Date
Dec. 3, 2024, 11:38 p.m.
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 154.657448] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 62.891381] ================================================================== [ 62.891999] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 62.891999] [ 62.892677] Use-after-free read at 0x(____ptrval____) (in kfence-#195): [ 62.893241] test_krealloc+0x6fd/0xbe0 [ 62.893740] kunit_try_run_case+0x1b3/0x490 [ 62.894064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.894616] kthread+0x257/0x310 [ 62.894975] ret_from_fork+0x41/0x80 [ 62.895379] ret_from_fork_asm+0x1a/0x30 [ 62.895654] [ 62.895806] kfence-#195: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 62.895806] [ 62.896691] allocated by task 346 on cpu 1 at 62.890293s (0.006392s ago): [ 62.897357] test_alloc+0x35f/0x10d0 [ 62.897790] test_krealloc+0xae/0xbe0 [ 62.898101] kunit_try_run_case+0x1b3/0x490 [ 62.898420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.899187] kthread+0x257/0x310 [ 62.899582] ret_from_fork+0x41/0x80 [ 62.899882] ret_from_fork_asm+0x1a/0x30 [ 62.900306] [ 62.900513] freed by task 346 on cpu 1 at 62.890827s (0.009681s ago): [ 62.900990] krealloc_noprof+0x108/0x340 [ 62.901359] test_krealloc+0x227/0xbe0 [ 62.901760] kunit_try_run_case+0x1b3/0x490 [ 62.902207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.902887] kthread+0x257/0x310 [ 62.903255] ret_from_fork+0x41/0x80 [ 62.903770] ret_from_fork_asm+0x1a/0x30 [ 62.904191] [ 62.904454] CPU: 1 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 62.905228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.905540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 62.906337] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 62.809953] ================================================================== [ 62.810532] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 62.810532] [ 62.811500] Use-after-free read at 0x(____ptrval____) (in kfence-#194): [ 62.811855] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 62.812177] kunit_try_run_case+0x1b3/0x490 [ 62.813131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.814070] kthread+0x257/0x310 [ 62.814638] ret_from_fork+0x41/0x80 [ 62.815148] ret_from_fork_asm+0x1a/0x30 [ 62.815714] [ 62.815920] kfence-#194: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 62.815920] [ 62.816742] allocated by task 344 on cpu 1 at 62.786290s (0.030446s ago): [ 62.817389] test_alloc+0x2a7/0x10d0 [ 62.817812] test_memcache_typesafe_by_rcu+0x170/0x670 [ 62.818174] kunit_try_run_case+0x1b3/0x490 [ 62.818666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.819174] kthread+0x257/0x310 [ 62.819526] ret_from_fork+0x41/0x80 [ 62.819943] ret_from_fork_asm+0x1a/0x30 [ 62.820234] [ 62.820385] freed by task 344 on cpu 1 at 62.786454s (0.033926s ago): [ 62.821072] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 62.821606] kunit_try_run_case+0x1b3/0x490 [ 62.822023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 62.822496] kthread+0x257/0x310 [ 62.822890] ret_from_fork+0x41/0x80 [ 62.823269] ret_from_fork_asm+0x1a/0x30 [ 62.823645] [ 62.823934] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 62.824745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.825252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 62.826022] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 40.245233] ================================================================== [ 40.246094] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 40.246094] [ 40.246805] Invalid read at 0x(____ptrval____): [ 40.247378] test_invalid_access+0xf1/0x210 [ 40.247789] kunit_try_run_case+0x1b3/0x490 [ 40.248197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.248698] kthread+0x257/0x310 [ 40.248937] ret_from_fork+0x41/0x80 [ 40.249274] ret_from_fork_asm+0x1a/0x30 [ 40.249743] [ 40.250089] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 40.250848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.251915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.253928] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 40.010582] ================================================================== [ 40.011177] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.011177] [ 40.011906] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#190): [ 40.013241] test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.013681] kunit_try_run_case+0x1b3/0x490 [ 40.014163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.014739] kthread+0x257/0x310 [ 40.015168] ret_from_fork+0x41/0x80 [ 40.015552] ret_from_fork_asm+0x1a/0x30 [ 40.015992] [ 40.016191] kfence-#190: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 40.016191] [ 40.016945] allocated by task 334 on cpu 0 at 40.010206s (0.006734s ago): [ 40.017570] test_alloc+0x35f/0x10d0 [ 40.018154] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 40.018527] kunit_try_run_case+0x1b3/0x490 [ 40.019025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.019447] kthread+0x257/0x310 [ 40.019888] ret_from_fork+0x41/0x80 [ 40.020241] ret_from_fork_asm+0x1a/0x30 [ 40.020517] [ 40.020661] freed by task 334 on cpu 0 at 40.010440s (0.010217s ago): [ 40.021029] test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.021344] kunit_try_run_case+0x1b3/0x490 [ 40.021787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.022323] kthread+0x257/0x310 [ 40.022870] ret_from_fork+0x41/0x80 [ 40.023322] ret_from_fork_asm+0x1a/0x30 [ 40.023840] [ 40.024103] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 40.025334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.025847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.026523] ==================================================================
Failure - kunit - _kasan
_kasan fail
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.906571] ================================================================== [ 39.906975] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.906975] [ 39.907842] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#189): [ 39.909149] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.909564] kunit_try_run_case+0x1b3/0x490 [ 39.910001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.910452] kthread+0x257/0x310 [ 39.910722] ret_from_fork+0x41/0x80 [ 39.911164] ret_from_fork_asm+0x1a/0x30 [ 39.911620] [ 39.911857] kfence-#189: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.911857] [ 39.912747] allocated by task 332 on cpu 0 at 39.906209s (0.006533s ago): [ 39.913315] test_alloc+0x35f/0x10d0 [ 39.913754] test_kmalloc_aligned_oob_read+0x106/0x570 [ 39.914471] kunit_try_run_case+0x1b3/0x490 [ 39.914924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.915648] kthread+0x257/0x310 [ 39.916065] ret_from_fork+0x41/0x80 [ 39.916328] ret_from_fork_asm+0x1a/0x30 [ 39.916912] [ 39.917233] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 39.918114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.918535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.919259] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 36.266414] ================================================================== [ 36.267194] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 36.267194] [ 36.267850] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#154): [ 36.268362] test_corruption+0x217/0x3e0 [ 36.268792] kunit_try_run_case+0x1b3/0x490 [ 36.269223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.269739] kthread+0x257/0x310 [ 36.270031] ret_from_fork+0x41/0x80 [ 36.270427] ret_from_fork_asm+0x1a/0x30 [ 36.270905] [ 36.271083] kfence-#154: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.271083] [ 36.271540] allocated by task 322 on cpu 1 at 36.266217s (0.005318s ago): [ 36.272141] test_alloc+0x2a7/0x10d0 [ 36.272739] test_corruption+0x1cc/0x3e0 [ 36.273090] kunit_try_run_case+0x1b3/0x490 [ 36.273512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.273852] kthread+0x257/0x310 [ 36.274227] ret_from_fork+0x41/0x80 [ 36.274578] ret_from_fork_asm+0x1a/0x30 [ 36.274938] [ 36.275118] freed by task 322 on cpu 1 at 36.266305s (0.008808s ago): [ 36.275493] test_corruption+0x217/0x3e0 [ 36.275900] kunit_try_run_case+0x1b3/0x490 [ 36.276335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.276876] kthread+0x257/0x310 [ 36.277255] ret_from_fork+0x41/0x80 [ 36.277719] ret_from_fork_asm+0x1a/0x30 [ 36.278134] [ 36.278336] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 36.279405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.279745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.280188] ================================================================== [ 35.850617] ================================================================== [ 35.851156] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 35.851156] [ 35.851796] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#150): [ 35.852459] test_corruption+0x2e1/0x3e0 [ 35.852951] kunit_try_run_case+0x1b3/0x490 [ 35.853366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.853805] kthread+0x257/0x310 [ 35.854049] ret_from_fork+0x41/0x80 [ 35.854451] ret_from_fork_asm+0x1a/0x30 [ 35.854973] [ 35.855212] kfence-#150: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.855212] [ 35.856217] allocated by task 320 on cpu 0 at 35.850202s (0.006009s ago): [ 35.856609] test_alloc+0x35f/0x10d0 [ 35.857001] test_corruption+0x1cc/0x3e0 [ 35.857411] kunit_try_run_case+0x1b3/0x490 [ 35.857853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.858275] kthread+0x257/0x310 [ 35.858516] ret_from_fork+0x41/0x80 [ 35.858773] ret_from_fork_asm+0x1a/0x30 [ 35.859162] [ 35.859374] freed by task 320 on cpu 0 at 35.850370s (0.009000s ago): [ 35.859982] test_corruption+0x2e1/0x3e0 [ 35.860407] kunit_try_run_case+0x1b3/0x490 [ 35.860823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.861331] kthread+0x257/0x310 [ 35.861801] ret_from_fork+0x41/0x80 [ 35.862133] ret_from_fork_asm+0x1a/0x30 [ 35.862449] [ 35.862729] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 35.863415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.863774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.864324] ================================================================== [ 36.162417] ================================================================== [ 36.163441] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 36.163441] [ 36.164301] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#153): [ 36.165772] test_corruption+0x132/0x3e0 [ 36.166214] kunit_try_run_case+0x1b3/0x490 [ 36.166712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.167099] kthread+0x257/0x310 [ 36.167347] ret_from_fork+0x41/0x80 [ 36.167656] ret_from_fork_asm+0x1a/0x30 [ 36.168050] [ 36.168322] kfence-#153: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.168322] [ 36.169330] allocated by task 322 on cpu 1 at 36.162217s (0.007108s ago): [ 36.169730] test_alloc+0x2a7/0x10d0 [ 36.169985] test_corruption+0xe7/0x3e0 [ 36.170452] kunit_try_run_case+0x1b3/0x490 [ 36.171002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.171516] kthread+0x257/0x310 [ 36.171869] ret_from_fork+0x41/0x80 [ 36.172187] ret_from_fork_asm+0x1a/0x30 [ 36.172460] [ 36.172614] freed by task 322 on cpu 1 at 36.162303s (0.010306s ago): [ 36.173172] test_corruption+0x132/0x3e0 [ 36.173556] kunit_try_run_case+0x1b3/0x490 [ 36.173970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.174514] kthread+0x257/0x310 [ 36.174929] ret_from_fork+0x41/0x80 [ 36.175334] ret_from_fork_asm+0x1a/0x30 [ 36.175882] [ 36.176134] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 36.176656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.177100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.177895] ================================================================== [ 35.330593] ================================================================== [ 35.331215] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 35.331215] [ 35.331839] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#145): [ 35.333291] test_corruption+0x2d4/0x3e0 [ 35.333730] kunit_try_run_case+0x1b3/0x490 [ 35.334295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.334701] kthread+0x257/0x310 [ 35.335012] ret_from_fork+0x41/0x80 [ 35.335410] ret_from_fork_asm+0x1a/0x30 [ 35.335832] [ 35.336047] kfence-#145: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.336047] [ 35.336882] allocated by task 320 on cpu 0 at 35.330200s (0.006677s ago): [ 35.337325] test_alloc+0x35f/0x10d0 [ 35.337703] test_corruption+0xe7/0x3e0 [ 35.338014] kunit_try_run_case+0x1b3/0x490 [ 35.338487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.339162] kthread+0x257/0x310 [ 35.339397] ret_from_fork+0x41/0x80 [ 35.339787] ret_from_fork_asm+0x1a/0x30 [ 35.340170] [ 35.340327] freed by task 320 on cpu 0 at 35.330355s (0.009966s ago): [ 35.340706] test_corruption+0x2d4/0x3e0 [ 35.341215] kunit_try_run_case+0x1b3/0x490 [ 35.341626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.342069] kthread+0x257/0x310 [ 35.342508] ret_from_fork+0x41/0x80 [ 35.342769] ret_from_fork_asm+0x1a/0x30 [ 35.343031] [ 35.343241] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 35.343740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.344150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.345082] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 35.018369] ================================================================== [ 35.019108] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 35.019108] [ 35.019663] Invalid free of 0x(____ptrval____) (in kfence-#142): [ 35.020395] test_invalid_addr_free+0xfc/0x260 [ 35.020878] kunit_try_run_case+0x1b3/0x490 [ 35.021330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.021763] kthread+0x257/0x310 [ 35.022181] ret_from_fork+0x41/0x80 [ 35.022659] ret_from_fork_asm+0x1a/0x30 [ 35.023110] [ 35.023344] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.023344] [ 35.024030] allocated by task 318 on cpu 0 at 35.018203s (0.005822s ago): [ 35.024471] test_alloc+0x2a7/0x10d0 [ 35.024959] test_invalid_addr_free+0xdc/0x260 [ 35.025477] kunit_try_run_case+0x1b3/0x490 [ 35.025939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.026532] kthread+0x257/0x310 [ 35.026916] ret_from_fork+0x41/0x80 [ 35.027342] ret_from_fork_asm+0x1a/0x30 [ 35.027819] [ 35.028096] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 35.028775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.029029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.029707] ================================================================== [ 34.914417] ================================================================== [ 34.915438] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 34.915438] [ 34.916077] Invalid free of 0x(____ptrval____) (in kfence-#141): [ 34.916580] test_invalid_addr_free+0x1e3/0x260 [ 34.917008] kunit_try_run_case+0x1b3/0x490 [ 34.917412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.918527] kthread+0x257/0x310 [ 34.918953] ret_from_fork+0x41/0x80 [ 34.919487] ret_from_fork_asm+0x1a/0x30 [ 34.919970] [ 34.920151] kfence-#141: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.920151] [ 34.920780] allocated by task 316 on cpu 0 at 34.914214s (0.006561s ago): [ 34.921178] test_alloc+0x35f/0x10d0 [ 34.921508] test_invalid_addr_free+0xdc/0x260 [ 34.921840] kunit_try_run_case+0x1b3/0x490 [ 34.922264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.922719] kthread+0x257/0x310 [ 34.922962] ret_from_fork+0x41/0x80 [ 34.923365] ret_from_fork_asm+0x1a/0x30 [ 34.923815] [ 34.924078] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.924694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.924938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.925739] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 34.810507] ================================================================== [ 34.811086] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 34.811086] [ 34.811697] Invalid free of 0x(____ptrval____) (in kfence-#140): [ 34.812148] test_double_free+0x113/0x260 [ 34.812442] kunit_try_run_case+0x1b3/0x490 [ 34.812870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.813574] kthread+0x257/0x310 [ 34.813859] ret_from_fork+0x41/0x80 [ 34.814259] ret_from_fork_asm+0x1a/0x30 [ 34.814624] [ 34.814964] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.814964] [ 34.815459] allocated by task 314 on cpu 1 at 34.810246s (0.005207s ago): [ 34.816221] test_alloc+0x2a7/0x10d0 [ 34.816570] test_double_free+0xdc/0x260 [ 34.817032] kunit_try_run_case+0x1b3/0x490 [ 34.817344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.817833] kthread+0x257/0x310 [ 34.818184] ret_from_fork+0x41/0x80 [ 34.818444] ret_from_fork_asm+0x1a/0x30 [ 34.818825] [ 34.819097] freed by task 314 on cpu 1 at 34.810332s (0.008759s ago): [ 34.819780] test_double_free+0xfb/0x260 [ 34.820088] kunit_try_run_case+0x1b3/0x490 [ 34.820459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.820774] kthread+0x257/0x310 [ 34.821016] ret_from_fork+0x41/0x80 [ 34.821292] ret_from_fork_asm+0x1a/0x30 [ 34.821712] [ 34.821970] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.823050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.823492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.824267] ================================================================== [ 34.706649] ================================================================== [ 34.707277] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 34.707277] [ 34.707968] Invalid free of 0x(____ptrval____) (in kfence-#139): [ 34.708477] test_double_free+0x1d5/0x260 [ 34.709045] kunit_try_run_case+0x1b3/0x490 [ 34.709354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.709743] kthread+0x257/0x310 [ 34.710104] ret_from_fork+0x41/0x80 [ 34.710510] ret_from_fork_asm+0x1a/0x30 [ 34.710884] [ 34.711109] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.711109] [ 34.711625] allocated by task 312 on cpu 1 at 34.706245s (0.005375s ago): [ 34.712349] test_alloc+0x35f/0x10d0 [ 34.712884] test_double_free+0xdc/0x260 [ 34.713302] kunit_try_run_case+0x1b3/0x490 [ 34.713767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.714132] kthread+0x257/0x310 [ 34.714366] ret_from_fork+0x41/0x80 [ 34.714775] ret_from_fork_asm+0x1a/0x30 [ 34.715220] [ 34.715424] freed by task 312 on cpu 1 at 34.706357s (0.009061s ago): [ 34.715854] test_double_free+0x1e2/0x260 [ 34.716165] kunit_try_run_case+0x1b3/0x490 [ 34.716629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.717134] kthread+0x257/0x310 [ 34.717510] ret_from_fork+0x41/0x80 [ 34.717849] ret_from_fork_asm+0x1a/0x30 [ 34.718186] [ 34.718379] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.719262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.719862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.720506] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 34.394396] ================================================================== [ 34.394827] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 34.394827] [ 34.395313] Use-after-free read at 0x(____ptrval____) (in kfence-#136): [ 34.395982] test_use_after_free_read+0x12a/0x270 [ 34.396403] kunit_try_run_case+0x1b3/0x490 [ 34.397689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.398307] kthread+0x257/0x310 [ 34.398747] ret_from_fork+0x41/0x80 [ 34.399307] ret_from_fork_asm+0x1a/0x30 [ 34.399895] [ 34.400141] kfence-#136: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.400141] [ 34.400846] allocated by task 306 on cpu 0 at 34.394208s (0.006633s ago): [ 34.401345] test_alloc+0x2a7/0x10d0 [ 34.401786] test_use_after_free_read+0xdd/0x270 [ 34.402122] kunit_try_run_case+0x1b3/0x490 [ 34.402550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.403002] kthread+0x257/0x310 [ 34.403497] ret_from_fork+0x41/0x80 [ 34.403793] ret_from_fork_asm+0x1a/0x30 [ 34.404076] [ 34.404291] freed by task 306 on cpu 0 at 34.394296s (0.009990s ago): [ 34.404928] test_use_after_free_read+0xfc/0x270 [ 34.405423] kunit_try_run_case+0x1b3/0x490 [ 34.405883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.406228] kthread+0x257/0x310 [ 34.406651] ret_from_fork+0x41/0x80 [ 34.407032] ret_from_fork_asm+0x1a/0x30 [ 34.407482] [ 34.407681] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.408592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.408962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.409505] ================================================================== [ 34.290575] ================================================================== [ 34.291205] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 34.291205] [ 34.291946] Use-after-free read at 0x(____ptrval____) (in kfence-#135): [ 34.292396] test_use_after_free_read+0x12a/0x270 [ 34.292744] kunit_try_run_case+0x1b3/0x490 [ 34.293024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.293725] kthread+0x257/0x310 [ 34.294001] ret_from_fork+0x41/0x80 [ 34.294277] ret_from_fork_asm+0x1a/0x30 [ 34.294561] [ 34.294770] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.294770] [ 34.295504] allocated by task 304 on cpu 1 at 34.290209s (0.005290s ago): [ 34.296182] test_alloc+0x35f/0x10d0 [ 34.296661] test_use_after_free_read+0xdd/0x270 [ 34.296982] kunit_try_run_case+0x1b3/0x490 [ 34.297279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.297762] kthread+0x257/0x310 [ 34.298164] ret_from_fork+0x41/0x80 [ 34.298621] ret_from_fork_asm+0x1a/0x30 [ 34.299121] [ 34.299675] freed by task 304 on cpu 1 at 34.290319s (0.009166s ago): [ 34.300511] test_use_after_free_read+0x1e9/0x270 [ 34.301023] kunit_try_run_case+0x1b3/0x490 [ 34.301572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.301892] kthread+0x257/0x310 [ 34.302149] ret_from_fork+0x41/0x80 [ 34.302403] ret_from_fork_asm+0x1a/0x30 [ 34.302891] [ 34.303153] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.303855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.304201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.304945] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 34.186319] ================================================================== [ 34.186902] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 34.186902] [ 34.187664] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#134): [ 34.188629] test_out_of_bounds_write+0x10e/0x260 [ 34.189001] kunit_try_run_case+0x1b3/0x490 [ 34.189459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.190005] kthread+0x257/0x310 [ 34.190267] ret_from_fork+0x41/0x80 [ 34.190502] ret_from_fork_asm+0x1a/0x30 [ 34.190741] [ 34.190888] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.190888] [ 34.191312] allocated by task 302 on cpu 0 at 34.186231s (0.005076s ago): [ 34.191651] test_alloc+0x2a7/0x10d0 [ 34.191878] test_out_of_bounds_write+0xd5/0x260 [ 34.192209] kunit_try_run_case+0x1b3/0x490 [ 34.192493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.192855] kthread+0x257/0x310 [ 34.193293] ret_from_fork+0x41/0x80 [ 34.193868] ret_from_fork_asm+0x1a/0x30 [ 34.194320] [ 34.194579] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.195185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.195442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.195828] ================================================================== [ 34.082417] ================================================================== [ 34.083083] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 34.083083] [ 34.083737] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#133): [ 34.084340] test_out_of_bounds_write+0x10e/0x260 [ 34.084714] kunit_try_run_case+0x1b3/0x490 [ 34.084987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.085762] kthread+0x257/0x310 [ 34.086214] ret_from_fork+0x41/0x80 [ 34.086687] ret_from_fork_asm+0x1a/0x30 [ 34.087152] [ 34.087473] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.087473] [ 34.088591] allocated by task 300 on cpu 0 at 34.082223s (0.006362s ago): [ 34.089353] test_alloc+0x35f/0x10d0 [ 34.089868] test_out_of_bounds_write+0xd5/0x260 [ 34.090489] kunit_try_run_case+0x1b3/0x490 [ 34.091048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.091669] kthread+0x257/0x310 [ 34.092101] ret_from_fork+0x41/0x80 [ 34.092545] ret_from_fork_asm+0x1a/0x30 [ 34.092923] [ 34.093247] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 34.094041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.094630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.095176] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 33.250541] ================================================================== [ 33.251190] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.251190] [ 33.252170] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#125): [ 33.252873] test_out_of_bounds_read+0x217/0x4e0 [ 33.253363] kunit_try_run_case+0x1b3/0x490 [ 33.254865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.255285] kthread+0x257/0x310 [ 33.255880] ret_from_fork+0x41/0x80 [ 33.256411] ret_from_fork_asm+0x1a/0x30 [ 33.256979] [ 33.257206] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.257206] [ 33.258165] allocated by task 296 on cpu 0 at 33.250197s (0.007963s ago): [ 33.259087] test_alloc+0x35f/0x10d0 [ 33.259773] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.260312] kunit_try_run_case+0x1b3/0x490 [ 33.260845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.261267] kthread+0x257/0x310 [ 33.261999] ret_from_fork+0x41/0x80 [ 33.262326] ret_from_fork_asm+0x1a/0x30 [ 33.262984] [ 33.263207] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 33.264447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.264801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.265463] ================================================================== [ 33.978293] ================================================================== [ 33.979158] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.979158] [ 33.979703] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#132): [ 33.980590] test_out_of_bounds_read+0x217/0x4e0 [ 33.981166] kunit_try_run_case+0x1b3/0x490 [ 33.981545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.982134] kthread+0x257/0x310 [ 33.982486] ret_from_fork+0x41/0x80 [ 33.982754] ret_from_fork_asm+0x1a/0x30 [ 33.983231] [ 33.983539] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.983539] [ 33.984188] allocated by task 298 on cpu 1 at 33.978208s (0.005975s ago): [ 33.985267] test_alloc+0x2a7/0x10d0 [ 33.985898] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.986421] kunit_try_run_case+0x1b3/0x490 [ 33.987211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.987690] kthread+0x257/0x310 [ 33.988101] ret_from_fork+0x41/0x80 [ 33.988407] ret_from_fork_asm+0x1a/0x30 [ 33.988891] [ 33.989105] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 33.989916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.990351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.990870] ================================================================== [ 32.940266] ================================================================== [ 32.941049] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 32.941049] [ 32.941704] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#122): [ 32.942786] test_out_of_bounds_read+0x127/0x4e0 [ 32.943212] kunit_try_run_case+0x1b3/0x490 [ 32.943720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.944110] kthread+0x257/0x310 [ 32.944434] ret_from_fork+0x41/0x80 [ 32.944902] ret_from_fork_asm+0x1a/0x30 [ 32.945354] [ 32.945923] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.945923] [ 32.947088] allocated by task 296 on cpu 0 at 