961638] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 20.962576] ? ktime_get_ts64+0xbf/0x230 [ 20.963029] ? __pfx_read_tsc+0x10/0x10 [ 20.963507] krealloc_large_more_oob+0x1c/0x30 [ 20.963788] kunit_try_run_case+0x1b3/0x490 [ 20.964587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.965586] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.966276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.966699] ? __kthread_parkme+0x82/0x160 [ 20.967792] ? preempt_count_sub+0x50/0x80 [ 20.968665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.969202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.969693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.970308] kthread+0x257/0x310 [ 20.971051] ? __pfx_kthread+0x10/0x10 [ 20.971987] ret_from_fork+0x41/0x80 [ 20.972885] ? __pfx_kthread+0x10/0x10 [ 20.973367] ret_from_fork_asm+0x1a/0x30 [ 20.974095] </TASK> [ 20.974444] [ 20.975021] The buggy address belongs to the physical page: [ 20.975627] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 20.976421] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.977558] flags: 0x200000000000040(head|node=0|zone=2) [ 20.978227] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.978944] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.979843] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.981059] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.981874] head: 0200000000000002 ffffea00040aee01 ffffffffffffffff 0000000000000000 [ 20.982787] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.983676] page dumped because: kasan: bad access detected [ 20.984410] [ 20.984627] Memory state around the buggy address: [ 20.985766] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.986516] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.987528] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 20.988162] ^ [ 20.989632] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.990275] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.991329] ================================================================== [ 20.899755] ================================================================== [ 20.900996] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 20.901656] Write of size 1 at addr ffff888102bba0eb by task kunit_try_catch/168 [ 20.902309] [ 20.902867] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.904464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.904886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.905620] Call Trace: [ 20.905853] <TASK> [ 20.906148] dump_stack_lvl+0x73/0xb0 [ 20.906989] print_report+0xd1/0x640 [ 20.907768] ? __virt_addr_valid+0x1db/0x2d0 [ 20.908433] ? kasan_addr_to_slab+0x11/0xa0 [ 20.909085] kasan_report+0x102/0x140 [ 20.909620] ? krealloc_more_oob_helper+0x823/0x930 [ 20.910077] ? krealloc_more_oob_helper+0x823/0x930 [ 20.910814] __asan_report_store1_noabort+0x1b/0x30 [ 20.911553] krealloc_more_oob_helper+0x823/0x930 [ 20.911954] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.912740] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 20.913444] ? ktime_get_ts64+0xbf/0x230 [ 20.913895] ? __pfx_read_tsc+0x10/0x10 [ 20.914369] krealloc_large_more_oob+0x1c/0x30 [ 20.914826] kunit_try_run_case+0x1b3/0x490 [ 20.915277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.916004] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.916935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.918009] ? __kthread_parkme+0x82/0x160 [ 20.918743] ? preempt_count_sub+0x50/0x80 [ 20.919229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.919840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.920325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.921252] kthread+0x257/0x310 [ 20.921716] ? __pfx_kthread+0x10/0x10 [ 20.922058] ret_from_fork+0x41/0x80 [ 20.922642] ? __pfx_kthread+0x10/0x10 [ 20.923035] ret_from_fork_asm+0x1a/0x30 [ 20.923783] </TASK> [ 20.923982] [ 20.924139] The buggy address belongs to the physical page: [ 20.924700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 20.925764] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.926632] flags: 0x200000000000040(head|node=0|zone=2) [ 20.927902] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.929210] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.930602] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.932038] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.932727] head: 0200000000000002 ffffea00040aee01 ffffffffffffffff 0000000000000000 [ 20.934029] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.934956] page dumped because: kasan: bad access detected [ 20.935629] [ 20.935832] Memory state around the buggy address: [ 20.936397] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.938120] ffff888102bba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.939144] >ffff888102bba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 20.940011] ^ [ 20.940884] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.942481] ffff888102bba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.943895] ================================================================== [ 20.570027] ================================================================== [ 20.570677] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 20.571808] Write of size 1 at addr ffff8881003a1ef0 by task kunit_try_catch/164 [ 20.572581] [ 20.572880] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.574375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.574840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.575939] Call Trace: [ 20.576427] <TASK> [ 20.576912] dump_stack_lvl+0x73/0xb0 [ 20.577746] print_report+0xd1/0x640 [ 20.578326] ? __virt_addr_valid+0x1db/0x2d0 [ 20.579089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.580126] kasan_report+0x102/0x140 [ 20.580489] ? krealloc_more_oob_helper+0x7ed/0x930 [ 20.581063] ? krealloc_more_oob_helper+0x7ed/0x930 [ 20.581915] __asan_report_store1_noabort+0x1b/0x30 [ 20.582382] krealloc_more_oob_helper+0x7ed/0x930 [ 20.583363] ? __schedule+0xc3e/0x2790 [ 20.584036] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 20.584963] ? finish_task_switch.isra.0+0x153/0x700 [ 20.585732] ? __switch_to+0x5d9/0xf60 [ 20.586604] ? __schedule+0xc3e/0x2790 [ 20.586920] ? __pfx_read_tsc+0x10/0x10 [ 20.587250] krealloc_more_oob+0x1c/0x30 [ 20.587711] kunit_try_run_case+0x1b3/0x490 [ 20.588155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.588685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.589060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.589625] ? __kthread_parkme+0x82/0x160 [ 20.590038] ? preempt_count_sub+0x50/0x80 [ 20.590478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.591028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.592141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.592939] kthread+0x257/0x310 [ 20.593555] ? __pfx_kthread+0x10/0x10 [ 20.593905] ret_from_fork+0x41/0x80 [ 20.594388] ? __pfx_kthread+0x10/0x10 [ 20.594844] ret_from_fork_asm+0x1a/0x30 [ 20.595770] </TASK> [ 20.596139] [ 20.596498] Allocated by task 164: [ 20.596770] kasan_save_stack+0x3d/0x60 [ 20.597156] kasan_save_track+0x18/0x40 [ 20.597663] kasan_save_alloc_info+0x3b/0x50 [ 20.598101] __kasan_krealloc+0x190/0x1f0 [ 20.598422] krealloc_noprof+0xf3/0x340 [ 20.598876] krealloc_more_oob_helper+0x1aa/0x930 [ 20.599712] krealloc_more_oob+0x1c/0x30 [ 20.600029] kunit_try_run_case+0x1b3/0x490 [ 20.600632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.601385] kthread+0x257/0x310 [ 20.601787] ret_from_fork+0x41/0x80 [ 20.602302] ret_from_fork_asm+0x1a/0x30 [ 20.602770] [ 20.602999] The buggy address belongs to the object at ffff8881003a1e00 [ 20.602999] which belongs to the cache kmalloc-256 of size 256 [ 20.604280] The buggy address is located 5 bytes to the right of [ 20.604280] allocated 235-byte region [ffff8881003a1e00, ffff8881003a1eeb) [ 20.605672] [ 20.605831] The buggy address belongs to the physical page: [ 20.606303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 20.607123] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.608149] flags: 0x200000000000040(head|node=0|zone=2) [ 20.608820] page_type: f5(slab) [ 20.609379] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.610050] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.610694] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.611276] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.611932] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 20.612810] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.613613] page dumped because: kasan: bad access detected [ 20.614275] [ 20.614510] Memory state around the buggy address: [ 20.614889] ffff8881003a1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.615726] ffff8881003a1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.616773] >ffff8881003a1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 20.617574] ^ [ 20.618222] ffff8881003a1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.618878] ffff8881003a1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.619436] ================================================================== [ 20.519776] ================================================================== [ 20.521476] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 20.522251] Write of size 1 at addr ffff8881003a1eeb by task kunit_try_catch/164 [ 20.523756] [ 20.524330] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.525293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.525846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.526652] Call Trace: [ 20.526915] <TASK> [ 20.527214] dump_stack_lvl+0x73/0xb0 [ 20.528154] print_report+0xd1/0x640 [ 20.528606] ? __virt_addr_valid+0x1db/0x2d0 [ 20.529010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.529802] kasan_report+0x102/0x140 [ 20.530016] ? krealloc_more_oob_helper+0x823/0x930 [ 20.530735] ? krealloc_more_oob_helper+0x823/0x930 [ 20.531860] __asan_report_store1_noabort+0x1b/0x30 [ 20.532236] krealloc_more_oob_helper+0x823/0x930 [ 20.532692] ? __schedule+0xc3e/0x2790 [ 20.533072] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 20.534224] ? finish_task_switch.isra.0+0x153/0x700 [ 20.534709] ? __switch_to+0x5d9/0xf60 [ 20.535157] ? __schedule+0xc3e/0x2790 [ 20.535661] ? __pfx_read_tsc+0x10/0x10 [ 20.536033] krealloc_more_oob+0x1c/0x30 [ 20.536756] kunit_try_run_case+0x1b3/0x490 [ 20.537690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.538395] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.538960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.539515] ? __kthread_parkme+0x82/0x160 [ 20.539988] ? preempt_count_sub+0x50/0x80 [ 20.540579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.540983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.541796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.542335] kthread+0x257/0x310 [ 20.542758] ? __pfx_kthread+0x10/0x10 [ 20.543058] ret_from_fork+0x41/0x80 [ 20.543530] ? __pfx_kthread+0x10/0x10 [ 20.543980] ret_from_fork_asm+0x1a/0x30 [ 20.544516] </TASK> [ 20.544829] [ 20.545062] Allocated by task 164: [ 20.545914] kasan_save_stack+0x3d/0x60 [ 20.546524] kasan_save_track+0x18/0x40 [ 20.546981] kasan_save_alloc_info+0x3b/0x50 [ 20.547755] __kasan_krealloc+0x190/0x1f0 [ 20.548200] krealloc_noprof+0xf3/0x340 [ 20.548728] krealloc_more_oob_helper+0x1aa/0x930 [ 20.549286] krealloc_more_oob+0x1c/0x30 [ 20.549659] kunit_try_run_case+0x1b3/0x490 [ 20.550129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.550679] kthread+0x257/0x310 [ 20.551023] ret_from_fork+0x41/0x80 [ 20.551793] ret_from_fork_asm+0x1a/0x30 [ 20.552279] [ 20.552565] The buggy address belongs to the object at ffff8881003a1e00 [ 20.552565] which belongs to the cache kmalloc-256 of size 256 [ 20.553715] The buggy address is located 0 bytes to the right of [ 20.553715] allocated 235-byte region [ffff8881003a1e00, ffff8881003a1eeb) [ 20.554668] [ 20.554866] The buggy address belongs to the physical page: [ 20.555458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 20.556003] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.557026] flags: 0x200000000000040(head|node=0|zone=2) [ 20.557714] page_type: f5(slab) [ 20.558001] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.558906] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.559687] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.560724] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.561319] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 20.562002] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.562569] page dumped because: kasan: bad access detected [ 20.563139] [ 20.563475] Memory state around the buggy address: [ 20.563908] ffff8881003a1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.564864] ffff8881003a1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.565709] >ffff8881003a1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 20.566396] ^ [ 20.566966] ffff8881003a1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.567617] ffff8881003a1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.568180] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 38.052003] ================================================================== [ 38.052794] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 38.052794] [ 38.054678] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#179): [ 38.055921] test_kmalloc_aligned_oob_write+0x251/0x340 [ 38.056470] kunit_try_run_case+0x1b3/0x490 [ 38.056981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.057572] kthread+0x257/0x310 [ 38.057969] ret_from_fork+0x41/0x80 [ 38.058496] ret_from_fork_asm+0x1a/0x30 [ 38.058810] [ 38.059179] kfence-#179: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 38.059179] [ 38.060126] allocated by task 333 on cpu 0 at 38.051708s (0.008414s ago): [ 38.060719] test_alloc+0x35f/0x10d0 [ 38.061286] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 38.061805] kunit_try_run_case+0x1b3/0x490 [ 38.062362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.062853] kthread+0x257/0x310 [ 38.063342] ret_from_fork+0x41/0x80 [ 38.063839] ret_from_fork_asm+0x1a/0x30 [ 38.064375] [ 38.064674] freed by task 333 on cpu 0 at 38.051871s (0.012799s ago): [ 38.065329] test_kmalloc_aligned_oob_write+0x251/0x340 [ 38.065948] kunit_try_run_case+0x1b3/0x490 [ 38.066424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.067156] kthread+0x257/0x310 [ 38.067498] ret_from_fork+0x41/0x80 [ 38.067970] ret_from_fork_asm+0x1a/0x30 [ 38.068403] [ 38.068736] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 38.069720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.070103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.070925] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 37.740007] ================================================================== [ 37.740671] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 37.740671] [ 37.741938] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#176): [ 37.743230] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 37.743735] kunit_try_run_case+0x1b3/0x490 [ 37.744147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.744631] kthread+0x257/0x310 [ 37.744988] ret_from_fork+0x41/0x80 [ 37.745631] ret_from_fork_asm+0x1a/0x30 [ 37.746005] [ 37.746245] kfence-#176: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 37.746245] [ 37.747126] allocated by task 331 on cpu 0 at 37.739696s (0.007425s ago): [ 37.747723] test_alloc+0x35f/0x10d0 [ 37.748189] test_kmalloc_aligned_oob_read+0x106/0x570 [ 37.748551] kunit_try_run_case+0x1b3/0x490 [ 37.749136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.749509] kthread+0x257/0x310 [ 37.749942] ret_from_fork+0x41/0x80 [ 37.750440] ret_from_fork_asm+0x1a/0x30 [ 37.750851] [ 37.751174] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 37.751843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.752400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.753181] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 31.812201] ================================================================== [ 31.813046] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 31.813046] [ 31.814257] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#119): [ 31.814894] test_corruption+0x2e1/0x3e0 [ 31.815406] kunit_try_run_case+0x1b3/0x490 [ 31.815963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.816797] kthread+0x257/0x310 [ 31.817403] ret_from_fork+0x41/0x80 [ 31.818027] ret_from_fork_asm+0x1a/0x30 [ 31.818665] [ 31.819028] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.819028] [ 31.819769] allocated by task 319 on cpu 1 at 31.811820s (0.007944s ago): [ 31.820398] test_alloc+0x35f/0x10d0 [ 31.820784] test_corruption+0x1cc/0x3e0 [ 31.821194] kunit_try_run_case+0x1b3/0x490 [ 31.821639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.822182] kthread+0x257/0x310 [ 31.822509] ret_from_fork+0x41/0x80 [ 31.822777] ret_from_fork_asm+0x1a/0x30 [ 31.823274] [ 31.823472] freed by task 319 on cpu 1 at 31.811964s (0.011503s ago): [ 31.824034] test_corruption+0x2e1/0x3e0 [ 31.824559] kunit_try_run_case+0x1b3/0x490 [ 31.825030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.825708] kthread+0x257/0x310 [ 31.825997] ret_from_fork+0x41/0x80 [ 31.826487] ret_from_fork_asm+0x1a/0x30 [ 31.826829] [ 31.827153] CPU: 1 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 31.827944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.828354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.829266] ================================================================== [ 31.708135] ================================================================== [ 31.708900] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 31.708900] [ 31.709768] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#118): [ 31.711568] test_corruption+0x2d4/0x3e0 [ 31.712063] kunit_try_run_case+0x1b3/0x490 [ 31.712673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.713443] kthread+0x257/0x310 [ 31.713750] ret_from_fork+0x41/0x80 [ 31.714166] ret_from_fork_asm+0x1a/0x30 [ 31.714712] [ 31.714890] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.714890] [ 31.715745] allocated by task 319 on cpu 1 at 31.707752s (0.007989s ago): [ 31.716538] test_alloc+0x35f/0x10d0 [ 31.716976] test_corruption+0xe7/0x3e0 [ 31.717529] kunit_try_run_case+0x1b3/0x490 [ 31.717983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.718541] kthread+0x257/0x310 [ 31.718968] ret_from_fork+0x41/0x80 [ 31.719636] ret_from_fork_asm+0x1a/0x30 [ 31.720008] [ 31.720348] freed by task 319 on cpu 1 at 31.707895s (0.012448s ago): [ 31.720916] test_corruption+0x2d4/0x3e0 [ 31.721461] kunit_try_run_case+0x1b3/0x490 [ 31.721870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.722420] kthread+0x257/0x310 [ 31.723075] ret_from_fork+0x41/0x80 [ 31.723471] ret_from_fork_asm+0x1a/0x30 [ 31.723848] [ 31.724135] CPU: 1 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 31.725225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.725518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.726875] ================================================================== [ 32.540006] ================================================================== [ 32.540712] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 32.540712] [ 32.541459] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#126): [ 32.542445] test_corruption+0x217/0x3e0 [ 32.542885] kunit_try_run_case+0x1b3/0x490 [ 32.543359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.543951] kthread+0x257/0x310 [ 32.544312] ret_from_fork+0x41/0x80 [ 32.544619] ret_from_fork_asm+0x1a/0x30 [ 32.545055] [ 32.545309] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.545309] [ 32.546284] allocated by task 321 on cpu 1 at 32.539791s (0.006488s ago): [ 32.547285] test_alloc+0x2a7/0x10d0 [ 32.547596] test_corruption+0x1cc/0x3e0 [ 32.547888] kunit_try_run_case+0x1b3/0x490 [ 32.548535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.549130] kthread+0x257/0x310 [ 32.549536] ret_from_fork+0x41/0x80 [ 32.549845] ret_from_fork_asm+0x1a/0x30 [ 32.550139] [ 32.550301] freed by task 321 on cpu 1 at 32.539882s (0.010415s ago): [ 32.551250] test_corruption+0x217/0x3e0 [ 32.551762] kunit_try_run_case+0x1b3/0x490 [ 32.552075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.552746] kthread+0x257/0x310 [ 32.553202] ret_from_fork+0x41/0x80 [ 32.553679] ret_from_fork_asm+0x1a/0x30 [ 32.554046] [ 32.554352] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 32.555011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.555642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.556301] ================================================================== [ 32.227970] ================================================================== [ 32.228798] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 32.228798] [ 32.229837] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#123): [ 32.230917] test_corruption+0x132/0x3e0 [ 32.231493] kunit_try_run_case+0x1b3/0x490 [ 32.231924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.232419] kthread+0x257/0x310 [ 32.232858] ret_from_fork+0x41/0x80 [ 32.233335] ret_from_fork_asm+0x1a/0x30 [ 32.233696] [ 32.233858] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.233858] [ 32.234757] allocated by task 321 on cpu 1 at 32.227775s (0.006978s ago): [ 32.235540] test_alloc+0x2a7/0x10d0 [ 32.235845] test_corruption+0xe7/0x3e0 [ 32.236247] kunit_try_run_case+0x1b3/0x490 [ 32.236582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.237047] kthread+0x257/0x310 [ 32.237579] ret_from_fork+0x41/0x80 [ 32.238034] ret_from_fork_asm+0x1a/0x30 [ 32.238578] [ 32.238762] freed by task 321 on cpu 1 at 32.227851s (0.010907s ago): [ 32.239346] test_corruption+0x132/0x3e0 [ 32.239642] kunit_try_run_case+0x1b3/0x490 [ 32.240196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.240837] kthread+0x257/0x310 [ 32.241306] ret_from_fork+0x41/0x80 [ 32.241816] ret_from_fork_asm+0x1a/0x30 [ 32.242309] [ 32.242605] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 32.243454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.243725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.244690] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 31.603923] ================================================================== [ 31.604622] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 31.604622] [ 31.605199] Invalid free of 0x(____ptrval____) (in kfence-#117): [ 31.605804] test_invalid_addr_free+0xfc/0x260 [ 31.606173] kunit_try_run_case+0x1b3/0x490 [ 31.606658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.607375] kthread+0x257/0x310 [ 31.608021] ret_from_fork+0x41/0x80 [ 31.608727] ret_from_fork_asm+0x1a/0x30 [ 31.609513] [ 31.609878] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.609878] [ 31.611213] allocated by task 317 on cpu 1 at 31.603753s (0.007456s ago): [ 31.612211] test_alloc+0x2a7/0x10d0 [ 31.612613] test_invalid_addr_free+0xdc/0x260 [ 31.613063] kunit_try_run_case+0x1b3/0x490 [ 31.614010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.614562] kthread+0x257/0x310 [ 31.615154] ret_from_fork+0x41/0x80 [ 31.615775] ret_from_fork_asm+0x1a/0x30 [ 31.616466] [ 31.616724] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 31.617694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.618185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.619034] ================================================================== [ 31.499961] ================================================================== [ 31.500767] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 31.500767] [ 31.502042] Invalid free of 0x(____ptrval____) (in kfence-#116): [ 31.502616] test_invalid_addr_free+0x1e3/0x260 [ 31.503065] kunit_try_run_case+0x1b3/0x490 [ 31.503932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.504765] kthread+0x257/0x310 [ 31.505127] ret_from_fork+0x41/0x80 [ 31.505451] ret_from_fork_asm+0x1a/0x30 [ 31.505795] [ 31.506068] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.506068] [ 31.507041] allocated by task 315 on cpu 0 at 31.499770s (0.007267s ago): [ 31.507845] test_alloc+0x35f/0x10d0 [ 31.508169] test_invalid_addr_free+0xdc/0x260 [ 31.508879] kunit_try_run_case+0x1b3/0x490 [ 31.509418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.510191] kthread+0x257/0x310 [ 31.510474] ret_from_fork+0x41/0x80 [ 31.511000] ret_from_fork_asm+0x1a/0x30 [ 31.511436] [ 31.511749] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 31.512719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.513241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.514188] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 31.292227] ================================================================== [ 31.292781] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 31.292781] [ 31.293269] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 31.293939] test_double_free+0x1d5/0x260 [ 31.294355] kunit_try_run_case+0x1b3/0x490 [ 31.294649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.295264] kthread+0x257/0x310 [ 31.295718] ret_from_fork+0x41/0x80 [ 31.296100] ret_from_fork_asm+0x1a/0x30 [ 31.296458] [ 31.296619] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.296619] [ 31.297687] allocated by task 311 on cpu 1 at 31.291822s (0.005861s ago): [ 31.298171] test_alloc+0x35f/0x10d0 [ 31.298547] test_double_free+0xdc/0x260 [ 31.299024] kunit_try_run_case+0x1b3/0x490 [ 31.299643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.300177] kthread+0x257/0x310 [ 31.300536] ret_from_fork+0x41/0x80 [ 31.300859] ret_from_fork_asm+0x1a/0x30 [ 31.301387] [ 31.301624] freed by task 311 on cpu 1 at 31.291923s (0.009697s ago): [ 31.302247] test_double_free+0x1e2/0x260 [ 31.302706] kunit_try_run_case+0x1b3/0x490 [ 31.303003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.303694] kthread+0x257/0x310 [ 31.304164] ret_from_fork+0x41/0x80 [ 31.304507] ret_from_fork_asm+0x1a/0x30 [ 31.304973] [ 31.305297] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 31.306176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.306583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.307194] ================================================================== [ 31.396044] ================================================================== [ 31.396743] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 31.396743] [ 31.397641] Invalid free of 0x(____ptrval____) (in kfence-#115): [ 31.399082] test_double_free+0x113/0x260 [ 31.399559] kunit_try_run_case+0x1b3/0x490 [ 31.399974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.400653] kthread+0x257/0x310 [ 31.401131] ret_from_fork+0x41/0x80 [ 31.401578] ret_from_fork_asm+0x1a/0x30 [ 31.401909] [ 31.402165] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.402165] [ 31.403009] allocated by task 313 on cpu 0 at 31.395776s (0.007229s ago): [ 31.403729] test_alloc+0x2a7/0x10d0 [ 31.404189] test_double_free+0xdc/0x260 [ 31.404568] kunit_try_run_case+0x1b3/0x490 [ 31.405241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.405752] kthread+0x257/0x310 [ 31.406231] ret_from_fork+0x41/0x80 [ 31.406749] ret_from_fork_asm+0x1a/0x30 [ 31.407213] [ 31.407484] freed by task 313 on cpu 0 at 31.395864s (0.011616s ago): [ 31.408229] test_double_free+0xfb/0x260 [ 31.408685] kunit_try_run_case+0x1b3/0x490 [ 31.409242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.409833] kthread+0x257/0x310 [ 31.410352] ret_from_fork+0x41/0x80 [ 31.410740] ret_from_fork_asm+0x1a/0x30 [ 31.411443] [ 31.411666] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 31.412752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.413256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.413923] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 30.979980] ================================================================== [ 30.980859] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 30.980859] [ 30.981701] Use-after-free read at 0x(____ptrval____) (in kfence-#111): [ 30.982493] test_use_after_free_read+0x12a/0x270 [ 30.982978] kunit_try_run_case+0x1b3/0x490 [ 30.983628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.984149] kthread+0x257/0x310 [ 30.984474] ret_from_fork+0x41/0x80 [ 30.984856] ret_from_fork_asm+0x1a/0x30 [ 30.985528] [ 30.985785] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.985785] [ 30.986631] allocated by task 305 on cpu 1 at 30.979761s (0.006866s ago): [ 30.987516] test_alloc+0x2a7/0x10d0 [ 30.987929] test_use_after_free_read+0xdd/0x270 [ 30.988816] kunit_try_run_case+0x1b3/0x490 [ 30.989296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.989784] kthread+0x257/0x310 [ 30.990032] ret_from_fork+0x41/0x80 [ 30.990642] ret_from_fork_asm+0x1a/0x30 [ 30.991283] [ 30.991587] freed by task 305 on cpu 1 at 30.979841s (0.011741s ago): [ 30.992097] test_use_after_free_read+0xfc/0x270 [ 30.992433] kunit_try_run_case+0x1b3/0x490 [ 30.993028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.993856] kthread+0x257/0x310 [ 30.994368] ret_from_fork+0x41/0x80 [ 30.994767] ret_from_fork_asm+0x1a/0x30 [ 30.995294] [ 30.995571] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 30.996473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.997035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.997859] ================================================================== [ 30.876150] ================================================================== [ 30.876883] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 30.876883] [ 30.878804] Use-after-free read at 0x(____ptrval____) (in kfence-#110): [ 30.879726] test_use_after_free_read+0x12a/0x270 [ 30.880478] kunit_try_run_case+0x1b3/0x490 [ 30.880921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.881645] kthread+0x257/0x310 [ 30.882006] ret_from_fork+0x41/0x80 [ 30.882649] ret_from_fork_asm+0x1a/0x30 [ 30.883318] [ 30.883541] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.883541] [ 30.885024] allocated by task 303 on cpu 1 at 30.875777s (0.009243s ago): [ 30.886186] test_alloc+0x35f/0x10d0 [ 30.886641] test_use_after_free_read+0xdd/0x270 [ 30.887173] kunit_try_run_case+0x1b3/0x490 [ 30.887670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.888404] kthread+0x257/0x310 [ 30.888774] ret_from_fork+0x41/0x80 [ 30.889294] ret_from_fork_asm+0x1a/0x30 [ 30.889954] [ 30.890580] freed by task 303 on cpu 1 at 30.875882s (0.014493s ago): [ 30.891665] test_use_after_free_read+0x1e9/0x270 [ 30.892117] kunit_try_run_case+0x1b3/0x490 [ 30.892606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.893454] kthread+0x257/0x310 [ 30.893916] ret_from_fork+0x41/0x80 [ 30.894603] ret_from_fork_asm+0x1a/0x30 [ 30.895003] [ 30.895308] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 30.896218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.896695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.897537] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 30.563891] ================================================================== [ 30.564620] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 30.564620] [ 30.565549] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#107): [ 30.566260] test_out_of_bounds_write+0x10e/0x260 [ 30.566590] kunit_try_run_case+0x1b3/0x490 [ 30.567548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.568048] kthread+0x257/0x310 [ 30.568277] ret_from_fork+0x41/0x80 [ 30.568553] ret_from_fork_asm+0x1a/0x30 [ 30.569077] [ 30.569259] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.569259] [ 30.570251] allocated by task 299 on cpu 0 at 30.563724s (0.006522s ago): [ 30.570925] test_alloc+0x35f/0x10d0 [ 30.571523] test_out_of_bounds_write+0xd5/0x260 [ 30.572203] kunit_try_run_case+0x1b3/0x490 [ 30.572724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.573133] kthread+0x257/0x310 [ 30.573503] ret_from_fork+0x41/0x80 [ 30.574236] ret_from_fork_asm+0x1a/0x30 [ 30.574864] [ 30.575420] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 30.576432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.576963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.577800] ================================================================== [ 30.771841] ================================================================== [ 30.772564] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 30.772564] [ 30.773479] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#109): [ 30.774660] test_out_of_bounds_write+0x10e/0x260 [ 30.775079] kunit_try_run_case+0x1b3/0x490 [ 30.775553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.776349] kthread+0x257/0x310 [ 30.776940] ret_from_fork+0x41/0x80 [ 30.777401] ret_from_fork_asm+0x1a/0x30 [ 30.777975] [ 30.778268] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.778268] [ 30.779157] allocated by task 301 on cpu 1 at 30.771752s (0.007402s ago): [ 30.780179] test_alloc+0x2a7/0x10d0 [ 30.780550] test_out_of_bounds_write+0xd5/0x260 [ 30.781260] kunit_try_run_case+0x1b3/0x490 [ 30.781764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.782364] kthread+0x257/0x310 [ 30.782731] ret_from_fork+0x41/0x80 [ 30.783144] ret_from_fork_asm+0x1a/0x30 [ 30.783493] [ 30.783685] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 30.784808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.785081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.786148] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 29.731828] ================================================================== [ 29.732540] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 29.732540] [ 29.733361] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#99): [ 29.734082] test_out_of_bounds_read+0x127/0x4e0 [ 29.734903] kunit_try_run_case+0x1b3/0x490 [ 29.735782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.736574] kthread+0x257/0x310 [ 29.737196] ret_from_fork+0x41/0x80 [ 29.737728] ret_from_fork_asm+0x1a/0x30 [ 29.738308] [ 29.738494] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.738494] [ 29.739553] allocated by task 297 on cpu 0 at 29.731734s (0.007815s ago): [ 29.740399] test_alloc+0x2a7/0x10d0 [ 29.740765] test_out_of_bounds_read+0xee/0x4e0 [ 29.741605] kunit_try_run_case+0x1b3/0x490 [ 29.742265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.742658] kthread+0x257/0x310 [ 29.743305] ret_from_fork+0x41/0x80 [ 29.743663] ret_from_fork_asm+0x1a/0x30 [ 29.744260] [ 29.744557] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 29.745677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.746213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.747016] ================================================================== [ 29.419982] ================================================================== [ 29.420743] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 29.420743] [ 29.421578] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#96): [ 29.422167] test_out_of_bounds_read+0x217/0x4e0 [ 29.422746] kunit_try_run_case+0x1b3/0x490 [ 29.423208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.423590] kthread+0x257/0x310 [ 29.424033] ret_from_fork+0x41/0x80 [ 29.424502] ret_from_fork_asm+0x1a/0x30 [ 29.424868] [ 29.425066] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.425066] [ 29.425836] allocated by task 295 on cpu 1 at 29.419728s (0.006103s ago): [ 29.426786] test_alloc+0x35f/0x10d0 [ 29.427052] test_out_of_bounds_read+0x1e3/0x4e0 [ 29.427623] kunit_try_run_case+0x1b3/0x490 [ 29.428101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.428541] kthread+0x257/0x310 [ 29.428881] ret_from_fork+0x41/0x80 [ 29.429321] ret_from_fork_asm+0x1a/0x30 [ 29.429919] [ 29.430122] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 29.430987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.431444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.432021] ================================================================== [ 29.109377] ================================================================== [ 29.110169] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 29.110169] [ 29.110865] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#93): [ 29.111955] test_out_of_bounds_read+0x127/0x4e0 [ 29.112468] kunit_try_run_case+0x1b3/0x490 [ 29.112971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.113441] kthread+0x257/0x310 [ 29.113895] ret_from_fork+0x41/0x80 [ 29.114189] ret_from_fork_asm+0x1a/0x30 [ 29.114640] [ 29.115211] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.115211] [ 29.116621] allocated by task 295 on cpu 1 at 29.107747s (0.008753s ago): [ 29.117904] test_alloc+0x35f/0x10d0 [ 29.118466] test_out_of_bounds_read+0xee/0x4e0 [ 29.119002] kunit_try_run_case+0x1b3/0x490 [ 29.119430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.119805] kthread+0x257/0x310 [ 29.120235] ret_from_fork+0x41/0x80 [ 29.120652] ret_from_fork_asm+0x1a/0x30 [ 29.121149] [ 29.121431] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 29.122077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.122683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.123478] ================================================================== [ 30.147835] ================================================================== [ 30.148544] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 30.148544] [ 30.149220] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#103): [ 30.150040] test_out_of_bounds_read+0x217/0x4e0 [ 30.150768] kunit_try_run_case+0x1b3/0x490 [ 30.151112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.151688] kthread+0x257/0x310 [ 30.151972] ret_from_fork+0x41/0x80 [ 30.152739] ret_from_fork_asm+0x1a/0x30 [ 30.153167] [ 30.153356] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.153356] [ 30.154511] allocated by task 297 on cpu 0 at 30.147752s (0.006754s ago): [ 30.154991] test_alloc+0x2a7/0x10d0 [ 30.155612] test_out_of_bounds_read+0x1e3/0x4e0 [ 30.156132] kunit_try_run_case+0x1b3/0x490 [ 30.156520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.157106] kthread+0x257/0x310 [ 30.157520] ret_from_fork+0x41/0x80 [ 30.157834] ret_from_fork_asm+0x1a/0x30 [ 30.158130] [ 30.158457] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 30.159907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.160398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.161116] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 28.899916] ================================================================== [ 28.901069] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 28.901544] Write of size 1 at addr ffff888101b6b578 by task kunit_try_catch/293 [ 28.902353] [ 28.903082] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.903865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.904351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.905165] Call Trace: [ 28.905454] <TASK> [ 28.905748] dump_stack_lvl+0x73/0xb0 [ 28.906205] print_report+0xd1/0x640 [ 28.906637] ? __virt_addr_valid+0x1db/0x2d0 [ 28.907108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.907614] kasan_report+0x102/0x140 [ 28.908538] ? strncpy_from_user+0x1a7/0x1e0 [ 28.908947] ? strncpy_from_user+0x1a7/0x1e0 [ 28.909730] __asan_report_store1_noabort+0x1b/0x30 [ 28.910286] strncpy_from_user+0x1a7/0x1e0 [ 28.911114] copy_user_test_oob+0x761/0x10f0 [ 28.911616] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.912394] ? finish_task_switch.isra.0+0x153/0x700 [ 28.912992] ? __switch_to+0x5d9/0xf60 [ 28.913512] ? __schedule+0xc3e/0x2790 [ 28.913885] ? __pfx_read_tsc+0x10/0x10 [ 28.914482] ? ktime_get_ts64+0x84/0x230 [ 28.914907] kunit_try_run_case+0x1b3/0x490 [ 28.915871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.916521] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.916933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.917677] ? __kthread_parkme+0x82/0x160 [ 28.918117] ? preempt_count_sub+0x50/0x80 [ 28.918487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.919031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.919911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.920396] kthread+0x257/0x310 [ 28.921006] ? __pfx_kthread+0x10/0x10 [ 28.921416] ret_from_fork+0x41/0x80 [ 28.922167] ? __pfx_kthread+0x10/0x10 [ 28.922511] ret_from_fork_asm+0x1a/0x30 [ 28.923234] </TASK> [ 28.923636] [ 28.924043] Allocated by task 293: [ 28.924449] kasan_save_stack+0x3d/0x60 [ 28.925049] kasan_save_track+0x18/0x40 [ 28.925616] kasan_save_alloc_info+0x3b/0x50 [ 28.926015] __kasan_kmalloc+0xb7/0xc0 [ 28.926656] __kmalloc_noprof+0x1c4/0x500 [ 28.927022] kunit_kmalloc_array+0x25/0x60 [ 28.927608] copy_user_test_oob+0xac/0x10f0 [ 28.927960] kunit_try_run_case+0x1b3/0x490 [ 28.928624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.929157] kthread+0x257/0x310 [ 28.929422] ret_from_fork+0x41/0x80 [ 28.929697] ret_from_fork_asm+0x1a/0x30 [ 28.930152] [ 28.930718] The buggy address belongs to the object at ffff888101b6b500 [ 28.930718] which belongs to the cache kmalloc-128 of size 128 [ 28.932263] The buggy address is located 0 bytes to the right of [ 28.932263] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.933640] [ 28.933884] The buggy address belongs to the physical page: [ 28.934257] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.935484] flags: 0x200000000000000(node=0|zone=2) [ 28.935968] page_type: f5(slab) [ 28.936476] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.937324] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.937923] page dumped because: kasan: bad access detected [ 28.938520] [ 28.938759] Memory state around the buggy address: [ 28.939241] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.939942] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.940674] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.941299] ^ [ 28.941993] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.942716] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.943624] ================================================================== [ 28.853607] ================================================================== [ 28.854205] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 28.855133] Write of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.855920] [ 28.856293] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.857450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.858109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.859010] Call Trace: [ 28.859388] <TASK> [ 28.859799] dump_stack_lvl+0x73/0xb0 [ 28.860433] print_report+0xd1/0x640 [ 28.860934] ? __virt_addr_valid+0x1db/0x2d0 [ 28.861651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.862296] kasan_report+0x102/0x140 [ 28.862776] ? strncpy_from_user+0x2e/0x1e0 [ 28.863421] ? strncpy_from_user+0x2e/0x1e0 [ 28.863969] kasan_check_range+0x10c/0x1c0 [ 28.864567] __kasan_check_write+0x18/0x20 [ 28.865015] strncpy_from_user+0x2e/0x1e0 [ 28.865503] ? __kasan_check_read+0x15/0x20 [ 28.866213] copy_user_test_oob+0x761/0x10f0 [ 28.866847] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.867540] ? finish_task_switch.isra.0+0x153/0x700 [ 28.868127] ? __switch_to+0x5d9/0xf60 [ 28.868628] ? __schedule+0xc3e/0x2790 [ 28.869316] ? __pfx_read_tsc+0x10/0x10 [ 28.869865] ? ktime_get_ts64+0x84/0x230 [ 28.870361] kunit_try_run_case+0x1b3/0x490 [ 28.870951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.871458] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.872089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.872768] ? __kthread_parkme+0x82/0x160 [ 28.873576] ? preempt_count_sub+0x50/0x80 [ 28.873923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.874363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.875087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.875706] kthread+0x257/0x310 [ 28.876104] ? __pfx_kthread+0x10/0x10 [ 28.876541] ret_from_fork+0x41/0x80 [ 28.876934] ? __pfx_kthread+0x10/0x10 [ 28.877995] ret_from_fork_asm+0x1a/0x30 [ 28.878672] </TASK> [ 28.879094] [ 28.879500] Allocated by task 293: [ 28.879786] kasan_save_stack+0x3d/0x60 [ 28.880374] kasan_save_track+0x18/0x40 [ 28.880804] kasan_save_alloc_info+0x3b/0x50 [ 28.881227] __kasan_kmalloc+0xb7/0xc0 [ 28.881933] __kmalloc_noprof+0x1c4/0x500 [ 28.882519] kunit_kmalloc_array+0x25/0x60 [ 28.883465] copy_user_test_oob+0xac/0x10f0 [ 28.883740] kunit_try_run_case+0x1b3/0x490 [ 28.884404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.884820] kthread+0x257/0x310 [ 28.885289] ret_from_fork+0x41/0x80 [ 28.885780] ret_from_fork_asm+0x1a/0x30 [ 28.886307] [ 28.886608] The buggy address belongs to the object at ffff888101b6b500 [ 28.886608] which belongs to the cache kmalloc-128 of size 128 [ 28.887570] The buggy address is located 0 bytes inside of [ 28.887570] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.888713] [ 28.888870] The buggy address belongs to the physical page: [ 28.889418] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.890408] flags: 0x200000000000000(node=0|zone=2) [ 28.890781] page_type: f5(slab) [ 28.891311] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.892028] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.892849] page dumped because: kasan: bad access detected [ 28.893444] [ 28.893655] Memory state around the buggy address: [ 28.894236] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.894887] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.895664] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.896351] ^ [ 28.897000] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.897686] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.898387] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 28.808412] ================================================================== [ 28.809418] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 28.810965] Read of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.811756] [ 28.812019] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.812860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.813358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.814415] Call Trace: [ 28.814627] <TASK> [ 28.815018] dump_stack_lvl+0x73/0xb0 [ 28.815557] print_report+0xd1/0x640 [ 28.815889] ? __virt_addr_valid+0x1db/0x2d0 [ 28.816601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.817115] kasan_report+0x102/0x140 [ 28.817668] ? copy_user_test_oob+0x605/0x10f0 [ 28.818262] ? copy_user_test_oob+0x605/0x10f0 [ 28.818820] kasan_check_range+0x10c/0x1c0 [ 28.819304] __kasan_check_read+0x15/0x20 [ 28.819824] copy_user_test_oob+0x605/0x10f0 [ 28.820279] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.820907] ? finish_task_switch.isra.0+0x153/0x700 [ 28.821542] ? __switch_to+0x5d9/0xf60 [ 28.822051] ? __schedule+0xc3e/0x2790 [ 28.822470] ? __pfx_read_tsc+0x10/0x10 [ 28.822895] ? ktime_get_ts64+0x84/0x230 [ 28.823511] kunit_try_run_case+0x1b3/0x490 [ 28.823925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.824484] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.825133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.825549] ? __kthread_parkme+0x82/0x160 [ 28.826134] ? preempt_count_sub+0x50/0x80 [ 28.826558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.827038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.827790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.828403] kthread+0x257/0x310 [ 28.828796] ? __pfx_kthread+0x10/0x10 [ 28.829358] ret_from_fork+0x41/0x80 [ 28.829720] ? __pfx_kthread+0x10/0x10 [ 28.830242] ret_from_fork_asm+0x1a/0x30 [ 28.830677] </TASK> [ 28.831050] [ 28.831324] Allocated by task 293: [ 28.831729] kasan_save_stack+0x3d/0x60 [ 28.832179] kasan_save_track+0x18/0x40 [ 28.832598] kasan_save_alloc_info+0x3b/0x50 [ 28.833123] __kasan_kmalloc+0xb7/0xc0 [ 28.833587] __kmalloc_noprof+0x1c4/0x500 [ 28.834179] kunit_kmalloc_array+0x25/0x60 [ 28.834683] copy_user_test_oob+0xac/0x10f0 [ 28.835250] kunit_try_run_case+0x1b3/0x490 [ 28.835662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.836378] kthread+0x257/0x310 [ 28.836839] ret_from_fork+0x41/0x80 [ 28.837174] ret_from_fork_asm+0x1a/0x30 [ 28.837752] [ 28.838003] The buggy address belongs to the object at ffff888101b6b500 [ 28.838003] which belongs to the cache kmalloc-128 of size 128 [ 28.838903] The buggy address is located 0 bytes inside of [ 28.838903] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.840867] [ 28.841024] The buggy address belongs to the physical page: [ 28.841926] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.843085] flags: 0x200000000000000(node=0|zone=2) [ 28.843727] page_type: f5(slab) [ 28.844443] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.845493] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.846429] page dumped because: kasan: bad access detected [ 28.846892] [ 28.847126] Memory state around the buggy address: [ 28.848085] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.848795] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.849690] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.850358] ^ [ 28.850942] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.851640] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.852215] ================================================================== [ 28.762684] ================================================================== [ 28.764350] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 28.765063] Write of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.765964] [ 28.766216] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.767294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.767923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.769115] Call Trace: [ 28.769653] <TASK> [ 28.769958] dump_stack_lvl+0x73/0xb0 [ 28.770837] print_report+0xd1/0x640 [ 28.771544] ? __virt_addr_valid+0x1db/0x2d0 [ 28.772038] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.772599] kasan_report+0x102/0x140 [ 28.772994] ? copy_user_test_oob+0x558/0x10f0 [ 28.773970] ? copy_user_test_oob+0x558/0x10f0 [ 28.774776] kasan_check_range+0x10c/0x1c0 [ 28.775114] __kasan_check_write+0x18/0x20 [ 28.775752] copy_user_test_oob+0x558/0x10f0 [ 28.776257] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.776860] ? finish_task_switch.isra.0+0x153/0x700 [ 28.777472] ? __switch_to+0x5d9/0xf60 [ 28.777974] ? __schedule+0xc3e/0x2790 [ 28.778739] ? __pfx_read_tsc+0x10/0x10 [ 28.779590] ? ktime_get_ts64+0x84/0x230 [ 28.779995] kunit_try_run_case+0x1b3/0x490 [ 28.780506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.780878] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.781394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.781795] ? __kthread_parkme+0x82/0x160 [ 28.782321] ? preempt_count_sub+0x50/0x80 [ 28.782671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.783282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.783942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.784461] kthread+0x257/0x310 [ 28.784824] ? __pfx_kthread+0x10/0x10 [ 28.785414] ret_from_fork+0x41/0x80 [ 28.786055] ? __pfx_kthread+0x10/0x10 [ 28.786819] ret_from_fork_asm+0x1a/0x30 [ 28.787385] </TASK> [ 28.787746] [ 28.787896] Allocated by task 293: [ 28.788382] kasan_save_stack+0x3d/0x60 [ 28.789042] kasan_save_track+0x18/0x40 [ 28.789320] kasan_save_alloc_info+0x3b/0x50 [ 28.790221] __kasan_kmalloc+0xb7/0xc0 [ 28.790811] __kmalloc_noprof+0x1c4/0x500 [ 28.791495] kunit_kmalloc_array+0x25/0x60 [ 28.791880] copy_user_test_oob+0xac/0x10f0 [ 28.792319] kunit_try_run_case+0x1b3/0x490 [ 28.792709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.793253] kthread+0x257/0x310 [ 28.793731] ret_from_fork+0x41/0x80 [ 28.794232] ret_from_fork_asm+0x1a/0x30 [ 28.794699] [ 28.794899] The buggy address belongs to the object at ffff888101b6b500 [ 28.794899] which belongs to the cache kmalloc-128 of size 128 [ 28.796105] The buggy address is located 0 bytes inside of [ 28.796105] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.797280] [ 28.797574] The buggy address belongs to the physical page: [ 28.798194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.798963] flags: 0x200000000000000(node=0|zone=2) [ 28.799466] page_type: f5(slab) [ 28.799870] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.800654] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.801431] page dumped because: kasan: bad access detected [ 28.801923] [ 28.802212] Memory state around the buggy address: [ 28.802703] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.803454] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.804207] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.804857] ^ [ 28.805594] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.806373] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.807008] ================================================================== [ 28.675158] ================================================================== [ 28.675888] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 28.676641] Write of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.677310] [ 28.677517] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.678212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.678743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.679550] Call Trace: [ 28.679781] <TASK> [ 28.679984] dump_stack_lvl+0x73/0xb0 [ 28.680808] print_report+0xd1/0x640 [ 28.681086] ? __virt_addr_valid+0x1db/0x2d0 [ 28.681611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.682172] kasan_report+0x102/0x140 [ 28.682606] ? copy_user_test_oob+0x3fe/0x10f0 [ 28.683002] ? copy_user_test_oob+0x3fe/0x10f0 [ 28.683593] kasan_check_range+0x10c/0x1c0 [ 28.684102] __kasan_check_write+0x18/0x20 [ 28.684437] copy_user_test_oob+0x3fe/0x10f0 [ 28.684960] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.685613] ? finish_task_switch.isra.0+0x153/0x700 [ 28.685951] ? __switch_to+0x5d9/0xf60 [ 28.686680] ? __schedule+0xc3e/0x2790 [ 28.687050] ? __pfx_read_tsc+0x10/0x10 [ 28.687444] ? ktime_get_ts64+0x84/0x230 [ 28.687866] kunit_try_run_case+0x1b3/0x490 [ 28.688227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.688595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.689273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.689776] ? __kthread_parkme+0x82/0x160 [ 28.690110] ? preempt_count_sub+0x50/0x80 [ 28.690624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.691190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.691734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.692204] kthread+0x257/0x310 [ 28.692723] ? __pfx_kthread+0x10/0x10 [ 28.693012] ret_from_fork+0x41/0x80 [ 28.693287] ? __pfx_kthread+0x10/0x10 [ 28.693790] ret_from_fork_asm+0x1a/0x30 [ 28.694413] </TASK> [ 28.694728] [ 28.694960] Allocated by task 293: [ 28.695255] kasan_save_stack+0x3d/0x60 [ 28.695580] kasan_save_track+0x18/0x40 [ 28.696069] kasan_save_alloc_info+0x3b/0x50 [ 28.696493] __kasan_kmalloc+0xb7/0xc0 [ 28.696784] __kmalloc_noprof+0x1c4/0x500 [ 28.697069] kunit_kmalloc_array+0x25/0x60 [ 28.697785] copy_user_test_oob+0xac/0x10f0 [ 28.698281] kunit_try_run_case+0x1b3/0x490 [ 28.700044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.700448] kthread+0x257/0x310 [ 28.700688] ret_from_fork+0x41/0x80 [ 28.700942] ret_from_fork_asm+0x1a/0x30 [ 28.701397] [ 28.701714] The buggy address belongs to the object at ffff888101b6b500 [ 28.701714] which belongs to the cache kmalloc-128 of size 128 [ 28.703645] The buggy address is located 0 bytes inside of [ 28.703645] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.705000] [ 28.705252] The buggy address belongs to the physical page: [ 28.705761] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.706548] flags: 0x200000000000000(node=0|zone=2) [ 28.706998] page_type: f5(slab) [ 28.707291] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.707868] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.708738] page dumped because: kasan: bad access detected [ 28.709767] [ 28.710086] Memory state around the buggy address: [ 28.710820] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.711851] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.712769] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.713531] ^ [ 28.714037] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.714386] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.714909] ================================================================== [ 28.716035] ================================================================== [ 28.717245] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 28.717872] Read of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.719100] [ 28.719502] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.720416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.721011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.721837] Call Trace: [ 28.722391] <TASK> [ 28.722680] dump_stack_lvl+0x73/0xb0 [ 28.723139] print_report+0xd1/0x640 [ 28.723682] ? __virt_addr_valid+0x1db/0x2d0 [ 28.724184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.724942] kasan_report+0x102/0x140 [ 28.725470] ? copy_user_test_oob+0x4ab/0x10f0 [ 28.726020] ? copy_user_test_oob+0x4ab/0x10f0 [ 28.726734] kasan_check_range+0x10c/0x1c0 [ 28.727354] __kasan_check_read+0x15/0x20 [ 28.727823] copy_user_test_oob+0x4ab/0x10f0 [ 28.728374] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.728817] ? finish_task_switch.isra.0+0x153/0x700 [ 28.729327] ? __switch_to+0x5d9/0xf60 [ 28.729705] ? __schedule+0xc3e/0x2790 [ 28.730235] ? __pfx_read_tsc+0x10/0x10 [ 28.730664] ? ktime_get_ts64+0x84/0x230 [ 28.731166] kunit_try_run_case+0x1b3/0x490 [ 28.731590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.732295] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.732755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.733295] ? __kthread_parkme+0x82/0x160 [ 28.733904] ? preempt_count_sub+0x50/0x80 [ 28.734394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.734963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.735687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.736326] kthread+0x257/0x310 [ 28.736715] ? __pfx_kthread+0x10/0x10 [ 28.737220] ret_from_fork+0x41/0x80 [ 28.737733] ? __pfx_kthread+0x10/0x10 [ 28.738282] ret_from_fork_asm+0x1a/0x30 [ 28.738788] </TASK> [ 28.739103] [ 28.739395] Allocated by task 293: [ 28.739673] kasan_save_stack+0x3d/0x60 [ 28.740265] kasan_save_track+0x18/0x40 [ 28.740601] kasan_save_alloc_info+0x3b/0x50 [ 28.741180] __kasan_kmalloc+0xb7/0xc0 [ 28.741506] __kmalloc_noprof+0x1c4/0x500 [ 28.741950] kunit_kmalloc_array+0x25/0x60 [ 28.742451] copy_user_test_oob+0xac/0x10f0 [ 28.742852] kunit_try_run_case+0x1b3/0x490 [ 28.743287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.743943] kthread+0x257/0x310 [ 28.744251] ret_from_fork+0x41/0x80 [ 28.744548] ret_from_fork_asm+0x1a/0x30 [ 28.745031] [ 28.745359] The buggy address belongs to the object at ffff888101b6b500 [ 28.745359] which belongs to the cache kmalloc-128 of size 128 [ 28.747193] The buggy address is located 0 bytes inside of [ 28.747193] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.748875] [ 28.749081] The buggy address belongs to the physical page: [ 28.750049] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.750963] flags: 0x200000000000000(node=0|zone=2) [ 28.751720] page_type: f5(slab) [ 28.752154] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.753020] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.753932] page dumped because: kasan: bad access detected [ 28.754628] [ 28.754801] Memory state around the buggy address: [ 28.755926] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.756600] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.757620] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.758390] ^ [ 28.759007] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.760087] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.760758] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 28.628515] ================================================================== [ 28.629158] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 28.629760] Read of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.630458] [ 28.630768] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.631727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.632037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.633048] Call Trace: [ 28.633489] <TASK> [ 28.633885] dump_stack_lvl+0x73/0xb0 [ 28.634476] print_report+0xd1/0x640 [ 28.634793] ? __virt_addr_valid+0x1db/0x2d0 [ 28.635397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.635775] kasan_report+0x102/0x140 [ 28.636306] ? _copy_to_user+0x4a/0x70 [ 28.636922] ? _copy_to_user+0x4a/0x70 [ 28.637808] kasan_check_range+0x10c/0x1c0 [ 28.638181] __kasan_check_read+0x15/0x20 [ 28.638590] _copy_to_user+0x4a/0x70 [ 28.638957] copy_user_test_oob+0x365/0x10f0 [ 28.639991] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.640730] ? finish_task_switch.isra.0+0x153/0x700 [ 28.641436] ? __switch_to+0x5d9/0xf60 [ 28.641815] ? __schedule+0xc3e/0x2790 [ 28.642300] ? __pfx_read_tsc+0x10/0x10 [ 28.642771] ? ktime_get_ts64+0x84/0x230 [ 28.643150] kunit_try_run_case+0x1b3/0x490 [ 28.643653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.644008] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.644585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.645034] ? __kthread_parkme+0x82/0x160 [ 28.645518] ? preempt_count_sub+0x50/0x80 [ 28.645904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.646494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.646928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.647566] kthread+0x257/0x310 [ 28.647829] ? __pfx_kthread+0x10/0x10 [ 28.648356] ret_from_fork+0x41/0x80 [ 28.648819] ? __pfx_kthread+0x10/0x10 [ 28.649234] ret_from_fork_asm+0x1a/0x30 [ 28.649620] </TASK> [ 28.649875] [ 28.650176] Allocated by task 293: [ 28.650675] kasan_save_stack+0x3d/0x60 [ 28.651057] kasan_save_track+0x18/0x40 [ 28.651449] kasan_save_alloc_info+0x3b/0x50 [ 28.651970] __kasan_kmalloc+0xb7/0xc0 [ 28.652314] __kmalloc_noprof+0x1c4/0x500 [ 28.652813] kunit_kmalloc_array+0x25/0x60 [ 28.653246] copy_user_test_oob+0xac/0x10f0 [ 28.653693] kunit_try_run_case+0x1b3/0x490 [ 28.654196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.654580] kthread+0x257/0x310 [ 28.654970] ret_from_fork+0x41/0x80 [ 28.655504] ret_from_fork_asm+0x1a/0x30 [ 28.655812] [ 28.655969] The buggy address belongs to the object at ffff888101b6b500 [ 28.655969] which belongs to the cache kmalloc-128 of size 128 [ 28.657206] The buggy address is located 0 bytes inside of [ 28.657206] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.658459] [ 28.658647] The buggy address belongs to the physical page: [ 28.659017] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.659866] flags: 0x200000000000000(node=0|zone=2) [ 28.660311] page_type: f5(slab) [ 28.660635] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.661254] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.661975] page dumped because: kasan: bad access detected [ 28.662506] [ 28.662657] Memory state around the buggy address: [ 28.663249] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.663935] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.664655] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.665225] ^ [ 28.665877] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.666509] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.666964] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 28.578119] ================================================================== [ 28.579283] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 28.580032] Write of size 121 at addr ffff888101b6b500 by task kunit_try_catch/293 [ 28.581110] [ 28.581347] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.582223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.582597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.583187] Call Trace: [ 28.583780] <TASK> [ 28.584355] dump_stack_lvl+0x73/0xb0 [ 28.584747] print_report+0xd1/0x640 [ 28.585160] ? __virt_addr_valid+0x1db/0x2d0 [ 28.585527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.586159] kasan_report+0x102/0x140 [ 28.586487] ? _copy_from_user+0x33/0xa0 [ 28.586966] ? _copy_from_user+0x33/0xa0 [ 28.587491] kasan_check_range+0x10c/0x1c0 [ 28.587904] __kasan_check_write+0x18/0x20 [ 28.588396] _copy_from_user+0x33/0xa0 [ 28.588847] copy_user_test_oob+0x2bf/0x10f0 [ 28.589454] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.589840] ? finish_task_switch.isra.0+0x153/0x700 [ 28.590406] ? __switch_to+0x5d9/0xf60 [ 28.590901] ? __schedule+0xc3e/0x2790 [ 28.591319] ? __pfx_read_tsc+0x10/0x10 [ 28.591635] ? ktime_get_ts64+0x84/0x230 [ 28.592188] kunit_try_run_case+0x1b3/0x490 [ 28.592703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.593176] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.593767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.594712] ? __kthread_parkme+0x82/0x160 [ 28.595188] ? preempt_count_sub+0x50/0x80 [ 28.595838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.596484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.597295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.597937] kthread+0x257/0x310 [ 28.598830] ? __pfx_kthread+0x10/0x10 [ 28.599203] ret_from_fork+0x41/0x80 [ 28.599912] ? __pfx_kthread+0x10/0x10 [ 28.600715] ret_from_fork_asm+0x1a/0x30 [ 28.601199] </TASK> [ 28.601472] [ 28.601703] Allocated by task 293: [ 28.602083] kasan_save_stack+0x3d/0x60 [ 28.602499] kasan_save_track+0x18/0x40 [ 28.602783] kasan_save_alloc_info+0x3b/0x50 [ 28.603371] __kasan_kmalloc+0xb7/0xc0 [ 28.604049] __kmalloc_noprof+0x1c4/0x500 [ 28.604551] kunit_kmalloc_array+0x25/0x60 [ 28.605192] copy_user_test_oob+0xac/0x10f0 [ 28.605748] kunit_try_run_case+0x1b3/0x490 [ 28.606409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.607189] kthread+0x257/0x310 [ 28.607654] ret_from_fork+0x41/0x80 [ 28.608225] ret_from_fork_asm+0x1a/0x30 [ 28.608904] [ 28.609196] The buggy address belongs to the object at ffff888101b6b500 [ 28.609196] which belongs to the cache kmalloc-128 of size 128 [ 28.610404] The buggy address is located 0 bytes inside of [ 28.610404] allocated 120-byte region [ffff888101b6b500, ffff888101b6b578) [ 28.611598] [ 28.611890] The buggy address belongs to the physical page: [ 28.612467] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.613392] flags: 0x200000000000000(node=0|zone=2) [ 28.614073] page_type: f5(slab) [ 28.614403] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.615388] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.616179] page dumped because: kasan: bad access detected [ 28.616838] [ 28.617041] Memory state around the buggy address: [ 28.617981] ffff888101b6b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.618736] ffff888101b6b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.619485] >ffff888101b6b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.620076] ^ [ 28.620675] ffff888101b6b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.621182] ffff888101b6b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.622011] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 28.511018] ================================================================== [ 28.511654] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 28.512313] Write of size 8 at addr ffff888101b6b278 by task kunit_try_catch/289 [ 28.513233] [ 28.513661] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.514819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.515234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.516145] Call Trace: [ 28.516419] <TASK> [ 28.516681] dump_stack_lvl+0x73/0xb0 [ 28.517062] print_report+0xd1/0x640 [ 28.517426] ? __virt_addr_valid+0x1db/0x2d0 [ 28.517939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.518774] kasan_report+0x102/0x140 [ 28.519474] ? copy_to_kernel_nofault+0x99/0x260 [ 28.520135] ? copy_to_kernel_nofault+0x99/0x260 [ 28.521654] kasan_check_range+0x10c/0x1c0 [ 28.522176] __kasan_check_write+0x18/0x20 [ 28.522633] copy_to_kernel_nofault+0x99/0x260 [ 28.523113] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 28.523789] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 28.524485] ? finish_task_switch.isra.0+0x153/0x700 [ 28.525041] ? __schedule+0xc3e/0x2790 [ 28.525365] ? trace_hardirqs_on+0x37/0xe0 [ 28.525928] ? __pfx_read_tsc+0x10/0x10 [ 28.526323] ? ktime_get_ts64+0x84/0x230 [ 28.526845] kunit_try_run_case+0x1b3/0x490 [ 28.527389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.527986] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.528487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.528938] ? __kthread_parkme+0x82/0x160 [ 28.529612] ? preempt_count_sub+0x50/0x80 [ 28.529919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.530619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.531192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.531764] kthread+0x257/0x310 [ 28.532068] ? __pfx_kthread+0x10/0x10 [ 28.532372] ret_from_fork+0x41/0x80 [ 28.532947] ? __pfx_kthread+0x10/0x10 [ 28.533812] ret_from_fork_asm+0x1a/0x30 [ 28.534207] </TASK> [ 28.534467] [ 28.534951] Allocated by task 289: [ 28.535595] kasan_save_stack+0x3d/0x60 [ 28.536779] kasan_save_track+0x18/0x40 [ 28.537089] kasan_save_alloc_info+0x3b/0x50 [ 28.537736] __kasan_kmalloc+0xb7/0xc0 [ 28.538416] __kmalloc_cache_noprof+0x184/0x410 [ 28.538987] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 28.539606] kunit_try_run_case+0x1b3/0x490 [ 28.540267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.540688] kthread+0x257/0x310 [ 28.541112] ret_from_fork+0x41/0x80 [ 28.541794] ret_from_fork_asm+0x1a/0x30 [ 28.542165] [ 28.542667] The buggy address belongs to the object at ffff888101b6b200 [ 28.542667] which belongs to the cache kmalloc-128 of size 128 [ 28.544467] The buggy address is located 0 bytes to the right of [ 28.544467] allocated 120-byte region [ffff888101b6b200, ffff888101b6b278) [ 28.545441] [ 28.545758] The buggy address belongs to the physical page: [ 28.546269] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.546953] flags: 0x200000000000000(node=0|zone=2) [ 28.547476] page_type: f5(slab) [ 28.547885] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.548557] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.549259] page dumped because: kasan: bad access detected [ 28.550262] [ 28.550575] Memory state around the buggy address: [ 28.550906] ffff888101b6b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.551715] ffff888101b6b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.552364] >ffff888101b6b200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.552970] ^ [ 28.553619] ffff888101b6b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.554198] ffff888101b6b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.554846] ================================================================== [ 28.465946] ================================================================== [ 28.467182] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 28.467934] Read of size 8 at addr ffff888101b6b278 by task kunit_try_catch/289 [ 28.468605] [ 28.468814] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.469959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.470527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.471420] Call Trace: [ 28.471625] <TASK> [ 28.471992] dump_stack_lvl+0x73/0xb0 [ 28.473143] print_report+0xd1/0x640 [ 28.473862] ? __virt_addr_valid+0x1db/0x2d0 [ 28.474376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.474988] kasan_report+0x102/0x140 [ 28.475561] ? copy_to_kernel_nofault+0x225/0x260 [ 28.476243] ? copy_to_kernel_nofault+0x225/0x260 [ 28.476609] __asan_report_load8_noabort+0x18/0x20 [ 28.477251] copy_to_kernel_nofault+0x225/0x260 [ 28.477662] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 28.478364] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 28.478975] ? finish_task_switch.isra.0+0x153/0x700 [ 28.479634] ? __schedule+0xc3e/0x2790 [ 28.480197] ? trace_hardirqs_on+0x37/0xe0 [ 28.480831] ? __pfx_read_tsc+0x10/0x10 [ 28.481253] ? ktime_get_ts64+0x84/0x230 [ 28.481696] kunit_try_run_case+0x1b3/0x490 [ 28.482227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.482821] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.483512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.483970] ? __kthread_parkme+0x82/0x160 [ 28.484590] ? preempt_count_sub+0x50/0x80 [ 28.485050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.485529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.486326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.486874] kthread+0x257/0x310 [ 28.487414] ? __pfx_kthread+0x10/0x10 [ 28.487928] ret_from_fork+0x41/0x80 [ 28.488407] ? __pfx_kthread+0x10/0x10 [ 28.488865] ret_from_fork_asm+0x1a/0x30 [ 28.489416] </TASK> [ 28.489795] [ 28.489951] Allocated by task 289: [ 28.490484] kasan_save_stack+0x3d/0x60 [ 28.490799] kasan_save_track+0x18/0x40 [ 28.491416] kasan_save_alloc_info+0x3b/0x50 [ 28.491878] __kasan_kmalloc+0xb7/0xc0 [ 28.492457] __kmalloc_cache_noprof+0x184/0x410 [ 28.492959] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 28.493476] kunit_try_run_case+0x1b3/0x490 [ 28.494042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.494621] kthread+0x257/0x310 [ 28.495143] ret_from_fork+0x41/0x80 [ 28.495480] ret_from_fork_asm+0x1a/0x30 [ 28.496002] [ 28.496191] The buggy address belongs to the object at ffff888101b6b200 [ 28.496191] which belongs to the cache kmalloc-128 of size 128 [ 28.497265] The buggy address is located 0 bytes to the right of [ 28.497265] allocated 120-byte region [ffff888101b6b200, ffff888101b6b278) [ 28.498496] [ 28.498759] The buggy address belongs to the physical page: [ 28.499314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6b [ 28.500168] flags: 0x200000000000000(node=0|zone=2) [ 28.500726] page_type: f5(slab) [ 28.501167] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.501977] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 28.502823] page dumped because: kasan: bad access detected [ 28.503296] [ 28.503570] Memory state around the buggy address: [ 28.504219] ffff888101b6b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.504736] ffff888101b6b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.505495] >ffff888101b6b200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.506201] ^ [ 28.506858] ffff888101b6b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.507628] ffff888101b6b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.508363] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 27.633859] ================================================================== [ 27.634954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 27.636134] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.637737] [ 27.637932] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.638917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.639360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.640482] Call Trace: [ 27.640775] <TASK> [ 27.641037] dump_stack_lvl+0x73/0xb0 [ 27.641831] print_report+0xd1/0x640 [ 27.642274] ? __virt_addr_valid+0x1db/0x2d0 [ 27.642789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.643274] kasan_report+0x102/0x140 [ 27.643771] ? kasan_atomics_helper+0x19e4/0x5450 [ 27.644397] ? kasan_atomics_helper+0x19e4/0x5450 [ 27.644820] kasan_check_range+0x10c/0x1c0 [ 27.645468] __kasan_check_write+0x18/0x20 [ 27.646032] kasan_atomics_helper+0x19e4/0x5450 [ 27.646605] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.647140] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.647770] ? kasan_atomics+0x153/0x310 [ 27.648265] kasan_atomics+0x1dd/0x310 [ 27.648800] ? __pfx_kasan_atomics+0x10/0x10 [ 27.649438] ? __pfx_read_tsc+0x10/0x10 [ 27.649864] ? ktime_get_ts64+0x84/0x230 [ 27.650430] kunit_try_run_case+0x1b3/0x490 [ 27.650866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.651491] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.652125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.652658] ? __kthread_parkme+0x82/0x160 [ 27.653168] ? preempt_count_sub+0x50/0x80 [ 27.653682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.654291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.654810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.655566] kthread+0x257/0x310 [ 27.656226] ? __pfx_kthread+0x10/0x10 [ 27.656906] ret_from_fork+0x41/0x80 [ 27.657485] ? __pfx_kthread+0x10/0x10 [ 27.657883] ret_from_fork_asm+0x1a/0x30 [ 27.658373] </TASK> [ 27.658627] [ 27.658888] Allocated by task 273: [ 27.659301] kasan_save_stack+0x3d/0x60 [ 27.659821] kasan_save_track+0x18/0x40 [ 27.660378] kasan_save_alloc_info+0x3b/0x50 [ 27.660940] __kasan_kmalloc+0xb7/0xc0 [ 27.661327] __kmalloc_cache_noprof+0x184/0x410 [ 27.661903] kasan_atomics+0x96/0x310 [ 27.662323] kunit_try_run_case+0x1b3/0x490 [ 27.662859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.663490] kthread+0x257/0x310 [ 27.663833] ret_from_fork+0x41/0x80 [ 27.664320] ret_from_fork_asm+0x1a/0x30 [ 27.664875] [ 27.665197] The buggy address belongs to the object at ffff888102a32500 [ 27.665197] which belongs to the cache kmalloc-64 of size 64 [ 27.666423] The buggy address is located 0 bytes to the right of [ 27.666423] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.667419] [ 27.667578] The buggy address belongs to the physical page: [ 27.668248] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.669124] flags: 0x200000000000000(node=0|zone=2) [ 27.669540] page_type: f5(slab) [ 27.669817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.670854] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.671527] page dumped because: kasan: bad access detected [ 27.672006] [ 27.672377] Memory state around the buggy address: [ 27.672891] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.673497] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.674397] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.675046] ^ [ 27.675586] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.676182] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.676786] ================================================================== [ 26.392478] ================================================================== [ 26.393479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 26.394097] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.394673] [ 26.394901] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.396143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.396676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.397534] Call Trace: [ 26.397821] <TASK> [ 26.398150] dump_stack_lvl+0x73/0xb0 [ 26.398746] print_report+0xd1/0x640 [ 26.399119] ? __virt_addr_valid+0x1db/0x2d0 [ 26.399740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.400245] kasan_report+0x102/0x140 [ 26.400785] ? kasan_atomics_helper+0xc71/0x5450 [ 26.401459] ? kasan_atomics_helper+0xc71/0x5450 [ 26.402002] kasan_check_range+0x10c/0x1c0 [ 26.402603] __kasan_check_write+0x18/0x20 [ 26.403148] kasan_atomics_helper+0xc71/0x5450 [ 26.403592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.404271] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.404690] ? kasan_atomics+0x153/0x310 [ 26.405285] kasan_atomics+0x1dd/0x310 [ 26.405642] ? __pfx_kasan_atomics+0x10/0x10 [ 26.406310] ? __pfx_read_tsc+0x10/0x10 [ 26.406847] ? ktime_get_ts64+0x84/0x230 [ 26.407210] kunit_try_run_case+0x1b3/0x490 [ 26.407817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.408380] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.408789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.409431] ? __kthread_parkme+0x82/0x160 [ 26.409999] ? preempt_count_sub+0x50/0x80 [ 26.410547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.410913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.411598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.412195] kthread+0x257/0x310 [ 26.412499] ? __pfx_kthread+0x10/0x10 [ 26.412968] ret_from_fork+0x41/0x80 [ 26.413321] ? __pfx_kthread+0x10/0x10 [ 26.413889] ret_from_fork_asm+0x1a/0x30 [ 26.414501] </TASK> [ 26.414761] [ 26.415038] Allocated by task 273: [ 26.415422] kasan_save_stack+0x3d/0x60 [ 26.415928] kasan_save_track+0x18/0x40 [ 26.416388] kasan_save_alloc_info+0x3b/0x50 [ 26.416753] __kasan_kmalloc+0xb7/0xc0 [ 26.417367] __kmalloc_cache_noprof+0x184/0x410 [ 26.417759] kasan_atomics+0x96/0x310 [ 26.418330] kunit_try_run_case+0x1b3/0x490 [ 26.418738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.419452] kthread+0x257/0x310 [ 26.419771] ret_from_fork+0x41/0x80 [ 26.420258] ret_from_fork_asm+0x1a/0x30 [ 26.420670] [ 26.420974] The buggy address belongs to the object at ffff888102a32500 [ 26.420974] which belongs to the cache kmalloc-64 of size 64 [ 26.422126] The buggy address is located 0 bytes to the right of [ 26.422126] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.423531] [ 26.423759] The buggy address belongs to the physical page: [ 26.424285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.425006] flags: 0x200000000000000(node=0|zone=2) [ 26.425675] page_type: f5(slab) [ 26.426130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.426888] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.427668] page dumped because: kasan: bad access detected [ 26.428274] [ 26.428499] Memory state around the buggy address: [ 26.428993] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.429754] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.430495] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.431109] ^ [ 26.431565] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.432281] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.432980] ================================================================== [ 25.609557] ================================================================== [ 25.610353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 25.610875] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.611773] [ 25.612087] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.612889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.613161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.614598] Call Trace: [ 25.614953] <TASK> [ 25.615205] dump_stack_lvl+0x73/0xb0 [ 25.615874] print_report+0xd1/0x640 [ 25.616602] ? __virt_addr_valid+0x1db/0x2d0 [ 25.616997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.617740] kasan_report+0x102/0x140 [ 25.618391] ? kasan_atomics_helper+0x4ba4/0x5450 [ 25.619011] ? kasan_atomics_helper+0x4ba4/0x5450 [ 25.619545] __asan_report_store4_noabort+0x1b/0x30 [ 25.620157] kasan_atomics_helper+0x4ba4/0x5450 [ 25.620857] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.621967] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.622866] ? kasan_atomics+0x153/0x310 [ 25.623590] kasan_atomics+0x1dd/0x310 [ 25.623987] ? __pfx_kasan_atomics+0x10/0x10 [ 25.625041] ? __pfx_read_tsc+0x10/0x10 [ 25.626031] ? ktime_get_ts64+0x84/0x230 [ 25.626622] kunit_try_run_case+0x1b3/0x490 [ 25.627028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.627467] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.627879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.629422] ? __kthread_parkme+0x82/0x160 [ 25.629856] ? preempt_count_sub+0x50/0x80 [ 25.630544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.631145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.631695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.632694] kthread+0x257/0x310 [ 25.632997] ? __pfx_kthread+0x10/0x10 [ 25.633591] ret_from_fork+0x41/0x80 [ 25.634872] ? __pfx_kthread+0x10/0x10 [ 25.635356] ret_from_fork_asm+0x1a/0x30 [ 25.635751] </TASK> [ 25.636448] [ 25.636766] Allocated by task 273: [ 25.637021] kasan_save_stack+0x3d/0x60 [ 25.638060] kasan_save_track+0x18/0x40 [ 25.638801] kasan_save_alloc_info+0x3b/0x50 [ 25.639350] __kasan_kmalloc+0xb7/0xc0 [ 25.639830] __kmalloc_cache_noprof+0x184/0x410 [ 25.640781] kasan_atomics+0x96/0x310 [ 25.641272] kunit_try_run_case+0x1b3/0x490 [ 25.641864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.643300] kthread+0x257/0x310 [ 25.643890] ret_from_fork+0x41/0x80 [ 25.644523] ret_from_fork_asm+0x1a/0x30 [ 25.645155] [ 25.645413] The buggy address belongs to the object at ffff888102a32500 [ 25.645413] which belongs to the cache kmalloc-64 of size 64 [ 25.647460] The buggy address is located 0 bytes to the right of [ 25.647460] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.648737] [ 25.649002] The buggy address belongs to the physical page: [ 25.649546] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.650457] flags: 0x200000000000000(node=0|zone=2) [ 25.651494] page_type: f5(slab) [ 25.651816] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.652567] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.653244] page dumped because: kasan: bad access detected [ 25.654798] [ 25.655101] Memory state around the buggy address: [ 25.655615] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.656483] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.657291] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.658122] ^ [ 25.659234] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.659859] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.660752] ================================================================== [ 27.318971] ================================================================== [ 27.319652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 27.320554] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.321320] [ 27.321964] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.322955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.323494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.324730] Call Trace: [ 27.325025] <TASK> [ 27.325305] dump_stack_lvl+0x73/0xb0 [ 27.325646] print_report+0xd1/0x640 [ 27.326119] ? __virt_addr_valid+0x1db/0x2d0 [ 27.326631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.326997] kasan_report+0x102/0x140 [ 27.327627] ? kasan_atomics_helper+0x15b7/0x5450 [ 27.328354] ? kasan_atomics_helper+0x15b7/0x5450 [ 27.328974] kasan_check_range+0x10c/0x1c0 [ 27.329616] __kasan_check_write+0x18/0x20 [ 27.330118] kasan_atomics_helper+0x15b7/0x5450 [ 27.330763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.331443] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.332123] ? kasan_atomics+0x153/0x310 [ 27.332541] kasan_atomics+0x1dd/0x310 [ 27.333052] ? __pfx_kasan_atomics+0x10/0x10 [ 27.333607] ? __pfx_read_tsc+0x10/0x10 [ 27.333989] ? ktime_get_ts64+0x84/0x230 [ 27.334677] kunit_try_run_case+0x1b3/0x490 [ 27.335192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.335788] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.336415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.336994] ? __kthread_parkme+0x82/0x160 [ 27.337610] ? preempt_count_sub+0x50/0x80 [ 27.337995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.338753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.339400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.340000] kthread+0x257/0x310 [ 27.340481] ? __pfx_kthread+0x10/0x10 [ 27.341023] ret_from_fork+0x41/0x80 [ 27.341545] ? __pfx_kthread+0x10/0x10 [ 27.341958] ret_from_fork_asm+0x1a/0x30 [ 27.342658] </TASK> [ 27.342957] [ 27.343323] Allocated by task 273: [ 27.343730] kasan_save_stack+0x3d/0x60 [ 27.344197] kasan_save_track+0x18/0x40 [ 27.344676] kasan_save_alloc_info+0x3b/0x50 [ 27.345028] __kasan_kmalloc+0xb7/0xc0 [ 27.345660] __kmalloc_cache_noprof+0x184/0x410 [ 27.346284] kasan_atomics+0x96/0x310 [ 27.346599] kunit_try_run_case+0x1b3/0x490 [ 27.346935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.347777] kthread+0x257/0x310 [ 27.348317] ret_from_fork+0x41/0x80 [ 27.348670] ret_from_fork_asm+0x1a/0x30 [ 27.349275] [ 27.349610] The buggy address belongs to the object at ffff888102a32500 [ 27.349610] which belongs to the cache kmalloc-64 of size 64 [ 27.350743] The buggy address is located 0 bytes to the right of [ 27.350743] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.351792] [ 27.352055] The buggy address belongs to the physical page: [ 27.352793] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.353906] flags: 0x200000000000000(node=0|zone=2) [ 27.354736] page_type: f5(slab) [ 27.355399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.356074] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.356743] page dumped because: kasan: bad access detected [ 27.357236] [ 27.358017] Memory state around the buggy address: [ 27.358606] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.358891] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.359417] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.360373] ^ [ 27.361140] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.361809] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.362543] ================================================================== [ 27.501490] ================================================================== [ 27.502402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 27.503184] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.503852] [ 27.504039] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.504802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.505348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.506313] Call Trace: [ 27.506562] <TASK> [ 27.506773] dump_stack_lvl+0x73/0xb0 [ 27.507294] print_report+0xd1/0x640 [ 27.508050] ? __virt_addr_valid+0x1db/0x2d0 [ 27.508391] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.509028] kasan_report+0x102/0x140 [ 27.509445] ? kasan_atomics_helper+0x1819/0x5450 [ 27.509973] ? kasan_atomics_helper+0x1819/0x5450 [ 27.510510] kasan_check_range+0x10c/0x1c0 [ 27.510875] __kasan_check_write+0x18/0x20 [ 27.511442] kasan_atomics_helper+0x1819/0x5450 [ 27.511805] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.512371] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.512969] ? kasan_atomics+0x153/0x310 [ 27.513470] kasan_atomics+0x1dd/0x310 [ 27.513800] ? __pfx_kasan_atomics+0x10/0x10 [ 27.514261] ? __pfx_read_tsc+0x10/0x10 [ 27.514762] ? ktime_get_ts64+0x84/0x230 [ 27.515356] kunit_try_run_case+0x1b3/0x490 [ 27.515892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.516485] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.516820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.517474] ? __kthread_parkme+0x82/0x160 [ 27.518025] ? preempt_count_sub+0x50/0x80 [ 27.518533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.518956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.519659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.520286] kthread+0x257/0x310 [ 27.520680] ? __pfx_kthread+0x10/0x10 [ 27.521036] ret_from_fork+0x41/0x80 [ 27.521379] ? __pfx_kthread+0x10/0x10 [ 27.521673] ret_from_fork_asm+0x1a/0x30 [ 27.521994] </TASK> [ 27.522243] [ 27.522465] Allocated by task 273: [ 27.522898] kasan_save_stack+0x3d/0x60 [ 27.523497] kasan_save_track+0x18/0x40 [ 27.523980] kasan_save_alloc_info+0x3b/0x50 [ 27.524561] __kasan_kmalloc+0xb7/0xc0 [ 27.525060] __kmalloc_cache_noprof+0x184/0x410 [ 27.525533] kasan_atomics+0x96/0x310 [ 27.525922] kunit_try_run_case+0x1b3/0x490 [ 27.526286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.526839] kthread+0x257/0x310 [ 27.527260] ret_from_fork+0x41/0x80 [ 27.527595] ret_from_fork_asm+0x1a/0x30 [ 27.528000] [ 27.528188] The buggy address belongs to the object at ffff888102a32500 [ 27.528188] which belongs to the cache kmalloc-64 of size 64 [ 27.529211] The buggy address is located 0 bytes to the right of [ 27.529211] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.530325] [ 27.530571] The buggy address belongs to the physical page: [ 27.531111] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.531825] flags: 0x200000000000000(node=0|zone=2) [ 27.532206] page_type: f5(slab) [ 27.532541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.533449] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.534195] page dumped because: kasan: bad access detected [ 27.534754] [ 27.534998] Memory state around the buggy address: [ 27.535481] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.536144] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.536599] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.537006] ^ [ 27.537599] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.538383] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.539008] ================================================================== [ 26.999771] ================================================================== [ 27.000939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 27.001744] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.002402] [ 27.002705] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.003730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.004266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.005127] Call Trace: [ 27.005583] <TASK> [ 27.005813] dump_stack_lvl+0x73/0xb0 [ 27.006321] print_report+0xd1/0x640 [ 27.006804] ? __virt_addr_valid+0x1db/0x2d0 [ 27.007285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.007741] kasan_report+0x102/0x140 [ 27.008309] ? kasan_atomics_helper+0x12e7/0x5450 [ 27.008939] ? kasan_atomics_helper+0x12e7/0x5450 [ 27.009381] kasan_check_range+0x10c/0x1c0 [ 27.009987] __kasan_check_write+0x18/0x20 [ 27.010404] kasan_atomics_helper+0x12e7/0x5450 [ 27.010995] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.011496] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.012110] ? kasan_atomics+0x153/0x310 [ 27.012549] kasan_atomics+0x1dd/0x310 [ 27.013051] ? __pfx_kasan_atomics+0x10/0x10 [ 27.013769] ? __pfx_read_tsc+0x10/0x10 [ 27.014246] ? ktime_get_ts64+0x84/0x230 [ 27.014702] kunit_try_run_case+0x1b3/0x490 [ 27.015311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.015745] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.016283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.016885] ? __kthread_parkme+0x82/0x160 [ 27.017322] ? preempt_count_sub+0x50/0x80 [ 27.017969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.018534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.019173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.019722] kthread+0x257/0x310 [ 27.020163] ? __pfx_kthread+0x10/0x10 [ 27.020574] ret_from_fork+0x41/0x80 [ 27.021118] ? __pfx_kthread+0x10/0x10 [ 27.021489] ret_from_fork_asm+0x1a/0x30 [ 27.022016] </TASK> [ 27.022732] [ 27.023312] Allocated by task 273: [ 27.023640] kasan_save_stack+0x3d/0x60 [ 27.024085] kasan_save_track+0x18/0x40 [ 27.024641] kasan_save_alloc_info+0x3b/0x50 [ 27.025355] __kasan_kmalloc+0xb7/0xc0 [ 27.025884] __kmalloc_cache_noprof+0x184/0x410 [ 27.026401] kasan_atomics+0x96/0x310 [ 27.026839] kunit_try_run_case+0x1b3/0x490 [ 27.027772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.028322] kthread+0x257/0x310 [ 27.028700] ret_from_fork+0x41/0x80 [ 27.029122] ret_from_fork_asm+0x1a/0x30 [ 27.029711] [ 27.029983] The buggy address belongs to the object at ffff888102a32500 [ 27.029983] which belongs to the cache kmalloc-64 of size 64 [ 27.031253] The buggy address is located 0 bytes to the right of [ 27.031253] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.032390] [ 27.032683] The buggy address belongs to the physical page: [ 27.033615] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.034545] flags: 0x200000000000000(node=0|zone=2) [ 27.035043] page_type: f5(slab) [ 27.035632] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.036550] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.037315] page dumped because: kasan: bad access detected [ 27.037859] [ 27.038169] Memory state around the buggy address: [ 27.038621] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.039410] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.040150] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.040829] ^ [ 27.041447] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.042112] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.042761] ================================================================== [ 27.585489] ================================================================== [ 27.586392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 27.587376] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.588048] [ 27.588251] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.588808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.589324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.590671] Call Trace: [ 27.591153] <TASK> [ 27.591371] dump_stack_lvl+0x73/0xb0 [ 27.592172] print_report+0xd1/0x640 [ 27.593087] ? __virt_addr_valid+0x1db/0x2d0 [ 27.593749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.594488] kasan_report+0x102/0x140 [ 27.595083] ? kasan_atomics_helper+0x194b/0x5450 [ 27.595755] ? kasan_atomics_helper+0x194b/0x5450 [ 27.596491] kasan_check_range+0x10c/0x1c0 [ 27.596954] __kasan_check_write+0x18/0x20 [ 27.597511] kasan_atomics_helper+0x194b/0x5450 [ 27.597994] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.598663] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.599139] ? kasan_atomics+0x153/0x310 [ 27.599954] kasan_atomics+0x1dd/0x310 [ 27.600595] ? __pfx_kasan_atomics+0x10/0x10 [ 27.601070] ? __pfx_read_tsc+0x10/0x10 [ 27.601720] ? ktime_get_ts64+0x84/0x230 [ 27.602149] kunit_try_run_case+0x1b3/0x490 [ 27.602690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.603502] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.604052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.604628] ? __kthread_parkme+0x82/0x160 [ 27.605222] ? preempt_count_sub+0x50/0x80 [ 27.605720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.606419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.607017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.607774] kthread+0x257/0x310 [ 27.608272] ? __pfx_kthread+0x10/0x10 [ 27.608753] ret_from_fork+0x41/0x80 [ 27.609162] ? __pfx_kthread+0x10/0x10 [ 27.609900] ret_from_fork_asm+0x1a/0x30 [ 27.610560] </TASK> [ 27.611049] [ 27.611309] Allocated by task 273: [ 27.611739] kasan_save_stack+0x3d/0x60 [ 27.612405] kasan_save_track+0x18/0x40 [ 27.612883] kasan_save_alloc_info+0x3b/0x50 [ 27.613459] __kasan_kmalloc+0xb7/0xc0 [ 27.614155] __kmalloc_cache_noprof+0x184/0x410 [ 27.614646] kasan_atomics+0x96/0x310 [ 27.615059] kunit_try_run_case+0x1b3/0x490 [ 27.615732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.616442] kthread+0x257/0x310 [ 27.616822] ret_from_fork+0x41/0x80 [ 27.617307] ret_from_fork_asm+0x1a/0x30 [ 27.618051] [ 27.618261] The buggy address belongs to the object at ffff888102a32500 [ 27.618261] which belongs to the cache kmalloc-64 of size 64 [ 27.619686] The buggy address is located 0 bytes to the right of [ 27.619686] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.621111] [ 27.621291] The buggy address belongs to the physical page: [ 27.621952] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.622773] flags: 0x200000000000000(node=0|zone=2) [ 27.623516] page_type: f5(slab) [ 27.624000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.624736] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.625643] page dumped because: kasan: bad access detected [ 27.626475] [ 27.626693] Memory state around the buggy address: [ 27.627138] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.627828] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.628408] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.629135] ^ [ 27.629930] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.630738] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.631586] ================================================================== [ 25.801869] ================================================================== [ 25.803569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 25.804063] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.804861] [ 25.805151] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.805837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.806380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.807203] Call Trace: [ 25.807464] <TASK> [ 25.807726] dump_stack_lvl+0x73/0xb0 [ 25.808282] print_report+0xd1/0x640 [ 25.808696] ? __virt_addr_valid+0x1db/0x2d0 [ 25.809146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.809741] kasan_report+0x102/0x140 [ 25.810254] ? kasan_atomics_helper+0x4b56/0x5450 [ 25.810638] ? kasan_atomics_helper+0x4b56/0x5450 [ 25.811236] __asan_report_load4_noabort+0x18/0x20 [ 25.811667] kasan_atomics_helper+0x4b56/0x5450 [ 25.812199] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.812795] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.813182] ? kasan_atomics+0x153/0x310 [ 25.813670] kasan_atomics+0x1dd/0x310 [ 25.814136] ? __pfx_kasan_atomics+0x10/0x10 [ 25.814581] ? __pfx_read_tsc+0x10/0x10 [ 25.814895] ? ktime_get_ts64+0x84/0x230 [ 25.815383] kunit_try_run_case+0x1b3/0x490 [ 25.815900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.816416] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.816932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.817504] ? __kthread_parkme+0x82/0x160 [ 25.818005] ? preempt_count_sub+0x50/0x80 [ 25.818431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.818951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.819565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.819932] kthread+0x257/0x310 [ 25.820389] ? __pfx_kthread+0x10/0x10 [ 25.820856] ret_from_fork+0x41/0x80 [ 25.821225] ? __pfx_kthread+0x10/0x10 [ 25.821738] ret_from_fork_asm+0x1a/0x30 [ 25.822269] </TASK> [ 25.822516] [ 25.822772] Allocated by task 273: [ 25.823133] kasan_save_stack+0x3d/0x60 [ 25.823601] kasan_save_track+0x18/0x40 [ 25.823894] kasan_save_alloc_info+0x3b/0x50 [ 25.824412] __kasan_kmalloc+0xb7/0xc0 [ 25.824733] __kmalloc_cache_noprof+0x184/0x410 [ 25.825301] kasan_atomics+0x96/0x310 [ 25.825705] kunit_try_run_case+0x1b3/0x490 [ 25.826250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.826646] kthread+0x257/0x310 [ 25.826899] ret_from_fork+0x41/0x80 [ 25.827309] ret_from_fork_asm+0x1a/0x30 [ 25.827810] [ 25.828057] The buggy address belongs to the object at ffff888102a32500 [ 25.828057] which belongs to the cache kmalloc-64 of size 64 [ 25.829007] The buggy address is located 0 bytes to the right of [ 25.829007] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.830330] [ 25.830554] The buggy address belongs to the physical page: [ 25.831011] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.831710] flags: 0x200000000000000(node=0|zone=2) [ 25.832361] page_type: f5(slab) [ 25.832656] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.833212] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.833849] page dumped because: kasan: bad access detected [ 25.834258] [ 25.834533] Memory state around the buggy address: [ 25.836134] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.837028] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.837566] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.837837] ^ [ 25.838035] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.839266] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.840355] ================================================================== [ 26.604684] ================================================================== [ 26.605828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 26.606479] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.607181] [ 26.607478] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.608293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.608761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.609509] Call Trace: [ 26.609859] <TASK> [ 26.610197] dump_stack_lvl+0x73/0xb0 [ 26.610702] print_report+0xd1/0x640 [ 26.611049] ? __virt_addr_valid+0x1db/0x2d0 [ 26.611596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.612053] kasan_report+0x102/0x140 [ 26.612533] ? kasan_atomics_helper+0xf11/0x5450 [ 26.613015] ? kasan_atomics_helper+0xf11/0x5450 [ 26.613442] kasan_check_range+0x10c/0x1c0 [ 26.613989] __kasan_check_write+0x18/0x20 [ 26.614450] kasan_atomics_helper+0xf11/0x5450 [ 26.614780] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.615273] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.615840] ? kasan_atomics+0x153/0x310 [ 26.616358] kasan_atomics+0x1dd/0x310 [ 26.616778] ? __pfx_kasan_atomics+0x10/0x10 [ 26.617349] ? __pfx_read_tsc+0x10/0x10 [ 26.617737] ? ktime_get_ts64+0x84/0x230 [ 26.618123] kunit_try_run_case+0x1b3/0x490 [ 26.618630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.619218] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.619582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.619960] ? __kthread_parkme+0x82/0x160 [ 26.620561] ? preempt_count_sub+0x50/0x80 [ 26.621130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.621648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.622210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.622678] kthread+0x257/0x310 [ 26.623063] ? __pfx_kthread+0x10/0x10 [ 26.623462] ret_from_fork+0x41/0x80 [ 26.623823] ? __pfx_kthread+0x10/0x10 [ 26.624323] ret_from_fork_asm+0x1a/0x30 [ 26.624862] </TASK> [ 26.625187] [ 26.625364] Allocated by task 273: [ 26.625703] kasan_save_stack+0x3d/0x60 [ 26.626223] kasan_save_track+0x18/0x40 [ 26.626648] kasan_save_alloc_info+0x3b/0x50 [ 26.627036] __kasan_kmalloc+0xb7/0xc0 [ 26.627377] __kmalloc_cache_noprof+0x184/0x410 [ 26.627882] kasan_atomics+0x96/0x310 [ 26.628407] kunit_try_run_case+0x1b3/0x490 [ 26.628840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.629238] kthread+0x257/0x310 [ 26.629680] ret_from_fork+0x41/0x80 [ 26.630199] ret_from_fork_asm+0x1a/0x30 [ 26.630635] [ 26.630794] The buggy address belongs to the object at ffff888102a32500 [ 26.630794] which belongs to the cache kmalloc-64 of size 64 [ 26.631974] The buggy address is located 0 bytes to the right of [ 26.631974] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.633013] [ 26.633284] The buggy address belongs to the physical page: [ 26.633750] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.634392] flags: 0x200000000000000(node=0|zone=2) [ 26.634844] page_type: f5(slab) [ 26.635184] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.635641] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.636459] page dumped because: kasan: bad access detected [ 26.637442] [ 26.637729] Memory state around the buggy address: [ 26.638317] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.639021] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.639939] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.640556] ^ [ 26.640931] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.641712] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.642568] ================================================================== [ 27.226640] ================================================================== [ 27.227312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 27.228579] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.229955] [ 27.230208] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.231170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.231973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.233191] Call Trace: [ 27.233594] <TASK> [ 27.233873] dump_stack_lvl+0x73/0xb0 [ 27.234490] print_report+0xd1/0x640 [ 27.234885] ? __virt_addr_valid+0x1db/0x2d0 [ 27.235358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.235734] kasan_report+0x102/0x140 [ 27.236210] ? kasan_atomics_helper+0x50d6/0x5450 [ 27.236760] ? kasan_atomics_helper+0x50d6/0x5450 [ 27.237281] __asan_report_store8_noabort+0x1b/0x30 [ 27.237669] kasan_atomics_helper+0x50d6/0x5450 [ 27.238275] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.238972] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.240033] ? kasan_atomics+0x153/0x310 [ 27.240654] kasan_atomics+0x1dd/0x310 [ 27.241089] ? __pfx_kasan_atomics+0x10/0x10 [ 27.241786] ? __pfx_read_tsc+0x10/0x10 [ 27.242366] ? ktime_get_ts64+0x84/0x230 [ 27.243143] kunit_try_run_case+0x1b3/0x490 [ 27.243797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.244268] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.244793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.245375] ? __kthread_parkme+0x82/0x160 [ 27.245824] ? preempt_count_sub+0x50/0x80 [ 27.246608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.247139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.247748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.248588] kthread+0x257/0x310 [ 27.249137] ? __pfx_kthread+0x10/0x10 [ 27.249602] ret_from_fork+0x41/0x80 [ 27.250219] ? __pfx_kthread+0x10/0x10 [ 27.250626] ret_from_fork_asm+0x1a/0x30 [ 27.251118] </TASK> [ 27.251484] [ 27.251753] Allocated by task 273: [ 27.252270] kasan_save_stack+0x3d/0x60 [ 27.252918] kasan_save_track+0x18/0x40 [ 27.253756] kasan_save_alloc_info+0x3b/0x50 [ 27.254264] __kasan_kmalloc+0xb7/0xc0 [ 27.254965] __kmalloc_cache_noprof+0x184/0x410 [ 27.255587] kasan_atomics+0x96/0x310 [ 27.255983] kunit_try_run_case+0x1b3/0x490 [ 27.256509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.257055] kthread+0x257/0x310 [ 27.257461] ret_from_fork+0x41/0x80 [ 27.257911] ret_from_fork_asm+0x1a/0x30 [ 27.258595] [ 27.258853] The buggy address belongs to the object at ffff888102a32500 [ 27.258853] which belongs to the cache kmalloc-64 of size 64 [ 27.260806] The buggy address is located 0 bytes to the right of [ 27.260806] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.261752] [ 27.261987] The buggy address belongs to the physical page: [ 27.262495] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.263128] flags: 0x200000000000000(node=0|zone=2) [ 27.264049] page_type: f5(slab) [ 27.264449] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.265473] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.266523] page dumped because: kasan: bad access detected [ 27.267555] [ 27.267764] Memory state around the buggy address: [ 27.268317] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.268659] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.268930] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.269305] ^ [ 27.270063] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.271059] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.271689] ================================================================== [ 26.739547] ================================================================== [ 26.740246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 26.741127] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.741880] [ 26.742253] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.743172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.743538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.744522] Call Trace: [ 26.744856] <TASK> [ 26.745059] dump_stack_lvl+0x73/0xb0 [ 26.745675] print_report+0xd1/0x640 [ 26.746293] ? __virt_addr_valid+0x1db/0x2d0 [ 26.746768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.747367] kasan_report+0x102/0x140 [ 26.747828] ? kasan_atomics_helper+0x107a/0x5450 [ 26.748422] ? kasan_atomics_helper+0x107a/0x5450 [ 26.748905] kasan_check_range+0x10c/0x1c0 [ 26.749421] __kasan_check_write+0x18/0x20 [ 26.749940] kasan_atomics_helper+0x107a/0x5450 [ 26.750716] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.751170] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.751723] ? kasan_atomics+0x153/0x310 [ 26.752160] kasan_atomics+0x1dd/0x310 [ 26.752587] ? __pfx_kasan_atomics+0x10/0x10 [ 26.753034] ? __pfx_read_tsc+0x10/0x10 [ 26.753510] ? ktime_get_ts64+0x84/0x230 [ 26.754012] kunit_try_run_case+0x1b3/0x490 [ 26.754524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.754927] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.755489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.756007] ? __kthread_parkme+0x82/0x160 [ 26.756461] ? preempt_count_sub+0x50/0x80 [ 26.756766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.757400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.758051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.758667] kthread+0x257/0x310 [ 26.758934] ? __pfx_kthread+0x10/0x10 [ 26.759427] ret_from_fork+0x41/0x80 [ 26.759906] ? __pfx_kthread+0x10/0x10 [ 26.760387] ret_from_fork_asm+0x1a/0x30 [ 26.760845] </TASK> [ 26.761098] [ 26.761277] Allocated by task 273: [ 26.761727] kasan_save_stack+0x3d/0x60 [ 26.762253] kasan_save_track+0x18/0x40 [ 26.762703] kasan_save_alloc_info+0x3b/0x50 [ 26.763155] __kasan_kmalloc+0xb7/0xc0 [ 26.763654] __kmalloc_cache_noprof+0x184/0x410 [ 26.763994] kasan_atomics+0x96/0x310 [ 26.764331] kunit_try_run_case+0x1b3/0x490 [ 26.764650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.764994] kthread+0x257/0x310 [ 26.765516] ret_from_fork+0x41/0x80 [ 26.766025] ret_from_fork_asm+0x1a/0x30 [ 26.766591] [ 26.766845] The buggy address belongs to the object at ffff888102a32500 [ 26.766845] which belongs to the cache kmalloc-64 of size 64 [ 26.768040] The buggy address is located 0 bytes to the right of [ 26.768040] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.769225] [ 26.769454] The buggy address belongs to the physical page: [ 26.770198] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.770867] flags: 0x200000000000000(node=0|zone=2) [ 26.771258] page_type: f5(slab) [ 26.771690] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.772475] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.772904] page dumped because: kasan: bad access detected [ 26.773310] [ 26.773597] Memory state around the buggy address: [ 26.774228] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.775117] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.775930] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.776727] ^ [ 26.777041] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.777697] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.778584] ================================================================== [ 27.457689] ================================================================== [ 27.458703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 27.460499] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.461203] [ 27.461450] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.463664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.464049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.465136] Call Trace: [ 27.465678] <TASK> [ 27.466284] dump_stack_lvl+0x73/0xb0 [ 27.466957] print_report+0xd1/0x640 [ 27.467378] ? __virt_addr_valid+0x1db/0x2d0 [ 27.467837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.468475] kasan_report+0x102/0x140 [ 27.468776] ? kasan_atomics_helper+0x1780/0x5450 [ 27.469929] ? kasan_atomics_helper+0x1780/0x5450 [ 27.470612] kasan_check_range+0x10c/0x1c0 [ 27.471071] __kasan_check_write+0x18/0x20 [ 27.472011] kasan_atomics_helper+0x1780/0x5450 [ 27.472698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.473385] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.473869] ? kasan_atomics+0x153/0x310 [ 27.474298] kasan_atomics+0x1dd/0x310 [ 27.474666] ? __pfx_kasan_atomics+0x10/0x10 [ 27.475158] ? __pfx_read_tsc+0x10/0x10 [ 27.475600] ? ktime_get_ts64+0x84/0x230 [ 27.476043] kunit_try_run_case+0x1b3/0x490 [ 27.476669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.477055] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.478123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.478725] ? __kthread_parkme+0x82/0x160 [ 27.479132] ? preempt_count_sub+0x50/0x80 [ 27.479587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.480169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.480664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.481415] kthread+0x257/0x310 [ 27.481710] ? __pfx_kthread+0x10/0x10 [ 27.482397] ret_from_fork+0x41/0x80 [ 27.482871] ? __pfx_kthread+0x10/0x10 [ 27.483221] ret_from_fork_asm+0x1a/0x30 [ 27.483751] </TASK> [ 27.483985] [ 27.484230] Allocated by task 273: [ 27.484638] kasan_save_stack+0x3d/0x60 [ 27.485002] kasan_save_track+0x18/0x40 [ 27.485527] kasan_save_alloc_info+0x3b/0x50 [ 27.485960] __kasan_kmalloc+0xb7/0xc0 [ 27.486372] __kmalloc_cache_noprof+0x184/0x410 [ 27.486872] kasan_atomics+0x96/0x310 [ 27.487277] kunit_try_run_case+0x1b3/0x490 [ 27.487791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.488395] kthread+0x257/0x310 [ 27.488742] ret_from_fork+0x41/0x80 [ 27.489209] ret_from_fork_asm+0x1a/0x30 [ 27.489610] [ 27.489852] The buggy address belongs to the object at ffff888102a32500 [ 27.489852] which belongs to the cache kmalloc-64 of size 64 [ 27.490867] The buggy address is located 0 bytes to the right of [ 27.490867] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.491842] [ 27.492090] The buggy address belongs to the physical page: [ 27.492654] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.493306] flags: 0x200000000000000(node=0|zone=2) [ 27.493786] page_type: f5(slab) [ 27.494041] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.494846] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.495359] page dumped because: kasan: bad access detected [ 27.495840] [ 27.496106] Memory state around the buggy address: [ 27.496683] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.497488] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.497917] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.498703] ^ [ 27.499206] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.499790] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.500241] ================================================================== [ 26.825459] ================================================================== [ 26.826290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 26.828527] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.829305] [ 26.829737] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.830856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.831237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.832324] Call Trace: [ 26.832695] <TASK> [ 26.833076] dump_stack_lvl+0x73/0xb0 [ 26.833487] print_report+0xd1/0x640 [ 26.834021] ? __virt_addr_valid+0x1db/0x2d0 [ 26.834612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.835202] kasan_report+0x102/0x140 [ 26.835811] ? kasan_atomics_helper+0x1149/0x5450 [ 26.836472] ? kasan_atomics_helper+0x1149/0x5450 [ 26.837249] kasan_check_range+0x10c/0x1c0 [ 26.837777] __kasan_check_write+0x18/0x20 [ 26.838269] kasan_atomics_helper+0x1149/0x5450 [ 26.838612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.839150] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.839799] ? kasan_atomics+0x153/0x310 [ 26.840562] kasan_atomics+0x1dd/0x310 [ 26.841498] ? __pfx_kasan_atomics+0x10/0x10 [ 26.841934] ? __pfx_read_tsc+0x10/0x10 [ 26.842959] ? ktime_get_ts64+0x84/0x230 [ 26.843609] kunit_try_run_case+0x1b3/0x490 [ 26.843995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.844665] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.845168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.845707] ? __kthread_parkme+0x82/0x160 [ 26.846399] ? preempt_count_sub+0x50/0x80 [ 26.846827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.847444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.847957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.848707] kthread+0x257/0x310 [ 26.849202] ? __pfx_kthread+0x10/0x10 [ 26.849788] ret_from_fork+0x41/0x80 [ 26.850280] ? __pfx_kthread+0x10/0x10 [ 26.850778] ret_from_fork_asm+0x1a/0x30 [ 26.851383] </TASK> [ 26.851688] [ 26.851927] Allocated by task 273: [ 26.852298] kasan_save_stack+0x3d/0x60 [ 26.852855] kasan_save_track+0x18/0x40 [ 26.853314] kasan_save_alloc_info+0x3b/0x50 [ 26.853840] __kasan_kmalloc+0xb7/0xc0 [ 26.854368] __kmalloc_cache_noprof+0x184/0x410 [ 26.854810] kasan_atomics+0x96/0x310 [ 26.855309] kunit_try_run_case+0x1b3/0x490 [ 26.855925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.856528] kthread+0x257/0x310 [ 26.856936] ret_from_fork+0x41/0x80 [ 26.857514] ret_from_fork_asm+0x1a/0x30 [ 26.857961] [ 26.858238] The buggy address belongs to the object at ffff888102a32500 [ 26.858238] which belongs to the cache kmalloc-64 of size 64 [ 26.859400] The buggy address is located 0 bytes to the right of [ 26.859400] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.860570] [ 26.860827] The buggy address belongs to the physical page: [ 26.861515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.862400] flags: 0x200000000000000(node=0|zone=2) [ 26.862837] page_type: f5(slab) [ 26.863377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.864167] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.864852] page dumped because: kasan: bad access detected [ 26.865450] [ 26.865669] Memory state around the buggy address: [ 26.866236] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.867017] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.867768] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.868468] ^ [ 26.868922] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.869689] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.870317] ================================================================== [ 27.678307] ================================================================== [ 27.678803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 27.679662] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.680393] [ 27.680690] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.681614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.681903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.682700] Call Trace: [ 27.683012] <TASK> [ 27.683382] dump_stack_lvl+0x73/0xb0 [ 27.683789] print_report+0xd1/0x640 [ 27.684234] ? __virt_addr_valid+0x1db/0x2d0 [ 27.684613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.685251] kasan_report+0x102/0x140 [ 27.685706] ? kasan_atomics_helper+0x1a80/0x5450 [ 27.686138] ? kasan_atomics_helper+0x1a80/0x5450 [ 27.686734] kasan_check_range+0x10c/0x1c0 [ 27.687230] __kasan_check_write+0x18/0x20 [ 27.687666] kasan_atomics_helper+0x1a80/0x5450 [ 27.688155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.688755] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.689141] ? kasan_atomics+0x153/0x310 [ 27.689777] kasan_atomics+0x1dd/0x310 [ 27.690243] ? __pfx_kasan_atomics+0x10/0x10 [ 27.690782] ? __pfx_read_tsc+0x10/0x10 [ 27.691191] ? ktime_get_ts64+0x84/0x230 [ 27.691553] kunit_try_run_case+0x1b3/0x490 [ 27.692114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.692626] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.693196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.693642] ? __kthread_parkme+0x82/0x160 [ 27.694033] ? preempt_count_sub+0x50/0x80 [ 27.694546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.695012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.695577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.696142] kthread+0x257/0x310 [ 27.696535] ? __pfx_kthread+0x10/0x10 [ 27.696920] ret_from_fork+0x41/0x80 [ 27.697450] ? __pfx_kthread+0x10/0x10 [ 27.697844] ret_from_fork_asm+0x1a/0x30 [ 27.698217] </TASK> [ 27.698466] [ 27.698725] Allocated by task 273: [ 27.699217] kasan_save_stack+0x3d/0x60 [ 27.699663] kasan_save_track+0x18/0x40 [ 27.700175] kasan_save_alloc_info+0x3b/0x50 [ 27.700609] __kasan_kmalloc+0xb7/0xc0 [ 27.700953] __kmalloc_cache_noprof+0x184/0x410 [ 27.701456] kasan_atomics+0x96/0x310 [ 27.701909] kunit_try_run_case+0x1b3/0x490 [ 27.702319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.702810] kthread+0x257/0x310 [ 27.703183] ret_from_fork+0x41/0x80 [ 27.703474] ret_from_fork_asm+0x1a/0x30 [ 27.703760] [ 27.704003] The buggy address belongs to the object at ffff888102a32500 [ 27.704003] which belongs to the cache kmalloc-64 of size 64 [ 27.705421] The buggy address is located 0 bytes to the right of [ 27.705421] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.706459] [ 27.706636] The buggy address belongs to the physical page: [ 27.707127] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.707802] flags: 0x200000000000000(node=0|zone=2) [ 27.708377] page_type: f5(slab) [ 27.708693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.709391] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.710026] page dumped because: kasan: bad access detected [ 27.710556] [ 27.710784] Memory state around the buggy address: [ 27.711152] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.711827] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.712509] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.712997] ^ [ 27.713626] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.714315] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.714867] ================================================================== [ 25.931697] ================================================================== [ 25.932731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 25.933855] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.934896] [ 25.935547] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.936770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.937199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.938081] Call Trace: [ 25.938489] <TASK> [ 25.938868] dump_stack_lvl+0x73/0xb0 [ 25.939475] print_report+0xd1/0x640 [ 25.939954] ? __virt_addr_valid+0x1db/0x2d0 [ 25.940627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.941383] kasan_report+0x102/0x140 [ 25.941896] ? kasan_atomics_helper+0x566/0x5450 [ 25.942549] ? kasan_atomics_helper+0x566/0x5450 [ 25.943118] kasan_check_range+0x10c/0x1c0 [ 25.943678] __kasan_check_write+0x18/0x20 [ 25.944259] kasan_atomics_helper+0x566/0x5450 [ 25.944850] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.945443] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.945993] ? kasan_atomics+0x153/0x310 [ 25.946586] kasan_atomics+0x1dd/0x310 [ 25.947047] ? __pfx_kasan_atomics+0x10/0x10 [ 25.947640] ? __pfx_read_tsc+0x10/0x10 [ 25.948263] ? ktime_get_ts64+0x84/0x230 [ 25.948736] kunit_try_run_case+0x1b3/0x490 [ 25.949349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.949938] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.950481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.950947] ? __kthread_parkme+0x82/0x160 [ 25.951648] ? preempt_count_sub+0x50/0x80 [ 25.952237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.952764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.953559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.954197] kthread+0x257/0x310 [ 25.954735] ? __pfx_kthread+0x10/0x10 [ 25.955281] ret_from_fork+0x41/0x80 [ 25.955602] ? __pfx_kthread+0x10/0x10 [ 25.955967] ret_from_fork_asm+0x1a/0x30 [ 25.956562] </TASK> [ 25.956830] [ 25.957280] Allocated by task 273: [ 25.957728] kasan_save_stack+0x3d/0x60 [ 25.958405] kasan_save_track+0x18/0x40 [ 25.958761] kasan_save_alloc_info+0x3b/0x50 [ 25.959541] __kasan_kmalloc+0xb7/0xc0 [ 25.959869] __kmalloc_cache_noprof+0x184/0x410 [ 25.960617] kasan_atomics+0x96/0x310 [ 25.960909] kunit_try_run_case+0x1b3/0x490 [ 25.961471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.961988] kthread+0x257/0x310 [ 25.962331] ret_from_fork+0x41/0x80 [ 25.962962] ret_from_fork_asm+0x1a/0x30 [ 25.963582] [ 25.963771] The buggy address belongs to the object at ffff888102a32500 [ 25.963771] which belongs to the cache kmalloc-64 of size 64 [ 25.965153] The buggy address is located 0 bytes to the right of [ 25.965153] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.966473] [ 25.966828] The buggy address belongs to the physical page: [ 25.967363] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.968301] flags: 0x200000000000000(node=0|zone=2) [ 25.968833] page_type: f5(slab) [ 25.969311] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.970135] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.970876] page dumped because: kasan: bad access detected [ 25.971487] [ 25.971856] Memory state around the buggy address: [ 25.972436] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.973217] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.974029] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.974825] ^ [ 25.975359] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.976015] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.976639] ================================================================== [ 25.841975] ================================================================== [ 25.842648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 25.843461] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.844367] [ 25.844710] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.845818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.846468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.847368] Call Trace: [ 25.847967] <TASK> [ 25.848276] dump_stack_lvl+0x73/0xb0 [ 25.848867] print_report+0xd1/0x640 [ 25.849302] ? __virt_addr_valid+0x1db/0x2d0 [ 25.849768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.850295] kasan_report+0x102/0x140 [ 25.850798] ? kasan_atomics_helper+0x4a1/0x5450 [ 25.851187] ? kasan_atomics_helper+0x4a1/0x5450 [ 25.851999] kasan_check_range+0x10c/0x1c0 [ 25.852654] __kasan_check_write+0x18/0x20 [ 25.853162] kasan_atomics_helper+0x4a1/0x5450 [ 25.853789] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.854435] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.855194] ? kasan_atomics+0x153/0x310 [ 25.855582] kasan_atomics+0x1dd/0x310 [ 25.856190] ? __pfx_kasan_atomics+0x10/0x10 [ 25.856608] ? __pfx_read_tsc+0x10/0x10 [ 25.857252] ? ktime_get_ts64+0x84/0x230 [ 25.857908] kunit_try_run_case+0x1b3/0x490 [ 25.858549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.859031] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.859666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.860315] ? __kthread_parkme+0x82/0x160 [ 25.860769] ? preempt_count_sub+0x50/0x80 [ 25.861467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.862047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.862790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.863475] kthread+0x257/0x310 [ 25.863935] ? __pfx_kthread+0x10/0x10 [ 25.864594] ret_from_fork+0x41/0x80 [ 25.865210] ? __pfx_kthread+0x10/0x10 [ 25.865605] ret_from_fork_asm+0x1a/0x30 [ 25.866187] </TASK> [ 25.866616] [ 25.866849] Allocated by task 273: [ 25.867451] kasan_save_stack+0x3d/0x60 [ 25.867950] kasan_save_track+0x18/0x40 [ 25.868594] kasan_save_alloc_info+0x3b/0x50 [ 25.869035] __kasan_kmalloc+0xb7/0xc0 [ 25.869710] __kmalloc_cache_noprof+0x184/0x410 [ 25.870297] kasan_atomics+0x96/0x310 [ 25.870758] kunit_try_run_case+0x1b3/0x490 [ 25.871423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.872135] kthread+0x257/0x310 [ 25.872719] ret_from_fork+0x41/0x80 [ 25.873000] ret_from_fork_asm+0x1a/0x30 [ 25.873803] [ 25.874021] The buggy address belongs to the object at ffff888102a32500 [ 25.874021] which belongs to the cache kmalloc-64 of size 64 [ 25.875542] The buggy address is located 0 bytes to the right of [ 25.875542] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.876898] [ 25.877122] The buggy address belongs to the physical page: [ 25.877730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.878501] flags: 0x200000000000000(node=0|zone=2) [ 25.878917] page_type: f5(slab) [ 25.879563] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.880323] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.881150] page dumped because: kasan: bad access detected [ 25.881772] [ 25.882131] Memory state around the buggy address: [ 25.882651] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.883507] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.884258] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.884962] ^ [ 25.885489] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.886408] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.887061] ================================================================== [ 25.757868] ================================================================== [ 25.759479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 25.760504] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.761509] [ 25.761823] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.762632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.763110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.764156] Call Trace: [ 25.764476] <TASK> [ 25.764781] dump_stack_lvl+0x73/0xb0 [ 25.765163] print_report+0xd1/0x640 [ 25.765655] ? __virt_addr_valid+0x1db/0x2d0 [ 25.766563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.767101] kasan_report+0x102/0x140 [ 25.767746] ? kasan_atomics_helper+0x3e0/0x5450 [ 25.768571] ? kasan_atomics_helper+0x3e0/0x5450 [ 25.769402] kasan_check_range+0x10c/0x1c0 [ 25.770035] __kasan_check_read+0x15/0x20 [ 25.770396] kasan_atomics_helper+0x3e0/0x5450 [ 25.770973] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.771486] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.771880] ? kasan_atomics+0x153/0x310 [ 25.772262] kasan_atomics+0x1dd/0x310 [ 25.772934] ? __pfx_kasan_atomics+0x10/0x10 [ 25.773593] ? __pfx_read_tsc+0x10/0x10 [ 25.773972] ? ktime_get_ts64+0x84/0x230 [ 25.774504] kunit_try_run_case+0x1b3/0x490 [ 25.775110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.775651] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.776189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.776752] ? __kthread_parkme+0x82/0x160 [ 25.777294] ? preempt_count_sub+0x50/0x80 [ 25.777762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.778277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.778793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.779453] kthread+0x257/0x310 [ 25.779796] ? __pfx_kthread+0x10/0x10 [ 25.780436] ret_from_fork+0x41/0x80 [ 25.780875] ? __pfx_kthread+0x10/0x10 [ 25.781320] ret_from_fork_asm+0x1a/0x30 [ 25.781957] </TASK> [ 25.782226] [ 25.782403] Allocated by task 273: [ 25.782871] kasan_save_stack+0x3d/0x60 [ 25.783519] kasan_save_track+0x18/0x40 [ 25.783847] kasan_save_alloc_info+0x3b/0x50 [ 25.784308] __kasan_kmalloc+0xb7/0xc0 [ 25.784772] __kmalloc_cache_noprof+0x184/0x410 [ 25.785301] kasan_atomics+0x96/0x310 [ 25.785804] kunit_try_run_case+0x1b3/0x490 [ 25.786240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.786599] kthread+0x257/0x310 [ 25.786943] ret_from_fork+0x41/0x80 [ 25.787570] ret_from_fork_asm+0x1a/0x30 [ 25.788200] [ 25.788417] The buggy address belongs to the object at ffff888102a32500 [ 25.788417] which belongs to the cache kmalloc-64 of size 64 [ 25.789440] The buggy address is located 0 bytes to the right of [ 25.789440] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.790853] [ 25.791233] The buggy address belongs to the physical page: [ 25.791731] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.792397] flags: 0x200000000000000(node=0|zone=2) [ 25.793045] page_type: f5(slab) [ 25.793606] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.794374] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.794960] page dumped because: kasan: bad access detected [ 25.795550] [ 25.795697] Memory state around the buggy address: [ 25.796355] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.797190] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.797943] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.798592] ^ [ 25.799235] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.799869] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.800703] ================================================================== [ 26.688987] ================================================================== [ 26.690816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 26.691801] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.692329] [ 26.693199] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.694278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.694745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.695737] Call Trace: [ 26.696045] <TASK> [ 26.696421] dump_stack_lvl+0x73/0xb0 [ 26.697004] print_report+0xd1/0x640 [ 26.697409] ? __virt_addr_valid+0x1db/0x2d0 [ 26.697949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.698681] kasan_report+0x102/0x140 [ 26.699423] ? kasan_atomics_helper+0x4a38/0x5450 [ 26.699915] ? kasan_atomics_helper+0x4a38/0x5450 [ 26.700718] __asan_report_load4_noabort+0x18/0x20 [ 26.701848] kasan_atomics_helper+0x4a38/0x5450 [ 26.702391] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.703127] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.704136] ? kasan_atomics+0x153/0x310 [ 26.704570] kasan_atomics+0x1dd/0x310 [ 26.705212] ? __pfx_kasan_atomics+0x10/0x10 [ 26.705741] ? __pfx_read_tsc+0x10/0x10 [ 26.706125] ? ktime_get_ts64+0x84/0x230 [ 26.707216] kunit_try_run_case+0x1b3/0x490 [ 26.707648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.708307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.708806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.709604] ? __kthread_parkme+0x82/0x160 [ 26.710035] ? preempt_count_sub+0x50/0x80 [ 26.711360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.711830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.712547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.713480] kthread+0x257/0x310 [ 26.714011] ? __pfx_kthread+0x10/0x10 [ 26.714578] ret_from_fork+0x41/0x80 [ 26.714979] ? __pfx_kthread+0x10/0x10 [ 26.715768] ret_from_fork_asm+0x1a/0x30 [ 26.716629] </TASK> [ 26.716872] [ 26.717012] Allocated by task 273: [ 26.717872] kasan_save_stack+0x3d/0x60 [ 26.718429] kasan_save_track+0x18/0x40 [ 26.718840] kasan_save_alloc_info+0x3b/0x50 [ 26.719764] __kasan_kmalloc+0xb7/0xc0 [ 26.720906] __kmalloc_cache_noprof+0x184/0x410 [ 26.721381] kasan_atomics+0x96/0x310 [ 26.721800] kunit_try_run_case+0x1b3/0x490 [ 26.722264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.722922] kthread+0x257/0x310 [ 26.723193] ret_from_fork+0x41/0x80 [ 26.723707] ret_from_fork_asm+0x1a/0x30 [ 26.724179] [ 26.724536] The buggy address belongs to the object at ffff888102a32500 [ 26.724536] which belongs to the cache kmalloc-64 of size 64 [ 26.725186] The buggy address is located 0 bytes to the right of [ 26.725186] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.727074] [ 26.727403] The buggy address belongs to the physical page: [ 26.727942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.729233] flags: 0x200000000000000(node=0|zone=2) [ 26.730299] page_type: f5(slab) [ 26.730734] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.731759] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.732393] page dumped because: kasan: bad access detected [ 26.732882] [ 26.733111] Memory state around the buggy address: [ 26.733631] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.734387] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.735023] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.735676] ^ [ 26.736302] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.736915] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.737677] ================================================================== [ 27.043954] ================================================================== [ 27.044641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 27.045325] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.047012] [ 27.047366] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.047967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.048593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.049374] Call Trace: [ 27.049793] <TASK> [ 27.050178] dump_stack_lvl+0x73/0xb0 [ 27.050599] print_report+0xd1/0x640 [ 27.051251] ? __virt_addr_valid+0x1db/0x2d0 [ 27.051868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.052617] kasan_report+0x102/0x140 [ 27.053016] ? kasan_atomics_helper+0x49d0/0x5450 [ 27.053664] ? kasan_atomics_helper+0x49d0/0x5450 [ 27.054312] __asan_report_load4_noabort+0x18/0x20 [ 27.054928] kasan_atomics_helper+0x49d0/0x5450 [ 27.055487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.055937] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.056627] ? kasan_atomics+0x153/0x310 [ 27.057010] kasan_atomics+0x1dd/0x310 [ 27.057552] ? __pfx_kasan_atomics+0x10/0x10 [ 27.058184] ? __pfx_read_tsc+0x10/0x10 [ 27.058705] ? ktime_get_ts64+0x84/0x230 [ 27.059307] kunit_try_run_case+0x1b3/0x490 [ 27.059912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.060673] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.061282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.061855] ? __kthread_parkme+0x82/0x160 [ 27.062391] ? preempt_count_sub+0x50/0x80 [ 27.062857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.063396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.063921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.064563] kthread+0x257/0x310 [ 27.064899] ? __pfx_kthread+0x10/0x10 [ 27.065457] ret_from_fork+0x41/0x80 [ 27.065885] ? __pfx_kthread+0x10/0x10 [ 27.066404] ret_from_fork_asm+0x1a/0x30 [ 27.066872] </TASK> [ 27.067229] [ 27.067556] Allocated by task 273: [ 27.067989] kasan_save_stack+0x3d/0x60 [ 27.068526] kasan_save_track+0x18/0x40 [ 27.068953] kasan_save_alloc_info+0x3b/0x50 [ 27.069582] __kasan_kmalloc+0xb7/0xc0 [ 27.069983] __kmalloc_cache_noprof+0x184/0x410 [ 27.070585] kasan_atomics+0x96/0x310 [ 27.071185] kunit_try_run_case+0x1b3/0x490 [ 27.071723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.072370] kthread+0x257/0x310 [ 27.072768] ret_from_fork+0x41/0x80 [ 27.073234] ret_from_fork_asm+0x1a/0x30 [ 27.073750] [ 27.073923] The buggy address belongs to the object at ffff888102a32500 [ 27.073923] which belongs to the cache kmalloc-64 of size 64 [ 27.075059] The buggy address is located 0 bytes to the right of [ 27.075059] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.076390] [ 27.076698] The buggy address belongs to the physical page: [ 27.077126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.077988] flags: 0x200000000000000(node=0|zone=2) [ 27.078516] page_type: f5(slab) [ 27.079008] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.079660] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.080487] page dumped because: kasan: bad access detected [ 27.080960] [ 27.081192] Memory state around the buggy address: [ 27.081703] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.082510] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.083150] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.083878] ^ [ 27.084508] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.085173] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.085628] ================================================================== [ 26.064962] ================================================================== [ 26.065949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 26.068293] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.069275] [ 26.069639] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.070833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.071320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.072235] Call Trace: [ 26.072568] <TASK> [ 26.072884] dump_stack_lvl+0x73/0xb0 [ 26.073354] print_report+0xd1/0x640 [ 26.073753] ? __virt_addr_valid+0x1db/0x2d0 [ 26.074160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.074888] kasan_report+0x102/0x140 [ 26.075312] ? kasan_atomics_helper+0x730/0x5450 [ 26.075626] ? kasan_atomics_helper+0x730/0x5450 [ 26.075925] kasan_check_range+0x10c/0x1c0 [ 26.076396] __kasan_check_write+0x18/0x20 [ 26.076697] kasan_atomics_helper+0x730/0x5450 [ 26.077328] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.077989] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.078448] ? kasan_atomics+0x153/0x310 [ 26.078869] kasan_atomics+0x1dd/0x310 [ 26.079520] ? __pfx_kasan_atomics+0x10/0x10 [ 26.080158] ? __pfx_read_tsc+0x10/0x10 [ 26.080576] ? ktime_get_ts64+0x84/0x230 [ 26.081147] kunit_try_run_case+0x1b3/0x490 [ 26.081731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.082231] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.082676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.084295] ? __kthread_parkme+0x82/0x160 [ 26.084727] ? preempt_count_sub+0x50/0x80 [ 26.085173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.085646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.086143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.086723] kthread+0x257/0x310 [ 26.087116] ? __pfx_kthread+0x10/0x10 [ 26.087591] ret_from_fork+0x41/0x80 [ 26.087959] ? __pfx_kthread+0x10/0x10 [ 26.088462] ret_from_fork_asm+0x1a/0x30 [ 26.088828] </TASK> [ 26.089121] [ 26.089368] Allocated by task 273: [ 26.089800] kasan_save_stack+0x3d/0x60 [ 26.090178] kasan_save_track+0x18/0x40 [ 26.090631] kasan_save_alloc_info+0x3b/0x50 [ 26.091118] __kasan_kmalloc+0xb7/0xc0 [ 26.091431] __kmalloc_cache_noprof+0x184/0x410 [ 26.091949] kasan_atomics+0x96/0x310 [ 26.092475] kunit_try_run_case+0x1b3/0x490 [ 26.092936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.093508] kthread+0x257/0x310 [ 26.093795] ret_from_fork+0x41/0x80 [ 26.094323] ret_from_fork_asm+0x1a/0x30 [ 26.094747] [ 26.094909] The buggy address belongs to the object at ffff888102a32500 [ 26.094909] which belongs to the cache kmalloc-64 of size 64 [ 26.095971] The buggy address is located 0 bytes to the right of [ 26.095971] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.097130] [ 26.097310] The buggy address belongs to the physical page: [ 26.097860] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.098570] flags: 0x200000000000000(node=0|zone=2) [ 26.098894] page_type: f5(slab) [ 26.099434] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.100196] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.100942] page dumped because: kasan: bad access detected [ 26.101485] [ 26.101728] Memory state around the buggy address: [ 26.102227] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.102762] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.103429] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.104023] ^ [ 26.104487] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.105271] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.105720] ================================================================== [ 27.087039] ================================================================== [ 27.087805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 27.088667] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.089401] [ 27.089721] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.090594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.091235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.092386] Call Trace: [ 27.092607] <TASK> [ 27.092800] dump_stack_lvl+0x73/0xb0 [ 27.093246] print_report+0xd1/0x640 [ 27.093688] ? __virt_addr_valid+0x1db/0x2d0 [ 27.094146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.096011] kasan_report+0x102/0x140 [ 27.096777] ? kasan_atomics_helper+0x13b6/0x5450 [ 27.097152] ? kasan_atomics_helper+0x13b6/0x5450 [ 27.097696] kasan_check_range+0x10c/0x1c0 [ 27.098143] __kasan_check_read+0x15/0x20 [ 27.098622] kasan_atomics_helper+0x13b6/0x5450 [ 27.099024] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.099576] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.099957] ? kasan_atomics+0x153/0x310 [ 27.100479] kasan_atomics+0x1dd/0x310 [ 27.100813] ? __pfx_kasan_atomics+0x10/0x10 [ 27.101423] ? __pfx_read_tsc+0x10/0x10 [ 27.101836] ? ktime_get_ts64+0x84/0x230 [ 27.102371] kunit_try_run_case+0x1b3/0x490 [ 27.102743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.103372] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.103818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.104281] ? __kthread_parkme+0x82/0x160 [ 27.104832] ? preempt_count_sub+0x50/0x80 [ 27.105425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.105811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.106430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.106894] kthread+0x257/0x310 [ 27.107400] ? __pfx_kthread+0x10/0x10 [ 27.107771] ret_from_fork+0x41/0x80 [ 27.108265] ? __pfx_kthread+0x10/0x10 [ 27.108643] ret_from_fork_asm+0x1a/0x30 [ 27.109210] </TASK> [ 27.109511] [ 27.109686] Allocated by task 273: [ 27.110162] kasan_save_stack+0x3d/0x60 [ 27.110654] kasan_save_track+0x18/0x40 [ 27.110934] kasan_save_alloc_info+0x3b/0x50 [ 27.111489] __kasan_kmalloc+0xb7/0xc0 [ 27.111773] __kmalloc_cache_noprof+0x184/0x410 [ 27.112395] kasan_atomics+0x96/0x310 [ 27.112761] kunit_try_run_case+0x1b3/0x490 [ 27.113291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.113816] kthread+0x257/0x310 [ 27.115141] ret_from_fork+0x41/0x80 [ 27.115542] ret_from_fork_asm+0x1a/0x30 [ 27.115795] [ 27.115896] The buggy address belongs to the object at ffff888102a32500 [ 27.115896] which belongs to the cache kmalloc-64 of size 64 [ 27.117407] The buggy address is located 0 bytes to the right of [ 27.117407] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.119614] [ 27.119784] The buggy address belongs to the physical page: [ 27.120708] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.121630] flags: 0x200000000000000(node=0|zone=2) [ 27.122153] page_type: f5(slab) [ 27.122694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.123352] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.123995] page dumped because: kasan: bad access detected [ 27.124627] [ 27.124864] Memory state around the buggy address: [ 27.125638] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.126581] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.127452] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.128201] ^ [ 27.128545] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.129510] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.130273] ================================================================== [ 26.146518] ================================================================== [ 26.147667] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 26.148324] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.148767] [ 26.148948] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.150123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.150627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.151419] Call Trace: [ 26.151637] <TASK> [ 26.151838] dump_stack_lvl+0x73/0xb0 [ 26.152207] print_report+0xd1/0x640 [ 26.152687] ? __virt_addr_valid+0x1db/0x2d0 [ 26.153274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.153952] kasan_report+0x102/0x140 [ 26.154492] ? kasan_atomics_helper+0x861/0x5450 [ 26.154856] ? kasan_atomics_helper+0x861/0x5450 [ 26.155475] kasan_check_range+0x10c/0x1c0 [ 26.155863] __kasan_check_write+0x18/0x20 [ 26.156351] kasan_atomics_helper+0x861/0x5450 [ 26.156726] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.157205] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.157792] ? kasan_atomics+0x153/0x310 [ 26.158326] kasan_atomics+0x1dd/0x310 [ 26.158676] ? __pfx_kasan_atomics+0x10/0x10 [ 26.159049] ? __pfx_read_tsc+0x10/0x10 [ 26.159611] ? ktime_get_ts64+0x84/0x230 [ 26.160047] kunit_try_run_case+0x1b3/0x490 [ 26.160513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.161053] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.161618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.162115] ? __kthread_parkme+0x82/0x160 [ 26.162642] ? preempt_count_sub+0x50/0x80 [ 26.163143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.163627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.164274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.164710] kthread+0x257/0x310 [ 26.164984] ? __pfx_kthread+0x10/0x10 [ 26.165571] ret_from_fork+0x41/0x80 [ 26.166004] ? __pfx_kthread+0x10/0x10 [ 26.166359] ret_from_fork_asm+0x1a/0x30 [ 26.166880] </TASK> [ 26.167234] [ 26.167483] Allocated by task 273: [ 26.167866] kasan_save_stack+0x3d/0x60 [ 26.168219] kasan_save_track+0x18/0x40 [ 26.168696] kasan_save_alloc_info+0x3b/0x50 [ 26.169207] __kasan_kmalloc+0xb7/0xc0 [ 26.169731] __kmalloc_cache_noprof+0x184/0x410 [ 26.170041] kasan_atomics+0x96/0x310 [ 26.170413] kunit_try_run_case+0x1b3/0x490 [ 26.170879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.171556] kthread+0x257/0x310 [ 26.171842] ret_from_fork+0x41/0x80 [ 26.172323] ret_from_fork_asm+0x1a/0x30 [ 26.172727] [ 26.172961] The buggy address belongs to the object at ffff888102a32500 [ 26.172961] which belongs to the cache kmalloc-64 of size 64 [ 26.173834] The buggy address is located 0 bytes to the right of [ 26.173834] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.174914] [ 26.175220] The buggy address belongs to the physical page: [ 26.175879] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.176526] flags: 0x200000000000000(node=0|zone=2) [ 26.178168] page_type: f5(slab) [ 26.178598] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.179198] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.179841] page dumped because: kasan: bad access detected [ 26.180412] [ 26.180635] Memory state around the buggy address: [ 26.181111] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.181756] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.182437] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.183038] ^ [ 26.183530] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.184000] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.184792] ================================================================== [ 28.385390] ================================================================== [ 28.387284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 28.388193] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.388618] [ 28.389521] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.390221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.390646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.391487] Call Trace: [ 28.391724] <TASK> [ 28.391926] dump_stack_lvl+0x73/0xb0 [ 28.392597] print_report+0xd1/0x640 [ 28.393079] ? __virt_addr_valid+0x1db/0x2d0 [ 28.393719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.394566] kasan_report+0x102/0x140 [ 28.395346] ? kasan_atomics_helper+0x5117/0x5450 [ 28.395763] ? kasan_atomics_helper+0x5117/0x5450 [ 28.396203] __asan_report_load8_noabort+0x18/0x20 [ 28.396634] kasan_atomics_helper+0x5117/0x5450 [ 28.397048] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.397608] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.398022] ? kasan_atomics+0x153/0x310 [ 28.398500] kasan_atomics+0x1dd/0x310 [ 28.398839] ? __pfx_kasan_atomics+0x10/0x10 [ 28.399369] ? __pfx_read_tsc+0x10/0x10 [ 28.400008] ? ktime_get_ts64+0x84/0x230 [ 28.400948] kunit_try_run_case+0x1b3/0x490 [ 28.401709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.402032] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.402659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.403531] ? __kthread_parkme+0x82/0x160 [ 28.403967] ? preempt_count_sub+0x50/0x80 [ 28.404632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.404999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.405632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.406300] kthread+0x257/0x310 [ 28.406789] ? __pfx_kthread+0x10/0x10 [ 28.407215] ret_from_fork+0x41/0x80 [ 28.407698] ? __pfx_kthread+0x10/0x10 [ 28.408140] ret_from_fork_asm+0x1a/0x30 [ 28.408634] </TASK> [ 28.408951] [ 28.409263] Allocated by task 273: [ 28.409586] kasan_save_stack+0x3d/0x60 [ 28.410145] kasan_save_track+0x18/0x40 [ 28.410517] kasan_save_alloc_info+0x3b/0x50 [ 28.411045] __kasan_kmalloc+0xb7/0xc0 [ 28.411484] __kmalloc_cache_noprof+0x184/0x410 [ 28.412005] kasan_atomics+0x96/0x310 [ 28.412425] kunit_try_run_case+0x1b3/0x490 [ 28.412854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.413628] kthread+0x257/0x310 [ 28.414049] ret_from_fork+0x41/0x80 [ 28.414600] ret_from_fork_asm+0x1a/0x30 [ 28.414998] [ 28.415303] The buggy address belongs to the object at ffff888102a32500 [ 28.415303] which belongs to the cache kmalloc-64 of size 64 [ 28.416510] The buggy address is located 0 bytes to the right of [ 28.416510] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.417637] [ 28.417901] The buggy address belongs to the physical page: [ 28.418633] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.419444] flags: 0x200000000000000(node=0|zone=2) [ 28.419919] page_type: f5(slab) [ 28.420291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.421019] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.421809] page dumped because: kasan: bad access detected [ 28.422480] [ 28.422695] Memory state around the buggy address: [ 28.423242] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.423952] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.424701] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.425460] ^ [ 28.425883] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.426551] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.427102] ================================================================== [ 26.309816] ================================================================== [ 26.310613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 26.311237] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.311842] [ 26.312124] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.312932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.313376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.314114] Call Trace: [ 26.314407] <TASK> [ 26.314724] dump_stack_lvl+0x73/0xb0 [ 26.315142] print_report+0xd1/0x640 [ 26.315622] ? __virt_addr_valid+0x1db/0x2d0 [ 26.315942] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.316474] kasan_report+0x102/0x140 [ 26.316772] ? kasan_atomics_helper+0xac8/0x5450 [ 26.317389] ? kasan_atomics_helper+0xac8/0x5450 [ 26.318001] kasan_check_range+0x10c/0x1c0 [ 26.318469] __kasan_check_write+0x18/0x20 [ 26.318958] kasan_atomics_helper+0xac8/0x5450 [ 26.319409] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.319934] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.320405] ? kasan_atomics+0x153/0x310 [ 26.320836] kasan_atomics+0x1dd/0x310 [ 26.321356] ? __pfx_kasan_atomics+0x10/0x10 [ 26.321774] ? __pfx_read_tsc+0x10/0x10 [ 26.322303] ? ktime_get_ts64+0x84/0x230 [ 26.322734] kunit_try_run_case+0x1b3/0x490 [ 26.323146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.323653] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.324137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.324591] ? __kthread_parkme+0x82/0x160 [ 26.325021] ? preempt_count_sub+0x50/0x80 [ 26.325424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.325952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.326661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.327260] kthread+0x257/0x310 [ 26.327705] ? __pfx_kthread+0x10/0x10 [ 26.328060] ret_from_fork+0x41/0x80 [ 26.328589] ? __pfx_kthread+0x10/0x10 [ 26.328975] ret_from_fork_asm+0x1a/0x30 [ 26.329420] </TASK> [ 26.329670] [ 26.329913] Allocated by task 273: [ 26.330299] kasan_save_stack+0x3d/0x60 [ 26.330712] kasan_save_track+0x18/0x40 [ 26.331187] kasan_save_alloc_info+0x3b/0x50 [ 26.331534] __kasan_kmalloc+0xb7/0xc0 [ 26.331811] __kmalloc_cache_noprof+0x184/0x410 [ 26.332227] kasan_atomics+0x96/0x310 [ 26.332679] kunit_try_run_case+0x1b3/0x490 [ 26.333860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.334805] kthread+0x257/0x310 [ 26.335618] ret_from_fork+0x41/0x80 [ 26.336111] ret_from_fork_asm+0x1a/0x30 [ 26.336565] [ 26.336745] The buggy address belongs to the object at ffff888102a32500 [ 26.336745] which belongs to the cache kmalloc-64 of size 64 [ 26.337811] The buggy address is located 0 bytes to the right of [ 26.337811] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.338843] [ 26.339047] The buggy address belongs to the physical page: [ 26.339441] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.340282] flags: 0x200000000000000(node=0|zone=2) [ 26.340715] page_type: f5(slab) [ 26.341121] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.341912] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.342581] page dumped because: kasan: bad access detected [ 26.343041] [ 26.343314] Memory state around the buggy address: [ 26.343804] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.344410] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.345175] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.345733] ^ [ 26.346243] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.346917] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.347522] ================================================================== [ 26.957026] ================================================================== [ 26.958115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 26.959396] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.960093] [ 26.960229] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.960946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.961239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.962215] Call Trace: [ 26.962731] <TASK> [ 26.963106] dump_stack_lvl+0x73/0xb0 [ 26.963622] print_report+0xd1/0x640 [ 26.964111] ? __virt_addr_valid+0x1db/0x2d0 [ 26.964725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.965086] kasan_report+0x102/0x140 [ 26.965657] ? kasan_atomics_helper+0x49ea/0x5450 [ 26.966369] ? kasan_atomics_helper+0x49ea/0x5450 [ 26.966860] __asan_report_load4_noabort+0x18/0x20 [ 26.967720] kasan_atomics_helper+0x49ea/0x5450 [ 26.968393] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.968949] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.969512] ? kasan_atomics+0x153/0x310 [ 26.970028] kasan_atomics+0x1dd/0x310 [ 26.970585] ? __pfx_kasan_atomics+0x10/0x10 [ 26.971009] ? __pfx_read_tsc+0x10/0x10 [ 26.971538] ? ktime_get_ts64+0x84/0x230 [ 26.972144] kunit_try_run_case+0x1b3/0x490 [ 26.972808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.973291] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.973807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.974361] ? __kthread_parkme+0x82/0x160 [ 26.974948] ? preempt_count_sub+0x50/0x80 [ 26.975386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.975878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.976597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.977170] kthread+0x257/0x310 [ 26.977587] ? __pfx_kthread+0x10/0x10 [ 26.978133] ret_from_fork+0x41/0x80 [ 26.978536] ? __pfx_kthread+0x10/0x10 [ 26.979065] ret_from_fork_asm+0x1a/0x30 [ 26.979613] </TASK> [ 26.979920] [ 26.980250] Allocated by task 273: [ 26.980671] kasan_save_stack+0x3d/0x60 [ 26.981172] kasan_save_track+0x18/0x40 [ 26.981747] kasan_save_alloc_info+0x3b/0x50 [ 26.982325] __kasan_kmalloc+0xb7/0xc0 [ 26.982825] __kmalloc_cache_noprof+0x184/0x410 [ 26.983237] kasan_atomics+0x96/0x310 [ 26.983790] kunit_try_run_case+0x1b3/0x490 [ 26.984267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.984826] kthread+0x257/0x310 [ 26.985402] ret_from_fork+0x41/0x80 [ 26.985776] ret_from_fork_asm+0x1a/0x30 [ 26.986230] [ 26.986538] The buggy address belongs to the object at ffff888102a32500 [ 26.986538] which belongs to the cache kmalloc-64 of size 64 [ 26.987520] The buggy address is located 0 bytes to the right of [ 26.987520] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.988529] [ 26.988769] The buggy address belongs to the physical page: [ 26.989422] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.990202] flags: 0x200000000000000(node=0|zone=2) [ 26.990718] page_type: f5(slab) [ 26.991226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.992023] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.992802] page dumped because: kasan: bad access detected [ 26.993362] [ 26.993617] Memory state around the buggy address: [ 26.994154] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.994813] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.995528] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.996380] ^ [ 26.996905] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.997575] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.998311] ================================================================== [ 27.796499] ================================================================== [ 27.797740] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 27.799006] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.799578] [ 27.799887] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.800730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.801188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.801882] Call Trace: [ 27.802274] <TASK> [ 27.802521] dump_stack_lvl+0x73/0xb0 [ 27.802964] print_report+0xd1/0x640 [ 27.803309] ? __virt_addr_valid+0x1db/0x2d0 [ 27.803649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.804105] kasan_report+0x102/0x140 [ 27.804580] ? kasan_atomics_helper+0x4f32/0x5450 [ 27.805222] ? kasan_atomics_helper+0x4f32/0x5450 [ 