32.938280s (0.008621s ago): [ 32.948437] test_alloc+0x35f/0x10d0 [ 32.948841] test_out_of_bounds_read+0xee/0x4e0 [ 32.949251] kunit_try_run_case+0x1b3/0x490 [ 32.949649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.950131] kthread+0x257/0x310 [ 32.950366] ret_from_fork+0x41/0x80 [ 32.950701] ret_from_fork_asm+0x1a/0x30 [ 32.951338] [ 32.951722] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.952554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.952867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.953548] ================================================================== [ 33.354314] ================================================================== [ 33.355074] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 33.355074] [ 33.355753] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#126): [ 33.356165] test_out_of_bounds_read+0x127/0x4e0 [ 33.356757] kunit_try_run_case+0x1b3/0x490 [ 33.357178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.357666] kthread+0x257/0x310 [ 33.358009] ret_from_fork+0x41/0x80 [ 33.358290] ret_from_fork_asm+0x1a/0x30 [ 33.358632] [ 33.358861] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.358861] [ 33.359599] allocated by task 298 on cpu 1 at 33.354221s (0.005373s ago): [ 33.360049] test_alloc+0x2a7/0x10d0 [ 33.360467] test_out_of_bounds_read+0xee/0x4e0 [ 33.361020] kunit_try_run_case+0x1b3/0x490 [ 33.361483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.361976] kthread+0x257/0x310 [ 33.362265] ret_from_fork+0x41/0x80 [ 33.362515] ret_from_fork_asm+0x1a/0x30 [ 33.362799] [ 33.363044] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 33.363907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.364317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.364917] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 32.791622] ================================================================== [ 32.792898] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 32.793394] Write of size 1 at addr ffff888102a99278 by task kunit_try_catch/294 [ 32.794071] [ 32.794318] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.795273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.798419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.799116] Call Trace: [ 32.799385] <TASK> [ 32.799663] dump_stack_lvl+0x73/0xb0 [ 32.800027] print_report+0xd1/0x640 [ 32.800376] ? __virt_addr_valid+0x1db/0x2d0 [ 32.800766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.801340] kasan_report+0x102/0x140 [ 32.801814] ? strncpy_from_user+0x1a7/0x1e0 [ 32.802379] ? strncpy_from_user+0x1a7/0x1e0 [ 32.803007] __asan_report_store1_noabort+0x1b/0x30 [ 32.803651] strncpy_from_user+0x1a7/0x1e0 [ 32.804250] copy_user_test_oob+0x761/0x10f0 [ 32.804909] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.805402] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.806108] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.806712] kunit_try_run_case+0x1b3/0x490 [ 32.807008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.807509] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.807976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.808472] ? __kthread_parkme+0x82/0x160 [ 32.808941] ? preempt_count_sub+0x50/0x80 [ 32.809394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.809887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.810478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.810929] kthread+0x257/0x310 [ 32.811300] ? __pfx_kthread+0x10/0x10 [ 32.811778] ret_from_fork+0x41/0x80 [ 32.812123] ? __pfx_kthread+0x10/0x10 [ 32.812588] ret_from_fork_asm+0x1a/0x30 [ 32.812969] </TASK> [ 32.813251] [ 32.813528] Allocated by task 294: [ 32.813895] kasan_save_stack+0x3d/0x60 [ 32.814242] kasan_save_track+0x18/0x40 [ 32.814783] kasan_save_alloc_info+0x3b/0x50 [ 32.815224] __kasan_kmalloc+0xb7/0xc0 [ 32.815658] __kmalloc_noprof+0x1c4/0x500 [ 32.816079] kunit_kmalloc_array+0x25/0x60 [ 32.816427] copy_user_test_oob+0xac/0x10f0 [ 32.816922] kunit_try_run_case+0x1b3/0x490 [ 32.817396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.817798] kthread+0x257/0x310 [ 32.818191] ret_from_fork+0x41/0x80 [ 32.818616] ret_from_fork_asm+0x1a/0x30 [ 32.819009] [ 32.819239] The buggy address belongs to the object at ffff888102a99200 [ 32.819239] which belongs to the cache kmalloc-128 of size 128 [ 32.820173] The buggy address is located 0 bytes to the right of [ 32.820173] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.821246] [ 32.821504] The buggy address belongs to the physical page: [ 32.822020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.822728] flags: 0x200000000000000(node=0|zone=2) [ 32.823094] page_type: f5(slab) [ 32.823510] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.824033] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.824517] page dumped because: kasan: bad access detected [ 32.825093] [ 32.825308] Memory state around the buggy address: [ 32.825827] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.826318] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.826947] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.827520] ^ [ 32.828311] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.828888] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.829346] ================================================================== [ 32.754922] ================================================================== [ 32.755751] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 32.756691] Write of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.757210] [ 32.757473] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.758238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.758634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.759230] Call Trace: [ 32.759437] <TASK> [ 32.759634] dump_stack_lvl+0x73/0xb0 [ 32.760048] print_report+0xd1/0x640 [ 32.760669] ? __virt_addr_valid+0x1db/0x2d0 [ 32.761106] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.761675] kasan_report+0x102/0x140 [ 32.762135] ? strncpy_from_user+0x2e/0x1e0 [ 32.762513] ? strncpy_from_user+0x2e/0x1e0 [ 32.763162] kasan_check_range+0x10c/0x1c0 [ 32.763647] __kasan_check_write+0x18/0x20 [ 32.764041] strncpy_from_user+0x2e/0x1e0 [ 32.764541] copy_user_test_oob+0x761/0x10f0 [ 32.765038] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.765566] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.766108] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.766620] kunit_try_run_case+0x1b3/0x490 [ 32.767011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.767508] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.767975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.768461] ? __kthread_parkme+0x82/0x160 [ 32.768942] ? preempt_count_sub+0x50/0x80 [ 32.769429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.769895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.770525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.770869] kthread+0x257/0x310 [ 32.771254] ? __pfx_kthread+0x10/0x10 [ 32.771758] ret_from_fork+0x41/0x80 [ 32.772213] ? __pfx_kthread+0x10/0x10 [ 32.772708] ret_from_fork_asm+0x1a/0x30 [ 32.773130] </TASK> [ 32.773405] [ 32.773680] Allocated by task 294: [ 32.774014] kasan_save_stack+0x3d/0x60 [ 32.774311] kasan_save_track+0x18/0x40 [ 32.774565] kasan_save_alloc_info+0x3b/0x50 [ 32.775108] __kasan_kmalloc+0xb7/0xc0 [ 32.775643] __kmalloc_noprof+0x1c4/0x500 [ 32.776182] kunit_kmalloc_array+0x25/0x60 [ 32.776670] copy_user_test_oob+0xac/0x10f0 [ 32.777182] kunit_try_run_case+0x1b3/0x490 [ 32.777770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.778331] kthread+0x257/0x310 [ 32.778575] ret_from_fork+0x41/0x80 [ 32.778823] ret_from_fork_asm+0x1a/0x30 [ 32.779313] [ 32.779519] The buggy address belongs to the object at ffff888102a99200 [ 32.779519] which belongs to the cache kmalloc-128 of size 128 [ 32.780867] The buggy address is located 0 bytes inside of [ 32.780867] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.781584] [ 32.781745] The buggy address belongs to the physical page: [ 32.782129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.782949] flags: 0x200000000000000(node=0|zone=2) [ 32.783527] page_type: f5(slab) [ 32.783870] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.784532] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.785219] page dumped because: kasan: bad access detected [ 32.785813] [ 32.785968] Memory state around the buggy address: [ 32.786260] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.787112] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.787746] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.788290] ^ [ 32.789047] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.789717] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.790398] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 32.680041] ================================================================== [ 32.680584] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 32.681497] Write of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.682221] [ 32.682475] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.683497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.683853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.684849] Call Trace: [ 32.685165] <TASK> [ 32.685580] dump_stack_lvl+0x73/0xb0 [ 32.686098] print_report+0xd1/0x640 [ 32.686518] ? __virt_addr_valid+0x1db/0x2d0 [ 32.686975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.687724] kasan_report+0x102/0x140 [ 32.688203] ? copy_user_test_oob+0x558/0x10f0 [ 32.688724] ? copy_user_test_oob+0x558/0x10f0 [ 32.689205] kasan_check_range+0x10c/0x1c0 [ 32.689899] __kasan_check_write+0x18/0x20 [ 32.690402] copy_user_test_oob+0x558/0x10f0 [ 32.690984] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.691593] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.691934] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.692763] kunit_try_run_case+0x1b3/0x490 [ 32.693252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.693844] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.694320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.694854] ? __kthread_parkme+0x82/0x160 [ 32.695374] ? preempt_count_sub+0x50/0x80 [ 32.695745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.696391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.697115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.698024] kthread+0x257/0x310 [ 32.698413] ? __pfx_kthread+0x10/0x10 [ 32.699155] ret_from_fork+0x41/0x80 [ 32.699408] ? __pfx_kthread+0x10/0x10 [ 32.699814] ret_from_fork_asm+0x1a/0x30 [ 32.700272] </TASK> [ 32.700499] [ 32.700707] Allocated by task 294: [ 32.701074] kasan_save_stack+0x3d/0x60 [ 32.701432] kasan_save_track+0x18/0x40 [ 32.701850] kasan_save_alloc_info+0x3b/0x50 [ 32.702151] __kasan_kmalloc+0xb7/0xc0 [ 32.702411] __kmalloc_noprof+0x1c4/0x500 [ 32.702884] kunit_kmalloc_array+0x25/0x60 [ 32.703481] copy_user_test_oob+0xac/0x10f0 [ 32.704101] kunit_try_run_case+0x1b3/0x490 [ 32.704439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.704754] kthread+0x257/0x310 [ 32.705105] ret_from_fork+0x41/0x80 [ 32.705529] ret_from_fork_asm+0x1a/0x30 [ 32.705923] [ 32.706149] The buggy address belongs to the object at ffff888102a99200 [ 32.706149] which belongs to the cache kmalloc-128 of size 128 [ 32.707136] The buggy address is located 0 bytes inside of [ 32.707136] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.708118] [ 32.708323] The buggy address belongs to the physical page: [ 32.708786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.709274] flags: 0x200000000000000(node=0|zone=2) [ 32.709751] page_type: f5(slab) [ 32.710102] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.710864] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.711303] page dumped because: kasan: bad access detected [ 32.711663] [ 32.711865] Memory state around the buggy address: [ 32.712413] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.712941] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.713328] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.713684] ^ [ 32.714037] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.714654] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.715257] ================================================================== [ 32.642025] ================================================================== [ 32.642567] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 32.642959] Read of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.643591] [ 32.643893] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.644922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.645245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.645936] Call Trace: [ 32.646279] <TASK> [ 32.646579] dump_stack_lvl+0x73/0xb0 [ 32.647069] print_report+0xd1/0x640 [ 32.647344] ? __virt_addr_valid+0x1db/0x2d0 [ 32.647899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.648666] kasan_report+0x102/0x140 [ 32.649022] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.649374] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.649682] kasan_check_range+0x10c/0x1c0 [ 32.650287] __kasan_check_read+0x15/0x20 [ 32.650734] copy_user_test_oob+0x4ab/0x10f0 [ 32.651203] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.651849] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.652317] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.652693] kunit_try_run_case+0x1b3/0x490 [ 32.652987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.653716] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.654552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.655131] ? __kthread_parkme+0x82/0x160 [ 32.655717] ? preempt_count_sub+0x50/0x80 [ 32.656164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.656671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.657527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.657993] kthread+0x257/0x310 [ 32.658515] ? __pfx_kthread+0x10/0x10 [ 32.658954] ret_from_fork+0x41/0x80 [ 32.659434] ? __pfx_kthread+0x10/0x10 [ 32.660008] ret_from_fork_asm+0x1a/0x30 [ 32.660425] </TASK> [ 32.660654] [ 32.660803] Allocated by task 294: [ 32.661085] kasan_save_stack+0x3d/0x60 [ 32.661760] kasan_save_track+0x18/0x40 [ 32.662180] kasan_save_alloc_info+0x3b/0x50 [ 32.662724] __kasan_kmalloc+0xb7/0xc0 [ 32.663294] __kmalloc_noprof+0x1c4/0x500 [ 32.663824] kunit_kmalloc_array+0x25/0x60 [ 32.664281] copy_user_test_oob+0xac/0x10f0 [ 32.664622] kunit_try_run_case+0x1b3/0x490 [ 32.664889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.665403] kthread+0x257/0x310 [ 32.666104] ret_from_fork+0x41/0x80 [ 32.666606] ret_from_fork_asm+0x1a/0x30 [ 32.667016] [ 32.667315] The buggy address belongs to the object at ffff888102a99200 [ 32.667315] which belongs to the cache kmalloc-128 of size 128 [ 32.668549] The buggy address is located 0 bytes inside of [ 32.668549] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.669563] [ 32.669783] The buggy address belongs to the physical page: [ 32.670299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.670912] flags: 0x200000000000000(node=0|zone=2) [ 32.671649] page_type: f5(slab) [ 32.672091] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.672942] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.673397] page dumped because: kasan: bad access detected [ 32.674010] [ 32.674240] Memory state around the buggy address: [ 32.674741] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.675155] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.676112] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.676755] ^ [ 32.677308] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.678039] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.678678] ================================================================== [ 32.600337] ================================================================== [ 32.601261] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 32.601750] Write of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.602380] [ 32.602680] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.603508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.603888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.604381] Call Trace: [ 32.605145] <TASK> [ 32.605881] dump_stack_lvl+0x73/0xb0 [ 32.606364] print_report+0xd1/0x640 [ 32.606876] ? __virt_addr_valid+0x1db/0x2d0 [ 32.607397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.608184] kasan_report+0x102/0x140 [ 32.608757] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.609351] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.609994] kasan_check_range+0x10c/0x1c0 [ 32.610618] __kasan_check_write+0x18/0x20 [ 32.611197] copy_user_test_oob+0x3fe/0x10f0 [ 32.611853] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.612492] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.612996] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.613455] kunit_try_run_case+0x1b3/0x490 [ 32.614512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.614794] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.615328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.616037] ? __kthread_parkme+0x82/0x160 [ 32.616690] ? preempt_count_sub+0x50/0x80 [ 32.617258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.618005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.618490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.619106] kthread+0x257/0x310 [ 32.619650] ? __pfx_kthread+0x10/0x10 [ 32.619896] ret_from_fork+0x41/0x80 [ 32.620287] ? __pfx_kthread+0x10/0x10 [ 32.621293] ret_from_fork_asm+0x1a/0x30 [ 32.621686] </TASK> [ 32.621955] [ 32.622567] Allocated by task 294: [ 32.622796] kasan_save_stack+0x3d/0x60 [ 32.623669] kasan_save_track+0x18/0x40 [ 32.624283] kasan_save_alloc_info+0x3b/0x50 [ 32.624900] __kasan_kmalloc+0xb7/0xc0 [ 32.625236] __kmalloc_noprof+0x1c4/0x500 [ 32.625958] kunit_kmalloc_array+0x25/0x60 [ 32.626327] copy_user_test_oob+0xac/0x10f0 [ 32.626911] kunit_try_run_case+0x1b3/0x490 [ 32.627298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.627802] kthread+0x257/0x310 [ 32.628069] ret_from_fork+0x41/0x80 [ 32.628503] ret_from_fork_asm+0x1a/0x30 [ 32.628878] [ 32.629036] The buggy address belongs to the object at ffff888102a99200 [ 32.629036] which belongs to the cache kmalloc-128 of size 128 [ 32.629962] The buggy address is located 0 bytes inside of [ 32.629962] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.631246] [ 32.631408] The buggy address belongs to the physical page: [ 32.631727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.632427] flags: 0x200000000000000(node=0|zone=2) [ 32.632947] page_type: f5(slab) [ 32.633321] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.633711] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.634280] page dumped because: kasan: bad access detected [ 32.635037] [ 32.635295] Memory state around the buggy address: [ 32.635947] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.637134] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.637839] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.638510] ^ [ 32.639666] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.640253] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.640854] ================================================================== [ 32.717092] ================================================================== [ 32.717781] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 32.718347] Read of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.718658] [ 32.718798] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.719874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.720273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.720954] Call Trace: [ 32.721233] <TASK> [ 32.721425] dump_stack_lvl+0x73/0xb0 [ 32.721896] print_report+0xd1/0x640 [ 32.722360] ? __virt_addr_valid+0x1db/0x2d0 [ 32.722858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.723237] kasan_report+0x102/0x140 [ 32.723676] ? copy_user_test_oob+0x605/0x10f0 [ 32.723979] ? copy_user_test_oob+0x605/0x10f0 [ 32.724456] kasan_check_range+0x10c/0x1c0 [ 32.724814] __kasan_check_read+0x15/0x20 [ 32.725135] copy_user_test_oob+0x605/0x10f0 [ 32.725433] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.725923] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.726444] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.726959] kunit_try_run_case+0x1b3/0x490 [ 32.727416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.727799] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.728535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.729276] ? __kthread_parkme+0x82/0x160 [ 32.729724] ? preempt_count_sub+0x50/0x80 [ 32.730174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.730641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.732079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.732950] kthread+0x257/0x310 [ 32.733927] ? __pfx_kthread+0x10/0x10 [ 32.735204] ret_from_fork+0x41/0x80 [ 32.735525] ? __pfx_kthread+0x10/0x10 [ 32.735786] ret_from_fork_asm+0x1a/0x30 [ 32.736095] </TASK> [ 32.736285] [ 32.736438] Allocated by task 294: [ 32.736660] kasan_save_stack+0x3d/0x60 [ 32.736843] kasan_save_track+0x18/0x40 [ 32.736986] kasan_save_alloc_info+0x3b/0x50 [ 32.737490] __kasan_kmalloc+0xb7/0xc0 [ 32.737977] __kmalloc_noprof+0x1c4/0x500 [ 32.738499] kunit_kmalloc_array+0x25/0x60 [ 32.739001] copy_user_test_oob+0xac/0x10f0 [ 32.739576] kunit_try_run_case+0x1b3/0x490 [ 32.740082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.740677] kthread+0x257/0x310 [ 32.740944] ret_from_fork+0x41/0x80 [ 32.741281] ret_from_fork_asm+0x1a/0x30 [ 32.741761] [ 32.741930] The buggy address belongs to the object at ffff888102a99200 [ 32.741930] which belongs to the cache kmalloc-128 of size 128 [ 32.742850] The buggy address is located 0 bytes inside of [ 32.742850] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.743630] [ 32.743796] The buggy address belongs to the physical page: [ 32.744141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.744915] flags: 0x200000000000000(node=0|zone=2) [ 32.745408] page_type: f5(slab) [ 32.745822] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.746546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.747284] page dumped because: kasan: bad access detected [ 32.747876] [ 32.748158] Memory state around the buggy address: [ 32.748787] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.749559] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.750257] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.751048] ^ [ 32.751793] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.752545] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.752991] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 32.557913] ================================================================== [ 32.558420] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 32.558882] Read of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.559543] [ 32.559796] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.560348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.560756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.561346] Call Trace: [ 32.561703] <TASK> [ 32.561976] dump_stack_lvl+0x73/0xb0 [ 32.562395] print_report+0xd1/0x640 [ 32.562702] ? __virt_addr_valid+0x1db/0x2d0 [ 32.563001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.563570] kasan_report+0x102/0x140 [ 32.563972] ? _copy_to_user+0x4a/0x70 [ 32.564385] ? _copy_to_user+0x4a/0x70 [ 32.564726] kasan_check_range+0x10c/0x1c0 [ 32.565013] __kasan_check_read+0x15/0x20 [ 32.565532] _copy_to_user+0x4a/0x70 [ 32.565908] copy_user_test_oob+0x365/0x10f0 [ 32.566368] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.566846] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.567344] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.568049] kunit_try_run_case+0x1b3/0x490 [ 32.568367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.568843] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.569175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.569491] ? __kthread_parkme+0x82/0x160 [ 32.569937] ? preempt_count_sub+0x50/0x80 [ 32.570388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.570850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.571216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.571792] kthread+0x257/0x310 [ 32.572180] ? __pfx_kthread+0x10/0x10 [ 32.572626] ret_from_fork+0x41/0x80 [ 32.572946] ? __pfx_kthread+0x10/0x10 [ 32.573360] ret_from_fork_asm+0x1a/0x30 [ 32.573696] </TASK> [ 32.573983] [ 32.574204] Allocated by task 294: [ 32.574561] kasan_save_stack+0x3d/0x60 [ 32.574914] kasan_save_track+0x18/0x40 [ 32.575233] kasan_save_alloc_info+0x3b/0x50 [ 32.575747] __kasan_kmalloc+0xb7/0xc0 [ 32.576007] __kmalloc_noprof+0x1c4/0x500 [ 32.576421] kunit_kmalloc_array+0x25/0x60 [ 32.576798] copy_user_test_oob+0xac/0x10f0 [ 32.577166] kunit_try_run_case+0x1b3/0x490 [ 32.577503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.578193] kthread+0x257/0x310 [ 32.578482] ret_from_fork+0x41/0x80 [ 32.578836] ret_from_fork_asm+0x1a/0x30 [ 32.579125] [ 32.579337] The buggy address belongs to the object at ffff888102a99200 [ 32.579337] which belongs to the cache kmalloc-128 of size 128 [ 32.580363] The buggy address is located 0 bytes inside of [ 32.580363] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.580922] [ 32.581093] The buggy address belongs to the physical page: [ 32.581585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.582289] flags: 0x200000000000000(node=0|zone=2) [ 32.582913] page_type: f5(slab) [ 32.583276] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.584182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.584939] page dumped because: kasan: bad access detected [ 32.585262] [ 32.585410] Memory state around the buggy address: [ 32.585679] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.586299] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.586994] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.587683] ^ [ 32.588153] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.588798] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.589277] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 32.512591] ================================================================== [ 32.513552] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 32.514247] Write of size 121 at addr ffff888102a99200 by task kunit_try_catch/294 [ 32.514731] [ 32.515278] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.516022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.516498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.517094] Call Trace: [ 32.517390] <TASK> [ 32.517753] dump_stack_lvl+0x73/0xb0 [ 32.518176] print_report+0xd1/0x640 [ 32.518652] ? __virt_addr_valid+0x1db/0x2d0 [ 32.518992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.519473] kasan_report+0x102/0x140 [ 32.519932] ? _copy_from_user+0x33/0xa0 [ 32.520311] ? _copy_from_user+0x33/0xa0 [ 32.520777] kasan_check_range+0x10c/0x1c0 [ 32.521223] __kasan_check_write+0x18/0x20 [ 32.521677] _copy_from_user+0x33/0xa0 [ 32.521953] copy_user_test_oob+0x2bf/0x10f0 [ 32.522530] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.522994] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 32.523563] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.523942] kunit_try_run_case+0x1b3/0x490 [ 32.524259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.524767] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.525510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.526004] ? __kthread_parkme+0x82/0x160 [ 32.526451] ? preempt_count_sub+0x50/0x80 [ 32.526780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.527139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.528920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.529379] kthread+0x257/0x310 [ 32.530191] ? __pfx_kthread+0x10/0x10 [ 32.530574] ret_from_fork+0x41/0x80 [ 32.530819] ? __pfx_kthread+0x10/0x10 [ 32.531413] ret_from_fork_asm+0x1a/0x30 [ 32.531861] </TASK> [ 32.532140] [ 32.532344] Allocated by task 294: [ 32.532648] kasan_save_stack+0x3d/0x60 [ 32.534088] kasan_save_track+0x18/0x40 [ 32.534396] kasan_save_alloc_info+0x3b/0x50 [ 32.534707] __kasan_kmalloc+0xb7/0xc0 [ 32.535647] __kmalloc_noprof+0x1c4/0x500 [ 32.535934] kunit_kmalloc_array+0x25/0x60 [ 32.536350] copy_user_test_oob+0xac/0x10f0 [ 32.537253] kunit_try_run_case+0x1b3/0x490 [ 32.537601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.538280] kthread+0x257/0x310 [ 32.538846] ret_from_fork+0x41/0x80 [ 32.539401] ret_from_fork_asm+0x1a/0x30 [ 32.539925] [ 32.540112] The buggy address belongs to the object at ffff888102a99200 [ 32.540112] which belongs to the cache kmalloc-128 of size 128 [ 32.541240] The buggy address is located 0 bytes inside of [ 32.541240] allocated 120-byte region [ffff888102a99200, ffff888102a99278) [ 32.542105] [ 32.542820] The buggy address belongs to the physical page: [ 32.543446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a99 [ 32.543931] flags: 0x200000000000000(node=0|zone=2) [ 32.544664] page_type: f5(slab) [ 32.545015] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.546074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.546639] page dumped because: kasan: bad access detected [ 32.547039] [ 32.547234] Memory state around the buggy address: [ 32.547616] ffff888102a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.548148] ffff888102a99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.549398] >ffff888102a99200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.549886] ^ [ 32.550800] ffff888102a99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.551273] ffff888102a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.552075] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 32.393789] ================================================================== [ 32.396092] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 32.396756] Read of size 8 at addr ffff88810299ad78 by task kunit_try_catch/290 [ 32.397205] [ 32.397449] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.398310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.399418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.400410] Call Trace: [ 32.400971] <TASK> [ 32.401182] dump_stack_lvl+0x73/0xb0 [ 32.401753] print_report+0xd1/0x640 [ 32.402540] ? __virt_addr_valid+0x1db/0x2d0 [ 32.403001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.403558] kasan_report+0x102/0x140 [ 32.404180] ? copy_to_kernel_nofault+0x225/0x260 [ 32.404821] ? copy_to_kernel_nofault+0x225/0x260 [ 32.405335] __asan_report_load8_noabort+0x18/0x20 [ 32.406153] copy_to_kernel_nofault+0x225/0x260 [ 32.406570] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 32.407351] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.408031] ? finish_task_switch.isra.0+0x153/0x700 [ 32.408835] ? __schedule+0xc3e/0x2790 [ 32.409542] ? trace_hardirqs_on+0x37/0xe0 [ 32.410283] ? __pfx_read_tsc+0x10/0x10 [ 32.410829] ? ktime_get_ts64+0x86/0x230 [ 32.411616] kunit_try_run_case+0x1b3/0x490 [ 32.412050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.412520] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.413338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.414018] ? __kthread_parkme+0x82/0x160 [ 32.414588] ? preempt_count_sub+0x50/0x80 [ 32.415093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.415965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.416455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.416954] kthread+0x257/0x310 [ 32.417280] ? __pfx_kthread+0x10/0x10 [ 32.418132] ret_from_fork+0x41/0x80 [ 32.418489] ? __pfx_kthread+0x10/0x10 [ 32.419144] ret_from_fork_asm+0x1a/0x30 [ 32.419806] </TASK> [ 32.420011] [ 32.420174] Allocated by task 290: [ 32.421114] kasan_save_stack+0x3d/0x60 [ 32.421418] kasan_save_track+0x18/0x40 [ 32.421809] kasan_save_alloc_info+0x3b/0x50 [ 32.422551] __kasan_kmalloc+0xb7/0xc0 [ 32.423066] __kmalloc_cache_noprof+0x184/0x410 [ 32.423589] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.424228] kunit_try_run_case+0x1b3/0x490 [ 32.424755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.425257] kthread+0x257/0x310 [ 32.425736] ret_from_fork+0x41/0x80 [ 32.426118] ret_from_fork_asm+0x1a/0x30 [ 32.426392] [ 32.426682] The buggy address belongs to the object at ffff88810299ad00 [ 32.426682] which belongs to the cache kmalloc-128 of size 128 [ 32.427957] The buggy address is located 0 bytes to the right of [ 32.427957] allocated 120-byte region [ffff88810299ad00, ffff88810299ad78) [ 32.428766] [ 32.428986] The buggy address belongs to the physical page: [ 32.429727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299a [ 32.430622] flags: 0x200000000000000(node=0|zone=2) [ 32.431234] page_type: f5(slab) [ 32.431793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.432710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.433494] page dumped because: kasan: bad access detected [ 32.434318] [ 32.434735] Memory state around the buggy address: [ 32.435121] ffff88810299ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.436025] ffff88810299ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.436963] >ffff88810299ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.438164] ^ [ 32.438623] ffff88810299ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.439287] ffff88810299ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.440128] ================================================================== [ 32.441745] ================================================================== [ 32.442971] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 32.443757] Write of size 8 at addr ffff88810299ad78 by task kunit_try_catch/290 [ 32.444732] [ 32.445421] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.446535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.446921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.447959] Call Trace: [ 32.448181] <TASK> [ 32.448643] dump_stack_lvl+0x73/0xb0 [ 32.449107] print_report+0xd1/0x640 [ 32.449545] ? __virt_addr_valid+0x1db/0x2d0 [ 32.450243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.450647] kasan_report+0x102/0x140 [ 32.451917] ? copy_to_kernel_nofault+0x99/0x260 [ 32.452413] ? copy_to_kernel_nofault+0x99/0x260 [ 32.453076] kasan_check_range+0x10c/0x1c0 [ 32.453426] __kasan_check_write+0x18/0x20 [ 32.453970] copy_to_kernel_nofault+0x99/0x260 [ 32.454428] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 32.455150] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 32.455599] ? finish_task_switch.isra.0+0x153/0x700 [ 32.455918] ? __schedule+0xc3e/0x2790 [ 32.456810] ? trace_hardirqs_on+0x37/0xe0 [ 32.457457] ? __pfx_read_tsc+0x10/0x10 [ 32.458247] ? ktime_get_ts64+0x86/0x230 [ 32.458812] kunit_try_run_case+0x1b3/0x490 [ 32.459257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.460104] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.460782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.461154] ? __kthread_parkme+0x82/0x160 [ 32.461515] ? preempt_count_sub+0x50/0x80 [ 32.462608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.463294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.463985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.464766] kthread+0x257/0x310 [ 32.465152] ? __pfx_kthread+0x10/0x10 [ 32.465782] ret_from_fork+0x41/0x80 [ 32.466325] ? __pfx_kthread+0x10/0x10 [ 32.466560] ret_from_fork_asm+0x1a/0x30 [ 32.467511] </TASK> [ 32.468031] [ 32.468218] Allocated by task 290: [ 32.468580] kasan_save_stack+0x3d/0x60 [ 32.469737] kasan_save_track+0x18/0x40 [ 32.470072] kasan_save_alloc_info+0x3b/0x50 [ 32.470619] __kasan_kmalloc+0xb7/0xc0 [ 32.470883] __kmalloc_cache_noprof+0x184/0x410 [ 32.471299] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 32.472234] kunit_try_run_case+0x1b3/0x490 [ 32.472501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.472769] kthread+0x257/0x310 [ 32.473697] ret_from_fork+0x41/0x80 [ 32.474322] ret_from_fork_asm+0x1a/0x30 [ 32.474986] [ 32.475195] The buggy address belongs to the object at ffff88810299ad00 [ 32.475195] which belongs to the cache kmalloc-128 of size 128 [ 32.477270] The buggy address is located 0 bytes to the right of [ 32.477270] allocated 120-byte region [ffff88810299ad00, ffff88810299ad78) [ 32.478246] [ 32.478482] The buggy address belongs to the physical page: [ 32.479412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299a [ 32.480270] flags: 0x200000000000000(node=0|zone=2) [ 32.481220] page_type: f5(slab) [ 32.481844] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.482913] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.483389] page dumped because: kasan: bad access detected [ 32.483771] [ 32.483981] Memory state around the buggy address: [ 32.484403] ffff88810299ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.484955] ffff88810299ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.485745] >ffff88810299ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.486686] ^ [ 32.487721] ffff88810299ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.488546] ffff88810299ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.489532] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 31.642018] ================================================================== [ 31.642422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 31.643221] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.643638] [ 31.643815] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.644903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.645300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.645880] Call Trace: [ 31.646069] <TASK> [ 31.646228] dump_stack_lvl+0x73/0xb0 [ 31.646587] print_report+0xd1/0x640 [ 31.646976] ? __virt_addr_valid+0x1db/0x2d0 [ 31.647494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.648009] kasan_report+0x102/0x140 [ 31.648502] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.648974] ? kasan_atomics_helper+0x1a80/0x5450 [ 31.649511] kasan_check_range+0x10c/0x1c0 [ 31.649966] __kasan_check_write+0x18/0x20 [ 31.650265] kasan_atomics_helper+0x1a80/0x5450 [ 31.650770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.651306] ? ret_from_fork_asm+0x1a/0x30 [ 31.651816] ? ret_from_fork+0x41/0x80 [ 31.652267] ? kthread+0x257/0x310 [ 31.652666] kasan_atomics+0x1dd/0x310 [ 31.652947] ? __pfx_kasan_atomics+0x10/0x10 [ 31.653394] ? __pfx_read_tsc+0x10/0x10 [ 31.653901] ? ktime_get_ts64+0x86/0x230 [ 31.654370] kunit_try_run_case+0x1b3/0x490 [ 31.654910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.655237] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.655588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.655898] ? __kthread_parkme+0x82/0x160 [ 31.656284] ? preempt_count_sub+0x50/0x80 [ 31.656803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.657289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.657889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.658403] kthread+0x257/0x310 [ 31.658846] ? __pfx_kthread+0x10/0x10 [ 31.659260] ret_from_fork+0x41/0x80 [ 31.659709] ? __pfx_kthread+0x10/0x10 [ 31.660043] ret_from_fork_asm+0x1a/0x30 [ 31.660362] </TASK> [ 31.660598] [ 31.660750] Allocated by task 274: [ 31.661106] kasan_save_stack+0x3d/0x60 [ 31.661608] kasan_save_track+0x18/0x40 [ 31.662067] kasan_save_alloc_info+0x3b/0x50 [ 31.662571] __kasan_kmalloc+0xb7/0xc0 [ 31.662994] __kmalloc_cache_noprof+0x184/0x410 [ 31.666429] kasan_atomics+0x96/0x310 [ 31.666819] kunit_try_run_case+0x1b3/0x490 [ 31.667080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.668307] kthread+0x257/0x310 [ 31.668671] ret_from_fork+0x41/0x80 [ 31.669644] ret_from_fork_asm+0x1a/0x30 [ 31.669927] [ 31.670163] The buggy address belongs to the object at ffff888102a59b80 [ 31.670163] which belongs to the cache kmalloc-64 of size 64 [ 31.671072] The buggy address is located 0 bytes to the right of [ 31.671072] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.672520] [ 31.673241] The buggy address belongs to the physical page: [ 31.673922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.674745] flags: 0x200000000000000(node=0|zone=2) [ 31.675139] page_type: f5(slab) [ 31.675405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.676801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.677304] page dumped because: kasan: bad access detected [ 31.678206] [ 31.678358] Memory state around the buggy address: [ 31.678645] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.679628] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.680583] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.681129] ^ [ 31.681496] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.682532] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.682859] ================================================================== [ 30.384560] ================================================================== [ 30.385049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 30.385738] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.386255] [ 30.386502] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.387227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.388462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.389325] Call Trace: [ 30.389533] <TASK> [ 30.390831] dump_stack_lvl+0x73/0xb0 [ 30.391198] print_report+0xd1/0x640 [ 30.391569] ? __virt_addr_valid+0x1db/0x2d0 [ 30.391961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.392489] kasan_report+0x102/0x140 [ 30.393484] ? kasan_atomics_helper+0xa2c/0x5450 [ 30.393851] ? kasan_atomics_helper+0xa2c/0x5450 [ 30.394419] kasan_check_range+0x10c/0x1c0 [ 30.395023] __kasan_check_write+0x18/0x20 [ 30.395304] kasan_atomics_helper+0xa2c/0x5450 [ 30.395938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.396361] ? ret_from_fork_asm+0x1a/0x30 [ 30.397200] ? ret_from_fork+0x41/0x80 [ 30.397785] ? kthread+0x257/0x310 [ 30.398202] kasan_atomics+0x1dd/0x310 [ 30.398895] ? __pfx_kasan_atomics+0x10/0x10 [ 30.399361] ? __pfx_read_tsc+0x10/0x10 [ 30.400076] ? ktime_get_ts64+0x86/0x230 [ 30.400662] kunit_try_run_case+0x1b3/0x490 [ 30.401127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.401843] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.402470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.402921] ? __kthread_parkme+0x82/0x160 [ 30.403285] ? preempt_count_sub+0x50/0x80 [ 30.404082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.404903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.405351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.406270] kthread+0x257/0x310 [ 30.406571] ? __pfx_kthread+0x10/0x10 [ 30.406879] ret_from_fork+0x41/0x80 [ 30.407499] ? __pfx_kthread+0x10/0x10 [ 30.407902] ret_from_fork_asm+0x1a/0x30 [ 30.408553] </TASK> [ 30.408828] [ 30.409025] Allocated by task 274: [ 30.409321] kasan_save_stack+0x3d/0x60 [ 30.409698] kasan_save_track+0x18/0x40 [ 30.410696] kasan_save_alloc_info+0x3b/0x50 [ 30.411414] __kasan_kmalloc+0xb7/0xc0 [ 30.411779] __kmalloc_cache_noprof+0x184/0x410 [ 30.412190] kasan_atomics+0x96/0x310 [ 30.412943] kunit_try_run_case+0x1b3/0x490 [ 30.413319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.413732] kthread+0x257/0x310 [ 30.414080] ret_from_fork+0x41/0x80 [ 30.414390] ret_from_fork_asm+0x1a/0x30 [ 30.415240] [ 30.415408] The buggy address belongs to the object at ffff888102a59b80 [ 30.415408] which belongs to the cache kmalloc-64 of size 64 [ 30.416395] The buggy address is located 0 bytes to the right of [ 30.416395] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.417810] [ 30.417971] The buggy address belongs to the physical page: [ 30.418824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.419509] flags: 0x200000000000000(node=0|zone=2) [ 30.420184] page_type: f5(slab) [ 30.420541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.421257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.422212] page dumped because: kasan: bad access detected [ 30.422577] [ 30.422812] Memory state around the buggy address: [ 30.423238] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.423901] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.424367] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.425678] ^ [ 30.426019] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.426649] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.427427] ================================================================== [ 30.586328] ================================================================== [ 30.587420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 30.588522] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.589197] [ 30.589486] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.590371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.590802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.591683] Call Trace: [ 30.592032] <TASK> [ 30.592592] dump_stack_lvl+0x73/0xb0 [ 30.593026] print_report+0xd1/0x640 [ 30.593322] ? __virt_addr_valid+0x1db/0x2d0 [ 30.593672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.594151] kasan_report+0x102/0x140 [ 30.594597] ? kasan_atomics_helper+0xd48/0x5450 [ 30.595122] ? kasan_atomics_helper+0xd48/0x5450 [ 30.595693] kasan_check_range+0x10c/0x1c0 [ 30.596140] __kasan_check_write+0x18/0x20 [ 30.596646] kasan_atomics_helper+0xd48/0x5450 [ 30.597148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.597690] ? ret_from_fork_asm+0x1a/0x30 [ 30.598176] ? ret_from_fork+0x41/0x80 [ 30.598637] ? kthread+0x257/0x310 [ 30.598978] kasan_atomics+0x1dd/0x310 [ 30.599468] ? __pfx_kasan_atomics+0x10/0x10 [ 30.599916] ? __pfx_read_tsc+0x10/0x10 [ 30.600253] ? ktime_get_ts64+0x86/0x230 [ 30.600594] kunit_try_run_case+0x1b3/0x490 [ 30.600891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.601296] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.601791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.602307] ? __kthread_parkme+0x82/0x160 [ 30.602819] ? preempt_count_sub+0x50/0x80 [ 30.603272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.603809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.604421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.604989] kthread+0x257/0x310 [ 30.605345] ? __pfx_kthread+0x10/0x10 [ 30.605781] ret_from_fork+0x41/0x80 [ 30.606220] ? __pfx_kthread+0x10/0x10 [ 30.606694] ret_from_fork_asm+0x1a/0x30 [ 30.607017] </TASK> [ 30.607254] [ 30.607561] Allocated by task 274: [ 30.607919] kasan_save_stack+0x3d/0x60 [ 30.608376] kasan_save_track+0x18/0x40 [ 30.608772] kasan_save_alloc_info+0x3b/0x50 [ 30.609256] __kasan_kmalloc+0xb7/0xc0 [ 30.609595] __kmalloc_cache_noprof+0x184/0x410 [ 30.610042] kasan_atomics+0x96/0x310 [ 30.610331] kunit_try_run_case+0x1b3/0x490 [ 30.610766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.611134] kthread+0x257/0x310 [ 30.611381] ret_from_fork+0x41/0x80 [ 30.611679] ret_from_fork_asm+0x1a/0x30 [ 30.611950] [ 30.612127] The buggy address belongs to the object at ffff888102a59b80 [ 30.612127] which belongs to the cache kmalloc-64 of size 64 [ 30.613177] The buggy address is located 0 bytes to the right of [ 30.613177] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.614238] [ 30.614501] The buggy address belongs to the physical page: [ 30.615221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.616853] flags: 0x200000000000000(node=0|zone=2) [ 30.617961] page_type: f5(slab) [ 30.619743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.620378] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.620758] page dumped because: kasan: bad access detected [ 30.621099] [ 30.621253] Memory state around the buggy address: [ 30.622151] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.622877] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.623428] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.623934] ^ [ 30.624283] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.624899] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.625423] ================================================================== [ 31.155012] ================================================================== [ 31.155689] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 31.156273] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.157520] [ 31.157776] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.158503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.158900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.159473] Call Trace: [ 31.159784] <TASK> [ 31.160029] dump_stack_lvl+0x73/0xb0 [ 31.160527] print_report+0xd1/0x640 [ 31.160928] ? __virt_addr_valid+0x1db/0x2d0 [ 31.161302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.161805] kasan_report+0x102/0x140 [ 31.162091] ? kasan_atomics_helper+0x4eb0/0x5450 [ 31.162393] ? kasan_atomics_helper+0x4eb0/0x5450 [ 31.162782] __asan_report_load8_noabort+0x18/0x20 [ 31.163115] kasan_atomics_helper+0x4eb0/0x5450 [ 31.163603] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.164107] ? ret_from_fork_asm+0x1a/0x30 [ 31.164585] ? ret_from_fork+0x41/0x80 [ 31.164993] ? kthread+0x257/0x310 [ 31.165375] kasan_atomics+0x1dd/0x310 [ 31.165810] ? __pfx_kasan_atomics+0x10/0x10 [ 31.166262] ? __pfx_read_tsc+0x10/0x10 [ 31.166690] ? ktime_get_ts64+0x86/0x230 [ 31.167021] kunit_try_run_case+0x1b3/0x490 [ 31.167514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.167921] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.168361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.168751] ? __kthread_parkme+0x82/0x160 [ 31.169178] ? preempt_count_sub+0x50/0x80 [ 31.169649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.170140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.171230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.172184] kthread+0x257/0x310 [ 31.173679] ? __pfx_kthread+0x10/0x10 [ 31.174087] ret_from_fork+0x41/0x80 [ 31.174509] ? __pfx_kthread+0x10/0x10 [ 31.174810] ret_from_fork_asm+0x1a/0x30 [ 31.175175] </TASK> [ 31.175408] [ 31.176247] Allocated by task 274: [ 31.177068] kasan_save_stack+0x3d/0x60 [ 31.177698] kasan_save_track+0x18/0x40 [ 31.178068] kasan_save_alloc_info+0x3b/0x50 [ 31.178486] __kasan_kmalloc+0xb7/0xc0 [ 31.178880] __kmalloc_cache_noprof+0x184/0x410 [ 31.179243] kasan_atomics+0x96/0x310 [ 31.179620] kunit_try_run_case+0x1b3/0x490 [ 31.179999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.180544] kthread+0x257/0x310 [ 31.180821] ret_from_fork+0x41/0x80 [ 31.181137] ret_from_fork_asm+0x1a/0x30 [ 31.181583] [ 31.181796] The buggy address belongs to the object at ffff888102a59b80 [ 31.181796] which belongs to the cache kmalloc-64 of size 64 [ 31.182654] The buggy address is located 0 bytes to the right of [ 31.182654] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.183375] [ 31.183653] The buggy address belongs to the physical page: [ 31.184157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.184735] flags: 0x200000000000000(node=0|zone=2) [ 31.185092] page_type: f5(slab) [ 31.185332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.186005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.186672] page dumped because: kasan: bad access detected [ 31.187045] [ 31.187259] Memory state around the buggy address: [ 31.187678] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.188175] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.188599] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.188968] ^ [ 31.189414] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.190066] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.190673] ================================================================== [ 31.775369] ================================================================== [ 31.775869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 31.776535] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.777200] [ 31.777447] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.778044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.778426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.779411] Call Trace: [ 31.780022] <TASK> [ 31.780246] dump_stack_lvl+0x73/0xb0 [ 31.780809] print_report+0xd1/0x640 [ 31.781238] ? __virt_addr_valid+0x1db/0x2d0 [ 31.781758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.782346] kasan_report+0x102/0x140 [ 31.782892] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.783343] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.783945] __asan_report_load8_noabort+0x18/0x20 [ 31.784385] kasan_atomics_helper+0x4f32/0x5450 [ 31.785090] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.785611] ? ret_from_fork_asm+0x1a/0x30 [ 31.786006] ? ret_from_fork+0x41/0x80 [ 31.786535] ? kthread+0x257/0x310 [ 31.787013] kasan_atomics+0x1dd/0x310 [ 31.787366] ? __pfx_kasan_atomics+0x10/0x10 [ 31.787788] ? __pfx_read_tsc+0x10/0x10 [ 31.788171] ? ktime_get_ts64+0x86/0x230 [ 31.788556] kunit_try_run_case+0x1b3/0x490 [ 31.788995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.789603] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.790185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.790689] ? __kthread_parkme+0x82/0x160 [ 31.791126] ? preempt_count_sub+0x50/0x80 [ 31.791686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.792245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.792856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.793289] kthread+0x257/0x310 [ 31.794192] ? __pfx_kthread+0x10/0x10 [ 31.794696] ret_from_fork+0x41/0x80 [ 31.795110] ? __pfx_kthread+0x10/0x10 [ 31.795497] ret_from_fork_asm+0x1a/0x30 [ 31.795878] </TASK> [ 31.796657] [ 31.797176] Allocated by task 274: [ 31.797419] kasan_save_stack+0x3d/0x60 [ 31.797894] kasan_save_track+0x18/0x40 [ 31.798830] kasan_save_alloc_info+0x3b/0x50 [ 31.799393] __kasan_kmalloc+0xb7/0xc0 [ 31.800033] __kmalloc_cache_noprof+0x184/0x410 [ 31.800420] kasan_atomics+0x96/0x310 [ 31.801385] kunit_try_run_case+0x1b3/0x490 [ 31.801765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.802380] kthread+0x257/0x310 [ 31.802857] ret_from_fork+0x41/0x80 [ 31.803360] ret_from_fork_asm+0x1a/0x30 [ 31.803674] [ 31.803884] The buggy address belongs to the object at ffff888102a59b80 [ 31.803884] which belongs to the cache kmalloc-64 of size 64 [ 31.804760] The buggy address is located 0 bytes to the right of [ 31.804760] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.806378] [ 31.807162] The buggy address belongs to the physical page: [ 31.807516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.808231] flags: 0x200000000000000(node=0|zone=2) [ 31.808983] page_type: f5(slab) [ 31.809241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.810308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.810804] page dumped because: kasan: bad access detected [ 31.811269] [ 31.811445] Memory state around the buggy address: [ 31.812318] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.813090] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.813505] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.814423] ^ [ 31.814863] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.815666] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.816446] ================================================================== [ 