27.805818] __asan_report_load8_noabort+0x18/0x20 [ 27.806444] kasan_atomics_helper+0x4f32/0x5450 [ 27.806980] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.807559] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.807982] ? kasan_atomics+0x153/0x310 [ 27.808350] kasan_atomics+0x1dd/0x310 [ 27.808647] ? __pfx_kasan_atomics+0x10/0x10 [ 27.808962] ? __pfx_read_tsc+0x10/0x10 [ 27.809249] ? ktime_get_ts64+0x84/0x230 [ 27.809751] kunit_try_run_case+0x1b3/0x490 [ 27.810271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.810885] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.811520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.812125] ? __kthread_parkme+0x82/0x160 [ 27.812480] ? preempt_count_sub+0x50/0x80 [ 27.812783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.813163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.813785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.814535] kthread+0x257/0x310 [ 27.814966] ? __pfx_kthread+0x10/0x10 [ 27.815546] ret_from_fork+0x41/0x80 [ 27.816004] ? __pfx_kthread+0x10/0x10 [ 27.816372] ret_from_fork_asm+0x1a/0x30 [ 27.816852] </TASK> [ 27.817208] [ 27.817438] Allocated by task 273: [ 27.817782] kasan_save_stack+0x3d/0x60 [ 27.818186] kasan_save_track+0x18/0x40 [ 27.818585] kasan_save_alloc_info+0x3b/0x50 [ 27.818991] __kasan_kmalloc+0xb7/0xc0 [ 27.819490] __kmalloc_cache_noprof+0x184/0x410 [ 27.819899] kasan_atomics+0x96/0x310 [ 27.820306] kunit_try_run_case+0x1b3/0x490 [ 27.820722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.821263] kthread+0x257/0x310 [ 27.821697] ret_from_fork+0x41/0x80 [ 27.822038] ret_from_fork_asm+0x1a/0x30 [ 27.822422] [ 27.822581] The buggy address belongs to the object at ffff888102a32500 [ 27.822581] which belongs to the cache kmalloc-64 of size 64 [ 27.823629] The buggy address is located 0 bytes to the right of [ 27.823629] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.824358] [ 27.824622] The buggy address belongs to the physical page: [ 27.825307] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.826273] flags: 0x200000000000000(node=0|zone=2) [ 27.826620] page_type: f5(slab) [ 27.826866] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.827751] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.828625] page dumped because: kasan: bad access detected [ 27.829042] [ 27.829314] Memory state around the buggy address: [ 27.829765] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.830436] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.830945] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.831521] ^ [ 27.831831] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.832293] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.832831] ================================================================== [ 28.089373] ================================================================== [ 28.090248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 28.090779] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.091536] [ 28.091749] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.092554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.093046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.093744] Call Trace: [ 28.094118] <TASK> [ 28.094798] dump_stack_lvl+0x73/0xb0 [ 28.095378] print_report+0xd1/0x640 [ 28.095758] ? __virt_addr_valid+0x1db/0x2d0 [ 28.096114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.096495] kasan_report+0x102/0x140 [ 28.096961] ? kasan_atomics_helper+0x2007/0x5450 [ 28.097648] ? kasan_atomics_helper+0x2007/0x5450 [ 28.098246] kasan_check_range+0x10c/0x1c0 [ 28.098643] __kasan_check_write+0x18/0x20 [ 28.098936] kasan_atomics_helper+0x2007/0x5450 [ 28.099529] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.100145] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.100739] ? kasan_atomics+0x153/0x310 [ 28.101112] kasan_atomics+0x1dd/0x310 [ 28.101427] ? __pfx_kasan_atomics+0x10/0x10 [ 28.101974] ? __pfx_read_tsc+0x10/0x10 [ 28.102551] ? ktime_get_ts64+0x84/0x230 [ 28.103114] kunit_try_run_case+0x1b3/0x490 [ 28.103576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.104006] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.104525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.104929] ? __kthread_parkme+0x82/0x160 [ 28.105443] ? preempt_count_sub+0x50/0x80 [ 28.105929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.106324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.106778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.107488] kthread+0x257/0x310 [ 28.107937] ? __pfx_kthread+0x10/0x10 [ 28.108465] ret_from_fork+0x41/0x80 [ 28.108789] ? __pfx_kthread+0x10/0x10 [ 28.109266] ret_from_fork_asm+0x1a/0x30 [ 28.109692] </TASK> [ 28.109919] [ 28.110210] Allocated by task 273: [ 28.110477] kasan_save_stack+0x3d/0x60 [ 28.110904] kasan_save_track+0x18/0x40 [ 28.111385] kasan_save_alloc_info+0x3b/0x50 [ 28.111690] __kasan_kmalloc+0xb7/0xc0 [ 28.112200] __kmalloc_cache_noprof+0x184/0x410 [ 28.112735] kasan_atomics+0x96/0x310 [ 28.113223] kunit_try_run_case+0x1b3/0x490 [ 28.113543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.114254] kthread+0x257/0x310 [ 28.114588] ret_from_fork+0x41/0x80 [ 28.114874] ret_from_fork_asm+0x1a/0x30 [ 28.115355] [ 28.115612] The buggy address belongs to the object at ffff888102a32500 [ 28.115612] which belongs to the cache kmalloc-64 of size 64 [ 28.116386] The buggy address is located 0 bytes to the right of [ 28.116386] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.117717] [ 28.117985] The buggy address belongs to the physical page: [ 28.118523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.119297] flags: 0x200000000000000(node=0|zone=2) [ 28.119762] page_type: f5(slab) [ 28.120149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.120786] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.121507] page dumped because: kasan: bad access detected [ 28.122000] [ 28.122224] Memory state around the buggy address: [ 28.122651] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.123294] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.123877] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.124420] ^ [ 28.124726] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.125528] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.126061] ================================================================== [ 28.339619] ================================================================== [ 28.340476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 28.341704] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.342724] [ 28.343129] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.345325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.346012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.346897] Call Trace: [ 28.347224] <TASK> [ 28.347509] dump_stack_lvl+0x73/0xb0 [ 28.347976] print_report+0xd1/0x640 [ 28.348458] ? __virt_addr_valid+0x1db/0x2d0 [ 28.348991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.349457] kasan_report+0x102/0x140 [ 28.349918] ? kasan_atomics_helper+0x224d/0x5450 [ 28.350635] ? kasan_atomics_helper+0x224d/0x5450 [ 28.351190] kasan_check_range+0x10c/0x1c0 [ 28.351611] __kasan_check_write+0x18/0x20 [ 28.352261] kasan_atomics_helper+0x224d/0x5450 [ 28.352901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.353405] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.353840] ? kasan_atomics+0x153/0x310 [ 28.354245] kasan_atomics+0x1dd/0x310 [ 28.354705] ? __pfx_kasan_atomics+0x10/0x10 [ 28.355041] ? __pfx_read_tsc+0x10/0x10 [ 28.355370] ? ktime_get_ts64+0x84/0x230 [ 28.355891] kunit_try_run_case+0x1b3/0x490 [ 28.356304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.356886] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.357273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.357962] ? __kthread_parkme+0x82/0x160 [ 28.358660] ? preempt_count_sub+0x50/0x80 [ 28.359303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.359872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.360597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.361311] kthread+0x257/0x310 [ 28.361854] ? __pfx_kthread+0x10/0x10 [ 28.362397] ret_from_fork+0x41/0x80 [ 28.362689] ? __pfx_kthread+0x10/0x10 [ 28.363414] ret_from_fork_asm+0x1a/0x30 [ 28.363880] </TASK> [ 28.364327] [ 28.364570] Allocated by task 273: [ 28.364946] kasan_save_stack+0x3d/0x60 [ 28.365491] kasan_save_track+0x18/0x40 [ 28.366202] kasan_save_alloc_info+0x3b/0x50 [ 28.366650] __kasan_kmalloc+0xb7/0xc0 [ 28.367110] __kmalloc_cache_noprof+0x184/0x410 [ 28.367820] kasan_atomics+0x96/0x310 [ 28.368290] kunit_try_run_case+0x1b3/0x490 [ 28.368733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.369491] kthread+0x257/0x310 [ 28.369859] ret_from_fork+0x41/0x80 [ 28.370492] ret_from_fork_asm+0x1a/0x30 [ 28.370845] [ 28.371155] The buggy address belongs to the object at ffff888102a32500 [ 28.371155] which belongs to the cache kmalloc-64 of size 64 [ 28.372413] The buggy address is located 0 bytes to the right of [ 28.372413] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.373614] [ 28.373911] The buggy address belongs to the physical page: [ 28.374837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.375588] flags: 0x200000000000000(node=0|zone=2) [ 28.376031] page_type: f5(slab) [ 28.376496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.377277] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.377963] page dumped because: kasan: bad access detected [ 28.378571] [ 28.378797] Memory state around the buggy address: [ 28.379434] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.379998] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.380755] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.381355] ^ [ 28.381910] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.383134] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.383954] ================================================================== [ 25.978003] ================================================================== [ 25.978897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 25.979759] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.980981] [ 25.981229] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.982364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.982964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.984054] Call Trace: [ 25.984241] <TASK> [ 25.984433] dump_stack_lvl+0x73/0xb0 [ 25.984839] print_report+0xd1/0x640 [ 25.985447] ? __virt_addr_valid+0x1db/0x2d0 [ 25.985923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.986317] kasan_report+0x102/0x140 [ 25.987040] ? kasan_atomics_helper+0x5ff/0x5450 [ 25.987756] ? kasan_atomics_helper+0x5ff/0x5450 [ 25.988364] kasan_check_range+0x10c/0x1c0 [ 25.988936] __kasan_check_write+0x18/0x20 [ 25.989526] kasan_atomics_helper+0x5ff/0x5450 [ 25.989946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.990593] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.991030] ? kasan_atomics+0x153/0x310 [ 25.991779] kasan_atomics+0x1dd/0x310 [ 25.992627] ? __pfx_kasan_atomics+0x10/0x10 [ 25.993033] ? __pfx_read_tsc+0x10/0x10 [ 25.993669] ? ktime_get_ts64+0x84/0x230 [ 25.994093] kunit_try_run_case+0x1b3/0x490 [ 25.994508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.994927] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.995452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.995927] ? __kthread_parkme+0x82/0x160 [ 25.996425] ? preempt_count_sub+0x50/0x80 [ 25.996940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.997584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.998293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.998848] kthread+0x257/0x310 [ 25.999294] ? __pfx_kthread+0x10/0x10 [ 25.999694] ret_from_fork+0x41/0x80 [ 26.000250] ? __pfx_kthread+0x10/0x10 [ 26.000629] ret_from_fork_asm+0x1a/0x30 [ 26.001178] </TASK> [ 26.001525] [ 26.001801] Allocated by task 273: [ 26.002359] kasan_save_stack+0x3d/0x60 [ 26.002773] kasan_save_track+0x18/0x40 [ 26.003287] kasan_save_alloc_info+0x3b/0x50 [ 26.003724] __kasan_kmalloc+0xb7/0xc0 [ 26.003991] __kmalloc_cache_noprof+0x184/0x410 [ 26.004647] kasan_atomics+0x96/0x310 [ 26.005209] kunit_try_run_case+0x1b3/0x490 [ 26.005555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.006249] kthread+0x257/0x310 [ 26.006699] ret_from_fork+0x41/0x80 [ 26.007182] ret_from_fork_asm+0x1a/0x30 [ 26.007622] [ 26.007917] The buggy address belongs to the object at ffff888102a32500 [ 26.007917] which belongs to the cache kmalloc-64 of size 64 [ 26.008872] The buggy address is located 0 bytes to the right of [ 26.008872] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.009993] [ 26.010264] The buggy address belongs to the physical page: [ 26.010858] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.011550] flags: 0x200000000000000(node=0|zone=2) [ 26.012124] page_type: f5(slab) [ 26.012621] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.013361] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.013996] page dumped because: kasan: bad access detected [ 26.014641] [ 26.014868] Memory state around the buggy address: [ 26.015472] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.016123] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.016926] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.017596] ^ [ 26.018118] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.018796] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.019441] ================================================================== [ 28.127260] ================================================================== [ 28.128382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 28.130238] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.131642] [ 28.131828] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.132814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.133497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.134256] Call Trace: [ 28.134505] <TASK> [ 28.134808] dump_stack_lvl+0x73/0xb0 [ 28.135208] print_report+0xd1/0x640 [ 28.135698] ? __virt_addr_valid+0x1db/0x2d0 [ 28.136409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.137195] kasan_report+0x102/0x140 [ 28.137759] ? kasan_atomics_helper+0x4f9a/0x5450 [ 28.138584] ? kasan_atomics_helper+0x4f9a/0x5450 [ 28.139164] __asan_report_load8_noabort+0x18/0x20 [ 28.139743] kasan_atomics_helper+0x4f9a/0x5450 [ 28.140387] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.140976] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.141689] ? kasan_atomics+0x153/0x310 [ 28.142287] kasan_atomics+0x1dd/0x310 [ 28.142764] ? __pfx_kasan_atomics+0x10/0x10 [ 28.143374] ? __pfx_read_tsc+0x10/0x10 [ 28.143881] ? ktime_get_ts64+0x84/0x230 [ 28.144478] kunit_try_run_case+0x1b3/0x490 [ 28.145015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.145740] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.146401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.146984] ? __kthread_parkme+0x82/0x160 [ 28.147598] ? preempt_count_sub+0x50/0x80 [ 28.148170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.148665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.149418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.150025] kthread+0x257/0x310 [ 28.150636] ? __pfx_kthread+0x10/0x10 [ 28.151033] ret_from_fork+0x41/0x80 [ 28.151532] ? __pfx_kthread+0x10/0x10 [ 28.151979] ret_from_fork_asm+0x1a/0x30 [ 28.152437] </TASK> [ 28.152628] [ 28.152870] Allocated by task 273: [ 28.153885] kasan_save_stack+0x3d/0x60 [ 28.154780] kasan_save_track+0x18/0x40 [ 28.155175] kasan_save_alloc_info+0x3b/0x50 [ 28.155482] __kasan_kmalloc+0xb7/0xc0 [ 28.155953] __kmalloc_cache_noprof+0x184/0x410 [ 28.156598] kasan_atomics+0x96/0x310 [ 28.157256] kunit_try_run_case+0x1b3/0x490 [ 28.157692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.158996] kthread+0x257/0x310 [ 28.159591] ret_from_fork+0x41/0x80 [ 28.159899] ret_from_fork_asm+0x1a/0x30 [ 28.160356] [ 28.160940] The buggy address belongs to the object at ffff888102a32500 [ 28.160940] which belongs to the cache kmalloc-64 of size 64 [ 28.162053] The buggy address is located 0 bytes to the right of [ 28.162053] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.163614] [ 28.164043] The buggy address belongs to the physical page: [ 28.165066] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.165899] flags: 0x200000000000000(node=0|zone=2) [ 28.166894] page_type: f5(slab) [ 28.167775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.168711] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.169300] page dumped because: kasan: bad access detected [ 28.169799] [ 28.169991] Memory state around the buggy address: [ 28.170575] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.171707] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.172495] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.173190] ^ [ 28.173491] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.174312] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.175052] ================================================================== [ 27.132030] ================================================================== [ 27.132764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 27.133744] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.134940] [ 27.135278] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.136427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.136894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.137879] Call Trace: [ 27.138285] <TASK> [ 27.138727] dump_stack_lvl+0x73/0xb0 [ 27.139295] print_report+0xd1/0x640 [ 27.139789] ? __virt_addr_valid+0x1db/0x2d0 [ 27.140269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.140805] kasan_report+0x102/0x140 [ 27.141188] ? kasan_atomics_helper+0x4eb0/0x5450 [ 27.141763] ? kasan_atomics_helper+0x4eb0/0x5450 [ 27.142148] __asan_report_load8_noabort+0x18/0x20 [ 27.142653] kasan_atomics_helper+0x4eb0/0x5450 [ 27.143487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.144250] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.144888] ? kasan_atomics+0x153/0x310 [ 27.145485] kasan_atomics+0x1dd/0x310 [ 27.146155] ? __pfx_kasan_atomics+0x10/0x10 [ 27.146691] ? __pfx_read_tsc+0x10/0x10 [ 27.147110] ? ktime_get_ts64+0x84/0x230 [ 27.147630] kunit_try_run_case+0x1b3/0x490 [ 27.148189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.148686] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.149176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.149766] ? __kthread_parkme+0x82/0x160 [ 27.150301] ? preempt_count_sub+0x50/0x80 [ 27.150797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.151498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.152639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.153112] kthread+0x257/0x310 [ 27.153705] ? __pfx_kthread+0x10/0x10 [ 27.154222] ret_from_fork+0x41/0x80 [ 27.154577] ? __pfx_kthread+0x10/0x10 [ 27.155114] ret_from_fork_asm+0x1a/0x30 [ 27.155509] </TASK> [ 27.155879] [ 27.156177] Allocated by task 273: [ 27.156474] kasan_save_stack+0x3d/0x60 [ 27.156968] kasan_save_track+0x18/0x40 [ 27.157386] kasan_save_alloc_info+0x3b/0x50 [ 27.157927] __kasan_kmalloc+0xb7/0xc0 [ 27.158489] __kmalloc_cache_noprof+0x184/0x410 [ 27.159869] kasan_atomics+0x96/0x310 [ 27.160273] kunit_try_run_case+0x1b3/0x490 [ 27.160925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.161443] kthread+0x257/0x310 [ 27.162034] ret_from_fork+0x41/0x80 [ 27.162534] ret_from_fork_asm+0x1a/0x30 [ 27.163110] [ 27.163350] The buggy address belongs to the object at ffff888102a32500 [ 27.163350] which belongs to the cache kmalloc-64 of size 64 [ 27.164671] The buggy address is located 0 bytes to the right of [ 27.164671] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.166003] [ 27.166247] The buggy address belongs to the physical page: [ 27.167507] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.168219] flags: 0x200000000000000(node=0|zone=2) [ 27.168799] page_type: f5(slab) [ 27.169375] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.170014] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.170659] page dumped because: kasan: bad access detected [ 27.171105] [ 27.171398] Memory state around the buggy address: [ 27.171862] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.172623] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.173666] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.174418] ^ [ 27.174916] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.175572] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.176747] ================================================================== [ 26.476794] ================================================================== [ 26.477483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 26.478393] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.478971] [ 26.479378] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.480327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.480622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.481618] Call Trace: [ 26.481885] <TASK> [ 26.482307] dump_stack_lvl+0x73/0xb0 [ 26.482704] print_report+0xd1/0x640 [ 26.483262] ? __virt_addr_valid+0x1db/0x2d0 [ 26.483870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.484526] kasan_report+0x102/0x140 [ 26.484926] ? kasan_atomics_helper+0xd48/0x5450 [ 26.485579] ? kasan_atomics_helper+0xd48/0x5450 [ 26.486046] kasan_check_range+0x10c/0x1c0 [ 26.486607] __kasan_check_write+0x18/0x20 [ 26.487266] kasan_atomics_helper+0xd48/0x5450 [ 26.487711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.488423] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.488911] ? kasan_atomics+0x153/0x310 [ 26.489522] kasan_atomics+0x1dd/0x310 [ 26.490036] ? __pfx_kasan_atomics+0x10/0x10 [ 26.490666] ? __pfx_read_tsc+0x10/0x10 [ 26.491167] ? ktime_get_ts64+0x84/0x230 [ 26.491754] kunit_try_run_case+0x1b3/0x490 [ 26.492224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.492734] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.493443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.494046] ? __kthread_parkme+0x82/0x160 [ 26.494549] ? preempt_count_sub+0x50/0x80 [ 26.495138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.495662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.496413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.497028] kthread+0x257/0x310 [ 26.497390] ? __pfx_kthread+0x10/0x10 [ 26.497848] ret_from_fork+0x41/0x80 [ 26.498308] ? __pfx_kthread+0x10/0x10 [ 26.498791] ret_from_fork_asm+0x1a/0x30 [ 26.499295] </TASK> [ 26.499628] [ 26.499881] Allocated by task 273: [ 26.500387] kasan_save_stack+0x3d/0x60 [ 26.500719] kasan_save_track+0x18/0x40 [ 26.501236] kasan_save_alloc_info+0x3b/0x50 [ 26.501716] __kasan_kmalloc+0xb7/0xc0 [ 26.502369] __kmalloc_cache_noprof+0x184/0x410 [ 26.502785] kasan_atomics+0x96/0x310 [ 26.503063] kunit_try_run_case+0x1b3/0x490 [ 26.503600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.504108] kthread+0x257/0x310 [ 26.504452] ret_from_fork+0x41/0x80 [ 26.504922] ret_from_fork_asm+0x1a/0x30 [ 26.505450] [ 26.505629] The buggy address belongs to the object at ffff888102a32500 [ 26.505629] which belongs to the cache kmalloc-64 of size 64 [ 26.506985] The buggy address is located 0 bytes to the right of [ 26.506985] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.508951] [ 26.509282] The buggy address belongs to the physical page: [ 26.509786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.510575] flags: 0x200000000000000(node=0|zone=2) [ 26.511170] page_type: f5(slab) [ 26.511651] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.512373] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.513121] page dumped because: kasan: bad access detected [ 26.513650] [ 26.513875] Memory state around the buggy address: [ 26.514385] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.515147] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.515812] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.516517] ^ [ 26.516991] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.517755] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.518492] ================================================================== [ 27.364565] ================================================================== [ 27.365468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 27.365801] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.366105] [ 27.366834] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.368429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.368849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.369604] Call Trace: [ 27.369885] <TASK> [ 27.370111] dump_stack_lvl+0x73/0xb0 [ 27.371051] print_report+0xd1/0x640 [ 27.371637] ? __virt_addr_valid+0x1db/0x2d0 [ 27.371971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.372538] kasan_report+0x102/0x140 [ 27.372854] ? kasan_atomics_helper+0x1650/0x5450 [ 27.373283] ? kasan_atomics_helper+0x1650/0x5450 [ 27.373908] kasan_check_range+0x10c/0x1c0 [ 27.374366] __kasan_check_write+0x18/0x20 [ 27.374746] kasan_atomics_helper+0x1650/0x5450 [ 27.375230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.375692] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.376265] ? kasan_atomics+0x153/0x310 [ 27.376612] kasan_atomics+0x1dd/0x310 [ 27.377133] ? __pfx_kasan_atomics+0x10/0x10 [ 27.377665] ? __pfx_read_tsc+0x10/0x10 [ 27.378026] ? ktime_get_ts64+0x84/0x230 [ 27.378486] kunit_try_run_case+0x1b3/0x490 [ 27.378829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.379309] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.379893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.380525] ? __kthread_parkme+0x82/0x160 [ 27.380988] ? preempt_count_sub+0x50/0x80 [ 27.381478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.381944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.382596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.383148] kthread+0x257/0x310 [ 27.383581] ? __pfx_kthread+0x10/0x10 [ 27.383906] ret_from_fork+0x41/0x80 [ 27.384446] ? __pfx_kthread+0x10/0x10 [ 27.384821] ret_from_fork_asm+0x1a/0x30 [ 27.385424] </TASK> [ 27.385701] [ 27.385922] Allocated by task 273: [ 27.386329] kasan_save_stack+0x3d/0x60 [ 27.386660] kasan_save_track+0x18/0x40 [ 27.387212] kasan_save_alloc_info+0x3b/0x50 [ 27.387786] __kasan_kmalloc+0xb7/0xc0 [ 27.388991] __kmalloc_cache_noprof+0x184/0x410 [ 27.389907] kasan_atomics+0x96/0x310 [ 27.390427] kunit_try_run_case+0x1b3/0x490 [ 27.391098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.391852] kthread+0x257/0x310 [ 27.392677] ret_from_fork+0x41/0x80 [ 27.393123] ret_from_fork_asm+0x1a/0x30 [ 27.393461] [ 27.393961] The buggy address belongs to the object at ffff888102a32500 [ 27.393961] which belongs to the cache kmalloc-64 of size 64 [ 27.395497] The buggy address is located 0 bytes to the right of [ 27.395497] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.396918] [ 27.397089] The buggy address belongs to the physical page: [ 27.398128] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.398968] flags: 0x200000000000000(node=0|zone=2) [ 27.399601] page_type: f5(slab) [ 27.400025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.400959] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.401620] page dumped because: kasan: bad access detected [ 27.402490] [ 27.402662] Memory state around the buggy address: [ 27.403537] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.404201] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.404874] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.405701] ^ [ 27.406375] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.407166] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.408106] ================================================================== [ 27.758776] ================================================================== [ 27.759380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 27.759956] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.760807] [ 27.761124] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.761957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.762501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.763169] Call Trace: [ 27.763509] <TASK> [ 27.763849] dump_stack_lvl+0x73/0xb0 [ 27.764356] print_report+0xd1/0x640 [ 27.764713] ? __virt_addr_valid+0x1db/0x2d0 [ 27.765247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.765660] kasan_report+0x102/0x140 [ 27.765946] ? kasan_atomics_helper+0x1c19/0x5450 [ 27.766607] ? kasan_atomics_helper+0x1c19/0x5450 [ 27.767134] kasan_check_range+0x10c/0x1c0 [ 27.767545] __kasan_check_write+0x18/0x20 [ 27.768039] kasan_atomics_helper+0x1c19/0x5450 [ 27.768502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.768963] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.769505] ? kasan_atomics+0x153/0x310 [ 27.769982] kasan_atomics+0x1dd/0x310 [ 27.770403] ? __pfx_kasan_atomics+0x10/0x10 [ 27.770808] ? __pfx_read_tsc+0x10/0x10 [ 27.771271] ? ktime_get_ts64+0x84/0x230 [ 27.771743] kunit_try_run_case+0x1b3/0x490 [ 27.772058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.772685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.773284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.773737] ? __kthread_parkme+0x82/0x160 [ 27.774252] ? preempt_count_sub+0x50/0x80 [ 27.774576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.774907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.775372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.776042] kthread+0x257/0x310 [ 27.776571] ? __pfx_kthread+0x10/0x10 [ 27.777123] ret_from_fork+0x41/0x80 [ 27.777595] ? __pfx_kthread+0x10/0x10 [ 27.777880] ret_from_fork_asm+0x1a/0x30 [ 27.778434] </TASK> [ 27.778717] [ 27.778943] Allocated by task 273: [ 27.779434] kasan_save_stack+0x3d/0x60 [ 27.779860] kasan_save_track+0x18/0x40 [ 27.780360] kasan_save_alloc_info+0x3b/0x50 [ 27.780765] __kasan_kmalloc+0xb7/0xc0 [ 27.781182] __kmalloc_cache_noprof+0x184/0x410 [ 27.781713] kasan_atomics+0x96/0x310 [ 27.781990] kunit_try_run_case+0x1b3/0x490 [ 27.782353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.782964] kthread+0x257/0x310 [ 27.783475] ret_from_fork+0x41/0x80 [ 27.783921] ret_from_fork_asm+0x1a/0x30 [ 27.784465] [ 27.784647] The buggy address belongs to the object at ffff888102a32500 [ 27.784647] which belongs to the cache kmalloc-64 of size 64 [ 27.785658] The buggy address is located 0 bytes to the right of [ 27.785658] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.786790] [ 27.787053] The buggy address belongs to the physical page: [ 27.787546] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.788153] flags: 0x200000000000000(node=0|zone=2) [ 27.788635] page_type: f5(slab) [ 27.789130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.789835] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.790317] page dumped because: kasan: bad access detected [ 27.790919] [ 27.791197] Memory state around the buggy address: [ 27.791772] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.792491] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.793192] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.793853] ^ [ 27.794275] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.795027] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.795618] ================================================================== [ 28.218765] ================================================================== [ 28.219468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 28.220320] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.221138] [ 28.221427] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.222323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.222827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.223646] Call Trace: [ 28.223999] <TASK> [ 28.224390] dump_stack_lvl+0x73/0xb0 [ 28.224853] print_report+0xd1/0x640 [ 28.225409] ? __virt_addr_valid+0x1db/0x2d0 [ 28.226456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.227036] kasan_report+0x102/0x140 [ 28.227980] ? kasan_atomics_helper+0x4fb4/0x5450 [ 28.229260] ? kasan_atomics_helper+0x4fb4/0x5450 [ 28.229842] __asan_report_load8_noabort+0x18/0x20 [ 28.230626] kasan_atomics_helper+0x4fb4/0x5450 [ 28.231086] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.231579] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.232138] ? kasan_atomics+0x153/0x310 [ 28.232915] kasan_atomics+0x1dd/0x310 [ 28.233470] ? __pfx_kasan_atomics+0x10/0x10 [ 28.233918] ? __pfx_read_tsc+0x10/0x10 [ 28.234758] ? ktime_get_ts64+0x84/0x230 [ 28.235490] kunit_try_run_case+0x1b3/0x490 [ 28.236142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.236648] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.237120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.238011] ? __kthread_parkme+0x82/0x160 [ 28.238662] ? preempt_count_sub+0x50/0x80 [ 28.238988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.239861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.240782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.241375] kthread+0x257/0x310 [ 28.241668] ? __pfx_kthread+0x10/0x10 [ 28.242124] ret_from_fork+0x41/0x80 [ 28.242533] ? __pfx_kthread+0x10/0x10 [ 28.242971] ret_from_fork_asm+0x1a/0x30 [ 28.243354] </TASK> [ 28.243608] [ 28.243764] Allocated by task 273: [ 28.244128] kasan_save_stack+0x3d/0x60 [ 28.244726] kasan_save_track+0x18/0x40 [ 28.245003] kasan_save_alloc_info+0x3b/0x50 [ 28.246235] __kasan_kmalloc+0xb7/0xc0 [ 28.246975] __kmalloc_cache_noprof+0x184/0x410 [ 28.247457] kasan_atomics+0x96/0x310 [ 28.247643] kunit_try_run_case+0x1b3/0x490 [ 28.247833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.248055] kthread+0x257/0x310 [ 28.248751] ret_from_fork+0x41/0x80 [ 28.249472] ret_from_fork_asm+0x1a/0x30 [ 28.250421] [ 28.250795] The buggy address belongs to the object at ffff888102a32500 [ 28.250795] which belongs to the cache kmalloc-64 of size 64 [ 28.251740] The buggy address is located 0 bytes to the right of [ 28.251740] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.252754] [ 28.252965] The buggy address belongs to the physical page: [ 28.253467] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.254316] flags: 0x200000000000000(node=0|zone=2) [ 28.254709] page_type: f5(slab) [ 28.255145] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.255826] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.256578] page dumped because: kasan: bad access detected [ 28.257283] [ 28.257524] Memory state around the buggy address: [ 28.257920] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.258563] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.259124] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.259804] ^ [ 28.260287] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.260908] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.261538] ================================================================== [ 28.302502] ================================================================== [ 28.303026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 28.303870] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.304431] [ 28.304699] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.305536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.305818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.306567] Call Trace: [ 28.306932] <TASK> [ 28.307321] dump_stack_lvl+0x73/0xb0 [ 28.307828] print_report+0xd1/0x640 [ 28.308224] ? __virt_addr_valid+0x1db/0x2d0 [ 28.308772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.309281] kasan_report+0x102/0x140 [ 28.309710] ? kasan_atomics_helper+0x4fa7/0x5450 [ 28.310186] ? kasan_atomics_helper+0x4fa7/0x5450 [ 28.310732] __asan_report_load8_noabort+0x18/0x20 [ 28.311207] kasan_atomics_helper+0x4fa7/0x5450 [ 28.311577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.312152] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.312531] ? kasan_atomics+0x153/0x310 [ 28.312844] kasan_atomics+0x1dd/0x310 [ 28.313317] ? __pfx_kasan_atomics+0x10/0x10 [ 28.313916] ? __pfx_read_tsc+0x10/0x10 [ 28.314506] ? ktime_get_ts64+0x84/0x230 [ 28.314931] kunit_try_run_case+0x1b3/0x490 [ 28.315402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.315952] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.316436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.316861] ? __kthread_parkme+0x82/0x160 [ 28.317361] ? preempt_count_sub+0x50/0x80 [ 28.317797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.318275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.318880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.319366] kthread+0x257/0x310 [ 28.319804] ? __pfx_kthread+0x10/0x10 [ 28.320284] ret_from_fork+0x41/0x80 [ 28.320635] ? __pfx_kthread+0x10/0x10 [ 28.320987] ret_from_fork_asm+0x1a/0x30 [ 28.321465] </TASK> [ 28.321741] [ 28.321972] Allocated by task 273: [ 28.322359] kasan_save_stack+0x3d/0x60 [ 28.322833] kasan_save_track+0x18/0x40 [ 28.323221] kasan_save_alloc_info+0x3b/0x50 [ 28.323744] __kasan_kmalloc+0xb7/0xc0 [ 28.324176] __kmalloc_cache_noprof+0x184/0x410 [ 28.324669] kasan_atomics+0x96/0x310 [ 28.324945] kunit_try_run_case+0x1b3/0x490 [ 28.325287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.325975] kthread+0x257/0x310 [ 28.326496] ret_from_fork+0x41/0x80 [ 28.326944] ret_from_fork_asm+0x1a/0x30 [ 28.327286] [ 28.327475] The buggy address belongs to the object at ffff888102a32500 [ 28.327475] which belongs to the cache kmalloc-64 of size 64 [ 28.328773] The buggy address is located 0 bytes to the right of [ 28.328773] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.329883] [ 28.330143] The buggy address belongs to the physical page: [ 28.330709] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.331212] flags: 0x200000000000000(node=0|zone=2) [ 28.331764] page_type: f5(slab) [ 28.332254] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.332843] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.333568] page dumped because: kasan: bad access detected [ 28.334013] [ 28.334248] Memory state around the buggy address: [ 28.334717] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.335378] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.335789] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.336431] ^ [ 28.336994] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.337699] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.338309] ================================================================== [ 27.178123] ================================================================== [ 27.179220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 27.180622] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.182219] [ 27.182604] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.183770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.184395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.185330] Call Trace: [ 27.185652] <TASK> [ 27.185917] dump_stack_lvl+0x73/0xb0 [ 27.186370] print_report+0xd1/0x640 [ 27.186664] ? __virt_addr_valid+0x1db/0x2d0 [ 27.187506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.188088] kasan_report+0x102/0x140 [ 27.188809] ? kasan_atomics_helper+0x1468/0x5450 [ 27.189270] ? kasan_atomics_helper+0x1468/0x5450 [ 27.190308] kasan_check_range+0x10c/0x1c0 [ 27.190992] __kasan_check_write+0x18/0x20 [ 27.191519] kasan_atomics_helper+0x1468/0x5450 [ 27.191959] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.193062] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.193515] ? kasan_atomics+0x153/0x310 [ 27.194183] kasan_atomics+0x1dd/0x310 [ 27.194625] ? __pfx_kasan_atomics+0x10/0x10 [ 27.195354] ? __pfx_read_tsc+0x10/0x10 [ 27.195950] ? ktime_get_ts64+0x84/0x230 [ 27.196708] kunit_try_run_case+0x1b3/0x490 [ 27.197115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.198172] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.198995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.199634] ? __kthread_parkme+0x82/0x160 [ 27.200185] ? preempt_count_sub+0x50/0x80 [ 27.200838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.201296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.201861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.202516] kthread+0x257/0x310 [ 27.203279] ? __pfx_kthread+0x10/0x10 [ 27.203906] ret_from_fork+0x41/0x80 [ 27.204456] ? __pfx_kthread+0x10/0x10 [ 27.205011] ret_from_fork_asm+0x1a/0x30 [ 27.205578] </TASK> [ 27.205886] [ 27.206239] Allocated by task 273: [ 27.206747] kasan_save_stack+0x3d/0x60 [ 27.207317] kasan_save_track+0x18/0x40 [ 27.207732] kasan_save_alloc_info+0x3b/0x50 [ 27.208277] __kasan_kmalloc+0xb7/0xc0 [ 27.208663] __kmalloc_cache_noprof+0x184/0x410 [ 27.209319] kasan_atomics+0x96/0x310 [ 27.209785] kunit_try_run_case+0x1b3/0x490 [ 27.210420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.210839] kthread+0x257/0x310 [ 27.211474] ret_from_fork+0x41/0x80 [ 27.211799] ret_from_fork_asm+0x1a/0x30 [ 27.212451] [ 27.212672] The buggy address belongs to the object at ffff888102a32500 [ 27.212672] which belongs to the cache kmalloc-64 of size 64 [ 27.213877] The buggy address is located 0 bytes to the right of [ 27.213877] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.215063] [ 27.215480] The buggy address belongs to the physical page: [ 27.215884] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.216934] flags: 0x200000000000000(node=0|zone=2) [ 27.217548] page_type: f5(slab) [ 27.217936] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.218725] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.219501] page dumped because: kasan: bad access detected [ 27.220056] [ 27.220279] Memory state around the buggy address: [ 27.220821] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.221632] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.222312] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.222923] ^ [ 27.223473] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.224209] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.224817] ================================================================== [ 26.519839] ================================================================== [ 26.520597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 26.521371] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.521992] [ 26.522393] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.523379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.523854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.524691] Call Trace: [ 26.525063] <TASK> [ 26.525404] dump_stack_lvl+0x73/0xb0 [ 26.525875] print_report+0xd1/0x640 [ 26.526491] ? __virt_addr_valid+0x1db/0x2d0 [ 26.526959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.527522] kasan_report+0x102/0x140 [ 26.527982] ? kasan_atomics_helper+0xde1/0x5450 [ 26.528514] ? kasan_atomics_helper+0xde1/0x5450 [ 26.529037] kasan_check_range+0x10c/0x1c0 [ 26.529534] __kasan_check_write+0x18/0x20 [ 26.530037] kasan_atomics_helper+0xde1/0x5450 [ 26.530600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.531287] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.531757] ? kasan_atomics+0x153/0x310 [ 26.532297] kasan_atomics+0x1dd/0x310 [ 26.532817] ? __pfx_kasan_atomics+0x10/0x10 [ 26.533235] ? __pfx_read_tsc+0x10/0x10 [ 26.533774] ? ktime_get_ts64+0x84/0x230 [ 26.534275] kunit_try_run_case+0x1b3/0x490 [ 26.534724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.535273] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.535723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.536305] ? __kthread_parkme+0x82/0x160 [ 26.536801] ? preempt_count_sub+0x50/0x80 [ 26.537286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.537856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.538577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.539156] kthread+0x257/0x310 [ 26.539614] ? __pfx_kthread+0x10/0x10 [ 26.539972] ret_from_fork+0x41/0x80 [ 26.540482] ? __pfx_kthread+0x10/0x10 [ 26.540919] ret_from_fork_asm+0x1a/0x30 [ 26.541465] </TASK> [ 26.541862] [ 26.542135] Allocated by task 273: [ 26.542523] kasan_save_stack+0x3d/0x60 [ 26.543037] kasan_save_track+0x18/0x40 [ 26.543548] kasan_save_alloc_info+0x3b/0x50 [ 26.544018] __kasan_kmalloc+0xb7/0xc0 [ 26.544517] __kmalloc_cache_noprof+0x184/0x410 [ 26.545144] kasan_atomics+0x96/0x310 [ 26.545475] kunit_try_run_case+0x1b3/0x490 [ 26.545974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.546703] kthread+0x257/0x310 [ 26.547149] ret_from_fork+0x41/0x80 [ 26.547648] ret_from_fork_asm+0x1a/0x30 [ 26.548146] [ 26.548393] The buggy address belongs to the object at ffff888102a32500 [ 26.548393] which belongs to the cache kmalloc-64 of size 64 [ 26.549574] The buggy address is located 0 bytes to the right of [ 26.549574] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.550642] [ 26.550947] The buggy address belongs to the physical page: [ 26.551481] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.552228] flags: 0x200000000000000(node=0|zone=2) [ 26.552846] page_type: f5(slab) [ 26.553233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.554029] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.554673] page dumped because: kasan: bad access detected [ 26.555263] [ 26.555422] Memory state around the buggy address: [ 26.555938] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.556636] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.557354] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.558200] ^ [ 26.558796] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.559451] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.560142] ================================================================== [ 26.107379] ================================================================== [ 26.107888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 26.108609] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.109411] [ 26.109702] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.110539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.111127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.111866] Call Trace: [ 26.112188] <TASK> [ 26.112412] dump_stack_lvl+0x73/0xb0 [ 26.112907] print_report+0xd1/0x640 [ 26.113457] ? __virt_addr_valid+0x1db/0x2d0 [ 26.113916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.114793] kasan_report+0x102/0x140 [ 26.115184] ? kasan_atomics_helper+0x7c8/0x5450 [ 26.116015] ? kasan_atomics_helper+0x7c8/0x5450 [ 26.116644] kasan_check_range+0x10c/0x1c0 [ 26.117026] __kasan_check_write+0x18/0x20 [ 26.117466] kasan_atomics_helper+0x7c8/0x5450 [ 26.117915] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.118301] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.118761] ? kasan_atomics+0x153/0x310 [ 26.119320] kasan_atomics+0x1dd/0x310 [ 26.119805] ? __pfx_kasan_atomics+0x10/0x10 [ 26.120369] ? __pfx_read_tsc+0x10/0x10 [ 26.120676] ? ktime_get_ts64+0x84/0x230 [ 26.121149] kunit_try_run_case+0x1b3/0x490 [ 26.121602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.122209] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.122593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.123217] ? __kthread_parkme+0x82/0x160 [ 26.123668] ? preempt_count_sub+0x50/0x80 [ 26.123976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.124581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.125262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.125962] kthread+0x257/0x310 [ 26.126403] ? __pfx_kthread+0x10/0x10 [ 26.126859] ret_from_fork+0x41/0x80 [ 26.127283] ? __pfx_kthread+0x10/0x10 [ 26.127720] ret_from_fork_asm+0x1a/0x30 [ 26.128036] </TASK> [ 26.128427] [ 26.128657] Allocated by task 273: [ 26.129131] kasan_save_stack+0x3d/0x60 [ 26.129640] kasan_save_track+0x18/0x40 [ 26.129969] kasan_save_alloc_info+0x3b/0x50 [ 26.130455] __kasan_kmalloc+0xb7/0xc0 [ 26.130772] __kmalloc_cache_noprof+0x184/0x410 [ 26.131382] kasan_atomics+0x96/0x310 [ 26.131726] kunit_try_run_case+0x1b3/0x490 [ 26.132213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.132585] kthread+0x257/0x310 [ 26.133003] ret_from_fork+0x41/0x80 [ 26.133539] ret_from_fork_asm+0x1a/0x30 [ 26.134060] [ 26.134362] The buggy address belongs to the object at ffff888102a32500 [ 26.134362] which belongs to the cache kmalloc-64 of size 64 [ 26.135221] The buggy address is located 0 bytes to the right of [ 26.135221] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.136272] [ 26.136528] The buggy address belongs to the physical page: [ 26.137145] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.137955] flags: 0x200000000000000(node=0|zone=2) [ 26.138564] page_type: f5(slab) [ 26.138904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.139617] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.140225] page dumped because: kasan: bad access detected [ 26.140836] [ 26.141138] Memory state around the buggy address: [ 26.141663] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.142234] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.142926] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.143471] ^ [ 26.143786] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.144245] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.145010] ================================================================== [ 26.643729] ================================================================== [ 26.644905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 26.645806] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.646903] [ 26.647157] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.648427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.648823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.649818] Call Trace: [ 26.650245] <TASK> [ 26.650485] dump_stack_lvl+0x73/0xb0 [ 26.651015] print_report+0xd1/0x640 [ 26.651557] ? __virt_addr_valid+0x1db/0x2d0 [ 26.652031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.652872] kasan_report+0x102/0x140 [ 26.653474] ? kasan_atomics_helper+0xfaa/0x5450 [ 26.654153] ? kasan_atomics_helper+0xfaa/0x5450 [ 26.654730] kasan_check_range+0x10c/0x1c0 [ 26.655130] __kasan_check_write+0x18/0x20 [ 26.655569] kasan_atomics_helper+0xfaa/0x5450 [ 26.656206] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.656668] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.657135] ? kasan_atomics+0x153/0x310 [ 26.657687] kasan_atomics+0x1dd/0x310 [ 26.658238] ? __pfx_kasan_atomics+0x10/0x10 [ 26.658728] ? __pfx_read_tsc+0x10/0x10 [ 26.659725] ? ktime_get_ts64+0x84/0x230 [ 26.660170] kunit_try_run_case+0x1b3/0x490 [ 26.660614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.661026] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.661968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.662458] ? __kthread_parkme+0x82/0x160 [ 26.662867] ? preempt_count_sub+0x50/0x80 [ 26.663292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.663813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.664281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.664916] kthread+0x257/0x310 [ 26.665274] ? __pfx_kthread+0x10/0x10 [ 26.665610] ret_from_fork+0x41/0x80 [ 26.666073] ? __pfx_kthread+0x10/0x10 [ 26.666955] ret_from_fork_asm+0x1a/0x30 [ 26.667617] </TASK> [ 26.667918] [ 26.668124] Allocated by task 273: [ 26.668479] kasan_save_stack+0x3d/0x60 [ 26.669178] kasan_save_track+0x18/0x40 [ 26.669983] kasan_save_alloc_info+0x3b/0x50 [ 26.670459] __kasan_kmalloc+0xb7/0xc0 [ 26.671013] __kmalloc_cache_noprof+0x184/0x410 [ 26.671778] kasan_atomics+0x96/0x310 [ 26.672355] kunit_try_run_case+0x1b3/0x490 [ 26.672867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.673476] kthread+0x257/0x310 [ 26.673905] ret_from_fork+0x41/0x80 [ 26.674406] ret_from_fork_asm+0x1a/0x30 [ 26.674910] [ 26.675260] The buggy address belongs to the object at ffff888102a32500 [ 26.675260] which belongs to the cache kmalloc-64 of size 64 [ 26.676382] The buggy address is located 0 bytes to the right of [ 26.676382] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.677520] [ 26.677810] The buggy address belongs to the physical page: [ 26.678469] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.679230] flags: 0x200000000000000(node=0|zone=2) [ 26.679733] page_type: f5(slab) [ 26.680169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.680921] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.681678] page dumped because: kasan: bad access detected [ 26.682264] [ 26.682523] Memory state around the buggy address: [ 26.683005] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.683786] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.684488] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.684945] ^ [ 26.685652] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.686297] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.686974] ================================================================== [ 27.716160] ================================================================== [ 27.716685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 27.717829] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.718893] [ 27.719280] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.720733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.721434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.722721] Call Trace: [ 27.723013] <TASK> [ 27.723424] dump_stack_lvl+0x73/0xb0 [ 27.724226] print_report+0xd1/0x640 [ 27.724832] ? __virt_addr_valid+0x1db/0x2d0 [ 27.725406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.726705] kasan_report+0x102/0x140 [ 27.727103] ? kasan_atomics_helper+0x1b23/0x5450 [ 27.727872] ? kasan_atomics_helper+0x1b23/0x5450 [ 27.728610] kasan_check_range+0x10c/0x1c0 [ 27.728823] __kasan_check_write+0x18/0x20 [ 27.729014] kasan_atomics_helper+0x1b23/0x5450 [ 27.729357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.730168] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.730641] ? kasan_atomics+0x153/0x310 [ 27.731034] kasan_atomics+0x1dd/0x310 [ 27.731782] ? __pfx_kasan_atomics+0x10/0x10 [ 27.732364] ? __pfx_read_tsc+0x10/0x10 [ 27.732744] ? ktime_get_ts64+0x84/0x230 [ 27.733596] kunit_try_run_case+0x1b3/0x490 [ 27.734154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.734641] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.735130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.735802] ? __kthread_parkme+0x82/0x160 [ 27.736274] ? preempt_count_sub+0x50/0x80 [ 27.736818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.737364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.737957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.738518] kthread+0x257/0x310 [ 27.738840] ? __pfx_kthread+0x10/0x10 [ 27.739369] ret_from_fork+0x41/0x80 [ 27.739753] ? __pfx_kthread+0x10/0x10 [ 27.740045] ret_from_fork_asm+0x1a/0x30 [ 27.740588] </TASK> [ 27.740880] [ 27.741112] Allocated by task 273: [ 27.741539] kasan_save_stack+0x3d/0x60 [ 27.741892] kasan_save_track+0x18/0x40 [ 27.742238] kasan_save_alloc_info+0x3b/0x50 [ 27.742725] __kasan_kmalloc+0xb7/0xc0 [ 27.743159] __kmalloc_cache_noprof+0x184/0x410 [ 27.743652] kasan_atomics+0x96/0x310 [ 27.744131] kunit_try_run_case+0x1b3/0x490 [ 27.744584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.745214] kthread+0x257/0x310 [ 27.745545] ret_from_fork+0x41/0x80 [ 27.745977] ret_from_fork_asm+0x1a/0x30 [ 27.746316] [ 27.746549] The buggy address belongs to the object at ffff888102a32500 [ 27.746549] which belongs to the cache kmalloc-64 of size 64 [ 27.747598] The buggy address is located 0 bytes to the right of [ 27.747598] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.748697] [ 27.748857] The buggy address belongs to the physical page: [ 27.749472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.750216] flags: 0x200000000000000(node=0|zone=2) [ 27.750713] page_type: f5(slab) [ 27.751025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.751770] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.752470] page dumped because: kasan: bad access detected [ 27.752894] [ 27.753054] Memory state around the buggy address: [ 27.753668] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.754125] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.754846] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.755594] ^ [ 27.755964] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.756721] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.757418] ================================================================== [ 26.186954] ================================================================== [ 26.187591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 26.188743] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.189405] [ 26.189688] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.190490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.190945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.191722] Call Trace: [ 26.192053] <TASK> [ 26.192412] dump_stack_lvl+0x73/0xb0 [ 26.192746] print_report+0xd1/0x640 [ 26.193238] ? __virt_addr_valid+0x1db/0x2d0 [ 26.193665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.194208] kasan_report+0x102/0x140 [ 26.194601] ? kasan_atomics_helper+0x8fa/0x5450 [ 26.195182] ? kasan_atomics_helper+0x8fa/0x5450 [ 26.195716] kasan_check_range+0x10c/0x1c0 [ 26.196228] __kasan_check_write+0x18/0x20 [ 26.196685] kasan_atomics_helper+0x8fa/0x5450 [ 26.197058] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.197618] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.197998] ? kasan_atomics+0x153/0x310 [ 26.198562] kasan_atomics+0x1dd/0x310 [ 26.198989] ? __pfx_kasan_atomics+0x10/0x10 [ 26.199421] ? __pfx_read_tsc+0x10/0x10 [ 26.199852] ? ktime_get_ts64+0x84/0x230 [ 26.200293] kunit_try_run_case+0x1b3/0x490 [ 26.200821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.201240] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.201727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.202088] ? __kthread_parkme+0x82/0x160 [ 26.202474] ? preempt_count_sub+0x50/0x80 [ 26.202984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.203587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.204188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.204576] kthread+0x257/0x310 [ 26.205027] ? __pfx_kthread+0x10/0x10 [ 26.205592] ret_from_fork+0x41/0x80 [ 26.205945] ? __pfx_kthread+0x10/0x10 [ 26.206293] ret_from_fork_asm+0x1a/0x30 [ 26.206739] </TASK> [ 26.207050] [ 26.207429] Allocated by task 273: [ 26.207865] kasan_save_stack+0x3d/0x60 [ 26.208933] kasan_save_track+0x18/0x40 [ 26.209818] kasan_save_alloc_info+0x3b/0x50 [ 26.210878] __kasan_kmalloc+0xb7/0xc0 [ 26.211424] __kmalloc_cache_noprof+0x184/0x410 [ 26.211970] kasan_atomics+0x96/0x310 [ 26.212793] kunit_try_run_case+0x1b3/0x490 [ 26.213450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.213911] kthread+0x257/0x310 [ 26.214625] ret_from_fork+0x41/0x80 [ 26.215108] ret_from_fork_asm+0x1a/0x30 [ 26.215441] [ 26.215694] The buggy address belongs to the object at ffff888102a32500 [ 26.215694] which belongs to the cache kmalloc-64 of size 64 [ 26.217331] The buggy address is located 0 bytes to the right of [ 26.217331] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.218670] [ 26.219127] The buggy address belongs to the physical page: [ 26.219580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.220720] flags: 0x200000000000000(node=0|zone=2) [ 26.220952] page_type: f5(slab) [ 26.221127] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.221626] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.222491] page dumped because: kasan: bad access detected [ 26.222849] [ 26.223046] Memory state around the buggy address: [ 26.223376] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.224134] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.224799] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.225594] ^ [ 26.225907] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.226655] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227856] ================================================================== [ 26.561831] ================================================================== [ 26.562424] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 26.563227] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.565007] [ 26.565371] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.566389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.566782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.567484] Call Trace: [ 26.567923] <TASK> [ 26.568239] dump_stack_lvl+0x73/0xb0 [ 26.568750] print_report+0xd1/0x640 [ 26.569234] ? __virt_addr_valid+0x1db/0x2d0 [ 26.569892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.570419] kasan_report+0x102/0x140 [ 26.570963] ? kasan_atomics_helper+0xe79/0x5450 [ 26.571543] ? kasan_atomics_helper+0xe79/0x5450 [ 26.571926] kasan_check_range+0x10c/0x1c0 [ 26.572501] __kasan_check_write+0x18/0x20 [ 26.572889] kasan_atomics_helper+0xe79/0x5450 [ 26.573537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.573967] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.574616] ? kasan_atomics+0x153/0x310 [ 26.575007] kasan_atomics+0x1dd/0x310 [ 26.575525] ? __pfx_kasan_atomics+0x10/0x10 [ 26.576126] ? __pfx_read_tsc+0x10/0x10 [ 26.576498] ? ktime_get_ts64+0x84/0x230 [ 26.577120] kunit_try_run_case+0x1b3/0x490 [ 26.577577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.578115] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.578599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.579243] ? __kthread_parkme+0x82/0x160 [ 26.579718] ? preempt_count_sub+0x50/0x80 [ 26.580179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.580798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.581504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.582183] kthread+0x257/0x310 [ 26.582594] ? __pfx_kthread+0x10/0x10 [ 26.582974] ret_from_fork+0x41/0x80 [ 26.583576] ? __pfx_kthread+0x10/0x10 [ 26.584000] ret_from_fork_asm+0x1a/0x30 [ 26.584643] </TASK> [ 26.584839] [ 26.585146] Allocated by task 273: [ 26.585530] kasan_save_stack+0x3d/0x60 [ 26.585964] kasan_save_track+0x18/0x40 [ 26.586467] kasan_save_alloc_info+0x3b/0x50 [ 26.586776] __kasan_kmalloc+0xb7/0xc0 [ 26.587245] __kmalloc_cache_noprof+0x184/0x410 [ 26.587873] kasan_atomics+0x96/0x310 [ 26.588283] kunit_try_run_case+0x1b3/0x490 [ 26.588898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.589478] kthread+0x257/0x310 [ 26.589941] ret_from_fork+0x41/0x80 [ 26.590504] ret_from_fork_asm+0x1a/0x30 [ 26.591052] [ 26.591317] The buggy address belongs to the object at ffff888102a32500 [ 26.591317] which belongs to the cache kmalloc-64 of size 64 [ 26.592476] The buggy address is located 0 bytes to the right of [ 26.592476] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.593685] [ 26.593974] The buggy address belongs to the physical page: [ 26.594550] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.595399] flags: 0x200000000000000(node=0|zone=2) [ 26.595889] page_type: f5(slab) [ 26.596330] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.597008] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.597779] page dumped because: kasan: bad access detected [ 26.598377] [ 26.598628] Memory state around the buggy address: [ 26.599110] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.599865] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.600546] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.601278] ^ [ 26.601760] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.602476] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.603141] ================================================================== [ 27.409817] ================================================================== [ 27.410975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 27.411706] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.412330] [ 27.412588] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.413486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.413837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.414522] Call Trace: [ 27.414876] <TASK> [ 27.415261] dump_stack_lvl+0x73/0xb0 [ 27.415733] print_report+0xd1/0x640 [ 27.416171] ? __virt_addr_valid+0x1db/0x2d0 [ 27.416649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.417056] kasan_report+0x102/0x140 [ 27.417576] ? kasan_atomics_helper+0x16e8/0x5450 [ 27.418051] ? kasan_atomics_helper+0x16e8/0x5450 [ 27.418705] kasan_check_range+0x10c/0x1c0 [ 27.419028] __kasan_check_write+0x18/0x20 [ 27.419615] kasan_atomics_helper+0x16e8/0x5450 [ 27.420327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.420686] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.420993] ? kasan_atomics+0x153/0x310 [ 27.421431] kasan_atomics+0x1dd/0x310 [ 27.422080] ? __pfx_kasan_atomics+0x10/0x10 [ 27.422897] ? __pfx_read_tsc+0x10/0x10 [ 27.423564] ? ktime_get_ts64+0x84/0x230 [ 27.424213] kunit_try_run_case+0x1b3/0x490 [ 27.424955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.425496] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.426298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.427130] ? __kthread_parkme+0x82/0x160 [ 27.428032] ? preempt_count_sub+0x50/0x80 [ 27.428623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.429532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.430662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.431371] kthread+0x257/0x310 [ 27.431744] ? __pfx_kthread+0x10/0x10 [ 27.432206] ret_from_fork+0x41/0x80 [ 27.433354] ? __pfx_kthread+0x10/0x10 [ 27.433872] ret_from_fork_asm+0x1a/0x30 [ 27.434730] </TASK> [ 27.434962] [ 27.435229] Allocated by task 273: [ 27.436189] kasan_save_stack+0x3d/0x60 [ 27.437029] kasan_save_track+0x18/0x40 [ 27.437808] kasan_save_alloc_info+0x3b/0x50 [ 27.438241] __kasan_kmalloc+0xb7/0xc0 [ 27.438537] __kmalloc_cache_noprof+0x184/0x410 [ 27.439440] kasan_atomics+0x96/0x310 [ 27.439834] kunit_try_run_case+0x1b3/0x490 [ 27.440621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.441440] kthread+0x257/0x310 [ 27.441988] ret_from_fork+0x41/0x80 [ 27.442380] ret_from_fork_asm+0x1a/0x30 [ 27.442748] [ 27.443005] The buggy address belongs to the object at ffff888102a32500 [ 27.443005] which belongs to the cache kmalloc-64 of size 64 [ 27.444026] The buggy address is located 0 bytes to the right of [ 27.444026] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.445506] [ 27.445756] The buggy address belongs to the physical page: [ 27.446493] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.447436] flags: 0x200000000000000(node=0|zone=2) [ 27.448027] page_type: f5(slab) [ 27.448577] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.449427] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.450162] page dumped because: kasan: bad access detected [ 27.450799] [ 27.451127] Memory state around the buggy address: [ 27.451694] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.452525] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.453378] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.454159] ^ [ 27.454556] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.455505] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.456248] ================================================================== [ 26.871604] ================================================================== [ 26.872217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 26.872904] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.873714] [ 26.873931] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.874875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.875264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.876084] Call Trace: [ 26.877204] <TASK> [ 26.877528] dump_stack_lvl+0x73/0xb0 [ 26.877935] print_report+0xd1/0x640 [ 26.878529] ? __virt_addr_valid+0x1db/0x2d0 [ 26.879004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.879564] kasan_report+0x102/0x140 [ 26.879944] ? kasan_atomics_helper+0x4a04/0x5450 [ 26.880573] ? kasan_atomics_helper+0x4a04/0x5450 [ 26.880961] __asan_report_load4_noabort+0x18/0x20 [ 26.881749] kasan_atomics_helper+0x4a04/0x5450 [ 26.882255] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.883029] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.883672] ? kasan_atomics+0x153/0x310 [ 26.884181] kasan_atomics+0x1dd/0x310 [ 26.884701] ? __pfx_kasan_atomics+0x10/0x10 [ 26.885277] ? __pfx_read_tsc+0x10/0x10 [ 26.885649] ? ktime_get_ts64+0x84/0x230 [ 26.886216] kunit_try_run_case+0x1b3/0x490 [ 26.886643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.887194] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.887842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.888399] ? __kthread_parkme+0x82/0x160 [ 26.888836] ? preempt_count_sub+0x50/0x80 [ 26.889390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.889833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.890425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.891166] kthread+0x257/0x310 [ 26.891523] ? __pfx_kthread+0x10/0x10 [ 26.892057] ret_from_fork+0x41/0x80 [ 26.892527] ? __pfx_kthread+0x10/0x10 [ 26.892951] ret_from_fork_asm+0x1a/0x30 [ 26.893436] </TASK> [ 26.893772] [ 26.893951] Allocated by task 273: [ 26.894419] kasan_save_stack+0x3d/0x60 [ 26.894783] kasan_save_track+0x18/0x40 [ 26.895397] kasan_save_alloc_info+0x3b/0x50 [ 26.895886] __kasan_kmalloc+0xb7/0xc0 [ 26.896300] __kmalloc_cache_noprof+0x184/0x410 [ 26.896834] kasan_atomics+0x96/0x310 [ 26.897262] kunit_try_run_case+0x1b3/0x490 [ 26.897879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.898574] kthread+0x257/0x310 [ 26.898946] ret_from_fork+0x41/0x80 [ 26.899382] ret_from_fork_asm+0x1a/0x30 [ 26.899913] [ 26.900212] The buggy address belongs to the object at ffff888102a32500 [ 26.900212] which belongs to the cache kmalloc-64 of size 64 [ 26.901243] The buggy address is located 0 bytes to the right of [ 26.901243] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.902397] [ 26.902655] The buggy address belongs to the physical page: [ 26.903181] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.903909] flags: 0x200000000000000(node=0|zone=2) [ 26.904461] page_type: f5(slab) [ 26.904831] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.905325] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.906060] page dumped because: kasan: bad access detected [ 26.906776] [ 26.907029] Memory state around the buggy address: [ 26.907491] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.908208] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.908871] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.909605] ^ [ 26.909922] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.911225] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.911920] ================================================================== [ 27.834431] ================================================================== [ 27.835479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 27.836165] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.836917] [ 27.837200] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.837969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.838505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.839258] Call Trace: [ 27.839636] <TASK> [ 27.839867] dump_stack_lvl+0x73/0xb0 [ 27.840421] print_report+0xd1/0x640 [ 27.840797] ? __virt_addr_valid+0x1db/0x2d0 [ 27.841213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.841877] kasan_report+0x102/0x140 [ 27.842322] ? kasan_atomics_helper+0x1ce2/0x5450 [ 27.842785] ? kasan_atomics_helper+0x1ce2/0x5450 [ 27.843476] kasan_check_range+0x10c/0x1c0 [ 27.843841] __kasan_check_write+0x18/0x20 [ 27.844380] kasan_atomics_helper+0x1ce2/0x5450 [ 27.844950] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.845490] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.845959] ? kasan_atomics+0x153/0x310 [ 27.846581] kasan_atomics+0x1dd/0x310 [ 27.846971] ? __pfx_kasan_atomics+0x10/0x10 [ 27.847626] ? __pfx_read_tsc+0x10/0x10 [ 27.848005] ? ktime_get_ts64+0x84/0x230 [ 27.848550] kunit_try_run_case+0x1b3/0x490 [ 27.848949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.849609] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.850033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.850700] ? __kthread_parkme+0x82/0x160 [ 27.851279] ? preempt_count_sub+0x50/0x80 [ 27.851799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.852357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.853052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.853804] kthread+0x257/0x310 [ 27.854322] ? __pfx_kthread+0x10/0x10 [ 27.854836] ret_from_fork+0x41/0x80 [ 27.855296] ? __pfx_kthread+0x10/0x10 [ 27.855854] ret_from_fork_asm+0x1a/0x30 [ 27.856417] </TASK> [ 27.856717] [ 27.856957] Allocated by task 273: [ 27.857439] kasan_save_stack+0x3d/0x60 [ 27.857914] kasan_save_track+0x18/0x40 [ 27.858491] kasan_save_alloc_info+0x3b/0x50 [ 27.859042] __kasan_kmalloc+0xb7/0xc0 [ 27.859601] __kmalloc_cache_noprof+0x184/0x410 [ 27.860269] kasan_atomics+0x96/0x310 [ 27.860825] kunit_try_run_case+0x1b3/0x490 [ 27.861272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.862021] kthread+0x257/0x310 [ 27.862442] ret_from_fork+0x41/0x80 [ 27.862814] ret_from_fork_asm+0x1a/0x30 [ 27.863290] [ 27.863552] The buggy address belongs to the object at ffff888102a32500 [ 27.863552] which belongs to the cache kmalloc-64 of size 64 [ 27.864209] The buggy address is located 0 bytes to the right of [ 27.864209] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.865739] [ 27.866010] The buggy address belongs to the physical page: [ 27.866465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.867427] flags: 0x200000000000000(node=0|zone=2) [ 27.867909] page_type: f5(slab) [ 27.868378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.869230] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.870006] page dumped because: kasan: bad access detected [ 27.870606] [ 27.870761] Memory state around the buggy address: [ 27.871398] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.871938] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.872763] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.873467] ^ [ 27.874036] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.874983] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.875662] ================================================================== [ 27.921307] ================================================================== [ 27.921956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 27.922836] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.923618] [ 27.923740] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.924115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.924290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.924759] Call Trace: [ 27.924975] <TASK> [ 27.925380] dump_stack_lvl+0x73/0xb0 [ 27.926292] print_report+0xd1/0x640 [ 27.926906] ? __virt_addr_valid+0x1db/0x2d0 [ 27.927830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.929021] kasan_report+0x102/0x140 [ 27.929807] ? kasan_atomics_helper+0x1e13/0x5450 [ 27.930262] ? kasan_atomics_helper+0x1e13/0x5450 [ 27.930955] kasan_check_range+0x10c/0x1c0 [ 27.931731] __kasan_check_write+0x18/0x20 [ 27.932229] kasan_atomics_helper+0x1e13/0x5450 [ 27.932750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.933280] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.933935] ? kasan_atomics+0x153/0x310 [ 27.934526] kasan_atomics+0x1dd/0x310 [ 27.934919] ? __pfx_kasan_atomics+0x10/0x10 [ 27.935365] ? __pfx_read_tsc+0x10/0x10 [ 27.935767] ? ktime_get_ts64+0x84/0x230 [ 27.936162] kunit_try_run_case+0x1b3/0x490 [ 27.936670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.936998] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.937687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.938350] ? __kthread_parkme+0x82/0x160 [ 27.938729] ? preempt_count_sub+0x50/0x80 [ 27.939198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.939863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.940551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.941048] kthread+0x257/0x310 [ 27.941465] ? __pfx_kthread+0x10/0x10 [ 27.941998] ret_from_fork+0x41/0x80 [ 27.942432] ? __pfx_kthread+0x10/0x10 [ 27.942935] ret_from_fork_asm+0x1a/0x30 [ 27.943461] </TASK> [ 27.943759] [ 27.944043] Allocated by task 273: [ 27.944479] kasan_save_stack+0x3d/0x60 [ 27.945003] kasan_save_track+0x18/0x40 [ 27.945403] kasan_save_alloc_info+0x3b/0x50 [ 27.945965] __kasan_kmalloc+0xb7/0xc0 [ 27.946383] __kmalloc_cache_noprof+0x184/0x410 [ 27.946707] kasan_atomics+0x96/0x310 [ 27.947265] kunit_try_run_case+0x1b3/0x490 [ 27.947630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.948437] kthread+0x257/0x310 [ 27.948741] ret_from_fork+0x41/0x80 [ 27.949155] ret_from_fork_asm+0x1a/0x30 [ 27.949735] [ 27.949936] The buggy address belongs to the object at ffff888102a32500 [ 27.949936] which belongs to the cache kmalloc-64 of size 64 [ 27.951150] The buggy address is located 0 bytes to the right of [ 27.951150] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.952319] [ 27.952605] The buggy address belongs to the physical page: [ 27.953111] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.953900] flags: 0x200000000000000(node=0|zone=2) [ 27.954489] page_type: f5(slab) [ 27.954873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.955672] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.957031] page dumped because: kasan: bad access detected [ 27.957702] [ 27.957895] Memory state around the buggy address: [ 27.958320] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.958798] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.959636] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.960294] ^ [ 27.960794] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.961610] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.962306] ================================================================== [ 28.004999] ================================================================== [ 28.005958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 28.006417] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.006853] [ 28.006974] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.007442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.008244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.009761] Call Trace: [ 28.010277] <TASK> [ 28.010728] dump_stack_lvl+0x73/0xb0 [ 28.011522] print_report+0xd1/0x640 [ 28.012211] ? __virt_addr_valid+0x1db/0x2d0 [ 28.012948] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.013523] kasan_report+0x102/0x140 [ 28.013983] ? kasan_atomics_helper+0x1f44/0x5450 [ 28.014477] ? kasan_atomics_helper+0x1f44/0x5450 [ 28.014933] kasan_check_range+0x10c/0x1c0 [ 28.015519] __kasan_check_write+0x18/0x20 [ 28.015839] kasan_atomics_helper+0x1f44/0x5450 [ 28.016353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.016877] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.017312] ? kasan_atomics+0x153/0x310 [ 28.017794] kasan_atomics+0x1dd/0x310 [ 28.018265] ? __pfx_kasan_atomics+0x10/0x10 [ 28.018739] ? __pfx_read_tsc+0x10/0x10 [ 28.019190] ? ktime_get_ts64+0x84/0x230 [ 28.019665] kunit_try_run_case+0x1b3/0x490 [ 28.020016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.020484] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.021024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.021645] ? __kthread_parkme+0x82/0x160 [ 28.022029] ? preempt_count_sub+0x50/0x80 [ 28.022423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.023018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.023540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.023899] kthread+0x257/0x310 [ 28.024386] ? __pfx_kthread+0x10/0x10 [ 28.024871] ret_from_fork+0x41/0x80 [ 28.025303] ? __pfx_kthread+0x10/0x10 [ 28.025704] ret_from_fork_asm+0x1a/0x30 [ 28.026025] </TASK> [ 28.026415] [ 28.026659] Allocated by task 273: [ 28.027154] kasan_save_stack+0x3d/0x60 [ 28.027624] kasan_save_track+0x18/0x40 [ 28.027906] kasan_save_alloc_info+0x3b/0x50 [ 28.028279] __kasan_kmalloc+0xb7/0xc0 [ 28.028767] __kmalloc_cache_noprof+0x184/0x410 [ 28.029320] kasan_atomics+0x96/0x310 [ 28.029783] kunit_try_run_case+0x1b3/0x490 [ 28.030171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.030716] kthread+0x257/0x310 [ 28.031192] ret_from_fork+0x41/0x80 [ 28.031595] ret_from_fork_asm+0x1a/0x30 [ 28.032033] [ 28.032286] The buggy address belongs to the object at ffff888102a32500 [ 28.032286] which belongs to the cache kmalloc-64 of size 64 [ 28.033928] The buggy address is located 0 bytes to the right of [ 28.033928] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.035186] [ 28.035688] The buggy address belongs to the physical page: [ 28.036311] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.036996] flags: 0x200000000000000(node=0|zone=2) [ 28.037773] page_type: f5(slab) [ 28.038169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.038963] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.039890] page dumped because: kasan: bad access detected [ 28.040386] [ 28.040586] Memory state around the buggy address: [ 28.041082] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.041752] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.042310] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.043369] ^ [ 28.044047] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.044934] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.045812] ================================================================== [ 26.228771] ================================================================== [ 26.229596] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 26.230758] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.231672] [ 26.231864] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.233316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.233756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.234612] Call Trace: [ 26.234994] <TASK> [ 26.235254] dump_stack_lvl+0x73/0xb0 [ 26.235714] print_report+0xd1/0x640 [ 26.236394] ? __virt_addr_valid+0x1db/0x2d0 [ 26.237019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.237749] kasan_report+0x102/0x140 [ 26.238153] ? kasan_atomics_helper+0x993/0x5450 [ 26.238542] ? kasan_atomics_helper+0x993/0x5450 [ 26.239107] kasan_check_range+0x10c/0x1c0 [ 26.239851] __kasan_check_write+0x18/0x20 [ 26.240242] kasan_atomics_helper+0x993/0x5450 [ 26.240904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.241389] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.241830] ? kasan_atomics+0x153/0x310 [ 26.242312] kasan_atomics+0x1dd/0x310 [ 26.242755] ? __pfx_kasan_atomics+0x10/0x10 [ 26.243282] ? __pfx_read_tsc+0x10/0x10 [ 26.243656] ? ktime_get_ts64+0x84/0x230 [ 26.244118] kunit_try_run_case+0x1b3/0x490 [ 26.244634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.244972] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.245586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.246121] ? __kthread_parkme+0x82/0x160 [ 26.246567] ? preempt_count_sub+0x50/0x80 [ 26.246960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.247451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.248111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.248536] kthread+0x257/0x310 [ 26.248801] ? __pfx_kthread+0x10/0x10 [ 26.249330] ret_from_fork+0x41/0x80 [ 26.249830] ? __pfx_kthread+0x10/0x10 [ 26.250199] ret_from_fork_asm+0x1a/0x30 [ 26.250699] </TASK> [ 26.251009] [ 26.251351] Allocated by task 273: [ 26.251776] kasan_save_stack+0x3d/0x60 [ 26.252204] kasan_save_track+0x18/0x40 [ 26.252520] kasan_save_alloc_info+0x3b/0x50 [ 26.253033] __kasan_kmalloc+0xb7/0xc0 [ 26.253608] __kmalloc_cache_noprof+0x184/0x410 [ 26.254125] kasan_atomics+0x96/0x310 [ 26.254482] kunit_try_run_case+0x1b3/0x490 [ 26.254782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.255409] kthread+0x257/0x310 [ 26.255845] ret_from_fork+0x41/0x80 [ 26.256357] ret_from_fork_asm+0x1a/0x30 [ 26.256827] [ 26.257029] The buggy address belongs to the object at ffff888102a32500 [ 26.257029] which belongs to the cache kmalloc-64 of size 64 [ 26.257987] The buggy address is located 0 bytes to the right of [ 26.257987] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.259005] [ 26.259303] The buggy address belongs to the physical page: [ 26.259935] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.260649] flags: 0x200000000000000(node=0|zone=2) [ 26.260972] page_type: f5(slab) [ 26.261436] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.262231] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.262712] page dumped because: kasan: bad access detected [ 26.263364] [ 26.263613] Memory state around the buggy address: [ 26.264026] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.264684] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.265384] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.265929] ^ [ 26.266292] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.267139] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.267871] ================================================================== [ 25.663513] ================================================================== [ 25.664674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 25.665268] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.665953] [ 25.666314] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.667330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.667703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.668594] Call Trace: [ 25.668814] <TASK> [ 25.669089] dump_stack_lvl+0x73/0xb0 [ 25.669670] print_report+0xd1/0x640 [ 25.670203] ? __virt_addr_valid+0x1db/0x2d0 [ 25.671035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.671603] kasan_report+0x102/0x140 [ 25.672103] ? kasan_atomics_helper+0x4b8a/0x5450 [ 25.672746] ? kasan_atomics_helper+0x4b8a/0x5450 [ 25.673615] __asan_report_load4_noabort+0x18/0x20 [ 25.674150] kasan_atomics_helper+0x4b8a/0x5450 [ 25.674724] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.675276] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.675788] ? kasan_atomics+0x153/0x310 [ 25.676420] kasan_atomics+0x1dd/0x310 [ 25.676925] ? __pfx_kasan_atomics+0x10/0x10 [ 25.677492] ? __pfx_read_tsc+0x10/0x10 [ 25.677859] ? ktime_get_ts64+0x84/0x230 [ 25.678202] kunit_try_run_case+0x1b3/0x490 [ 25.678848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.679578] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.680281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.680965] ? __kthread_parkme+0x82/0x160 [ 25.681423] ? preempt_count_sub+0x50/0x80 [ 25.682038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.682698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.683325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.683767] kthread+0x257/0x310 [ 25.684367] ? __pfx_kthread+0x10/0x10 [ 25.684999] ret_from_fork+0x41/0x80 [ 25.685574] ? __pfx_kthread+0x10/0x10 [ 25.686174] ret_from_fork_asm+0x1a/0x30 [ 25.686839] </TASK> [ 25.687231] [ 25.687491] Allocated by task 273: [ 25.687990] kasan_save_stack+0x3d/0x60 [ 25.688601] kasan_save_track+0x18/0x40 [ 25.689042] kasan_save_alloc_info+0x3b/0x50 [ 25.689773] __kasan_kmalloc+0xb7/0xc0 [ 25.690285] __kmalloc_cache_noprof+0x184/0x410 [ 25.690895] kasan_atomics+0x96/0x310 [ 25.691317] kunit_try_run_case+0x1b3/0x490 [ 25.691914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.692764] kthread+0x257/0x310 [ 25.693294] ret_from_fork+0x41/0x80 [ 25.693637] ret_from_fork_asm+0x1a/0x30 [ 25.694246] [ 25.694575] The buggy address belongs to the object at ffff888102a32500 [ 25.694575] which belongs to the cache kmalloc-64 of size 64 [ 25.695725] The buggy address is located 0 bytes to the right of [ 25.695725] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.696981] [ 25.697408] The buggy address belongs to the physical page: [ 25.697899] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.698547] flags: 0x200000000000000(node=0|zone=2) [ 25.699169] page_type: f5(slab) [ 25.699871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.700467] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.701484] page dumped because: kasan: bad access detected [ 25.702155] [ 25.702497] Memory state around the buggy address: [ 25.702934] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.703782] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.704649] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.705441] ^ [ 25.706066] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.706891] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.707592] ================================================================== [ 28.176473] ================================================================== [ 28.177021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 28.177902] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.178576] [ 28.178762] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.179841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.180442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.181154] Call Trace: [ 28.181596] <TASK> [ 28.181830] dump_stack_lvl+0x73/0xb0 [ 28.182290] print_report+0xd1/0x640 [ 28.182733] ? __virt_addr_valid+0x1db/0x2d0 [ 28.183288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.183732] kasan_report+0x102/0x140 [ 28.184161] ? kasan_atomics_helper+0x20c9/0x5450 [ 28.184899] ? kasan_atomics_helper+0x20c9/0x5450 [ 28.185303] kasan_check_range+0x10c/0x1c0 [ 28.185649] __kasan_check_write+0x18/0x20 [ 28.186234] kasan_atomics_helper+0x20c9/0x5450 [ 28.187511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.187843] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.188654] ? kasan_atomics+0x153/0x310 [ 28.189307] kasan_atomics+0x1dd/0x310 [ 28.189657] ? __pfx_kasan_atomics+0x10/0x10 [ 28.190350] ? __pfx_read_tsc+0x10/0x10 [ 28.190962] ? ktime_get_ts64+0x84/0x230 [ 28.191482] kunit_try_run_case+0x1b3/0x490 [ 28.192386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.193019] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.193611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.194173] ? __kthread_parkme+0x82/0x160 [ 28.194730] ? preempt_count_sub+0x50/0x80 [ 28.195238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.195762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.196401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.196972] kthread+0x257/0x310 [ 28.197505] ? __pfx_kthread+0x10/0x10 [ 28.197895] ret_from_fork+0x41/0x80 [ 28.198444] ? __pfx_kthread+0x10/0x10 [ 28.198810] ret_from_fork_asm+0x1a/0x30 [ 28.199373] </TASK> [ 28.199719] [ 28.199994] Allocated by task 273: [ 28.200394] kasan_save_stack+0x3d/0x60 [ 28.200903] kasan_save_track+0x18/0x40 [ 28.201429] kasan_save_alloc_info+0x3b/0x50 [ 28.201971] __kasan_kmalloc+0xb7/0xc0 [ 28.202415] __kmalloc_cache_noprof+0x184/0x410 [ 28.202927] kasan_atomics+0x96/0x310 [ 28.203412] kunit_try_run_case+0x1b3/0x490 [ 28.203928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.204429] kthread+0x257/0x310 [ 28.204907] ret_from_fork+0x41/0x80 [ 28.205277] ret_from_fork_asm+0x1a/0x30 [ 28.205813] [ 28.205997] The buggy address belongs to the object at ffff888102a32500 [ 28.205997] which belongs to the cache kmalloc-64 of size 64 [ 28.207211] The buggy address is located 0 bytes to the right of [ 28.207211] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.208287] [ 28.208615] The buggy address belongs to the physical page: [ 28.209294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.209864] flags: 0x200000000000000(node=0|zone=2) [ 28.210571] page_type: f5(slab) [ 28.210885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.211615] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.212534] page dumped because: kasan: bad access detected [ 28.213044] [ 28.213248] Memory state around the buggy address: [ 28.213865] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.214670] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.215186] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.215843] ^ [ 28.216441] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.216944] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.217811] ================================================================== [ 28.262798] ================================================================== [ 28.263551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 28.264352] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.264803] [ 28.265605] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.266542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.266845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.268399] Call Trace: [ 28.268868] <TASK> [ 28.269305] dump_stack_lvl+0x73/0xb0 [ 28.269729] print_report+0xd1/0x640 [ 28.270110] ? __virt_addr_valid+0x1db/0x2d0 [ 28.270498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.271120] kasan_report+0x102/0x140 [ 28.271491] ? kasan_atomics_helper+0x218b/0x5450 [ 28.271886] ? kasan_atomics_helper+0x218b/0x5450 [ 28.272543] kasan_check_range+0x10c/0x1c0 [ 28.272941] __kasan_check_write+0x18/0x20 [ 28.273440] kasan_atomics_helper+0x218b/0x5450 [ 28.273880] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.274358] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.274847] ? kasan_atomics+0x153/0x310 [ 28.275352] kasan_atomics+0x1dd/0x310 [ 28.275671] ? __pfx_kasan_atomics+0x10/0x10 [ 28.276230] ? __pfx_read_tsc+0x10/0x10 [ 28.276694] ? ktime_get_ts64+0x84/0x230 [ 28.277130] kunit_try_run_case+0x1b3/0x490 [ 28.277656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.278254] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.278643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.279308] ? __kthread_parkme+0x82/0x160 [ 28.279631] ? preempt_count_sub+0x50/0x80 [ 28.280199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.280608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.281113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.281756] kthread+0x257/0x310 [ 28.282111] ? __pfx_kthread+0x10/0x10 [ 28.282520] ret_from_fork+0x41/0x80 [ 28.282953] ? __pfx_kthread+0x10/0x10 [ 28.283413] ret_from_fork_asm+0x1a/0x30 [ 28.283956] </TASK> [ 28.284313] [ 28.284542] Allocated by task 273: [ 28.284785] kasan_save_stack+0x3d/0x60 [ 28.285366] kasan_save_track+0x18/0x40 [ 28.285916] kasan_save_alloc_info+0x3b/0x50 [ 28.286286] __kasan_kmalloc+0xb7/0xc0 [ 28.286951] __kmalloc_cache_noprof+0x184/0x410 [ 28.287318] kasan_atomics+0x96/0x310 [ 28.288409] kunit_try_run_case+0x1b3/0x490 [ 28.288948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.289515] kthread+0x257/0x310 [ 28.289872] ret_from_fork+0x41/0x80 [ 28.290393] ret_from_fork_asm+0x1a/0x30 [ 28.290695] [ 28.290937] The buggy address belongs to the object at ffff888102a32500 [ 28.290937] which belongs to the cache kmalloc-64 of size 64 [ 28.291887] The buggy address is located 0 bytes to the right of [ 28.291887] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.292900] [ 28.293169] The buggy address belongs to the physical page: [ 28.293685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.294413] flags: 0x200000000000000(node=0|zone=2) [ 28.294848] page_type: f5(slab) [ 28.295237] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.295797] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.296470] page dumped because: kasan: bad access detected [ 28.297009] [ 28.297306] Memory state around the buggy address: [ 28.297741] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.298459] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.298956] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.299692] ^ [ 28.300180] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.300732] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.301513] ================================================================== [ 25.888477] ================================================================== [ 25.889168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 25.889818] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.891135] [ 25.891458] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.892248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.892819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.893828] Call Trace: [ 25.894264] <TASK> [ 25.894598] dump_stack_lvl+0x73/0xb0 [ 25.895028] print_report+0xd1/0x640 [ 25.895462] ? __virt_addr_valid+0x1db/0x2d0 [ 25.896142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.896734] kasan_report+0x102/0x140 [ 25.897125] ? kasan_atomics_helper+0x4b3c/0x5450 [ 25.897527] ? kasan_atomics_helper+0x4b3c/0x5450 [ 25.898033] __asan_report_store4_noabort+0x1b/0x30 [ 25.898610] kasan_atomics_helper+0x4b3c/0x5450 [ 25.899249] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.899827] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.900524] ? kasan_atomics+0x153/0x310 [ 25.901039] kasan_atomics+0x1dd/0x310 [ 25.901614] ? __pfx_kasan_atomics+0x10/0x10 [ 25.902029] ? __pfx_read_tsc+0x10/0x10 [ 25.902561] ? ktime_get_ts64+0x84/0x230 [ 25.903043] kunit_try_run_case+0x1b3/0x490 [ 25.903539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.904152] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.904590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.905261] ? __kthread_parkme+0x82/0x160 [ 25.905863] ? preempt_count_sub+0x50/0x80 [ 25.906297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.906927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.907596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.908254] kthread+0x257/0x310 [ 25.908593] ? __pfx_kthread+0x10/0x10 [ 25.909035] ret_from_fork+0x41/0x80 [ 25.909528] ? __pfx_kthread+0x10/0x10 [ 25.910022] ret_from_fork_asm+0x1a/0x30 [ 25.910567] </TASK> [ 25.910940] [ 25.911160] Allocated by task 273: [ 25.911586] kasan_save_stack+0x3d/0x60 [ 25.912179] kasan_save_track+0x18/0x40 [ 25.912586] kasan_save_alloc_info+0x3b/0x50 [ 25.913192] __kasan_kmalloc+0xb7/0xc0 [ 25.913521] __kmalloc_cache_noprof+0x184/0x410 [ 25.914001] kasan_atomics+0x96/0x310 [ 25.914565] kunit_try_run_case+0x1b3/0x490 [ 25.915005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.915701] kthread+0x257/0x310 [ 25.916142] ret_from_fork+0x41/0x80 [ 25.916540] ret_from_fork_asm+0x1a/0x30 [ 25.916985] [ 25.917384] The buggy address belongs to the object at ffff888102a32500 [ 25.917384] which belongs to the cache kmalloc-64 of size 64 [ 25.918434] The buggy address is located 0 bytes to the right of [ 25.918434] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.919441] [ 25.919721] The buggy address belongs to the physical page: [ 25.920524] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.921219] flags: 0x200000000000000(node=0|zone=2) [ 25.921624] page_type: f5(slab) [ 25.922163] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.922925] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.923737] page dumped because: kasan: bad access detected [ 25.924329] [ 25.924622] Memory state around the buggy address: [ 25.925021] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.925811] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.926491] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.927193] ^ [ 25.927517] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.928856] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.929875] ================================================================== [ 28.047524] ================================================================== [ 28.048906] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 28.050237] Read of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 28.050885] [ 28.051006] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 28.052382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.053107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.053955] Call Trace: [ 28.054685] <TASK> [ 28.055010] dump_stack_lvl+0x73/0xb0 [ 28.055843] print_report+0xd1/0x640 [ 28.056407] ? __virt_addr_valid+0x1db/0x2d0 [ 28.057031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.057686] kasan_report+0x102/0x140 [ 28.058085] ? kasan_atomics_helper+0x4f73/0x5450 [ 28.058937] ? kasan_atomics_helper+0x4f73/0x5450 [ 28.059412] __asan_report_load8_noabort+0x18/0x20 [ 28.059792] kasan_atomics_helper+0x4f73/0x5450 [ 28.060403] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.060912] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.061550] ? kasan_atomics+0x153/0x310 [ 28.062001] kasan_atomics+0x1dd/0x310 [ 28.062908] ? __pfx_kasan_atomics+0x10/0x10 [ 28.063531] ? __pfx_read_tsc+0x10/0x10 [ 28.064003] ? ktime_get_ts64+0x84/0x230 [ 28.064579] kunit_try_run_case+0x1b3/0x490 [ 28.065284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.065803] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.066231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.066635] ? __kthread_parkme+0x82/0x160 [ 28.067116] ? preempt_count_sub+0x50/0x80 [ 28.067560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.067921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.068520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.068946] kthread+0x257/0x310 [ 28.069413] ? __pfx_kthread+0x10/0x10 [ 28.069808] ret_from_fork+0x41/0x80 [ 28.070185] ? __pfx_kthread+0x10/0x10 [ 28.070701] ret_from_fork_asm+0x1a/0x30 [ 28.071161] </TASK> [ 28.071470] [ 28.071685] Allocated by task 273: [ 28.071930] kasan_save_stack+0x3d/0x60 [ 28.072478] kasan_save_track+0x18/0x40 [ 28.072943] kasan_save_alloc_info+0x3b/0x50 [ 28.073438] __kasan_kmalloc+0xb7/0xc0 [ 28.073729] __kmalloc_cache_noprof+0x184/0x410 [ 28.074271] kasan_atomics+0x96/0x310 [ 28.074670] kunit_try_run_case+0x1b3/0x490 [ 28.075238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.075706] kthread+0x257/0x310 [ 28.075963] ret_from_fork+0x41/0x80 [ 28.076485] ret_from_fork_asm+0x1a/0x30 [ 28.076962] [ 28.077261] The buggy address belongs to the object at ffff888102a32500 [ 28.077261] which belongs to the cache kmalloc-64 of size 64 [ 28.078288] The buggy address is located 0 bytes to the right of [ 28.078288] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 28.079454] [ 28.079618] The buggy address belongs to the physical page: [ 28.080029] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 28.080894] flags: 0x200000000000000(node=0|zone=2) [ 28.081426] page_type: f5(slab) [ 28.081688] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.082558] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 28.083308] page dumped because: kasan: bad access detected [ 28.083793] [ 28.083982] Memory state around the buggy address: [ 28.084538] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.085130] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.085696] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.086447] ^ [ 28.086796] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.087272] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.088058] ================================================================== [ 27.540469] ================================================================== [ 27.541463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 27.542397] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.543220] [ 27.543569] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.544403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.544679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.545236] Call Trace: [ 27.545554] <TASK> [ 27.545896] dump_stack_lvl+0x73/0xb0 [ 27.546592] print_report+0xd1/0x640 [ 27.547187] ? __virt_addr_valid+0x1db/0x2d0 [ 27.547726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.548209] kasan_report+0x102/0x140 [ 27.548690] ? kasan_atomics_helper+0x18b2/0x5450 [ 27.549310] ? kasan_atomics_helper+0x18b2/0x5450 [ 27.549773] kasan_check_range+0x10c/0x1c0 [ 27.550364] __kasan_check_write+0x18/0x20 [ 27.550759] kasan_atomics_helper+0x18b2/0x5450 [ 27.551321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.551666] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.551990] ? kasan_atomics+0x153/0x310 [ 27.552480] kasan_atomics+0x1dd/0x310 [ 27.552999] ? __pfx_kasan_atomics+0x10/0x10 [ 27.553628] ? __pfx_read_tsc+0x10/0x10 [ 27.554146] ? ktime_get_ts64+0x84/0x230 [ 27.554706] kunit_try_run_case+0x1b3/0x490 [ 27.555298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.555727] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.556053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.556625] ? __kthread_parkme+0x82/0x160 [ 27.557210] ? preempt_count_sub+0x50/0x80 [ 27.557762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.558403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.558958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.559457] kthread+0x257/0x310 [ 27.559845] ? __pfx_kthread+0x10/0x10 [ 27.560324] ret_from_fork+0x41/0x80 [ 27.560753] ? __pfx_kthread+0x10/0x10 [ 27.561236] ret_from_fork_asm+0x1a/0x30 [ 27.561662] </TASK> [ 27.561915] [ 27.562158] Allocated by task 273: [ 27.562511] kasan_save_stack+0x3d/0x60 [ 27.562851] kasan_save_track+0x18/0x40 [ 27.563303] kasan_save_alloc_info+0x3b/0x50 [ 27.564674] __kasan_kmalloc+0xb7/0xc0 [ 27.566033] __kmalloc_cache_noprof+0x184/0x410 [ 27.566535] kasan_atomics+0x96/0x310 [ 27.566879] kunit_try_run_case+0x1b3/0x490 [ 27.568459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.568940] kthread+0x257/0x310 [ 27.569433] ret_from_fork+0x41/0x80 [ 27.569858] ret_from_fork_asm+0x1a/0x30 [ 27.570808] [ 27.571367] The buggy address belongs to the object at ffff888102a32500 [ 27.571367] which belongs to the cache kmalloc-64 of size 64 [ 27.572230] The buggy address is located 0 bytes to the right of [ 27.572230] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.573211] [ 27.573705] The buggy address belongs to the physical page: [ 27.574165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.575038] flags: 0x200000000000000(node=0|zone=2) [ 27.575746] page_type: f5(slab) [ 27.576071] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.576744] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.578203] page dumped because: kasan: bad access detected [ 27.578767] [ 27.579028] Memory state around the buggy address: [ 27.579617] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.580301] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.581080] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.581947] ^ [ 27.582272] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.583009] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.583762] ================================================================== [ 27.877114] ================================================================== [ 27.877840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 27.878762] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.879216] [ 27.879565] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.880649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.881006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.881854] Call Trace: [ 27.882348] <TASK> [ 27.882664] dump_stack_lvl+0x73/0xb0 [ 27.883461] print_report+0xd1/0x640 [ 27.883880] ? __virt_addr_valid+0x1db/0x2d0 [ 27.884548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.885272] kasan_report+0x102/0x140 [ 27.885757] ? kasan_atomics_helper+0x1d7b/0x5450 [ 27.886431] ? kasan_atomics_helper+0x1d7b/0x5450 [ 27.886858] kasan_check_range+0x10c/0x1c0 [ 27.887645] __kasan_check_write+0x18/0x20 [ 27.888182] kasan_atomics_helper+0x1d7b/0x5450 [ 27.888519] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.889235] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.889832] ? kasan_atomics+0x153/0x310 [ 27.890422] kasan_atomics+0x1dd/0x310 [ 27.890913] ? __pfx_kasan_atomics+0x10/0x10 [ 27.891359] ? __pfx_read_tsc+0x10/0x10 [ 27.891882] ? ktime_get_ts64+0x84/0x230 [ 27.892502] kunit_try_run_case+0x1b3/0x490 [ 27.892975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.893510] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.894175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.894750] ? __kthread_parkme+0x82/0x160 [ 27.895164] ? preempt_count_sub+0x50/0x80 [ 27.895812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.896292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.897127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.897725] kthread+0x257/0x310 [ 27.898141] ? __pfx_kthread+0x10/0x10 [ 27.898667] ret_from_fork+0x41/0x80 [ 27.898988] ? __pfx_kthread+0x10/0x10 [ 27.899553] ret_from_fork_asm+0x1a/0x30 [ 27.900163] </TASK> [ 27.900438] [ 27.900709] Allocated by task 273: [ 27.901139] kasan_save_stack+0x3d/0x60 [ 27.901696] kasan_save_track+0x18/0x40 [ 27.902200] kasan_save_alloc_info+0x3b/0x50 [ 27.902530] __kasan_kmalloc+0xb7/0xc0 [ 27.903105] __kmalloc_cache_noprof+0x184/0x410 [ 27.903690] kasan_atomics+0x96/0x310 [ 27.904005] kunit_try_run_case+0x1b3/0x490 [ 27.904618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.905268] kthread+0x257/0x310 [ 27.905795] ret_from_fork+0x41/0x80 [ 27.906910] ret_from_fork_asm+0x1a/0x30 [ 27.907362] [ 27.907626] The buggy address belongs to the object at ffff888102a32500 [ 27.907626] which belongs to the cache kmalloc-64 of size 64 [ 27.908701] The buggy address is located 0 bytes to the right of [ 27.908701] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.909933] [ 27.910258] The buggy address belongs to the physical page: [ 27.910992] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.911666] flags: 0x200000000000000(node=0|zone=2) [ 27.912006] page_type: f5(slab) [ 27.912704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.913165] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.914432] page dumped because: kasan: bad access detected [ 27.915005] [ 27.915290] Memory state around the buggy address: [ 27.915732] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.916389] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.917279] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.917988] ^ [ 27.918639] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.919415] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.920069] ================================================================== [ 25.710400] ================================================================== [ 25.711065] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 25.712908] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.713917] [ 25.714537] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.715660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.716065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.716812] Call Trace: [ 25.717086] <TASK> [ 25.717441] dump_stack_lvl+0x73/0xb0 [ 25.717811] print_report+0xd1/0x640 [ 25.718508] ? __virt_addr_valid+0x1db/0x2d0 [ 25.718998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.719844] kasan_report+0x102/0x140 [ 25.720396] ? kasan_atomics_helper+0x4b70/0x5450 [ 25.721058] ? kasan_atomics_helper+0x4b70/0x5450 [ 25.721794] __asan_report_store4_noabort+0x1b/0x30 [ 25.722404] kasan_atomics_helper+0x4b70/0x5450 [ 25.722921] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.723637] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.724364] ? kasan_atomics+0x153/0x310 [ 25.724806] kasan_atomics+0x1dd/0x310 [ 25.725409] ? __pfx_kasan_atomics+0x10/0x10 [ 25.725965] ? __pfx_read_tsc+0x10/0x10 [ 25.726657] ? ktime_get_ts64+0x84/0x230 [ 25.727044] kunit_try_run_case+0x1b3/0x490 [ 25.727701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.728308] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.728888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.729636] ? __kthread_parkme+0x82/0x160 [ 25.730016] ? preempt_count_sub+0x50/0x80 [ 25.730589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.731270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.731926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.732731] kthread+0x257/0x310 [ 25.733148] ? __pfx_kthread+0x10/0x10 [ 25.733687] ret_from_fork+0x41/0x80 [ 25.734037] ? __pfx_kthread+0x10/0x10 [ 25.734431] ret_from_fork_asm+0x1a/0x30 [ 25.734907] </TASK> [ 25.735177] [ 25.735438] Allocated by task 273: [ 25.735958] kasan_save_stack+0x3d/0x60 [ 25.736309] kasan_save_track+0x18/0x40 [ 25.736604] kasan_save_alloc_info+0x3b/0x50 [ 25.737370] __kasan_kmalloc+0xb7/0xc0 [ 25.737976] __kmalloc_cache_noprof+0x184/0x410 [ 25.738664] kasan_atomics+0x96/0x310 [ 25.739164] kunit_try_run_case+0x1b3/0x490 [ 25.739806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.740300] kthread+0x257/0x310 [ 25.740739] ret_from_fork+0x41/0x80 [ 25.741451] ret_from_fork_asm+0x1a/0x30 [ 25.741900] [ 25.742365] The buggy address belongs to the object at ffff888102a32500 [ 25.742365] which belongs to the cache kmalloc-64 of size 64 [ 25.743590] The buggy address is located 0 bytes to the right of [ 25.743590] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.744853] [ 25.745314] The buggy address belongs to the physical page: [ 25.746575] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.747670] flags: 0x200000000000000(node=0|zone=2) [ 25.747986] page_type: f5(slab) [ 25.748530] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.749308] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.750066] page dumped because: kasan: bad access detected [ 25.750803] [ 25.750951] Memory state around the buggy address: [ 25.751617] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.752318] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.753290] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.753930] ^ [ 25.754688] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.755518] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.756212] ================================================================== [ 27.273097] ================================================================== [ 27.273532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 27.274720] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.275761] [ 27.275943] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.277161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.277956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.279098] Call Trace: [ 27.279444] <TASK> [ 27.279722] dump_stack_lvl+0x73/0xb0 [ 27.280467] print_report+0xd1/0x640 [ 27.280787] ? __virt_addr_valid+0x1db/0x2d0 [ 27.281407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.281925] kasan_report+0x102/0x140 [ 27.282463] ? kasan_atomics_helper+0x151e/0x5450 [ 27.283120] ? kasan_atomics_helper+0x151e/0x5450 [ 27.283498] kasan_check_range+0x10c/0x1c0 [ 27.284008] __kasan_check_write+0x18/0x20 [ 27.284738] kasan_atomics_helper+0x151e/0x5450 [ 27.285172] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.285744] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.286658] ? kasan_atomics+0x153/0x310 [ 27.287136] kasan_atomics+0x1dd/0x310 [ 27.287460] ? __pfx_kasan_atomics+0x10/0x10 [ 27.288125] ? __pfx_read_tsc+0x10/0x10 [ 27.288696] ? ktime_get_ts64+0x84/0x230 [ 27.289119] kunit_try_run_case+0x1b3/0x490 [ 27.289457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.290121] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.291104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.291503] ? __kthread_parkme+0x82/0x160 [ 27.292078] ? preempt_count_sub+0x50/0x80 [ 27.292783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.293789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.294321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.294874] kthread+0x257/0x310 [ 27.295363] ? __pfx_kthread+0x10/0x10 [ 27.295946] ret_from_fork+0x41/0x80 [ 27.296555] ? __pfx_kthread+0x10/0x10 [ 27.297138] ret_from_fork_asm+0x1a/0x30 [ 27.297957] </TASK> [ 27.298421] [ 27.298694] Allocated by task 273: [ 27.299211] kasan_save_stack+0x3d/0x60 [ 27.299734] kasan_save_track+0x18/0x40 [ 27.300112] kasan_save_alloc_info+0x3b/0x50 [ 27.300783] __kasan_kmalloc+0xb7/0xc0 [ 27.301366] __kmalloc_cache_noprof+0x184/0x410 [ 27.302049] kasan_atomics+0x96/0x310 [ 27.302487] kunit_try_run_case+0x1b3/0x490 [ 27.302841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.303510] kthread+0x257/0x310 [ 27.303907] ret_from_fork+0x41/0x80 [ 27.304371] ret_from_fork_asm+0x1a/0x30 [ 27.304861] [ 27.305018] The buggy address belongs to the object at ffff888102a32500 [ 27.305018] which belongs to the cache kmalloc-64 of size 64 [ 27.306235] The buggy address is located 0 bytes to the right of [ 27.306235] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.307470] [ 27.307787] The buggy address belongs to the physical page: [ 27.308387] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.309207] flags: 0x200000000000000(node=0|zone=2) [ 27.309853] page_type: f5(slab) [ 27.310255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.311034] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.311770] page dumped because: kasan: bad access detected [ 27.312368] [ 27.312614] Memory state around the buggy address: [ 27.313166] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.313762] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.314630] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.315309] ^ [ 27.315676] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.316392] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.316898] ================================================================== [ 27.963660] ================================================================== [ 27.964593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 27.965426] Write of size 8 at addr ffff888102a32530 by task kunit_try_catch/273 [ 27.966942] [ 27.967145] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 27.968875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.969529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.970287] Call Trace: [ 27.970780] <TASK> [ 27.971063] dump_stack_lvl+0x73/0xb0 [ 27.971581] print_report+0xd1/0x640 [ 27.971945] ? __virt_addr_valid+0x1db/0x2d0 [ 27.972316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.972862] kasan_report+0x102/0x140 [ 27.973306] ? kasan_atomics_helper+0x1eab/0x5450 [ 27.973752] ? kasan_atomics_helper+0x1eab/0x5450 [ 27.974277] kasan_check_range+0x10c/0x1c0 [ 27.974739] __kasan_check_write+0x18/0x20 [ 27.975215] kasan_atomics_helper+0x1eab/0x5450 [ 27.975596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.976182] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.976625] ? kasan_atomics+0x153/0x310 [ 27.976977] kasan_atomics+0x1dd/0x310 [ 27.977517] ? __pfx_kasan_atomics+0x10/0x10 [ 27.978058] ? __pfx_read_tsc+0x10/0x10 [ 27.978502] ? ktime_get_ts64+0x84/0x230 [ 27.978895] kunit_try_run_case+0x1b3/0x490 [ 27.979372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.979933] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.980372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.980946] ? __kthread_parkme+0x82/0x160 [ 27.981430] ? preempt_count_sub+0x50/0x80 [ 27.981788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.982302] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.982959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.983659] kthread+0x257/0x310 [ 27.983979] ? __pfx_kthread+0x10/0x10 [ 27.984381] ret_from_fork+0x41/0x80 [ 27.984821] ? __pfx_kthread+0x10/0x10 [ 27.985277] ret_from_fork_asm+0x1a/0x30 [ 27.985703] </TASK> [ 27.985900] [ 27.986118] Allocated by task 273: [ 27.986556] kasan_save_stack+0x3d/0x60 [ 27.987061] kasan_save_track+0x18/0x40 [ 27.987431] kasan_save_alloc_info+0x3b/0x50 [ 27.987870] __kasan_kmalloc+0xb7/0xc0 [ 27.988379] __kmalloc_cache_noprof+0x184/0x410 [ 27.988846] kasan_atomics+0x96/0x310 [ 27.989226] kunit_try_run_case+0x1b3/0x490 [ 27.989718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.990252] kthread+0x257/0x310 [ 27.990650] ret_from_fork+0x41/0x80 [ 27.991012] ret_from_fork_asm+0x1a/0x30 [ 27.991462] [ 27.991681] The buggy address belongs to the object at ffff888102a32500 [ 27.991681] which belongs to the cache kmalloc-64 of size 64 [ 27.992690] The buggy address is located 0 bytes to the right of [ 27.992690] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 27.993667] [ 27.993920] The buggy address belongs to the physical page: [ 27.994485] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 27.994932] flags: 0x200000000000000(node=0|zone=2) [ 27.995460] page_type: f5(slab) [ 27.995879] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.996680] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 27.997149] page dumped because: kasan: bad access detected [ 27.997771] [ 27.998011] Memory state around the buggy address: [ 27.998606] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.999377] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.999799] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.000586] ^ [ 28.000969] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.002221] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.003212] ================================================================== [ 26.348936] ================================================================== [ 26.349495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 26.350266] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.350842] [ 26.351155] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.351984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.352517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.353247] Call Trace: [ 26.353607] <TASK> [ 26.353911] dump_stack_lvl+0x73/0xb0 [ 26.354396] print_report+0xd1/0x640 [ 26.354773] ? __virt_addr_valid+0x1db/0x2d0 [ 26.355212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.355873] kasan_report+0x102/0x140 [ 26.356289] ? kasan_atomics_helper+0xb6b/0x5450 [ 26.356807] ? kasan_atomics_helper+0xb6b/0x5450 [ 26.357317] kasan_check_range+0x10c/0x1c0 [ 26.357848] __kasan_check_write+0x18/0x20 [ 26.358258] kasan_atomics_helper+0xb6b/0x5450 [ 26.358717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.359319] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.359696] ? kasan_atomics+0x153/0x310 [ 26.360212] kasan_atomics+0x1dd/0x310 [ 26.360574] ? __pfx_kasan_atomics+0x10/0x10 [ 26.361174] ? __pfx_read_tsc+0x10/0x10 [ 26.361627] ? ktime_get_ts64+0x84/0x230 [ 26.362153] kunit_try_run_case+0x1b3/0x490 [ 26.362601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.362990] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.363608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.364046] ? __kthread_parkme+0x82/0x160 [ 26.364693] ? preempt_count_sub+0x50/0x80 [ 26.365772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.366410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.367280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.367763] kthread+0x257/0x310 [ 26.368249] ? __pfx_kthread+0x10/0x10 [ 26.369014] ret_from_fork+0x41/0x80 [ 26.369773] ? __pfx_kthread+0x10/0x10 [ 26.370417] ret_from_fork_asm+0x1a/0x30 [ 26.370897] </TASK> [ 26.371367] [ 26.371575] Allocated by task 273: [ 26.371954] kasan_save_stack+0x3d/0x60 [ 26.372448] kasan_save_track+0x18/0x40 [ 26.372941] kasan_save_alloc_info+0x3b/0x50 [ 26.373605] __kasan_kmalloc+0xb7/0xc0 [ 26.374030] __kmalloc_cache_noprof+0x184/0x410 [ 26.374678] kasan_atomics+0x96/0x310 [ 26.375124] kunit_try_run_case+0x1b3/0x490 [ 26.375815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.376312] kthread+0x257/0x310 [ 26.376739] ret_from_fork+0x41/0x80 [ 26.377208] ret_from_fork_asm+0x1a/0x30 [ 26.377858] [ 26.378054] The buggy address belongs to the object at ffff888102a32500 [ 26.378054] which belongs to the cache kmalloc-64 of size 64 [ 26.378976] The buggy address is located 0 bytes to the right of [ 26.378976] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.380385] [ 26.380552] The buggy address belongs to the physical page: [ 26.380943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.381973] flags: 0x200000000000000(node=0|zone=2) [ 26.382679] page_type: f5(slab) [ 26.383129] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.384164] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.384757] page dumped because: kasan: bad access detected [ 26.385461] [ 26.385677] Memory state around the buggy address: [ 26.386447] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.386800] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.387102] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.388629] ^ [ 26.388955] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.389826] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.390421] ================================================================== [ 26.435056] ================================================================== [ 26.435873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 26.436995] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.437862] [ 26.438249] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.439122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.439541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.440327] Call Trace: [ 26.440790] <TASK> [ 26.441124] dump_stack_lvl+0x73/0xb0 [ 26.441661] print_report+0xd1/0x640 [ 26.442041] ? __virt_addr_valid+0x1db/0x2d0 [ 26.442623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.443195] kasan_report+0x102/0x140 [ 26.443625] ? kasan_atomics_helper+0x4a86/0x5450 [ 26.444135] ? kasan_atomics_helper+0x4a86/0x5450 [ 26.444643] __asan_report_load4_noabort+0x18/0x20 [ 26.445207] kasan_atomics_helper+0x4a86/0x5450 [ 26.445762] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.446190] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.446841] ? kasan_atomics+0x153/0x310 [ 26.447223] kasan_atomics+0x1dd/0x310 [ 26.447823] ? __pfx_kasan_atomics+0x10/0x10 [ 26.448512] ? __pfx_read_tsc+0x10/0x10 [ 26.449034] ? ktime_get_ts64+0x84/0x230 [ 26.449545] kunit_try_run_case+0x1b3/0x490 [ 26.450038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.450518] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.451133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.451569] ? __kthread_parkme+0x82/0x160 [ 26.452154] ? preempt_count_sub+0x50/0x80 [ 26.452643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.453392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.454202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.454659] kthread+0x257/0x310 [ 26.455122] ? __pfx_kthread+0x10/0x10 [ 26.455570] ret_from_fork+0x41/0x80 [ 26.456051] ? __pfx_kthread+0x10/0x10 [ 26.456600] ret_from_fork_asm+0x1a/0x30 [ 26.457016] </TASK> [ 26.457384] [ 26.457601] Allocated by task 273: [ 26.457905] kasan_save_stack+0x3d/0x60 [ 26.458357] kasan_save_track+0x18/0x40 [ 26.458686] kasan_save_alloc_info+0x3b/0x50 [ 26.459237] __kasan_kmalloc+0xb7/0xc0 [ 26.459623] __kmalloc_cache_noprof+0x184/0x410 [ 26.460197] kasan_atomics+0x96/0x310 [ 26.460675] kunit_try_run_case+0x1b3/0x490 [ 26.461208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.461827] kthread+0x257/0x310 [ 26.462370] ret_from_fork+0x41/0x80 [ 26.462909] ret_from_fork_asm+0x1a/0x30 [ 26.463415] [ 26.463646] The buggy address belongs to the object at ffff888102a32500 [ 26.463646] which belongs to the cache kmalloc-64 of size 64 [ 26.464608] The buggy address is located 0 bytes to the right of [ 26.464608] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.465791] [ 26.466127] The buggy address belongs to the physical page: [ 26.466675] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.467432] flags: 0x200000000000000(node=0|zone=2) [ 26.467927] page_type: f5(slab) [ 26.468414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.469277] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.469973] page dumped because: kasan: bad access detected [ 26.470463] [ 26.470716] Memory state around the buggy address: [ 26.471403] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.472007] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.472675] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.473352] ^ [ 26.473694] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.474527] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.475219] ================================================================== [ 26.779748] ================================================================== [ 26.780854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 26.781711] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.782785] [ 26.783041] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.783798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.784072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.784580] Call Trace: [ 26.785086] <TASK> [ 26.785917] dump_stack_lvl+0x73/0xb0 [ 26.786563] print_report+0xd1/0x640 [ 26.787148] ? __virt_addr_valid+0x1db/0x2d0 [ 26.787894] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.788540] kasan_report+0x102/0x140 [ 26.788942] ? kasan_atomics_helper+0x4a1e/0x5450 [ 26.789980] ? kasan_atomics_helper+0x4a1e/0x5450 [ 26.790503] __asan_report_load4_noabort+0x18/0x20 [ 26.790740] kasan_atomics_helper+0x4a1e/0x5450 [ 26.790950] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.791840] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.792662] ? kasan_atomics+0x153/0x310 [ 26.792971] kasan_atomics+0x1dd/0x310 [ 26.793534] ? __pfx_kasan_atomics+0x10/0x10 [ 26.793888] ? __pfx_read_tsc+0x10/0x10 [ 26.794470] ? ktime_get_ts64+0x84/0x230 [ 26.795023] kunit_try_run_case+0x1b3/0x490 [ 26.795493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.796026] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.796647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.797253] ? __kthread_parkme+0x82/0x160 [ 26.797794] ? preempt_count_sub+0x50/0x80 [ 26.798242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.798787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.799471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.800107] kthread+0x257/0x310 [ 26.800582] ? __pfx_kthread+0x10/0x10 [ 26.800892] ret_from_fork+0x41/0x80 [ 26.801460] ? __pfx_kthread+0x10/0x10 [ 26.801830] ret_from_fork_asm+0x1a/0x30 [ 26.802445] </TASK> [ 26.802767] [ 26.803021] Allocated by task 273: [ 26.803477] kasan_save_stack+0x3d/0x60 [ 26.803910] kasan_save_track+0x18/0x40 [ 26.804472] kasan_save_alloc_info+0x3b/0x50 [ 26.805032] __kasan_kmalloc+0xb7/0xc0 [ 26.805571] __kmalloc_cache_noprof+0x184/0x410 [ 26.805982] kasan_atomics+0x96/0x310 [ 26.806737] kunit_try_run_case+0x1b3/0x490 [ 26.807410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.808288] kthread+0x257/0x310 [ 26.808583] ret_from_fork+0x41/0x80 [ 26.809450] ret_from_fork_asm+0x1a/0x30 [ 26.809872] [ 26.810081] The buggy address belongs to the object at ffff888102a32500 [ 26.810081] which belongs to the cache kmalloc-64 of size 64 [ 26.811447] The buggy address is located 0 bytes to the right of [ 26.811447] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.812503] [ 26.812736] The buggy address belongs to the physical page: [ 26.813256] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.814709] flags: 0x200000000000000(node=0|zone=2) [ 26.815446] page_type: f5(slab) [ 26.816380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.817168] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.818259] page dumped because: kasan: bad access detected [ 26.819018] [ 26.819264] Memory state around the buggy address: [ 26.819834] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.820564] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.821315] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.822019] ^ [ 26.822573] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.823253] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.823826] ================================================================== [ 25.559987] ================================================================== [ 25.561236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 25.561851] Read of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 25.562618] [ 25.562791] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.563854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.564945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.566448] Call Trace: [ 25.566945] <TASK> [ 25.567417] dump_stack_lvl+0x73/0xb0 [ 25.567871] print_report+0xd1/0x640 [ 25.568983] ? __virt_addr_valid+0x1db/0x2d0 [ 25.569477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.570055] kasan_report+0x102/0x140 [ 25.570528] ? kasan_atomics_helper+0x4bbe/0x5450 [ 25.571402] ? kasan_atomics_helper+0x4bbe/0x5450 [ 25.572589] __asan_report_load4_noabort+0x18/0x20 [ 25.573698] kasan_atomics_helper+0x4bbe/0x5450 [ 25.574571] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.574980] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.575450] ? kasan_atomics+0x153/0x310 [ 25.575814] kasan_atomics+0x1dd/0x310 [ 25.576476] ? __pfx_kasan_atomics+0x10/0x10 [ 25.576846] ? __pfx_read_tsc+0x10/0x10 [ 25.577802] ? ktime_get_ts64+0x84/0x230 [ 25.578420] kunit_try_run_case+0x1b3/0x490 [ 25.578973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.579364] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.579926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.580434] ? __kthread_parkme+0x82/0x160 [ 25.581066] ? preempt_count_sub+0x50/0x80 [ 25.581472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.581941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.582599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.583021] kthread+0x257/0x310 [ 25.584054] ? __pfx_kthread+0x10/0x10 [ 25.584915] ret_from_fork+0x41/0x80 [ 25.585384] ? __pfx_kthread+0x10/0x10 [ 25.585736] ret_from_fork_asm+0x1a/0x30 [ 25.586253] </TASK> [ 25.586702] [ 25.587033] Allocated by task 273: [ 25.588251] kasan_save_stack+0x3d/0x60 [ 25.588563] kasan_save_track+0x18/0x40 [ 25.589147] kasan_save_alloc_info+0x3b/0x50 [ 25.589835] __kasan_kmalloc+0xb7/0xc0 [ 25.590554] __kmalloc_cache_noprof+0x184/0x410 [ 25.591030] kasan_atomics+0x96/0x310 [ 25.591396] kunit_try_run_case+0x1b3/0x490 [ 25.591814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.592914] kthread+0x257/0x310 [ 25.593395] ret_from_fork+0x41/0x80 [ 25.593674] ret_from_fork_asm+0x1a/0x30 [ 25.593962] [ 25.594188] The buggy address belongs to the object at ffff888102a32500 [ 25.594188] which belongs to the cache kmalloc-64 of size 64 [ 25.595499] The buggy address is located 0 bytes to the right of [ 25.595499] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 25.596265] [ 25.596665] The buggy address belongs to the physical page: [ 25.597289] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 25.598198] flags: 0x200000000000000(node=0|zone=2) [ 25.599299] page_type: f5(slab) [ 25.599753] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.600814] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 25.601663] page dumped because: kasan: bad access detected [ 25.602120] [ 25.602648] Memory state around the buggy address: [ 25.603328] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.604179] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.604960] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.605519] ^ [ 25.606178] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.607562] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.608051] ================================================================== [ 26.269124] ================================================================== [ 26.269876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 26.270947] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.271382] [ 26.271567] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.272646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.273007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.273938] Call Trace: [ 26.274327] <TASK> [ 26.274568] dump_stack_lvl+0x73/0xb0 [ 26.275106] print_report+0xd1/0x640 [ 26.275560] ? __virt_addr_valid+0x1db/0x2d0 [ 26.275923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.276452] kasan_report+0x102/0x140 [ 26.276865] ? kasan_atomics_helper+0xa2c/0x5450 [ 26.277462] ? kasan_atomics_helper+0xa2c/0x5450 [ 26.277842] kasan_check_range+0x10c/0x1c0 [ 26.278213] __kasan_check_write+0x18/0x20 [ 26.278754] kasan_atomics_helper+0xa2c/0x5450 [ 26.279398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.280017] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.280589] ? kasan_atomics+0x153/0x310 [ 26.280995] kasan_atomics+0x1dd/0x310 [ 26.281391] ? __pfx_kasan_atomics+0x10/0x10 [ 26.281846] ? __pfx_read_tsc+0x10/0x10 [ 26.282252] ? ktime_get_ts64+0x84/0x230 [ 26.282573] kunit_try_run_case+0x1b3/0x490 [ 26.283195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.283756] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.284136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.284721] ? __kthread_parkme+0x82/0x160 [ 26.285279] ? preempt_count_sub+0x50/0x80 [ 26.285710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.286200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.286736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.287199] kthread+0x257/0x310 [ 26.287506] ? __pfx_kthread+0x10/0x10 [ 26.287993] ret_from_fork+0x41/0x80 [ 26.288523] ? __pfx_kthread+0x10/0x10 [ 26.288836] ret_from_fork_asm+0x1a/0x30 [ 26.289327] </TASK> [ 26.289657] [ 26.289841] Allocated by task 273: [ 26.290306] kasan_save_stack+0x3d/0x60 [ 26.290646] kasan_save_track+0x18/0x40 [ 26.290929] kasan_save_alloc_info+0x3b/0x50 [ 26.291458] __kasan_kmalloc+0xb7/0xc0 [ 26.291967] __kmalloc_cache_noprof+0x184/0x410 [ 26.292570] kasan_atomics+0x96/0x310 [ 26.293005] kunit_try_run_case+0x1b3/0x490 [ 26.293477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.294005] kthread+0x257/0x310 [ 26.294374] ret_from_fork+0x41/0x80 [ 26.294802] ret_from_fork_asm+0x1a/0x30 [ 26.295265] [ 26.295463] The buggy address belongs to the object at ffff888102a32500 [ 26.295463] which belongs to the cache kmalloc-64 of size 64 [ 26.296503] The buggy address is located 0 bytes to the right of [ 26.296503] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.297573] [ 26.297810] The buggy address belongs to the physical page: [ 26.298418] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.298882] flags: 0x200000000000000(node=0|zone=2) [ 26.299240] page_type: f5(slab) [ 26.299693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.301313] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.302656] page dumped because: kasan: bad access detected [ 26.303166] [ 26.303327] Memory state around the buggy address: [ 26.303725] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.304535] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.305025] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.305729] ^ [ 26.306296] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.306962] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.307603] ================================================================== [ 26.913700] ================================================================== [ 26.914262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 26.915188] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.915610] [ 26.915880] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.916963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.917602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.918242] Call Trace: [ 26.918666] <TASK> [ 26.918997] dump_stack_lvl+0x73/0xb0 [ 26.919587] print_report+0xd1/0x640 [ 26.919875] ? __virt_addr_valid+0x1db/0x2d0 [ 26.920493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.921260] kasan_report+0x102/0x140 [ 26.921637] ? kasan_atomics_helper+0x1218/0x5450 [ 26.922299] ? kasan_atomics_helper+0x1218/0x5450 [ 26.922817] kasan_check_range+0x10c/0x1c0 [ 26.923298] __kasan_check_write+0x18/0x20 [ 26.923837] kasan_atomics_helper+0x1218/0x5450 [ 26.924404] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.924827] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.925475] ? kasan_atomics+0x153/0x310 [ 26.925957] kasan_atomics+0x1dd/0x310 [ 26.926576] ? __pfx_kasan_atomics+0x10/0x10 [ 26.926998] ? __pfx_read_tsc+0x10/0x10 [ 26.927507] ? ktime_get_ts64+0x84/0x230 [ 26.927972] kunit_try_run_case+0x1b3/0x490 [ 26.928528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.929039] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.929674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.930277] ? __kthread_parkme+0x82/0x160 [ 26.930803] ? preempt_count_sub+0x50/0x80 [ 26.931394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.931944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.932530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.933186] kthread+0x257/0x310 [ 26.933631] ? __pfx_kthread+0x10/0x10 [ 26.934238] ret_from_fork+0x41/0x80 [ 26.934639] ? __pfx_kthread+0x10/0x10 [ 26.935048] ret_from_fork_asm+0x1a/0x30 [ 26.935615] </TASK> [ 26.935835] [ 26.935993] Allocated by task 273: [ 26.936521] kasan_save_stack+0x3d/0x60 [ 26.937113] kasan_save_track+0x18/0x40 [ 26.937420] kasan_save_alloc_info+0x3b/0x50 [ 26.937813] __kasan_kmalloc+0xb7/0xc0 [ 26.938528] __kmalloc_cache_noprof+0x184/0x410 [ 26.939176] kasan_atomics+0x96/0x310 [ 26.939551] kunit_try_run_case+0x1b3/0x490 [ 26.940015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.940714] kthread+0x257/0x310 [ 26.941243] ret_from_fork+0x41/0x80 [ 26.941668] ret_from_fork_asm+0x1a/0x30 [ 26.942029] [ 26.942457] The buggy address belongs to the object at ffff888102a32500 [ 26.942457] which belongs to the cache kmalloc-64 of size 64 [ 26.943423] The buggy address is located 0 bytes to the right of [ 26.943423] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.944798] [ 26.945046] The buggy address belongs to the physical page: [ 26.945570] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.946637] flags: 0x200000000000000(node=0|zone=2) [ 26.947207] page_type: f5(slab) [ 26.947498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.948402] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.949191] page dumped because: kasan: bad access detected [ 26.949776] [ 26.950132] Memory state around the buggy address: [ 26.950683] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.951513] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.952239] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.952821] ^ [ 26.953430] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.953972] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.954826] ================================================================== [ 26.022531] ================================================================== [ 26.023085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 26.023825] Write of size 4 at addr ffff888102a32530 by task kunit_try_catch/273 [ 26.025416] [ 26.025708] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 26.026885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.027626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.028519] Call Trace: [ 26.028867] <TASK> [ 26.029143] dump_stack_lvl+0x73/0xb0 [ 26.029617] print_report+0xd1/0x640 [ 26.030037] ? __virt_addr_valid+0x1db/0x2d0 [ 26.030550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.031113] kasan_report+0x102/0x140 [ 26.031667] ? kasan_atomics_helper+0x698/0x5450 [ 26.032267] ? kasan_atomics_helper+0x698/0x5450 [ 26.032806] kasan_check_range+0x10c/0x1c0 [ 26.033277] __kasan_check_write+0x18/0x20 [ 26.033891] kasan_atomics_helper+0x698/0x5450 [ 26.034308] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.034871] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.035366] ? kasan_atomics+0x153/0x310 [ 26.035903] kasan_atomics+0x1dd/0x310 [ 26.036323] ? __pfx_kasan_atomics+0x10/0x10 [ 26.036758] ? __pfx_read_tsc+0x10/0x10 [ 26.037037] ? ktime_get_ts64+0x84/0x230 [ 26.037881] kunit_try_run_case+0x1b3/0x490 [ 26.038460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.039225] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.039778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.040401] ? __kthread_parkme+0x82/0x160 [ 26.040912] ? preempt_count_sub+0x50/0x80 [ 26.041576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.041991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.042686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.043365] kthread+0x257/0x310 [ 26.043931] ? __pfx_kthread+0x10/0x10 [ 26.044212] ret_from_fork+0x41/0x80 [ 26.044984] ? __pfx_kthread+0x10/0x10 [ 26.045416] ret_from_fork_asm+0x1a/0x30 [ 26.045943] </TASK> [ 26.046296] [ 26.046542] Allocated by task 273: [ 26.046879] kasan_save_stack+0x3d/0x60 [ 26.047436] kasan_save_track+0x18/0x40 [ 26.047803] kasan_save_alloc_info+0x3b/0x50 [ 26.048382] __kasan_kmalloc+0xb7/0xc0 [ 26.048854] __kmalloc_cache_noprof+0x184/0x410 [ 26.049410] kasan_atomics+0x96/0x310 [ 26.049963] kunit_try_run_case+0x1b3/0x490 [ 26.050477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.051024] kthread+0x257/0x310 [ 26.051449] ret_from_fork+0x41/0x80 [ 26.051932] ret_from_fork_asm+0x1a/0x30 [ 26.052494] [ 26.052654] The buggy address belongs to the object at ffff888102a32500 [ 26.052654] which belongs to the cache kmalloc-64 of size 64 [ 26.054000] The buggy address is located 0 bytes to the right of [ 26.054000] allocated 48-byte region [ffff888102a32500, ffff888102a32530) [ 26.055165] [ 26.055539] The buggy address belongs to the physical page: [ 26.055995] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a32 [ 26.056939] flags: 0x200000000000000(node=0|zone=2) [ 26.057634] page_type: f5(slab) [ 26.058021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.058875] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 26.059514] page dumped because: kasan: bad access detected [ 26.060167] [ 26.060347] Memory state around the buggy address: [ 26.060628] ffff888102a32400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.061000] ffff888102a32480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.061415] >ffff888102a32500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.061806] ^ [ 26.062098] ffff888102a32580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.062618] ffff888102a32600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.063062] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 25.469983] ================================================================== [ 25.470866] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 25.471762] Read of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.472493] [ 25.472774] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.473838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.474279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.475275] Call Trace: [ 25.475536] <TASK> [ 25.475890] dump_stack_lvl+0x73/0xb0 [ 25.476407] print_report+0xd1/0x640 [ 25.476775] ? __virt_addr_valid+0x1db/0x2d0 [ 25.477228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.477953] kasan_report+0x102/0x140 [ 25.478482] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 25.479640] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 25.480602] kasan_check_range+0x10c/0x1c0 [ 25.481177] __kasan_check_read+0x15/0x20 [ 25.481713] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 25.482406] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.483028] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.483523] ? kasan_bitops_generic+0x93/0x1c0 [ 25.483905] kasan_bitops_generic+0x122/0x1c0 [ 25.484435] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.484840] ? __pfx_read_tsc+0x10/0x10 [ 25.485295] ? ktime_get_ts64+0x84/0x230 [ 25.485657] kunit_try_run_case+0x1b3/0x490 [ 25.486221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.486764] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.487243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.487790] ? __kthread_parkme+0x82/0x160 [ 25.488371] ? preempt_count_sub+0x50/0x80 [ 25.488795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.489428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.489893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.490445] kthread+0x257/0x310 [ 25.490872] ? __pfx_kthread+0x10/0x10 [ 25.491260] ret_from_fork+0x41/0x80 [ 25.491737] ? __pfx_kthread+0x10/0x10 [ 25.492103] ret_from_fork_asm+0x1a/0x30 [ 25.492463] </TASK> [ 25.492767] [ 25.492999] Allocated by task 269: [ 25.493382] kasan_save_stack+0x3d/0x60 [ 25.493705] kasan_save_track+0x18/0x40 [ 25.493981] kasan_save_alloc_info+0x3b/0x50 [ 25.494614] __kasan_kmalloc+0xb7/0xc0 [ 25.494996] __kmalloc_cache_noprof+0x184/0x410 [ 25.495468] kasan_bitops_generic+0x93/0x1c0 [ 25.495813] kunit_try_run_case+0x1b3/0x490 [ 25.496377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.496996] kthread+0x257/0x310 [ 25.497375] ret_from_fork+0x41/0x80 [ 25.497744] ret_from_fork_asm+0x1a/0x30 [ 25.498122] [ 25.498277] The buggy address belongs to the object at ffff888101094fa0 [ 25.498277] which belongs to the cache kmalloc-16 of size 16 [ 25.499435] The buggy address is located 8 bytes inside of [ 25.499435] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.500216] [ 25.500418] The buggy address belongs to the physical page: [ 25.501048] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.501728] flags: 0x200000000000000(node=0|zone=2) [ 25.502109] page_type: f5(slab) [ 25.502512] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.503314] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.503944] page dumped because: kasan: bad access detected [ 25.504540] [ 25.504780] Memory state around the buggy address: [ 25.505251] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.505694] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.506546] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.507209] ^ [ 25.507698] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.508408] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.509017] ================================================================== [ 25.379175] ================================================================== [ 25.381325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 25.382722] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.383458] [ 25.383724] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.385065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.385836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.386763] Call Trace: [ 25.387129] <TASK> [ 25.387585] dump_stack_lvl+0x73/0xb0 [ 25.388172] print_report+0xd1/0x640 [ 25.388783] ? __virt_addr_valid+0x1db/0x2d0 [ 25.389462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.390020] kasan_report+0x102/0x140 [ 25.390834] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 25.391611] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 25.392197] kasan_check_range+0x10c/0x1c0 [ 25.392603] __kasan_check_write+0x18/0x20 [ 25.393096] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 25.393773] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.394479] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.394895] ? kasan_bitops_generic+0x93/0x1c0 [ 25.395754] kasan_bitops_generic+0x122/0x1c0 [ 25.396093] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.396385] ? __pfx_read_tsc+0x10/0x10 [ 25.397008] ? ktime_get_ts64+0x84/0x230 [ 25.397399] kunit_try_run_case+0x1b3/0x490 [ 25.398188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.398772] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.399234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.399665] ? __kthread_parkme+0x82/0x160 [ 25.400049] ? preempt_count_sub+0x50/0x80 [ 25.400542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.400979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.401566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.402116] kthread+0x257/0x310 [ 25.402468] ? __pfx_kthread+0x10/0x10 [ 25.402837] ret_from_fork+0x41/0x80 [ 25.403364] ? __pfx_kthread+0x10/0x10 [ 25.403814] ret_from_fork_asm+0x1a/0x30 [ 25.404253] </TASK> [ 25.404566] [ 25.404802] Allocated by task 269: [ 25.405233] kasan_save_stack+0x3d/0x60 [ 25.405608] kasan_save_track+0x18/0x40 [ 25.406043] kasan_save_alloc_info+0x3b/0x50 [ 25.406587] __kasan_kmalloc+0xb7/0xc0 [ 25.406957] __kmalloc_cache_noprof+0x184/0x410 [ 25.407355] kasan_bitops_generic+0x93/0x1c0 [ 25.407845] kunit_try_run_case+0x1b3/0x490 [ 25.408325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.408737] kthread+0x257/0x310 [ 25.409192] ret_from_fork+0x41/0x80 [ 25.409672] ret_from_fork_asm+0x1a/0x30 [ 25.410061] [ 25.411132] The buggy address belongs to the object at ffff888101094fa0 [ 25.411132] which belongs to the cache kmalloc-16 of size 16 [ 25.411901] The buggy address is located 8 bytes inside of [ 25.411901] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.412767] [ 25.412923] The buggy address belongs to the physical page: [ 25.413397] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.414054] flags: 0x200000000000000(node=0|zone=2) [ 25.414673] page_type: f5(slab) [ 25.414959] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.415612] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.416310] page dumped because: kasan: bad access detected [ 25.416860] [ 25.417030] Memory state around the buggy address: [ 25.417427] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.418230] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.419111] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.419804] ^ [ 25.420158] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.420876] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.421656] ================================================================== [ 25.196735] ================================================================== [ 25.197849] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 25.198682] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.199448] [ 25.199786] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.200693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.201366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.202358] Call Trace: [ 25.202568] <TASK> [ 25.202912] dump_stack_lvl+0x73/0xb0 [ 25.203531] print_report+0xd1/0x640 [ 25.203855] ? __virt_addr_valid+0x1db/0x2d0 [ 25.204736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.205295] kasan_report+0x102/0x140 [ 25.205801] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 25.206525] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 25.207357] kasan_check_range+0x10c/0x1c0 [ 25.207904] __kasan_check_write+0x18/0x20 [ 25.208357] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 25.208897] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.209480] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.210048] ? kasan_bitops_generic+0x93/0x1c0 [ 25.210719] kasan_bitops_generic+0x122/0x1c0 [ 25.211284] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.211851] ? __pfx_read_tsc+0x10/0x10 [ 25.212433] ? ktime_get_ts64+0x84/0x230 [ 25.212982] kunit_try_run_case+0x1b3/0x490 [ 25.213541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.214215] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.214715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.215317] ? __kthread_parkme+0x82/0x160 [ 25.215790] ? preempt_count_sub+0x50/0x80 [ 25.216360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.216927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.217675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.218278] kthread+0x257/0x310 [ 25.218735] ? __pfx_kthread+0x10/0x10 [ 25.219192] ret_from_fork+0x41/0x80 [ 25.219709] ? __pfx_kthread+0x10/0x10 [ 25.220132] ret_from_fork_asm+0x1a/0x30 [ 25.220645] </TASK> [ 25.220996] [ 25.221265] Allocated by task 269: [ 25.221697] kasan_save_stack+0x3d/0x60 [ 25.222175] kasan_save_track+0x18/0x40 [ 25.222577] kasan_save_alloc_info+0x3b/0x50 [ 25.223190] __kasan_kmalloc+0xb7/0xc0 [ 25.223645] __kmalloc_cache_noprof+0x184/0x410 [ 25.224364] kasan_bitops_generic+0x93/0x1c0 [ 25.224664] kunit_try_run_case+0x1b3/0x490 [ 25.225284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.225985] kthread+0x257/0x310 [ 25.226370] ret_from_fork+0x41/0x80 [ 25.226754] ret_from_fork_asm+0x1a/0x30 [ 25.227260] [ 25.227434] The buggy address belongs to the object at ffff888101094fa0 [ 25.227434] which belongs to the cache kmalloc-16 of size 16 [ 25.228756] The buggy address is located 8 bytes inside of [ 25.228756] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.229688] [ 25.229905] The buggy address belongs to the physical page: [ 25.230627] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.231213] flags: 0x200000000000000(node=0|zone=2) [ 25.231894] page_type: f5(slab) [ 25.232409] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.232999] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.233739] page dumped because: kasan: bad access detected [ 25.234418] [ 25.234611] Memory state around the buggy address: [ 25.235188] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.236040] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.237226] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.238003] ^ [ 25.238523] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.239197] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.240073] ================================================================== [ 25.422712] ================================================================== [ 25.423537] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 25.424178] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.424918] [ 25.425254] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.426048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.426480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.427194] Call Trace: [ 25.427528] <TASK> [ 25.427767] dump_stack_lvl+0x73/0xb0 [ 25.428262] print_report+0xd1/0x640 [ 25.428747] ? __virt_addr_valid+0x1db/0x2d0 [ 25.429212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.429636] kasan_report+0x102/0x140 [ 25.430188] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 25.430712] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 25.431413] kasan_check_range+0x10c/0x1c0 [ 25.431930] __kasan_check_write+0x18/0x20 [ 25.432365] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 25.432931] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.433542] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.434046] ? kasan_bitops_generic+0x93/0x1c0 [ 25.434543] kasan_bitops_generic+0x122/0x1c0 [ 25.435200] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.435666] ? __pfx_read_tsc+0x10/0x10 [ 25.436152] ? ktime_get_ts64+0x84/0x230 [ 25.436499] kunit_try_run_case+0x1b3/0x490 [ 25.436967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.437504] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.437982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.438630] ? __kthread_parkme+0x82/0x160 [ 25.439012] ? preempt_count_sub+0x50/0x80 [ 25.439395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.439922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.441030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.441686] kthread+0x257/0x310 [ 25.441969] ? __pfx_kthread+0x10/0x10 [ 25.442851] ret_from_fork+0x41/0x80 [ 25.443759] ? __pfx_kthread+0x10/0x10 [ 25.444077] ret_from_fork_asm+0x1a/0x30 [ 25.444905] </TASK> [ 25.445284] [ 25.445493] Allocated by task 269: [ 25.445841] kasan_save_stack+0x3d/0x60 [ 25.446208] kasan_save_track+0x18/0x40 [ 25.447240] kasan_save_alloc_info+0x3b/0x50 [ 25.447621] __kasan_kmalloc+0xb7/0xc0 [ 25.448121] __kmalloc_cache_noprof+0x184/0x410 [ 25.448780] kasan_bitops_generic+0x93/0x1c0 [ 25.449484] kunit_try_run_case+0x1b3/0x490 [ 25.449985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.450799] kthread+0x257/0x310 [ 25.451446] ret_from_fork+0x41/0x80 [ 25.452040] ret_from_fork_asm+0x1a/0x30 [ 25.452964] [ 25.453855] The buggy address belongs to the object at ffff888101094fa0 [ 25.453855] which belongs to the cache kmalloc-16 of size 16 [ 25.455212] The buggy address is located 8 bytes inside of [ 25.455212] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.456642] [ 25.456907] The buggy address belongs to the physical page: [ 25.457895] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.458992] flags: 0x200000000000000(node=0|zone=2) [ 25.459867] page_type: f5(slab) [ 25.460574] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.461407] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.462194] page dumped because: kasan: bad access detected [ 25.462854] [ 25.463154] Memory state around the buggy address: [ 25.464107] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.464810] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.465872] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.466592] ^ [ 25.467212] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.467927] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.468855] ================================================================== [ 25.330678] ================================================================== [ 25.331715] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 25.332690] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.333324] [ 25.333643] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.334607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.334999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.335878] Call Trace: [ 25.336237] <TASK> [ 25.336513] dump_stack_lvl+0x73/0xb0 [ 25.337035] print_report+0xd1/0x640 [ 25.337423] ? __virt_addr_valid+0x1db/0x2d0 [ 25.337911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.338580] kasan_report+0x102/0x140 [ 25.339048] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 25.339536] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 25.340443] kasan_check_range+0x10c/0x1c0 [ 25.340970] __kasan_check_write+0x18/0x20 [ 25.341840] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 25.342713] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.343765] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.344375] ? kasan_bitops_generic+0x93/0x1c0 [ 25.344820] kasan_bitops_generic+0x122/0x1c0 [ 25.345259] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.345786] ? __pfx_read_tsc+0x10/0x10 [ 25.346146] ? ktime_get_ts64+0x84/0x230 [ 25.347423] kunit_try_run_case+0x1b3/0x490 [ 25.347839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.348193] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.348916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.349670] ? __kthread_parkme+0x82/0x160 [ 25.350102] ? preempt_count_sub+0x50/0x80 [ 25.350655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.351435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.352087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.352734] kthread+0x257/0x310 [ 25.353094] ? __pfx_kthread+0x10/0x10 [ 25.353854] ret_from_fork+0x41/0x80 [ 25.354694] ? __pfx_kthread+0x10/0x10 [ 25.355568] ret_from_fork_asm+0x1a/0x30 [ 25.355922] </TASK> [ 25.356198] [ 25.356384] Allocated by task 269: [ 25.356756] kasan_save_stack+0x3d/0x60 [ 25.357261] kasan_save_track+0x18/0x40 [ 25.357638] kasan_save_alloc_info+0x3b/0x50 [ 25.357970] __kasan_kmalloc+0xb7/0xc0 [ 25.358624] __kmalloc_cache_noprof+0x184/0x410 [ 25.359510] kasan_bitops_generic+0x93/0x1c0 [ 25.359825] kunit_try_run_case+0x1b3/0x490 [ 25.360444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.361328] kthread+0x257/0x310 [ 25.362189] ret_from_fork+0x41/0x80 [ 25.362670] ret_from_fork_asm+0x1a/0x30 [ 25.363301] [ 25.363558] The buggy address belongs to the object at ffff888101094fa0 [ 25.363558] which belongs to the cache kmalloc-16 of size 16 [ 25.364732] The buggy address is located 8 bytes inside of [ 25.364732] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.365960] [ 25.366269] The buggy address belongs to the physical page: [ 25.367047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.367836] flags: 0x200000000000000(node=0|zone=2) [ 25.368377] page_type: f5(slab) [ 25.368765] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.370301] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.371312] page dumped because: kasan: bad access detected [ 25.371952] [ 25.372197] Memory state around the buggy address: [ 25.372783] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.373482] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.373988] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.375235] ^ [ 25.375813] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.376628] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.377733] ================================================================== [ 25.241389] ================================================================== [ 25.242479] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 25.243556] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.244688] [ 25.244915] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.245856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.246393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.247211] Call