30.030198] ================================================================== [ 30.031126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 30.031742] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.032581] [ 30.032762] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.033507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.034105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.034637] Call Trace: [ 30.034897] <TASK> [ 30.035319] dump_stack_lvl+0x73/0xb0 [ 30.035972] print_report+0xd1/0x640 [ 30.036781] ? __virt_addr_valid+0x1db/0x2d0 [ 30.037559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.037945] kasan_report+0x102/0x140 [ 30.038232] ? kasan_atomics_helper+0x4b3c/0x5450 [ 30.038803] ? kasan_atomics_helper+0x4b3c/0x5450 [ 30.039478] __asan_report_store4_noabort+0x1b/0x30 [ 30.039999] kasan_atomics_helper+0x4b3c/0x5450 [ 30.040501] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.040982] ? ret_from_fork_asm+0x1a/0x30 [ 30.041406] ? ret_from_fork+0x41/0x80 [ 30.041885] ? kthread+0x257/0x310 [ 30.042248] kasan_atomics+0x1dd/0x310 [ 30.042724] ? __pfx_kasan_atomics+0x10/0x10 [ 30.043107] ? __pfx_read_tsc+0x10/0x10 [ 30.043596] ? ktime_get_ts64+0x86/0x230 [ 30.044033] kunit_try_run_case+0x1b3/0x490 [ 30.044355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.044935] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.045523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.046106] ? __kthread_parkme+0x82/0x160 [ 30.046607] ? preempt_count_sub+0x50/0x80 [ 30.047139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.047702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.047916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.048166] kthread+0x257/0x310 [ 30.048602] ? __pfx_kthread+0x10/0x10 [ 30.048914] ret_from_fork+0x41/0x80 [ 30.049346] ? __pfx_kthread+0x10/0x10 [ 30.049682] ret_from_fork_asm+0x1a/0x30 [ 30.050139] </TASK> [ 30.050414] [ 30.050654] Allocated by task 274: [ 30.050995] kasan_save_stack+0x3d/0x60 [ 30.051363] kasan_save_track+0x18/0x40 [ 30.051824] kasan_save_alloc_info+0x3b/0x50 [ 30.052245] __kasan_kmalloc+0xb7/0xc0 [ 30.052673] __kmalloc_cache_noprof+0x184/0x410 [ 30.053064] kasan_atomics+0x96/0x310 [ 30.053390] kunit_try_run_case+0x1b3/0x490 [ 30.053818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.054226] kthread+0x257/0x310 [ 30.054576] ret_from_fork+0x41/0x80 [ 30.054888] ret_from_fork_asm+0x1a/0x30 [ 30.055232] [ 30.055382] The buggy address belongs to the object at ffff888102a59b80 [ 30.055382] which belongs to the cache kmalloc-64 of size 64 [ 30.056355] The buggy address is located 0 bytes to the right of [ 30.056355] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.057229] [ 30.057514] The buggy address belongs to the physical page: [ 30.057995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.058393] flags: 0x200000000000000(node=0|zone=2) [ 30.058921] page_type: f5(slab) [ 30.059288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.060000] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.060521] page dumped because: kasan: bad access detected [ 30.060815] [ 30.060958] Memory state around the buggy address: [ 30.061378] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.062067] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.062722] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.063341] ^ [ 30.063840] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.064301] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.064828] ================================================================== [ 29.987572] ================================================================== [ 29.989803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 29.992438] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.993091] [ 29.993332] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.995212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.995646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.996331] Call Trace: [ 29.997031] <TASK> [ 29.997408] dump_stack_lvl+0x73/0xb0 [ 29.997965] print_report+0xd1/0x640 [ 29.998534] ? __virt_addr_valid+0x1db/0x2d0 [ 29.999135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.999773] kasan_report+0x102/0x140 [ 30.000243] ? kasan_atomics_helper+0x4a1/0x5450 [ 30.000830] ? kasan_atomics_helper+0x4a1/0x5450 [ 30.001260] kasan_check_range+0x10c/0x1c0 [ 30.001665] __kasan_check_write+0x18/0x20 [ 30.002100] kasan_atomics_helper+0x4a1/0x5450 [ 30.002620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.003165] ? ret_from_fork_asm+0x1a/0x30 [ 30.003734] ? ret_from_fork+0x41/0x80 [ 30.004101] ? kthread+0x257/0x310 [ 30.004545] kasan_atomics+0x1dd/0x310 [ 30.005039] ? __pfx_kasan_atomics+0x10/0x10 [ 30.005430] ? __pfx_read_tsc+0x10/0x10 [ 30.005892] ? ktime_get_ts64+0x86/0x230 [ 30.006314] kunit_try_run_case+0x1b3/0x490 [ 30.006793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.007260] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.007668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.008143] ? __kthread_parkme+0x82/0x160 [ 30.008611] ? preempt_count_sub+0x50/0x80 [ 30.008895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.009390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.009979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.010520] kthread+0x257/0x310 [ 30.010888] ? __pfx_kthread+0x10/0x10 [ 30.011326] ret_from_fork+0x41/0x80 [ 30.011692] ? __pfx_kthread+0x10/0x10 [ 30.011958] ret_from_fork_asm+0x1a/0x30 [ 30.012507] </TASK> [ 30.012785] [ 30.013025] Allocated by task 274: [ 30.013377] kasan_save_stack+0x3d/0x60 [ 30.013765] kasan_save_track+0x18/0x40 [ 30.014019] kasan_save_alloc_info+0x3b/0x50 [ 30.014311] __kasan_kmalloc+0xb7/0xc0 [ 30.014775] __kmalloc_cache_noprof+0x184/0x410 [ 30.015238] kasan_atomics+0x96/0x310 [ 30.015617] kunit_try_run_case+0x1b3/0x490 [ 30.016036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.016638] kthread+0x257/0x310 [ 30.016954] ret_from_fork+0x41/0x80 [ 30.017226] ret_from_fork_asm+0x1a/0x30 [ 30.017529] [ 30.017738] The buggy address belongs to the object at ffff888102a59b80 [ 30.017738] which belongs to the cache kmalloc-64 of size 64 [ 30.018757] The buggy address is located 0 bytes to the right of [ 30.018757] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.019802] [ 30.020005] The buggy address belongs to the physical page: [ 30.020312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.020849] flags: 0x200000000000000(node=0|zone=2) [ 30.021326] page_type: f5(slab) [ 30.021729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.022400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.023005] page dumped because: kasan: bad access detected [ 30.023579] [ 30.023786] Memory state around the buggy address: [ 30.024066] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.024808] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.025189] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.025553] ^ [ 30.026169] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.027770] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.028855] ================================================================== [ 31.601257] ================================================================== [ 31.601778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 31.602567] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.603147] [ 31.603407] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.604000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.604481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.605231] Call Trace: [ 31.605439] <TASK> [ 31.605782] dump_stack_lvl+0x73/0xb0 [ 31.606278] print_report+0xd1/0x640 [ 31.606780] ? __virt_addr_valid+0x1db/0x2d0 [ 31.607227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.607707] kasan_report+0x102/0x140 [ 31.608185] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.608765] ? kasan_atomics_helper+0x19e4/0x5450 [ 31.609233] kasan_check_range+0x10c/0x1c0 [ 31.609713] __kasan_check_write+0x18/0x20 [ 31.609989] kasan_atomics_helper+0x19e4/0x5450 [ 31.610489] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.610961] ? ret_from_fork_asm+0x1a/0x30 [ 31.611446] ? ret_from_fork+0x41/0x80 [ 31.611895] ? kthread+0x257/0x310 [ 31.612223] kasan_atomics+0x1dd/0x310 [ 31.612532] ? __pfx_kasan_atomics+0x10/0x10 [ 31.613168] ? __pfx_read_tsc+0x10/0x10 [ 31.613602] ? ktime_get_ts64+0x86/0x230 [ 31.613954] kunit_try_run_case+0x1b3/0x490 [ 31.614359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.614904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.615386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.615889] ? __kthread_parkme+0x82/0x160 [ 31.616314] ? preempt_count_sub+0x50/0x80 [ 31.616688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.617039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.617606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.618191] kthread+0x257/0x310 [ 31.618593] ? __pfx_kthread+0x10/0x10 [ 31.618995] ret_from_fork+0x41/0x80 [ 31.619402] ? __pfx_kthread+0x10/0x10 [ 31.619804] ret_from_fork_asm+0x1a/0x30 [ 31.620266] </TASK> [ 31.620572] [ 31.620732] Allocated by task 274: [ 31.621017] kasan_save_stack+0x3d/0x60 [ 31.621407] kasan_save_track+0x18/0x40 [ 31.621855] kasan_save_alloc_info+0x3b/0x50 [ 31.622300] __kasan_kmalloc+0xb7/0xc0 [ 31.622841] __kmalloc_cache_noprof+0x184/0x410 [ 31.623340] kasan_atomics+0x96/0x310 [ 31.623884] kunit_try_run_case+0x1b3/0x490 [ 31.624354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.624885] kthread+0x257/0x310 [ 31.625248] ret_from_fork+0x41/0x80 [ 31.625593] ret_from_fork_asm+0x1a/0x30 [ 31.625945] [ 31.626192] The buggy address belongs to the object at ffff888102a59b80 [ 31.626192] which belongs to the cache kmalloc-64 of size 64 [ 31.627644] The buggy address is located 0 bytes to the right of [ 31.627644] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.629161] [ 31.629326] The buggy address belongs to the physical page: [ 31.632405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.633827] flags: 0x200000000000000(node=0|zone=2) [ 31.634514] page_type: f5(slab) [ 31.634934] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.635452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.636071] page dumped because: kasan: bad access detected [ 31.636417] [ 31.636569] Memory state around the buggy address: [ 31.637010] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.637779] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.638246] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.638898] ^ [ 31.639229] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.639901] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.640574] ================================================================== [ 31.118418] ================================================================== [ 31.119166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 31.119754] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.120323] [ 31.120610] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.121363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.121691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.122337] Call Trace: [ 31.122618] <TASK> [ 31.122898] dump_stack_lvl+0x73/0xb0 [ 31.123317] print_report+0xd1/0x640 [ 31.123760] ? __virt_addr_valid+0x1db/0x2d0 [ 31.124144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.124533] kasan_report+0x102/0x140 [ 31.124817] ? kasan_atomics_helper+0x13b6/0x5450 [ 31.125286] ? kasan_atomics_helper+0x13b6/0x5450 [ 31.125792] kasan_check_range+0x10c/0x1c0 [ 31.126244] __kasan_check_read+0x15/0x20 [ 31.126590] kasan_atomics_helper+0x13b6/0x5450 [ 31.127028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.127566] ? ret_from_fork_asm+0x1a/0x30 [ 31.127912] ? ret_from_fork+0x41/0x80 [ 31.128324] ? kthread+0x257/0x310 [ 31.128660] kasan_atomics+0x1dd/0x310 [ 31.128944] ? __pfx_kasan_atomics+0x10/0x10 [ 31.129387] ? __pfx_read_tsc+0x10/0x10 [ 31.129831] ? ktime_get_ts64+0x86/0x230 [ 31.130267] kunit_try_run_case+0x1b3/0x490 [ 31.130750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.131187] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.131611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.132095] ? __kthread_parkme+0x82/0x160 [ 31.132554] ? preempt_count_sub+0x50/0x80 [ 31.132867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.133333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.133822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.134308] kthread+0x257/0x310 [ 31.134610] ? __pfx_kthread+0x10/0x10 [ 31.134873] ret_from_fork+0x41/0x80 [ 31.135208] ? __pfx_kthread+0x10/0x10 [ 31.135640] ret_from_fork_asm+0x1a/0x30 [ 31.136086] </TASK> [ 31.136368] [ 31.136625] Allocated by task 274: [ 31.136975] kasan_save_stack+0x3d/0x60 [ 31.137392] kasan_save_track+0x18/0x40 [ 31.137823] kasan_save_alloc_info+0x3b/0x50 [ 31.138262] __kasan_kmalloc+0xb7/0xc0 [ 31.138670] __kmalloc_cache_noprof+0x184/0x410 [ 31.138987] kasan_atomics+0x96/0x310 [ 31.139397] kunit_try_run_case+0x1b3/0x490 [ 31.139820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.140284] kthread+0x257/0x310 [ 31.140595] ret_from_fork+0x41/0x80 [ 31.140915] ret_from_fork_asm+0x1a/0x30 [ 31.142870] [ 31.143116] The buggy address belongs to the object at ffff888102a59b80 [ 31.143116] which belongs to the cache kmalloc-64 of size 64 [ 31.145073] The buggy address is located 0 bytes to the right of [ 31.145073] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.145909] [ 31.146140] The buggy address belongs to the physical page: [ 31.146601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.147303] flags: 0x200000000000000(node=0|zone=2) [ 31.147728] page_type: f5(slab) [ 31.147967] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.148364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.149036] page dumped because: kasan: bad access detected [ 31.149561] [ 31.149764] Memory state around the buggy address: [ 31.150211] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.150816] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.151353] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.151798] ^ [ 31.152237] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.152660] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.153232] ================================================================== [ 32.159847] ================================================================== [ 32.160549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 32.161209] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.161760] [ 32.162035] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.162766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.163016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.163831] Call Trace: [ 32.164143] <TASK> [ 32.164477] dump_stack_lvl+0x73/0xb0 [ 32.164886] print_report+0xd1/0x640 [ 32.165304] ? __virt_addr_valid+0x1db/0x2d0 [ 32.165729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.166190] kasan_report+0x102/0x140 [ 32.166672] ? kasan_atomics_helper+0x4fb4/0x5450 [ 32.167178] ? kasan_atomics_helper+0x4fb4/0x5450 [ 32.167696] __asan_report_load8_noabort+0x18/0x20 [ 32.168130] kasan_atomics_helper+0x4fb4/0x5450 [ 32.168631] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.169162] ? ret_from_fork_asm+0x1a/0x30 [ 32.169584] ? ret_from_fork+0x41/0x80 [ 32.169927] ? kthread+0x257/0x310 [ 32.170351] kasan_atomics+0x1dd/0x310 [ 32.170800] ? __pfx_kasan_atomics+0x10/0x10 [ 32.171206] ? __pfx_read_tsc+0x10/0x10 [ 32.171693] ? ktime_get_ts64+0x86/0x230 [ 32.172307] kunit_try_run_case+0x1b3/0x490 [ 32.172875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.173318] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.173916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.174561] ? __kthread_parkme+0x82/0x160 [ 32.175152] ? preempt_count_sub+0x50/0x80 [ 32.175764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.176336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.176850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.177578] kthread+0x257/0x310 [ 32.178040] ? __pfx_kthread+0x10/0x10 [ 32.178674] ret_from_fork+0x41/0x80 [ 32.179148] ? __pfx_kthread+0x10/0x10 [ 32.179681] ret_from_fork_asm+0x1a/0x30 [ 32.180292] </TASK> [ 32.180613] [ 32.180865] Allocated by task 274: [ 32.181377] kasan_save_stack+0x3d/0x60 [ 32.181852] kasan_save_track+0x18/0x40 [ 32.182176] kasan_save_alloc_info+0x3b/0x50 [ 32.182659] __kasan_kmalloc+0xb7/0xc0 [ 32.183129] __kmalloc_cache_noprof+0x184/0x410 [ 32.183587] kasan_atomics+0x96/0x310 [ 32.184084] kunit_try_run_case+0x1b3/0x490 [ 32.184552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.185232] kthread+0x257/0x310 [ 32.185636] ret_from_fork+0x41/0x80 [ 32.186045] ret_from_fork_asm+0x1a/0x30 [ 32.186558] [ 32.186776] The buggy address belongs to the object at ffff888102a59b80 [ 32.186776] which belongs to the cache kmalloc-64 of size 64 [ 32.187690] The buggy address is located 0 bytes to the right of [ 32.187690] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.188724] [ 32.188903] The buggy address belongs to the physical page: [ 32.189538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.190189] flags: 0x200000000000000(node=0|zone=2) [ 32.190746] page_type: f5(slab) [ 32.191126] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.191616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.192301] page dumped because: kasan: bad access detected [ 32.192827] [ 32.192997] Memory state around the buggy address: [ 32.193548] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.194095] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.194764] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.195366] ^ [ 32.195841] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.196383] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.197115] ================================================================== [ 30.183204] ================================================================== [ 30.184429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 30.185099] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.185841] [ 30.186032] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.186660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.187283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.188255] Call Trace: [ 30.188558] <TASK> [ 30.188804] dump_stack_lvl+0x73/0xb0 [ 30.189311] print_report+0xd1/0x640 [ 30.189617] ? __virt_addr_valid+0x1db/0x2d0 [ 30.189921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.190968] kasan_report+0x102/0x140 [ 30.191393] ? kasan_atomics_helper+0x730/0x5450 [ 30.191956] ? kasan_atomics_helper+0x730/0x5450 [ 30.192613] kasan_check_range+0x10c/0x1c0 [ 30.193739] __kasan_check_write+0x18/0x20 [ 30.194432] kasan_atomics_helper+0x730/0x5450 [ 30.195411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.196301] ? ret_from_fork_asm+0x1a/0x30 [ 30.196683] ? ret_from_fork+0x41/0x80 [ 30.197078] ? kthread+0x257/0x310 [ 30.197455] kasan_atomics+0x1dd/0x310 [ 30.198319] ? __pfx_kasan_atomics+0x10/0x10 [ 30.198890] ? __pfx_read_tsc+0x10/0x10 [ 30.199441] ? ktime_get_ts64+0x86/0x230 [ 30.199992] kunit_try_run_case+0x1b3/0x490 [ 30.200429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.201081] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.201486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.202019] ? __kthread_parkme+0x82/0x160 [ 30.202560] ? preempt_count_sub+0x50/0x80 [ 30.202878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.203414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.204047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.205093] kthread+0x257/0x310 [ 30.205411] ? __pfx_kthread+0x10/0x10 [ 30.206123] ret_from_fork+0x41/0x80 [ 30.206731] ? __pfx_kthread+0x10/0x10 [ 30.207077] ret_from_fork_asm+0x1a/0x30 [ 30.207456] </TASK> [ 30.207728] [ 30.207939] Allocated by task 274: [ 30.209034] kasan_save_stack+0x3d/0x60 [ 30.209378] kasan_save_track+0x18/0x40 [ 30.209919] kasan_save_alloc_info+0x3b/0x50 [ 30.210256] __kasan_kmalloc+0xb7/0xc0 [ 30.210905] __kmalloc_cache_noprof+0x184/0x410 [ 30.211504] kasan_atomics+0x96/0x310 [ 30.212189] kunit_try_run_case+0x1b3/0x490 [ 30.212630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.213215] kthread+0x257/0x310 [ 30.213950] ret_from_fork+0x41/0x80 [ 30.214260] ret_from_fork_asm+0x1a/0x30 [ 30.214756] [ 30.214919] The buggy address belongs to the object at ffff888102a59b80 [ 30.214919] which belongs to the cache kmalloc-64 of size 64 [ 30.215766] The buggy address is located 0 bytes to the right of [ 30.215766] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.217203] [ 30.217794] The buggy address belongs to the physical page: [ 30.218516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.219024] flags: 0x200000000000000(node=0|zone=2) [ 30.219475] page_type: f5(slab) [ 30.219747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.220782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.221438] page dumped because: kasan: bad access detected [ 30.222260] [ 30.222444] Memory state around the buggy address: [ 30.222911] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.223448] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.223911] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.225436] ^ [ 30.226139] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.226959] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.227508] ================================================================== [ 31.817798] ================================================================== [ 31.818944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 31.819513] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.820683] [ 31.820868] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.822286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.823086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.823737] Call Trace: [ 31.823933] <TASK> [ 31.824221] dump_stack_lvl+0x73/0xb0 [ 31.825150] print_report+0xd1/0x640 [ 31.825760] ? __virt_addr_valid+0x1db/0x2d0 [ 31.826335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.826990] kasan_report+0x102/0x140 [ 31.827338] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.828151] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.828526] kasan_check_range+0x10c/0x1c0 [ 31.829278] __kasan_check_write+0x18/0x20 [ 31.829676] kasan_atomics_helper+0x1ce2/0x5450 [ 31.830103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.830890] ? ret_from_fork_asm+0x1a/0x30 [ 31.831254] ? ret_from_fork+0x41/0x80 [ 31.831806] ? kthread+0x257/0x310 [ 31.832314] kasan_atomics+0x1dd/0x310 [ 31.833102] ? __pfx_kasan_atomics+0x10/0x10 [ 31.833478] ? __pfx_read_tsc+0x10/0x10 [ 31.834268] ? ktime_get_ts64+0x86/0x230 [ 31.834666] kunit_try_run_case+0x1b3/0x490 [ 31.835373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.835829] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.836288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.837587] ? __kthread_parkme+0x82/0x160 [ 31.837937] ? preempt_count_sub+0x50/0x80 [ 31.838522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.839220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.840007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.840650] kthread+0x257/0x310 [ 31.840993] ? __pfx_kthread+0x10/0x10 [ 31.841706] ret_from_fork+0x41/0x80 [ 31.842311] ? __pfx_kthread+0x10/0x10 [ 31.842682] ret_from_fork_asm+0x1a/0x30 [ 31.843145] </TASK> [ 31.843416] [ 31.843719] Allocated by task 274: [ 31.844000] kasan_save_stack+0x3d/0x60 [ 31.844290] kasan_save_track+0x18/0x40 [ 31.844825] kasan_save_alloc_info+0x3b/0x50 [ 31.845454] __kasan_kmalloc+0xb7/0xc0 [ 31.845977] __kmalloc_cache_noprof+0x184/0x410 [ 31.846335] kasan_atomics+0x96/0x310 [ 31.846594] kunit_try_run_case+0x1b3/0x490 [ 31.847091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.847856] kthread+0x257/0x310 [ 31.848301] ret_from_fork+0x41/0x80 [ 31.848725] ret_from_fork_asm+0x1a/0x30 [ 31.849034] [ 31.849264] The buggy address belongs to the object at ffff888102a59b80 [ 31.849264] which belongs to the cache kmalloc-64 of size 64 [ 31.850162] The buggy address is located 0 bytes to the right of [ 31.850162] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.851381] [ 31.851541] The buggy address belongs to the physical page: [ 31.851827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.852706] flags: 0x200000000000000(node=0|zone=2) [ 31.853254] page_type: f5(slab) [ 31.853599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.854488] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.854950] page dumped because: kasan: bad access detected [ 31.855264] [ 31.855411] Memory state around the buggy address: [ 31.855681] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.856359] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.857256] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.858103] ^ [ 31.858465] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.858973] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.859608] ================================================================== [ 29.830136] ================================================================== [ 29.830738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 29.831286] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.831776] [ 29.831936] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.833089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.833465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.834744] Call Trace: [ 29.834945] <TASK> [ 29.835153] dump_stack_lvl+0x73/0xb0 [ 29.836033] print_report+0xd1/0x640 [ 29.836426] ? __virt_addr_valid+0x1db/0x2d0 [ 29.837141] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.837450] kasan_report+0x102/0x140 [ 29.837876] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.838259] ? kasan_atomics_helper+0x4b8a/0x5450 [ 29.839259] __asan_report_load4_noabort+0x18/0x20 [ 29.839930] kasan_atomics_helper+0x4b8a/0x5450 [ 29.840378] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.840955] ? ret_from_fork_asm+0x1a/0x30 [ 29.841282] ? ret_from_fork+0x41/0x80 [ 29.841907] ? kthread+0x257/0x310 [ 29.842272] kasan_atomics+0x1dd/0x310 [ 29.842925] ? __pfx_kasan_atomics+0x10/0x10 [ 29.843445] ? __pfx_read_tsc+0x10/0x10 [ 29.844105] ? ktime_get_ts64+0x86/0x230 [ 29.844459] kunit_try_run_case+0x1b3/0x490 [ 29.844738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.845133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.846047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.846616] ? __kthread_parkme+0x82/0x160 [ 29.846868] ? preempt_count_sub+0x50/0x80 [ 29.847296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.847767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.848388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.849195] kthread+0x257/0x310 [ 29.849816] ? __pfx_kthread+0x10/0x10 [ 29.850249] ret_from_fork+0x41/0x80 [ 29.850769] ? __pfx_kthread+0x10/0x10 [ 29.851479] ret_from_fork_asm+0x1a/0x30 [ 29.851911] </TASK> [ 29.852141] [ 29.852280] Allocated by task 274: [ 29.852612] kasan_save_stack+0x3d/0x60 [ 29.853107] kasan_save_track+0x18/0x40 [ 29.853367] kasan_save_alloc_info+0x3b/0x50 [ 29.854266] __kasan_kmalloc+0xb7/0xc0 [ 29.854639] __kmalloc_cache_noprof+0x184/0x410 [ 29.855126] kasan_atomics+0x96/0x310 [ 29.855731] kunit_try_run_case+0x1b3/0x490 [ 29.856010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.856717] kthread+0x257/0x310 [ 29.857167] ret_from_fork+0x41/0x80 [ 29.857423] ret_from_fork_asm+0x1a/0x30 [ 29.858050] [ 29.858272] The buggy address belongs to the object at ffff888102a59b80 [ 29.858272] which belongs to the cache kmalloc-64 of size 64 [ 29.859023] The buggy address is located 0 bytes to the right of [ 29.859023] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 29.860528] [ 29.860742] The buggy address belongs to the physical page: [ 29.861346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 29.862239] flags: 0x200000000000000(node=0|zone=2) [ 29.862915] page_type: f5(slab) [ 29.863215] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.864420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.864893] page dumped because: kasan: bad access detected [ 29.865309] [ 29.865478] Memory state around the buggy address: [ 29.865914] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.867083] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.867798] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.868746] ^ [ 29.869171] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.870102] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.870679] ================================================================== [ 30.549874] ================================================================== [ 30.550851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 30.551579] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.552097] [ 30.552345] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.553142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.553551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.554223] Call Trace: [ 30.554592] <TASK> [ 30.554930] dump_stack_lvl+0x73/0xb0 [ 30.555362] print_report+0xd1/0x640 [ 30.555835] ? __virt_addr_valid+0x1db/0x2d0 [ 30.556233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.556839] kasan_report+0x102/0x140 [ 30.557168] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.557677] ? kasan_atomics_helper+0x4a86/0x5450 [ 30.558143] __asan_report_load4_noabort+0x18/0x20 [ 30.558695] kasan_atomics_helper+0x4a86/0x5450 [ 30.559076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.559631] ? ret_from_fork_asm+0x1a/0x30 [ 30.560034] ? ret_from_fork+0x41/0x80 [ 30.560355] ? kthread+0x257/0x310 [ 30.560810] kasan_atomics+0x1dd/0x310 [ 30.561207] ? __pfx_kasan_atomics+0x10/0x10 [ 30.561706] ? __pfx_read_tsc+0x10/0x10 [ 30.562098] ? ktime_get_ts64+0x86/0x230 [ 30.562415] kunit_try_run_case+0x1b3/0x490 [ 30.562880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.563283] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.563749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.564153] ? __kthread_parkme+0x82/0x160 [ 30.564622] ? preempt_count_sub+0x50/0x80 [ 30.565114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.565513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.566137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.566737] kthread+0x257/0x310 [ 30.567050] ? __pfx_kthread+0x10/0x10 [ 30.567479] ret_from_fork+0x41/0x80 [ 30.567886] ? __pfx_kthread+0x10/0x10 [ 30.568292] ret_from_fork_asm+0x1a/0x30 [ 30.568740] </TASK> [ 30.569009] [ 30.569271] Allocated by task 274: [ 30.569618] kasan_save_stack+0x3d/0x60 [ 30.570011] kasan_save_track+0x18/0x40 [ 30.570284] kasan_save_alloc_info+0x3b/0x50 [ 30.570612] __kasan_kmalloc+0xb7/0xc0 [ 30.570869] __kmalloc_cache_noprof+0x184/0x410 [ 30.571260] kasan_atomics+0x96/0x310 [ 30.571721] kunit_try_run_case+0x1b3/0x490 [ 30.572167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.572715] kthread+0x257/0x310 [ 30.573085] ret_from_fork+0x41/0x80 [ 30.573544] ret_from_fork_asm+0x1a/0x30 [ 30.573952] [ 30.574203] The buggy address belongs to the object at ffff888102a59b80 [ 30.574203] which belongs to the cache kmalloc-64 of size 64 [ 30.575275] The buggy address is located 0 bytes to the right of [ 30.575275] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.576086] [ 30.576347] The buggy address belongs to the physical page: [ 30.576894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.577465] flags: 0x200000000000000(node=0|zone=2) [ 30.577916] page_type: f5(slab) [ 30.578274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.578932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.579413] page dumped because: kasan: bad access detected [ 30.579924] [ 30.580155] Memory state around the buggy address: [ 30.580573] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.581119] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.581708] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.582079] ^ [ 30.582363] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.582764] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.583157] ================================================================== [ 31.044889] ================================================================== [ 31.045601] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 31.046353] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.046840] [ 31.047025] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.047838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.048276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.049074] Call Trace: [ 31.049377] <TASK> [ 31.049678] dump_stack_lvl+0x73/0xb0 [ 31.049981] print_report+0xd1/0x640 [ 31.050486] ? __virt_addr_valid+0x1db/0x2d0 [ 31.050945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.051513] kasan_report+0x102/0x140 [ 31.051801] ? kasan_atomics_helper+0x12e7/0x5450 [ 31.052166] ? kasan_atomics_helper+0x12e7/0x5450 [ 31.052706] kasan_check_range+0x10c/0x1c0 [ 31.053188] __kasan_check_write+0x18/0x20 [ 31.053689] kasan_atomics_helper+0x12e7/0x5450 [ 31.054068] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.054636] ? ret_from_fork_asm+0x1a/0x30 [ 31.054929] ? ret_from_fork+0x41/0x80 [ 31.055219] ? kthread+0x257/0x310 [ 31.055622] kasan_atomics+0x1dd/0x310 [ 31.056024] ? __pfx_kasan_atomics+0x10/0x10 [ 31.056545] ? __pfx_read_tsc+0x10/0x10 [ 31.056950] ? ktime_get_ts64+0x86/0x230 [ 31.057381] kunit_try_run_case+0x1b3/0x490 [ 31.057905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.058359] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.058799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.059175] ? __kthread_parkme+0x82/0x160 [ 31.059491] ? preempt_count_sub+0x50/0x80 [ 31.059820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.060324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.060932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.061531] kthread+0x257/0x310 [ 31.061910] ? __pfx_kthread+0x10/0x10 [ 31.062331] ret_from_fork+0x41/0x80 [ 31.062799] ? __pfx_kthread+0x10/0x10 [ 31.063168] ret_from_fork_asm+0x1a/0x30 [ 31.063619] </TASK> [ 31.063931] [ 31.064163] Allocated by task 274: [ 31.064564] kasan_save_stack+0x3d/0x60 [ 31.064926] kasan_save_track+0x18/0x40 [ 31.065296] kasan_save_alloc_info+0x3b/0x50 [ 31.065759] __kasan_kmalloc+0xb7/0xc0 [ 31.066171] __kmalloc_cache_noprof+0x184/0x410 [ 31.066662] kasan_atomics+0x96/0x310 [ 31.067003] kunit_try_run_case+0x1b3/0x490 [ 31.067295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.067657] kthread+0x257/0x310 [ 31.067893] ret_from_fork+0x41/0x80 [ 31.068332] ret_from_fork_asm+0x1a/0x30 [ 31.068791] [ 31.069005] The buggy address belongs to the object at ffff888102a59b80 [ 31.069005] which belongs to the cache kmalloc-64 of size 64 [ 31.070039] The buggy address is located 0 bytes to the right of [ 31.070039] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.070922] [ 31.071108] The buggy address belongs to the physical page: [ 31.071655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.072123] flags: 0x200000000000000(node=0|zone=2) [ 31.072660] page_type: f5(slab) [ 31.073047] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.073526] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.073896] page dumped because: kasan: bad access detected [ 31.074202] [ 31.074349] Memory state around the buggy address: [ 31.074786] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.075408] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.076113] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.076754] ^ [ 31.077256] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.078764] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.080125] ================================================================== [ 30.854492] ================================================================== [ 30.855438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 30.855846] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.856432] [ 30.857082] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.857987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.858274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.858910] Call Trace: [ 30.859278] <TASK> [ 30.859585] dump_stack_lvl+0x73/0xb0 [ 30.860018] print_report+0xd1/0x640 [ 30.860332] ? __virt_addr_valid+0x1db/0x2d0 [ 30.860687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.861324] kasan_report+0x102/0x140 [ 30.861736] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.862095] ? kasan_atomics_helper+0x4a1e/0x5450 [ 30.862543] __asan_report_load4_noabort+0x18/0x20 [ 30.863008] kasan_atomics_helper+0x4a1e/0x5450 [ 30.863423] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.863882] ? ret_from_fork_asm+0x1a/0x30 [ 30.864186] ? ret_from_fork+0x41/0x80 [ 30.864587] ? kthread+0x257/0x310 [ 30.865031] kasan_atomics+0x1dd/0x310 [ 30.865441] ? __pfx_kasan_atomics+0x10/0x10 [ 30.865900] ? __pfx_read_tsc+0x10/0x10 [ 30.866324] ? ktime_get_ts64+0x86/0x230 [ 30.866687] kunit_try_run_case+0x1b3/0x490 [ 30.867162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.867495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.867959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.868289] ? __kthread_parkme+0x82/0x160 [ 30.868596] ? preempt_count_sub+0x50/0x80 [ 30.869010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.869532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.870243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.870851] kthread+0x257/0x310 [ 30.871187] ? __pfx_kthread+0x10/0x10 [ 30.871588] ret_from_fork+0x41/0x80 [ 30.871852] ? __pfx_kthread+0x10/0x10 [ 30.872154] ret_from_fork_asm+0x1a/0x30 [ 30.872598] </TASK> [ 30.872950] [ 30.873176] Allocated by task 274: [ 30.873527] kasan_save_stack+0x3d/0x60 [ 30.873922] kasan_save_track+0x18/0x40 [ 30.874327] kasan_save_alloc_info+0x3b/0x50 [ 30.874631] __kasan_kmalloc+0xb7/0xc0 [ 30.875099] __kmalloc_cache_noprof+0x184/0x410 [ 30.875437] kasan_atomics+0x96/0x310 [ 30.875798] kunit_try_run_case+0x1b3/0x490 [ 30.876094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.876443] kthread+0x257/0x310 [ 30.876811] ret_from_fork+0x41/0x80 [ 30.877208] ret_from_fork_asm+0x1a/0x30 [ 30.877668] [ 30.877862] The buggy address belongs to the object at ffff888102a59b80 [ 30.877862] which belongs to the cache kmalloc-64 of size 64 [ 30.878985] The buggy address is located 0 bytes to the right of [ 30.878985] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.879747] [ 30.879903] The buggy address belongs to the physical page: [ 30.880203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.880604] flags: 0x200000000000000(node=0|zone=2) [ 30.880901] page_type: f5(slab) [ 30.881166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.881927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.882651] page dumped because: kasan: bad access detected [ 30.883163] [ 30.883370] Memory state around the buggy address: [ 30.884002] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.884517] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.885105] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.885462] ^ [ 30.885903] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.886538] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.887118] ================================================================== [ 29.744463] ================================================================== [ 29.745725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 29.746293] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.747435] [ 29.748237] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.748877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.749266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.749864] Call Trace: [ 29.750672] <TASK> [ 29.750862] dump_stack_lvl+0x73/0xb0 [ 29.751319] print_report+0xd1/0x640 [ 29.752169] ? __virt_addr_valid+0x1db/0x2d0 [ 29.752529] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.753297] kasan_report+0x102/0x140 [ 29.754018] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.754435] ? kasan_atomics_helper+0x4bbe/0x5450 [ 29.755226] __asan_report_load4_noabort+0x18/0x20 [ 29.755937] kasan_atomics_helper+0x4bbe/0x5450 [ 29.756303] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.756917] ? ret_from_fork_asm+0x1a/0x30 [ 29.757527] ? ret_from_fork+0x41/0x80 [ 29.757852] ? kthread+0x257/0x310 [ 29.758198] kasan_atomics+0x1dd/0x310 [ 29.759019] ? __pfx_kasan_atomics+0x10/0x10 [ 29.759401] ? __pfx_read_tsc+0x10/0x10 [ 29.760047] ? ktime_get_ts64+0x86/0x230 [ 29.760721] kunit_try_run_case+0x1b3/0x490 [ 29.761098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.762116] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.762492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.763516] ? __kthread_parkme+0x82/0x160 [ 29.763865] ? preempt_count_sub+0x50/0x80 [ 29.764266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.764944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.765450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.766407] kthread+0x257/0x310 [ 29.767035] ? __pfx_kthread+0x10/0x10 [ 29.767424] ret_from_fork+0x41/0x80 [ 29.767707] ? __pfx_kthread+0x10/0x10 [ 29.768028] ret_from_fork_asm+0x1a/0x30 [ 29.768472] </TASK> [ 29.769258] [ 29.769393] Allocated by task 274: [ 29.769652] kasan_save_stack+0x3d/0x60 [ 29.770103] kasan_save_track+0x18/0x40 [ 29.771193] kasan_save_alloc_info+0x3b/0x50 [ 29.771532] __kasan_kmalloc+0xb7/0xc0 [ 29.771693] __kmalloc_cache_noprof+0x184/0x410 [ 29.771854] kasan_atomics+0x96/0x310 [ 29.771991] kunit_try_run_case+0x1b3/0x490 [ 29.772224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.772652] kthread+0x257/0x310 [ 29.773024] ret_from_fork+0x41/0x80 [ 29.773951] ret_from_fork_asm+0x1a/0x30 [ 29.774754] [ 29.774986] The buggy address belongs to the object at ffff888102a59b80 [ 29.774986] which belongs to the cache kmalloc-64 of size 64 [ 29.775999] The buggy address is located 0 bytes to the right of [ 29.775999] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 29.776879] [ 29.777079] The buggy address belongs to the physical page: [ 29.777806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 29.778420] flags: 0x200000000000000(node=0|zone=2) [ 29.778904] page_type: f5(slab) [ 29.779269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.779969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.780548] page dumped because: kasan: bad access detected [ 29.780947] [ 29.781198] Memory state around the buggy address: [ 29.781607] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.782256] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.782876] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.783316] ^ [ 29.783822] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.784526] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.784887] ================================================================== [ 31.560857] ================================================================== [ 31.561394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 31.562773] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.563539] [ 31.563746] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.565023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.565377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.566292] Call Trace: [ 31.566600] <TASK> [ 31.566799] dump_stack_lvl+0x73/0xb0 [ 31.567419] print_report+0xd1/0x640 [ 31.567942] ? __virt_addr_valid+0x1db/0x2d0 [ 31.568503] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.568954] kasan_report+0x102/0x140 [ 31.569419] ? kasan_atomics_helper+0x194b/0x5450 [ 31.569980] ? kasan_atomics_helper+0x194b/0x5450 [ 31.570667] kasan_check_range+0x10c/0x1c0 [ 31.571086] __kasan_check_write+0x18/0x20 [ 31.571527] kasan_atomics_helper+0x194b/0x5450 [ 31.571993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.572529] ? ret_from_fork_asm+0x1a/0x30 [ 31.572844] ? ret_from_fork+0x41/0x80 [ 31.573342] ? kthread+0x257/0x310 [ 31.573845] kasan_atomics+0x1dd/0x310 [ 31.574377] ? __pfx_kasan_atomics+0x10/0x10 [ 31.575173] ? __pfx_read_tsc+0x10/0x10 [ 31.575703] ? ktime_get_ts64+0x86/0x230 [ 31.576248] kunit_try_run_case+0x1b3/0x490 [ 31.576717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.577228] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.577965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.578406] ? __kthread_parkme+0x82/0x160 [ 31.578597] ? preempt_count_sub+0x50/0x80 [ 31.578756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.578920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.579219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.579839] kthread+0x257/0x310 [ 31.580318] ? __pfx_kthread+0x10/0x10 [ 31.580714] ret_from_fork+0x41/0x80 [ 31.581070] ? __pfx_kthread+0x10/0x10 [ 31.581519] ret_from_fork_asm+0x1a/0x30 [ 31.582185] </TASK> [ 31.582478] [ 31.582735] Allocated by task 274: [ 31.583135] kasan_save_stack+0x3d/0x60 [ 31.583507] kasan_save_track+0x18/0x40 [ 31.583982] kasan_save_alloc_info+0x3b/0x50 [ 31.584370] __kasan_kmalloc+0xb7/0xc0 [ 31.584764] __kmalloc_cache_noprof+0x184/0x410 [ 31.585275] kasan_atomics+0x96/0x310 [ 31.585888] kunit_try_run_case+0x1b3/0x490 [ 31.586336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.587041] kthread+0x257/0x310 [ 31.587302] ret_from_fork+0x41/0x80 [ 31.587786] ret_from_fork_asm+0x1a/0x30 [ 31.588234] [ 31.588520] The buggy address belongs to the object at ffff888102a59b80 [ 31.588520] which belongs to the cache kmalloc-64 of size 64 [ 31.589377] The buggy address is located 0 bytes to the right of [ 31.589377] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.590755] [ 31.591045] The buggy address belongs to the physical page: [ 31.591529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.592204] flags: 0x200000000000000(node=0|zone=2) [ 31.592774] page_type: f5(slab) [ 31.593120] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.593799] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.594448] page dumped because: kasan: bad access detected [ 31.595023] [ 31.596102] Memory state around the buggy address: [ 31.596406] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.596776] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.597516] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.598323] ^ [ 31.598890] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.599335] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.599879] ================================================================== [ 31.900724] ================================================================== [ 31.901176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 31.902071] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.902464] [ 31.902679] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.903635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.903884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.904524] Call Trace: [ 31.904761] <TASK> [ 31.905018] dump_stack_lvl+0x73/0xb0 [ 31.905431] print_report+0xd1/0x640 [ 31.905960] ? __virt_addr_valid+0x1db/0x2d0 [ 31.906413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.906875] kasan_report+0x102/0x140 [ 31.907171] ? kasan_atomics_helper+0x1e13/0x5450 [ 31.907474] ? kasan_atomics_helper+0x1e13/0x5450 [ 31.908013] kasan_check_range+0x10c/0x1c0 [ 31.908666] __kasan_check_write+0x18/0x20 [ 31.909113] kasan_atomics_helper+0x1e13/0x5450 [ 31.909604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.910072] ? ret_from_fork_asm+0x1a/0x30 [ 31.910367] ? ret_from_fork+0x41/0x80 [ 31.910628] ? kthread+0x257/0x310 [ 31.910882] kasan_atomics+0x1dd/0x310 [ 31.911329] ? __pfx_kasan_atomics+0x10/0x10 [ 31.911944] ? __pfx_read_tsc+0x10/0x10 [ 31.912435] ? ktime_get_ts64+0x86/0x230 [ 31.912894] kunit_try_run_case+0x1b3/0x490 [ 31.913356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.913699] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.914011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.914555] ? __kthread_parkme+0x82/0x160 [ 31.914936] ? preempt_count_sub+0x50/0x80 [ 31.915611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.916085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.916667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.917001] kthread+0x257/0x310 [ 31.917273] ? __pfx_kthread+0x10/0x10 [ 31.917580] ret_from_fork+0x41/0x80 [ 31.917982] ? __pfx_kthread+0x10/0x10 [ 31.918429] ret_from_fork_asm+0x1a/0x30 [ 31.919137] </TASK> [ 31.919440] [ 31.919665] Allocated by task 274: [ 31.919948] kasan_save_stack+0x3d/0x60 [ 31.920369] kasan_save_track+0x18/0x40 [ 31.920810] kasan_save_alloc_info+0x3b/0x50 [ 31.922139] __kasan_kmalloc+0xb7/0xc0 [ 31.922412] __kmalloc_cache_noprof+0x184/0x410 [ 31.922723] kasan_atomics+0x96/0x310 [ 31.922979] kunit_try_run_case+0x1b3/0x490 [ 31.924275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.924942] kthread+0x257/0x310 [ 31.925355] ret_from_fork+0x41/0x80 [ 31.925809] ret_from_fork_asm+0x1a/0x30 [ 31.926294] [ 31.926656] The buggy address belongs to the object at ffff888102a59b80 [ 31.926656] which belongs to the cache kmalloc-64 of size 64 [ 31.928005] The buggy address is located 0 bytes to the right of [ 31.928005] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.929276] [ 31.929563] The buggy address belongs to the physical page: [ 31.929884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.930767] flags: 0x200000000000000(node=0|zone=2) [ 31.931330] page_type: f5(slab) [ 31.931761] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.932367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.933189] page dumped because: kasan: bad access detected [ 31.933815] [ 31.934284] Memory state around the buggy address: [ 31.934820] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.935550] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.936026] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.936505] ^ [ 31.936798] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.937419] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.938145] ================================================================== [ 30.775383] ================================================================== [ 30.776111] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 30.776717] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.777354] [ 30.777644] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.778338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.778812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.779398] Call Trace: [ 30.779776] <TASK> [ 30.780041] dump_stack_lvl+0x73/0xb0 [ 30.780520] print_report+0xd1/0x640 [ 30.780906] ? __virt_addr_valid+0x1db/0x2d0 [ 30.781419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.781925] kasan_report+0x102/0x140 [ 30.782373] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.782781] ? kasan_atomics_helper+0x4a38/0x5450 [ 30.783227] __asan_report_load4_noabort+0x18/0x20 [ 30.783766] kasan_atomics_helper+0x4a38/0x5450 [ 30.784241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.784758] ? ret_from_fork_asm+0x1a/0x30 [ 30.785230] ? ret_from_fork+0x41/0x80 [ 30.785659] ? kthread+0x257/0x310 [ 30.786019] kasan_atomics+0x1dd/0x310 [ 30.786473] ? __pfx_kasan_atomics+0x10/0x10 [ 30.786891] ? __pfx_read_tsc+0x10/0x10 [ 30.787271] ? ktime_get_ts64+0x86/0x230 [ 30.787755] kunit_try_run_case+0x1b3/0x490 [ 30.788233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.788710] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.789132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.789712] ? __kthread_parkme+0x82/0x160 [ 30.790172] ? preempt_count_sub+0x50/0x80 [ 30.790709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.791047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.791407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.792044] kthread+0x257/0x310 [ 30.792523] ? __pfx_kthread+0x10/0x10 [ 30.792994] ret_from_fork+0x41/0x80 [ 30.793480] ? __pfx_kthread+0x10/0x10 [ 30.793918] ret_from_fork_asm+0x1a/0x30 [ 30.794425] </TASK> [ 30.794841] [ 30.795113] Allocated by task 274: [ 30.795580] kasan_save_stack+0x3d/0x60 [ 30.796085] kasan_save_track+0x18/0x40 [ 30.796576] kasan_save_alloc_info+0x3b/0x50 [ 30.797094] __kasan_kmalloc+0xb7/0xc0 [ 30.797649] __kmalloc_cache_noprof+0x184/0x410 [ 30.798188] kasan_atomics+0x96/0x310 [ 30.798557] kunit_try_run_case+0x1b3/0x490 [ 30.799076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.799630] kthread+0x257/0x310 [ 30.799787] ret_from_fork+0x41/0x80 [ 30.799925] ret_from_fork_asm+0x1a/0x30 [ 30.800090] [ 30.800175] The buggy address belongs to the object at ffff888102a59b80 [ 30.800175] which belongs to the cache kmalloc-64 of size 64 [ 30.800592] The buggy address is located 0 bytes to the right of [ 30.800592] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.801159] [ 30.801987] The buggy address belongs to the physical page: [ 30.802812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.803835] flags: 0x200000000000000(node=0|zone=2) [ 30.804394] page_type: f5(slab) [ 30.804815] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.805581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.806308] page dumped because: kasan: bad access detected [ 30.806764] [ 30.806975] Memory state around the buggy address: [ 30.807507] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.808189] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.808908] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.809606] ^ [ 30.809887] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.810495] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.810851] ================================================================== [ 29.787457] ================================================================== [ 29.788100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 29.788733] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.789387] [ 29.789626] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.790870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.791291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.792227] Call Trace: [ 29.792688] <TASK> [ 29.793080] dump_stack_lvl+0x73/0xb0 [ 29.793500] print_report+0xd1/0x640 [ 29.793842] ? __virt_addr_valid+0x1db/0x2d0 [ 29.794550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.795094] kasan_report+0x102/0x140 [ 29.795408] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.795770] ? kasan_atomics_helper+0x4ba4/0x5450 [ 29.796263] __asan_report_store4_noabort+0x1b/0x30 [ 29.796783] kasan_atomics_helper+0x4ba4/0x5450 [ 29.797258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.797695] ? ret_from_fork_asm+0x1a/0x30 [ 29.798562] ? ret_from_fork+0x41/0x80 [ 29.798859] ? kthread+0x257/0x310 [ 29.799134] kasan_atomics+0x1dd/0x310 [ 29.800004] ? __pfx_kasan_atomics+0x10/0x10 [ 29.800567] ? __pfx_read_tsc+0x10/0x10 [ 29.801131] ? ktime_get_ts64+0x86/0x230 [ 29.801630] kunit_try_run_case+0x1b3/0x490 [ 29.801981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.802504] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.802892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.803490] ? __kthread_parkme+0x82/0x160 [ 29.803814] ? preempt_count_sub+0x50/0x80 [ 29.804258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.804879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.805678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.806331] kthread+0x257/0x310 [ 29.806695] ? __pfx_kthread+0x10/0x10 [ 29.807380] ret_from_fork+0x41/0x80 [ 29.807947] ? __pfx_kthread+0x10/0x10 [ 29.808451] ret_from_fork_asm+0x1a/0x30 [ 29.809089] </TASK> [ 29.809518] [ 29.809935] Allocated by task 274: [ 29.810192] kasan_save_stack+0x3d/0x60 [ 29.810613] kasan_save_track+0x18/0x40 [ 29.810971] kasan_save_alloc_info+0x3b/0x50 [ 29.811838] __kasan_kmalloc+0xb7/0xc0 [ 29.812362] __kmalloc_cache_noprof+0x184/0x410 [ 29.813241] kasan_atomics+0x96/0x310 [ 29.813756] kunit_try_run_case+0x1b3/0x490 [ 29.814034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.814880] kthread+0x257/0x310 [ 29.815161] ret_from_fork+0x41/0x80 [ 29.815932] ret_from_fork_asm+0x1a/0x30 [ 29.816292] [ 29.816482] The buggy address belongs to the object at ffff888102a59b80 [ 29.816482] which belongs to the cache kmalloc-64 of size 64 [ 29.817678] The buggy address is located 0 bytes to the right of [ 29.817678] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 29.818921] [ 29.819193] The buggy address belongs to the physical page: [ 29.819703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 29.821129] flags: 0x200000000000000(node=0|zone=2) [ 29.821520] page_type: f5(slab) [ 29.821823] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.822644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.823229] page dumped because: kasan: bad access detected [ 29.823403] [ 29.823546] Memory state around the buggy address: [ 29.823837] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.824461] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.825157] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.825772] ^ [ 29.826438] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.826974] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.827550] ================================================================== [ 31.518780] ================================================================== [ 31.519620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 31.520260] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.520939] [ 31.521216] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.522275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.522818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.523700] Call Trace: [ 31.523947] <TASK> [ 31.524255] dump_stack_lvl+0x73/0xb0 [ 31.524829] print_report+0xd1/0x640 [ 31.525293] ? __virt_addr_valid+0x1db/0x2d0 [ 31.525883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.526534] kasan_report+0x102/0x140 [ 31.527067] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.527632] ? kasan_atomics_helper+0x18b2/0x5450 [ 31.528046] kasan_check_range+0x10c/0x1c0 [ 31.528609] __kasan_check_write+0x18/0x20 [ 31.528866] kasan_atomics_helper+0x18b2/0x5450 [ 31.529373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.529875] ? ret_from_fork_asm+0x1a/0x30 [ 31.530367] ? ret_from_fork+0x41/0x80 [ 31.530746] ? kthread+0x257/0x310 [ 31.531187] kasan_atomics+0x1dd/0x310 [ 31.531677] ? __pfx_kasan_atomics+0x10/0x10 [ 31.532022] ? __pfx_read_tsc+0x10/0x10 [ 31.532492] ? ktime_get_ts64+0x86/0x230 [ 31.532913] kunit_try_run_case+0x1b3/0x490 [ 31.533353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.533828] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.534231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.534740] ? __kthread_parkme+0x82/0x160 [ 31.535129] ? preempt_count_sub+0x50/0x80 [ 31.535637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.536003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.536615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.537075] kthread+0x257/0x310 [ 31.537337] ? __pfx_kthread+0x10/0x10 [ 31.537802] ret_from_fork+0x41/0x80 [ 31.538221] ? __pfx_kthread+0x10/0x10 [ 31.538733] ret_from_fork_asm+0x1a/0x30 [ 31.539201] </TASK> [ 31.539488] [ 31.539645] Allocated by task 274: [ 31.539869] kasan_save_stack+0x3d/0x60 [ 31.540189] kasan_save_track+0x18/0x40 [ 31.540696] kasan_save_alloc_info+0x3b/0x50 [ 31.541201] __kasan_kmalloc+0xb7/0xc0 [ 31.541629] __kmalloc_cache_noprof+0x184/0x410 [ 31.542132] kasan_atomics+0x96/0x310 [ 31.542563] kunit_try_run_case+0x1b3/0x490 [ 31.542927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.543913] kthread+0x257/0x310 [ 31.544289] ret_from_fork+0x41/0x80 [ 31.545713] ret_from_fork_asm+0x1a/0x30 [ 31.546021] [ 31.546284] The buggy address belongs to the object at ffff888102a59b80 [ 31.546284] which belongs to the cache kmalloc-64 of size 64 [ 31.547700] The buggy address is located 0 bytes to the right of [ 31.547700] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.549036] [ 31.549314] The buggy address belongs to the physical page: [ 31.550259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.551232] flags: 0x200000000000000(node=0|zone=2) [ 31.551615] page_type: f5(slab) [ 31.552088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.553176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.553618] page dumped because: kasan: bad access detected [ 31.554426] [ 31.554628] Memory state around the buggy address: [ 31.554900] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.555462] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.556032] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.557040] ^ [ 31.557674] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.558247] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.559071] ================================================================== [ 30.428831] ================================================================== [ 30.430156] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 30.430929] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.431528] [ 30.431734] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.432599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.432977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.433789] Call Trace: [ 30.434004] <TASK> [ 30.434961] dump_stack_lvl+0x73/0xb0 [ 30.435237] print_report+0xd1/0x640 [ 30.435897] ? __virt_addr_valid+0x1db/0x2d0 [ 30.436472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.437120] kasan_report+0x102/0x140 [ 30.437721] ? kasan_atomics_helper+0xac8/0x5450 [ 30.438222] ? kasan_atomics_helper+0xac8/0x5450 [ 30.438413] kasan_check_range+0x10c/0x1c0 [ 30.439036] __kasan_check_write+0x18/0x20 [ 30.439523] kasan_atomics_helper+0xac8/0x5450 [ 30.439937] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.440376] ? ret_from_fork_asm+0x1a/0x30 [ 30.440764] ? ret_from_fork+0x41/0x80 [ 30.441710] ? kthread+0x257/0x310 [ 30.441992] kasan_atomics+0x1dd/0x310 [ 30.442310] ? __pfx_kasan_atomics+0x10/0x10 [ 30.442923] ? __pfx_read_tsc+0x10/0x10 [ 30.443800] ? ktime_get_ts64+0x86/0x230 [ 30.444156] kunit_try_run_case+0x1b3/0x490 [ 30.444770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.445176] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.445573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.446377] ? __kthread_parkme+0x82/0x160 [ 30.447082] ? preempt_count_sub+0x50/0x80 [ 30.447739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.448129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.449265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.449985] kthread+0x257/0x310 [ 30.450313] ? __pfx_kthread+0x10/0x10 [ 30.450821] ret_from_fork+0x41/0x80 [ 30.451216] ? __pfx_kthread+0x10/0x10 [ 30.452030] ret_from_fork_asm+0x1a/0x30 [ 30.452395] </TASK> [ 30.452630] [ 30.453064] Allocated by task 274: [ 30.453412] kasan_save_stack+0x3d/0x60 [ 30.454259] kasan_save_track+0x18/0x40 [ 30.454845] kasan_save_alloc_info+0x3b/0x50 [ 30.455486] __kasan_kmalloc+0xb7/0xc0 [ 30.456098] __kmalloc_cache_noprof+0x184/0x410 [ 30.456751] kasan_atomics+0x96/0x310 [ 30.457084] kunit_try_run_case+0x1b3/0x490 [ 30.457406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.458423] kthread+0x257/0x310 [ 30.458786] ret_from_fork+0x41/0x80 [ 30.459129] ret_from_fork_asm+0x1a/0x30 [ 30.459521] [ 30.459696] The buggy address belongs to the object at ffff888102a59b80 [ 30.459696] which belongs to the cache kmalloc-64 of size 64 [ 30.460532] The buggy address is located 0 bytes to the right of [ 30.460532] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.461558] [ 30.461722] The buggy address belongs to the physical page: [ 30.462027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.462908] flags: 0x200000000000000(node=0|zone=2) [ 30.463501] page_type: f5(slab) [ 30.463904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.464772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.465376] page dumped because: kasan: bad access detected [ 30.465713] [ 30.465991] Memory state around the buggy address: [ 30.466537] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.467216] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.467867] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.468515] ^ [ 30.468976] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.469567] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.470249] ================================================================== [ 32.011381] ================================================================== [ 32.012851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 32.013710] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.014216] [ 32.014399] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.015071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.015503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.016229] Call Trace: [ 32.016583] <TASK> [ 32.016820] dump_stack_lvl+0x73/0xb0 [ 32.017136] print_report+0xd1/0x640 [ 32.017408] ? __virt_addr_valid+0x1db/0x2d0 [ 32.017759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.018114] kasan_report+0x102/0x140 [ 32.018548] ? kasan_atomics_helper+0x4f73/0x5450 [ 32.019019] ? kasan_atomics_helper+0x4f73/0x5450 [ 32.019555] __asan_report_load8_noabort+0x18/0x20 [ 32.020040] kasan_atomics_helper+0x4f73/0x5450 [ 32.020569] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.021036] ? ret_from_fork_asm+0x1a/0x30 [ 32.021517] ? ret_from_fork+0x41/0x80 [ 32.021922] ? kthread+0x257/0x310 [ 32.022309] kasan_atomics+0x1dd/0x310 [ 32.022766] ? __pfx_kasan_atomics+0x10/0x10 [ 32.023193] ? __pfx_read_tsc+0x10/0x10 [ 32.023620] ? ktime_get_ts64+0x86/0x230 [ 32.024036] kunit_try_run_case+0x1b3/0x490 [ 32.024386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.024914] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.025341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.025856] ? __kthread_parkme+0x82/0x160 [ 32.026285] ? preempt_count_sub+0x50/0x80 [ 32.026623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.027102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.027591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.027982] kthread+0x257/0x310 [ 32.028371] ? __pfx_kthread+0x10/0x10 [ 32.028806] ret_from_fork+0x41/0x80 [ 32.029137] ? __pfx_kthread+0x10/0x10 [ 32.029405] ret_from_fork_asm+0x1a/0x30 [ 32.029744] </TASK> [ 32.029998] [ 32.030218] Allocated by task 274: [ 32.030589] kasan_save_stack+0x3d/0x60 [ 32.030987] kasan_save_track+0x18/0x40 [ 32.031400] kasan_save_alloc_info+0x3b/0x50 [ 32.031858] __kasan_kmalloc+0xb7/0xc0 [ 32.032228] __kmalloc_cache_noprof+0x184/0x410 [ 32.032669] kasan_atomics+0x96/0x310 [ 32.032956] kunit_try_run_case+0x1b3/0x490 [ 32.033400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.033813] kthread+0x257/0x310 [ 32.034171] ret_from_fork+0x41/0x80 [ 32.034543] ret_from_fork_asm+0x1a/0x30 [ 32.034876] [ 32.035030] The buggy address belongs to the object at ffff888102a59b80 [ 32.035030] which belongs to the cache kmalloc-64 of size 64 [ 32.035637] The buggy address is located 0 bytes to the right of [ 32.035637] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.036317] [ 32.036567] The buggy address belongs to the physical page: [ 32.037075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.037758] flags: 0x200000000000000(node=0|zone=2) [ 32.038237] page_type: f5(slab) [ 32.038590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.039268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.039940] page dumped because: kasan: bad access detected [ 32.040377] [ 32.040626] Memory state around the buggy address: [ 32.040964] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.041537] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.042038] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.042411] ^ [ 32.042738] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.043106] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.043754] ================================================================== [ 30.472256] ================================================================== [ 30.472939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 30.474471] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.475037] [ 30.475294] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.476393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.476840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.477494] Call Trace: [ 30.477864] <TASK> [ 30.478212] dump_stack_lvl+0x73/0xb0 [ 30.478627] print_report+0xd1/0x640 [ 30.479089] ? __virt_addr_valid+0x1db/0x2d0 [ 30.479648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.480225] kasan_report+0x102/0x140 [ 30.480717] ? kasan_atomics_helper+0xb6b/0x5450 [ 30.481237] ? kasan_atomics_helper+0xb6b/0x5450 [ 30.481782] kasan_check_range+0x10c/0x1c0 [ 30.482273] __kasan_check_write+0x18/0x20 [ 30.482760] kasan_atomics_helper+0xb6b/0x5450 [ 30.483306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.483727] ? ret_from_fork_asm+0x1a/0x30 [ 30.484260] ? ret_from_fork+0x41/0x80 [ 30.484733] ? kthread+0x257/0x310 [ 30.485204] kasan_atomics+0x1dd/0x310 [ 30.485703] ? __pfx_kasan_atomics+0x10/0x10 [ 30.486212] ? __pfx_read_tsc+0x10/0x10 [ 30.486662] ? ktime_get_ts64+0x86/0x230 [ 30.487107] kunit_try_run_case+0x1b3/0x490 [ 30.487610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.488141] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.488623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.489189] ? __kthread_parkme+0x82/0x160 [ 30.489676] ? preempt_count_sub+0x50/0x80 [ 30.490130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.490678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.491242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.491853] kthread+0x257/0x310 [ 30.492270] ? __pfx_kthread+0x10/0x10 [ 30.492736] ret_from_fork+0x41/0x80 [ 30.492999] ? __pfx_kthread+0x10/0x10 [ 30.493276] ret_from_fork_asm+0x1a/0x30 [ 30.493730] </TASK> [ 30.494007] [ 30.494329] Allocated by task 274: [ 30.494817] kasan_save_stack+0x3d/0x60 [ 30.495272] kasan_save_track+0x18/0x40 [ 30.495756] kasan_save_alloc_info+0x3b/0x50 [ 30.496212] __kasan_kmalloc+0xb7/0xc0 [ 30.496527] __kmalloc_cache_noprof+0x184/0x410 [ 30.496819] kasan_atomics+0x96/0x310 [ 30.497288] kunit_try_run_case+0x1b3/0x490 [ 30.497875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.498541] kthread+0x257/0x310 [ 30.498929] ret_from_fork+0x41/0x80 [ 30.499385] ret_from_fork_asm+0x1a/0x30 [ 30.499833] [ 30.500130] The buggy address belongs to the object at ffff888102a59b80 [ 30.500130] which belongs to the cache kmalloc-64 of size 64 [ 30.501122] The buggy address is located 0 bytes to the right of [ 30.501122] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.501747] [ 30.502037] The buggy address belongs to the physical page: [ 30.502708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.503485] flags: 0x200000000000000(node=0|zone=2) [ 30.504020] page_type: f5(slab) [ 30.504432] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.505190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.505703] page dumped because: kasan: bad access detected [ 30.506265] [ 30.506576] Memory state around the buggy address: [ 30.507018] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.507677] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.508217] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.508911] ^ [ 30.509336] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.510010] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.510621] ================================================================== [ 29.949451] ================================================================== [ 29.950138] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 29.952086] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.952869] [ 29.953128] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.954017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.954367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.954999] Call Trace: [ 29.955223] <TASK> [ 29.955412] dump_stack_lvl+0x73/0xb0 [ 29.955864] print_report+0xd1/0x640 [ 29.956323] ? __virt_addr_valid+0x1db/0x2d0 [ 29.956796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.957407] kasan_report+0x102/0x140 [ 29.957887] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.958412] ? kasan_atomics_helper+0x4b56/0x5450 [ 29.958782] __asan_report_load4_noabort+0x18/0x20 [ 29.959301] kasan_atomics_helper+0x4b56/0x5450 [ 29.959687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.960283] ? ret_from_fork_asm+0x1a/0x30 [ 29.960613] ? ret_from_fork+0x41/0x80 [ 29.961028] ? kthread+0x257/0x310 [ 29.961402] kasan_atomics+0x1dd/0x310 [ 29.961857] ? __pfx_kasan_atomics+0x10/0x10 [ 29.962217] ? __pfx_read_tsc+0x10/0x10 [ 29.962725] ? ktime_get_ts64+0x86/0x230 [ 29.963009] kunit_try_run_case+0x1b3/0x490 [ 29.963322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.963617] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.963911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.964379] ? __kthread_parkme+0x82/0x160 [ 29.964764] ? preempt_count_sub+0x50/0x80 [ 29.965214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.965893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.966482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.967002] kthread+0x257/0x310 [ 29.967380] ? __pfx_kthread+0x10/0x10 [ 29.967830] ret_from_fork+0x41/0x80 [ 29.968271] ? __pfx_kthread+0x10/0x10 [ 29.968868] ret_from_fork_asm+0x1a/0x30 [ 29.969190] </TASK> [ 29.969370] [ 29.969593] Allocated by task 274: [ 29.969968] kasan_save_stack+0x3d/0x60 [ 29.970428] kasan_save_track+0x18/0x40 [ 29.970858] kasan_save_alloc_info+0x3b/0x50 [ 29.971200] __kasan_kmalloc+0xb7/0xc0 [ 29.971637] __kmalloc_cache_noprof+0x184/0x410 [ 29.972137] kasan_atomics+0x96/0x310 [ 29.972429] kunit_try_run_case+0x1b3/0x490 [ 29.972879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.973266] kthread+0x257/0x310 [ 29.973737] ret_from_fork+0x41/0x80 [ 29.974080] ret_from_fork_asm+0x1a/0x30 [ 29.974437] [ 29.974653] The buggy address belongs to the object at ffff888102a59b80 [ 29.974653] which belongs to the cache kmalloc-64 of size 64 [ 29.975438] The buggy address is located 0 bytes to the right of [ 29.975438] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 29.976254] [ 29.976511] The buggy address belongs to the physical page: [ 29.976930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 29.977605] flags: 0x200000000000000(node=0|zone=2) [ 29.978014] page_type: f5(slab) [ 29.978375] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.978857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.979545] page dumped because: kasan: bad access detected [ 29.979881] [ 29.980129] Memory state around the buggy address: [ 29.980555] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.980992] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.981372] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.981717] ^ [ 29.981989] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.982729] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.983349] ================================================================== [ 30.267619] ================================================================== [ 30.268129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 30.268654] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.269136] [ 30.269391] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.270249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.270770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.271528] Call Trace: [ 30.271867] <TASK> [ 30.272188] dump_stack_lvl+0x73/0xb0 [ 30.272685] print_report+0xd1/0x640 [ 30.273104] ? __virt_addr_valid+0x1db/0x2d0 [ 30.273622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.274021] kasan_report+0x102/0x140 [ 30.274422] ? kasan_atomics_helper+0x861/0x5450 [ 30.274849] ? kasan_atomics_helper+0x861/0x5450 [ 30.275213] kasan_check_range+0x10c/0x1c0 [ 30.275504] __kasan_check_write+0x18/0x20 [ 30.275771] kasan_atomics_helper+0x861/0x5450 [ 30.276257] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.276851] ? ret_from_fork_asm+0x1a/0x30 [ 30.277298] ? ret_from_fork+0x41/0x80 [ 30.277738] ? kthread+0x257/0x310 [ 30.278141] kasan_atomics+0x1dd/0x310 [ 30.278611] ? __pfx_kasan_atomics+0x10/0x10 [ 30.279089] ? __pfx_read_tsc+0x10/0x10 [ 30.279391] ? ktime_get_ts64+0x86/0x230 [ 30.279804] kunit_try_run_case+0x1b3/0x490 [ 30.280259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.280891] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.281415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.281864] ? __kthread_parkme+0x82/0x160 [ 30.282330] ? preempt_count_sub+0x50/0x80 [ 30.282717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.283232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.283921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.284321] kthread+0x257/0x310 [ 30.284720] ? __pfx_kthread+0x10/0x10 [ 30.285246] ret_from_fork+0x41/0x80 [ 30.285790] ? __pfx_kthread+0x10/0x10 [ 30.286166] ret_from_fork_asm+0x1a/0x30 [ 30.286557] </TASK> [ 30.286832] [ 30.287029] Allocated by task 274: [ 30.287395] kasan_save_stack+0x3d/0x60 [ 30.288005] kasan_save_track+0x18/0x40 [ 30.288425] kasan_save_alloc_info+0x3b/0x50 [ 30.288818] __kasan_kmalloc+0xb7/0xc0 [ 30.289172] __kmalloc_cache_noprof+0x184/0x410 [ 30.289679] kasan_atomics+0x96/0x310 [ 30.290093] kunit_try_run_case+0x1b3/0x490 [ 30.290517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.290855] kthread+0x257/0x310 [ 30.291222] ret_from_fork+0x41/0x80 [ 30.291683] ret_from_fork_asm+0x1a/0x30 [ 30.292072] [ 30.292229] The buggy address belongs to the object at ffff888102a59b80 [ 30.292229] which belongs to the cache kmalloc-64 of size 64 [ 30.292879] The buggy address is located 0 bytes to the right of [ 30.292879] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.294022] [ 30.294285] The buggy address belongs to the physical page: [ 30.294771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.295184] flags: 0x200000000000000(node=0|zone=2) [ 30.295590] page_type: f5(slab) [ 30.295951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.296723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.297399] page dumped because: kasan: bad access detected [ 30.297786] [ 30.297935] Memory state around the buggy address: [ 30.298366] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.299023] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.299614] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.300231] ^ [ 30.300673] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.301118] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.301782] ================================================================== [ 30.066467] ================================================================== [ 30.067007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 30.067665] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.068167] [ 30.068424] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.069189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.069643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.070193] Call Trace: [ 30.070553] <TASK> [ 30.070860] dump_stack_lvl+0x73/0xb0 [ 30.071227] print_report+0xd1/0x640 [ 30.071672] ? __virt_addr_valid+0x1db/0x2d0 [ 30.071972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.072319] kasan_report+0x102/0x140 [ 30.072794] ? kasan_atomics_helper+0x566/0x5450 [ 30.073282] ? kasan_atomics_helper+0x566/0x5450 [ 30.073795] kasan_check_range+0x10c/0x1c0 [ 30.074239] __kasan_check_write+0x18/0x20 [ 30.074716] kasan_atomics_helper+0x566/0x5450 [ 30.075182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.075728] ? ret_from_fork_asm+0x1a/0x30 [ 30.076211] ? ret_from_fork+0x41/0x80 [ 30.076648] ? kthread+0x257/0x310 [ 30.077047] kasan_atomics+0x1dd/0x310 [ 30.077336] ? __pfx_kasan_atomics+0x10/0x10 [ 30.077830] ? __pfx_read_tsc+0x10/0x10 [ 30.078268] ? ktime_get_ts64+0x86/0x230 [ 30.078770] kunit_try_run_case+0x1b3/0x490 [ 30.079240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.079682] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.080128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.080659] ? __kthread_parkme+0x82/0x160 [ 30.080892] ? preempt_count_sub+0x50/0x80 [ 30.081292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.081789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.082225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.082811] kthread+0x257/0x310 [ 30.083186] ? __pfx_kthread+0x10/0x10 [ 30.083559] ret_from_fork+0x41/0x80 [ 30.083988] ? __pfx_kthread+0x10/0x10 [ 30.084345] ret_from_fork_asm+0x1a/0x30 [ 30.084786] </TASK> [ 30.085069] [ 30.085302] Allocated by task 274: [ 30.085680] kasan_save_stack+0x3d/0x60 [ 30.086074] kasan_save_track+0x18/0x40 [ 30.086534] kasan_save_alloc_info+0x3b/0x50 [ 30.086879] __kasan_kmalloc+0xb7/0xc0 [ 30.087307] __kmalloc_cache_noprof+0x184/0x410 [ 30.087711] kasan_atomics+0x96/0x310 [ 30.088131] kunit_try_run_case+0x1b3/0x490 [ 30.088599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.088952] kthread+0x257/0x310 [ 30.089203] ret_from_fork+0x41/0x80 [ 30.089496] ret_from_fork_asm+0x1a/0x30 [ 30.089758] [ 30.089901] The buggy address belongs to the object at ffff888102a59b80 [ 30.089901] which belongs to the cache kmalloc-64 of size 64 [ 30.090887] The buggy address is located 0 bytes to the right of [ 30.090887] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.091951] [ 30.092188] The buggy address belongs to the physical page: [ 30.092713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.093360] flags: 0x200000000000000(node=0|zone=2) [ 30.093772] page_type: f5(slab) [ 30.094004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.094699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.095371] page dumped because: kasan: bad access detected [ 30.095791] [ 30.095942] Memory state around the buggy address: [ 30.096340] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.097016] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.097613] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.097961] ^ [ 30.098399] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.099086] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.099753] ================================================================== [ 30.696438] ================================================================== [ 30.698491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 30.699165] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.700242] [ 