Trace: [ 25.247495] <TASK> [ 25.247859] dump_stack_lvl+0x73/0xb0 [ 25.248443] print_report+0xd1/0x640 [ 25.248747] ? __virt_addr_valid+0x1db/0x2d0 [ 25.249365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.250014] kasan_report+0x102/0x140 [ 25.250350] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 25.251032] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 25.251744] kasan_check_range+0x10c/0x1c0 [ 25.252401] __kasan_check_write+0x18/0x20 [ 25.252942] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 25.253550] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.254369] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.255061] ? kasan_bitops_generic+0x93/0x1c0 [ 25.255505] kasan_bitops_generic+0x122/0x1c0 [ 25.256309] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.256797] ? __pfx_read_tsc+0x10/0x10 [ 25.257288] ? ktime_get_ts64+0x84/0x230 [ 25.257683] kunit_try_run_case+0x1b3/0x490 [ 25.258270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.258833] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.259156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.259789] ? __kthread_parkme+0x82/0x160 [ 25.260383] ? preempt_count_sub+0x50/0x80 [ 25.261145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.261550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.262297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.262839] kthread+0x257/0x310 [ 25.263095] ? __pfx_kthread+0x10/0x10 [ 25.263638] ret_from_fork+0x41/0x80 [ 25.264118] ? __pfx_kthread+0x10/0x10 [ 25.264535] ret_from_fork_asm+0x1a/0x30 [ 25.265077] </TASK> [ 25.265419] [ 25.265659] Allocated by task 269: [ 25.265898] kasan_save_stack+0x3d/0x60 [ 25.266539] kasan_save_track+0x18/0x40 [ 25.267044] kasan_save_alloc_info+0x3b/0x50 [ 25.268253] __kasan_kmalloc+0xb7/0xc0 [ 25.268860] __kmalloc_cache_noprof+0x184/0x410 [ 25.269217] kasan_bitops_generic+0x93/0x1c0 [ 25.269694] kunit_try_run_case+0x1b3/0x490 [ 25.270184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.270778] kthread+0x257/0x310 [ 25.271226] ret_from_fork+0x41/0x80 [ 25.271689] ret_from_fork_asm+0x1a/0x30 [ 25.272246] [ 25.272566] The buggy address belongs to the object at ffff888101094fa0 [ 25.272566] which belongs to the cache kmalloc-16 of size 16 [ 25.273570] The buggy address is located 8 bytes inside of [ 25.273570] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.274707] [ 25.275021] The buggy address belongs to the physical page: [ 25.275442] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.276309] flags: 0x200000000000000(node=0|zone=2) [ 25.276661] page_type: f5(slab) [ 25.277208] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.277967] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.278748] page dumped because: kasan: bad access detected [ 25.279378] [ 25.279627] Memory state around the buggy address: [ 25.280064] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.280759] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.281476] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.282089] ^ [ 25.282651] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.283330] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.284134] ================================================================== [ 25.510912] ================================================================== [ 25.511644] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 25.512866] Read of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.513444] [ 25.513671] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.514456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.514887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.515629] Call Trace: [ 25.515909] <TASK> [ 25.516262] dump_stack_lvl+0x73/0xb0 [ 25.516759] print_report+0xd1/0x640 [ 25.517129] ? __virt_addr_valid+0x1db/0x2d0 [ 25.517649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.518280] kasan_report+0x102/0x140 [ 25.518583] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 25.519277] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 25.519921] __asan_report_load8_noabort+0x18/0x20 [ 25.520486] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 25.521311] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.521969] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.522476] ? kasan_bitops_generic+0x93/0x1c0 [ 25.522992] kasan_bitops_generic+0x122/0x1c0 [ 25.523593] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.524003] ? __pfx_read_tsc+0x10/0x10 [ 25.524452] ? ktime_get_ts64+0x84/0x230 [ 25.524915] kunit_try_run_case+0x1b3/0x490 [ 25.525322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.525830] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.526361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.526797] ? __kthread_parkme+0x82/0x160 [ 25.527138] ? preempt_count_sub+0x50/0x80 [ 25.527668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.528267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.528799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.529254] kthread+0x257/0x310 [ 25.529548] ? __pfx_kthread+0x10/0x10 [ 25.530025] ret_from_fork+0x41/0x80 [ 25.530522] ? __pfx_kthread+0x10/0x10 [ 25.530886] ret_from_fork_asm+0x1a/0x30 [ 25.531394] </TASK> [ 25.531589] [ 25.531740] Allocated by task 269: [ 25.532117] kasan_save_stack+0x3d/0x60 [ 25.532647] kasan_save_track+0x18/0x40 [ 25.533182] kasan_save_alloc_info+0x3b/0x50 [ 25.533750] __kasan_kmalloc+0xb7/0xc0 [ 25.534062] __kmalloc_cache_noprof+0x184/0x410 [ 25.534697] kasan_bitops_generic+0x93/0x1c0 [ 25.535112] kunit_try_run_case+0x1b3/0x490 [ 25.535598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.535945] kthread+0x257/0x310 [ 25.536421] ret_from_fork+0x41/0x80 [ 25.536896] ret_from_fork_asm+0x1a/0x30 [ 25.537414] [ 25.537622] The buggy address belongs to the object at ffff888101094fa0 [ 25.537622] which belongs to the cache kmalloc-16 of size 16 [ 25.538462] The buggy address is located 8 bytes inside of [ 25.538462] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.539488] [ 25.539713] The buggy address belongs to the physical page: [ 25.540321] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.541634] flags: 0x200000000000000(node=0|zone=2) [ 25.541971] page_type: f5(slab) [ 25.542424] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.543116] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.543689] page dumped because: kasan: bad access detected [ 25.544228] [ 25.544445] Memory state around the buggy address: [ 25.544948] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.545597] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.546212] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.546849] ^ [ 25.547292] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.547980] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.548470] ================================================================== [ 25.145100] ================================================================== [ 25.145875] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 25.147464] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.148979] [ 25.149497] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.150843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.151313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.152543] Call Trace: [ 25.153032] <TASK> [ 25.153353] dump_stack_lvl+0x73/0xb0 [ 25.153813] print_report+0xd1/0x640 [ 25.154182] ? __virt_addr_valid+0x1db/0x2d0 [ 25.155285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.155900] kasan_report+0x102/0x140 [ 25.156427] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 25.156993] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 25.157911] kasan_check_range+0x10c/0x1c0 [ 25.158316] __kasan_check_write+0x18/0x20 [ 25.158995] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 25.160302] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.160939] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.161390] ? kasan_bitops_generic+0x93/0x1c0 [ 25.161997] kasan_bitops_generic+0x122/0x1c0 [ 25.162560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.163218] ? __pfx_read_tsc+0x10/0x10 [ 25.163947] ? ktime_get_ts64+0x84/0x230 [ 25.164578] kunit_try_run_case+0x1b3/0x490 [ 25.164924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.165642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.165993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.166682] ? __kthread_parkme+0x82/0x160 [ 25.167125] ? preempt_count_sub+0x50/0x80 [ 25.167643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.168628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.169024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.169692] kthread+0x257/0x310 [ 25.169978] ? __pfx_kthread+0x10/0x10 [ 25.170536] ret_from_fork+0x41/0x80 [ 25.171491] ? __pfx_kthread+0x10/0x10 [ 25.171982] ret_from_fork_asm+0x1a/0x30 [ 25.172604] </TASK> [ 25.172918] [ 25.173212] Allocated by task 269: [ 25.173600] kasan_save_stack+0x3d/0x60 [ 25.174024] kasan_save_track+0x18/0x40 [ 25.174753] kasan_save_alloc_info+0x3b/0x50 [ 25.175314] __kasan_kmalloc+0xb7/0xc0 [ 25.176220] __kmalloc_cache_noprof+0x184/0x410 [ 25.176681] kasan_bitops_generic+0x93/0x1c0 [ 25.176983] kunit_try_run_case+0x1b3/0x490 [ 25.177925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.178746] kthread+0x257/0x310 [ 25.179153] ret_from_fork+0x41/0x80 [ 25.179865] ret_from_fork_asm+0x1a/0x30 [ 25.180258] [ 25.180514] The buggy address belongs to the object at ffff888101094fa0 [ 25.180514] which belongs to the cache kmalloc-16 of size 16 [ 25.182212] The buggy address is located 8 bytes inside of [ 25.182212] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.183663] [ 25.183962] The buggy address belongs to the physical page: [ 25.184459] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.185849] flags: 0x200000000000000(node=0|zone=2) [ 25.186528] page_type: f5(slab) [ 25.187124] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.187934] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.188774] page dumped because: kasan: bad access detected [ 25.189440] [ 25.190096] Memory state around the buggy address: [ 25.190697] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.191496] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.192381] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.193186] ^ [ 25.193622] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.194598] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.195598] ================================================================== [ 25.285436] ================================================================== [ 25.286277] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 25.287526] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.288404] [ 25.289648] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.290702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.291037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.291928] Call Trace: [ 25.292245] <TASK> [ 25.292634] dump_stack_lvl+0x73/0xb0 [ 25.293074] print_report+0xd1/0x640 [ 25.293490] ? __virt_addr_valid+0x1db/0x2d0 [ 25.294362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.294902] kasan_report+0x102/0x140 [ 25.295308] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 25.295968] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 25.296656] kasan_check_range+0x10c/0x1c0 [ 25.296997] __kasan_check_write+0x18/0x20 [ 25.297508] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 25.298488] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.299455] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.300129] ? kasan_bitops_generic+0x93/0x1c0 [ 25.300803] kasan_bitops_generic+0x122/0x1c0 [ 25.301273] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.301805] ? __pfx_read_tsc+0x10/0x10 [ 25.302357] ? ktime_get_ts64+0x84/0x230 [ 25.302741] kunit_try_run_case+0x1b3/0x490 [ 25.303187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.303747] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.304069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.304890] ? __kthread_parkme+0x82/0x160 [ 25.305447] ? preempt_count_sub+0x50/0x80 [ 25.305899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.306758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.307659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.308299] kthread+0x257/0x310 [ 25.308812] ? __pfx_kthread+0x10/0x10 [ 25.309437] ret_from_fork+0x41/0x80 [ 25.309798] ? __pfx_kthread+0x10/0x10 [ 25.310679] ret_from_fork_asm+0x1a/0x30 [ 25.311567] </TASK> [ 25.311740] [ 25.312045] Allocated by task 269: [ 25.312633] kasan_save_stack+0x3d/0x60 [ 25.312997] kasan_save_track+0x18/0x40 [ 25.313507] kasan_save_alloc_info+0x3b/0x50 [ 25.313999] __kasan_kmalloc+0xb7/0xc0 [ 25.314467] __kmalloc_cache_noprof+0x184/0x410 [ 25.314881] kasan_bitops_generic+0x93/0x1c0 [ 25.315296] kunit_try_run_case+0x1b3/0x490 [ 25.315723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.316064] kthread+0x257/0x310 [ 25.316581] ret_from_fork+0x41/0x80 [ 25.317155] ret_from_fork_asm+0x1a/0x30 [ 25.317589] [ 25.317743] The buggy address belongs to the object at ffff888101094fa0 [ 25.317743] which belongs to the cache kmalloc-16 of size 16 [ 25.318907] The buggy address is located 8 bytes inside of [ 25.318907] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.320012] [ 25.320327] The buggy address belongs to the physical page: [ 25.320957] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.321807] flags: 0x200000000000000(node=0|zone=2) [ 25.322216] page_type: f5(slab) [ 25.322660] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.323272] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.324163] page dumped because: kasan: bad access detected [ 25.324673] [ 25.324859] Memory state around the buggy address: [ 25.325371] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.326206] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.326802] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.327646] ^ [ 25.328115] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.328679] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.329505] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 24.989168] ================================================================== [ 24.989743] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 24.990635] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 24.991551] [ 24.991843] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.993442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.993756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.994901] Call Trace: [ 24.995482] <TASK> [ 24.995996] dump_stack_lvl+0x73/0xb0 [ 24.996810] print_report+0xd1/0x640 [ 24.997369] ? __virt_addr_valid+0x1db/0x2d0 [ 24.997865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.998730] kasan_report+0x102/0x140 [ 24.999295] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 24.999918] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 25.000923] kasan_check_range+0x10c/0x1c0 [ 25.001743] __kasan_check_write+0x18/0x20 [ 25.002418] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 25.002910] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.004272] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.004839] ? kasan_bitops_generic+0x93/0x1c0 [ 25.005463] kasan_bitops_generic+0x117/0x1c0 [ 25.006156] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.007228] ? __pfx_read_tsc+0x10/0x10 [ 25.008002] ? ktime_get_ts64+0x84/0x230 [ 25.008804] kunit_try_run_case+0x1b3/0x490 [ 25.009644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.010207] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.010839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.011815] ? __kthread_parkme+0x82/0x160 [ 25.012914] ? preempt_count_sub+0x50/0x80 [ 25.013450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.014091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.014713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.015678] kthread+0x257/0x310 [ 25.016084] ? __pfx_kthread+0x10/0x10 [ 25.016426] ret_from_fork+0x41/0x80 [ 25.016961] ? __pfx_kthread+0x10/0x10 [ 25.017458] ret_from_fork_asm+0x1a/0x30 [ 25.018002] </TASK> [ 25.018369] [ 25.018816] Allocated by task 269: [ 25.019130] kasan_save_stack+0x3d/0x60 [ 25.019638] kasan_save_track+0x18/0x40 [ 25.020146] kasan_save_alloc_info+0x3b/0x50 [ 25.021437] __kasan_kmalloc+0xb7/0xc0 [ 25.021724] __kmalloc_cache_noprof+0x184/0x410 [ 25.022016] kasan_bitops_generic+0x93/0x1c0 [ 25.022722] kunit_try_run_case+0x1b3/0x490 [ 25.023070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.024076] kthread+0x257/0x310 [ 25.024503] ret_from_fork+0x41/0x80 [ 25.024876] ret_from_fork_asm+0x1a/0x30 [ 25.025255] [ 25.025686] The buggy address belongs to the object at ffff888101094fa0 [ 25.025686] which belongs to the cache kmalloc-16 of size 16 [ 25.026898] The buggy address is located 8 bytes inside of [ 25.026898] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.028322] [ 25.028533] The buggy address belongs to the physical page: [ 25.029472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.030015] flags: 0x200000000000000(node=0|zone=2) [ 25.031066] page_type: f5(slab) [ 25.031742] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.032399] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.033659] page dumped because: kasan: bad access detected [ 25.034363] [ 25.034583] Memory state around the buggy address: [ 25.035562] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.036561] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.037138] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.038098] ^ [ 25.038639] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.039794] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.040379] ================================================================== [ 24.942377] ================================================================== [ 24.942995] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 24.944403] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 24.944953] [ 24.945420] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.946385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.946816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.947869] Call Trace: [ 24.948215] <TASK> [ 24.948627] dump_stack_lvl+0x73/0xb0 [ 24.949036] print_report+0xd1/0x640 [ 24.949512] ? __virt_addr_valid+0x1db/0x2d0 [ 24.949877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.950491] kasan_report+0x102/0x140 [ 24.950852] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 24.951801] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 24.952598] kasan_check_range+0x10c/0x1c0 [ 24.953143] __kasan_check_write+0x18/0x20 [ 24.953668] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 24.954484] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.954922] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.955777] ? kasan_bitops_generic+0x93/0x1c0 [ 24.956264] kasan_bitops_generic+0x117/0x1c0 [ 24.956782] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.957300] ? __pfx_read_tsc+0x10/0x10 [ 24.957682] ? ktime_get_ts64+0x84/0x230 [ 24.958062] kunit_try_run_case+0x1b3/0x490 [ 24.958575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.958999] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.959770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.960510] ? __kthread_parkme+0x82/0x160 [ 24.960869] ? preempt_count_sub+0x50/0x80 [ 24.961410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.961995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.962762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.963593] kthread+0x257/0x310 [ 24.963996] ? __pfx_kthread+0x10/0x10 [ 24.964625] ret_from_fork+0x41/0x80 [ 24.965321] ? __pfx_kthread+0x10/0x10 [ 24.965759] ret_from_fork_asm+0x1a/0x30 [ 24.966308] </TASK> [ 24.966634] [ 24.966827] Allocated by task 269: [ 24.967157] kasan_save_stack+0x3d/0x60 [ 24.967890] kasan_save_track+0x18/0x40 [ 24.968431] kasan_save_alloc_info+0x3b/0x50 [ 24.968990] __kasan_kmalloc+0xb7/0xc0 [ 24.969460] __kmalloc_cache_noprof+0x184/0x410 [ 24.970027] kasan_bitops_generic+0x93/0x1c0 [ 24.970751] kunit_try_run_case+0x1b3/0x490 [ 24.971635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.972244] kthread+0x257/0x310 [ 24.972816] ret_from_fork+0x41/0x80 [ 24.973111] ret_from_fork_asm+0x1a/0x30 [ 24.973847] [ 24.974099] The buggy address belongs to the object at ffff888101094fa0 [ 24.974099] which belongs to the cache kmalloc-16 of size 16 [ 24.975641] The buggy address is located 8 bytes inside of [ 24.975641] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 24.976936] [ 24.977356] The buggy address belongs to the physical page: [ 24.977898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.978934] flags: 0x200000000000000(node=0|zone=2) [ 24.979773] page_type: f5(slab) [ 24.980161] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.981007] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.981845] page dumped because: kasan: bad access detected [ 24.982423] [ 24.982606] Memory state around the buggy address: [ 24.983157] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.984149] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.984907] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.985757] ^ [ 24.986461] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.987545] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 24.988150] ================================================================== [ 24.738567] ================================================================== [ 24.739724] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 24.741852] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 24.743541] [ 24.743819] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.745565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.746877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.748243] Call Trace: [ 24.748473] <TASK> [ 24.749095] dump_stack_lvl+0x73/0xb0 [ 24.749549] print_report+0xd1/0x640 [ 24.749963] ? __virt_addr_valid+0x1db/0x2d0 [ 24.750368] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.750850] kasan_report+0x102/0x140 [ 24.751213] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 24.752905] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 24.753371] kasan_check_range+0x10c/0x1c0 [ 24.753841] __kasan_check_write+0x18/0x20 [ 24.754154] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 24.755089] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.755758] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.756323] ? kasan_bitops_generic+0x93/0x1c0 [ 24.756731] kasan_bitops_generic+0x117/0x1c0 [ 24.757174] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.759210] ? __pfx_read_tsc+0x10/0x10 [ 24.759515] ? ktime_get_ts64+0x84/0x230 [ 24.760414] kunit_try_run_case+0x1b3/0x490 [ 24.760987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.761607] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.762120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.762706] ? __kthread_parkme+0x82/0x160 [ 24.763207] ? preempt_count_sub+0x50/0x80 [ 24.763621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.763998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.765129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.766154] kthread+0x257/0x310 [ 24.766390] ? __pfx_kthread+0x10/0x10 [ 24.766575] ret_from_fork+0x41/0x80 [ 24.766755] ? __pfx_kthread+0x10/0x10 [ 24.766930] ret_from_fork_asm+0x1a/0x30 [ 24.767128] </TASK> [ 24.767243] [ 24.767356] Allocated by task 269: [ 24.767724] kasan_save_stack+0x3d/0x60 [ 24.768138] kasan_save_track+0x18/0x40 [ 24.768614] kasan_save_alloc_info+0x3b/0x50 [ 24.769476] __kasan_kmalloc+0xb7/0xc0 [ 24.770176] __kmalloc_cache_noprof+0x184/0x410 [ 24.770501] kasan_bitops_generic+0x93/0x1c0 [ 24.771327] kunit_try_run_case+0x1b3/0x490 [ 24.772119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.773730] kthread+0x257/0x310 [ 24.774078] ret_from_fork+0x41/0x80 [ 24.774483] ret_from_fork_asm+0x1a/0x30 [ 24.774894] [ 24.775091] The buggy address belongs to the object at ffff888101094fa0 [ 24.775091] which belongs to the cache kmalloc-16 of size 16 [ 24.776804] The buggy address is located 8 bytes inside of [ 24.776804] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 24.779313] [ 24.779493] The buggy address belongs to the physical page: [ 24.780041] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.781576] flags: 0x200000000000000(node=0|zone=2) [ 24.782706] page_type: f5(slab) [ 24.783054] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.783835] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.784556] page dumped because: kasan: bad access detected [ 24.785118] [ 24.785751] Memory state around the buggy address: [ 24.786100] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.786840] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.787484] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.788303] ^ [ 24.788687] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.789835] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 24.790858] ================================================================== [ 24.895086] ================================================================== [ 24.895571] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 24.896236] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 24.896948] [ 24.897365] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.898749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.899721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.900796] Call Trace: [ 24.901022] <TASK> [ 24.901572] dump_stack_lvl+0x73/0xb0 [ 24.902006] print_report+0xd1/0x640 [ 24.902974] ? __virt_addr_valid+0x1db/0x2d0 [ 24.903603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.904140] kasan_report+0x102/0x140 [ 24.904747] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 24.905395] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 24.906134] kasan_check_range+0x10c/0x1c0 [ 24.906923] __kasan_check_write+0x18/0x20 [ 24.907318] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 24.908036] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.908630] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.909095] ? kasan_bitops_generic+0x93/0x1c0 [ 24.909653] kasan_bitops_generic+0x117/0x1c0 [ 24.910036] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.910803] ? __pfx_read_tsc+0x10/0x10 [ 24.911125] ? ktime_get_ts64+0x84/0x230 [ 24.911828] kunit_try_run_case+0x1b3/0x490 [ 24.912595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.912988] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.913603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.914127] ? __kthread_parkme+0x82/0x160 [ 24.914827] ? preempt_count_sub+0x50/0x80 [ 24.915373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.915745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.916327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.916823] kthread+0x257/0x310 [ 24.917225] ? __pfx_kthread+0x10/0x10 [ 24.917668] ret_from_fork+0x41/0x80 [ 24.918049] ? __pfx_kthread+0x10/0x10 [ 24.918778] ret_from_fork_asm+0x1a/0x30 [ 24.919219] </TASK> [ 24.919553] [ 24.919705] Allocated by task 269: [ 24.920115] kasan_save_stack+0x3d/0x60 [ 24.920905] kasan_save_track+0x18/0x40 [ 24.921265] kasan_save_alloc_info+0x3b/0x50 [ 24.922655] __kasan_kmalloc+0xb7/0xc0 [ 24.923143] __kmalloc_cache_noprof+0x184/0x410 [ 24.923620] kasan_bitops_generic+0x93/0x1c0 [ 24.923996] kunit_try_run_case+0x1b3/0x490 [ 24.924574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.925434] kthread+0x257/0x310 [ 24.925878] ret_from_fork+0x41/0x80 [ 24.926791] ret_from_fork_asm+0x1a/0x30 [ 24.927411] [ 24.927662] The buggy address belongs to the object at ffff888101094fa0 [ 24.927662] which belongs to the cache kmalloc-16 of size 16 [ 24.928985] The buggy address is located 8 bytes inside of [ 24.928985] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 24.930107] [ 24.930737] The buggy address belongs to the physical page: [ 24.931291] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.932148] flags: 0x200000000000000(node=0|zone=2) [ 24.932621] page_type: f5(slab) [ 24.933002] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.933693] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.934591] page dumped because: kasan: bad access detected [ 24.935611] [ 24.935836] Memory state around the buggy address: [ 24.936607] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.937323] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.938201] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.939137] ^ [ 24.939893] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.940859] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 24.941612] ================================================================== [ 25.092592] ================================================================== [ 25.093138] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 25.094139] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.094716] [ 25.094889] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.096168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.097132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.098881] Call Trace: [ 25.099157] <TASK> [ 25.099551] dump_stack_lvl+0x73/0xb0 [ 25.099925] print_report+0xd1/0x640 [ 25.100223] ? __virt_addr_valid+0x1db/0x2d0 [ 25.100559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.101203] kasan_report+0x102/0x140 [ 25.101690] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 25.102383] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 25.103619] kasan_check_range+0x10c/0x1c0 [ 25.103954] __kasan_check_write+0x18/0x20 [ 25.104811] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 25.105658] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.106808] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.107596] ? kasan_bitops_generic+0x93/0x1c0 [ 25.108175] kasan_bitops_generic+0x117/0x1c0 [ 25.108851] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.109385] ? __pfx_read_tsc+0x10/0x10 [ 25.109797] ? ktime_get_ts64+0x84/0x230 [ 25.110169] kunit_try_run_case+0x1b3/0x490 [ 25.111182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.111864] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.112938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.113403] ? __kthread_parkme+0x82/0x160 [ 25.114169] ? preempt_count_sub+0x50/0x80 [ 25.115018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.115846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.116463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.117437] kthread+0x257/0x310 [ 25.118253] ? __pfx_kthread+0x10/0x10 [ 25.118782] ret_from_fork+0x41/0x80 [ 25.119315] ? __pfx_kthread+0x10/0x10 [ 25.119856] ret_from_fork_asm+0x1a/0x30 [ 25.120411] </TASK> [ 25.120965] [ 25.121621] Allocated by task 269: [ 25.121893] kasan_save_stack+0x3d/0x60 [ 25.122731] kasan_save_track+0x18/0x40 [ 25.123076] kasan_save_alloc_info+0x3b/0x50 [ 25.123702] __kasan_kmalloc+0xb7/0xc0 [ 25.124112] __kmalloc_cache_noprof+0x184/0x410 [ 25.124612] kasan_bitops_generic+0x93/0x1c0 [ 25.124991] kunit_try_run_case+0x1b3/0x490 [ 25.125755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.126148] kthread+0x257/0x310 [ 25.126417] ret_from_fork+0x41/0x80 [ 25.127458] ret_from_fork_asm+0x1a/0x30 [ 25.127960] [ 25.128966] The buggy address belongs to the object at ffff888101094fa0 [ 25.128966] which belongs to the cache kmalloc-16 of size 16 [ 25.130269] The buggy address is located 8 bytes inside of [ 25.130269] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.131530] [ 25.131759] The buggy address belongs to the physical page: [ 25.133413] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.134085] flags: 0x200000000000000(node=0|zone=2) [ 25.134747] page_type: f5(slab) [ 25.135296] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.135996] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.136666] page dumped because: kasan: bad access detected [ 25.137246] [ 25.137558] Memory state around the buggy address: [ 25.138457] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.139389] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.140369] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.141623] ^ [ 25.142112] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.142852] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.143477] ================================================================== [ 25.042539] ================================================================== [ 25.043040] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 25.043979] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 25.045431] [ 25.045879] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 25.047289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.047833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.048749] Call Trace: [ 25.049582] <TASK> [ 25.049939] dump_stack_lvl+0x73/0xb0 [ 25.050400] print_report+0xd1/0x640 [ 25.051060] ? __virt_addr_valid+0x1db/0x2d0 [ 25.051853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.052182] kasan_report+0x102/0x140 [ 25.052994] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 25.054414] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 25.055146] kasan_check_range+0x10c/0x1c0 [ 25.055864] __kasan_check_write+0x18/0x20 [ 25.056481] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 25.056984] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.057434] ? __kmalloc_cache_noprof+0x184/0x410 [ 25.058033] ? kasan_bitops_generic+0x93/0x1c0 [ 25.058624] kasan_bitops_generic+0x117/0x1c0 [ 25.059152] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.060160] ? __pfx_read_tsc+0x10/0x10 [ 25.060629] ? ktime_get_ts64+0x84/0x230 [ 25.060996] kunit_try_run_case+0x1b3/0x490 [ 25.061853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.062366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.062952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.063724] ? __kthread_parkme+0x82/0x160 [ 25.064261] ? preempt_count_sub+0x50/0x80 [ 25.064778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.065462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.066044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.066837] kthread+0x257/0x310 [ 25.067817] ? __pfx_kthread+0x10/0x10 [ 25.068615] ret_from_fork+0x41/0x80 [ 25.068912] ? __pfx_kthread+0x10/0x10 [ 25.069268] ret_from_fork_asm+0x1a/0x30 [ 25.070006] </TASK> [ 25.070415] [ 25.070635] Allocated by task 269: [ 25.070869] kasan_save_stack+0x3d/0x60 [ 25.071427] kasan_save_track+0x18/0x40 [ 25.071794] kasan_save_alloc_info+0x3b/0x50 [ 25.072664] __kasan_kmalloc+0xb7/0xc0 [ 25.073177] __kmalloc_cache_noprof+0x184/0x410 [ 25.073816] kasan_bitops_generic+0x93/0x1c0 [ 25.074454] kunit_try_run_case+0x1b3/0x490 [ 25.074818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.075719] kthread+0x257/0x310 [ 25.076092] ret_from_fork+0x41/0x80 [ 25.076439] ret_from_fork_asm+0x1a/0x30 [ 25.077014] [ 25.077496] The buggy address belongs to the object at ffff888101094fa0 [ 25.077496] which belongs to the cache kmalloc-16 of size 16 [ 25.078781] The buggy address is located 8 bytes inside of [ 25.078781] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 25.080154] [ 25.080328] The buggy address belongs to the physical page: [ 25.081186] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 25.081926] flags: 0x200000000000000(node=0|zone=2) [ 25.082948] page_type: f5(slab) [ 25.083619] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.084067] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 25.085369] page dumped because: kasan: bad access detected [ 25.085898] [ 25.086052] Memory state around the buggy address: [ 25.086360] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.087372] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.088233] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.088963] ^ [ 25.089656] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.090498] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 25.090977] ================================================================== [ 24.793767] ================================================================== [ 24.794307] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 24.795033] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 24.796241] [ 24.796527] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.798508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.798856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.799637] Call Trace: [ 24.800012] <TASK> [ 24.800357] dump_stack_lvl+0x73/0xb0 [ 24.800810] print_report+0xd1/0x640 [ 24.801160] ? __virt_addr_valid+0x1db/0x2d0 [ 24.801690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.802071] kasan_report+0x102/0x140 [ 24.802491] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 24.803013] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 24.803761] kasan_check_range+0x10c/0x1c0 [ 24.804451] __kasan_check_write+0x18/0x20 [ 24.804858] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 24.805217] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.805874] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.806427] ? kasan_bitops_generic+0x93/0x1c0 [ 24.806962] kasan_bitops_generic+0x117/0x1c0 [ 24.807827] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.808173] ? __pfx_read_tsc+0x10/0x10 [ 24.808944] ? ktime_get_ts64+0x84/0x230 [ 24.809257] kunit_try_run_case+0x1b3/0x490 [ 24.809912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.810770] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.811111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.811793] ? __kthread_parkme+0x82/0x160 [ 24.812703] ? preempt_count_sub+0x50/0x80 [ 24.813064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.813518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.814133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.814744] kthread+0x257/0x310 [ 24.815019] ? __pfx_kthread+0x10/0x10 [ 24.815581] ret_from_fork+0x41/0x80 [ 24.815917] ? __pfx_kthread+0x10/0x10 [ 24.816577] ret_from_fork_asm+0x1a/0x30 [ 24.817417] </TASK> [ 24.817637] [ 24.817832] Allocated by task 269: [ 24.818273] kasan_save_stack+0x3d/0x60 [ 24.818597] kasan_save_track+0x18/0x40 [ 24.819029] kasan_save_alloc_info+0x3b/0x50 [ 24.819736] __kasan_kmalloc+0xb7/0xc0 [ 24.820026] __kmalloc_cache_noprof+0x184/0x410 [ 24.820330] kasan_bitops_generic+0x93/0x1c0 [ 24.820646] kunit_try_run_case+0x1b3/0x490 [ 24.821700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.822603] kthread+0x257/0x310 [ 24.823028] ret_from_fork+0x41/0x80 [ 24.823574] ret_from_fork_asm+0x1a/0x30 [ 24.823858] [ 24.824009] The buggy address belongs to the object at ffff888101094fa0 [ 24.824009] which belongs to the cache kmalloc-16 of size 16 [ 24.825997] The buggy address is located 8 bytes inside of [ 24.825997] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 24.827475] [ 24.827656] The buggy address belongs to the physical page: [ 24.828085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.829573] flags: 0x200000000000000(node=0|zone=2) [ 24.830149] page_type: f5(slab) [ 24.830638] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.832122] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.833112] page dumped because: kasan: bad access detected [ 24.833978] [ 24.834119] Memory state around the buggy address: [ 24.834687] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.835578] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.836522] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.837452] ^ [ 24.838206] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.839678] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 24.840555] ================================================================== [ 24.842593] ================================================================== [ 24.844060] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 24.845766] Write of size 8 at addr ffff888101094fa8 by task kunit_try_catch/269 [ 24.846628] [ 24.847127] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.849293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.849566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.849897] Call Trace: [ 24.850582] <TASK> [ 24.850777] dump_stack_lvl+0x73/0xb0 [ 24.851102] print_report+0xd1/0x640 [ 24.851669] ? __virt_addr_valid+0x1db/0x2d0 [ 24.852029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.852872] kasan_report+0x102/0x140 [ 24.853473] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 24.854117] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 24.854620] kasan_check_range+0x10c/0x1c0 [ 24.855236] __kasan_check_write+0x18/0x20 [ 24.855651] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 24.856027] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.857036] ? __kmalloc_cache_noprof+0x184/0x410 [ 24.857434] ? kasan_bitops_generic+0x93/0x1c0 [ 24.858067] kasan_bitops_generic+0x117/0x1c0 [ 24.858609] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.859077] ? __pfx_read_tsc+0x10/0x10 [ 24.859476] ? ktime_get_ts64+0x84/0x230 [ 24.859789] kunit_try_run_case+0x1b3/0x490 [ 24.860227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.862147] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.863167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.864375] ? __kthread_parkme+0x82/0x160 [ 24.864986] ? preempt_count_sub+0x50/0x80 [ 24.865467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.866178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.866949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.867915] kthread+0x257/0x310 [ 24.868797] ? __pfx_kthread+0x10/0x10 [ 24.869263] ret_from_fork+0x41/0x80 [ 24.869975] ? __pfx_kthread+0x10/0x10 [ 24.870695] ret_from_fork_asm+0x1a/0x30 [ 24.871693] </TASK> [ 24.872014] [ 24.872264] Allocated by task 269: [ 24.873079] kasan_save_stack+0x3d/0x60 [ 24.874062] kasan_save_track+0x18/0x40 [ 24.874445] kasan_save_alloc_info+0x3b/0x50 [ 24.875593] __kasan_kmalloc+0xb7/0xc0 [ 24.876001] __kmalloc_cache_noprof+0x184/0x410 [ 24.876721] kasan_bitops_generic+0x93/0x1c0 [ 24.877119] kunit_try_run_case+0x1b3/0x490 [ 24.877507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.878107] kthread+0x257/0x310 [ 24.878785] ret_from_fork+0x41/0x80 [ 24.879056] ret_from_fork_asm+0x1a/0x30 [ 24.879987] [ 24.880451] The buggy address belongs to the object at ffff888101094fa0 [ 24.880451] which belongs to the cache kmalloc-16 of size 16 [ 24.881743] The buggy address is located 8 bytes inside of [ 24.881743] allocated 9-byte region [ffff888101094fa0, ffff888101094fa9) [ 24.883209] [ 24.883464] The buggy address belongs to the physical page: [ 24.884012] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.884882] flags: 0x200000000000000(node=0|zone=2) [ 24.885559] page_type: f5(slab) [ 24.885934] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.887000] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 24.887781] page dumped because: kasan: bad access detected [ 24.888457] [ 24.888709] Memory state around the buggy address: [ 24.889356] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.890045] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.891257] >ffff888101094f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.891876] ^ [ 24.892496] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.893046] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 24.893872] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 24.683496] ================================================================== [ 24.684559] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 24.685231] Read of size 1 at addr ffff888102a34190 by task kunit_try_catch/267 [ 24.686609] [ 24.687032] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.687918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.688457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.689400] Call Trace: [ 24.689786] <TASK> [ 24.690092] dump_stack_lvl+0x73/0xb0 [ 24.690727] print_report+0xd1/0x640 [ 24.691195] ? __virt_addr_valid+0x1db/0x2d0 [ 24.691784] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.692409] kasan_report+0x102/0x140 [ 24.692986] ? strnlen+0x73/0x80 [ 24.693448] ? strnlen+0x73/0x80 [ 24.694022] __asan_report_load1_noabort+0x18/0x20 [ 24.694537] strnlen+0x73/0x80 [ 24.695098] kasan_strings+0x4cc/0xb60 [ 24.695525] ? __pfx_kasan_strings+0x10/0x10 [ 24.696304] ? __schedule+0xc3e/0x2790 [ 24.696646] ? __pfx_read_tsc+0x10/0x10 [ 24.697127] ? ktime_get_ts64+0x84/0x230 [ 24.697692] kunit_try_run_case+0x1b3/0x490 [ 24.698097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.699234] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.699623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.701176] ? __kthread_parkme+0x82/0x160 [ 24.701696] ? preempt_count_sub+0x50/0x80 [ 24.702302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.702793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.703434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.704126] kthread+0x257/0x310 [ 24.704511] ? __pfx_kthread+0x10/0x10 [ 24.705026] ret_from_fork+0x41/0x80 [ 24.705517] ? __pfx_kthread+0x10/0x10 [ 24.705984] ret_from_fork_asm+0x1a/0x30 [ 24.706572] </TASK> [ 24.706928] [ 24.707276] Allocated by task 267: [ 24.707597] kasan_save_stack+0x3d/0x60 [ 24.708153] kasan_save_track+0x18/0x40 [ 24.708537] kasan_save_alloc_info+0x3b/0x50 [ 24.709113] __kasan_kmalloc+0xb7/0xc0 [ 24.709617] __kmalloc_cache_noprof+0x184/0x410 [ 24.710276] kasan_strings+0xb3/0xb60 [ 24.710752] kunit_try_run_case+0x1b3/0x490 [ 24.711101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.711713] kthread+0x257/0x310 [ 24.712043] ret_from_fork+0x41/0x80 [ 24.712306] ret_from_fork_asm+0x1a/0x30 [ 24.713606] [ 24.713860] Freed by task 267: [ 24.715273] kasan_save_stack+0x3d/0x60 [ 24.715568] kasan_save_track+0x18/0x40 [ 24.716490] kasan_save_free_info+0x3f/0x60 [ 24.716766] __kasan_slab_free+0x56/0x70 [ 24.717022] kfree+0x123/0x3f0 [ 24.717234] kasan_strings+0x13a/0xb60 [ 24.717521] kunit_try_run_case+0x1b3/0x490 [ 24.717822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.718153] kthread+0x257/0x310 [ 24.719449] ret_from_fork+0x41/0x80 [ 24.719882] ret_from_fork_asm+0x1a/0x30 [ 24.720441] [ 24.720715] The buggy address belongs to the object at ffff888102a34180 [ 24.720715] which belongs to the cache kmalloc-32 of size 32 [ 24.722134] The buggy address is located 16 bytes inside of [ 24.722134] freed 32-byte region [ffff888102a34180, ffff888102a341a0) [ 24.722883] [ 24.723038] The buggy address belongs to the physical page: [ 24.723432] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.724495] flags: 0x200000000000000(node=0|zone=2) [ 24.725136] page_type: f5(slab) [ 24.725595] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.726462] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.727231] page dumped because: kasan: bad access detected [ 24.727573] [ 24.727723] Memory state around the buggy address: [ 24.728018] ffff888102a34080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.728583] ffff888102a34100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.729663] >ffff888102a34180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.730494] ^ [ 24.730894] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.731638] ffff888102a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.732035] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 24.639508] ================================================================== [ 24.640113] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 24.641040] Read of size 1 at addr ffff888102a34190 by task kunit_try_catch/267 [ 24.642149] [ 24.642365] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.643536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.643998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.644912] Call Trace: [ 24.645203] <TASK> [ 24.645503] dump_stack_lvl+0x73/0xb0 [ 24.645917] print_report+0xd1/0x640 [ 24.646291] ? __virt_addr_valid+0x1db/0x2d0 [ 24.647374] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.648272] kasan_report+0x102/0x140 [ 24.648886] ? strlen+0x8f/0xb0 [ 24.649247] ? strlen+0x8f/0xb0 [ 24.649605] __asan_report_load1_noabort+0x18/0x20 [ 24.649995] strlen+0x8f/0xb0 [ 24.650240] kasan_strings+0x432/0xb60 [ 24.650804] ? __pfx_kasan_strings+0x10/0x10 [ 24.651394] ? __schedule+0xc3e/0x2790 [ 24.651754] ? __pfx_read_tsc+0x10/0x10 [ 24.652057] ? ktime_get_ts64+0x84/0x230 [ 24.652495] kunit_try_run_case+0x1b3/0x490 [ 24.653056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.653601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.654005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.654684] ? __kthread_parkme+0x82/0x160 [ 24.654968] ? preempt_count_sub+0x50/0x80 [ 24.655396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.655781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.656394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.656836] kthread+0x257/0x310 [ 24.657324] ? __pfx_kthread+0x10/0x10 [ 24.657695] ret_from_fork+0x41/0x80 [ 24.658184] ? __pfx_kthread+0x10/0x10 [ 24.658623] ret_from_fork_asm+0x1a/0x30 [ 24.659015] </TASK> [ 24.659318] [ 24.659498] Allocated by task 267: [ 24.659925] kasan_save_stack+0x3d/0x60 [ 24.660314] kasan_save_track+0x18/0x40 [ 24.660804] kasan_save_alloc_info+0x3b/0x50 [ 24.661188] __kasan_kmalloc+0xb7/0xc0 [ 24.661657] __kmalloc_cache_noprof+0x184/0x410 [ 24.662168] kasan_strings+0xb3/0xb60 [ 24.662610] kunit_try_run_case+0x1b3/0x490 [ 24.663135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.663486] kthread+0x257/0x310 [ 24.663905] ret_from_fork+0x41/0x80 [ 24.664389] ret_from_fork_asm+0x1a/0x30 [ 24.664672] [ 24.664903] Freed by task 267: [ 24.665409] kasan_save_stack+0x3d/0x60 [ 24.665803] kasan_save_track+0x18/0x40 [ 24.666274] kasan_save_free_info+0x3f/0x60 [ 24.666588] __kasan_slab_free+0x56/0x70 [ 24.667058] kfree+0x123/0x3f0 [ 24.667506] kasan_strings+0x13a/0xb60 [ 24.667976] kunit_try_run_case+0x1b3/0x490 [ 24.668392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.668956] kthread+0x257/0x310 [ 24.669373] ret_from_fork+0x41/0x80 [ 24.669669] ret_from_fork_asm+0x1a/0x30 [ 24.670059] [ 24.670309] The buggy address belongs to the object at ffff888102a34180 [ 24.670309] which belongs to the cache kmalloc-32 of size 32 [ 24.671353] The buggy address is located 16 bytes inside of [ 24.671353] freed 32-byte region [ffff888102a34180, ffff888102a341a0) [ 24.672370] [ 24.672550] The buggy address belongs to the physical page: [ 24.672967] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.673625] flags: 0x200000000000000(node=0|zone=2) [ 24.674236] page_type: f5(slab) [ 24.674645] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.675246] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.675926] page dumped because: kasan: bad access detected [ 24.676485] [ 24.676700] Memory state around the buggy address: [ 24.677130] ffff888102a34080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.677568] ffff888102a34100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.677977] >ffff888102a34180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.678822] ^ [ 24.679395] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.679973] ffff888102a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.680785] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 24.594058] ================================================================== [ 24.595385] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 24.596132] Read of size 1 at addr ffff888102a34190 by task kunit_try_catch/267 [ 24.597214] [ 24.597408] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.598329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.598618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.599466] Call Trace: [ 24.599738] <TASK> [ 24.599994] dump_stack_lvl+0x73/0xb0 [ 24.600525] print_report+0xd1/0x640 [ 24.600988] ? __virt_addr_valid+0x1db/0x2d0 [ 24.601545] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.602086] kasan_report+0x102/0x140 [ 24.602404] ? kasan_strings+0xa0f/0xb60 [ 24.602745] ? kasan_strings+0xa0f/0xb60 [ 24.603274] __asan_report_load1_noabort+0x18/0x20 [ 24.603697] kasan_strings+0xa0f/0xb60 [ 24.604053] ? __pfx_kasan_strings+0x10/0x10 [ 24.604619] ? __schedule+0xc3e/0x2790 [ 24.605197] ? __pfx_read_tsc+0x10/0x10 [ 24.605498] ? ktime_get_ts64+0x84/0x230 [ 24.605996] kunit_try_run_case+0x1b3/0x490 [ 24.606473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.606956] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.607366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.607916] ? __kthread_parkme+0x82/0x160 [ 24.608496] ? preempt_count_sub+0x50/0x80 [ 24.608800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.609242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.609858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.610268] kthread+0x257/0x310 [ 24.610723] ? __pfx_kthread+0x10/0x10 [ 24.611250] ret_from_fork+0x41/0x80 [ 24.611737] ? __pfx_kthread+0x10/0x10 [ 24.612258] ret_from_fork_asm+0x1a/0x30 [ 24.612652] </TASK> [ 24.612882] [ 24.613176] Allocated by task 267: [ 24.613623] kasan_save_stack+0x3d/0x60 [ 24.614012] kasan_save_track+0x18/0x40 [ 24.614432] kasan_save_alloc_info+0x3b/0x50 [ 24.614733] __kasan_kmalloc+0xb7/0xc0 [ 24.615018] __kmalloc_cache_noprof+0x184/0x410 [ 24.615649] kasan_strings+0xb3/0xb60 [ 24.616144] kunit_try_run_case+0x1b3/0x490 [ 24.617762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.618283] kthread+0x257/0x310 [ 24.618580] ret_from_fork+0x41/0x80 [ 24.618956] ret_from_fork_asm+0x1a/0x30 [ 24.619542] [ 24.619692] Freed by task 267: [ 24.620112] kasan_save_stack+0x3d/0x60 [ 24.620566] kasan_save_track+0x18/0x40 [ 24.620879] kasan_save_free_info+0x3f/0x60 [ 24.621615] __kasan_slab_free+0x56/0x70 [ 24.621955] kfree+0x123/0x3f0 [ 24.622404] kasan_strings+0x13a/0xb60 [ 24.622854] kunit_try_run_case+0x1b3/0x490 [ 24.623282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.623871] kthread+0x257/0x310 [ 24.624237] ret_from_fork+0x41/0x80 [ 24.624623] ret_from_fork_asm+0x1a/0x30 [ 24.624941] [ 24.625147] The buggy address belongs to the object at ffff888102a34180 [ 24.625147] which belongs to the cache kmalloc-32 of size 32 [ 24.626451] The buggy address is located 16 bytes inside of [ 24.626451] freed 32-byte region [ffff888102a34180, ffff888102a341a0) [ 24.627768] [ 24.627922] The buggy address belongs to the physical page: [ 24.628542] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.629946] flags: 0x200000000000000(node=0|zone=2) [ 24.630493] page_type: f5(slab) [ 24.630742] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.631615] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.632249] page dumped because: kasan: bad access detected [ 24.632745] [ 24.632984] Memory state around the buggy address: [ 24.633476] ffff888102a34080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.634045] ffff888102a34100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.634749] >ffff888102a34180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.635252] ^ [ 24.635719] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.636493] ffff888102a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.636919] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 24.549502] ================================================================== [ 24.549978] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 24.551121] Read of size 1 at addr ffff888102a34190 by task kunit_try_catch/267 [ 24.551909] [ 24.552240] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.553260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.553733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.554306] Call Trace: [ 24.554647] <TASK> [ 24.554938] dump_stack_lvl+0x73/0xb0 [ 24.555440] print_report+0xd1/0x640 [ 24.555880] ? __virt_addr_valid+0x1db/0x2d0 [ 24.556271] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.556652] kasan_report+0x102/0x140 [ 24.557127] ? strcmp+0xb0/0xc0 [ 24.557566] ? strcmp+0xb0/0xc0 [ 24.558065] __asan_report_load1_noabort+0x18/0x20 [ 24.558703] strcmp+0xb0/0xc0 [ 24.559187] kasan_strings+0x2e9/0xb60 [ 24.559690] ? __pfx_kasan_strings+0x10/0x10 [ 24.559998] ? __schedule+0xc3e/0x2790 [ 24.560531] ? __pfx_read_tsc+0x10/0x10 [ 24.561028] ? ktime_get_ts64+0x84/0x230 [ 24.561411] kunit_try_run_case+0x1b3/0x490 [ 24.561741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.562201] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.562760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.563422] ? __kthread_parkme+0x82/0x160 [ 24.563954] ? preempt_count_sub+0x50/0x80 [ 24.564554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.564959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.565498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.566191] kthread+0x257/0x310 [ 24.566561] ? __pfx_kthread+0x10/0x10 [ 24.566955] ret_from_fork+0x41/0x80 [ 24.567292] ? __pfx_kthread+0x10/0x10 [ 24.567744] ret_from_fork_asm+0x1a/0x30 [ 24.568304] </TASK> [ 24.568626] [ 24.568872] Allocated by task 267: [ 24.569316] kasan_save_stack+0x3d/0x60 [ 24.569763] kasan_save_track+0x18/0x40 [ 24.570177] kasan_save_alloc_info+0x3b/0x50 [ 24.570517] __kasan_kmalloc+0xb7/0xc0 [ 24.570917] __kmalloc_cache_noprof+0x184/0x410 [ 24.571270] kasan_strings+0xb3/0xb60 [ 24.571551] kunit_try_run_case+0x1b3/0x490 [ 24.571846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.572271] kthread+0x257/0x310 [ 24.572751] ret_from_fork+0x41/0x80 [ 24.573297] ret_from_fork_asm+0x1a/0x30 [ 24.573828] [ 24.573997] Freed by task 267: [ 24.574321] kasan_save_stack+0x3d/0x60 [ 24.574783] kasan_save_track+0x18/0x40 [ 24.575389] kasan_save_free_info+0x3f/0x60 [ 24.575800] __kasan_slab_free+0x56/0x70 [ 24.576211] kfree+0x123/0x3f0 [ 24.576602] kasan_strings+0x13a/0xb60 [ 24.576938] kunit_try_run_case+0x1b3/0x490 [ 24.577470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.577960] kthread+0x257/0x310 [ 24.578349] ret_from_fork+0x41/0x80 [ 24.578738] ret_from_fork_asm+0x1a/0x30 [ 24.579214] [ 24.579411] The buggy address belongs to the object at ffff888102a34180 [ 24.579411] which belongs to the cache kmalloc-32 of size 32 [ 24.580722] The buggy address is located 16 bytes inside of [ 24.580722] freed 32-byte region [ffff888102a34180, ffff888102a341a0) [ 24.581845] [ 24.582199] The buggy address belongs to the physical page: [ 24.583039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.584240] flags: 0x200000000000000(node=0|zone=2) [ 24.585011] page_type: f5(slab) [ 24.585638] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.586535] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.587111] page dumped because: kasan: bad access detected [ 24.587704] [ 24.587856] Memory state around the buggy address: [ 24.588324] ffff888102a34080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.588991] ffff888102a34100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.589645] >ffff888102a34180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.590419] ^ [ 24.590780] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.591481] ffff888102a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.592030] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 24.505992] ================================================================== [ 24.506734] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 24.507704] Read of size 1 at addr ffff888102a34190 by task kunit_try_catch/267 [ 24.508328] [ 24.508622] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.509805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.510404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.511312] Call Trace: [ 24.511582] <TASK> [ 24.511776] dump_stack_lvl+0x73/0xb0 [ 24.512067] print_report+0xd1/0x640 [ 24.512493] ? __virt_addr_valid+0x1db/0x2d0 [ 24.513041] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.513869] kasan_report+0x102/0x140 [ 24.515015] ? strrchr+0x64/0x70 [ 24.515415] ? strrchr+0x64/0x70 [ 24.515874] __asan_report_load1_noabort+0x18/0x20 [ 24.516388] strrchr+0x64/0x70 [ 24.516733] kasan_strings+0x24c/0xb60 [ 24.517111] ? __pfx_kasan_strings+0x10/0x10 [ 24.517639] ? __schedule+0xc3e/0x2790 [ 24.518020] ? __pfx_read_tsc+0x10/0x10 [ 24.518468] ? ktime_get_ts64+0x84/0x230 [ 24.518952] kunit_try_run_case+0x1b3/0x490 [ 24.519453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.519863] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.520378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.520841] ? __kthread_parkme+0x82/0x160 [ 24.521392] ? preempt_count_sub+0x50/0x80 [ 24.521837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.522275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.522908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.523331] kthread+0x257/0x310 [ 24.523785] ? __pfx_kthread+0x10/0x10 [ 24.524364] ret_from_fork+0x41/0x80 [ 24.524840] ? __pfx_kthread+0x10/0x10 [ 24.525257] ret_from_fork_asm+0x1a/0x30 [ 24.525618] </TASK> [ 24.525937] [ 24.526188] Allocated by task 267: [ 24.526617] kasan_save_stack+0x3d/0x60 [ 24.527097] kasan_save_track+0x18/0x40 [ 24.527530] kasan_save_alloc_info+0x3b/0x50 [ 24.527837] __kasan_kmalloc+0xb7/0xc0 [ 24.528399] __kmalloc_cache_noprof+0x184/0x410 [ 24.528931] kasan_strings+0xb3/0xb60 [ 24.529448] kunit_try_run_case+0x1b3/0x490 [ 24.529866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.530378] kthread+0x257/0x310 [ 24.530643] ret_from_fork+0x41/0x80 [ 24.531128] ret_from_fork_asm+0x1a/0x30 [ 24.531627] [ 24.531843] Freed by task 267: [ 24.532133] kasan_save_stack+0x3d/0x60 [ 24.532424] kasan_save_track+0x18/0x40 [ 24.532854] kasan_save_free_info+0x3f/0x60 [ 24.533457] __kasan_slab_free+0x56/0x70 [ 24.533960] kfree+0x123/0x3f0 [ 24.534363] kasan_strings+0x13a/0xb60 [ 24.534636] kunit_try_run_case+0x1b3/0x490 [ 24.534934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.535573] kthread+0x257/0x310 [ 24.535967] ret_from_fork+0x41/0x80 [ 24.536468] ret_from_fork_asm+0x1a/0x30 [ 24.536796] [ 24.537045] The buggy address belongs to the object at ffff888102a34180 [ 24.537045] which belongs to the cache kmalloc-32 of size 32 [ 24.538037] The buggy address is located 16 bytes inside of [ 24.538037] freed 32-byte region [ffff888102a34180, ffff888102a341a0) [ 24.538792] [ 24.538953] The buggy address belongs to the physical page: [ 24.539555] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.540357] flags: 0x200000000000000(node=0|zone=2) [ 24.540678] page_type: f5(slab) [ 24.540930] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.541561] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.542437] page dumped because: kasan: bad access detected [ 24.543037] [ 24.543299] Memory state around the buggy address: [ 24.543855] ffff888102a34080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.544657] ffff888102a34100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.545269] >ffff888102a34180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.545888] ^ [ 24.546202] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.546625] ffff888102a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.547413] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 24.459677] ================================================================== [ 24.461066] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 24.461969] Read of size 1 at addr ffff888102a34190 by task kunit_try_catch/267 [ 24.463084] [ 24.463474] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.464598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.465325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.466207] Call Trace: [ 24.466473] <TASK> [ 24.467216] dump_stack_lvl+0x73/0xb0 [ 24.467735] print_report+0xd1/0x640 [ 24.468189] ? __virt_addr_valid+0x1db/0x2d0 [ 24.468717] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.469766] kasan_report+0x102/0x140 [ 24.470190] ? strchr+0x9c/0xc0 [ 24.470714] ? strchr+0x9c/0xc0 [ 24.471180] __asan_report_load1_noabort+0x18/0x20 [ 24.471700] strchr+0x9c/0xc0 [ 24.472032] kasan_strings+0x1b1/0xb60 [ 24.473064] ? __pfx_kasan_strings+0x10/0x10 [ 24.473764] ? __schedule+0xc3e/0x2790 [ 24.474242] ? __pfx_read_tsc+0x10/0x10 [ 24.474622] ? ktime_get_ts64+0x84/0x230 [ 24.475102] kunit_try_run_case+0x1b3/0x490 [ 24.475640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.476368] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.477058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.477839] ? __kthread_parkme+0x82/0x160 [ 24.478222] ? preempt_count_sub+0x50/0x80 [ 24.478840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.479309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.479926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.480418] kthread+0x257/0x310 [ 24.480783] ? __pfx_kthread+0x10/0x10 [ 24.481242] ret_from_fork+0x41/0x80 [ 24.481633] ? __pfx_kthread+0x10/0x10 [ 24.482107] ret_from_fork_asm+0x1a/0x30 [ 24.482640] </TASK> [ 24.482896] [ 24.483049] Allocated by task 267: [ 24.483524] kasan_save_stack+0x3d/0x60 [ 24.483871] kasan_save_track+0x18/0x40 [ 24.484411] kasan_save_alloc_info+0x3b/0x50 [ 24.484838] __kasan_kmalloc+0xb7/0xc0 [ 24.485275] __kmalloc_cache_noprof+0x184/0x410 [ 24.485771] kasan_strings+0xb3/0xb60 [ 24.486629] kunit_try_run_case+0x1b3/0x490 [ 24.486959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.487570] kthread+0x257/0x310 [ 24.487975] ret_from_fork+0x41/0x80 [ 24.488469] ret_from_fork_asm+0x1a/0x30 [ 24.488769] [ 24.488920] Freed by task 267: [ 24.489372] kasan_save_stack+0x3d/0x60 [ 24.489859] kasan_save_track+0x18/0x40 [ 24.490387] kasan_save_free_info+0x3f/0x60 [ 24.490697] __kasan_slab_free+0x56/0x70 [ 24.491034] kfree+0x123/0x3f0 [ 24.491475] kasan_strings+0x13a/0xb60 [ 24.491894] kunit_try_run_case+0x1b3/0x490 [ 24.492266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.492872] kthread+0x257/0x310 [ 24.493376] ret_from_fork+0x41/0x80 [ 24.493682] ret_from_fork_asm+0x1a/0x30 [ 24.494135] [ 24.494388] The buggy address belongs to the object at ffff888102a34180 [ 24.494388] which belongs to the cache kmalloc-32 of size 32 [ 24.495426] The buggy address is located 16 bytes inside of [ 24.495426] freed 32-byte region [ffff888102a34180, ffff888102a341a0) [ 24.496383] [ 24.496573] The buggy address belongs to the physical page: [ 24.496960] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.497707] flags: 0x200000000000000(node=0|zone=2) [ 24.498111] page_type: f5(slab) [ 24.498503] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.499140] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.499834] page dumped because: kasan: bad access detected [ 24.500266] [ 24.500490] Memory state around the buggy address: [ 24.501019] ffff888102a34080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.501722] ffff888102a34100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.502179] >ffff888102a34180: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.502973] ^ [ 24.503521] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.504122] ffff888102a34280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.504724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 24.401174] ================================================================== [ 24.402408] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 24.403314] Read of size 1 at addr ffff888102a34118 by task kunit_try_catch/265 [ 24.404729] [ 24.405181] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.406288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.406975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.408014] Call Trace: [ 24.408505] <TASK> [ 24.408757] dump_stack_lvl+0x73/0xb0 [ 24.409400] print_report+0xd1/0x640 [ 24.409755] ? __virt_addr_valid+0x1db/0x2d0 [ 24.410414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.411022] kasan_report+0x102/0x140 [ 24.412064] ? memcmp+0x1b4/0x1d0 [ 24.412662] ? memcmp+0x1b4/0x1d0 [ 24.413387] __asan_report_load1_noabort+0x18/0x20 [ 24.414072] memcmp+0x1b4/0x1d0 [ 24.414842] kasan_memcmp+0x190/0x390 [ 24.415568] ? trace_hardirqs_on+0x37/0xe0 [ 24.416314] ? __pfx_kasan_memcmp+0x10/0x10 [ 24.416885] ? finish_task_switch.isra.0+0x153/0x700 [ 24.417245] ? __switch_to+0x5d9/0xf60 [ 24.418089] ? __pfx_read_tsc+0x10/0x10 [ 24.419075] ? ktime_get_ts64+0x84/0x230 [ 24.419681] kunit_try_run_case+0x1b3/0x490 [ 24.420103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.421035] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.421650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.422529] ? __kthread_parkme+0x82/0x160 [ 24.423327] ? preempt_count_sub+0x50/0x80 [ 24.423907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.424730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.425243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.425830] kthread+0x257/0x310 [ 24.426191] ? __pfx_kthread+0x10/0x10 [ 24.426815] ret_from_fork+0x41/0x80 [ 24.427615] ? __pfx_kthread+0x10/0x10 [ 24.428044] ret_from_fork_asm+0x1a/0x30 [ 24.428732] </TASK> [ 24.428951] [ 24.429190] Allocated by task 265: [ 24.429800] kasan_save_stack+0x3d/0x60 [ 24.430153] kasan_save_track+0x18/0x40 [ 24.430924] kasan_save_alloc_info+0x3b/0x50 [ 24.431463] __kasan_kmalloc+0xb7/0xc0 [ 24.431915] __kmalloc_cache_noprof+0x184/0x410 [ 24.432528] kasan_memcmp+0xb8/0x390 [ 24.432922] kunit_try_run_case+0x1b3/0x490 [ 24.433327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.434005] kthread+0x257/0x310 [ 24.434516] ret_from_fork+0x41/0x80 [ 24.434999] ret_from_fork_asm+0x1a/0x30 [ 24.435634] [ 24.436471] The buggy address belongs to the object at ffff888102a34100 [ 24.436471] which belongs to the cache kmalloc-32 of size 32 [ 24.437868] The buggy address is located 0 bytes to the right of [ 24.437868] allocated 24-byte region [ffff888102a34100, ffff888102a34118) [ 24.439638] [ 24.439893] The buggy address belongs to the physical page: [ 24.441003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 24.441647] flags: 0x200000000000000(node=0|zone=2) [ 24.442292] page_type: f5(slab) [ 24.443040] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.444049] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.444804] page dumped because: kasan: bad access detected [ 24.445743] [ 24.445945] Memory state around the buggy address: [ 24.446529] ffff888102a34000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.448018] ffff888102a34080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.449008] >ffff888102a34100: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.449604] ^ [ 24.450152] ffff888102a34180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.450963] ffff888102a34200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.451995] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 24.345818] ================================================================== [ 24.347012] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 24.348078] Read of size 1 at addr ffff888101b67018 by task kunit_try_catch/263 [ 24.349110] [ 24.349871] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.351054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.351732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.352916] Call Trace: [ 24.353410] <TASK> [ 24.354193] dump_stack_lvl+0x73/0xb0 [ 24.354778] print_report+0xd1/0x640 [ 24.355235] ? __virt_addr_valid+0x1db/0x2d0 [ 24.355869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.356785] kasan_report+0x102/0x140 [ 24.357238] ? memchr+0x79/0x90 [ 24.357609] ? memchr+0x79/0x90 [ 24.358031] __asan_report_load1_noabort+0x18/0x20 [ 24.358967] memchr+0x79/0x90 [ 24.359388] kasan_memchr+0x163/0x320 [ 24.359856] ? __pfx_kasan_memchr+0x10/0x10 [ 24.360510] ? __schedule+0xc3e/0x2790 [ 24.361159] ? __pfx_read_tsc+0x10/0x10 [ 24.361758] ? ktime_get_ts64+0x84/0x230 [ 24.362186] kunit_try_run_case+0x1b3/0x490 [ 24.362789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.363310] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.364042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.365516] ? __kthread_parkme+0x82/0x160 [ 24.366589] ? preempt_count_sub+0x50/0x80 [ 24.367048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.367510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.368414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.369017] kthread+0x257/0x310 [ 24.369433] ? __pfx_kthread+0x10/0x10 [ 24.369840] ret_from_fork+0x41/0x80 [ 24.370656] ? __pfx_kthread+0x10/0x10 [ 24.370985] ret_from_fork_asm+0x1a/0x30 [ 24.371581] </TASK> [ 24.371940] [ 24.372094] Allocated by task 263: [ 24.372732] kasan_save_stack+0x3d/0x60 [ 24.373067] kasan_save_track+0x18/0x40 [ 24.373470] kasan_save_alloc_info+0x3b/0x50 [ 24.374033] __kasan_kmalloc+0xb7/0xc0 [ 24.374852] __kmalloc_cache_noprof+0x184/0x410 [ 24.375246] kasan_memchr+0xad/0x320 [ 24.375743] kunit_try_run_case+0x1b3/0x490 [ 24.376417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.376831] kthread+0x257/0x310 [ 24.377101] ret_from_fork+0x41/0x80 [ 24.377686] ret_from_fork_asm+0x1a/0x30 [ 24.378456] [ 24.378680] The buggy address belongs to the object at ffff888101b67000 [ 24.378680] which belongs to the cache kmalloc-32 of size 32 [ 24.380185] The buggy address is located 0 bytes to the right of [ 24.380185] allocated 24-byte region [ffff888101b67000, ffff888101b67018) [ 24.381518] [ 24.382078] The buggy address belongs to the physical page: [ 24.382764] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b67 [ 24.384583] flags: 0x200000000000000(node=0|zone=2) [ 24.385608] page_type: f5(slab) [ 24.386029] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.386894] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 24.387819] page dumped because: kasan: bad access detected [ 24.388783] [ 24.389323] Memory state around the buggy address: [ 24.389969] ffff888101b66f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.391286] ffff888101b66f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.391611] >ffff888101b67000: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.391877] ^ [ 24.392050] ffff888101b67080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.393463] ffff888101b67100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.395044] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 24.304744] ================================================================== [ 24.305968] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 24.307147] Read of size 1 at addr ffff888102d37caa by task kunit_try_catch/261 [ 24.307887] [ 24.308063] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.309009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.309612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.310537] Call Trace: [ 24.310761] <TASK> [ 24.311068] dump_stack_lvl+0x73/0xb0 [ 24.312366] print_report+0xd1/0x640 [ 24.312809] ? __virt_addr_valid+0x1db/0x2d0 [ 24.313366] ? kasan_addr_to_slab+0x11/0xa0 [ 24.313830] kasan_report+0x102/0x140 [ 24.314238] ? kasan_alloca_oob_right+0x328/0x390 [ 24.314770] ? kasan_alloca_oob_right+0x328/0x390 [ 24.315298] __asan_report_load1_noabort+0x18/0x20 [ 24.315851] kasan_alloca_oob_right+0x328/0x390 [ 24.316771] ? irqentry_exit+0x2a/0x60 [ 24.317248] ? insn_get_addr_ref+0x170/0x760 [ 24.318070] ? trace_hardirqs_on+0x37/0xe0 [ 24.318567] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 24.319264] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 24.320063] kunit_try_run_case+0x1b3/0x490 [ 24.320746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.321278] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.322173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.322769] ? __kthread_parkme+0x82/0x160 [ 24.323193] ? preempt_count_sub+0x50/0x80 [ 24.323636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.324317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.325024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.325649] kthread+0x257/0x310 [ 24.326076] ? __pfx_kthread+0x10/0x10 [ 24.327109] ret_from_fork+0x41/0x80 [ 24.327715] ? __pfx_kthread+0x10/0x10 [ 24.328281] ret_from_fork_asm+0x1a/0x30 [ 24.328785] </TASK> [ 24.329031] [ 24.329411] The buggy address belongs to stack of task kunit_try_catch/261 [ 24.330017] [ 24.330240] The buggy address belongs to the physical page: [ 24.330679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d37 [ 24.331402] flags: 0x200000000000000(node=0|zone=2) [ 24.331843] raw: 0200000000000000 ffffea00040b4dc8 ffffea00040b4dc8 0000000000000000 [ 24.332742] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.334296] page dumped because: kasan: bad access detected [ 24.334806] [ 24.335043] Memory state around the buggy address: [ 24.335363] ffff888102d37b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.336024] ffff888102d37c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.336892] >ffff888102d37c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 24.337513] ^ [ 24.338668] ffff888102d37d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 24.339252] ffff888102d37d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 24.339891] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 19.986799] ================================================================== [ 19.987480] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 19.988075] Write of size 1 at addr ffff888101b4ef78 by task kunit_try_catch/144 [ 19.988938] [ 19.989146] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 19.989883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.990272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.991225] Call Trace: [ 19.991493] <TASK> [ 19.991689] dump_stack_lvl+0x73/0xb0 [ 19.992166] print_report+0xd1/0x640 [ 19.993239] ? __virt_addr_valid+0x1db/0x2d0 [ 19.993666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.994376] kasan_report+0x102/0x140 [ 19.994766] ? kmalloc_oob_right+0x6bf/0x7f0 [ 19.995199] ? kmalloc_oob_right+0x6bf/0x7f0 [ 19.995727] __asan_report_store1_noabort+0x1b/0x30 [ 19.996323] kmalloc_oob_right+0x6bf/0x7f0 [ 19.996803] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 19.997373] ? __schedule+0xc3e/0x2790 [ 19.997701] ? __pfx_read_tsc+0x10/0x10 [ 19.998125] ? ktime_get_ts64+0x84/0x230 [ 19.998657] kunit_try_run_case+0x1b3/0x490 [ 19.999309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.999779] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.000388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.000907] ? __kthread_parkme+0x82/0x160 [ 20.001488] ? preempt_count_sub+0x50/0x80 [ 20.001953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.002532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.003594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.004274] kthread+0x257/0x310 [ 20.004716] ? __pfx_kthread+0x10/0x10 [ 20.005149] ret_from_fork+0x41/0x80 [ 20.005626] ? __pfx_kthread+0x10/0x10 [ 20.005986] ret_from_fork_asm+0x1a/0x30 [ 20.006559] </TASK> [ 20.006871] [ 20.007021] Allocated by task 144: [ 20.007527] kasan_save_stack+0x3d/0x60 [ 20.007961] kasan_save_track+0x18/0x40 [ 20.008475] kasan_save_alloc_info+0x3b/0x50 [ 20.008924] __kasan_kmalloc+0xb7/0xc0 [ 20.009495] __kmalloc_cache_noprof+0x184/0x410 [ 20.009910] kmalloc_oob_right+0xaa/0x7f0 [ 20.010489] kunit_try_run_case+0x1b3/0x490 [ 20.010870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.011500] kthread+0x257/0x310 [ 20.011782] ret_from_fork+0x41/0x80 [ 20.012359] ret_from_fork_asm+0x1a/0x30 [ 20.012798] [ 20.012993] The buggy address belongs to the object at ffff888101b4ef00 [ 20.012993] which belongs to the cache kmalloc-128 of size 128 [ 20.014193] The buggy address is located 5 bytes to the right of [ 20.014193] allocated 115-byte region [ffff888101b4ef00, ffff888101b4ef73) [ 20.015224] [ 20.015398] The buggy address belongs to the physical page: [ 20.016239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b4e [ 20.017035] flags: 0x200000000000000(node=0|zone=2) [ 20.017384] page_type: f5(slab) [ 20.017653] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.018524] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.019320] page dumped because: kasan: bad access detected [ 20.019753] [ 20.019947] Memory state around the buggy address: [ 20.020511] ffff888101b4ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 20.021134] ffff888101b4ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.021708] >ffff888101b4ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.022541] ^ [ 20.023126] ffff888101b4ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.023703] ffff888101b4f000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.024358] ================================================================== [ 20.025798] ================================================================== [ 20.026570] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 20.027014] Read of size 1 at addr ffff888101b4ef80 by task kunit_try_catch/144 [ 20.027817] [ 20.028051] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.028838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.029262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.030153] Call Trace: [ 20.030427] <TASK> [ 20.030621] dump_stack_lvl+0x73/0xb0 [ 20.031134] print_report+0xd1/0x640 [ 20.031603] ? __virt_addr_valid+0x1db/0x2d0 [ 20.032001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.032714] kasan_report+0x102/0x140 [ 20.033063] ? kmalloc_oob_right+0x68c/0x7f0 [ 20.033570] ? kmalloc_oob_right+0x68c/0x7f0 [ 20.033961] __asan_report_load1_noabort+0x18/0x20 [ 20.034521] kmalloc_oob_right+0x68c/0x7f0 [ 20.034820] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.035224] ? __schedule+0xc3e/0x2790 [ 20.035701] ? __pfx_read_tsc+0x10/0x10 [ 20.036630] ? ktime_get_ts64+0x84/0x230 [ 20.036944] kunit_try_run_case+0x1b3/0x490 [ 20.037844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.038248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.038779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.039287] ? __kthread_parkme+0x82/0x160 [ 20.039724] ? preempt_count_sub+0x50/0x80 [ 20.040220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.040613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.041305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.041767] kthread+0x257/0x310 [ 20.042221] ? __pfx_kthread+0x10/0x10 [ 20.042687] ret_from_fork+0x41/0x80 [ 20.042993] ? __pfx_kthread+0x10/0x10 [ 20.043488] ret_from_fork_asm+0x1a/0x30 [ 20.043926] </TASK> [ 20.044200] [ 20.044436] Allocated by task 144: [ 20.044834] kasan_save_stack+0x3d/0x60 [ 20.045277] kasan_save_track+0x18/0x40 [ 20.045676] kasan_save_alloc_info+0x3b/0x50 [ 20.046149] __kasan_kmalloc+0xb7/0xc0 [ 20.046489] __kmalloc_cache_noprof+0x184/0x410 [ 20.047050] kmalloc_oob_right+0xaa/0x7f0 [ 20.047564] kunit_try_run_case+0x1b3/0x490 [ 20.047930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.048412] kthread+0x257/0x310 [ 20.048657] ret_from_fork+0x41/0x80 [ 20.049163] ret_from_fork_asm+0x1a/0x30 [ 20.049584] [ 20.049739] The buggy address belongs to the object at ffff888101b4ef00 [ 20.049739] which belongs to the cache kmalloc-128 of size 128 [ 20.050751] The buggy address is located 13 bytes to the right of [ 20.050751] allocated 115-byte region [ffff888101b4ef00, ffff888101b4ef73) [ 20.052037] [ 20.052259] The buggy address belongs to the physical page: [ 20.052754] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b4e [ 20.053482] flags: 0x200000000000000(node=0|zone=2) [ 20.053920] page_type: f5(slab) [ 20.054270] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.054910] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.055482] page dumped because: kasan: bad access detected [ 20.056013] [ 20.056223] Memory state around the buggy address: [ 20.056711] ffff888101b4ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.057356] ffff888101b4ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.058002] >ffff888101b4ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.058694] ^ [ 20.058973] ffff888101b4f000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.059544] ffff888101b4f080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.060154] ================================================================== [ 19.933689] ================================================================== [ 19.934831] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 19.936368] Write of size 1 at addr ffff888101b4ef73 by task kunit_try_catch/144 [ 19.937445] [ 19.939202] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241128 #1 [ 19.940205] Tainted: [N]=TEST [ 19.940552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.942169] Call Trace: [ 19.942603] <TASK> [ 19.943135] dump_stack_lvl+0x73/0xb0 [ 19.943725] print_report+0xd1/0x640 [ 19.944118] ? __virt_addr_valid+0x1db/0x2d0 [ 19.944557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.945224] kasan_report+0x102/0x140 [ 19.945713] ? kmalloc_oob_right+0x6f2/0x7f0 [ 19.946067] ? kmalloc_oob_right+0x6f2/0x7f0 [ 19.946897] __asan_report_store1_noabort+0x1b/0x30 [ 19.947564] kmalloc_oob_right+0x6f2/0x7f0 [ 19.948049] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 19.948553] ? __schedule+0xc3e/0x2790 [ 19.948953] ? __pfx_read_tsc+0x10/0x10 [ 19.949993] ? ktime_get_ts64+0x84/0x230 [ 19.950522] kunit_try_run_case+0x1b3/0x490 [ 19.951094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.951688] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.952117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.952624] ? __kthread_parkme+0x82/0x160 [ 19.953188] ? preempt_count_sub+0x50/0x80 [ 19.953746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.954367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.955012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.955543] kthread+0x257/0x310 [ 19.955953] ? __pfx_kthread+0x10/0x10 [ 19.956531] ret_from_fork+0x41/0x80 [ 19.956808] ? __pfx_kthread+0x10/0x10 [ 19.957555] ret_from_fork_asm+0x1a/0x30 [ 19.958127] </TASK> [ 19.958532] [ 19.959047] Allocated by task 144: [ 19.960097] kasan_save_stack+0x3d/0x60 [ 19.960755] kasan_save_track+0x18/0x40 [ 19.961580] kasan_save_alloc_info+0x3b/0x50 [ 19.961973] __kasan_kmalloc+0xb7/0xc0 [ 19.962736] __kmalloc_cache_noprof+0x184/0x410 [ 19.963444] kmalloc_oob_right+0xaa/0x7f0 [ 19.963966] kunit_try_run_case+0x1b3/0x490 [ 19.964744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.965551] kthread+0x257/0x310 [ 19.965950] ret_from_fork+0x41/0x80 [ 19.966324] ret_from_fork_asm+0x1a/0x30 [ 19.967046] [ 19.967496] The buggy address belongs to the object at ffff888101b4ef00 [ 19.967496] which belongs to the cache kmalloc-128 of size 128 [ 19.969134] The buggy address is located 0 bytes to the right of [ 19.969134] allocated 115-byte region [ffff888101b4ef00, ffff888101b4ef73) [ 19.970266] [ 19.970707] The buggy address belongs to the physical page: [ 19.971803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b4e [ 19.972931] flags: 0x200000000000000(node=0|zone=2) [ 19.974147] page_type: f5(slab) [ 19.975096] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.975967] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.976729] page dumped because: kasan: bad access detected [ 19.977220] [ 19.977455] Memory state around the buggy address: [ 19.978505] ffff888101b4ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 19.979425] ffff888101b4ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.979992] >ffff888101b4ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.980583] ^ [ 19.981282] ffff888101b4ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.982255] ffff888101b4f000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.982892] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 214.193785] WARNING: CPU: 1 PID: 2238 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 214.194907] Modules linked in: [ 214.195394] CPU: 1 UID: 0 PID: 2238 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241128 #1 [ 214.196456] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 214.197093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 214.199123] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 214.199703] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 214.202377] RSP: 0000:ffff888100b17ce8 EFLAGS: 00010286 [ 214.203342] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 214.203854] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff93409774 [ 214.204677] RBP: ffff888100b17d10 R08: 0000000000000000 R09: ffffed10209592e0 [ 214.205324] R10: ffff888104ac9707 R11: 0000000000000000 R12: ffffffff93409760 [ 214.206259] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888100b17da8 [ 214.207046] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 214.208336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.208991] CR2: 00007ffff7ffe000 CR3: 000000001a2b8000 CR4: 00000000000006f0 [ 214.209829] DR0: ffffffff953eb1a4 DR1: ffffffff953eb1a9 DR2: ffffffff953eb1aa [ 214.211310] DR3: ffffffff953eb1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 214.212311] Call Trace: [ 214.212827] <TASK> [ 214.213601] ? show_regs+0x68/0x80 [ 214.214154] ? __warn+0xd5/0x260 [ 214.214684] ? drm_rect_calc_vscale+0x130/0x190 [ 214.215570] ? report_bug+0x278/0x2e0 [ 214.215944] ? handle_bug+0x5c/0xb0 [ 214.216530] ? exc_invalid_op+0x1c/0x50 [ 214.216963] ? asm_exc_invalid_op+0x1f/0x30 [ 214.217591] ? drm_rect_calc_vscale+0x130/0x190 [ 214.217937] drm_test_rect_calc_vscale+0x109/0x270 [ 214.218905] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 214.219926] ? __schedule+0xc3e/0x2790 [ 214.220662] ? __pfx_read_tsc+0x10/0x10 [ 214.221295] ? ktime_get_ts64+0x84/0x230 [ 214.221680] kunit_try_run_case+0x1b3/0x490 [ 214.222289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.222667] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 214.224103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 214.224747] ? __kthread_parkme+0x82/0x160 [ 214.225189] ? preempt_count_sub+0x50/0x80 [ 214.225837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.226471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 214.227144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 214.227814] kthread+0x257/0x310 [ 214.228840] ? __pfx_kthread+0x10/0x10 [ 214.229162] ret_from_fork+0x41/0x80 [ 214.229873] ? __pfx_kthread+0x10/0x10 [ 214.230842] ret_from_fork_asm+0x1a/0x30 [ 214.231336] </TASK> [ 214.231667] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 214.154318] WARNING: CPU: 1 PID: 2236 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 214.155056] Modules linked in: [ 214.155780] CPU: 1 UID: 0 PID: 2236 Comm: kunit_try_catch Tainted: G B D W N 6.12.0-next-20241128 #1 [ 214.157276] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 214.157691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 214.159009] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 214.159829] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 214.161669] RSP: 0000:ffff888105927ce8 EFLAGS: 00010286 [ 214.162062] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 214.162729] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9340973c [ 214.163750] RBP: ffff888105927d10 R08: 0000000000000000 R09: ffffed1020b077c0 [ 214.164861] R10: ffff88810583be07 R11: 0000000000000000 R12: ffffffff93409728 [ 214.165767] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105927da8 [ 214.166989] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 214.168002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.168562] CR2: 00007ffff7ffe000 CR3: 000000001a2b8000 CR4: 00000000000006f0 [ 214.169452] DR0: ffffffff953eb1a4 DR1: ffffffff953eb1a9 DR2: ffffffff953eb1aa [ 214.170814] DR3: ffffffff953eb1ab DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 214.171822] Call Trace: [ 214.172071] <TASK> [ 214.172389] ? show_regs+0x68/0x80 [ 214.173037] ? __warn+0xd5/0x260 [ 214.173868] ? drm_rect_calc_vscale+0x130/0x190 [ 214.174651] ? report_bug+0x278/0x2e0 [ 214.174968] ? handle_bug+0x5c/0xb0 [ 214.175527] ? exc_invalid_op+0x1c/0x50 [ 214.176011] ? asm_exc_invalid_op+0x1f/0x30 [ 214.176618] ? drm_rect_calc_vscale+0x130/0x190 [ 214.177122] drm_test_rect_calc_vscale+0x109/0x270 [ 214.177907] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 214.178551] ? __schedule+0xc3e/0x2790 [ 214.178860] ? __pfx_read_tsc+0x10/0x10 [ 214.179538] ? ktime_get_ts64+0x84/0x230 [ 214.180293] kunit_try_run_case+0x1b3/0x490 [ 214.180631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.181175] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 214.181738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 214.182366] ? __kthread_parkme+0x82/0x160 [ 214.182730] ? preempt_count_sub+0x50/0x80 [ 214.183131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 214.184105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 214.184839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 214.185351] kthread+0x257/0x310 [ 214.185904] ? __pfx_kthread+0x10/0x10 [ 214.186230] ret_from_fork+0x41/0x80 [ 214.186919] ? __pfx_kthread+0x10/0x10 [ 214.187294] ret_from_fork_asm+0x1a/0x30 [ 214.187859] </TASK> [ 214.188162] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 24.259769] ================================================================== [ 24.260839] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 24.261904] Read of size 1 at addr ffff888102de7c9f by task kunit_try_catch/259 [ 24.262721] [ 24.263053] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.264755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.265066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.266859] Call Trace: [ 24.267265] <TASK> [ 24.267509] dump_stack_lvl+0x73/0xb0 [ 24.268080] print_report+0xd1/0x640 [ 24.268400] ? __virt_addr_valid+0x1db/0x2d0 [ 24.268960] ? kasan_addr_to_slab+0x11/0xa0 [ 24.269659] kasan_report+0x102/0x140 [ 24.269959] ? kasan_alloca_oob_left+0x31f/0x380 [ 24.270658] ? kasan_alloca_oob_left+0x31f/0x380 [ 24.271721] __asan_report_load1_noabort+0x18/0x20 [ 24.272250] kasan_alloca_oob_left+0x31f/0x380 [ 24.272713] ? trace_event_raw_event_sched_numa_pair_template+0x660/0x7d0 [ 24.273701] ? __schedule+0xc3e/0x2790 [ 24.274205] ? trace_hardirqs_on+0x37/0xe0 [ 24.274726] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 24.275662] ? __schedule+0xc3e/0x2790 [ 24.276460] ? __pfx_read_tsc+0x10/0x10 [ 24.276853] ? ktime_get_ts64+0x84/0x230 [ 24.277354] kunit_try_run_case+0x1b3/0x490 [ 24.277806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.278811] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.279398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.280297] ? __kthread_parkme+0x82/0x160 [ 24.280925] ? preempt_count_sub+0x50/0x80 [ 24.281622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.282283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.282920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.283658] kthread+0x257/0x310 [ 24.284117] ? __pfx_kthread+0x10/0x10 [ 24.284708] ret_from_fork+0x41/0x80 [ 24.285384] ? __pfx_kthread+0x10/0x10 [ 24.285937] ret_from_fork_asm+0x1a/0x30 [ 24.286660] </TASK> [ 24.287000] [ 24.287649] The buggy address belongs to stack of task kunit_try_catch/259 [ 24.288461] [ 24.288638] The buggy address belongs to the physical page: [ 24.289288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102de7 [ 24.290187] flags: 0x200000000000000(node=0|zone=2) [ 24.290760] raw: 0200000000000000 ffffea00040b79c8 ffffea00040b79c8 0000000000000000 [ 24.291557] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.292184] page dumped because: kasan: bad access detected [ 24.292817] [ 24.293352] Memory state around the buggy address: [ 24.294146] ffff888102de7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.294708] ffff888102de7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.295593] >ffff888102de7c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 24.296504] ^ [ 24.296917] ffff888102de7d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 24.297893] ffff888102de7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 24.299258] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 24.212048] ================================================================== [ 24.213714] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 24.214377] Read of size 1 at addr ffff888102d97d72 by task kunit_try_catch/257 [ 24.215148] [ 24.215731] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.216295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.217030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.218668] Call Trace: [ 24.218956] <TASK> [ 24.219237] dump_stack_lvl+0x73/0xb0 [ 24.219650] print_report+0xd1/0x640 [ 24.220038] ? __virt_addr_valid+0x1db/0x2d0 [ 24.221043] ? kasan_addr_to_slab+0x11/0xa0 [ 24.221949] kasan_report+0x102/0x140 [ 24.222678] ? kasan_stack_oob+0x2ae/0x300 [ 24.223106] ? kasan_stack_oob+0x2ae/0x300 [ 24.223977] __asan_report_load1_noabort+0x18/0x20 [ 24.224697] kasan_stack_oob+0x2ae/0x300 [ 24.225120] ? __pfx_kasan_stack_oob+0x10/0x10 [ 24.225597] ? finish_task_switch.isra.0+0x153/0x700 [ 24.226092] ? __switch_to+0x5d9/0xf60 [ 24.226975] ? __schedule+0xc3e/0x2790 [ 24.227835] ? __pfx_read_tsc+0x10/0x10 [ 24.228621] ? ktime_get_ts64+0x84/0x230 [ 24.228975] kunit_try_run_case+0x1b3/0x490 [ 24.229975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.230634] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.230996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.231631] ? __kthread_parkme+0x82/0x160 [ 24.231997] ? preempt_count_sub+0x50/0x80 [ 24.232531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.233087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.233644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.234151] kthread+0x257/0x310 [ 24.234667] ? __pfx_kthread+0x10/0x10 [ 24.235020] ret_from_fork+0x41/0x80 [ 24.235651] ? __pfx_kthread+0x10/0x10 [ 24.235946] ret_from_fork_asm+0x1a/0x30 [ 24.237025] </TASK> [ 24.237457] [ 24.237746] The buggy address belongs to stack of task kunit_try_catch/257 [ 24.238723] and is located at offset 138 in frame: [ 24.239221] kasan_stack_oob+0x0/0x300 [ 24.239912] [ 24.240126] This frame has 4 objects: [ 24.240653] [48, 49) '__assertion' [ 24.240723] [64, 72) 'array' [ 24.241059] [96, 112) '__assertion' [ 24.241606] [128, 138) 'stack_array' [ 24.242126] [ 24.242816] The buggy address belongs to the physical page: [ 24.243884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 24.244729] flags: 0x200000000000000(node=0|zone=2) [ 24.245299] raw: 0200000000000000 ffffea00040b65c8 ffffea00040b65c8 0000000000000000 [ 24.245964] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.246721] page dumped because: kasan: bad access detected [ 24.247104] [ 24.247364] Memory state around the buggy address: [ 24.247771] ffff888102d97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.248537] ffff888102d97c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 24.248969] >ffff888102d97d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 24.250438] ^ [ 24.251046] ffff888102d97d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 24.251850] ffff888102d97e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 24.252418] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 24.169804] ================================================================== [ 24.171088] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 24.171731] Read of size 1 at addr ffffffff953fcc2d by task kunit_try_catch/253 [ 24.172319] [ 24.172605] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.173614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.173944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.175171] Call Trace: [ 24.175550] <TASK> [ 24.175830] dump_stack_lvl+0x73/0xb0 [ 24.176463] print_report+0xd1/0x640 [ 24.176843] ? __virt_addr_valid+0x1db/0x2d0 [ 24.177428] ? kasan_addr_to_slab+0x11/0xa0 [ 24.177958] kasan_report+0x102/0x140 [ 24.178503] ? kasan_global_oob_right+0x288/0x2d0 [ 24.178913] ? kasan_global_oob_right+0x288/0x2d0 [ 24.179446] __asan_report_load1_noabort+0x18/0x20 [ 24.179886] kasan_global_oob_right+0x288/0x2d0 [ 24.180369] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 24.180889] ? __schedule+0xc3e/0x2790 [ 24.181320] ? __pfx_read_tsc+0x10/0x10 [ 24.181766] ? ktime_get_ts64+0x84/0x230 [ 24.182329] kunit_try_run_case+0x1b3/0x490 [ 24.182945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.183478] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.184012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.184630] ? __kthread_parkme+0x82/0x160 [ 24.185047] ? preempt_count_sub+0x50/0x80 [ 24.185682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.186170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.186758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.187391] kthread+0x257/0x310 [ 24.187857] ? __pfx_kthread+0x10/0x10 [ 24.188438] ret_from_fork+0x41/0x80 [ 24.189064] ? __pfx_kthread+0x10/0x10 [ 24.189692] ret_from_fork_asm+0x1a/0x30 [ 24.190467] </TASK> [ 24.190746] [ 24.191007] The buggy address belongs to the variable: [ 24.191633] global_array+0xd/0x40 [ 24.191928] [ 24.192317] The buggy address belongs to the physical page: [ 24.192938] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b5fc [ 24.193668] flags: 0x100000000002000(reserved|node=0|zone=1) [ 24.194406] raw: 0100000000002000 ffffea00006d7f08 ffffea00006d7f08 0000000000000000 [ 24.195151] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.195716] page dumped because: kasan: bad access detected [ 24.196364] [ 24.196646] Memory state around the buggy address: [ 24.197134] ffffffff953fcb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.197798] ffffffff953fcb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.198509] >ffffffff953fcc00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 24.199259] ^ [ 24.199756] ffffffff953fcc80: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 24.200496] ffffffff953fcd00: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 24.200945] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 24.054895] ================================================================== [ 24.055801] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.057196] Free of addr ffff888101b62c01 by task kunit_try_catch/249 [ 24.057912] [ 24.058147] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.058954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.059235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.060503] Call Trace: [ 24.060794] <TASK> [ 24.061313] dump_stack_lvl+0x73/0xb0 [ 24.061922] print_report+0xd1/0x640 [ 24.062714] ? __virt_addr_valid+0x1db/0x2d0 [ 24.063134] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.063746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.064795] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.065735] kasan_report_invalid_free+0xc0/0xf0 [ 24.066148] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.066716] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.067196] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.068508] check_slab_allocation+0x11f/0x130 [ 24.068918] __kasan_mempool_poison_object+0x91/0x1d0 [ 24.069595] mempool_free+0x2ec/0x380 [ 24.069989] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.070886] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 24.072020] ? finish_task_switch.isra.0+0x153/0x700 [ 24.072590] mempool_kmalloc_invalid_free+0xb1/0x100 [ 24.073751] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 24.074566] ? __switch_to+0x5d9/0xf60 [ 24.075061] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.075596] ? __pfx_mempool_kfree+0x10/0x10 [ 24.076012] ? __pfx_read_tsc+0x10/0x10 [ 24.076318] ? ktime_get_ts64+0x84/0x230 [ 24.076827] kunit_try_run_case+0x1b3/0x490 [ 24.077358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.077953] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.078600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.079147] ? __kthread_parkme+0x82/0x160 [ 24.079578] ? preempt_count_sub+0x50/0x80 [ 24.080351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.080957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.081840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.082470] kthread+0x257/0x310 [ 24.082782] ? __pfx_kthread+0x10/0x10 [ 24.083220] ret_from_fork+0x41/0x80 [ 24.083923] ? __pfx_kthread+0x10/0x10 [ 24.084483] ret_from_fork_asm+0x1a/0x30 [ 24.084897] </TASK> [ 24.085240] [ 24.085420] Allocated by task 249: [ 24.085923] kasan_save_stack+0x3d/0x60 [ 24.086429] kasan_save_track+0x18/0x40 [ 24.086783] kasan_save_alloc_info+0x3b/0x50 [ 24.088304] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 24.088973] remove_element+0x11e/0x190 [ 24.089634] mempool_alloc_preallocated+0x4d/0x90 [ 24.090110] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 24.091018] mempool_kmalloc_invalid_free+0xb1/0x100 [ 24.091476] kunit_try_run_case+0x1b3/0x490 [ 24.091947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.093103] kthread+0x257/0x310 [ 24.093796] ret_from_fork+0x41/0x80 [ 24.094129] ret_from_fork_asm+0x1a/0x30 [ 24.094833] [ 24.094986] The buggy address belongs to the object at ffff888101b62c00 [ 24.094986] which belongs to the cache kmalloc-128 of size 128 [ 24.096613] The buggy address is located 1 bytes inside of [ 24.096613] 128-byte region [ffff888101b62c00, ffff888101b62c80) [ 24.097646] [ 24.097901] The buggy address belongs to the physical page: [ 24.098543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b62 [ 24.099532] flags: 0x200000000000000(node=0|zone=2) [ 24.100617] page_type: f5(slab) [ 24.101076] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.101796] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 24.102500] page dumped because: kasan: bad access detected [ 24.103221] [ 24.103409] Memory state around the buggy address: [ 24.104038] ffff888101b62b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.104719] ffff888101b62b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.105571] >ffff888101b62c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.106357] ^ [ 24.106859] ffff888101b62c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.107506] ffff888101b62d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.108440] ================================================================== [ 24.114719] ================================================================== [ 24.116568] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.117428] Free of addr ffff888102bd4001 by task kunit_try_catch/251 [ 24.118352] [ 24.118640] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.120014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.120900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.122315] Call Trace: [ 24.122874] <TASK> [ 24.123120] dump_stack_lvl+0x73/0xb0 [ 24.123856] print_report+0xd1/0x640 [ 24.124100] ? __virt_addr_valid+0x1db/0x2d0 [ 24.125141] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.126021] ? kasan_addr_to_slab+0x11/0xa0 [ 24.126760] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.127531] kasan_report_invalid_free+0xc0/0xf0 [ 24.128292] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.128909] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.129598] __kasan_mempool_poison_object+0x102/0x1d0 [ 24.130433] mempool_free+0x2ec/0x380 [ 24.130868] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 24.131678] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 24.132744] ? finish_task_switch.isra.0+0x153/0x700 [ 24.133694] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 24.134271] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 24.134761] ? __switch_to+0x5d9/0xf60 [ 24.135124] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.135829] ? __pfx_mempool_kfree+0x10/0x10 [ 24.136407] ? __pfx_read_tsc+0x10/0x10 [ 24.136804] ? ktime_get_ts64+0x84/0x230 [ 24.137251] kunit_try_run_case+0x1b3/0x490 [ 24.137853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.138439] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.138872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.139980] ? __kthread_parkme+0x82/0x160 [ 24.140430] ? preempt_count_sub+0x50/0x80 [ 24.141498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.141938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.143045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.144065] kthread+0x257/0x310 [ 24.144607] ? __pfx_kthread+0x10/0x10 [ 24.145380] ret_from_fork+0x41/0x80 [ 24.146045] ? __pfx_kthread+0x10/0x10 [ 24.146701] ret_from_fork_asm+0x1a/0x30 [ 24.146921] </TASK> [ 24.147038] [ 24.147216] The buggy address belongs to the physical page: [ 24.147616] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd4 [ 24.148667] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.149756] flags: 0x200000000000040(head|node=0|zone=2) [ 24.150644] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.151616] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.152423] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.153330] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.154019] head: 0200000000000002 ffffea00040af501 ffffffffffffffff 0000000000000000 [ 24.154986] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.155852] page dumped because: kasan: bad access detected [ 24.156462] [ 24.156720] Memory state around the buggy address: [ 24.157723] ffff888102bd3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.158667] ffff888102bd3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.159549] >ffff888102bd4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.160695] ^ [ 24.161023] ffff888102bd4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.161898] ffff888102bd4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.163282] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 23.960822] ================================================================== [ 23.961968] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 23.962787] Free of addr ffff888102bd4000 by task kunit_try_catch/245 [ 23.963458] [ 23.963854] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.965446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.966110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.967006] Call Trace: [ 23.967415] <TASK> [ 23.967981] dump_stack_lvl+0x73/0xb0 [ 23.968773] print_report+0xd1/0x640 [ 23.969319] ? __virt_addr_valid+0x1db/0x2d0 [ 23.969957] ? mempool_double_free_helper+0x185/0x370 [ 23.970750] ? kasan_addr_to_slab+0x11/0xa0 [ 23.971281] ? mempool_double_free_helper+0x185/0x370 [ 23.972082] kasan_report_invalid_free+0xc0/0xf0 [ 23.972858] ? mempool_double_free_helper+0x185/0x370 [ 23.973574] ? mempool_double_free_helper+0x185/0x370 [ 23.974413] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 23.975130] mempool_free+0x2ec/0x380 [ 23.975814] mempool_double_free_helper+0x185/0x370 [ 23.976603] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 23.977145] ? finish_task_switch.isra.0+0x153/0x700 [ 23.977985] mempool_kmalloc_large_double_free+0xb1/0x100 [ 23.978673] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 23.979566] ? __switch_to+0x5d9/0xf60 [ 23.980049] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.980471] ? __pfx_mempool_kfree+0x10/0x10 [ 23.980965] ? __pfx_read_tsc+0x10/0x10 [ 23.981519] ? ktime_get_ts64+0x84/0x230 [ 23.982355] kunit_try_run_case+0x1b3/0x490 [ 23.982690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.983325] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.983788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.984331] ? __kthread_parkme+0x82/0x160 [ 23.984855] ? preempt_count_sub+0x50/0x80 [ 23.985275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.985785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.986465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.986835] kthread+0x257/0x310 [ 23.987300] ? __pfx_kthread+0x10/0x10 [ 23.987800] ret_from_fork+0x41/0x80 [ 23.988955] ? __pfx_kthread+0x10/0x10 [ 23.989602] ret_from_fork_asm+0x1a/0x30 [ 23.989985] </TASK> [ 23.990774] [ 23.991026] The buggy address belongs to the physical page: [ 23.992031] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd4 [ 23.993217] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.994304] flags: 0x200000000000040(head|node=0|zone=2) [ 23.994869] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.996064] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.997098] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.998194] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.999173] head: 0200000000000002 ffffea00040af501 ffffffffffffffff 0000000000000000 [ 23.999777] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.000748] page dumped because: kasan: bad access detected [ 24.002229] [ 24.002597] Memory state around the buggy address: [ 24.002889] ffff888102bd3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.003834] ffff888102bd3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.004716] >ffff888102bd4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.005665] ^ [ 24.006377] ffff888102bd4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.007554] ffff888102bd4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.008231] ================================================================== [ 23.896047] ================================================================== [ 23.897264] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 23.898796] Free of addr ffff888101b62400 by task kunit_try_catch/243 [ 23.899422] [ 23.899657] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.900895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.901588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.902737] Call Trace: [ 23.903019] <TASK> [ 23.903460] dump_stack_lvl+0x73/0xb0 [ 23.903881] print_report+0xd1/0x640 [ 23.904546] ? __virt_addr_valid+0x1db/0x2d0 [ 23.904981] ? mempool_double_free_helper+0x185/0x370 [ 23.905656] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.906409] ? mempool_double_free_helper+0x185/0x370 [ 23.907536] kasan_report_invalid_free+0xc0/0xf0 [ 23.908014] ? mempool_double_free_helper+0x185/0x370 [ 23.908729] ? mempool_double_free_helper+0x185/0x370 [ 23.909093] ? mempool_double_free_helper+0x185/0x370 [ 23.909628] check_slab_allocation+0x101/0x130 [ 23.910084] __kasan_mempool_poison_object+0x91/0x1d0 [ 23.911226] mempool_free+0x2ec/0x380 [ 23.911567] mempool_double_free_helper+0x185/0x370 [ 23.911996] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 23.912845] ? finish_task_switch.isra.0+0x153/0x700 [ 23.913442] mempool_kmalloc_double_free+0xb1/0x100 [ 23.913906] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 23.914244] ? __switch_to+0x5d9/0xf60 [ 23.914708] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.915079] ? __pfx_mempool_kfree+0x10/0x10 [ 23.915685] ? __pfx_read_tsc+0x10/0x10 [ 23.916017] ? ktime_get_ts64+0x84/0x230 [ 23.916908] kunit_try_run_case+0x1b3/0x490 [ 23.917711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.918232] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.918726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.919560] ? __kthread_parkme+0x82/0x160 [ 23.920119] ? preempt_count_sub+0x50/0x80 [ 23.920453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.921025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.921514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.922374] kthread+0x257/0x310 [ 23.923028] ? __pfx_kthread+0x10/0x10 [ 23.923556] ret_from_fork+0x41/0x80 [ 23.924160] ? __pfx_kthread+0x10/0x10 [ 23.924627] ret_from_fork_asm+0x1a/0x30 [ 23.925061] </TASK> [ 23.925472] [ 23.925838] Allocated by task 243: [ 23.926212] kasan_save_stack+0x3d/0x60 [ 23.926801] kasan_save_track+0x18/0x40 [ 23.927377] kasan_save_alloc_info+0x3b/0x50 [ 23.927862] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 23.928580] remove_element+0x11e/0x190 [ 23.929048] mempool_alloc_preallocated+0x4d/0x90 [ 23.929748] mempool_double_free_helper+0x8b/0x370 [ 23.930448] mempool_kmalloc_double_free+0xb1/0x100 [ 23.930881] kunit_try_run_case+0x1b3/0x490 [ 23.931311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.932144] kthread+0x257/0x310 [ 23.932526] ret_from_fork+0x41/0x80 [ 23.932924] ret_from_fork_asm+0x1a/0x30 [ 23.933604] [ 23.933758] Freed by task 243: [ 23.934285] kasan_save_stack+0x3d/0x60 [ 23.934867] kasan_save_track+0x18/0x40 [ 23.935479] kasan_save_free_info+0x3f/0x60 [ 23.935960] __kasan_mempool_poison_object+0x131/0x1d0 [ 23.936722] mempool_free+0x2ec/0x380 [ 23.937364] mempool_double_free_helper+0x10a/0x370 [ 23.937941] mempool_kmalloc_double_free+0xb1/0x100 [ 23.938601] kunit_try_run_case+0x1b3/0x490 [ 23.939004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.939716] kthread+0x257/0x310 [ 23.940086] ret_from_fork+0x41/0x80 [ 23.940747] ret_from_fork_asm+0x1a/0x30 [ 23.941209] [ 23.941488] The buggy address belongs to the object at ffff888101b62400 [ 23.941488] which belongs to the cache kmalloc-128 of size 128 [ 23.942755] The buggy address is located 0 bytes inside of [ 23.942755] 128-byte region [ffff888101b62400, ffff888101b62480) [ 23.943891] [ 23.944198] The buggy address belongs to the physical page: [ 23.944620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b62 [ 23.945978] flags: 0x200000000000000(node=0|zone=2) [ 23.946422] page_type: f5(slab) [ 23.946935] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.947701] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.948843] page dumped because: kasan: bad access detected [ 23.949419] [ 23.949697] Memory state around the buggy address: [ 23.950272] ffff888101b62300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.951017] ffff888101b62380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.951445] >ffff888101b62400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.952380] ^ [ 23.952787] ffff888101b62480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.953430] ffff888101b62500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.954435] ================================================================== [ 24.015517] ================================================================== [ 24.017058] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 24.017934] Free of addr ffff888102bd4000 by task kunit_try_catch/247 [ 24.018705] [ 24.019168] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 24.020508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.021382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.022234] Call Trace: [ 24.022618] <TASK> [ 24.022957] dump_stack_lvl+0x73/0xb0 [ 24.023627] print_report+0xd1/0x640 [ 24.024429] ? __virt_addr_valid+0x1db/0x2d0 [ 24.024815] ? mempool_double_free_helper+0x185/0x370 [ 24.025464] ? kasan_addr_to_slab+0x11/0xa0 [ 24.025867] ? mempool_double_free_helper+0x185/0x370 [ 24.026397] kasan_report_invalid_free+0xc0/0xf0 [ 24.026789] ? mempool_double_free_helper+0x185/0x370 [ 24.027245] ? mempool_double_free_helper+0x185/0x370 [ 24.027871] __kasan_mempool_poison_pages+0x115/0x130 [ 24.028326] mempool_free+0x290/0x380 [ 24.028847] mempool_double_free_helper+0x185/0x370 [ 24.029457] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 24.029854] ? irqentry_exit+0x2a/0x60 [ 24.030410] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.030871] mempool_page_alloc_double_free+0xac/0x100 [ 24.031459] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 24.032029] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 24.032481] ? __pfx_mempool_free_pages+0x10/0x10 [ 24.032962] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 24.033543] kunit_try_run_case+0x1b3/0x490 [ 24.033967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.034369] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.034885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.035369] ? __kthread_parkme+0x82/0x160 [ 24.035730] ? preempt_count_sub+0x50/0x80 [ 24.036130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.036751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.037290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.037891] kthread+0x257/0x310 [ 24.038224] ? __pfx_kthread+0x10/0x10 [ 24.038646] ret_from_fork+0x41/0x80 [ 24.039031] ? __pfx_kthread+0x10/0x10 [ 24.039481] ret_from_fork_asm+0x1a/0x30 [ 24.039982] </TASK> [ 24.040302] [ 24.040509] The buggy address belongs to the physical page: [ 24.041116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd4 [ 24.041751] flags: 0x200000000000000(node=0|zone=2) [ 24.042372] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.042926] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.043631] page dumped because: kasan: bad access detected [ 24.044179] [ 24.044406] Memory state around the buggy address: [ 24.044709] ffff888102bd3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.045498] ffff888102bd3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.045938] >ffff888102bd4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.046760] ^ [ 24.047214] ffff888102bd4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.047646] ffff888102bd4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.048482] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 23.851538] ================================================================== [ 23.852251] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 23.853412] Read of size 1 at addr ffff888102da4000 by task kunit_try_catch/241 [ 23.854717] [ 23.854919] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.855877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.856268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.857149] Call Trace: [ 23.857664] <TASK> [ 23.858101] dump_stack_lvl+0x73/0xb0 [ 23.858777] print_report+0xd1/0x640 [ 23.859421] ? __virt_addr_valid+0x1db/0x2d0 [ 23.860110] ? kasan_addr_to_slab+0x11/0xa0 [ 23.860641] kasan_report+0x102/0x140 [ 23.861170] ? mempool_uaf_helper+0x394/0x400 [ 23.861911] ? mempool_uaf_helper+0x394/0x400 [ 23.862613] __asan_report_load1_noabort+0x18/0x20 [ 23.863457] mempool_uaf_helper+0x394/0x400 [ 23.863947] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 23.864770] mempool_page_alloc_uaf+0xb1/0x100 [ 23.865559] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 23.866060] ? __switch_to+0x5d9/0xf60 [ 23.866767] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 23.867533] ? __pfx_mempool_free_pages+0x10/0x10 [ 23.868015] ? __pfx_read_tsc+0x10/0x10 [ 23.869045] ? ktime_get_ts64+0x84/0x230 [ 23.869426] kunit_try_run_case+0x1b3/0x490 [ 23.869900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.870612] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.871122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.871971] ? __kthread_parkme+0x82/0x160 [ 23.872270] ? preempt_count_sub+0x50/0x80 [ 23.872588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.873173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.874109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.874794] kthread+0x257/0x310 [ 23.875568] ? __pfx_kthread+0x10/0x10 [ 23.876410] ret_from_fork+0x41/0x80 [ 23.876800] ? __pfx_kthread+0x10/0x10 [ 23.877194] ret_from_fork_asm+0x1a/0x30 [ 23.878100] </TASK> [ 23.878463] [ 23.878716] The buggy address belongs to the physical page: [ 23.879532] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102da4 [ 23.880563] flags: 0x200000000000000(node=0|zone=2) [ 23.880938] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.881913] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.882660] page dumped because: kasan: bad access detected [ 23.883270] [ 23.884119] Memory state around the buggy address: [ 23.884543] ffff888102da3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.885769] ffff888102da3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.886229] >ffff888102da4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.887323] ^ [ 23.887863] ffff888102da4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.889051] ffff888102da4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.890460] ================================================================== [ 23.733816] ================================================================== [ 23.734577] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 23.735455] Read of size 1 at addr ffff888102da4000 by task kunit_try_catch/237 [ 23.737144] [ 23.737558] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.738552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.738918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.739814] Call Trace: [ 23.740035] <TASK> [ 23.740445] dump_stack_lvl+0x73/0xb0 [ 23.740977] print_report+0xd1/0x640 [ 23.741400] ? __virt_addr_valid+0x1db/0x2d0 [ 23.742007] ? kasan_addr_to_slab+0x11/0xa0 [ 23.742435] kasan_report+0x102/0x140 [ 23.742822] ? mempool_uaf_helper+0x394/0x400 [ 23.743240] ? mempool_uaf_helper+0x394/0x400 [ 23.743787] __asan_report_load1_noabort+0x18/0x20 [ 23.744357] mempool_uaf_helper+0x394/0x400 [ 23.744753] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 23.745391] ? finish_task_switch.isra.0+0x153/0x700 [ 23.745800] mempool_kmalloc_large_uaf+0xb3/0x100 [ 23.746190] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 23.746973] ? __switch_to+0x5d9/0xf60 [ 23.747551] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.748115] ? __pfx_mempool_kfree+0x10/0x10 [ 23.748521] ? __pfx_read_tsc+0x10/0x10 [ 23.749061] ? ktime_get_ts64+0x84/0x230 [ 23.749683] kunit_try_run_case+0x1b3/0x490 [ 23.750227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.750807] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.751404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.751884] ? __kthread_parkme+0x82/0x160 [ 23.752394] ? preempt_count_sub+0x50/0x80 [ 23.752861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.753508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.753949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.754789] kthread+0x257/0x310 [ 23.755317] ? __pfx_kthread+0x10/0x10 [ 23.755713] ret_from_fork+0x41/0x80 [ 23.756266] ? __pfx_kthread+0x10/0x10 [ 23.756670] ret_from_fork_asm+0x1a/0x30 [ 23.757146] </TASK> [ 23.757456] [ 23.757735] The buggy address belongs to the physical page: [ 23.758453] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102da4 [ 23.759204] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.759859] flags: 0x200000000000040(head|node=0|zone=2) [ 23.760546] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.761377] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.762137] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.762807] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.763592] head: 0200000000000002 ffffea00040b6901 ffffffffffffffff 0000000000000000 [ 23.764637] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.765306] page dumped because: kasan: bad access detected [ 23.765736] [ 23.765971] Memory state around the buggy address: [ 23.766460] ffff888102da3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.767064] ffff888102da3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.767731] >ffff888102da4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.768385] ^ [ 23.768781] ffff888102da4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.769316] ffff888102da4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.769921] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 23.663822] ================================================================== [ 23.664842] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 23.665276] Read of size 1 at addr ffff888101b61f00 by task kunit_try_catch/235 [ 23.665708] [ 23.666143] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.668215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.668537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.669631] Call Trace: [ 23.669895] <TASK> [ 23.670115] dump_stack_lvl+0x73/0xb0 [ 23.670501] print_report+0xd1/0x640 [ 23.670937] ? __virt_addr_valid+0x1db/0x2d0 [ 23.671924] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.672759] kasan_report+0x102/0x140 [ 23.673004] ? mempool_uaf_helper+0x394/0x400 [ 23.674023] ? mempool_uaf_helper+0x394/0x400 [ 23.674843] __asan_report_load1_noabort+0x18/0x20 [ 23.675380] mempool_uaf_helper+0x394/0x400 [ 23.675704] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 23.676867] ? finish_task_switch.isra.0+0x153/0x700 [ 23.677573] mempool_kmalloc_uaf+0xb3/0x100 [ 23.678031] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 23.678508] ? __switch_to+0x5d9/0xf60 [ 23.678880] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.679321] ? __pfx_mempool_kfree+0x10/0x10 [ 23.680567] ? __pfx_read_tsc+0x10/0x10 [ 23.681101] ? ktime_get_ts64+0x84/0x230 [ 23.682129] kunit_try_run_case+0x1b3/0x490 [ 23.682705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.683531] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.683825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.684153] ? __kthread_parkme+0x82/0x160 [ 23.684878] ? preempt_count_sub+0x50/0x80 [ 23.685237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.686190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.686899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.687719] kthread+0x257/0x310 [ 23.687896] ? __pfx_kthread+0x10/0x10 [ 23.688098] ret_from_fork+0x41/0x80 [ 23.689604] ? __pfx_kthread+0x10/0x10 [ 23.690091] ret_from_fork_asm+0x1a/0x30 [ 23.690839] </TASK> [ 23.691504] [ 23.691943] Allocated by task 235: [ 23.692245] kasan_save_stack+0x3d/0x60 [ 23.693108] kasan_save_track+0x18/0x40 [ 23.693437] kasan_save_alloc_info+0x3b/0x50 [ 23.694194] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 23.695030] remove_element+0x11e/0x190 [ 23.695633] mempool_alloc_preallocated+0x4d/0x90 [ 23.696154] mempool_uaf_helper+0x97/0x400 [ 23.697499] mempool_kmalloc_uaf+0xb3/0x100 [ 23.698143] kunit_try_run_case+0x1b3/0x490 [ 23.698871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.699632] kthread+0x257/0x310 [ 23.700105] ret_from_fork+0x41/0x80 [ 23.700908] ret_from_fork_asm+0x1a/0x30 [ 23.701838] [ 23.702172] Freed by task 235: [ 23.702775] kasan_save_stack+0x3d/0x60 [ 23.703389] kasan_save_track+0x18/0x40 [ 23.703969] kasan_save_free_info+0x3f/0x60 [ 23.704857] __kasan_mempool_poison_object+0x131/0x1d0 [ 23.705740] mempool_free+0x2ec/0x380 [ 23.706228] mempool_uaf_helper+0x11b/0x400 [ 23.706864] mempool_kmalloc_uaf+0xb3/0x100 [ 23.707443] kunit_try_run_case+0x1b3/0x490 [ 23.708052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.709211] kthread+0x257/0x310 [ 23.709970] ret_from_fork+0x41/0x80 [ 23.710306] ret_from_fork_asm+0x1a/0x30 [ 23.710849] [ 23.711055] The buggy address belongs to the object at ffff888101b61f00 [ 23.711055] which belongs to the cache kmalloc-128 of size 128 [ 23.712108] The buggy address is located 0 bytes inside of [ 23.712108] freed 128-byte region [ffff888101b61f00, ffff888101b61f80) [ 23.714159] [ 23.714310] The buggy address belongs to the physical page: [ 23.715401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b61 [ 23.716747] flags: 0x200000000000000(node=0|zone=2) [ 23.717197] page_type: f5(slab) [ 23.717870] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.718816] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 23.720605] page dumped because: kasan: bad access detected [ 23.721187] [ 23.721792] Memory state around the buggy address: [ 23.722383] ffff888101b61e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.723074] ffff888101b61e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.724237] >ffff888101b61f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.724751] ^ [ 23.725135] ffff888101b61f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.726112] ffff888101b62000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.727295] ================================================================== [ 23.780191] ================================================================== [ 23.781175] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 23.781745] Read of size 1 at addr ffff888101b65240 by task kunit_try_catch/239 [ 23.782421] [ 23.782777] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.783709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.784298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.784846] Call Trace: [ 23.785362] <TASK> [ 23.785737] dump_stack_lvl+0x73/0xb0 [ 23.786888] print_report+0xd1/0x640 [ 23.787300] ? __virt_addr_valid+0x1db/0x2d0 [ 23.787890] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.788325] kasan_report+0x102/0x140 [ 23.788909] ? mempool_uaf_helper+0x394/0x400 [ 23.789502] ? mempool_uaf_helper+0x394/0x400 [ 23.790038] __asan_report_load1_noabort+0x18/0x20 [ 23.790658] mempool_uaf_helper+0x394/0x400 [ 23.791083] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 23.791948] ? finish_task_switch.isra.0+0x153/0x700 [ 23.792556] mempool_slab_uaf+0xae/0x100 [ 23.792963] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 23.793520] ? __switch_to+0x5d9/0xf60 [ 23.793840] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 23.794908] ? __pfx_mempool_free_slab+0x10/0x10 [ 23.795617] ? __pfx_read_tsc+0x10/0x10 [ 23.796071] ? ktime_get_ts64+0x84/0x230 [ 23.796589] kunit_try_run_case+0x1b3/0x490 [ 23.797035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.797513] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.798016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.798792] ? __kthread_parkme+0x82/0x160 [ 23.799113] ? preempt_count_sub+0x50/0x80 [ 23.800186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.800985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.802095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.803005] kthread+0x257/0x310 [ 23.803492] ? __pfx_kthread+0x10/0x10 [ 23.803785] ret_from_fork+0x41/0x80 [ 23.804419] ? __pfx_kthread+0x10/0x10 [ 23.804723] ret_from_fork_asm+0x1a/0x30 [ 23.805961] </TASK> [ 23.806430] [ 23.806754] Allocated by task 239: [ 23.807047] kasan_save_stack+0x3d/0x60 [ 23.807808] kasan_save_track+0x18/0x40 [ 23.808115] kasan_save_alloc_info+0x3b/0x50 [ 23.808631] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 23.809258] remove_element+0x11e/0x190 [ 23.809831] mempool_alloc_preallocated+0x4d/0x90 [ 23.810577] mempool_uaf_helper+0x97/0x400 [ 23.811022] mempool_slab_uaf+0xae/0x100 [ 23.812443] kunit_try_run_case+0x1b3/0x490 [ 23.813183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.813931] kthread+0x257/0x310 [ 23.814510] ret_from_fork+0x41/0x80 [ 23.814973] ret_from_fork_asm+0x1a/0x30 [ 23.815511] [ 23.815702] Freed by task 239: [ 23.816897] kasan_save_stack+0x3d/0x60 [ 23.817389] kasan_save_track+0x18/0x40 [ 23.818010] kasan_save_free_info+0x3f/0x60 [ 23.818704] __kasan_mempool_poison_object+0x131/0x1d0 [ 23.819432] mempool_free+0x2ec/0x380 [ 23.819883] mempool_uaf_helper+0x11b/0x400 [ 23.820395] mempool_slab_uaf+0xae/0x100 [ 23.820904] kunit_try_run_case+0x1b3/0x490 [ 23.821324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.823091] kthread+0x257/0x310 [ 23.823534] ret_from_fork+0x41/0x80 [ 23.824139] ret_from_fork_asm+0x1a/0x30 [ 23.824743] [ 23.825010] The buggy address belongs to the object at ffff888101b65240 [ 23.825010] which belongs to the cache test_cache of size 123 [ 23.826523] The buggy address is located 0 bytes inside of [ 23.826523] freed 123-byte region [ffff888101b65240, ffff888101b652bb) [ 23.827610] [ 23.828433] The buggy address belongs to the physical page: [ 23.829578] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b65 [ 23.830452] flags: 0x200000000000000(node=0|zone=2) [ 23.830953] page_type: f5(slab) [ 23.831305] raw: 0200000000000000 ffff888101af9b40 dead000000000122 0000000000000000 [ 23.832169] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 23.832858] page dumped because: kasan: bad access detected [ 23.833761] [ 23.834061] Memory state around the buggy address: [ 23.834393] ffff888101b65100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.834800] ffff888101b65180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.835500] >ffff888101b65200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 23.836233] ^ [ 23.836626] ffff888101b65280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.838072] ffff888101b65300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.838984] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 23.500965] ================================================================== [ 23.502134] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 23.503447] Read of size 1 at addr ffff888101b61773 by task kunit_try_catch/229 [ 23.503993] [ 23.504227] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.505748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.506190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.506919] Call Trace: [ 23.507429] <TASK> [ 23.507768] dump_stack_lvl+0x73/0xb0 [ 23.508223] print_report+0xd1/0x640 [ 23.508658] ? __virt_addr_valid+0x1db/0x2d0 [ 23.509071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.509690] kasan_report+0x102/0x140 [ 23.510194] ? mempool_oob_right_helper+0x31a/0x380 [ 23.510612] ? mempool_oob_right_helper+0x31a/0x380 [ 23.511166] __asan_report_load1_noabort+0x18/0x20 [ 23.511553] mempool_oob_right_helper+0x31a/0x380 [ 23.512208] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 23.512886] ? finish_task_switch.isra.0+0x153/0x700 [ 23.513566] mempool_kmalloc_oob_right+0xb6/0x100 [ 23.514041] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 23.515434] ? __switch_to+0x5d9/0xf60 [ 23.516453] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.516870] ? __pfx_mempool_kfree+0x10/0x10 [ 23.517670] ? __pfx_read_tsc+0x10/0x10 [ 23.518172] ? ktime_get_ts64+0x84/0x230 [ 23.518889] kunit_try_run_case+0x1b3/0x490 [ 23.519235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.520891] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.521473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.522081] ? __kthread_parkme+0x82/0x160 [ 23.522906] ? preempt_count_sub+0x50/0x80 [ 23.523734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.524688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.525584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.526296] kthread+0x257/0x310 [ 23.526645] ? __pfx_kthread+0x10/0x10 [ 23.527448] ret_from_fork+0x41/0x80 [ 23.528289] ? __pfx_kthread+0x10/0x10 [ 23.528661] ret_from_fork_asm+0x1a/0x30 [ 23.529541] </TASK> [ 23.529992] [ 23.530153] Allocated by task 229: [ 23.530662] kasan_save_stack+0x3d/0x60 [ 23.530987] kasan_save_track+0x18/0x40 [ 23.531917] kasan_save_alloc_info+0x3b/0x50 [ 23.532459] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 23.533391] remove_element+0x11e/0x190 [ 23.533658] mempool_alloc_preallocated+0x4d/0x90 [ 23.533973] mempool_oob_right_helper+0x8b/0x380 [ 23.534810] mempool_kmalloc_oob_right+0xb6/0x100 [ 23.535813] kunit_try_run_case+0x1b3/0x490 [ 23.536406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.536877] kthread+0x257/0x310 [ 23.537473] ret_from_fork+0x41/0x80 [ 23.537955] ret_from_fork_asm+0x1a/0x30 [ 23.538572] [ 23.538766] The buggy address belongs to the object at ffff888101b61700 [ 23.538766] which belongs to the cache kmalloc-128 of size 128 [ 23.540106] The buggy address is located 0 bytes to the right of [ 23.540106] allocated 115-byte region [ffff888101b61700, ffff888101b61773) [ 23.542187] [ 23.542518] The buggy address belongs to the physical page: [ 23.543317] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b61 [ 23.544429] flags: 0x200000000000000(node=0|zone=2) [ 23.544925] page_type: f5(slab) [ 23.545950] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.546494] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 23.547638] page dumped because: kasan: bad access detected [ 23.548147] [ 23.548424] Memory state around the buggy address: [ 23.548943] ffff888101b61600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.549749] ffff888101b61680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.550441] >ffff888101b61700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.551322] ^ [ 23.551926] ffff888101b61780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.552863] ffff888101b61800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.553375] ================================================================== [ 23.607509] ================================================================== [ 23.608550] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 23.609115] Read of size 1 at addr ffff888102a2f2bb by task kunit_try_catch/233 [ 23.609750] [ 23.609936] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.610983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.611660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.612539] Call Trace: [ 23.612833] <TASK> [ 23.613044] dump_stack_lvl+0x73/0xb0 [ 23.613710] print_report+0xd1/0x640 [ 23.614408] ? __virt_addr_valid+0x1db/0x2d0 [ 23.614831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.615411] kasan_report+0x102/0x140 [ 23.615829] ? mempool_oob_right_helper+0x31a/0x380 [ 23.616378] ? mempool_oob_right_helper+0x31a/0x380 [ 23.616811] __asan_report_load1_noabort+0x18/0x20 [ 23.617479] mempool_oob_right_helper+0x31a/0x380 [ 23.618019] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 23.618702] ? finish_task_switch.isra.0+0x153/0x700 [ 23.619409] mempool_slab_oob_right+0xb1/0x100 [ 23.619952] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 23.620662] ? __switch_to+0x5d9/0xf60 [ 23.621019] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 23.621728] ? __pfx_mempool_free_slab+0x10/0x10 [ 23.622385] ? __pfx_read_tsc+0x10/0x10 [ 23.622817] ? ktime_get_ts64+0x84/0x230 [ 23.623111] kunit_try_run_case+0x1b3/0x490 [ 23.623818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.624245] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.624643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.625142] ? __kthread_parkme+0x82/0x160 [ 23.625679] ? preempt_count_sub+0x50/0x80 [ 23.626109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.626760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.627428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.628045] kthread+0x257/0x310 [ 23.628628] ? __pfx_kthread+0x10/0x10 [ 23.628989] ret_from_fork+0x41/0x80 [ 23.629459] ? __pfx_kthread+0x10/0x10 [ 23.629799] ret_from_fork_asm+0x1a/0x30 [ 23.630315] </TASK> [ 23.630571] [ 23.630751] Allocated by task 233: [ 23.630996] kasan_save_stack+0x3d/0x60 [ 23.631661] kasan_save_track+0x18/0x40 [ 23.631935] kasan_save_alloc_info+0x3b/0x50 [ 23.632629] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 23.633448] remove_element+0x11e/0x190 [ 23.633806] mempool_alloc_preallocated+0x4d/0x90 [ 23.634426] mempool_oob_right_helper+0x8b/0x380 [ 23.634831] mempool_slab_oob_right+0xb1/0x100 [ 23.635555] kunit_try_run_case+0x1b3/0x490 [ 23.635966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.636709] kthread+0x257/0x310 [ 23.637114] ret_from_fork+0x41/0x80 [ 23.637629] ret_from_fork_asm+0x1a/0x30 [ 23.638018] [ 23.638662] The buggy address belongs to the object at ffff888102a2f240 [ 23.638662] which belongs to the cache test_cache of size 123 [ 23.640035] The buggy address is located 0 bytes to the right of [ 23.640035] allocated 123-byte region [ffff888102a2f240, ffff888102a2f2bb) [ 23.641204] [ 23.641492] The buggy address belongs to the physical page: [ 23.642022] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2f [ 23.642653] flags: 0x200000000000000(node=0|zone=2) [ 23.642992] page_type: f5(slab) [ 23.643757] raw: 0200000000000000 ffff888102a2b140 dead000000000122 0000000000000000 [ 23.644534] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 23.645067] page dumped because: kasan: bad access detected [ 23.645439] [ 23.645587] Memory state around the buggy address: [ 23.646058] ffff888102a2f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.647035] ffff888102a2f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 23.648212] >ffff888102a2f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 23.649229] ^ [ 23.649858] ffff888102a2f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.650676] ffff888102a2f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.651485] ================================================================== [ 23.561707] ================================================================== [ 23.562753] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 23.563421] Read of size 1 at addr ffff888102bd2001 by task kunit_try_catch/231 [ 23.564005] [ 23.564254] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 23.565880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.566523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.567562] Call Trace: [ 23.567828] <TASK> [ 23.568062] dump_stack_lvl+0x73/0xb0 [ 23.568611] print_report+0xd1/0x640 [ 23.569013] ? __virt_addr_valid+0x1db/0x2d0 [ 23.569361] ? kasan_addr_to_slab+0x11/0xa0 [ 23.569851] kasan_report+0x102/0x140 [ 23.570264] ? mempool_oob_right_helper+0x31a/0x380 [ 23.571430] ? mempool_oob_right_helper+0x31a/0x380 [ 23.571865] __asan_report_load1_noabort+0x18/0x20 [ 23.572611] mempool_oob_right_helper+0x31a/0x380 [ 23.573034] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 23.573693] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 23.574631] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 23.575132] ? __switch_to+0x5d9/0xf60 [ 23.575734] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.576072] ? __pfx_mempool_kfree+0x10/0x10 [ 23.576738] ? __pfx_read_tsc+0x10/0x10 [ 23.577118] ? ktime_get_ts64+0x84/0x230 [ 23.577677] kunit_try_run_case+0x1b3/0x490 [ 23.578082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.578904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.579396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.579976] ? __kthread_parkme+0x82/0x160 [ 23.580625] ? preempt_count_sub+0x50/0x80 [ 23.580972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.581683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.582178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.582756] kthread+0x257/0x310 [ 23.583043] ? __pfx_kthread+0x10/0x10 [ 23.583967] ret_from_fork+0x41/0x80 [ 23.584533] ? __pfx_kthread+0x10/0x10 [ 23.584856] ret_from_fork_asm+0x1a/0x30 [ 23.585493] </TASK> [ 23.585821] [ 23.586006] The buggy address belongs to the physical page: [ 23.586674] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd0 [ 23.587776] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.588692] flags: 0x200000000000040(head|node=0|zone=2) [ 23.589078] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.589855] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.590613] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.591391] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.592003] head: 0200000000000002 ffffea00040af401 ffffffffffffffff 0000000000000000 [ 23.592991] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.593770] page dumped because: kasan: bad access detected [ 23.594442] [ 23.594679] Memory state around the buggy address: [ 23.595048] ffff888102bd1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.595792] ffff888102bd1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.596701] >ffff888102bd2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.597289] ^ [ 23.597695] ffff888102bd2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.598507] ffff888102bd2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.599077] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 22.881394] ================================================================== [ 22.882168] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 22.883220] Read of size 1 at addr ffff888101af9a00 by task kunit_try_catch/223 [ 22.884387] [ 22.884841] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.886707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.887145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.888161] Call Trace: [ 22.888473] <TASK> [ 22.888727] dump_stack_lvl+0x73/0xb0 [ 22.889227] print_report+0xd1/0x640 [ 22.889637] ? __virt_addr_valid+0x1db/0x2d0 [ 22.890502] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.891109] kasan_report+0x102/0x140 [ 22.891515] ? kmem_cache_double_destroy+0x1bd/0x380 [ 22.891959] ? kmem_cache_double_destroy+0x1bd/0x380 [ 22.892895] ? kmem_cache_double_destroy+0x1bd/0x380 [ 22.893729] __kasan_check_byte+0x3d/0x50 [ 22.894181] kmem_cache_destroy+0x25/0x1d0 [ 22.894636] kmem_cache_double_destroy+0x1bd/0x380 [ 22.895303] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 22.895846] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 22.896251] ? __pfx_empty_cache_ctor+0x10/0x10 [ 22.897072] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 22.897705] kunit_try_run_case+0x1b3/0x490 [ 22.898258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.898753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.899984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.900575] ? __kthread_parkme+0x82/0x160 [ 22.900917] ? preempt_count_sub+0x50/0x80 [ 22.901385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.901953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.902474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.903237] kthread+0x257/0x310 [ 22.903531] ? __pfx_kthread+0x10/0x10 [ 22.903983] ret_from_fork+0x41/0x80 [ 22.904373] ? __pfx_kthread+0x10/0x10 [ 22.904716] ret_from_fork_asm+0x1a/0x30 [ 22.905883] </TASK> [ 22.906163] [ 22.906331] Allocated by task 223: [ 22.906791] kasan_save_stack+0x3d/0x60 [ 22.907425] kasan_save_track+0x18/0x40 [ 22.907829] kasan_save_alloc_info+0x3b/0x50 [ 22.908391] __kasan_slab_alloc+0x91/0xa0 [ 22.908854] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.909219] __kmem_cache_create_args+0x177/0x250 [ 22.910597] kmem_cache_double_destroy+0xd3/0x380 [ 22.910895] kunit_try_run_case+0x1b3/0x490 [ 22.911577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.912618] kthread+0x257/0x310 [ 22.913387] ret_from_fork+0x41/0x80 [ 22.913667] ret_from_fork_asm+0x1a/0x30 [ 22.914123] [ 22.914368] Freed by task 223: [ 22.915021] kasan_save_stack+0x3d/0x60 [ 22.915867] kasan_save_track+0x18/0x40 [ 22.916507] kasan_save_free_info+0x3f/0x60 [ 22.916815] __kasan_slab_free+0x56/0x70 [ 22.917065] kmem_cache_free+0x120/0x420 [ 22.917603] slab_kmem_cache_release+0x2e/0x40 [ 22.918093] kmem_cache_release+0x16/0x20 [ 22.918964] kobject_put+0x181/0x450 [ 22.919425] sysfs_slab_release+0x16/0x20 [ 22.919902] kmem_cache_destroy+0xf0/0x1d0 [ 22.921416] kmem_cache_double_destroy+0x14c/0x380 [ 22.921858] kunit_try_run_case+0x1b3/0x490 [ 22.922531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.923006] kthread+0x257/0x310 [ 22.923977] ret_from_fork+0x41/0x80 [ 22.924538] ret_from_fork_asm+0x1a/0x30 [ 22.924896] [ 22.925126] The buggy address belongs to the object at ffff888101af9a00 [ 22.925126] which belongs to the cache kmem_cache of size 208 [ 22.926390] The buggy address is located 0 bytes inside of [ 22.926390] freed 208-byte region [ffff888101af9a00, ffff888101af9ad0) [ 22.927316] [ 22.928088] The buggy address belongs to the physical page: [ 22.928764] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af9 [ 22.929468] flags: 0x200000000000000(node=0|zone=2) [ 22.929861] page_type: f5(slab) [ 22.930413] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 22.931186] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 22.932473] page dumped because: kasan: bad access detected [ 22.933038] [ 22.933563] Memory state around the buggy address: [ 22.933886] ffff888101af9900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.934680] ffff888101af9980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.935634] >ffff888101af9a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.936162] ^ [ 22.936424] ffff888101af9a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 22.937320] ffff888101af9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.938059] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 22.797590] ================================================================== [ 22.798564] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 22.799659] Read of size 1 at addr ffff888102a27000 by task kunit_try_catch/221 [ 22.801314] [ 22.801579] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.802524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.802953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.803749] Call Trace: [ 22.804205] <TASK> [ 22.804576] dump_stack_lvl+0x73/0xb0 [ 22.805357] print_report+0xd1/0x640 [ 22.806003] ? __virt_addr_valid+0x1db/0x2d0 [ 22.806775] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.807440] kasan_report+0x102/0x140 [ 22.807819] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 22.808571] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 22.809053] __asan_report_load1_noabort+0x18/0x20 [ 22.809911] kmem_cache_rcu_uaf+0x3e5/0x510 [ 22.810370] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 22.810912] ? finish_task_switch.isra.0+0x153/0x700 [ 22.811433] ? __switch_to+0x5d9/0xf60 [ 22.811947] ? __pfx_read_tsc+0x10/0x10 [ 22.812626] ? ktime_get_ts64+0x84/0x230 [ 22.813049] kunit_try_run_case+0x1b3/0x490 [ 22.813855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.814502] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.815229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.816183] ? __kthread_parkme+0x82/0x160 [ 22.816899] ? preempt_count_sub+0x50/0x80 [ 22.817458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.818402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.818992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.819832] kthread+0x257/0x310 [ 22.820189] ? __pfx_kthread+0x10/0x10 [ 22.820541] ret_from_fork+0x41/0x80 [ 22.820894] ? __pfx_kthread+0x10/0x10 [ 22.821219] ret_from_fork_asm+0x1a/0x30 [ 22.821760] </TASK> [ 22.822061] [ 22.822281] Allocated by task 221: [ 22.822679] kasan_save_stack+0x3d/0x60 [ 22.823215] kasan_save_track+0x18/0x40 [ 22.823518] kasan_save_alloc_info+0x3b/0x50 [ 22.824008] __kasan_slab_alloc+0x91/0xa0 [ 22.824387] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.824893] kmem_cache_rcu_uaf+0x156/0x510 [ 22.825413] kunit_try_run_case+0x1b3/0x490 [ 22.825720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.826261] kthread+0x257/0x310 [ 22.826706] ret_from_fork+0x41/0x80 [ 22.827201] ret_from_fork_asm+0x1a/0x30 [ 22.827697] [ 22.827890] Freed by task 0: [ 22.828150] kasan_save_stack+0x3d/0x60 [ 22.828525] kasan_save_track+0x18/0x40 [ 22.828982] kasan_save_free_info+0x3f/0x60 [ 22.829555] __kasan_slab_free+0x56/0x70 [ 22.829933] slab_free_after_rcu_debug+0xe4/0x310 [ 22.830262] rcu_core+0x680/0x1d70 [ 22.830687] rcu_core_si+0x12/0x20 [ 22.831117] handle_softirqs+0x209/0x720 [ 22.831653] __irq_exit_rcu+0xc9/0x110 [ 22.832006] irq_exit_rcu+0x12/0x20 [ 22.832316] sysvec_apic_timer_interrupt+0x81/0x90 [ 22.832869] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 22.833493] [ 22.833659] Last potentially related work creation: [ 22.834241] kasan_save_stack+0x3d/0x60 [ 22.834652] __kasan_record_aux_stack+0xae/0xc0 [ 22.835166] kasan_record_aux_stack_noalloc+0xf/0x20 [ 22.835688] kmem_cache_free+0x284/0x420 [ 22.835962] kmem_cache_rcu_uaf+0x195/0x510 [ 22.836314] kunit_try_run_case+0x1b3/0x490 [ 22.836812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.837518] kthread+0x257/0x310 [ 22.837939] ret_from_fork+0x41/0x80 [ 22.838323] ret_from_fork_asm+0x1a/0x30 [ 22.838624] [ 22.838774] The buggy address belongs to the object at ffff888102a27000 [ 22.838774] which belongs to the cache test_cache of size 200 [ 22.839936] The buggy address is located 0 bytes inside of [ 22.839936] freed 200-byte region [ffff888102a27000, ffff888102a270c8) [ 22.841174] [ 22.841389] The buggy address belongs to the physical page: [ 22.841736] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a27 [ 22.842665] flags: 0x200000000000000(node=0|zone=2) [ 22.843204] page_type: f5(slab) [ 22.843473] raw: 0200000000000000 ffff888101653c80 dead000000000122 0000000000000000 [ 22.844272] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 22.844995] page dumped because: kasan: bad access detected [ 22.845605] [ 22.845781] Memory state around the buggy address: [ 22.846276] ffff888102a26f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.846966] ffff888102a26f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.847505] >ffff888102a27000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.847983] ^ [ 22.848456] ffff888102a27080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 22.849060] ffff888102a27100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.849788] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 22.689460] ================================================================== [ 22.690355] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 22.691066] Free of addr ffff888102a25001 by task kunit_try_catch/219 [ 22.691596] [ 22.691778] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.692785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.693598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.694256] Call Trace: [ 22.694524] <TASK> [ 22.694769] dump_stack_lvl+0x73/0xb0 [ 22.695120] print_report+0xd1/0x640 [ 22.695493] ? __virt_addr_valid+0x1db/0x2d0 [ 22.695809] ? kmem_cache_invalid_free+0x1d9/0x470 [ 22.696524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.697654] ? kmem_cache_invalid_free+0x1d9/0x470 [ 22.698427] kasan_report_invalid_free+0xc0/0xf0 [ 22.699128] ? kmem_cache_invalid_free+0x1d9/0x470 [ 22.699837] ? kmem_cache_invalid_free+0x1d9/0x470 [ 22.700617] check_slab_allocation+0x11f/0x130 [ 22.701117] __kasan_slab_pre_free+0x28/0x40 [ 22.701913] kmem_cache_free+0xee/0x420 [ 22.702870] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.703331] ? kmem_cache_invalid_free+0x1d9/0x470 [ 22.704002] kmem_cache_invalid_free+0x1d9/0x470 [ 22.704535] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 22.705300] ? finish_task_switch.isra.0+0x153/0x700 [ 22.705916] ? __switch_to+0x5d9/0xf60 [ 22.706467] ? __pfx_read_tsc+0x10/0x10 [ 22.707005] ? ktime_get_ts64+0x84/0x230 [ 22.707700] kunit_try_run_case+0x1b3/0x490 [ 22.708170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.708709] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.709215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.709796] ? __kthread_parkme+0x82/0x160 [ 22.710771] ? preempt_count_sub+0x50/0x80 [ 22.711070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.711922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.712550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.713177] kthread+0x257/0x310 [ 22.713514] ? __pfx_kthread+0x10/0x10 [ 22.714012] ret_from_fork+0x41/0x80 [ 22.714398] ? __pfx_kthread+0x10/0x10 [ 22.715389] ret_from_fork_asm+0x1a/0x30 [ 22.716003] </TASK> [ 22.716456] [ 22.716683] Allocated by task 219: [ 22.717091] kasan_save_stack+0x3d/0x60 [ 22.717590] kasan_save_track+0x18/0x40 [ 22.717989] kasan_save_alloc_info+0x3b/0x50 [ 22.718416] __kasan_slab_alloc+0x91/0xa0 [ 22.718886] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.719454] kmem_cache_invalid_free+0x158/0x470 [ 22.719939] kunit_try_run_case+0x1b3/0x490 [ 22.720437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.720843] kthread+0x257/0x310 [ 22.721244] ret_from_fork+0x41/0x80 [ 22.721644] ret_from_fork_asm+0x1a/0x30 [ 22.722215] [ 22.722472] The buggy address belongs to the object at ffff888102a25000 [ 22.722472] which belongs to the cache test_cache of size 200 [ 22.723378] The buggy address is located 1 bytes inside of [ 22.723378] 200-byte region [ffff888102a25000, ffff888102a250c8) [ 22.724466] [ 22.724742] The buggy address belongs to the physical page: [ 22.725372] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a25 [ 22.726144] flags: 0x200000000000000(node=0|zone=2) [ 22.726649] page_type: f5(slab) [ 22.727023] raw: 0200000000000000 ffff888101653b40 dead000000000122 0000000000000000 [ 22.727782] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 22.728507] page dumped because: kasan: bad access detected [ 22.728993] [ 22.729251] Memory state around the buggy address: [ 22.729715] ffff888102a24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.730519] ffff888102a24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.731181] >ffff888102a25000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.731886] ^ [ 22.732313] ffff888102a25080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 22.733050] ffff888102a25100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.733790] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 22.613513] ================================================================== [ 22.614682] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 22.616041] Free of addr ffff888102a23000 by task kunit_try_catch/217 [ 22.616754] [ 22.616972] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.618825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.619615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.620521] Call Trace: [ 22.620744] <TASK> [ 22.621721] dump_stack_lvl+0x73/0xb0 [ 22.622445] print_report+0xd1/0x640 [ 22.622914] ? __virt_addr_valid+0x1db/0x2d0 [ 22.623845] ? kmem_cache_double_free+0x1e6/0x490 [ 22.624218] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.625057] ? kmem_cache_double_free+0x1e6/0x490 [ 22.626120] kasan_report_invalid_free+0xc0/0xf0 [ 22.626768] ? kmem_cache_double_free+0x1e6/0x490 [ 22.627489] ? kmem_cache_double_free+0x1e6/0x490 [ 22.628000] check_slab_allocation+0x101/0x130 [ 22.628599] __kasan_slab_pre_free+0x28/0x40 [ 22.628959] kmem_cache_free+0xee/0x420 [ 22.629508] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.630057] ? kmem_cache_double_free+0x1e6/0x490 [ 22.631012] kmem_cache_double_free+0x1e6/0x490 [ 22.631798] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 22.632602] ? finish_task_switch.isra.0+0x153/0x700 [ 22.633164] ? __switch_to+0x5d9/0xf60 [ 22.633965] ? __pfx_read_tsc+0x10/0x10 [ 22.634590] ? ktime_get_ts64+0x84/0x230 [ 22.635019] kunit_try_run_case+0x1b3/0x490 [ 22.635834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.636580] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.637036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.637678] ? __kthread_parkme+0x82/0x160 [ 22.638180] ? preempt_count_sub+0x50/0x80 [ 22.638870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.639654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.640207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.640961] kthread+0x257/0x310 [ 22.641408] ? __pfx_kthread+0x10/0x10 [ 22.642060] ret_from_fork+0x41/0x80 [ 22.642813] ? __pfx_kthread+0x10/0x10 [ 22.643423] ret_from_fork_asm+0x1a/0x30 [ 22.644050] </TASK> [ 22.644381] [ 22.644680] Allocated by task 217: [ 22.645518] kasan_save_stack+0x3d/0x60 [ 22.646085] kasan_save_track+0x18/0x40 [ 22.646639] kasan_save_alloc_info+0x3b/0x50 [ 22.648002] __kasan_slab_alloc+0x91/0xa0 [ 22.648600] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.649122] kmem_cache_double_free+0x150/0x490 [ 22.649730] kunit_try_run_case+0x1b3/0x490 [ 22.650635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.651157] kthread+0x257/0x310 [ 22.651835] ret_from_fork+0x41/0x80 [ 22.652142] ret_from_fork_asm+0x1a/0x30 [ 22.652823] [ 22.653365] Freed by task 217: [ 22.653905] kasan_save_stack+0x3d/0x60 [ 22.654263] kasan_save_track+0x18/0x40 [ 22.654708] kasan_save_free_info+0x3f/0x60 [ 22.655099] __kasan_slab_free+0x56/0x70 [ 22.655979] kmem_cache_free+0x120/0x420 [ 22.656537] kmem_cache_double_free+0x16b/0x490 [ 22.656994] kunit_try_run_case+0x1b3/0x490 [ 22.657585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.658587] kthread+0x257/0x310 [ 22.658821] ret_from_fork+0x41/0x80 [ 22.659442] ret_from_fork_asm+0x1a/0x30 [ 22.660579] [ 22.660783] The buggy address belongs to the object at ffff888102a23000 [ 22.660783] which belongs to the cache test_cache of size 200 [ 22.662566] The buggy address is located 0 bytes inside of [ 22.662566] 200-byte region [ffff888102a23000, ffff888102a230c8) [ 22.663844] [ 22.664158] The buggy address belongs to the physical page: [ 22.664544] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a23 [ 22.665222] flags: 0x200000000000000(node=0|zone=2) [ 22.666467] page_type: f5(slab) [ 22.666995] raw: 0200000000000000 ffff888101653a00 dead000000000122 0000000000000000 [ 22.668026] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 22.668673] page dumped because: kasan: bad access detected [ 22.669160] [ 22.669767] Memory state around the buggy address: [ 22.670436] ffff888102a22f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.671393] ffff888102a22f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.671992] >ffff888102a23000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.672863] ^ [ 22.673329] ffff888102a23080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 