30.701197] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.702170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.702662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.703493] Call Trace: [ 30.703866] <TASK> [ 30.704206] dump_stack_lvl+0x73/0xb0 [ 30.704710] print_report+0xd1/0x640 [ 30.705192] ? __virt_addr_valid+0x1db/0x2d0 [ 30.705741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.706329] kasan_report+0x102/0x140 [ 30.706824] ? kasan_atomics_helper+0xf11/0x5450 [ 30.707362] ? kasan_atomics_helper+0xf11/0x5450 [ 30.707931] kasan_check_range+0x10c/0x1c0 [ 30.708388] __kasan_check_write+0x18/0x20 [ 30.708922] kasan_atomics_helper+0xf11/0x5450 [ 30.709388] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.709727] ? ret_from_fork_asm+0x1a/0x30 [ 30.710276] ? ret_from_fork+0x41/0x80 [ 30.710723] ? kthread+0x257/0x310 [ 30.711094] kasan_atomics+0x1dd/0x310 [ 30.711605] ? __pfx_kasan_atomics+0x10/0x10 [ 30.712136] ? __pfx_read_tsc+0x10/0x10 [ 30.712572] ? ktime_get_ts64+0x86/0x230 [ 30.712858] kunit_try_run_case+0x1b3/0x490 [ 30.713291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.713948] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.714520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.714934] ? __kthread_parkme+0x82/0x160 [ 30.715466] ? preempt_count_sub+0x50/0x80 [ 30.715970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.716360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.716903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.717580] kthread+0x257/0x310 [ 30.717964] ? __pfx_kthread+0x10/0x10 [ 30.718469] ret_from_fork+0x41/0x80 [ 30.718773] ? __pfx_kthread+0x10/0x10 [ 30.719041] ret_from_fork_asm+0x1a/0x30 [ 30.719517] </TASK> [ 30.719793] [ 30.720005] Allocated by task 274: [ 30.720525] kasan_save_stack+0x3d/0x60 [ 30.720978] kasan_save_track+0x18/0x40 [ 30.721388] kasan_save_alloc_info+0x3b/0x50 [ 30.721713] __kasan_kmalloc+0xb7/0xc0 [ 30.721959] __kmalloc_cache_noprof+0x184/0x410 [ 30.722557] kasan_atomics+0x96/0x310 [ 30.723142] kunit_try_run_case+0x1b3/0x490 [ 30.723713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.724230] kthread+0x257/0x310 [ 30.724562] ret_from_fork+0x41/0x80 [ 30.724913] ret_from_fork_asm+0x1a/0x30 [ 30.725397] [ 30.725669] The buggy address belongs to the object at ffff888102a59b80 [ 30.725669] which belongs to the cache kmalloc-64 of size 64 [ 30.726608] The buggy address is located 0 bytes to the right of [ 30.726608] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.727581] [ 30.727824] The buggy address belongs to the physical page: [ 30.728145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.728875] flags: 0x200000000000000(node=0|zone=2) [ 30.729366] page_type: f5(slab) [ 30.729797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.730345] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.731027] page dumped because: kasan: bad access detected [ 30.731615] [ 30.731838] Memory state around the buggy address: [ 30.732270] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.732870] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.733546] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.734082] ^ [ 30.734628] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.735159] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.735721] ================================================================== [ 30.661313] ================================================================== [ 30.662012] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 30.662762] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.663395] [ 30.663669] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.664590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.664867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.665316] Call Trace: [ 30.665572] <TASK> [ 30.665771] dump_stack_lvl+0x73/0xb0 [ 30.666257] print_report+0xd1/0x640 [ 30.666703] ? __virt_addr_valid+0x1db/0x2d0 [ 30.667173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.667765] kasan_report+0x102/0x140 [ 30.668208] ? kasan_atomics_helper+0xe79/0x5450 [ 30.668749] ? kasan_atomics_helper+0xe79/0x5450 [ 30.669237] kasan_check_range+0x10c/0x1c0 [ 30.669745] __kasan_check_write+0x18/0x20 [ 30.670189] kasan_atomics_helper+0xe79/0x5450 [ 30.670602] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.671027] ? ret_from_fork_asm+0x1a/0x30 [ 30.671595] ? ret_from_fork+0x41/0x80 [ 30.671928] ? kthread+0x257/0x310 [ 30.672209] kasan_atomics+0x1dd/0x310 [ 30.672615] ? __pfx_kasan_atomics+0x10/0x10 [ 30.673071] ? __pfx_read_tsc+0x10/0x10 [ 30.673538] ? ktime_get_ts64+0x86/0x230 [ 30.673968] kunit_try_run_case+0x1b3/0x490 [ 30.674431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.674787] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.675149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.675684] ? __kthread_parkme+0x82/0x160 [ 30.676131] ? preempt_count_sub+0x50/0x80 [ 30.676641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.677121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.677584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.678143] kthread+0x257/0x310 [ 30.678557] ? __pfx_kthread+0x10/0x10 [ 30.678943] ret_from_fork+0x41/0x80 [ 30.679222] ? __pfx_kthread+0x10/0x10 [ 30.679526] ret_from_fork_asm+0x1a/0x30 [ 30.679817] </TASK> [ 30.680005] [ 30.680173] Allocated by task 274: [ 30.680408] kasan_save_stack+0x3d/0x60 [ 30.680730] kasan_save_track+0x18/0x40 [ 30.681100] kasan_save_alloc_info+0x3b/0x50 [ 30.681596] __kasan_kmalloc+0xb7/0xc0 [ 30.681991] __kmalloc_cache_noprof+0x184/0x410 [ 30.682488] kasan_atomics+0x96/0x310 [ 30.682879] kunit_try_run_case+0x1b3/0x490 [ 30.683290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.683833] kthread+0x257/0x310 [ 30.684234] ret_from_fork+0x41/0x80 [ 30.684668] ret_from_fork_asm+0x1a/0x30 [ 30.685015] [ 30.685187] The buggy address belongs to the object at ffff888102a59b80 [ 30.685187] which belongs to the cache kmalloc-64 of size 64 [ 30.685771] The buggy address is located 0 bytes to the right of [ 30.685771] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.686827] [ 30.687064] The buggy address belongs to the physical page: [ 30.687601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.688280] flags: 0x200000000000000(node=0|zone=2) [ 30.688786] page_type: f5(slab) [ 30.689023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.689423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.690027] page dumped because: kasan: bad access detected [ 30.690603] [ 30.690851] Memory state around the buggy address: [ 30.691271] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.691830] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.692333] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.694039] ^ [ 30.694351] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.694710] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.695074] ================================================================== [ 31.276856] ================================================================== [ 31.277488] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 31.278593] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.279772] [ 31.279980] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.280733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.281065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.282046] Call Trace: [ 31.282268] <TASK> [ 31.282885] dump_stack_lvl+0x73/0xb0 [ 31.283242] print_report+0xd1/0x640 [ 31.284081] ? __virt_addr_valid+0x1db/0x2d0 [ 31.284723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.285048] kasan_report+0x102/0x140 [ 31.286076] ? kasan_atomics_helper+0x151e/0x5450 [ 31.286432] ? kasan_atomics_helper+0x151e/0x5450 [ 31.287175] kasan_check_range+0x10c/0x1c0 [ 31.287825] __kasan_check_write+0x18/0x20 [ 31.288167] kasan_atomics_helper+0x151e/0x5450 [ 31.288928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.289330] ? ret_from_fork_asm+0x1a/0x30 [ 31.290134] ? ret_from_fork+0x41/0x80 [ 31.290443] ? kthread+0x257/0x310 [ 31.291023] kasan_atomics+0x1dd/0x310 [ 31.291638] ? __pfx_kasan_atomics+0x10/0x10 [ 31.291954] ? __pfx_read_tsc+0x10/0x10 [ 31.292355] ? ktime_get_ts64+0x86/0x230 [ 31.293267] kunit_try_run_case+0x1b3/0x490 [ 31.293621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.294208] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.294675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.295069] ? __kthread_parkme+0x82/0x160 [ 31.295427] ? preempt_count_sub+0x50/0x80 [ 31.296430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.296838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.297463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.298189] kthread+0x257/0x310 [ 31.299113] ? __pfx_kthread+0x10/0x10 [ 31.299443] ret_from_fork+0x41/0x80 [ 31.299944] ? __pfx_kthread+0x10/0x10 [ 31.300435] ret_from_fork_asm+0x1a/0x30 [ 31.301203] </TASK> [ 31.301521] [ 31.301718] Allocated by task 274: [ 31.301975] kasan_save_stack+0x3d/0x60 [ 31.302312] kasan_save_track+0x18/0x40 [ 31.303429] kasan_save_alloc_info+0x3b/0x50 [ 31.303807] __kasan_kmalloc+0xb7/0xc0 [ 31.304487] __kmalloc_cache_noprof+0x184/0x410 [ 31.304811] kasan_atomics+0x96/0x310 [ 31.305040] kunit_try_run_case+0x1b3/0x490 [ 31.305403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.306536] kthread+0x257/0x310 [ 31.306854] ret_from_fork+0x41/0x80 [ 31.307116] ret_from_fork_asm+0x1a/0x30 [ 31.307890] [ 31.308121] The buggy address belongs to the object at ffff888102a59b80 [ 31.308121] which belongs to the cache kmalloc-64 of size 64 [ 31.308923] The buggy address is located 0 bytes to the right of [ 31.308923] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.309949] [ 31.310824] The buggy address belongs to the physical page: [ 31.311154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.312117] flags: 0x200000000000000(node=0|zone=2) [ 31.312696] page_type: f5(slab) [ 31.313048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.313941] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.314642] page dumped because: kasan: bad access detected [ 31.315273] [ 31.315816] Memory state around the buggy address: [ 31.316135] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.317157] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.317614] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.318535] ^ [ 31.318961] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.319460] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.320605] ================================================================== [ 31.860756] ================================================================== [ 31.861271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 31.862013] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.862432] [ 31.862610] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.863573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.863971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.864789] Call Trace: [ 31.865012] <TASK> [ 31.865362] dump_stack_lvl+0x73/0xb0 [ 31.865802] print_report+0xd1/0x640 [ 31.866265] ? __virt_addr_valid+0x1db/0x2d0 [ 31.866961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.867386] kasan_report+0x102/0x140 [ 31.867830] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.868441] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.868950] kasan_check_range+0x10c/0x1c0 [ 31.869272] __kasan_check_write+0x18/0x20 [ 31.869882] kasan_atomics_helper+0x1d7b/0x5450 [ 31.870317] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.871030] ? ret_from_fork_asm+0x1a/0x30 [ 31.871446] ? ret_from_fork+0x41/0x80 [ 31.871892] ? kthread+0x257/0x310 [ 31.872184] kasan_atomics+0x1dd/0x310 [ 31.872467] ? __pfx_kasan_atomics+0x10/0x10 [ 31.872865] ? __pfx_read_tsc+0x10/0x10 [ 31.873367] ? ktime_get_ts64+0x86/0x230 [ 31.873798] kunit_try_run_case+0x1b3/0x490 [ 31.874262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.874810] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.875378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.875946] ? __kthread_parkme+0x82/0x160 [ 31.876373] ? preempt_count_sub+0x50/0x80 [ 31.876967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.877431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.878086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.878580] kthread+0x257/0x310 [ 31.878956] ? __pfx_kthread+0x10/0x10 [ 31.879243] ret_from_fork+0x41/0x80 [ 31.879500] ? __pfx_kthread+0x10/0x10 [ 31.879930] ret_from_fork_asm+0x1a/0x30 [ 31.880539] </TASK> [ 31.880816] [ 31.881025] Allocated by task 274: [ 31.881391] kasan_save_stack+0x3d/0x60 [ 31.881891] kasan_save_track+0x18/0x40 [ 31.882270] kasan_save_alloc_info+0x3b/0x50 [ 31.882959] __kasan_kmalloc+0xb7/0xc0 [ 31.883241] __kmalloc_cache_noprof+0x184/0x410 [ 31.883528] kasan_atomics+0x96/0x310 [ 31.883776] kunit_try_run_case+0x1b3/0x490 [ 31.884272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.884873] kthread+0x257/0x310 [ 31.885375] ret_from_fork+0x41/0x80 [ 31.885905] ret_from_fork_asm+0x1a/0x30 [ 31.886341] [ 31.886695] The buggy address belongs to the object at ffff888102a59b80 [ 31.886695] which belongs to the cache kmalloc-64 of size 64 [ 31.887611] The buggy address is located 0 bytes to the right of [ 31.887611] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.888288] [ 31.888458] The buggy address belongs to the physical page: [ 31.888944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.889909] flags: 0x200000000000000(node=0|zone=2) [ 31.892491] page_type: f5(slab) [ 31.893036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.893508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.893876] page dumped because: kasan: bad access detected [ 31.895023] [ 31.895244] Memory state around the buggy address: [ 31.895818] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.896490] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.897114] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.897872] ^ [ 31.898333] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.898933] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.899347] ================================================================== [ 31.976579] ================================================================== [ 31.977177] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 31.977847] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.978331] [ 31.978622] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.979524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.979915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.980584] Call Trace: [ 31.980791] <TASK> [ 31.981070] dump_stack_lvl+0x73/0xb0 [ 31.981596] print_report+0xd1/0x640 [ 31.982034] ? __virt_addr_valid+0x1db/0x2d0 [ 31.982572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.983099] kasan_report+0x102/0x140 [ 31.983424] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.983906] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.984468] kasan_check_range+0x10c/0x1c0 [ 31.984928] __kasan_check_write+0x18/0x20 [ 31.985373] kasan_atomics_helper+0x1f44/0x5450 [ 31.985903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.986334] ? ret_from_fork_asm+0x1a/0x30 [ 31.986811] ? ret_from_fork+0x41/0x80 [ 31.987206] ? kthread+0x257/0x310 [ 31.987597] kasan_atomics+0x1dd/0x310 [ 31.988029] ? __pfx_kasan_atomics+0x10/0x10 [ 31.988483] ? __pfx_read_tsc+0x10/0x10 [ 31.988939] ? ktime_get_ts64+0x86/0x230 [ 31.989242] kunit_try_run_case+0x1b3/0x490 [ 31.989758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.990267] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.990697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.991137] ? __kthread_parkme+0x82/0x160 [ 31.991679] ? preempt_count_sub+0x50/0x80 [ 31.992156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.992625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.993188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.993701] kthread+0x257/0x310 [ 31.994091] ? __pfx_kthread+0x10/0x10 [ 31.994489] ret_from_fork+0x41/0x80 [ 31.994836] ? __pfx_kthread+0x10/0x10 [ 31.995120] ret_from_fork_asm+0x1a/0x30 [ 31.995419] </TASK> [ 31.995656] [ 31.995808] Allocated by task 274: [ 31.996032] kasan_save_stack+0x3d/0x60 [ 31.996509] kasan_save_track+0x18/0x40 [ 31.996914] kasan_save_alloc_info+0x3b/0x50 [ 31.997363] __kasan_kmalloc+0xb7/0xc0 [ 31.997769] __kmalloc_cache_noprof+0x184/0x410 [ 31.998234] kasan_atomics+0x96/0x310 [ 31.998656] kunit_try_run_case+0x1b3/0x490 [ 31.999076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.999601] kthread+0x257/0x310 [ 31.999960] ret_from_fork+0x41/0x80 [ 32.000357] ret_from_fork_asm+0x1a/0x30 [ 32.000815] [ 32.001019] The buggy address belongs to the object at ffff888102a59b80 [ 32.001019] which belongs to the cache kmalloc-64 of size 64 [ 32.002001] The buggy address is located 0 bytes to the right of [ 32.002001] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.002870] [ 32.003022] The buggy address belongs to the physical page: [ 32.003374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.004076] flags: 0x200000000000000(node=0|zone=2) [ 32.004577] page_type: f5(slab) [ 32.004981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.005408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.005825] page dumped because: kasan: bad access detected [ 32.006154] [ 32.006367] Memory state around the buggy address: [ 32.006852] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.007510] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.008137] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.008770] ^ [ 32.009181] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.009747] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.010118] ================================================================== [ 31.939650] ================================================================== [ 31.940235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 31.940792] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.941486] [ 31.941736] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.942503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.942906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.943612] Call Trace: [ 31.943921] <TASK> [ 31.944214] dump_stack_lvl+0x73/0xb0 [ 31.944767] print_report+0xd1/0x640 [ 31.945107] ? __virt_addr_valid+0x1db/0x2d0 [ 31.945615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.946121] kasan_report+0x102/0x140 [ 31.946601] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.947088] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.947586] kasan_check_range+0x10c/0x1c0 [ 31.948050] __kasan_check_write+0x18/0x20 [ 31.948557] kasan_atomics_helper+0x1eab/0x5450 [ 31.949015] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.949387] ? ret_from_fork_asm+0x1a/0x30 [ 31.949836] ? ret_from_fork+0x41/0x80 [ 31.950242] ? kthread+0x257/0x310 [ 31.950628] kasan_atomics+0x1dd/0x310 [ 31.951038] ? __pfx_kasan_atomics+0x10/0x10 [ 31.951624] ? __pfx_read_tsc+0x10/0x10 [ 31.951983] ? ktime_get_ts64+0x86/0x230 [ 31.952284] kunit_try_run_case+0x1b3/0x490 [ 31.952796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.953337] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.953877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.954419] ? __kthread_parkme+0x82/0x160 [ 31.954855] ? preempt_count_sub+0x50/0x80 [ 31.955330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.955866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.956356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.956925] kthread+0x257/0x310 [ 31.957335] ? __pfx_kthread+0x10/0x10 [ 31.957801] ret_from_fork+0x41/0x80 [ 31.958199] ? __pfx_kthread+0x10/0x10 [ 31.958533] ret_from_fork_asm+0x1a/0x30 [ 31.958959] </TASK> [ 31.959246] [ 31.959524] Allocated by task 274: [ 31.959902] kasan_save_stack+0x3d/0x60 [ 31.960269] kasan_save_track+0x18/0x40 [ 31.960648] kasan_save_alloc_info+0x3b/0x50 [ 31.961006] __kasan_kmalloc+0xb7/0xc0 [ 31.961380] __kmalloc_cache_noprof+0x184/0x410 [ 31.961874] kasan_atomics+0x96/0x310 [ 31.962282] kunit_try_run_case+0x1b3/0x490 [ 31.962752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.963270] kthread+0x257/0x310 [ 31.963664] ret_from_fork+0x41/0x80 [ 31.964047] ret_from_fork_asm+0x1a/0x30 [ 31.964542] [ 31.964846] The buggy address belongs to the object at ffff888102a59b80 [ 31.964846] which belongs to the cache kmalloc-64 of size 64 [ 31.965835] The buggy address is located 0 bytes to the right of [ 31.965835] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.966698] [ 31.966859] The buggy address belongs to the physical page: [ 31.967384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.968101] flags: 0x200000000000000(node=0|zone=2) [ 31.968522] page_type: f5(slab) [ 31.968843] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.969509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.970149] page dumped because: kasan: bad access detected [ 31.970679] [ 31.970898] Memory state around the buggy address: [ 31.971334] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.972006] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.972684] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.973315] ^ [ 31.973708] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.974321] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.974993] ================================================================== [ 30.971654] ================================================================== [ 30.972748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 30.973228] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.973725] [ 30.973968] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.974577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.974896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.975503] Call Trace: [ 30.975806] <TASK> [ 30.976088] dump_stack_lvl+0x73/0xb0 [ 30.976471] print_report+0xd1/0x640 [ 30.976777] ? __virt_addr_valid+0x1db/0x2d0 [ 30.977223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.977763] kasan_report+0x102/0x140 [ 30.978168] ? kasan_atomics_helper+0x1218/0x5450 [ 30.978519] ? kasan_atomics_helper+0x1218/0x5450 [ 30.978999] kasan_check_range+0x10c/0x1c0 [ 30.979363] __kasan_check_write+0x18/0x20 [ 30.979744] kasan_atomics_helper+0x1218/0x5450 [ 30.980203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.980627] ? ret_from_fork_asm+0x1a/0x30 [ 30.981072] ? ret_from_fork+0x41/0x80 [ 30.981475] ? kthread+0x257/0x310 [ 30.981776] kasan_atomics+0x1dd/0x310 [ 30.982190] ? __pfx_kasan_atomics+0x10/0x10 [ 30.982635] ? __pfx_read_tsc+0x10/0x10 [ 30.982965] ? ktime_get_ts64+0x86/0x230 [ 30.983329] kunit_try_run_case+0x1b3/0x490 [ 30.983806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.984164] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.984576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.984893] ? __kthread_parkme+0x82/0x160 [ 30.985674] ? preempt_count_sub+0x50/0x80 [ 30.986122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.986898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.987481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.987990] kthread+0x257/0x310 [ 30.988371] ? __pfx_kthread+0x10/0x10 [ 30.988771] ret_from_fork+0x41/0x80 [ 30.989214] ? __pfx_kthread+0x10/0x10 [ 30.989644] ret_from_fork_asm+0x1a/0x30 [ 30.989985] </TASK> [ 30.990268] [ 30.990516] Allocated by task 274: [ 30.990791] kasan_save_stack+0x3d/0x60 [ 30.991194] kasan_save_track+0x18/0x40 [ 30.991561] kasan_save_alloc_info+0x3b/0x50 [ 30.991986] __kasan_kmalloc+0xb7/0xc0 [ 30.992269] __kmalloc_cache_noprof+0x184/0x410 [ 30.992765] kasan_atomics+0x96/0x310 [ 30.993043] kunit_try_run_case+0x1b3/0x490 [ 30.993335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.993689] kthread+0x257/0x310 [ 30.993929] ret_from_fork+0x41/0x80 [ 30.994336] ret_from_fork_asm+0x1a/0x30 [ 30.994744] [ 30.994956] The buggy address belongs to the object at ffff888102a59b80 [ 30.994956] which belongs to the cache kmalloc-64 of size 64 [ 30.995941] The buggy address is located 0 bytes to the right of [ 30.995941] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.996990] [ 30.997216] The buggy address belongs to the physical page: [ 30.997623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.998182] flags: 0x200000000000000(node=0|zone=2) [ 30.998536] page_type: f5(slab) [ 30.998773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.999216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.999889] page dumped because: kasan: bad access detected [ 31.000384] [ 31.000639] Memory state around the buggy address: [ 31.001066] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.001698] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.002301] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.002938] ^ [ 31.003374] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.003849] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.004224] ================================================================== [ 30.230412] ================================================================== [ 30.230930] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 30.231672] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.232395] [ 30.232982] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.233641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.234285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.234911] Call Trace: [ 30.235473] <TASK> [ 30.235753] dump_stack_lvl+0x73/0xb0 [ 30.236173] print_report+0xd1/0x640 [ 30.236616] ? __virt_addr_valid+0x1db/0x2d0 [ 30.236997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.237540] kasan_report+0x102/0x140 [ 30.237862] ? kasan_atomics_helper+0x7c8/0x5450 [ 30.238367] ? kasan_atomics_helper+0x7c8/0x5450 [ 30.238767] kasan_check_range+0x10c/0x1c0 [ 30.239246] __kasan_check_write+0x18/0x20 [ 30.239541] kasan_atomics_helper+0x7c8/0x5450 [ 30.240166] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.240644] ? ret_from_fork_asm+0x1a/0x30 [ 30.241331] ? ret_from_fork+0x41/0x80 [ 30.241633] ? kthread+0x257/0x310 [ 30.241904] kasan_atomics+0x1dd/0x310 [ 30.242456] ? __pfx_kasan_atomics+0x10/0x10 [ 30.243035] ? __pfx_read_tsc+0x10/0x10 [ 30.243459] ? ktime_get_ts64+0x86/0x230 [ 30.243837] kunit_try_run_case+0x1b3/0x490 [ 30.244295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.244722] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.245386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.245772] ? __kthread_parkme+0x82/0x160 [ 30.246070] ? preempt_count_sub+0x50/0x80 [ 30.246594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.247110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.247782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.248260] kthread+0x257/0x310 [ 30.248584] ? __pfx_kthread+0x10/0x10 [ 30.249012] ret_from_fork+0x41/0x80 [ 30.249456] ? __pfx_kthread+0x10/0x10 [ 30.249862] ret_from_fork_asm+0x1a/0x30 [ 30.250282] </TASK> [ 30.250473] [ 30.250643] Allocated by task 274: [ 30.251217] kasan_save_stack+0x3d/0x60 [ 30.251671] kasan_save_track+0x18/0x40 [ 30.252083] kasan_save_alloc_info+0x3b/0x50 [ 30.252500] __kasan_kmalloc+0xb7/0xc0 [ 30.252909] __kmalloc_cache_noprof+0x184/0x410 [ 30.253286] kasan_atomics+0x96/0x310 [ 30.253770] kunit_try_run_case+0x1b3/0x490 [ 30.254116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.254522] kthread+0x257/0x310 [ 30.254984] ret_from_fork+0x41/0x80 [ 30.255385] ret_from_fork_asm+0x1a/0x30 [ 30.255716] [ 30.255922] The buggy address belongs to the object at ffff888102a59b80 [ 30.255922] which belongs to the cache kmalloc-64 of size 64 [ 30.257176] The buggy address is located 0 bytes to the right of [ 