22.674091] ffff888102a23100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.674682] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 22.548796] ================================================================== [ 22.549816] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 22.550331] Read of size 1 at addr ffff888101b5e0c8 by task kunit_try_catch/215 [ 22.551098] [ 22.551329] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.552199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.552522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.553302] Call Trace: [ 22.553773] <TASK> [ 22.554029] dump_stack_lvl+0x73/0xb0 [ 22.554552] print_report+0xd1/0x640 [ 22.554896] ? __virt_addr_valid+0x1db/0x2d0 [ 22.556493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.556981] kasan_report+0x102/0x140 [ 22.557359] ? kmem_cache_oob+0x404/0x530 [ 22.557736] ? kmem_cache_oob+0x404/0x530 [ 22.558199] __asan_report_load1_noabort+0x18/0x20 [ 22.558845] kmem_cache_oob+0x404/0x530 [ 22.559943] ? trace_hardirqs_on+0x37/0xe0 [ 22.560278] ? __pfx_kmem_cache_oob+0x10/0x10 [ 22.560729] ? finish_task_switch.isra.0+0x153/0x700 [ 22.561216] ? __switch_to+0x5d9/0xf60 [ 22.561694] ? __pfx_read_tsc+0x10/0x10 [ 22.562066] ? ktime_get_ts64+0x84/0x230 [ 22.562504] kunit_try_run_case+0x1b3/0x490 [ 22.563314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.563752] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.564164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.564572] ? __kthread_parkme+0x82/0x160 [ 22.565004] ? preempt_count_sub+0x50/0x80 [ 22.565634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.565994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.566717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.567156] kthread+0x257/0x310 [ 22.567725] ? __pfx_kthread+0x10/0x10 [ 22.568260] ret_from_fork+0x41/0x80 [ 22.568661] ? __pfx_kthread+0x10/0x10 [ 22.568954] ret_from_fork_asm+0x1a/0x30 [ 22.569270] </TASK> [ 22.569614] [ 22.569852] Allocated by task 215: [ 22.570273] kasan_save_stack+0x3d/0x60 [ 22.571244] kasan_save_track+0x18/0x40 [ 22.571991] kasan_save_alloc_info+0x3b/0x50 [ 22.572308] __kasan_slab_alloc+0x91/0xa0 [ 22.572612] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 22.573243] kmem_cache_oob+0x158/0x530 [ 22.573757] kunit_try_run_case+0x1b3/0x490 [ 22.574233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.574649] kthread+0x257/0x310 [ 22.575153] ret_from_fork+0x41/0x80 [ 22.575678] ret_from_fork_asm+0x1a/0x30 [ 22.576067] [ 22.577044] The buggy address belongs to the object at ffff888101b5e000 [ 22.577044] which belongs to the cache test_cache of size 200 [ 22.579246] The buggy address is located 0 bytes to the right of [ 22.579246] allocated 200-byte region [ffff888101b5e000, ffff888101b5e0c8) [ 22.580447] [ 22.580699] The buggy address belongs to the physical page: [ 22.581164] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5e [ 22.582414] flags: 0x200000000000000(node=0|zone=2) [ 22.583064] page_type: f5(slab) [ 22.583679] raw: 0200000000000000 ffff888101af98c0 dead000000000122 0000000000000000 [ 22.584284] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 22.585651] page dumped because: kasan: bad access detected [ 22.586242] [ 22.586575] Memory state around the buggy address: [ 22.587267] ffff888101b5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.588102] ffff888101b5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.588966] >ffff888101b5e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 22.590526] ^ [ 22.591118] ffff888101b5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.592088] ffff888101b5e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.592790] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 22.477462] ================================================================== [ 22.478760] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 22.479469] Read of size 8 at addr ffff888101b55c80 by task kunit_try_catch/208 [ 22.480013] [ 22.480460] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.481812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.482493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.483435] Call Trace: [ 22.483786] <TASK> [ 22.484414] dump_stack_lvl+0x73/0xb0 [ 22.485019] print_report+0xd1/0x640 [ 22.485697] ? __virt_addr_valid+0x1db/0x2d0 [ 22.486231] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.486762] kasan_report+0x102/0x140 [ 22.487188] ? workqueue_uaf+0x4d8/0x560 [ 22.487621] ? workqueue_uaf+0x4d8/0x560 [ 22.488103] __asan_report_load8_noabort+0x18/0x20 [ 22.488453] workqueue_uaf+0x4d8/0x560 [ 22.489137] ? __pfx_workqueue_uaf+0x10/0x10 [ 22.490025] ? __schedule+0xc3e/0x2790 [ 22.490515] ? __pfx_read_tsc+0x10/0x10 [ 22.490816] ? ktime_get_ts64+0x84/0x230 [ 22.491106] kunit_try_run_case+0x1b3/0x490 [ 22.491656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.492197] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.492764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.493131] ? __kthread_parkme+0x82/0x160 [ 22.494214] ? preempt_count_sub+0x50/0x80 [ 22.495147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.495805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.496709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.497497] kthread+0x257/0x310 [ 22.497918] ? __pfx_kthread+0x10/0x10 [ 22.498414] ret_from_fork+0x41/0x80 [ 22.498771] ? __pfx_kthread+0x10/0x10 [ 22.499630] ret_from_fork_asm+0x1a/0x30 [ 22.500272] </TASK> [ 22.500547] [ 22.500796] Allocated by task 208: [ 22.501063] kasan_save_stack+0x3d/0x60 [ 22.502118] kasan_save_track+0x18/0x40 [ 22.502494] kasan_save_alloc_info+0x3b/0x50 [ 22.502853] __kasan_kmalloc+0xb7/0xc0 [ 22.503264] __kmalloc_cache_noprof+0x184/0x410 [ 22.503761] workqueue_uaf+0x153/0x560 [ 22.504353] kunit_try_run_case+0x1b3/0x490 [ 22.504826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.505565] kthread+0x257/0x310 [ 22.505975] ret_from_fork+0x41/0x80 [ 22.506523] ret_from_fork_asm+0x1a/0x30 [ 22.506952] [ 22.507785] Freed by task 71: [ 22.508044] kasan_save_stack+0x3d/0x60 [ 22.508431] kasan_save_track+0x18/0x40 [ 22.508908] kasan_save_free_info+0x3f/0x60 [ 22.509573] __kasan_slab_free+0x56/0x70 [ 22.509906] kfree+0x123/0x3f0 [ 22.510463] workqueue_uaf_work+0x12/0x20 [ 22.510882] process_one_work+0x5ee/0xf60 [ 22.511353] worker_thread+0x720/0x1300 [ 22.511631] kthread+0x257/0x310 [ 22.512052] ret_from_fork+0x41/0x80 [ 22.512536] ret_from_fork_asm+0x1a/0x30 [ 22.513007] [ 22.513774] Last potentially related work creation: [ 22.514117] kasan_save_stack+0x3d/0x60 [ 22.514704] __kasan_record_aux_stack+0xae/0xc0 [ 22.515320] kasan_record_aux_stack_noalloc+0xf/0x20 [ 22.515757] __queue_work+0x67e/0xf70 [ 22.516020] queue_work_on+0x74/0xa0 [ 22.516569] workqueue_uaf+0x26e/0x560 [ 22.517048] kunit_try_run_case+0x1b3/0x490 [ 22.517693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.518046] kthread+0x257/0x310 [ 22.518808] ret_from_fork+0x41/0x80 [ 22.519261] ret_from_fork_asm+0x1a/0x30 [ 22.519867] [ 22.520138] The buggy address belongs to the object at ffff888101b55c80 [ 22.520138] which belongs to the cache kmalloc-32 of size 32 [ 22.521363] The buggy address is located 0 bytes inside of [ 22.521363] freed 32-byte region [ffff888101b55c80, ffff888101b55ca0) [ 22.522393] [ 22.522550] The buggy address belongs to the physical page: [ 22.522874] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b55 [ 22.523764] flags: 0x200000000000000(node=0|zone=2) [ 22.524480] page_type: f5(slab) [ 22.524761] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.525917] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 22.526856] page dumped because: kasan: bad access detected [ 22.527506] [ 22.527729] Memory state around the buggy address: [ 22.528228] ffff888101b55b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.528749] ffff888101b55c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.529586] >ffff888101b55c80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 22.530147] ^ [ 22.531000] ffff888101b55d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.532014] ffff888101b55d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.532694] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 22.408481] ================================================================== [ 22.409274] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 22.410378] Read of size 4 at addr ffff888101b55bc0 by task swapper/1/0 [ 22.411062] [ 22.411245] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.12.0-next-20241128 #1 [ 22.412159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.412522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.413237] Call Trace: [ 22.413661] <IRQ> [ 22.413965] dump_stack_lvl+0x73/0xb0 [ 22.414448] print_report+0xd1/0x640 [ 22.414816] ? __virt_addr_valid+0x1db/0x2d0 [ 22.415257] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.415672] kasan_report+0x102/0x140 [ 22.415949] ? rcu_uaf_reclaim+0x50/0x60 [ 22.416514] ? rcu_uaf_reclaim+0x50/0x60 [ 22.417203] __asan_report_load4_noabort+0x18/0x20 [ 22.417734] rcu_uaf_reclaim+0x50/0x60 [ 22.418303] rcu_core+0x680/0x1d70 [ 22.418637] ? __pfx_rcu_core+0x10/0x10 [ 22.418981] ? ktime_get+0x69/0x150 [ 22.419613] ? handle_softirqs+0x18e/0x720 [ 22.420135] rcu_core_si+0x12/0x20 [ 22.420574] handle_softirqs+0x209/0x720 [ 22.421019] ? hrtimer_interrupt+0x2fe/0x780 [ 22.422490] ? __pfx_handle_softirqs+0x10/0x10 [ 22.422836] __irq_exit_rcu+0xc9/0x110 [ 22.423393] irq_exit_rcu+0x12/0x20 [ 22.424063] sysvec_apic_timer_interrupt+0x81/0x90 [ 22.424665] </IRQ> [ 22.425167] <TASK> [ 22.425466] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 22.426427] RIP: 0010:default_idle+0xf/0x20 [ 22.427047] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d f3 e5 34 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 22.428785] RSP: 0000:ffff888100877de0 EFLAGS: 00010212 [ 22.429160] RAX: ffff88815b100000 RBX: ffff888100845000 RCX: ffffffff92d0c345 [ 22.429785] RDX: ffffed102b626b23 RSI: 0000000000000004 RDI: 0000000000028cec [ 22.430459] RBP: ffff888100877de8 R08: 0000000000000001 R09: ffffed102b626b22 [ 22.430942] R10: ffff88815b135913 R11: 0000000000000000 R12: 0000000000000001 [ 22.431773] R13: ffffed1020108a00 R14: ffffffff94b73090 R15: 0000000000000000 [ 22.432636] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 22.433083] ? arch_cpu_idle+0xd/0x20 [ 22.433612] default_idle_call+0x48/0x80 [ 22.433983] do_idle+0x310/0x3c0 [ 22.434466] ? __pfx_do_idle+0x10/0x10 [ 22.435058] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 22.435933] ? complete+0x15b/0x1d0 [ 22.436762] cpu_startup_entry+0x5c/0x70 [ 22.437391] start_secondary+0x216/0x290 [ 22.438035] ? __pfx_start_secondary+0x10/0x10 [ 22.438623] common_startup_64+0x12c/0x138 [ 22.438991] </TASK> [ 22.439404] [ 22.439709] Allocated by task 206: [ 22.440267] kasan_save_stack+0x3d/0x60 [ 22.440868] kasan_save_track+0x18/0x40 [ 22.441503] kasan_save_alloc_info+0x3b/0x50 [ 22.442099] __kasan_kmalloc+0xb7/0xc0 [ 22.442482] __kmalloc_cache_noprof+0x184/0x410 [ 22.442784] rcu_uaf+0xb1/0x330 [ 22.443297] kunit_try_run_case+0x1b3/0x490 [ 22.443697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.444040] kthread+0x257/0x310 [ 22.444420] ret_from_fork+0x41/0x80 [ 22.444876] ret_from_fork_asm+0x1a/0x30 [ 22.445274] [ 22.445511] Freed by task 0: [ 22.445828] kasan_save_stack+0x3d/0x60 [ 22.446250] kasan_save_track+0x18/0x40 [ 22.446681] kasan_save_free_info+0x3f/0x60 [ 22.447025] __kasan_slab_free+0x56/0x70 [ 22.447467] kfree+0x123/0x3f0 [ 22.447670] rcu_uaf_reclaim+0x1f/0x60 [ 22.448039] rcu_core+0x680/0x1d70 [ 22.448454] rcu_core_si+0x12/0x20 [ 22.448814] handle_softirqs+0x209/0x720 [ 22.449309] __irq_exit_rcu+0xc9/0x110 [ 22.449681] irq_exit_rcu+0x12/0x20 [ 22.450066] sysvec_apic_timer_interrupt+0x81/0x90 [ 22.450567] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 22.450938] [ 22.451188] Last potentially related work creation: [ 22.451703] kasan_save_stack+0x3d/0x60 [ 22.452230] __kasan_record_aux_stack+0xae/0xc0 [ 22.452643] kasan_record_aux_stack_noalloc+0xf/0x20 [ 22.452968] __call_rcu_common.constprop.0+0x72/0xaa0 [ 22.453594] call_rcu+0x12/0x20 [ 22.454001] rcu_uaf+0x169/0x330 [ 22.454485] kunit_try_run_case+0x1b3/0x490 [ 22.454822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.455289] kthread+0x257/0x310 [ 22.455555] ret_from_fork+0x41/0x80 [ 22.456031] ret_from_fork_asm+0x1a/0x30 [ 22.456570] [ 22.456849] The buggy address belongs to the object at ffff888101b55bc0 [ 22.456849] which belongs to the cache kmalloc-32 of size 32 [ 22.457787] The buggy address is located 0 bytes inside of [ 22.457787] freed 32-byte region [ffff888101b55bc0, ffff888101b55be0) [ 22.458925] [ 22.459188] The buggy address belongs to the physical page: [ 22.459563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b55 [ 22.460289] flags: 0x200000000000000(node=0|zone=2) [ 22.460736] page_type: f5(slab) [ 22.461047] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.461838] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 22.462417] page dumped because: kasan: bad access detected [ 22.462923] [ 22.463211] Memory state around the buggy address: [ 22.463739] ffff888101b55a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.464376] ffff888101b55b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.464929] >ffff888101b55b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.465406] ^ [ 22.465969] ffff888101b55c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.466662] ffff888101b55c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.467254] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 22.238852] ================================================================== [ 22.240277] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 22.240911] Read of size 1 at addr ffff888102a1dd00 by task kunit_try_catch/204 [ 22.242181] [ 22.242830] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.244038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.244607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.245615] Call Trace: [ 22.245803] <TASK> [ 22.246119] dump_stack_lvl+0x73/0xb0 [ 22.246801] print_report+0xd1/0x640 [ 22.247415] ? __virt_addr_valid+0x1db/0x2d0 [ 22.247861] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.248744] kasan_report+0x102/0x140 [ 22.249121] ? ksize_uaf+0x19e/0x6c0 [ 22.249772] ? ksize_uaf+0x19e/0x6c0 [ 22.250154] ? ksize_uaf+0x19e/0x6c0 [ 22.251007] __kasan_check_byte+0x3d/0x50 [ 22.251460] ksize+0x20/0x60 [ 22.251869] ksize_uaf+0x19e/0x6c0 [ 22.252396] ? __pfx_ksize_uaf+0x10/0x10 [ 22.252923] ? __schedule+0xc3e/0x2790 [ 22.253483] ? __pfx_read_tsc+0x10/0x10 [ 22.253965] ? ktime_get_ts64+0x84/0x230 [ 22.254314] kunit_try_run_case+0x1b3/0x490 [ 22.255114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.255806] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.256280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.257034] ? __kthread_parkme+0x82/0x160 [ 22.257385] ? preempt_count_sub+0x50/0x80 [ 22.258469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.258849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.259444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.260571] kthread+0x257/0x310 [ 22.260924] ? __pfx_kthread+0x10/0x10 [ 22.262007] ret_from_fork+0x41/0x80 [ 22.262572] ? __pfx_kthread+0x10/0x10 [ 22.263801] ret_from_fork_asm+0x1a/0x30 [ 22.264764] </TASK> [ 22.264989] [ 22.265202] Allocated by task 204: [ 22.265909] kasan_save_stack+0x3d/0x60 [ 22.266821] kasan_save_track+0x18/0x40 [ 22.267375] kasan_save_alloc_info+0x3b/0x50 [ 22.267877] __kasan_kmalloc+0xb7/0xc0 [ 22.268481] __kmalloc_cache_noprof+0x184/0x410 [ 22.268966] ksize_uaf+0xab/0x6c0 [ 22.269610] kunit_try_run_case+0x1b3/0x490 [ 22.269825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.270047] kthread+0x257/0x310 [ 22.270781] ret_from_fork+0x41/0x80 [ 22.271790] ret_from_fork_asm+0x1a/0x30 [ 22.272434] [ 22.272754] Freed by task 204: [ 22.272981] kasan_save_stack+0x3d/0x60 [ 22.273659] kasan_save_track+0x18/0x40 [ 22.274397] kasan_save_free_info+0x3f/0x60 [ 22.274888] __kasan_slab_free+0x56/0x70 [ 22.275739] kfree+0x123/0x3f0 [ 22.276412] ksize_uaf+0x12d/0x6c0 [ 22.276789] kunit_try_run_case+0x1b3/0x490 [ 22.277300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.278001] kthread+0x257/0x310 [ 22.278514] ret_from_fork+0x41/0x80 [ 22.278964] ret_from_fork_asm+0x1a/0x30 [ 22.279658] [ 22.279920] The buggy address belongs to the object at ffff888102a1dd00 [ 22.279920] which belongs to the cache kmalloc-128 of size 128 [ 22.281718] The buggy address is located 0 bytes inside of [ 22.281718] freed 128-byte region [ffff888102a1dd00, ffff888102a1dd80) [ 22.283025] [ 22.283532] The buggy address belongs to the physical page: [ 22.284047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 22.284931] flags: 0x200000000000000(node=0|zone=2) [ 22.285621] page_type: f5(slab) [ 22.285939] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.287228] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.287875] page dumped because: kasan: bad access detected [ 22.288391] [ 22.288734] Memory state around the buggy address: [ 22.289308] ffff888102a1dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.290114] ffff888102a1dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.290984] >ffff888102a1dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.291842] ^ [ 22.292610] ffff888102a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.293105] ffff888102a1de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.294316] ================================================================== [ 22.296548] ================================================================== [ 22.297292] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 22.297965] Read of size 1 at addr ffff888102a1dd00 by task kunit_try_catch/204 [ 22.299461] [ 22.299668] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.300518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.300893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.301779] Call Trace: [ 22.302312] <TASK> [ 22.302649] dump_stack_lvl+0x73/0xb0 [ 22.303871] print_report+0xd1/0x640 [ 22.304187] ? __virt_addr_valid+0x1db/0x2d0 [ 22.304855] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.305654] kasan_report+0x102/0x140 [ 22.306468] ? ksize_uaf+0x600/0x6c0 [ 22.306989] ? ksize_uaf+0x600/0x6c0 [ 22.307269] __asan_report_load1_noabort+0x18/0x20 [ 22.308076] ksize_uaf+0x600/0x6c0 [ 22.308484] ? __pfx_ksize_uaf+0x10/0x10 [ 22.308895] ? __schedule+0xc3e/0x2790 [ 22.309296] ? __pfx_read_tsc+0x10/0x10 [ 22.310276] ? ktime_get_ts64+0x84/0x230 [ 22.310707] kunit_try_run_case+0x1b3/0x490 [ 22.311050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.311816] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.312134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.312618] ? __kthread_parkme+0x82/0x160 [ 22.313137] ? preempt_count_sub+0x50/0x80 [ 22.313755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.314248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.314874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.315563] kthread+0x257/0x310 [ 22.315990] ? __pfx_kthread+0x10/0x10 [ 22.316572] ret_from_fork+0x41/0x80 [ 22.317226] ? __pfx_kthread+0x10/0x10 [ 22.317908] ret_from_fork_asm+0x1a/0x30 [ 22.318533] </TASK> [ 22.318818] [ 22.319088] Allocated by task 204: [ 22.319383] kasan_save_stack+0x3d/0x60 [ 22.319936] kasan_save_track+0x18/0x40 [ 22.320539] kasan_save_alloc_info+0x3b/0x50 [ 22.320973] __kasan_kmalloc+0xb7/0xc0 [ 22.321437] __kmalloc_cache_noprof+0x184/0x410 [ 22.322106] ksize_uaf+0xab/0x6c0 [ 22.322603] kunit_try_run_case+0x1b3/0x490 [ 22.322932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.323940] kthread+0x257/0x310 [ 22.324648] ret_from_fork+0x41/0x80 [ 22.325124] ret_from_fork_asm+0x1a/0x30 [ 22.325575] [ 22.325752] Freed by task 204: [ 22.326020] kasan_save_stack+0x3d/0x60 [ 22.326624] kasan_save_track+0x18/0x40 [ 22.326982] kasan_save_free_info+0x3f/0x60 [ 22.327534] __kasan_slab_free+0x56/0x70 [ 22.328037] kfree+0x123/0x3f0 [ 22.328426] ksize_uaf+0x12d/0x6c0 [ 22.329388] kunit_try_run_case+0x1b3/0x490 [ 22.329699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.330869] kthread+0x257/0x310 [ 22.331636] ret_from_fork+0x41/0x80 [ 22.331901] ret_from_fork_asm+0x1a/0x30 [ 22.332443] [ 22.332657] The buggy address belongs to the object at ffff888102a1dd00 [ 22.332657] which belongs to the cache kmalloc-128 of size 128 [ 22.333829] The buggy address is located 0 bytes inside of [ 22.333829] freed 128-byte region [ffff888102a1dd00, ffff888102a1dd80) [ 22.335036] [ 22.335276] The buggy address belongs to the physical page: [ 22.335997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 22.337025] flags: 0x200000000000000(node=0|zone=2) [ 22.337355] page_type: f5(slab) [ 22.338001] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.338759] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.339767] page dumped because: kasan: bad access detected [ 22.340316] [ 22.340679] Memory state around the buggy address: [ 22.341148] ffff888102a1dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.341843] ffff888102a1dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.342796] >ffff888102a1dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.344101] ^ [ 22.344506] ffff888102a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.345321] ffff888102a1de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.345980] ================================================================== [ 22.348018] ================================================================== [ 22.349132] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 22.349878] Read of size 1 at addr ffff888102a1dd78 by task kunit_try_catch/204 [ 22.350599] [ 22.350810] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.351651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.352088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.352820] Call Trace: [ 22.353026] <TASK> [ 22.353451] dump_stack_lvl+0x73/0xb0 [ 22.354002] print_report+0xd1/0x640 [ 22.354699] ? __virt_addr_valid+0x1db/0x2d0 [ 22.355784] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.356582] kasan_report+0x102/0x140 [ 22.357255] ? ksize_uaf+0x5e6/0x6c0 [ 22.357556] ? ksize_uaf+0x5e6/0x6c0 [ 22.358368] __asan_report_load1_noabort+0x18/0x20 [ 22.358949] ksize_uaf+0x5e6/0x6c0 [ 22.359609] ? __pfx_ksize_uaf+0x10/0x10 [ 22.360027] ? __schedule+0xc3e/0x2790 [ 22.360773] ? __pfx_read_tsc+0x10/0x10 [ 22.361058] ? ktime_get_ts64+0x84/0x230 [ 22.361864] kunit_try_run_case+0x1b3/0x490 [ 22.362702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.363396] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.363781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.364316] ? __kthread_parkme+0x82/0x160 [ 22.365035] ? preempt_count_sub+0x50/0x80 [ 22.365471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.366325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.366880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.367361] kthread+0x257/0x310 [ 22.367679] ? __pfx_kthread+0x10/0x10 [ 22.368099] ret_from_fork+0x41/0x80 [ 22.368427] ? __pfx_kthread+0x10/0x10 [ 22.368883] ret_from_fork_asm+0x1a/0x30 [ 22.369317] </TASK> [ 22.369625] [ 22.369834] Allocated by task 204: [ 22.370365] kasan_save_stack+0x3d/0x60 [ 22.370729] kasan_save_track+0x18/0x40 [ 22.371015] kasan_save_alloc_info+0x3b/0x50 [ 22.371547] __kasan_kmalloc+0xb7/0xc0 [ 22.372059] __kmalloc_cache_noprof+0x184/0x410 [ 22.372638] ksize_uaf+0xab/0x6c0 [ 22.372893] kunit_try_run_case+0x1b3/0x490 [ 22.373419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.373775] kthread+0x257/0x310 [ 22.374020] ret_from_fork+0x41/0x80 [ 22.374628] ret_from_fork_asm+0x1a/0x30 [ 22.375150] [ 22.375897] Freed by task 204: [ 22.376319] kasan_save_stack+0x3d/0x60 [ 22.376650] kasan_save_track+0x18/0x40 [ 22.377115] kasan_save_free_info+0x3f/0x60 [ 22.377583] __kasan_slab_free+0x56/0x70 [ 22.377951] kfree+0x123/0x3f0 [ 22.378206] ksize_uaf+0x12d/0x6c0 [ 22.378486] kunit_try_run_case+0x1b3/0x490 [ 22.378878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.379712] kthread+0x257/0x310 [ 22.380456] ret_from_fork+0x41/0x80 [ 22.380737] ret_from_fork_asm+0x1a/0x30 [ 22.381310] [ 22.381516] The buggy address belongs to the object at ffff888102a1dd00 [ 22.381516] which belongs to the cache kmalloc-128 of size 128 [ 22.382478] The buggy address is located 120 bytes inside of [ 22.382478] freed 128-byte region [ffff888102a1dd00, ffff888102a1dd80) [ 22.383924] [ 22.384078] The buggy address belongs to the physical page: [ 22.384452] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 22.385315] flags: 0x200000000000000(node=0|zone=2) [ 22.385924] page_type: f5(slab) [ 22.386451] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.387029] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.387646] page dumped because: kasan: bad access detected [ 22.388064] [ 22.388270] Memory state around the buggy address: [ 22.390610] ffff888102a1dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.391153] ffff888102a1dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.391719] >ffff888102a1dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.392473] ^ [ 22.393573] ffff888102a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.394123] ffff888102a1de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.394922] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 22.183627] ================================================================== [ 22.184122] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 22.185010] Read of size 1 at addr ffff888102a1dc7f by task kunit_try_catch/202 [ 22.185548] [ 22.185721] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.187445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.187764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.188647] Call Trace: [ 22.189005] <TASK> [ 22.189413] dump_stack_lvl+0x73/0xb0 [ 22.190076] print_report+0xd1/0x640 [ 22.190914] ? __virt_addr_valid+0x1db/0x2d0 [ 22.192297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.192873] kasan_report+0x102/0x140 [ 22.193414] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 22.193819] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 22.194715] __asan_report_load1_noabort+0x18/0x20 [ 22.195524] ksize_unpoisons_memory+0x7b8/0x9b0 [ 22.195975] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 22.197019] ? finish_task_switch.isra.0+0x153/0x700 [ 22.197719] ? __switch_to+0x5d9/0xf60 [ 22.198393] ? __schedule+0xc3e/0x2790 [ 22.198671] ? __pfx_read_tsc+0x10/0x10 [ 22.199690] ? ktime_get_ts64+0x84/0x230 [ 22.200312] kunit_try_run_case+0x1b3/0x490 [ 22.200756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.201101] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.201727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.202810] ? __kthread_parkme+0x82/0x160 [ 22.203640] ? preempt_count_sub+0x50/0x80 [ 22.204513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.204872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.205254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.206507] kthread+0x257/0x310 [ 22.206775] ? __pfx_kthread+0x10/0x10 [ 22.207715] ret_from_fork+0x41/0x80 [ 22.207972] ? __pfx_kthread+0x10/0x10 [ 22.208808] ret_from_fork_asm+0x1a/0x30 [ 22.209638] </TASK> [ 22.209903] [ 22.210109] Allocated by task 202: [ 22.210701] kasan_save_stack+0x3d/0x60 [ 22.210974] kasan_save_track+0x18/0x40 [ 22.211727] kasan_save_alloc_info+0x3b/0x50 [ 22.212001] __kasan_kmalloc+0xb7/0xc0 [ 22.212629] __kmalloc_cache_noprof+0x184/0x410 [ 22.213002] ksize_unpoisons_memory+0xc8/0x9b0 [ 22.213680] kunit_try_run_case+0x1b3/0x490 [ 22.214365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.214980] kthread+0x257/0x310 [ 22.215375] ret_from_fork+0x41/0x80 [ 22.216044] ret_from_fork_asm+0x1a/0x30 [ 22.217032] [ 22.217271] The buggy address belongs to the object at ffff888102a1dc00 [ 22.217271] which belongs to the cache kmalloc-128 of size 128 [ 22.218663] The buggy address is located 12 bytes to the right of [ 22.218663] allocated 115-byte region [ffff888102a1dc00, ffff888102a1dc73) [ 22.220033] [ 22.220218] The buggy address belongs to the physical page: [ 22.220703] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 22.221595] flags: 0x200000000000000(node=0|zone=2) [ 22.222108] page_type: f5(slab) [ 22.222575] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.223756] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.225127] page dumped because: kasan: bad access detected [ 22.226052] [ 22.226689] Memory state around the buggy address: [ 22.227111] ffff888102a1db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.227994] ffff888102a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.228928] >ffff888102a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.229997] ^ [ 22.230816] ffff888102a1dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.231586] ffff888102a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.232182] ================================================================== [ 22.136062] ================================================================== [ 22.137588] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 22.138795] Read of size 1 at addr ffff888102a1dc78 by task kunit_try_catch/202 [ 22.139762] [ 22.140279] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.141670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.142098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.143734] Call Trace: [ 22.144013] <TASK> [ 22.144264] dump_stack_lvl+0x73/0xb0 [ 22.144707] print_report+0xd1/0x640 [ 22.145055] ? __virt_addr_valid+0x1db/0x2d0 [ 22.145689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.146147] kasan_report+0x102/0x140 [ 22.146692] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 22.147292] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 22.147856] __asan_report_load1_noabort+0x18/0x20 [ 22.148228] ksize_unpoisons_memory+0x7eb/0x9b0 [ 22.148779] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 22.149289] ? finish_task_switch.isra.0+0x153/0x700 [ 22.150829] ? __switch_to+0x5d9/0xf60 [ 22.151536] ? __schedule+0xc3e/0x2790 [ 22.151961] ? __pfx_read_tsc+0x10/0x10 [ 22.152492] ? ktime_get_ts64+0x84/0x230 [ 22.152784] kunit_try_run_case+0x1b3/0x490 [ 22.153269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.153728] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.154145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.154830] ? __kthread_parkme+0x82/0x160 [ 22.155847] ? preempt_count_sub+0x50/0x80 [ 22.156527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.156870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.157789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.158628] kthread+0x257/0x310 [ 22.159043] ? __pfx_kthread+0x10/0x10 [ 22.159603] ret_from_fork+0x41/0x80 [ 22.160056] ? __pfx_kthread+0x10/0x10 [ 22.161015] ret_from_fork_asm+0x1a/0x30 [ 22.161730] </TASK> [ 22.162031] [ 22.162396] Allocated by task 202: [ 22.162786] kasan_save_stack+0x3d/0x60 [ 22.163445] kasan_save_track+0x18/0x40 [ 22.163880] kasan_save_alloc_info+0x3b/0x50 [ 22.164576] __kasan_kmalloc+0xb7/0xc0 [ 22.164944] __kmalloc_cache_noprof+0x184/0x410 [ 22.165968] ksize_unpoisons_memory+0xc8/0x9b0 [ 22.166418] kunit_try_run_case+0x1b3/0x490 [ 22.166883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.167327] kthread+0x257/0x310 [ 22.167871] ret_from_fork+0x41/0x80 [ 22.168543] ret_from_fork_asm+0x1a/0x30 [ 22.168912] [ 22.169379] The buggy address belongs to the object at ffff888102a1dc00 [ 22.169379] which belongs to the cache kmalloc-128 of size 128 [ 22.170634] The buggy address is located 5 bytes to the right of [ 22.170634] allocated 115-byte region [ffff888102a1dc00, ffff888102a1dc73) [ 22.171663] [ 22.172322] The buggy address belongs to the physical page: [ 22.173009] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 22.173867] flags: 0x200000000000000(node=0|zone=2) [ 22.174523] page_type: f5(slab) [ 22.174685] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.174966] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.175393] page dumped because: kasan: bad access detected [ 22.176527] [ 22.176720] Memory state around the buggy address: [ 22.177163] ffff888102a1db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.177919] ffff888102a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.178830] >ffff888102a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.179689] ^ [ 22.180154] ffff888102a1dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.181063] ffff888102a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.181904] ================================================================== [ 22.088882] ================================================================== [ 22.090546] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 22.091070] Read of size 1 at addr ffff888102a1dc73 by task kunit_try_catch/202 [ 22.091869] [ 22.092132] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.092975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.093698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.094709] Call Trace: [ 22.095064] <TASK> [ 22.095435] dump_stack_lvl+0x73/0xb0 [ 22.096062] print_report+0xd1/0x640 [ 22.097038] ? __virt_addr_valid+0x1db/0x2d0 [ 22.097832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.098404] kasan_report+0x102/0x140 [ 22.098785] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 22.099255] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 22.100464] __asan_report_load1_noabort+0x18/0x20 [ 22.101061] ksize_unpoisons_memory+0x81e/0x9b0 [ 22.101853] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 22.102269] ? finish_task_switch.isra.0+0x153/0x700 [ 22.102789] ? __switch_to+0x5d9/0xf60 [ 22.103095] ? __schedule+0xc3e/0x2790 [ 22.103775] ? __pfx_read_tsc+0x10/0x10 [ 22.104427] ? ktime_get_ts64+0x84/0x230 [ 22.104932] kunit_try_run_case+0x1b3/0x490 [ 22.105641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.106146] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.106775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.107577] ? __kthread_parkme+0x82/0x160 [ 22.108000] ? preempt_count_sub+0x50/0x80 [ 22.108703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.109326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.110003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.110714] kthread+0x257/0x310 [ 22.111278] ? __pfx_kthread+0x10/0x10 [ 22.111800] ret_from_fork+0x41/0x80 [ 22.112125] ? __pfx_kthread+0x10/0x10 [ 22.112789] ret_from_fork_asm+0x1a/0x30 [ 22.113499] </TASK> [ 22.113803] [ 22.114033] Allocated by task 202: [ 22.114640] kasan_save_stack+0x3d/0x60 [ 22.114990] kasan_save_track+0x18/0x40 [ 22.115631] kasan_save_alloc_info+0x3b/0x50 [ 22.116134] __kasan_kmalloc+0xb7/0xc0 [ 22.116734] __kmalloc_cache_noprof+0x184/0x410 [ 22.117398] ksize_unpoisons_memory+0xc8/0x9b0 [ 22.117863] kunit_try_run_case+0x1b3/0x490 [ 22.118256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.118784] kthread+0x257/0x310 [ 22.119064] ret_from_fork+0x41/0x80 [ 22.119790] ret_from_fork_asm+0x1a/0x30 [ 22.120300] [ 22.120603] The buggy address belongs to the object at ffff888102a1dc00 [ 22.120603] which belongs to the cache kmalloc-128 of size 128 [ 22.121870] The buggy address is located 0 bytes to the right of [ 22.121870] allocated 115-byte region [ffff888102a1dc00, ffff888102a1dc73) [ 22.123372] [ 22.123522] The buggy address belongs to the physical page: [ 22.124043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 22.125031] flags: 0x200000000000000(node=0|zone=2) [ 22.125715] page_type: f5(slab) [ 22.126138] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.126987] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 22.127795] page dumped because: kasan: bad access detected [ 22.128471] [ 22.128716] Memory state around the buggy address: [ 22.129509] ffff888102a1db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.130121] ffff888102a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.130920] >ffff888102a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.131715] ^ [ 22.132634] ffff888102a1dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.133618] ffff888102a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.134693] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 22.033309] ================================================================== [ 22.034129] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 22.035373] Free of addr ffff888101094f80 by task kunit_try_catch/200 [ 22.035860] [ 22.036047] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 22.037429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.037712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.038322] Call Trace: [ 22.038674] <TASK> [ 22.038887] dump_stack_lvl+0x73/0xb0 [ 22.039428] print_report+0xd1/0x640 [ 22.039741] ? __virt_addr_valid+0x1db/0x2d0 [ 22.040712] ? kfree_sensitive+0x2e/0x90 [ 22.041302] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.041740] ? kfree_sensitive+0x2e/0x90 [ 22.042363] kasan_report_invalid_free+0xc0/0xf0 [ 22.042815] ? kfree_sensitive+0x2e/0x90 [ 22.043528] ? kfree_sensitive+0x2e/0x90 [ 22.043867] check_slab_allocation+0x101/0x130 [ 22.044741] __kasan_slab_pre_free+0x28/0x40 [ 22.045058] kfree+0xf1/0x3f0 [ 22.045521] ? kfree_sensitive+0x2e/0x90 [ 22.045888] kfree_sensitive+0x2e/0x90 [ 22.046482] kmalloc_double_kzfree+0x19d/0x360 [ 22.046982] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 22.047741] ? __schedule+0xc3e/0x2790 [ 22.048027] ? __pfx_read_tsc+0x10/0x10 [ 22.048820] ? ktime_get_ts64+0x84/0x230 [ 22.049481] kunit_try_run_case+0x1b3/0x490 [ 22.049934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.050485] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.050821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.051549] ? __kthread_parkme+0x82/0x160 [ 22.051899] ? preempt_count_sub+0x50/0x80 [ 22.052396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.052928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.053325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.053911] kthread+0x257/0x310 [ 22.054295] ? __pfx_kthread+0x10/0x10 [ 22.054873] ret_from_fork+0x41/0x80 [ 22.055561] ? __pfx_kthread+0x10/0x10 [ 22.055975] ret_from_fork_asm+0x1a/0x30 [ 22.056584] </TASK> [ 22.056796] [ 22.056950] Allocated by task 200: [ 22.057477] kasan_save_stack+0x3d/0x60 [ 22.057884] kasan_save_track+0x18/0x40 [ 22.058581] kasan_save_alloc_info+0x3b/0x50 [ 22.059018] __kasan_kmalloc+0xb7/0xc0 [ 22.059562] __kmalloc_cache_noprof+0x184/0x410 [ 22.060062] kmalloc_double_kzfree+0xaa/0x360 [ 22.060567] kunit_try_run_case+0x1b3/0x490 [ 22.060881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.061661] kthread+0x257/0x310 [ 22.062035] ret_from_fork+0x41/0x80 [ 22.062848] ret_from_fork_asm+0x1a/0x30 [ 22.063233] [ 22.063578] Freed by task 200: [ 22.063969] kasan_save_stack+0x3d/0x60 [ 22.064584] kasan_save_track+0x18/0x40 [ 22.064926] kasan_save_free_info+0x3f/0x60 [ 22.065566] __kasan_slab_free+0x56/0x70 [ 22.065911] kfree+0x123/0x3f0 [ 22.066214] kfree_sensitive+0x67/0x90 [ 22.066676] kmalloc_double_kzfree+0x12c/0x360 [ 22.067015] kunit_try_run_case+0x1b3/0x490 [ 22.067928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.068658] kthread+0x257/0x310 [ 22.068907] ret_from_fork+0x41/0x80 [ 22.069512] ret_from_fork_asm+0x1a/0x30 [ 22.069996] [ 22.070454] The buggy address belongs to the object at ffff888101094f80 [ 22.070454] which belongs to the cache kmalloc-16 of size 16 [ 22.071874] The buggy address is located 0 bytes inside of [ 22.071874] 16-byte region [ffff888101094f80, ffff888101094f90) [ 22.072838] [ 22.073090] The buggy address belongs to the physical page: [ 22.073861] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 22.074538] flags: 0x200000000000000(node=0|zone=2) [ 22.074919] page_type: f5(slab) [ 22.075331] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.076026] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 22.076985] page dumped because: kasan: bad access detected [ 22.077683] [ 22.077942] Memory state around the buggy address: [ 22.078517] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.079319] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.079914] >ffff888101094f80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.080875] ^ [ 22.081116] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.081908] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 22.082656] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 21.978118] ================================================================== [ 21.979498] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 21.980185] Read of size 1 at addr ffff888101094f80 by task kunit_try_catch/200 [ 21.980928] [ 21.981250] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.982093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.983052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.983729] Call Trace: [ 21.984083] <TASK> [ 21.984667] dump_stack_lvl+0x73/0xb0 [ 21.985147] print_report+0xd1/0x640 [ 21.985738] ? __virt_addr_valid+0x1db/0x2d0 [ 21.986620] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.987081] kasan_report+0x102/0x140 [ 21.987730] ? kmalloc_double_kzfree+0x19d/0x360 [ 21.988540] ? kmalloc_double_kzfree+0x19d/0x360 [ 21.989009] ? kmalloc_double_kzfree+0x19d/0x360 [ 21.989693] __kasan_check_byte+0x3d/0x50 [ 21.990130] kfree_sensitive+0x22/0x90 [ 21.990959] kmalloc_double_kzfree+0x19d/0x360 [ 21.991814] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 21.992270] ? __schedule+0xc3e/0x2790 [ 21.992762] ? __pfx_read_tsc+0x10/0x10 [ 21.993138] ? ktime_get_ts64+0x84/0x230 [ 21.993777] kunit_try_run_case+0x1b3/0x490 [ 21.994380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.995544] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.996131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.996713] ? __kthread_parkme+0x82/0x160 [ 21.997459] ? preempt_count_sub+0x50/0x80 [ 21.997930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.998815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.999705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.000471] kthread+0x257/0x310 [ 22.000647] ? __pfx_kthread+0x10/0x10 [ 22.000823] ret_from_fork+0x41/0x80 [ 22.000997] ? __pfx_kthread+0x10/0x10 [ 22.001504] ret_from_fork_asm+0x1a/0x30 [ 22.002356] </TASK> [ 22.002551] [ 22.002702] Allocated by task 200: [ 22.003646] kasan_save_stack+0x3d/0x60 [ 22.004481] kasan_save_track+0x18/0x40 [ 22.005402] kasan_save_alloc_info+0x3b/0x50 [ 22.006255] __kasan_kmalloc+0xb7/0xc0 [ 22.006560] __kmalloc_cache_noprof+0x184/0x410 [ 22.007079] kmalloc_double_kzfree+0xaa/0x360 [ 22.007821] kunit_try_run_case+0x1b3/0x490 [ 22.008197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.008825] kthread+0x257/0x310 [ 22.009202] ret_from_fork+0x41/0x80 [ 22.010059] ret_from_fork_asm+0x1a/0x30 [ 22.010701] [ 22.010845] Freed by task 200: [ 22.011153] kasan_save_stack+0x3d/0x60 [ 22.011693] kasan_save_track+0x18/0x40 [ 22.012494] kasan_save_free_info+0x3f/0x60 [ 22.012794] __kasan_slab_free+0x56/0x70 [ 22.013424] kfree+0x123/0x3f0 [ 22.014133] kfree_sensitive+0x67/0x90 [ 22.014570] kmalloc_double_kzfree+0x12c/0x360 [ 22.015073] kunit_try_run_case+0x1b3/0x490 [ 22.015734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.016631] kthread+0x257/0x310 [ 22.017063] ret_from_fork+0x41/0x80 [ 22.017637] ret_from_fork_asm+0x1a/0x30 [ 22.018038] [ 22.018288] The buggy address belongs to the object at ffff888101094f80 [ 22.018288] which belongs to the cache kmalloc-16 of size 16 [ 22.019625] The buggy address is located 0 bytes inside of [ 22.019625] freed 16-byte region [ffff888101094f80, ffff888101094f90) [ 22.021145] [ 22.021409] The buggy address belongs to the physical page: [ 22.021829] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 22.022617] flags: 0x200000000000000(node=0|zone=2) [ 22.023253] page_type: f5(slab) [ 22.023982] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.024861] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 22.025694] page dumped because: kasan: bad access detected [ 22.026224] [ 22.026749] Memory state around the buggy address: [ 22.027154] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.027992] ffff888101094f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.029003] >ffff888101094f80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.029732] ^ [ 22.030297] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.031445] ffff888101095080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 22.032642] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 21.864172] ================================================================== [ 21.865328] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 21.866030] Write of size 33 at addr ffff888102a18d80 by task kunit_try_catch/194 [ 21.866905] [ 21.867303] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.868687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.869158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.870138] Call Trace: [ 21.870493] <TASK> [ 21.870869] dump_stack_lvl+0x73/0xb0 [ 21.871444] print_report+0xd1/0x640 [ 21.872031] ? __virt_addr_valid+0x1db/0x2d0 [ 21.872628] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.873116] kasan_report+0x102/0x140 [ 21.873753] ? kmalloc_uaf_memset+0x1a4/0x360 [ 21.874089] ? kmalloc_uaf_memset+0x1a4/0x360 [ 21.874922] kasan_check_range+0x10c/0x1c0 [ 21.875297] __asan_memset+0x27/0x50 [ 21.876013] kmalloc_uaf_memset+0x1a4/0x360 [ 21.876756] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 21.877205] ? __schedule+0xc3e/0x2790 [ 21.877811] ? __pfx_read_tsc+0x10/0x10 [ 21.878500] ? ktime_get_ts64+0x84/0x230 [ 21.878833] kunit_try_run_case+0x1b3/0x490 [ 21.879410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.879846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.880398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.880979] ? __kthread_parkme+0x82/0x160 [ 21.881484] ? preempt_count_sub+0x50/0x80 [ 21.881946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.882424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.883014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.883662] kthread+0x257/0x310 [ 21.884051] ? __pfx_kthread+0x10/0x10 [ 21.884527] ret_from_fork+0x41/0x80 [ 21.884889] ? __pfx_kthread+0x10/0x10 [ 21.885234] ret_from_fork_asm+0x1a/0x30 [ 21.885661] </TASK> [ 21.885972] [ 21.886158] Allocated by task 194: [ 21.886589] kasan_save_stack+0x3d/0x60 [ 21.886883] kasan_save_track+0x18/0x40 [ 21.887213] kasan_save_alloc_info+0x3b/0x50 [ 21.887729] __kasan_kmalloc+0xb7/0xc0 [ 21.888269] __kmalloc_cache_noprof+0x184/0x410 [ 21.888863] kmalloc_uaf_memset+0xaa/0x360 [ 21.889290] kunit_try_run_case+0x1b3/0x490 [ 21.889698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.890283] kthread+0x257/0x310 [ 21.890566] ret_from_fork+0x41/0x80 [ 21.890832] ret_from_fork_asm+0x1a/0x30 [ 21.891433] [ 21.891727] Freed by task 194: [ 21.892217] kasan_save_stack+0x3d/0x60 [ 21.892561] kasan_save_track+0x18/0x40 [ 21.893120] kasan_save_free_info+0x3f/0x60 [ 21.893447] __kasan_slab_free+0x56/0x70 [ 21.894008] kfree+0x123/0x3f0 [ 21.894488] kmalloc_uaf_memset+0x12c/0x360 [ 21.894981] kunit_try_run_case+0x1b3/0x490 [ 21.895563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.895968] kthread+0x257/0x310 [ 21.896556] ret_from_fork+0x41/0x80 [ 21.896971] ret_from_fork_asm+0x1a/0x30 [ 21.897724] [ 21.897883] The buggy address belongs to the object at ffff888102a18d80 [ 21.897883] which belongs to the cache kmalloc-64 of size 64 [ 21.899430] The buggy address is located 0 bytes inside of [ 21.899430] freed 64-byte region [ffff888102a18d80, ffff888102a18dc0) [ 21.900557] [ 21.901122] The buggy address belongs to the physical page: [ 21.901947] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 21.902958] flags: 0x200000000000000(node=0|zone=2) [ 21.903511] page_type: f5(slab) [ 21.903742] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.904469] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 21.905183] page dumped because: kasan: bad access detected [ 21.905759] [ 21.906013] Memory state around the buggy address: [ 21.906439] ffff888102a18c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.907051] ffff888102a18d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.907831] >ffff888102a18d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.908540] ^ [ 21.908960] ffff888102a18e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.909683] ffff888102a18e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.910478] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 21.757852] ================================================================== [ 21.758839] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 21.759700] Read of size 64 at addr ffff888101b59084 by task kunit_try_catch/190 [ 21.760446] [ 21.760689] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.761780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.762148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.763206] Call Trace: [ 21.764322] <TASK> [ 21.764812] dump_stack_lvl+0x73/0xb0 [ 21.765202] print_report+0xd1/0x640 [ 21.765713] ? __virt_addr_valid+0x1db/0x2d0 [ 21.766537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.767251] kasan_report+0x102/0x140 [ 21.767822] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 21.768367] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 21.768866] kasan_check_range+0x10c/0x1c0 [ 21.769493] __asan_memmove+0x27/0x70 [ 21.769916] kmalloc_memmove_invalid_size+0x170/0x330 [ 21.770615] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 21.771508] ? __schedule+0xc3e/0x2790 [ 21.771829] ? __pfx_read_tsc+0x10/0x10 [ 21.772119] ? ktime_get_ts64+0x84/0x230 [ 21.772717] kunit_try_run_case+0x1b3/0x490 [ 21.773578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.774110] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.774776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.775532] ? __kthread_parkme+0x82/0x160 [ 21.776024] ? preempt_count_sub+0x50/0x80 [ 21.776542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.777001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.777603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.777993] kthread+0x257/0x310 [ 21.778788] ? __pfx_kthread+0x10/0x10 [ 21.779308] ret_from_fork+0x41/0x80 [ 21.779631] ? __pfx_kthread+0x10/0x10 [ 21.780061] ret_from_fork_asm+0x1a/0x30 [ 21.780612] </TASK> [ 21.780922] [ 21.781296] Allocated by task 190: [ 21.781654] kasan_save_stack+0x3d/0x60 [ 21.782134] kasan_save_track+0x18/0x40 [ 21.782588] kasan_save_alloc_info+0x3b/0x50 [ 21.783086] __kasan_kmalloc+0xb7/0xc0 [ 21.783522] __kmalloc_cache_noprof+0x184/0x410 [ 21.784054] kmalloc_memmove_invalid_size+0xad/0x330 [ 21.785052] kunit_try_run_case+0x1b3/0x490 [ 21.785676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.786315] kthread+0x257/0x310 [ 21.786713] ret_from_fork+0x41/0x80 [ 21.787059] ret_from_fork_asm+0x1a/0x30 [ 21.787705] [ 21.787923] The buggy address belongs to the object at ffff888101b59080 [ 21.787923] which belongs to the cache kmalloc-64 of size 64 [ 21.788851] The buggy address is located 4 bytes inside of [ 21.788851] allocated 64-byte region [ffff888101b59080, ffff888101b590c0) [ 21.789815] [ 21.790019] The buggy address belongs to the physical page: [ 21.790559] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b59 [ 21.791783] flags: 0x200000000000000(node=0|zone=2) [ 21.792400] page_type: f5(slab) [ 21.792805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.793623] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 21.794404] page dumped because: kasan: bad access detected [ 21.794765] [ 21.795039] Memory state around the buggy address: [ 21.795520] ffff888101b58f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.796042] ffff888101b59000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.796902] >ffff888101b59080: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 21.797576] ^ [ 21.797984] ffff888101b59100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.799222] ffff888101b59180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.799967] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 21.707568] ================================================================== [ 21.708516] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 21.709188] Read of size 18446744073709551614 at addr ffff888102a18c84 by task kunit_try_catch/188 [ 21.709891] [ 21.710199] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.711113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.711856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.713050] Call Trace: [ 21.713305] <TASK> [ 21.714011] dump_stack_lvl+0x73/0xb0 [ 21.714689] print_report+0xd1/0x640 [ 21.715090] ? __virt_addr_valid+0x1db/0x2d0 [ 21.715541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.716076] kasan_report+0x102/0x140 [ 21.716518] ? kmalloc_memmove_negative_size+0x172/0x330 [ 21.717003] ? kmalloc_memmove_negative_size+0x172/0x330 [ 21.717646] kasan_check_range+0x10c/0x1c0 [ 21.718292] __asan_memmove+0x27/0x70 [ 21.718947] kmalloc_memmove_negative_size+0x172/0x330 [ 21.719819] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 21.720512] ? __schedule+0xc3e/0x2790 [ 21.721051] ? __pfx_read_tsc+0x10/0x10 [ 21.721657] ? ktime_get_ts64+0x84/0x230 [ 21.722209] kunit_try_run_case+0x1b3/0x490 [ 21.723072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.723900] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.724510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.724990] ? __kthread_parkme+0x82/0x160 [ 21.725619] ? preempt_count_sub+0x50/0x80 [ 21.726103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.726817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.727849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.728966] kthread+0x257/0x310 [ 21.729419] ? __pfx_kthread+0x10/0x10 [ 21.729785] ret_from_fork+0x41/0x80 [ 21.729983] ? __pfx_kthread+0x10/0x10 [ 21.730432] ret_from_fork_asm+0x1a/0x30 [ 21.731146] </TASK> [ 21.731599] [ 21.731873] Allocated by task 188: [ 21.732306] kasan_save_stack+0x3d/0x60 [ 21.733241] kasan_save_track+0x18/0x40 [ 21.733549] kasan_save_alloc_info+0x3b/0x50 [ 21.734520] __kasan_kmalloc+0xb7/0xc0 [ 21.734884] __kmalloc_cache_noprof+0x184/0x410 [ 21.735639] kmalloc_memmove_negative_size+0xad/0x330 [ 21.736139] kunit_try_run_case+0x1b3/0x490 [ 21.736925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.737454] kthread+0x257/0x310 [ 21.738121] ret_from_fork+0x41/0x80 [ 21.738773] ret_from_fork_asm+0x1a/0x30 [ 21.739045] [ 21.739437] The buggy address belongs to the object at ffff888102a18c80 [ 21.739437] which belongs to the cache kmalloc-64 of size 64 [ 21.740861] The buggy address is located 4 bytes inside of [ 21.740861] 64-byte region [ffff888102a18c80, ffff888102a18cc0) [ 21.741938] [ 21.742293] The buggy address belongs to the physical page: [ 21.742815] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 21.743622] flags: 0x200000000000000(node=0|zone=2) [ 21.744011] page_type: f5(slab) [ 21.744680] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.745463] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 21.746372] page dumped because: kasan: bad access detected [ 21.746843] [ 21.747112] Memory state around the buggy address: [ 21.747665] ffff888102a18b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.748479] ffff888102a18c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.749066] >ffff888102a18c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 21.749702] ^ [ 21.750144] ffff888102a18d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.750939] ffff888102a18d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.751615] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 21.500087] ================================================================== [ 21.501004] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 21.502063] Write of size 2 at addr ffff888102a1d277 by task kunit_try_catch/180 [ 21.502741] [ 21.503105] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.503941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.504710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.505470] Call Trace: [ 21.506536] <TASK> [ 21.507163] dump_stack_lvl+0x73/0xb0 [ 21.507758] print_report+0xd1/0x640 [ 21.508193] ? __virt_addr_valid+0x1db/0x2d0 [ 21.508542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.509176] kasan_report+0x102/0x140 [ 21.509614] ? kmalloc_oob_memset_2+0x167/0x330 [ 21.510786] ? kmalloc_oob_memset_2+0x167/0x330 [ 21.511209] kasan_check_range+0x10c/0x1c0 [ 21.511816] __asan_memset+0x27/0x50 [ 21.512380] kmalloc_oob_memset_2+0x167/0x330 [ 21.513095] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 21.513766] ? __schedule+0xc3e/0x2790 [ 21.514469] ? __pfx_read_tsc+0x10/0x10 [ 21.514777] ? ktime_get_ts64+0x84/0x230 [ 21.515159] kunit_try_run_case+0x1b3/0x490 [ 21.515655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.516203] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.516682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.517015] ? __kthread_parkme+0x82/0x160 [ 21.517553] ? preempt_count_sub+0x50/0x80 [ 21.518381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.518973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.519577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.520227] kthread+0x257/0x310 [ 21.520619] ? __pfx_kthread+0x10/0x10 [ 21.521695] ret_from_fork+0x41/0x80 [ 21.522206] ? __pfx_kthread+0x10/0x10 [ 21.523036] ret_from_fork_asm+0x1a/0x30 [ 21.523821] </TASK> [ 21.524039] [ 21.524295] Allocated by task 180: [ 21.525101] kasan_save_stack+0x3d/0x60 [ 21.525874] kasan_save_track+0x18/0x40 [ 21.526491] kasan_save_alloc_info+0x3b/0x50 [ 21.526998] __kasan_kmalloc+0xb7/0xc0 [ 21.527518] __kmalloc_cache_noprof+0x184/0x410 [ 21.528035] kmalloc_oob_memset_2+0xad/0x330 [ 21.528670] kunit_try_run_case+0x1b3/0x490 [ 21.529170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.529807] kthread+0x257/0x310 [ 21.530254] ret_from_fork+0x41/0x80 [ 21.530992] ret_from_fork_asm+0x1a/0x30 [ 21.531251] [ 21.531739] The buggy address belongs to the object at ffff888102a1d200 [ 21.531739] which belongs to the cache kmalloc-128 of size 128 [ 21.533514] The buggy address is located 119 bytes inside of [ 21.533514] allocated 120-byte region [ffff888102a1d200, ffff888102a1d278) [ 21.534791] [ 21.535046] The buggy address belongs to the physical page: [ 21.535860] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 21.537162] flags: 0x200000000000000(node=0|zone=2) [ 21.537814] page_type: f5(slab) [ 21.538308] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.538952] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.539562] page dumped because: kasan: bad access detected [ 21.540032] [ 21.540223] Memory state around the buggy address: [ 21.540854] ffff888102a1d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.541628] ffff888102a1d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.542708] >ffff888102a1d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.543894] ^ [ 21.544693] ffff888102a1d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.545255] ffff888102a1d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.545846] ================================================================== [ 21.651017] ================================================================== [ 21.652216] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 21.652905] Write of size 16 at addr ffff888101b56869 by task kunit_try_catch/186 [ 21.653646] [ 21.653920] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.655435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.656035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.657475] Call Trace: [ 21.657953] <TASK> [ 21.658710] dump_stack_lvl+0x73/0xb0 [ 21.659527] print_report+0xd1/0x640 [ 21.660359] ? __virt_addr_valid+0x1db/0x2d0 [ 21.661067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.661847] kasan_report+0x102/0x140 [ 21.662284] ? kmalloc_oob_memset_16+0x167/0x330 [ 21.663057] ? kmalloc_oob_memset_16+0x167/0x330 [ 21.663794] kasan_check_range+0x10c/0x1c0 [ 21.664330] __asan_memset+0x27/0x50 [ 21.664779] kmalloc_oob_memset_16+0x167/0x330 [ 21.665216] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 21.665899] ? __schedule+0xc3e/0x2790 [ 21.666262] ? __pfx_read_tsc+0x10/0x10 [ 21.667290] ? ktime_get_ts64+0x84/0x230 [ 21.667613] kunit_try_run_case+0x1b3/0x490 [ 21.668139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.668925] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.669610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.670159] ? __kthread_parkme+0x82/0x160 [ 21.670748] ? preempt_count_sub+0x50/0x80 [ 21.671169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.672064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.673159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.673622] kthread+0x257/0x310 [ 21.673985] ? __pfx_kthread+0x10/0x10 [ 21.674561] ret_from_fork+0x41/0x80 [ 21.675111] ? __pfx_kthread+0x10/0x10 [ 21.675821] ret_from_fork_asm+0x1a/0x30 [ 21.676583] </TASK> [ 21.676898] [ 21.677114] Allocated by task 186: [ 21.678016] kasan_save_stack+0x3d/0x60 [ 21.678840] kasan_save_track+0x18/0x40 [ 21.679479] kasan_save_alloc_info+0x3b/0x50 [ 21.680026] __kasan_kmalloc+0xb7/0xc0 [ 21.680574] __kmalloc_cache_noprof+0x184/0x410 [ 21.681403] kmalloc_oob_memset_16+0xad/0x330 [ 21.681951] kunit_try_run_case+0x1b3/0x490 [ 21.683061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.683879] kthread+0x257/0x310 [ 21.684242] ret_from_fork+0x41/0x80 [ 21.684624] ret_from_fork_asm+0x1a/0x30 [ 21.685032] [ 21.685234] The buggy address belongs to the object at ffff888101b56800 [ 21.685234] which belongs to the cache kmalloc-128 of size 128 [ 21.686914] The buggy address is located 105 bytes inside of [ 21.686914] allocated 120-byte region [ffff888101b56800, ffff888101b56878) [ 21.688051] [ 21.688795] The buggy address belongs to the physical page: [ 21.689958] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b56 [ 21.690850] flags: 0x200000000000000(node=0|zone=2) [ 21.691180] page_type: f5(slab) [ 21.691760] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.692659] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.693820] page dumped because: kasan: bad access detected [ 21.694385] [ 21.694934] Memory state around the buggy address: [ 21.695418] ffff888101b56700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 21.696680] ffff888101b56780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.697184] >ffff888101b56800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.698194] ^ [ 21.698766] ffff888101b56880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.699863] ffff888101b56900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.700436] ================================================================== [ 21.599896] ================================================================== [ 21.600774] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 21.601372] Write of size 8 at addr ffff888101b56671 by task kunit_try_catch/184 [ 21.602100] [ 21.602322] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.603706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.604233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.605090] Call Trace: [ 21.605495] <TASK> [ 21.605825] dump_stack_lvl+0x73/0xb0 [ 21.606172] print_report+0xd1/0x640 [ 21.606765] ? __virt_addr_valid+0x1db/0x2d0 [ 21.607538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.608049] kasan_report+0x102/0x140 [ 21.608537] ? kmalloc_oob_memset_8+0x167/0x330 [ 21.609056] ? kmalloc_oob_memset_8+0x167/0x330 [ 21.609427] kasan_check_range+0x10c/0x1c0 [ 21.610014] __asan_memset+0x27/0x50 [ 21.610517] kmalloc_oob_memset_8+0x167/0x330 [ 21.610805] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 21.611162] ? __schedule+0xc3e/0x2790 [ 21.611892] ? __pfx_read_tsc+0x10/0x10 [ 21.612928] ? ktime_get_ts64+0x84/0x230 [ 21.613868] kunit_try_run_case+0x1b3/0x490 [ 21.614666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.615782] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.616600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.617263] ? __kthread_parkme+0x82/0x160 [ 21.617764] ? preempt_count_sub+0x50/0x80 [ 21.618152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.619263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.619824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.620359] kthread+0x257/0x310 [ 21.620762] ? __pfx_kthread+0x10/0x10 [ 21.621388] ret_from_fork+0x41/0x80 [ 21.621875] ? __pfx_kthread+0x10/0x10 [ 21.622492] ret_from_fork_asm+0x1a/0x30 [ 21.623254] </TASK> [ 21.623590] [ 21.623804] Allocated by task 184: [ 21.624122] kasan_save_stack+0x3d/0x60 [ 21.624784] kasan_save_track+0x18/0x40 [ 21.625118] kasan_save_alloc_info+0x3b/0x50 [ 21.625681] __kasan_kmalloc+0xb7/0xc0 [ 21.626143] __kmalloc_cache_noprof+0x184/0x410 [ 21.627004] kmalloc_oob_memset_8+0xad/0x330 [ 21.627669] kunit_try_run_case+0x1b3/0x490 [ 21.628109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.628938] kthread+0x257/0x310 [ 21.629279] ret_from_fork+0x41/0x80 [ 21.629883] ret_from_fork_asm+0x1a/0x30 [ 21.630520] [ 21.630843] The buggy address belongs to the object at ffff888101b56600 [ 21.630843] which belongs to the cache kmalloc-128 of size 128 [ 21.631798] The buggy address is located 113 bytes inside of [ 21.631798] allocated 120-byte region [ffff888101b56600, ffff888101b56678) [ 21.633159] [ 21.633524] The buggy address belongs to the physical page: [ 21.633947] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b56 [ 21.634923] flags: 0x200000000000000(node=0|zone=2) [ 21.635686] page_type: f5(slab) [ 21.636034] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.636807] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.638121] page dumped because: kasan: bad access detected [ 21.638828] [ 21.639074] Memory state around the buggy address: [ 21.639629] ffff888101b56500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 21.640426] ffff888101b56580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.641041] >ffff888101b56600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.641746] ^ [ 21.643068] ffff888101b56680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.643951] ffff888101b56700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.644540] ================================================================== [ 21.551751] ================================================================== [ 21.552648] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 21.553728] Write of size 4 at addr ffff888102a1d375 by task kunit_try_catch/182 [ 21.554591] [ 21.554824] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.555751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.556014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.557156] Call Trace: [ 21.557516] <TASK> [ 21.557775] dump_stack_lvl+0x73/0xb0 [ 21.558330] print_report+0xd1/0x640 [ 21.558711] ? __virt_addr_valid+0x1db/0x2d0 [ 21.559317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.559831] kasan_report+0x102/0x140 [ 21.560300] ? kmalloc_oob_memset_4+0x167/0x330 [ 21.560810] ? kmalloc_oob_memset_4+0x167/0x330 [ 21.561456] kasan_check_range+0x10c/0x1c0 [ 21.561881] __asan_memset+0x27/0x50 [ 21.562300] kmalloc_oob_memset_4+0x167/0x330 [ 21.562629] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 21.563118] ? __schedule+0xc3e/0x2790 [ 21.563493] ? __pfx_read_tsc+0x10/0x10 [ 21.563882] ? ktime_get_ts64+0x84/0x230 [ 21.564293] kunit_try_run_case+0x1b3/0x490 [ 21.564875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.565192] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.565525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.566273] ? __kthread_parkme+0x82/0x160 [ 21.567007] ? preempt_count_sub+0x50/0x80 [ 21.567375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.568500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.569106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.569673] kthread+0x257/0x310 [ 21.570085] ? __pfx_kthread+0x10/0x10 [ 21.570465] ret_from_fork+0x41/0x80 [ 21.570941] ? __pfx_kthread+0x10/0x10 [ 21.571409] ret_from_fork_asm+0x1a/0x30 [ 21.571712] </TASK> [ 21.572200] [ 21.572635] Allocated by task 182: [ 21.573035] kasan_save_stack+0x3d/0x60 [ 21.573514] kasan_save_track+0x18/0x40 [ 21.574706] kasan_save_alloc_info+0x3b/0x50 [ 21.575572] __kasan_kmalloc+0xb7/0xc0 [ 21.576001] __kmalloc_cache_noprof+0x184/0x410 [ 21.576548] kmalloc_oob_memset_4+0xad/0x330 [ 21.577033] kunit_try_run_case+0x1b3/0x490 [ 21.578034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.578631] kthread+0x257/0x310 [ 21.579012] ret_from_fork+0x41/0x80 [ 21.579482] ret_from_fork_asm+0x1a/0x30 [ 21.579954] [ 21.580196] The buggy address belongs to the object at ffff888102a1d300 [ 21.580196] which belongs to the cache kmalloc-128 of size 128 [ 21.581174] The buggy address is located 117 bytes inside of [ 21.581174] allocated 120-byte region [ffff888102a1d300, ffff888102a1d378) [ 21.582881] [ 21.583184] The buggy address belongs to the physical page: [ 21.583998] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 21.584889] flags: 0x200000000000000(node=0|zone=2) [ 21.585562] page_type: f5(slab) [ 21.585932] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.586544] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.587355] page dumped because: kasan: bad access detected [ 21.587789] [ 21.588026] Memory state around the buggy address: [ 21.588567] ffff888102a1d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.589400] ffff888102a1d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.590384] >ffff888102a1d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.591716] ^ [ 21.592777] ffff888102a1d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.593486] ffff888102a1d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.594134] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 21.454795] ================================================================== [ 21.455891] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 21.457231] Write of size 128 at addr ffff888102a1d000 by task kunit_try_catch/178 [ 21.458207] [ 21.458571] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.459498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.459912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.460921] Call Trace: [ 21.461259] <TASK> [ 21.461775] dump_stack_lvl+0x73/0xb0 [ 21.462089] print_report+0xd1/0x640 [ 21.462737] ? __virt_addr_valid+0x1db/0x2d0 [ 21.463414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.464125] kasan_report+0x102/0x140 [ 21.464511] ? kmalloc_oob_in_memset+0x160/0x320 [ 21.464885] ? kmalloc_oob_in_memset+0x160/0x320 [ 21.465361] kasan_check_range+0x10c/0x1c0 [ 21.465861] __asan_memset+0x27/0x50 [ 21.466244] kmalloc_oob_in_memset+0x160/0x320 [ 21.466724] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 21.467123] ? __schedule+0xc3e/0x2790 [ 21.467583] ? __pfx_read_tsc+0x10/0x10 [ 21.467959] ? ktime_get_ts64+0x84/0x230 [ 21.468416] kunit_try_run_case+0x1b3/0x490 [ 21.468719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.469366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.469757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.470295] ? __kthread_parkme+0x82/0x160 [ 21.470678] ? preempt_count_sub+0x50/0x80 [ 21.471196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.471765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.472372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.472954] kthread+0x257/0x310 [ 21.473360] ? __pfx_kthread+0x10/0x10 [ 21.473698] ret_from_fork+0x41/0x80 [ 21.474130] ? __pfx_kthread+0x10/0x10 [ 21.474601] ret_from_fork_asm+0x1a/0x30 [ 21.474961] </TASK> [ 21.475327] [ 21.475512] Allocated by task 178: [ 21.475825] kasan_save_stack+0x3d/0x60 [ 21.476252] kasan_save_track+0x18/0x40 [ 21.476563] kasan_save_alloc_info+0x3b/0x50 [ 21.477128] __kasan_kmalloc+0xb7/0xc0 [ 21.477639] __kmalloc_cache_noprof+0x184/0x410 [ 21.478031] kmalloc_oob_in_memset+0xad/0x320 [ 21.478465] kunit_try_run_case+0x1b3/0x490 [ 21.478863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.479292] kthread+0x257/0x310 [ 21.479699] ret_from_fork+0x41/0x80 [ 21.480161] ret_from_fork_asm+0x1a/0x30 [ 21.480580] [ 21.480735] The buggy address belongs to the object at ffff888102a1d000 [ 21.480735] which belongs to the cache kmalloc-128 of size 128 [ 21.482203] The buggy address is located 0 bytes inside of [ 21.482203] allocated 120-byte region [ffff888102a1d000, ffff888102a1d078) [ 21.483579] [ 21.483802] The buggy address belongs to the physical page: [ 21.484395] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1d [ 21.485234] flags: 0x200000000000000(node=0|zone=2) [ 21.485879] page_type: f5(slab) [ 21.486354] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.487191] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.487823] page dumped because: kasan: bad access detected [ 21.488201] [ 21.488570] Memory state around the buggy address: [ 21.489377] ffff888102a1cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.489830] ffff888102a1cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.490829] >ffff888102a1d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.491524] ^ [ 21.492288] ffff888102a1d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.492987] ffff888102a1d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.493753] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 21.916688] ================================================================== [ 21.917643] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 21.918424] Read of size 1 at addr ffff888102a18ea8 by task kunit_try_catch/196 [ 21.919114] [ 21.919317] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.920316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.920944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.922202] Call Trace: [ 21.922769] <TASK> [ 21.923052] dump_stack_lvl+0x73/0xb0 [ 21.923436] print_report+0xd1/0x640 [ 21.923902] ? __virt_addr_valid+0x1db/0x2d0 [ 21.924616] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.925757] kasan_report+0x102/0x140 [ 21.926404] ? kmalloc_uaf2+0x4aa/0x520 [ 21.926807] ? kmalloc_uaf2+0x4aa/0x520 [ 21.927407] __asan_report_load1_noabort+0x18/0x20 [ 21.927907] kmalloc_uaf2+0x4aa/0x520 [ 21.928436] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 21.928948] ? finish_task_switch.isra.0+0x153/0x700 [ 21.929744] ? __switch_to+0x5d9/0xf60 [ 21.930375] ? __schedule+0xc3e/0x2790 [ 21.930875] ? __pfx_read_tsc+0x10/0x10 [ 21.931500] ? ktime_get_ts64+0x84/0x230 [ 21.931841] kunit_try_run_case+0x1b3/0x490 [ 21.932519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.932975] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.933659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.934032] ? __kthread_parkme+0x82/0x160 [ 21.934702] ? preempt_count_sub+0x50/0x80 [ 21.935183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.935628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.936008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.936760] kthread+0x257/0x310 [ 21.937431] ? __pfx_kthread+0x10/0x10 [ 21.937744] ret_from_fork+0x41/0x80 [ 21.938423] ? __pfx_kthread+0x10/0x10 [ 21.938793] ret_from_fork_asm+0x1a/0x30 [ 21.939485] </TASK> [ 21.939810] [ 21.940038] Allocated by task 196: [ 21.940575] kasan_save_stack+0x3d/0x60 [ 21.941001] kasan_save_track+0x18/0x40 [ 21.941615] kasan_save_alloc_info+0x3b/0x50 [ 21.942057] __kasan_kmalloc+0xb7/0xc0 [ 21.942668] __kmalloc_cache_noprof+0x184/0x410 [ 21.943277] kmalloc_uaf2+0xc7/0x520 [ 21.943911] kunit_try_run_case+0x1b3/0x490 [ 21.944734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.945557] kthread+0x257/0x310 [ 21.945824] ret_from_fork+0x41/0x80 [ 21.946298] ret_from_fork_asm+0x1a/0x30 [ 21.946896] [ 21.947048] Freed by task 196: [ 21.947729] kasan_save_stack+0x3d/0x60 [ 21.948022] kasan_save_track+0x18/0x40 [ 21.948317] kasan_save_free_info+0x3f/0x60 [ 21.949062] __kasan_slab_free+0x56/0x70 [ 21.949817] kfree+0x123/0x3f0 [ 21.950123] kmalloc_uaf2+0x14d/0x520 [ 21.950817] kunit_try_run_case+0x1b3/0x490 [ 21.951778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.952798] kthread+0x257/0x310 [ 21.953122] ret_from_fork+0x41/0x80 [ 21.953470] ret_from_fork_asm+0x1a/0x30 [ 21.953937] [ 21.954081] The buggy address belongs to the object at ffff888102a18e80 [ 21.954081] which belongs to the cache kmalloc-64 of size 64 [ 21.955402] The buggy address is located 40 bytes inside of [ 21.955402] freed 64-byte region [ffff888102a18e80, ffff888102a18ec0) [ 21.956264] [ 21.956698] The buggy address belongs to the physical page: [ 21.957134] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 21.957905] flags: 0x200000000000000(node=0|zone=2) [ 21.958516] page_type: f5(slab) [ 21.959441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.960022] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 21.960810] page dumped because: kasan: bad access detected [ 21.961481] [ 21.961724] Memory state around the buggy address: [ 21.962267] ffff888102a18d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.963504] ffff888102a18e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.964366] >ffff888102a18e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.965120] ^ [ 21.965828] ffff888102a18f00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 21.966569] ffff888102a18f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.967190] ================================================================== [ 21.805767] ================================================================== [ 21.806811] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 21.807455] Read of size 1 at addr ffff88810268b468 by task kunit_try_catch/192 [ 21.808001] [ 21.808191] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.809979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.810223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.810823] Call Trace: [ 21.811150] <TASK> [ 21.811621] dump_stack_lvl+0x73/0xb0 [ 21.812133] print_report+0xd1/0x640 [ 21.812724] ? __virt_addr_valid+0x1db/0x2d0 [ 21.813452] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.813824] kasan_report+0x102/0x140 [ 21.814451] ? kmalloc_uaf+0x322/0x380 [ 21.814951] ? kmalloc_uaf+0x322/0x380 [ 21.815566] __asan_report_load1_noabort+0x18/0x20 [ 21.815899] kmalloc_uaf+0x322/0x380 [ 21.816651] ? __pfx_kmalloc_uaf+0x10/0x10 [ 21.817628] ? __schedule+0xc3e/0x2790 [ 21.818411] ? __pfx_read_tsc+0x10/0x10 [ 21.818711] ? ktime_get_ts64+0x84/0x230 [ 21.819499] kunit_try_run_case+0x1b3/0x490 [ 21.820114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.820865] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.821561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.822009] ? __kthread_parkme+0x82/0x160 [ 21.822656] ? preempt_count_sub+0x50/0x80 [ 21.822982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.823675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.824217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.824832] kthread+0x257/0x310 [ 21.825200] ? __pfx_kthread+0x10/0x10 [ 21.825799] ret_from_fork+0x41/0x80 [ 21.826147] ? __pfx_kthread+0x10/0x10 [ 21.826844] ret_from_fork_asm+0x1a/0x30 [ 21.827503] </TASK> [ 21.827815] [ 21.828069] Allocated by task 192: [ 21.828599] kasan_save_stack+0x3d/0x60 [ 21.829055] kasan_save_track+0x18/0x40 [ 21.829725] kasan_save_alloc_info+0x3b/0x50 [ 21.830040] __kasan_kmalloc+0xb7/0xc0 [ 21.830573] __kmalloc_cache_noprof+0x184/0x410 [ 21.831416] kmalloc_uaf+0xab/0x380 [ 21.831846] kunit_try_run_case+0x1b3/0x490 [ 21.832563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.833378] kthread+0x257/0x310 [ 21.833954] ret_from_fork+0x41/0x80 [ 21.834699] ret_from_fork_asm+0x1a/0x30 [ 21.835202] [ 21.835558] Freed by task 192: [ 21.835785] kasan_save_stack+0x3d/0x60 [ 21.836202] kasan_save_track+0x18/0x40 [ 21.836977] kasan_save_free_info+0x3f/0x60 [ 21.837408] __kasan_slab_free+0x56/0x70 [ 21.837943] kfree+0x123/0x3f0 [ 21.838486] kmalloc_uaf+0x12d/0x380 [ 21.839033] kunit_try_run_case+0x1b3/0x490 [ 21.839361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.840313] kthread+0x257/0x310 [ 21.840931] ret_from_fork+0x41/0x80 [ 21.841831] ret_from_fork_asm+0x1a/0x30 [ 21.842770] [ 21.843043] The buggy address belongs to the object at ffff88810268b460 [ 21.843043] which belongs to the cache kmalloc-16 of size 16 [ 21.844510] The buggy address is located 8 bytes inside of [ 21.844510] freed 16-byte region [ffff88810268b460, ffff88810268b470) [ 21.846054] [ 21.846701] The buggy address belongs to the physical page: [ 21.847526] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10268b [ 21.848517] flags: 0x200000000000000(node=0|zone=2) [ 21.848996] page_type: f5(slab) [ 21.850124] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.850825] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.851399] page dumped because: kasan: bad access detected [ 21.851952] [ 21.852133] Memory state around the buggy address: [ 21.853547] ffff88810268b300: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.854145] ffff88810268b380: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.854992] >ffff88810268b400: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.855960] ^ [ 21.856760] ffff88810268b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.857761] ffff88810268b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.858646] ================================================================== [ 21.398734] ================================================================== [ 21.399746] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 21.400356] Read of size 16 at addr ffff88810268b440 by task kunit_try_catch/176 [ 21.400898] [ 21.401074] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.402150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.402793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.403677] Call Trace: [ 21.403876] <TASK> [ 21.404385] dump_stack_lvl+0x73/0xb0 [ 21.404851] print_report+0xd1/0x640 [ 21.405385] ? __virt_addr_valid+0x1db/0x2d0 [ 21.405964] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.406652] kasan_report+0x102/0x140 [ 21.406932] ? kmalloc_uaf_16+0x47d/0x4c0 [ 21.407581] ? kmalloc_uaf_16+0x47d/0x4c0 [ 21.408126] __asan_report_load16_noabort+0x18/0x20 [ 21.408643] kmalloc_uaf_16+0x47d/0x4c0 [ 21.408944] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 21.409645] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 21.410320] kunit_try_run_case+0x1b3/0x490 [ 21.410983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.411822] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.412434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.413054] ? __kthread_parkme+0x82/0x160 [ 21.413898] ? preempt_count_sub+0x50/0x80 [ 21.414431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.414806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.415455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.415932] kthread+0x257/0x310 [ 21.416381] ? __pfx_kthread+0x10/0x10 [ 21.416737] ret_from_fork+0x41/0x80 [ 21.417241] ? __pfx_kthread+0x10/0x10 [ 21.418405] ret_from_fork_asm+0x1a/0x30 [ 21.418933] </TASK> [ 21.419225] [ 21.419776] Allocated by task 176: [ 21.420628] kasan_save_stack+0x3d/0x60 [ 21.421003] kasan_save_track+0x18/0x40 [ 21.421766] kasan_save_alloc_info+0x3b/0x50 [ 21.422436] __kasan_kmalloc+0xb7/0xc0 [ 21.422855] __kmalloc_cache_noprof+0x184/0x410 [ 21.423540] kmalloc_uaf_16+0x15c/0x4c0 [ 21.423883] kunit_try_run_case+0x1b3/0x490 [ 21.424475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.425157] kthread+0x257/0x310 [ 21.425603] ret_from_fork+0x41/0x80 [ 21.425938] ret_from_fork_asm+0x1a/0x30 [ 21.426676] [ 21.426925] Freed by task 176: [ 21.427620] kasan_save_stack+0x3d/0x60 [ 21.428026] kasan_save_track+0x18/0x40 [ 21.428641] kasan_save_free_info+0x3f/0x60 [ 21.429150] __kasan_slab_free+0x56/0x70 [ 21.429854] kfree+0x123/0x3f0 [ 21.430293] kmalloc_uaf_16+0x1d7/0x4c0 [ 21.430802] kunit_try_run_case+0x1b3/0x490 [ 21.431370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.431941] kthread+0x257/0x310 [ 21.432494] ret_from_fork+0x41/0x80 [ 21.432779] ret_from_fork_asm+0x1a/0x30 [ 21.433452] [ 21.433715] The buggy address belongs to the object at ffff88810268b440 [ 21.433715] which belongs to the cache kmalloc-16 of size 16 [ 21.434829] The buggy address is located 0 bytes inside of [ 21.434829] freed 16-byte region [ffff88810268b440, ffff88810268b450) [ 21.436352] [ 21.436578] The buggy address belongs to the physical page: [ 21.437133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10268b [ 21.438512] flags: 0x200000000000000(node=0|zone=2) [ 21.439218] page_type: f5(slab) [ 21.439473] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.440609] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.441507] page dumped because: kasan: bad access detected [ 21.442115] [ 21.442530] Memory state around the buggy address: [ 21.443112] ffff88810268b300: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.443836] ffff88810268b380: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.444483] >ffff88810268b400: 00 04 fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 21.445105] ^ [ 21.445667] ffff88810268b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.446170] ffff88810268b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.447056] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 21.352095] ================================================================== [ 21.353501] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 21.354225] Write of size 16 at addr ffff888101094f40 by task kunit_try_catch/174 [ 21.354888] [ 21.355060] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.355712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.356271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.357225] Call Trace: [ 21.357838] <TASK> [ 21.358034] dump_stack_lvl+0x73/0xb0 [ 21.358828] print_report+0xd1/0x640 [ 21.359500] ? __virt_addr_valid+0x1db/0x2d0 [ 21.359918] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.360630] kasan_report+0x102/0x140 [ 21.360939] ? kmalloc_oob_16+0x454/0x4a0 [ 21.361580] ? kmalloc_oob_16+0x454/0x4a0 [ 21.361922] __asan_report_store16_noabort+0x1b/0x30 [ 21.362702] kmalloc_oob_16+0x454/0x4a0 [ 21.363060] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 21.363605] ? __schedule+0xc3e/0x2790 [ 21.363998] ? __pfx_read_tsc+0x10/0x10 [ 21.364474] ? ktime_get_ts64+0x84/0x230 [ 21.364860] kunit_try_run_case+0x1b3/0x490 [ 21.365483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.365947] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.366491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.367013] ? __kthread_parkme+0x82/0x160 [ 21.367676] ? preempt_count_sub+0x50/0x80 [ 21.368322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.368840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.369650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.370158] kthread+0x257/0x310 [ 21.370624] ? __pfx_kthread+0x10/0x10 [ 21.371003] ret_from_fork+0x41/0x80 [ 21.371570] ? __pfx_kthread+0x10/0x10 [ 21.372024] ret_from_fork_asm+0x1a/0x30 [ 21.372542] </TASK> [ 21.372845] [ 21.373024] Allocated by task 174: [ 21.373433] kasan_save_stack+0x3d/0x60 [ 21.373925] kasan_save_track+0x18/0x40 [ 21.374500] kasan_save_alloc_info+0x3b/0x50 [ 21.374894] __kasan_kmalloc+0xb7/0xc0 [ 21.375212] __kmalloc_cache_noprof+0x184/0x410 [ 21.375877] kmalloc_oob_16+0xa9/0x4a0 [ 21.376491] kunit_try_run_case+0x1b3/0x490 [ 21.376813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.377549] kthread+0x257/0x310 [ 21.377839] ret_from_fork+0x41/0x80 [ 21.378361] ret_from_fork_asm+0x1a/0x30 [ 21.378644] [ 21.378862] The buggy address belongs to the object at ffff888101094f40 [ 21.378862] which belongs to the cache kmalloc-16 of size 16 [ 21.380306] The buggy address is located 0 bytes inside of [ 21.380306] allocated 13-byte region [ffff888101094f40, ffff888101094f4d) [ 21.381425] [ 21.381605] The buggy address belongs to the physical page: [ 21.382096] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 21.382785] flags: 0x200000000000000(node=0|zone=2) [ 21.383471] page_type: f5(slab) [ 21.383838] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.384549] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.385509] page dumped because: kasan: bad access detected [ 21.386005] [ 21.386273] Memory state around the buggy address: [ 21.386780] ffff888101094e00: fa fb fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 21.387290] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.388041] >ffff888101094f00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 21.388733] ^ [ 21.389523] ffff888101094f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.390451] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.390937] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 21.286769] ================================================================== [ 21.288834] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 21.290371] Read of size 1 at addr ffff888100a96800 by task kunit_try_catch/172 [ 21.290946] [ 21.291281] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.292752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.293691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.295039] Call Trace: [ 21.295233] <TASK> [ 21.295394] dump_stack_lvl+0x73/0xb0 [ 21.295905] print_report+0xd1/0x640 [ 21.296816] ? __virt_addr_valid+0x1db/0x2d0 [ 21.297470] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.298064] kasan_report+0x102/0x140 [ 21.298734] ? krealloc_uaf+0x53e/0x5e0 [ 21.299298] ? krealloc_uaf+0x53e/0x5e0 [ 21.299899] __asan_report_load1_noabort+0x18/0x20 [ 21.300619] krealloc_uaf+0x53e/0x5e0 [ 21.300920] ? __pfx_krealloc_uaf+0x10/0x10 [ 21.301494] ? ktime_get_ts64+0xf6/0x230 [ 21.302140] ? ktime_get_ts64+0x84/0x230 [ 21.302602] kunit_try_run_case+0x1b3/0x490 [ 21.303166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.303809] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.304295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.304763] ? __kthread_parkme+0x82/0x160 [ 21.305324] ? preempt_count_sub+0x50/0x80 [ 21.305805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.306383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.307096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.308578] kthread+0x257/0x310 [ 21.309024] ? __pfx_kthread+0x10/0x10 [ 21.309450] ret_from_fork+0x41/0x80 [ 21.310048] ? __pfx_kthread+0x10/0x10 [ 21.310802] ret_from_fork_asm+0x1a/0x30 [ 21.311841] </TASK> [ 21.312161] [ 21.312377] Allocated by task 172: [ 21.312829] kasan_save_stack+0x3d/0x60 [ 21.313361] kasan_save_track+0x18/0x40 [ 21.314521] kasan_save_alloc_info+0x3b/0x50 [ 21.314782] __kasan_kmalloc+0xb7/0xc0 [ 21.315063] __kmalloc_cache_noprof+0x184/0x410 [ 21.316435] krealloc_uaf+0xbc/0x5e0 [ 21.316885] kunit_try_run_case+0x1b3/0x490 [ 21.317319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.318169] kthread+0x257/0x310 [ 21.318803] ret_from_fork+0x41/0x80 [ 21.319522] ret_from_fork_asm+0x1a/0x30 [ 21.319990] [ 21.320396] Freed by task 172: [ 21.320873] kasan_save_stack+0x3d/0x60 [ 21.321716] kasan_save_track+0x18/0x40 [ 21.322410] kasan_save_free_info+0x3f/0x60 [ 21.322991] __kasan_slab_free+0x56/0x70 [ 21.323698] kfree+0x123/0x3f0 [ 21.324155] krealloc_uaf+0x13e/0x5e0 [ 21.324790] kunit_try_run_case+0x1b3/0x490 [ 21.325066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.326050] kthread+0x257/0x310 [ 21.326838] ret_from_fork+0x41/0x80 [ 21.327538] ret_from_fork_asm+0x1a/0x30 [ 21.327984] [ 21.328229] The buggy address belongs to the object at ffff888100a96800 [ 21.328229] which belongs to the cache kmalloc-256 of size 256 [ 21.330287] The buggy address is located 0 bytes inside of [ 21.330287] freed 256-byte region [ffff888100a96800, ffff888100a96900) [ 21.331649] [ 21.331932] The buggy address belongs to the physical page: [ 21.332548] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 21.333455] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.334101] flags: 0x200000000000040(head|node=0|zone=2) [ 21.334624] page_type: f5(slab) [ 21.335023] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.336241] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.337076] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.337970] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.338745] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 21.339698] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 21.340416] page dumped because: kasan: bad access detected [ 21.340873] [ 21.341713] Memory state around the buggy address: [ 21.342095] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.342761] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.343514] >ffff888100a96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.343972] ^ [ 21.344361] ffff888100a96880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.344805] ffff888100a96900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.345667] ================================================================== [ 21.229966] ================================================================== [ 21.231170] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 21.232268] Read of size 1 at addr ffff888100a96800 by task kunit_try_catch/172 [ 21.232975] [ 21.233272] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.234597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.234931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.235830] Call Trace: [ 21.236149] <TASK> [ 21.236654] dump_stack_lvl+0x73/0xb0 [ 21.236974] print_report+0xd1/0x640 [ 21.237658] ? __virt_addr_valid+0x1db/0x2d0 [ 21.238133] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.238625] kasan_report+0x102/0x140 [ 21.239081] ? krealloc_uaf+0x1b9/0x5e0 [ 21.239537] ? krealloc_uaf+0x1b9/0x5e0 [ 21.240039] ? krealloc_uaf+0x1b9/0x5e0 [ 21.240649] __kasan_check_byte+0x3d/0x50 [ 21.241015] krealloc_noprof+0x3f/0x340 [ 21.241660] krealloc_uaf+0x1b9/0x5e0 [ 21.242080] ? __pfx_krealloc_uaf+0x10/0x10 [ 21.242741] ? ktime_get_ts64+0xf6/0x230 [ 21.243122] ? ktime_get_ts64+0x84/0x230 [ 21.243768] kunit_try_run_case+0x1b3/0x490 [ 21.244475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.244934] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.245439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.246050] ? __kthread_parkme+0x82/0x160 [ 21.246535] ? preempt_count_sub+0x50/0x80 [ 21.246862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.247325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.248771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.249583] kthread+0x257/0x310 [ 21.250040] ? __pfx_kthread+0x10/0x10 [ 21.250719] ret_from_fork+0x41/0x80 [ 21.251158] ? __pfx_kthread+0x10/0x10 [ 21.251978] ret_from_fork_asm+0x1a/0x30 [ 21.252700] </TASK> [ 21.252930] [ 21.253436] Allocated by task 172: [ 21.253742] kasan_save_stack+0x3d/0x60 [ 21.254424] kasan_save_track+0x18/0x40 [ 21.254948] kasan_save_alloc_info+0x3b/0x50 [ 21.255468] __kasan_kmalloc+0xb7/0xc0 [ 21.255858] __kmalloc_cache_noprof+0x184/0x410 [ 21.256263] krealloc_uaf+0xbc/0x5e0 [ 21.257144] kunit_try_run_case+0x1b3/0x490 [ 21.257869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.258781] kthread+0x257/0x310 [ 21.259048] ret_from_fork+0x41/0x80 [ 21.259603] ret_from_fork_asm+0x1a/0x30 [ 21.259917] [ 21.260149] Freed by task 172: [ 21.260604] kasan_save_stack+0x3d/0x60 [ 21.261073] kasan_save_track+0x18/0x40 [ 21.261689] kasan_save_free_info+0x3f/0x60 [ 21.261983] __kasan_slab_free+0x56/0x70 [ 21.262259] kfree+0x123/0x3f0 [ 21.262729] krealloc_uaf+0x13e/0x5e0 [ 21.263606] kunit_try_run_case+0x1b3/0x490 [ 21.264138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.264625] kthread+0x257/0x310 [ 21.264869] ret_from_fork+0x41/0x80 [ 21.265834] ret_from_fork_asm+0x1a/0x30 [ 21.266415] [ 21.266909] The buggy address belongs to the object at ffff888100a96800 [ 21.266909] which belongs to the cache kmalloc-256 of size 256 [ 21.269018] The buggy address is located 0 bytes inside of [ 21.269018] freed 256-byte region [ffff888100a96800, ffff888100a96900) [ 21.269894] [ 21.270148] The buggy address belongs to the physical page: [ 21.270733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 21.271479] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.271912] flags: 0x200000000000040(head|node=0|zone=2) [ 21.272576] page_type: f5(slab) [ 21.272984] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.275044] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.275865] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.276723] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 21.277618] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 21.278569] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 21.279577] page dumped because: kasan: bad access detected [ 21.280086] [ 21.280284] Memory state around the buggy address: [ 21.280760] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.281221] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.281851] >ffff888100a96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.282635] ^ [ 21.283058] ffff888100a96880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.283517] ffff888100a96900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.284477] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 20.836535] ================================================================== [ 20.838323] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 20.839706] Write of size 1 at addr ffff888100a966eb by task kunit_try_catch/166 [ 20.840977] [ 20.841283] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.842835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.843109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.844319] Call Trace: [ 20.844553] <TASK> [ 20.844751] dump_stack_lvl+0x73/0xb0 [ 20.845512] print_report+0xd1/0x640 [ 20.845815] ? __virt_addr_valid+0x1db/0x2d0 [ 20.846434] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.847289] kasan_report+0x102/0x140 [ 20.847585] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 20.847905] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 20.848274] __asan_report_store1_noabort+0x1b/0x30 [ 20.848664] krealloc_less_oob_helper+0xd49/0x11d0 [ 20.849115] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.849801] ? finish_task_switch.isra.0+0x153/0x700 [ 20.850727] ? __switch_to+0x5d9/0xf60 [ 20.851384] ? __schedule+0xc3e/0x2790 [ 20.852150] ? __pfx_read_tsc+0x10/0x10 [ 20.853204] krealloc_less_oob+0x1c/0x30 [ 20.854007] kunit_try_run_case+0x1b3/0x490 [ 20.854875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.855808] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.856922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.858443] ? __kthread_parkme+0x82/0x160 [ 20.858963] ? preempt_count_sub+0x50/0x80 [ 20.859866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.860679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.861875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.862759] kthread+0x257/0x310 [ 20.863305] ? __pfx_kthread+0x10/0x10 [ 20.863756] ret_from_fork+0x41/0x80 [ 20.864330] ? __pfx_kthread+0x10/0x10 [ 20.864913] ret_from_fork_asm+0x1a/0x30 [ 20.865284] </TASK> [ 20.865619] [ 20.865805] Allocated by task 166: [ 20.866206] kasan_save_stack+0x3d/0x60 [ 20.866686] kasan_save_track+0x18/0x40 [ 20.867143] kasan_save_alloc_info+0x3b/0x50 [ 20.868434] __kasan_krealloc+0x190/0x1f0 [ 20.868877] krealloc_noprof+0xf3/0x340 [ 20.869398] krealloc_less_oob_helper+0x1ab/0x11d0 [ 20.869895] krealloc_less_oob+0x1c/0x30 [ 20.870466] kunit_try_run_case+0x1b3/0x490 [ 20.870865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.871563] kthread+0x257/0x310 [ 20.871966] ret_from_fork+0x41/0x80 [ 20.872985] ret_from_fork_asm+0x1a/0x30 [ 20.873387] [ 20.873585] The buggy address belongs to the object at ffff888100a96600 [ 20.873585] which belongs to the cache kmalloc-256 of size 256 [ 20.874536] The buggy address is located 34 bytes to the right of [ 20.874536] allocated 201-byte region [ffff888100a96600, ffff888100a966c9) [ 20.875874] [ 20.876140] The buggy address belongs to the physical page: [ 20.876677] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 20.877545] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.878491] flags: 0x200000000000040(head|node=0|zone=2) [ 20.878930] page_type: f5(slab) [ 20.880023] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.880641] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.881550] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.882333] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.883029] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 20.883787] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.885372] page dumped because: kasan: bad access detected [ 20.885808] [ 20.885979] Memory state around the buggy address: [ 20.886501] ffff888100a96580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.886973] ffff888100a96600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.887860] >ffff888100a96680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.888706] ^ [ 20.889522] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.890383] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.890892] ================================================================== [ 20.723396] ================================================================== [ 20.723901] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 20.725126] Write of size 1 at addr ffff888100a966da by task kunit_try_catch/166 [ 20.725847] [ 20.726127] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.726901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.728212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.730136] Call Trace: [ 20.730323] <TASK> [ 20.731166] dump_stack_lvl+0x73/0xb0 [ 20.731902] print_report+0xd1/0x640 [ 20.732718] ? __virt_addr_valid+0x1db/0x2d0 [ 20.733308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.734050] kasan_report+0x102/0x140 [ 20.734666] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 20.735425] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 20.736032] __asan_report_store1_noabort+0x1b/0x30 [ 20.736933] krealloc_less_oob_helper+0xec8/0x11d0 [ 20.737665] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.738446] ? finish_task_switch.isra.0+0x153/0x700 [ 20.738929] ? __switch_to+0x5d9/0xf60 [ 20.740211] ? __schedule+0xc3e/0x2790 [ 20.741021] ? __pfx_read_tsc+0x10/0x10 [ 20.741521] krealloc_less_oob+0x1c/0x30 [ 20.741913] kunit_try_run_case+0x1b3/0x490 [ 20.742607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.742943] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.743564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.744000] ? __kthread_parkme+0x82/0x160 [ 20.744405] ? preempt_count_sub+0x50/0x80 [ 20.745797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.746486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.746903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.748213] kthread+0x257/0x310 [ 20.748508] ? __pfx_kthread+0x10/0x10 [ 20.748874] ret_from_fork+0x41/0x80 [ 20.749202] ? __pfx_kthread+0x10/0x10 [ 20.749804] ret_from_fork_asm+0x1a/0x30 [ 20.750688] </TASK> [ 20.751000] [ 20.751435] Allocated by task 166: [ 20.752434] kasan_save_stack+0x3d/0x60 [ 20.752688] kasan_save_track+0x18/0x40 [ 20.753175] kasan_save_alloc_info+0x3b/0x50 [ 20.753589] __kasan_krealloc+0x190/0x1f0 [ 20.753926] krealloc_noprof+0xf3/0x340 [ 20.754274] krealloc_less_oob_helper+0x1ab/0x11d0 [ 20.755374] krealloc_less_oob+0x1c/0x30 [ 20.755898] kunit_try_run_case+0x1b3/0x490 [ 20.756682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.757100] kthread+0x257/0x310 [ 20.757682] ret_from_fork+0x41/0x80 [ 20.758132] ret_from_fork_asm+0x1a/0x30 [ 20.758876] [ 20.759032] The buggy address belongs to the object at ffff888100a96600 [ 20.759032] which belongs to the cache kmalloc-256 of size 256 [ 20.760635] The buggy address is located 17 bytes to the right of [ 20.760635] allocated 201-byte region [ffff888100a96600, ffff888100a966c9) [ 20.761938] [ 20.762145] The buggy address belongs to the physical page: [ 20.762939] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 20.763578] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.764390] flags: 0x200000000000040(head|node=0|zone=2) [ 20.765493] page_type: f5(slab) [ 20.765775] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.766545] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.767736] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.768314] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.768979] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 20.769730] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.771153] page dumped because: kasan: bad access detected [ 20.771700] [ 20.771885] Memory state around the buggy address: [ 20.772925] ffff888100a96580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.773829] ffff888100a96600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.774740] >ffff888100a96680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.775595] ^ [ 20.775984] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.777144] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.777886] ================================================================== [ 20.672311] ================================================================== [ 20.672950] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 20.674624] Write of size 1 at addr ffff888100a966d0 by task kunit_try_catch/166 [ 20.675209] [ 20.675534] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.676323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.676792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.677794] Call Trace: [ 20.678031] <TASK> [ 20.678410] dump_stack_lvl+0x73/0xb0 [ 20.678705] print_report+0xd1/0x640 [ 20.679043] ? __virt_addr_valid+0x1db/0x2d0 [ 20.679999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.680654] kasan_report+0x102/0x140 [ 20.681027] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 20.681759] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 20.682368] __asan_report_store1_noabort+0x1b/0x30 [ 20.682726] krealloc_less_oob_helper+0xe25/0x11d0 [ 20.683414] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.683804] ? finish_task_switch.isra.0+0x153/0x700 [ 20.684321] ? __switch_to+0x5d9/0xf60 [ 20.684689] ? __schedule+0xc3e/0x2790 [ 20.685094] ? __pfx_read_tsc+0x10/0x10 [ 20.685464] krealloc_less_oob+0x1c/0x30 [ 20.685918] kunit_try_run_case+0x1b3/0x490 [ 20.686929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.687692] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.688111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.688693] ? __kthread_parkme+0x82/0x160 [ 20.689316] ? preempt_count_sub+0x50/0x80 [ 20.689821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.690419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.691046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.692032] kthread+0x257/0x310 [ 20.692311] ? __pfx_kthread+0x10/0x10 [ 20.692832] ret_from_fork+0x41/0x80 [ 20.693296] ? __pfx_kthread+0x10/0x10 [ 20.693708] ret_from_fork_asm+0x1a/0x30 [ 20.694050] </TASK> [ 20.694462] [ 20.694693] Allocated by task 166: [ 20.694923] kasan_save_stack+0x3d/0x60 [ 20.695573] kasan_save_track+0x18/0x40 [ 20.696026] kasan_save_alloc_info+0x3b/0x50 [ 20.696514] __kasan_krealloc+0x190/0x1f0 [ 20.697004] krealloc_noprof+0xf3/0x340 [ 20.697582] krealloc_less_oob_helper+0x1ab/0x11d0 [ 20.698031] krealloc_less_oob+0x1c/0x30 [ 20.698917] kunit_try_run_case+0x1b3/0x490 [ 20.699615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.700039] kthread+0x257/0x310 [ 20.700595] ret_from_fork+0x41/0x80 [ 20.701024] ret_from_fork_asm+0x1a/0x30 [ 20.701416] [ 20.701677] The buggy address belongs to the object at ffff888100a96600 [ 20.701677] which belongs to the cache kmalloc-256 of size 256 [ 20.702661] The buggy address is located 7 bytes to the right of [ 20.702661] allocated 201-byte region [ffff888100a96600, ffff888100a966c9) [ 20.703929] [ 20.704797] The buggy address belongs to the physical page: [ 20.705812] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 20.706780] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.707386] flags: 0x200000000000040(head|node=0|zone=2) [ 20.707959] page_type: f5(slab) [ 20.708783] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.709564] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.710322] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.711496] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.712141] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 20.712759] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.713628] page dumped because: kasan: bad access detected [ 20.714410] [ 20.714663] Memory state around the buggy address: [ 20.715635] ffff888100a96580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.716414] ffff888100a96600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.716975] >ffff888100a96680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.718496] ^ [ 20.719000] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.719958] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.721000] ================================================================== [ 20.625922] ================================================================== [ 20.626840] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 20.627363] Write of size 1 at addr ffff888100a966c9 by task kunit_try_catch/166 [ 20.628045] [ 20.628288] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.630064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.630372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.631459] Call Trace: [ 20.631865] <TASK> [ 20.632174] dump_stack_lvl+0x73/0xb0 [ 20.632513] print_report+0xd1/0x640 [ 20.633305] ? __virt_addr_valid+0x1db/0x2d0 [ 20.633789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.634356] kasan_report+0x102/0x140 [ 20.634753] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 20.635433] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 20.635805] __asan_report_store1_noabort+0x1b/0x30 [ 20.636131] krealloc_less_oob_helper+0xd72/0x11d0 [ 20.636723] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.637429] ? finish_task_switch.isra.0+0x153/0x700 [ 20.637816] ? __switch_to+0x5d9/0xf60 [ 20.638140] ? __schedule+0xc3e/0x2790 [ 20.638578] ? __pfx_read_tsc+0x10/0x10 [ 20.639041] krealloc_less_oob+0x1c/0x30 [ 20.640210] kunit_try_run_case+0x1b3/0x490 [ 20.640664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.640996] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.641606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.642134] ? __kthread_parkme+0x82/0x160 [ 20.642803] ? preempt_count_sub+0x50/0x80 [ 20.643374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.643897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.644741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.645442] kthread+0x257/0x310 [ 20.645901] ? __pfx_kthread+0x10/0x10 [ 20.646363] ret_from_fork+0x41/0x80 [ 20.646721] ? __pfx_kthread+0x10/0x10 [ 20.647044] ret_from_fork_asm+0x1a/0x30 [ 20.647787] </TASK> [ 20.648035] [ 20.648399] Allocated by task 166: [ 20.648815] kasan_save_stack+0x3d/0x60 [ 20.649151] kasan_save_track+0x18/0x40 [ 20.649767] kasan_save_alloc_info+0x3b/0x50 [ 20.650433] __kasan_krealloc+0x190/0x1f0 [ 20.650805] krealloc_noprof+0xf3/0x340 [ 20.651382] krealloc_less_oob_helper+0x1ab/0x11d0 [ 20.651813] krealloc_less_oob+0x1c/0x30 [ 20.652087] kunit_try_run_case+0x1b3/0x490 [ 20.652828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.653476] kthread+0x257/0x310 [ 20.653747] ret_from_fork+0x41/0x80 [ 20.654063] ret_from_fork_asm+0x1a/0x30 [ 20.654538] [ 20.654795] The buggy address belongs to the object at ffff888100a96600 [ 20.654795] which belongs to the cache kmalloc-256 of size 256 [ 20.655834] The buggy address is located 0 bytes to the right of [ 20.655834] allocated 201-byte region [ffff888100a96600, ffff888100a966c9) [ 20.657017] [ 20.657386] The buggy address belongs to the physical page: [ 20.657775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 20.658651] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.659682] flags: 0x200000000000040(head|node=0|zone=2) [ 20.660144] page_type: f5(slab) [ 20.660572] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.661455] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.662081] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.662712] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.663569] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 20.664401] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.664973] page dumped because: kasan: bad access detected [ 20.665599] [ 20.665827] Memory state around the buggy address: [ 20.666315] ffff888100a96580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.666995] ffff888100a96600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.667697] >ffff888100a96680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.668442] ^ [ 20.669027] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.669714] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.670648] ================================================================== [ 21.085883] ================================================================== [ 21.086504] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 21.087133] Write of size 1 at addr ffff88810236e0da by task kunit_try_catch/170 [ 21.087825] [ 21.088106] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.090437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.091436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.092219] Call Trace: [ 21.092550] <TASK> [ 21.092874] dump_stack_lvl+0x73/0xb0 [ 21.093280] print_report+0xd1/0x640 [ 21.093920] ? __virt_addr_valid+0x1db/0x2d0 [ 21.094986] ? kasan_addr_to_slab+0x11/0xa0 [ 21.095811] kasan_report+0x102/0x140 [ 21.096832] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 21.097573] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 21.098127] __asan_report_store1_noabort+0x1b/0x30 [ 21.099230] krealloc_less_oob_helper+0xec8/0x11d0 [ 21.100109] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.100742] ? finish_task_switch.isra.0+0x153/0x700 [ 21.101038] ? __switch_to+0x5d9/0xf60 [ 21.102001] ? __schedule+0xc3e/0x2790 [ 21.102584] ? __pfx_read_tsc+0x10/0x10 [ 21.103120] krealloc_large_less_oob+0x1c/0x30 [ 21.103678] kunit_try_run_case+0x1b3/0x490 [ 21.104139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.104802] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.105826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.106369] ? __kthread_parkme+0x82/0x160 [ 21.106682] ? preempt_count_sub+0x50/0x80 [ 21.107173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.108079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.108682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.109115] kthread+0x257/0x310 [ 21.110109] ? __pfx_kthread+0x10/0x10 [ 21.111154] ret_from_fork+0x41/0x80 [ 21.112449] ? __pfx_kthread+0x10/0x10 [ 21.112730] ret_from_fork_asm+0x1a/0x30 [ 21.113239] </TASK> [ 21.113602] [ 21.113797] The buggy address belongs to the physical page: [ 21.115175] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10236c [ 21.116395] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.116766] flags: 0x200000000000040(head|node=0|zone=2) [ 21.117020] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.117829] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.118662] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.120115] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.121649] head: 0200000000000002 ffffea000408db01 ffffffffffffffff 0000000000000000 [ 21.122542] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.123176] page dumped because: kasan: bad access detected [ 21.123866] [ 21.123997] Memory state around the buggy address: [ 21.124480] ffff88810236df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.126104] ffff88810236e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.127165] >ffff88810236e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.128001] ^ [ 21.128833] ffff88810236e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.130107] ffff88810236e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.131715] ================================================================== [ 20.998030] ================================================================== [ 20.999466] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 21.000390] Write of size 1 at addr ffff88810236e0c9 by task kunit_try_catch/170 [ 21.001724] [ 21.001995] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.002760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.003202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.004038] Call Trace: [ 21.004452] <TASK> [ 21.005010] dump_stack_lvl+0x73/0xb0 [ 21.005805] print_report+0xd1/0x640 [ 21.006397] ? __virt_addr_valid+0x1db/0x2d0 [ 21.007279] ? kasan_addr_to_slab+0x11/0xa0 [ 21.007817] kasan_report+0x102/0x140 [ 21.008398] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 21.009066] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 21.010104] __asan_report_store1_noabort+0x1b/0x30 [ 21.011017] krealloc_less_oob_helper+0xd72/0x11d0 [ 21.011422] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.012061] ? finish_task_switch.isra.0+0x153/0x700 [ 21.012957] ? __switch_to+0x5d9/0xf60 [ 21.014174] ? __schedule+0xc3e/0x2790 [ 21.014629] ? __pfx_read_tsc+0x10/0x10 [ 21.015379] krealloc_large_less_oob+0x1c/0x30 [ 21.016005] kunit_try_run_case+0x1b3/0x490 [ 21.017064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.017785] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.018553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.019088] ? __kthread_parkme+0x82/0x160 [ 21.019722] ? preempt_count_sub+0x50/0x80 [ 21.020232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.020926] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.021990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.022731] kthread+0x257/0x310 [ 21.023266] ? __pfx_kthread+0x10/0x10 [ 21.023592] ret_from_fork+0x41/0x80 [ 21.024080] ? __pfx_kthread+0x10/0x10 [ 21.024665] ret_from_fork_asm+0x1a/0x30 [ 21.025036] </TASK> [ 21.025467] [ 21.026056] The buggy address belongs to the physical page: [ 21.027174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10236c [ 21.027942] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.028776] flags: 0x200000000000040(head|node=0|zone=2) [ 21.029571] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.030144] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.031457] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.032127] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.033619] head: 0200000000000002 ffffea000408db01 ffffffffffffffff 0000000000000000 [ 21.034331] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.035359] page dumped because: kasan: bad access detected [ 21.035978] [ 21.036597] Memory state around the buggy address: [ 21.037122] ffff88810236df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.037839] ffff88810236e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.038774] >ffff88810236e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.039880] ^ [ 21.040666] ffff88810236e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.041953] ffff88810236e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.042864] ================================================================== [ 21.176954] ================================================================== [ 21.178010] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 21.179530] Write of size 1 at addr ffff88810236e0eb by task kunit_try_catch/170 [ 21.180594] [ 21.180955] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.182283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.183395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.184707] Call Trace: [ 21.184996] <TASK> [ 21.185264] dump_stack_lvl+0x73/0xb0 [ 21.185697] print_report+0xd1/0x640 [ 21.186250] ? __virt_addr_valid+0x1db/0x2d0 [ 21.186635] ? kasan_addr_to_slab+0x11/0xa0 [ 21.186916] kasan_report+0x102/0x140 [ 21.187453] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 21.188496] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 21.189616] __asan_report_store1_noabort+0x1b/0x30 [ 21.190614] krealloc_less_oob_helper+0xd49/0x11d0 [ 21.191106] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.191946] ? finish_task_switch.isra.0+0x153/0x700 [ 21.193024] ? __switch_to+0x5d9/0xf60 [ 21.193902] ? __schedule+0xc3e/0x2790 [ 21.194509] ? __pfx_read_tsc+0x10/0x10 [ 21.195079] krealloc_large_less_oob+0x1c/0x30 [ 21.196100] kunit_try_run_case+0x1b3/0x490 [ 21.196727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.197123] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.197555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.197960] ? __kthread_parkme+0x82/0x160 [ 21.198624] ? preempt_count_sub+0x50/0x80 [ 21.199680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.200633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.201479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.202228] kthread+0x257/0x310 [ 21.202498] ? __pfx_kthread+0x10/0x10 [ 21.203001] ret_from_fork+0x41/0x80 [ 21.204074] ? __pfx_kthread+0x10/0x10 [ 21.205076] ret_from_fork_asm+0x1a/0x30 [ 21.205379] </TASK> [ 21.205970] [ 21.206502] The buggy address belongs to the physical page: [ 21.207160] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10236c [ 21.207979] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.208975] flags: 0x200000000000040(head|node=0|zone=2) [ 21.210251] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.211120] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.211947] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.213005] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.213801] head: 0200000000000002 ffffea000408db01 ffffffffffffffff 0000000000000000 [ 21.214567] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.215317] page dumped because: kasan: bad access detected [ 21.216245] [ 21.216896] Memory state around the buggy address: [ 21.217517] ffff88810236df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.218658] ffff88810236e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.219552] >ffff88810236e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.221069] ^ [ 21.222148] ffff88810236e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.222720] ffff88810236e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.223453] ================================================================== [ 21.043800] ================================================================== [ 21.044383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 21.044815] Write of size 1 at addr ffff88810236e0d0 by task kunit_try_catch/170 [ 21.045404] [ 21.045688] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.046939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.047479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.048262] Call Trace: [ 21.048763] <TASK> [ 21.048965] dump_stack_lvl+0x73/0xb0 [ 21.049324] print_report+0xd1/0x640 [ 21.051642] ? __virt_addr_valid+0x1db/0x2d0 [ 21.052866] ? kasan_addr_to_slab+0x11/0xa0 [ 21.053567] kasan_report+0x102/0x140 [ 21.054372] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 21.054945] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 21.055797] __asan_report_store1_noabort+0x1b/0x30 [ 21.056397] krealloc_less_oob_helper+0xe25/0x11d0 [ 21.057029] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.057587] ? finish_task_switch.isra.0+0x153/0x700 [ 21.057998] ? __switch_to+0x5d9/0xf60 [ 21.058485] ? __schedule+0xc3e/0x2790 [ 21.058949] ? __pfx_read_tsc+0x10/0x10 [ 21.059629] krealloc_large_less_oob+0x1c/0x30 [ 21.060280] kunit_try_run_case+0x1b3/0x490 [ 21.060759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.061736] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.062173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.062786] ? __kthread_parkme+0x82/0x160 [ 21.063147] ? preempt_count_sub+0x50/0x80 [ 21.064498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.064936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.065435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.066444] kthread+0x257/0x310 [ 21.066798] ? __pfx_kthread+0x10/0x10 [ 21.067161] ret_from_fork+0x41/0x80 [ 21.067511] ? __pfx_kthread+0x10/0x10 [ 21.067911] ret_from_fork_asm+0x1a/0x30 [ 21.068403] </TASK> [ 21.069210] [ 21.069603] The buggy address belongs to the physical page: [ 21.070556] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10236c [ 21.071380] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.072134] flags: 0x200000000000040(head|node=0|zone=2) [ 21.072732] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.073936] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.074777] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.075501] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.076161] head: 0200000000000002 ffffea000408db01 ffffffffffffffff 0000000000000000 [ 21.077065] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.077940] page dumped because: kasan: bad access detected [ 21.078920] [ 21.079068] Memory state around the buggy address: [ 21.079659] ffff88810236df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.080684] ffff88810236e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.081488] >ffff88810236e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.082061] ^ [ 21.082849] ffff88810236e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.084108] ffff88810236e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.084797] ================================================================== [ 20.779031] ================================================================== [ 20.780684] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 20.782062] Write of size 1 at addr ffff888100a966ea by task kunit_try_catch/166 [ 20.783227] [ 20.783777] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.784860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.785111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.785892] Call Trace: [ 20.786259] <TASK> [ 20.786730] dump_stack_lvl+0x73/0xb0 [ 20.787028] print_report+0xd1/0x640 [ 20.787836] ? __virt_addr_valid+0x1db/0x2d0 [ 20.788638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.789478] kasan_report+0x102/0x140 [ 20.789994] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 20.790986] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 20.791646] __asan_report_store1_noabort+0x1b/0x30 [ 20.792273] krealloc_less_oob_helper+0xe92/0x11d0 [ 20.792811] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.793493] ? finish_task_switch.isra.0+0x153/0x700 [ 20.794172] ? __switch_to+0x5d9/0xf60 [ 20.794700] ? __schedule+0xc3e/0x2790 [ 20.795265] ? __pfx_read_tsc+0x10/0x10 [ 20.796159] krealloc_less_oob+0x1c/0x30 [ 20.796773] kunit_try_run_case+0x1b3/0x490 [ 20.797603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.798069] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.798790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.799233] ? __kthread_parkme+0x82/0x160 [ 20.800016] ? preempt_count_sub+0x50/0x80 [ 20.801439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.801859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.802940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.803460] kthread+0x257/0x310 [ 20.803922] ? __pfx_kthread+0x10/0x10 [ 20.804518] ret_from_fork+0x41/0x80 [ 20.805333] ? __pfx_kthread+0x10/0x10 [ 20.805641] ret_from_fork_asm+0x1a/0x30 [ 20.805938] </TASK> [ 20.806295] [ 20.806692] Allocated by task 166: [ 20.807243] kasan_save_stack+0x3d/0x60 [ 20.807873] kasan_save_track+0x18/0x40 [ 20.808535] kasan_save_alloc_info+0x3b/0x50 [ 20.809266] __kasan_krealloc+0x190/0x1f0 [ 20.810000] krealloc_noprof+0xf3/0x340 [ 20.810318] krealloc_less_oob_helper+0x1ab/0x11d0 [ 20.810886] krealloc_less_oob+0x1c/0x30 [ 20.811185] kunit_try_run_case+0x1b3/0x490 [ 20.812163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.812815] kthread+0x257/0x310 [ 20.813507] ret_from_fork+0x41/0x80 [ 20.814095] ret_from_fork_asm+0x1a/0x30 [ 20.814407] [ 20.814664] The buggy address belongs to the object at ffff888100a96600 [ 20.814664] which belongs to the cache kmalloc-256 of size 256 [ 20.815823] The buggy address is located 33 bytes to the right of [ 20.815823] allocated 201-byte region [ffff888100a96600, ffff888100a966c9) [ 20.817872] [ 20.818088] The buggy address belongs to the physical page: [ 20.818636] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 20.819619] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.821118] flags: 0x200000000000040(head|node=0|zone=2) [ 20.822131] page_type: f5(slab) [ 20.822749] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.823712] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.824130] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.825614] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.826585] head: 0200000000000001 ffffea000402a581 ffffffffffffffff 0000000000000000 [ 20.827634] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 20.828200] page dumped because: kasan: bad access detected [ 20.829128] [ 20.829446] Memory state around the buggy address: [ 20.829744] ffff888100a96580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.831224] ffff888100a96600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.832479] >ffff888100a96680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.833236] ^ [ 20.834280] ffff888100a96700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.835485] ffff888100a96780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.835769] ================================================================== [ 21.132710] ================================================================== [ 21.133107] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 21.135147] Write of size 1 at addr ffff88810236e0ea by task kunit_try_catch/170 [ 21.135834] [ 21.136052] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 21.137983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.138585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.139458] Call Trace: [ 21.140309] <TASK> [ 21.140555] dump_stack_lvl+0x73/0xb0 [ 21.141140] print_report+0xd1/0x640 [ 21.141675] ? __virt_addr_valid+0x1db/0x2d0 [ 21.142124] ? kasan_addr_to_slab+0x11/0xa0 [ 21.142677] kasan_report+0x102/0x140 [ 21.143401] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 21.143899] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 21.144417] __asan_report_store1_noabort+0x1b/0x30 [ 21.145734] krealloc_less_oob_helper+0xe92/0x11d0 [ 21.146497] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.147017] ? finish_task_switch.isra.0+0x153/0x700 [ 21.147620] ? __switch_to+0x5d9/0xf60 [ 21.147942] ? __schedule+0xc3e/0x2790 [ 21.148649] ? __pfx_read_tsc+0x10/0x10 [ 21.149045] krealloc_large_less_oob+0x1c/0x30 [ 21.149845] kunit_try_run_case+0x1b3/0x490 [ 21.150493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.151067] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.152147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.152837] ? __kthread_parkme+0x82/0x160 [ 21.153478] ? preempt_count_sub+0x50/0x80 [ 21.153935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.154638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.155386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.155918] kthread+0x257/0x310 [ 21.156359] ? __pfx_kthread+0x10/0x10 [ 21.157017] ret_from_fork+0x41/0x80 [ 21.157871] ? __pfx_kthread+0x10/0x10 [ 21.158244] ret_from_fork_asm+0x1a/0x30 [ 21.158842] </TASK> [ 21.159596] [ 21.159925] The buggy address belongs to the physical page: [ 21.160627] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10236c [ 21.161765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.162508] flags: 0x200000000000040(head|node=0|zone=2) [ 21.163194] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.163968] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.164679] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.165909] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.167554] head: 0200000000000002 ffffea000408db01 ffffffffffffffff 0000000000000000 [ 21.168095] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.169246] page dumped because: kasan: bad access detected [ 21.169805] [ 21.170005] Memory state around the buggy address: [ 21.170999] ffff88810236df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.171625] ffff88810236e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.172469] >ffff88810236e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.173742] ^ [ 21.174625] ffff88810236e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.174899] ffff88810236e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.175440] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 20.482789] ================================================================== [ 20.484103] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 20.484641] Read of size 1 at addr ffff888102d30000 by task kunit_try_catch/162 [ 20.485239] [ 20.485799] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.487539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.487986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.488732] Call Trace: [ 20.489021] <TASK> [ 20.489234] dump_stack_lvl+0x73/0xb0 [ 20.489859] print_report+0xd1/0x640 [ 20.490395] ? __virt_addr_valid+0x1db/0x2d0 [ 20.490793] ? kasan_addr_to_slab+0x11/0xa0 [ 20.491442] kasan_report+0x102/0x140 [ 20.491736] ? page_alloc_uaf+0x358/0x3d0 [ 20.492359] ? page_alloc_uaf+0x358/0x3d0 [ 20.492881] __asan_report_load1_noabort+0x18/0x20 [ 20.493461] page_alloc_uaf+0x358/0x3d0 [ 20.493927] ? __pfx_page_alloc_uaf+0x10/0x10 [ 20.494370] ? __schedule+0xc3e/0x2790 [ 20.494761] ? __pfx_read_tsc+0x10/0x10 [ 20.495250] ? ktime_get_ts64+0x84/0x230 [ 20.495725] kunit_try_run_case+0x1b3/0x490 [ 20.496389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.496907] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.497509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.498080] ? __kthread_parkme+0x82/0x160 [ 20.498638] ? preempt_count_sub+0x50/0x80 [ 20.499002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.499642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.500116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.500843] kthread+0x257/0x310 [ 20.501119] ? __pfx_kthread+0x10/0x10 [ 20.501815] ret_from_fork+0x41/0x80 [ 20.502427] ? __pfx_kthread+0x10/0x10 [ 20.502794] ret_from_fork_asm+0x1a/0x30 [ 20.503408] </TASK> [ 20.503691] [ 20.503924] The buggy address belongs to the physical page: [ 20.504532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d30 [ 20.505441] flags: 0x200000000000000(node=0|zone=2) [ 20.505950] page_type: f0(buddy) [ 20.506825] raw: 0200000000000000 ffff88817fffb4a0 ffff88817fffb4a0 0000000000000000 [ 20.507540] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 20.508170] page dumped because: kasan: bad access detected [ 20.508661] [ 20.508850] Memory state around the buggy address: [ 20.509276] ffff888102d2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.509828] ffff888102d2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.510415] >ffff888102d30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.511189] ^ [ 20.511614] ffff888102d30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.512584] ffff888102d30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.513612] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 20.433972] ================================================================== [ 20.435043] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 20.435587] Free of addr ffff888102bb8001 by task kunit_try_catch/158 [ 20.436257] [ 20.436536] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.437780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.438186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.438967] Call Trace: [ 20.439248] <TASK> [ 20.439656] dump_stack_lvl+0x73/0xb0 [ 20.440110] print_report+0xd1/0x640 [ 20.440722] ? __virt_addr_valid+0x1db/0x2d0 [ 20.441147] ? kfree+0x271/0x3f0 [ 20.441617] ? kasan_addr_to_slab+0x11/0xa0 [ 20.442122] ? kfree+0x271/0x3f0 [ 20.442589] kasan_report_invalid_free+0xc0/0xf0 [ 20.443051] ? kfree+0x271/0x3f0 [ 20.443598] ? kfree+0x271/0x3f0 [ 20.443999] __kasan_kfree_large+0x86/0xd0 [ 20.444679] free_large_kmalloc+0x3b/0xd0 [ 20.445005] kfree+0x271/0x3f0 [ 20.446288] kmalloc_large_invalid_free+0x121/0x2b0 [ 20.446846] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 20.447391] ? __schedule+0xc3e/0x2790 [ 20.447794] ? __pfx_read_tsc+0x10/0x10 [ 20.448187] ? ktime_get_ts64+0x84/0x230 [ 20.448791] kunit_try_run_case+0x1b3/0x490 [ 20.449307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.449871] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.450479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.450991] ? __kthread_parkme+0x82/0x160 [ 20.451714] ? preempt_count_sub+0x50/0x80 [ 20.452108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.452797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.453393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.453993] kthread+0x257/0x310 [ 20.454451] ? __pfx_kthread+0x10/0x10 [ 20.454873] ret_from_fork+0x41/0x80 [ 20.455518] ? __pfx_kthread+0x10/0x10 [ 20.455867] ret_from_fork_asm+0x1a/0x30 [ 20.456462] </TASK> [ 20.456742] [ 20.456897] The buggy address belongs to the physical page: [ 20.457682] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 20.458445] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.459307] flags: 0x200000000000040(head|node=0|zone=2) [ 20.459826] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.460435] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.461215] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.461765] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.462666] head: 0200000000000002 ffffea00040aee01 ffffffffffffffff 0000000000000000 [ 20.463448] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.464368] page dumped because: kasan: bad access detected [ 20.464701] [ 20.464943] Memory state around the buggy address: [ 20.465574] ffff888102bb7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466362] ffff888102bb7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466935] >ffff888102bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.467695] ^ [ 20.467994] ffff888102bb8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.468743] ffff888102bb8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.469603] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 20.391620] ================================================================== [ 20.392444] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 20.393439] Read of size 1 at addr ffff888102368000 by task kunit_try_catch/156 [ 20.394102] [ 20.394283] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.396086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.397405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.398405] Call Trace: [ 20.398743] <TASK> [ 20.399063] dump_stack_lvl+0x73/0xb0 [ 20.399724] print_report+0xd1/0x640 [ 20.400112] ? __virt_addr_valid+0x1db/0x2d0 [ 20.401032] ? kasan_addr_to_slab+0x11/0xa0 [ 20.402098] kasan_report+0x102/0x140 [ 20.402943] ? kmalloc_large_uaf+0x2f3/0x340 [ 20.403454] ? kmalloc_large_uaf+0x2f3/0x340 [ 20.403869] __asan_report_load1_noabort+0x18/0x20 [ 20.404440] kmalloc_large_uaf+0x2f3/0x340 [ 20.404838] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 20.405314] ? __schedule+0xc3e/0x2790 [ 20.406311] ? __pfx_read_tsc+0x10/0x10 [ 20.406823] ? ktime_get_ts64+0x84/0x230 [ 20.407600] kunit_try_run_case+0x1b3/0x490 [ 20.408070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.408695] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.409269] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.410006] ? __kthread_parkme+0x82/0x160 [ 20.410541] ? preempt_count_sub+0x50/0x80 [ 20.411333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.411775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.412706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.413450] kthread+0x257/0x310 [ 20.413965] ? __pfx_kthread+0x10/0x10 [ 20.414318] ret_from_fork+0x41/0x80 [ 20.414805] ? __pfx_kthread+0x10/0x10 [ 20.415139] ret_from_fork_asm+0x1a/0x30 [ 20.415759] </TASK> [ 20.415981] [ 20.416308] The buggy address belongs to the physical page: [ 20.417300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102368 [ 20.418401] flags: 0x200000000000000(node=0|zone=2) [ 20.418820] raw: 0200000000000000 ffffea000408db08 ffff88815b13f000 0000000000000000 [ 20.420088] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.420712] page dumped because: kasan: bad access detected [ 20.421521] [ 20.421746] Memory state around the buggy address: [ 20.422553] ffff888102367f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.423410] ffff888102367f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.424595] >ffff888102368000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.425369] ^ [ 20.425738] ffff888102368080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.426997] ffff888102368100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.427721] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 20.348877] ================================================================== [ 20.350029] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 20.350965] Write of size 1 at addr ffff888102bba00a by task kunit_try_catch/154 [ 20.351688] [ 20.352249] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.353457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.354017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.354961] Call Trace: [ 20.355499] <TASK> [ 20.355692] dump_stack_lvl+0x73/0xb0 [ 20.356173] print_report+0xd1/0x640 [ 20.356659] ? __virt_addr_valid+0x1db/0x2d0 [ 20.357140] ? kasan_addr_to_slab+0x11/0xa0 [ 20.357645] kasan_report+0x102/0x140 [ 20.357923] ? kmalloc_large_oob_right+0x2eb/0x340 [ 20.358670] ? kmalloc_large_oob_right+0x2eb/0x340 [ 20.359383] __asan_report_store1_noabort+0x1b/0x30 [ 20.359897] kmalloc_large_oob_right+0x2eb/0x340 [ 20.360507] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 20.361059] ? __schedule+0xc3e/0x2790 [ 20.361636] ? __pfx_read_tsc+0x10/0x10 [ 20.362031] ? ktime_get_ts64+0x84/0x230 [ 20.362677] kunit_try_run_case+0x1b3/0x490 [ 20.363386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.364145] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.364574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.365399] ? __kthread_parkme+0x82/0x160 [ 20.366102] ? preempt_count_sub+0x50/0x80 [ 20.366713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.367204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.367778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.368920] kthread+0x257/0x310 [ 20.369324] ? __pfx_kthread+0x10/0x10 [ 20.369789] ret_from_fork+0x41/0x80 [ 20.370193] ? __pfx_kthread+0x10/0x10 [ 20.370585] ret_from_fork_asm+0x1a/0x30 [ 20.371133] </TASK> [ 20.371581] [ 20.371828] The buggy address belongs to the physical page: [ 20.372615] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb8 [ 20.373257] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.373976] flags: 0x200000000000040(head|node=0|zone=2) [ 20.374658] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.375077] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.376064] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.376873] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.377661] head: 0200000000000002 ffffea00040aee01 ffffffffffffffff 0000000000000000 [ 20.378309] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.378967] page dumped because: kasan: bad access detected [ 20.379724] [ 20.380063] Memory state around the buggy address: [ 20.380803] ffff888102bb9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.381959] ffff888102bb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.382724] >ffff888102bba000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.383567] ^ [ 20.384023] ffff888102bba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.385291] ffff888102bba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.385782] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 20.291004] ================================================================== [ 20.292152] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 20.293401] Write of size 1 at addr ffff888102cc1f00 by task kunit_try_catch/152 [ 20.294824] [ 20.295115] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.296436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.296737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.297589] Call Trace: [ 20.297899] <TASK> [ 20.298198] dump_stack_lvl+0x73/0xb0 [ 20.298825] print_report+0xd1/0x640 [ 20.299214] ? __virt_addr_valid+0x1db/0x2d0 [ 20.299726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.300215] kasan_report+0x102/0x140 [ 20.300586] ? kmalloc_big_oob_right+0x318/0x370 [ 20.300994] ? kmalloc_big_oob_right+0x318/0x370 [ 20.301648] __asan_report_store1_noabort+0x1b/0x30 [ 20.302886] kmalloc_big_oob_right+0x318/0x370 [ 20.303623] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 20.304029] ? __schedule+0xc3e/0x2790 [ 20.305311] ? __pfx_read_tsc+0x10/0x10 [ 20.305696] ? ktime_get_ts64+0x84/0x230 [ 20.306304] kunit_try_run_case+0x1b3/0x490 [ 20.307068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.307774] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.308539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.309184] ? __kthread_parkme+0x82/0x160 [ 20.309685] ? preempt_count_sub+0x50/0x80 [ 20.310078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.310674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.311519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.311885] kthread+0x257/0x310 [ 20.312573] ? __pfx_kthread+0x10/0x10 [ 20.312878] ret_from_fork+0x41/0x80 [ 20.313308] ? __pfx_kthread+0x10/0x10 [ 20.313882] ret_from_fork_asm+0x1a/0x30 [ 20.314218] </TASK> [ 20.314613] [ 20.314860] Allocated by task 152: [ 20.315166] kasan_save_stack+0x3d/0x60 [ 20.315487] kasan_save_track+0x18/0x40 [ 20.316112] kasan_save_alloc_info+0x3b/0x50 [ 20.316893] __kasan_kmalloc+0xb7/0xc0 [ 20.317608] __kmalloc_cache_noprof+0x184/0x410 [ 20.317934] kmalloc_big_oob_right+0xaa/0x370 [ 20.318228] kunit_try_run_case+0x1b3/0x490 [ 20.319528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.320276] kthread+0x257/0x310 [ 20.320910] ret_from_fork+0x41/0x80 [ 20.321313] ret_from_fork_asm+0x1a/0x30 [ 20.321863] [ 20.322114] The buggy address belongs to the object at ffff888102cc0000 [ 20.322114] which belongs to the cache kmalloc-8k of size 8192 [ 20.323318] The buggy address is located 0 bytes to the right of [ 20.323318] allocated 7936-byte region [ffff888102cc0000, ffff888102cc1f00) [ 20.325618] [ 20.325940] The buggy address belongs to the physical page: [ 20.326573] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 20.327594] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.328284] flags: 0x200000000000040(head|node=0|zone=2) [ 20.328887] page_type: f5(slab) [ 20.329527] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 20.330636] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 20.331760] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 20.332480] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 20.333517] head: 0200000000000003 ffffea00040b3001 ffffffffffffffff 0000000000000000 [ 20.334729] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 20.335853] page dumped because: kasan: bad access detected [ 20.336609] [ 20.336898] Memory state around the buggy address: [ 20.337563] ffff888102cc1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.338298] ffff888102cc1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.338973] >ffff888102cc1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.339650] ^ [ 20.339965] ffff888102cc1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.341299] ffff888102cc2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.341986] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 20.189871] ================================================================== [ 20.190685] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 20.191454] Write of size 1 at addr ffff888102a1a278 by task kunit_try_catch/150 [ 20.192058] [ 20.192275] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.194371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.194659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.195356] Call Trace: [ 20.195710] <TASK> [ 20.195928] dump_stack_lvl+0x73/0xb0 [ 20.196588] print_report+0xd1/0x640 [ 20.196907] ? __virt_addr_valid+0x1db/0x2d0 [ 20.197552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.197945] kasan_report+0x102/0x140 [ 20.198584] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 20.199129] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 20.199733] __asan_report_store1_noabort+0x1b/0x30 [ 20.200317] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 20.200862] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 20.201550] ? __schedule+0xc3e/0x2790 [ 20.201865] ? __pfx_read_tsc+0x10/0x10 [ 20.202429] ? ktime_get_ts64+0x84/0x230 [ 20.202926] kunit_try_run_case+0x1b3/0x490 [ 20.203517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.203971] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.204627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.205134] ? __kthread_parkme+0x82/0x160 [ 20.205655] ? preempt_count_sub+0x50/0x80 [ 20.206259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.206658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.207439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.208007] kthread+0x257/0x310 [ 20.208483] ? __pfx_kthread+0x10/0x10 [ 20.208954] ret_from_fork+0x41/0x80 [ 20.209529] ? __pfx_kthread+0x10/0x10 [ 20.209957] ret_from_fork_asm+0x1a/0x30 [ 20.210599] </TASK> [ 20.210840] [ 20.210990] Allocated by task 150: [ 20.211937] kasan_save_stack+0x3d/0x60 [ 20.212285] kasan_save_track+0x18/0x40 [ 20.212838] kasan_save_alloc_info+0x3b/0x50 [ 20.213263] __kasan_kmalloc+0xb7/0xc0 [ 20.213582] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 20.214123] kmalloc_track_caller_oob_right+0x9a/0x530 [ 20.215029] kunit_try_run_case+0x1b3/0x490 [ 20.215956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.216861] kthread+0x257/0x310 [ 20.217747] ret_from_fork+0x41/0x80 [ 20.218243] ret_from_fork_asm+0x1a/0x30 [ 20.218817] [ 20.219031] The buggy address belongs to the object at ffff888102a1a200 [ 20.219031] which belongs to the cache kmalloc-128 of size 128 [ 20.220716] The buggy address is located 0 bytes to the right of [ 20.220716] allocated 120-byte region [ffff888102a1a200, ffff888102a1a278) [ 20.222358] [ 20.222714] The buggy address belongs to the physical page: [ 20.223659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 20.224750] flags: 0x200000000000000(node=0|zone=2) [ 20.225602] page_type: f5(slab) [ 20.225826] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.226731] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.227623] page dumped because: kasan: bad access detected [ 20.228364] [ 20.228518] Memory state around the buggy address: [ 20.229683] ffff888102a1a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.230515] ffff888102a1a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.231049] >ffff888102a1a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.231948] ^ [ 20.232891] ffff888102a1a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.233807] ffff888102a1a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.234641] ================================================================== [ 20.235887] ================================================================== [ 20.237136] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 20.238382] Write of size 1 at addr ffff888102a1a378 by task kunit_try_catch/150 [ 20.239441] [ 20.239673] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.241064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.241556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.242428] Call Trace: [ 20.242737] <TASK> [ 20.242993] dump_stack_lvl+0x73/0xb0 [ 20.243448] print_report+0xd1/0x640 [ 20.243940] ? __virt_addr_valid+0x1db/0x2d0 [ 20.244603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.244982] kasan_report+0x102/0x140 [ 20.245988] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 20.246835] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 20.247639] __asan_report_store1_noabort+0x1b/0x30 [ 20.248316] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 20.248903] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 20.249565] ? __schedule+0xc3e/0x2790 [ 20.250043] ? __pfx_read_tsc+0x10/0x10 [ 20.250874] ? ktime_get_ts64+0x84/0x230 [ 20.251534] kunit_try_run_case+0x1b3/0x490 [ 20.252329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.252811] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.253494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.254061] ? __kthread_parkme+0x82/0x160 [ 20.254864] ? preempt_count_sub+0x50/0x80 [ 20.255564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.256198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.256744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.257329] kthread+0x257/0x310 [ 20.257830] ? __pfx_kthread+0x10/0x10 [ 20.258693] ret_from_fork+0x41/0x80 [ 20.259244] ? __pfx_kthread+0x10/0x10 [ 20.259906] ret_from_fork_asm+0x1a/0x30 [ 20.260613] </TASK> [ 20.260993] [ 20.261470] Allocated by task 150: [ 20.261815] kasan_save_stack+0x3d/0x60 [ 20.262810] kasan_save_track+0x18/0x40 [ 20.263295] kasan_save_alloc_info+0x3b/0x50 [ 20.264038] __kasan_kmalloc+0xb7/0xc0 [ 20.264553] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 20.265323] kmalloc_track_caller_oob_right+0x19b/0x530 [ 20.265779] kunit_try_run_case+0x1b3/0x490 [ 20.266711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.267416] kthread+0x257/0x310 [ 20.267814] ret_from_fork+0x41/0x80 [ 20.268189] ret_from_fork_asm+0x1a/0x30 [ 20.268769] [ 20.268991] The buggy address belongs to the object at ffff888102a1a300 [ 20.268991] which belongs to the cache kmalloc-128 of size 128 [ 20.270753] The buggy address is located 0 bytes to the right of [ 20.270753] allocated 120-byte region [ffff888102a1a300, ffff888102a1a378) [ 20.272111] [ 20.272550] The buggy address belongs to the physical page: [ 20.273276] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1a [ 20.273987] flags: 0x200000000000000(node=0|zone=2) [ 20.274775] page_type: f5(slab) [ 20.275332] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.276036] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.276874] page dumped because: kasan: bad access detected [ 20.277563] [ 20.277815] Memory state around the buggy address: [ 20.278722] ffff888102a1a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.279527] ffff888102a1a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.280313] >ffff888102a1a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.280963] ^ [ 20.281968] ffff888102a1a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.282849] ffff888102a1a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.283761] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 20.136889] ================================================================== [ 20.137836] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 20.138699] Read of size 1 at addr ffff888102c2b000 by task kunit_try_catch/148 [ 20.139199] [ 20.139725] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.141315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.141728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.142768] Call Trace: [ 20.143253] <TASK> [ 20.143494] dump_stack_lvl+0x73/0xb0 [ 20.144120] print_report+0xd1/0x640 [ 20.144699] ? __virt_addr_valid+0x1db/0x2d0 [ 20.145218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.145751] kasan_report+0x102/0x140 [ 20.146200] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 20.146599] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 20.146932] __asan_report_load1_noabort+0x18/0x20 [ 20.147617] kmalloc_node_oob_right+0x36b/0x3d0 [ 20.148243] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 20.148721] ? __schedule+0xc3e/0x2790 [ 20.149286] ? __pfx_read_tsc+0x10/0x10 [ 20.149734] ? ktime_get_ts64+0x84/0x230 [ 20.150372] kunit_try_run_case+0x1b3/0x490 [ 20.150898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.151509] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.151911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.152972] ? __kthread_parkme+0x82/0x160 [ 20.153799] ? preempt_count_sub+0x50/0x80 [ 20.154519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.155014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.155673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.156356] kthread+0x257/0x310 [ 20.156692] ? __pfx_kthread+0x10/0x10 [ 20.157366] ret_from_fork+0x41/0x80 [ 20.157689] ? __pfx_kthread+0x10/0x10 [ 20.158119] ret_from_fork_asm+0x1a/0x30 [ 20.159082] </TASK> [ 20.159754] [ 20.160037] Allocated by task 148: [ 20.160674] kasan_save_stack+0x3d/0x60 [ 20.160996] kasan_save_track+0x18/0x40 [ 20.161279] kasan_save_alloc_info+0x3b/0x50 [ 20.161647] __kasan_kmalloc+0xb7/0xc0 [ 20.162049] __kmalloc_cache_node_noprof+0x183/0x410 [ 20.162679] kmalloc_node_oob_right+0xac/0x3d0 [ 20.163118] kunit_try_run_case+0x1b3/0x490 [ 20.163774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.164467] kthread+0x257/0x310 [ 20.164864] ret_from_fork+0x41/0x80 [ 20.165415] ret_from_fork_asm+0x1a/0x30 [ 20.165869] [ 20.166078] The buggy address belongs to the object at ffff888102c2a000 [ 20.166078] which belongs to the cache kmalloc-4k of size 4096 [ 20.167419] The buggy address is located 0 bytes to the right of [ 20.167419] allocated 4096-byte region [ffff888102c2a000, ffff888102c2b000) [ 20.168512] [ 20.168670] The buggy address belongs to the physical page: [ 20.169449] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c28 [ 20.170734] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.171608] flags: 0x200000000000040(head|node=0|zone=2) [ 20.172420] page_type: f5(slab) [ 20.172808] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 20.173567] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 20.174361] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 20.174975] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 20.175622] head: 0200000000000003 ffffea00040b0a01 ffffffffffffffff 0000000000000000 [ 20.176307] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 20.177032] page dumped because: kasan: bad access detected [ 20.177749] [ 20.177935] Memory state around the buggy address: [ 20.178615] ffff888102c2af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.179468] ffff888102c2af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.180008] >ffff888102c2b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.180809] ^ [ 20.181061] ffff888102c2b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.181929] ffff888102c2b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.182691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 20.067401] ================================================================== [ 20.068407] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 20.068988] Read of size 1 at addr ffff888101094f1f by task kunit_try_catch/146 [ 20.069729] [ 20.069991] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241128 #1 [ 20.070924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.071560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.072328] Call Trace: [ 20.072607] <TASK> [ 20.072831] dump_stack_lvl+0x73/0xb0 [ 20.073640] print_report+0xd1/0x640 [ 20.074069] ? __virt_addr_valid+0x1db/0x2d0 [ 20.074605] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.075268] kasan_report+0x102/0x140 [ 20.075769] ? kmalloc_oob_left+0x363/0x3c0 [ 20.076293] ? kmalloc_oob_left+0x363/0x3c0 [ 20.076662] __asan_report_load1_noabort+0x18/0x20 [ 20.077309] kmalloc_oob_left+0x363/0x3c0 [ 20.077768] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 20.078507] ? __schedule+0xc3e/0x2790 [ 20.078894] ? __pfx_read_tsc+0x10/0x10 [ 20.079361] ? ktime_get_ts64+0x84/0x230 [ 20.079727] kunit_try_run_case+0x1b3/0x490 [ 20.080303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.080848] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.081322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.081862] ? __kthread_parkme+0x82/0x160 [ 20.082495] ? preempt_count_sub+0x50/0x80 [ 20.082838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.083507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.084019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.084447] kthread+0x257/0x310 [ 20.084778] ? __pfx_kthread+0x10/0x10 [ 20.085236] ret_from_fork+0x41/0x80 [ 20.085855] ? __pfx_kthread+0x10/0x10 [ 20.086392] ret_from_fork_asm+0x1a/0x30 [ 20.086836] </TASK> [ 20.087025] [ 20.087438] Allocated by task 1: [ 20.087859] kasan_save_stack+0x3d/0x60 [ 20.088496] kasan_save_track+0x18/0x40 [ 20.088807] kasan_save_alloc_info+0x3b/0x50 [ 20.089421] __kasan_kmalloc+0xb7/0xc0 [ 20.089751] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 20.090536] kvasprintf+0xc6/0x150 [ 20.090871] __kthread_create_on_node+0x18c/0x3a0 [ 20.091487] kthread_create_on_node+0xa8/0xe0 [ 20.091961] cryptomgr_notify+0x704/0x9f0 [ 20.092595] notifier_call_chain+0xcb/0x250 [ 20.092950] blocking_notifier_call_chain+0x64/0x90 [ 20.093631] crypto_alg_mod_lookup+0x214/0x420 [ 20.093951] crypto_alloc_tfm_node+0xc5/0x1f0 [ 20.094585] crypto_alloc_sig+0x23/0x30 [ 20.095005] public_key_verify_signature+0x1b1/0x990 [ 20.096111] x509_check_for_self_signed+0x2cb/0x480 [ 20.096725] x509_cert_parse+0x59c/0x830 [ 20.097600] x509_key_preparse+0x68/0x8a0 [ 20.097950] asymmetric_key_preparse+0xb1/0x160 [ 20.098915] __key_create_or_update+0x407/0xc90 [ 20.099506] key_create_or_update+0x17/0x20 [ 20.099797] x509_load_certificate_list+0x174/0x200 [ 20.100471] regulatory_init_db+0xee/0x3a0 [ 20.100740] do_one_initcall+0xb5/0x370 [ 20.100992] kernel_init_freeable+0x425/0x6f0 [ 20.102328] kernel_init+0x23/0x1e0 [ 20.103007] ret_from_fork+0x41/0x80 [ 20.103409] ret_from_fork_asm+0x1a/0x30 [ 20.104109] [ 20.104749] Freed by task 0: [ 20.105296] kasan_save_stack+0x3d/0x60 [ 20.106292] kasan_save_track+0x18/0x40 [ 20.106562] kasan_save_free_info+0x3f/0x60 [ 20.106828] __kasan_slab_free+0x56/0x70 [ 20.107111] kfree+0x123/0x3f0 [ 20.108175] free_kthread_struct+0xeb/0x150 [ 20.108909] free_task+0xf3/0x130 [ 20.109696] __put_task_struct+0x1c8/0x480 [ 20.110198] delayed_put_task_struct+0x10a/0x150 [ 20.110548] rcu_core+0x680/0x1d70 [ 20.110987] rcu_core_si+0x12/0x20 [ 20.111622] handle_softirqs+0x209/0x720 [ 20.112140] __irq_exit_rcu+0xc9/0x110 [ 20.112893] irq_exit_rcu+0x12/0x20 [ 20.114140] sysvec_apic_timer_interrupt+0x81/0x90 [ 20.114932] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 20.115813] [ 20.116435] The buggy address belongs to the object at ffff888101094f00 [ 20.116435] which belongs to the cache kmalloc-16 of size 16 [ 20.117995] The buggy address is located 15 bytes to the right of [ 20.117995] allocated 16-byte region [ffff888101094f00, ffff888101094f10) [ 20.119887] [ 20.120285] The buggy address belongs to the physical page: [ 20.121045] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 20.122067] flags: 0x200000000000000(node=0|zone=2) [ 20.122657] page_type: f5(slab) [ 20.123333] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.124216] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 20.124917] page dumped because: kasan: bad access detected [ 20.125441] [ 20.125789] Memory state around the buggy address: [ 20.126353] ffff888101094e00: fa fb fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 20.127298] ffff888101094e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.128221] >ffff888101094f00: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 20.129157] ^ [ 20.129939] ffff888101094f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.130529] ffff888101095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.131412] ==================================================================