30.257176] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.258381] [ 30.258627] The buggy address belongs to the physical page: [ 30.258981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.259609] flags: 0x200000000000000(node=0|zone=2) [ 30.259910] page_type: f5(slab) [ 30.260229] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.260962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.261675] page dumped because: kasan: bad access detected [ 30.262151] [ 30.262361] Memory state around the buggy address: [ 30.262701] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.263267] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.264161] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.264749] ^ [ 30.265036] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.265620] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.266204] ================================================================== [ 32.275912] ================================================================== [ 32.276817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 32.277578] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.278517] [ 32.278785] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.279914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.280430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.281432] Call Trace: [ 32.281861] <TASK> [ 32.282245] dump_stack_lvl+0x73/0xb0 [ 32.282813] print_report+0xd1/0x640 [ 32.283324] ? __virt_addr_valid+0x1db/0x2d0 [ 32.283989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.284592] kasan_report+0x102/0x140 [ 32.285192] ? kasan_atomics_helper+0x224d/0x5450 [ 32.285382] ? kasan_atomics_helper+0x224d/0x5450 [ 32.285841] kasan_check_range+0x10c/0x1c0 [ 32.286160] __kasan_check_write+0x18/0x20 [ 32.286602] kasan_atomics_helper+0x224d/0x5450 [ 32.287030] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.287357] ? ret_from_fork_asm+0x1a/0x30 [ 32.287761] ? ret_from_fork+0x41/0x80 [ 32.288198] ? kthread+0x257/0x310 [ 32.288614] kasan_atomics+0x1dd/0x310 [ 32.288961] ? __pfx_kasan_atomics+0x10/0x10 [ 32.289417] ? __pfx_read_tsc+0x10/0x10 [ 32.289855] ? ktime_get_ts64+0x86/0x230 [ 32.290209] kunit_try_run_case+0x1b3/0x490 [ 32.290686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.291019] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.291345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.291856] ? __kthread_parkme+0x82/0x160 [ 32.292296] ? preempt_count_sub+0x50/0x80 [ 32.292765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.293228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.293697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.294032] kthread+0x257/0x310 [ 32.294426] ? __pfx_kthread+0x10/0x10 [ 32.294905] ret_from_fork+0x41/0x80 [ 32.295313] ? __pfx_kthread+0x10/0x10 [ 32.295745] ret_from_fork_asm+0x1a/0x30 [ 32.296135] </TASK> [ 32.296321] [ 32.296516] Allocated by task 274: [ 32.296740] kasan_save_stack+0x3d/0x60 [ 32.297151] kasan_save_track+0x18/0x40 [ 32.297569] kasan_save_alloc_info+0x3b/0x50 [ 32.297977] __kasan_kmalloc+0xb7/0xc0 [ 32.298379] __kmalloc_cache_noprof+0x184/0x410 [ 32.298872] kasan_atomics+0x96/0x310 [ 32.299272] kunit_try_run_case+0x1b3/0x490 [ 32.299743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.300139] kthread+0x257/0x310 [ 32.300475] ret_from_fork+0x41/0x80 [ 32.300776] ret_from_fork_asm+0x1a/0x30 [ 32.301186] [ 32.301380] The buggy address belongs to the object at ffff888102a59b80 [ 32.301380] which belongs to the cache kmalloc-64 of size 64 [ 32.302628] The buggy address is located 0 bytes to the right of [ 32.302628] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.304214] [ 32.304472] The buggy address belongs to the physical page: [ 32.305014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.305770] flags: 0x200000000000000(node=0|zone=2) [ 32.306146] page_type: f5(slab) [ 32.306385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.306810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.307325] page dumped because: kasan: bad access detected [ 32.307912] [ 32.308178] Memory state around the buggy address: [ 32.308725] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.309349] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.310041] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.310708] ^ [ 32.311177] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.311644] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.312000] ================================================================== [ 30.341861] ================================================================== [ 30.342867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 30.343494] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.344138] [ 30.344378] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.345192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.345661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.346274] Call Trace: [ 30.346619] <TASK> [ 30.346865] dump_stack_lvl+0x73/0xb0 [ 30.347306] print_report+0xd1/0x640 [ 30.347953] ? __virt_addr_valid+0x1db/0x2d0 [ 30.348405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.348879] kasan_report+0x102/0x140 [ 30.349249] ? kasan_atomics_helper+0x993/0x5450 [ 30.349642] ? kasan_atomics_helper+0x993/0x5450 [ 30.350045] kasan_check_range+0x10c/0x1c0 [ 30.350640] __kasan_check_write+0x18/0x20 [ 30.351085] kasan_atomics_helper+0x993/0x5450 [ 30.351563] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.352050] ? ret_from_fork_asm+0x1a/0x30 [ 30.352531] ? ret_from_fork+0x41/0x80 [ 30.352965] ? kthread+0x257/0x310 [ 30.353367] kasan_atomics+0x1dd/0x310 [ 30.353769] ? __pfx_kasan_atomics+0x10/0x10 [ 30.354079] ? __pfx_read_tsc+0x10/0x10 [ 30.354348] ? ktime_get_ts64+0x86/0x230 [ 30.354908] kunit_try_run_case+0x1b3/0x490 [ 30.355389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.355866] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.356428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.356971] ? __kthread_parkme+0x82/0x160 [ 30.357413] ? preempt_count_sub+0x50/0x80 [ 30.357756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.358067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.358738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.359328] kthread+0x257/0x310 [ 30.359826] ? __pfx_kthread+0x10/0x10 [ 30.360217] ret_from_fork+0x41/0x80 [ 30.360501] ? __pfx_kthread+0x10/0x10 [ 30.360758] ret_from_fork_asm+0x1a/0x30 [ 30.362144] </TASK> [ 30.362507] [ 30.362747] Allocated by task 274: [ 30.363154] kasan_save_stack+0x3d/0x60 [ 30.363669] kasan_save_track+0x18/0x40 [ 30.366457] kasan_save_alloc_info+0x3b/0x50 [ 30.367384] __kasan_kmalloc+0xb7/0xc0 [ 30.367705] __kmalloc_cache_noprof+0x184/0x410 [ 30.368167] kasan_atomics+0x96/0x310 [ 30.368550] kunit_try_run_case+0x1b3/0x490 [ 30.368922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.369834] kthread+0x257/0x310 [ 30.370100] ret_from_fork+0x41/0x80 [ 30.370349] ret_from_fork_asm+0x1a/0x30 [ 30.370623] [ 30.370772] The buggy address belongs to the object at ffff888102a59b80 [ 30.370772] which belongs to the cache kmalloc-64 of size 64 [ 30.371331] The buggy address is located 0 bytes to the right of [ 30.371331] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.371891] [ 30.372047] The buggy address belongs to the physical page: [ 30.374360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.375703] flags: 0x200000000000000(node=0|zone=2) [ 30.376111] page_type: f5(slab) [ 30.376386] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.377267] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.378246] page dumped because: kasan: bad access detected [ 30.379097] [ 30.379497] Memory state around the buggy address: [ 30.379785] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.380409] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.380853] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.381599] ^ [ 30.382076] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.382547] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.383150] ================================================================== [ 29.914191] ================================================================== [ 29.914894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 29.915823] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.916272] [ 29.916451] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.917725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.918150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.918952] Call Trace: [ 29.919716] <TASK> [ 29.920014] dump_stack_lvl+0x73/0xb0 [ 29.920610] print_report+0xd1/0x640 [ 29.920901] ? __virt_addr_valid+0x1db/0x2d0 [ 29.921369] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.921801] kasan_report+0x102/0x140 [ 29.922086] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.922512] ? kasan_atomics_helper+0x3e0/0x5450 [ 29.923113] kasan_check_range+0x10c/0x1c0 [ 29.923543] __kasan_check_read+0x15/0x20 [ 29.923907] kasan_atomics_helper+0x3e0/0x5450 [ 29.924218] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.924862] ? ret_from_fork_asm+0x1a/0x30 [ 29.925279] ? ret_from_fork+0x41/0x80 [ 29.925652] ? kthread+0x257/0x310 [ 29.926070] kasan_atomics+0x1dd/0x310 [ 29.926397] ? __pfx_kasan_atomics+0x10/0x10 [ 29.926687] ? __pfx_read_tsc+0x10/0x10 [ 29.926949] ? ktime_get_ts64+0x86/0x230 [ 29.927382] kunit_try_run_case+0x1b3/0x490 [ 29.927924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.928420] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.928902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.929400] ? __kthread_parkme+0x82/0x160 [ 29.929856] ? preempt_count_sub+0x50/0x80 [ 29.930188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.930778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.931379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.931877] kthread+0x257/0x310 [ 29.932162] ? __pfx_kthread+0x10/0x10 [ 29.932437] ret_from_fork+0x41/0x80 [ 29.932899] ? __pfx_kthread+0x10/0x10 [ 29.933351] ret_from_fork_asm+0x1a/0x30 [ 29.933972] </TASK> [ 29.934273] [ 29.934433] Allocated by task 274: [ 29.934742] kasan_save_stack+0x3d/0x60 [ 29.935013] kasan_save_track+0x18/0x40 [ 29.935273] kasan_save_alloc_info+0x3b/0x50 [ 29.935601] __kasan_kmalloc+0xb7/0xc0 [ 29.936066] __kmalloc_cache_noprof+0x184/0x410 [ 29.936562] kasan_atomics+0x96/0x310 [ 29.936982] kunit_try_run_case+0x1b3/0x490 [ 29.937414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.937797] kthread+0x257/0x310 [ 29.938162] ret_from_fork+0x41/0x80 [ 29.938616] ret_from_fork_asm+0x1a/0x30 [ 29.938884] [ 29.939032] The buggy address belongs to the object at ffff888102a59b80 [ 29.939032] which belongs to the cache kmalloc-64 of size 64 [ 29.939695] The buggy address is located 0 bytes to the right of [ 29.939695] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 29.940789] [ 29.941011] The buggy address belongs to the physical page: [ 29.941516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 29.942010] flags: 0x200000000000000(node=0|zone=2) [ 29.942531] page_type: f5(slab) [ 29.942885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.943370] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.944228] page dumped because: kasan: bad access detected [ 29.944916] [ 29.945087] Memory state around the buggy address: [ 29.945360] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.945986] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.946651] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.947092] ^ [ 29.947570] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.948128] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.948489] ================================================================== [ 30.303310] ================================================================== [ 30.304094] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 30.304667] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.305114] [ 30.305435] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.306786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.307270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.307888] Call Trace: [ 30.308326] <TASK> [ 30.308649] dump_stack_lvl+0x73/0xb0 [ 30.309130] print_report+0xd1/0x640 [ 30.309464] ? __virt_addr_valid+0x1db/0x2d0 [ 30.309887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.310405] kasan_report+0x102/0x140 [ 30.310779] ? kasan_atomics_helper+0x8fa/0x5450 [ 30.311171] ? kasan_atomics_helper+0x8fa/0x5450 [ 30.311510] kasan_check_range+0x10c/0x1c0 [ 30.311799] __kasan_check_write+0x18/0x20 [ 30.312118] kasan_atomics_helper+0x8fa/0x5450 [ 30.312596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.313075] ? ret_from_fork_asm+0x1a/0x30 [ 30.313521] ? ret_from_fork+0x41/0x80 [ 30.313931] ? kthread+0x257/0x310 [ 30.314330] kasan_atomics+0x1dd/0x310 [ 30.314987] ? __pfx_kasan_atomics+0x10/0x10 [ 30.315440] ? __pfx_read_tsc+0x10/0x10 [ 30.315903] ? ktime_get_ts64+0x86/0x230 [ 30.316368] kunit_try_run_case+0x1b3/0x490 [ 30.316827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.317343] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.317823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.318351] ? __kthread_parkme+0x82/0x160 [ 30.318804] ? preempt_count_sub+0x50/0x80 [ 30.319182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.319661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.320238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.320901] kthread+0x257/0x310 [ 30.321296] ? __pfx_kthread+0x10/0x10 [ 30.321804] ret_from_fork+0x41/0x80 [ 30.322254] ? __pfx_kthread+0x10/0x10 [ 30.322755] ret_from_fork_asm+0x1a/0x30 [ 30.323086] </TASK> [ 30.323276] [ 30.323422] Allocated by task 274: [ 30.323831] kasan_save_stack+0x3d/0x60 [ 30.324269] kasan_save_track+0x18/0x40 [ 30.324839] kasan_save_alloc_info+0x3b/0x50 [ 30.325345] __kasan_kmalloc+0xb7/0xc0 [ 30.325896] __kmalloc_cache_noprof+0x184/0x410 [ 30.326288] kasan_atomics+0x96/0x310 [ 30.326716] kunit_try_run_case+0x1b3/0x490 [ 30.327298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.327876] kthread+0x257/0x310 [ 30.328237] ret_from_fork+0x41/0x80 [ 30.328689] ret_from_fork_asm+0x1a/0x30 [ 30.329034] [ 30.329261] The buggy address belongs to the object at ffff888102a59b80 [ 30.329261] which belongs to the cache kmalloc-64 of size 64 [ 30.329956] The buggy address is located 0 bytes to the right of [ 30.329956] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.330922] [ 30.331261] The buggy address belongs to the physical page: [ 30.331912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.332492] flags: 0x200000000000000(node=0|zone=2) [ 30.332960] page_type: f5(slab) [ 30.333250] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.334129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.334513] page dumped because: kasan: bad access detected [ 30.334797] [ 30.334947] Memory state around the buggy address: [ 30.335349] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.336047] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.336957] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.337605] ^ [ 30.338039] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.338693] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.339047] ================================================================== [ 31.361525] ================================================================== [ 31.363045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 31.363857] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.364541] [ 31.364777] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.365698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.366113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.366857] Call Trace: [ 31.367206] <TASK> [ 31.367526] dump_stack_lvl+0x73/0xb0 [ 31.367904] print_report+0xd1/0x640 [ 31.368353] ? __virt_addr_valid+0x1db/0x2d0 [ 31.368851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.369409] kasan_report+0x102/0x140 [ 31.369755] ? kasan_atomics_helper+0x1650/0x5450 [ 31.370247] ? kasan_atomics_helper+0x1650/0x5450 [ 31.370788] kasan_check_range+0x10c/0x1c0 [ 31.371177] __kasan_check_write+0x18/0x20 [ 31.371682] kasan_atomics_helper+0x1650/0x5450 [ 31.372076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.372589] ? ret_from_fork_asm+0x1a/0x30 [ 31.373046] ? ret_from_fork+0x41/0x80 [ 31.373397] ? kthread+0x257/0x310 [ 31.373835] kasan_atomics+0x1dd/0x310 [ 31.374156] ? __pfx_kasan_atomics+0x10/0x10 [ 31.374650] ? __pfx_read_tsc+0x10/0x10 [ 31.375134] ? ktime_get_ts64+0x86/0x230 [ 31.375618] kunit_try_run_case+0x1b3/0x490 [ 31.375915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.376236] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.376791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.377301] ? __kthread_parkme+0x82/0x160 [ 31.377743] ? preempt_count_sub+0x50/0x80 [ 31.378232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.378749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.379312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.379693] kthread+0x257/0x310 [ 31.380026] ? __pfx_kthread+0x10/0x10 [ 31.380498] ret_from_fork+0x41/0x80 [ 31.380911] ? __pfx_kthread+0x10/0x10 [ 31.381332] ret_from_fork_asm+0x1a/0x30 [ 31.381797] </TASK> [ 31.382084] [ 31.382322] Allocated by task 274: [ 31.382693] kasan_save_stack+0x3d/0x60 [ 31.383070] kasan_save_track+0x18/0x40 [ 31.383498] kasan_save_alloc_info+0x3b/0x50 [ 31.383914] __kasan_kmalloc+0xb7/0xc0 [ 31.384191] __kmalloc_cache_noprof+0x184/0x410 [ 31.384531] kasan_atomics+0x96/0x310 [ 31.384846] kunit_try_run_case+0x1b3/0x490 [ 31.385297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.385905] kthread+0x257/0x310 [ 31.386323] ret_from_fork+0x41/0x80 [ 31.386771] ret_from_fork_asm+0x1a/0x30 [ 31.387270] [ 31.387606] The buggy address belongs to the object at ffff888102a59b80 [ 31.387606] which belongs to the cache kmalloc-64 of size 64 [ 31.388678] The buggy address is located 0 bytes to the right of [ 31.388678] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.389787] [ 31.390089] The buggy address belongs to the physical page: [ 31.390511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.391188] flags: 0x200000000000000(node=0|zone=2) [ 31.391730] page_type: f5(slab) [ 31.391973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.392783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.393555] page dumped because: kasan: bad access detected [ 31.394043] [ 31.394212] Memory state around the buggy address: [ 31.394507] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.395125] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.395830] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.396493] ^ [ 31.396939] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.397418] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.397816] ================================================================== [ 31.321721] ================================================================== [ 31.323167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 31.323717] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.324283] [ 31.324744] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.325231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.325554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.326123] Call Trace: [ 31.326329] <TASK> [ 31.326542] dump_stack_lvl+0x73/0xb0 [ 31.327104] print_report+0xd1/0x640 [ 31.327629] ? __virt_addr_valid+0x1db/0x2d0 [ 31.328170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.328810] kasan_report+0x102/0x140 [ 31.329163] ? kasan_atomics_helper+0x15b7/0x5450 [ 31.329773] ? kasan_atomics_helper+0x15b7/0x5450 [ 31.330378] kasan_check_range+0x10c/0x1c0 [ 31.330916] __kasan_check_write+0x18/0x20 [ 31.331430] kasan_atomics_helper+0x15b7/0x5450 [ 31.331835] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.332326] ? ret_from_fork_asm+0x1a/0x30 [ 31.332918] ? ret_from_fork+0x41/0x80 [ 31.333431] ? kthread+0x257/0x310 [ 31.333986] kasan_atomics+0x1dd/0x310 [ 31.334547] ? __pfx_kasan_atomics+0x10/0x10 [ 31.334993] ? __pfx_read_tsc+0x10/0x10 [ 31.335484] ? ktime_get_ts64+0x86/0x230 [ 31.335958] kunit_try_run_case+0x1b3/0x490 [ 31.336474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.337067] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.337493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.338044] ? __kthread_parkme+0x82/0x160 [ 31.338524] ? preempt_count_sub+0x50/0x80 [ 31.339030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.339547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.340180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.340735] kthread+0x257/0x310 [ 31.341158] ? __pfx_kthread+0x10/0x10 [ 31.341651] ret_from_fork+0x41/0x80 [ 31.342153] ? __pfx_kthread+0x10/0x10 [ 31.342501] ret_from_fork_asm+0x1a/0x30 [ 31.343035] </TASK> [ 31.343327] [ 31.343638] Allocated by task 274: [ 31.343951] kasan_save_stack+0x3d/0x60 [ 31.344413] kasan_save_track+0x18/0x40 [ 31.344869] kasan_save_alloc_info+0x3b/0x50 [ 31.345194] __kasan_kmalloc+0xb7/0xc0 [ 31.345601] __kmalloc_cache_noprof+0x184/0x410 [ 31.346049] kasan_atomics+0x96/0x310 [ 31.346504] kunit_try_run_case+0x1b3/0x490 [ 31.346782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.347393] kthread+0x257/0x310 [ 31.347866] ret_from_fork+0x41/0x80 [ 31.348337] ret_from_fork_asm+0x1a/0x30 [ 31.348795] [ 31.349098] The buggy address belongs to the object at ffff888102a59b80 [ 31.349098] which belongs to the cache kmalloc-64 of size 64 [ 31.349845] The buggy address is located 0 bytes to the right of [ 31.349845] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.350896] [ 31.351072] The buggy address belongs to the physical page: [ 31.351692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.352411] flags: 0x200000000000000(node=0|zone=2) [ 31.352989] page_type: f5(slab) [ 31.353317] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.354083] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.354804] page dumped because: kasan: bad access detected [ 31.355282] [ 31.355524] Memory state around the buggy address: [ 31.356111] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.356762] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.357299] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.357962] ^ [ 31.358519] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.359049] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.359738] ================================================================== [ 31.684713] ================================================================== [ 31.685252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 31.685983] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.686509] [ 31.686712] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.688391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.688697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.690109] Call Trace: [ 31.690323] <TASK> [ 31.690503] dump_stack_lvl+0x73/0xb0 [ 31.691288] print_report+0xd1/0x640 [ 31.692099] ? __virt_addr_valid+0x1db/0x2d0 [ 31.692467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.693160] kasan_report+0x102/0x140 [ 31.693536] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.694238] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.694817] kasan_check_range+0x10c/0x1c0 [ 31.695228] __kasan_check_write+0x18/0x20 [ 31.696110] kasan_atomics_helper+0x1b23/0x5450 [ 31.696671] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.697066] ? ret_from_fork_asm+0x1a/0x30 [ 31.697351] ? ret_from_fork+0x41/0x80 [ 31.697997] ? kthread+0x257/0x310 [ 31.698899] kasan_atomics+0x1dd/0x310 [ 31.699250] ? __pfx_kasan_atomics+0x10/0x10 [ 31.699874] ? __pfx_read_tsc+0x10/0x10 [ 31.700246] ? ktime_get_ts64+0x86/0x230 [ 31.700601] kunit_try_run_case+0x1b3/0x490 [ 31.701366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.702031] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.702902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.703288] ? __kthread_parkme+0x82/0x160 [ 31.703669] ? preempt_count_sub+0x50/0x80 [ 31.704067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.704515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.704982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.706086] kthread+0x257/0x310 [ 31.706643] ? __pfx_kthread+0x10/0x10 [ 31.707155] ret_from_fork+0x41/0x80 [ 31.707935] ? __pfx_kthread+0x10/0x10 [ 31.708272] ret_from_fork_asm+0x1a/0x30 [ 31.708831] </TASK> [ 31.709314] [ 31.709535] Allocated by task 274: [ 31.710037] kasan_save_stack+0x3d/0x60 [ 31.710418] kasan_save_track+0x18/0x40 [ 31.710832] kasan_save_alloc_info+0x3b/0x50 [ 31.711161] __kasan_kmalloc+0xb7/0xc0 [ 31.711604] __kmalloc_cache_noprof+0x184/0x410 [ 31.711995] kasan_atomics+0x96/0x310 [ 31.712393] kunit_try_run_case+0x1b3/0x490 [ 31.712825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.713297] kthread+0x257/0x310 [ 31.713993] ret_from_fork+0x41/0x80 [ 31.714548] ret_from_fork_asm+0x1a/0x30 [ 31.715182] [ 31.715393] The buggy address belongs to the object at ffff888102a59b80 [ 31.715393] which belongs to the cache kmalloc-64 of size 64 [ 31.716854] The buggy address is located 0 bytes to the right of [ 31.716854] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.717647] [ 31.718073] The buggy address belongs to the physical page: [ 31.719042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.719986] flags: 0x200000000000000(node=0|zone=2) [ 31.720393] page_type: f5(slab) [ 31.720807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.721729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.722382] page dumped because: kasan: bad access detected [ 31.723122] [ 31.723682] Memory state around the buggy address: [ 31.724090] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.724900] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.725645] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.726084] ^ [ 31.726498] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.727289] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.727859] ================================================================== [ 32.045328] ================================================================== [ 32.046016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 32.046714] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.047358] [ 32.049279] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.050117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.050502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.052541] Call Trace: [ 32.052842] <TASK> [ 32.053131] dump_stack_lvl+0x73/0xb0 [ 32.053606] print_report+0xd1/0x640 [ 32.054011] ? __virt_addr_valid+0x1db/0x2d0 [ 32.054521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.055108] kasan_report+0x102/0x140 [ 32.055558] ? kasan_atomics_helper+0x2007/0x5450 [ 32.056021] ? kasan_atomics_helper+0x2007/0x5450 [ 32.056548] kasan_check_range+0x10c/0x1c0 [ 32.056984] __kasan_check_write+0x18/0x20 [ 32.057412] kasan_atomics_helper+0x2007/0x5450 [ 32.057901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.058228] ? ret_from_fork_asm+0x1a/0x30 [ 32.058569] ? ret_from_fork+0x41/0x80 [ 32.058843] ? kthread+0x257/0x310 [ 32.059127] kasan_atomics+0x1dd/0x310 [ 32.059586] ? __pfx_kasan_atomics+0x10/0x10 [ 32.060043] ? __pfx_read_tsc+0x10/0x10 [ 32.060519] ? ktime_get_ts64+0x86/0x230 [ 32.060904] kunit_try_run_case+0x1b3/0x490 [ 32.061360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.061862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.062325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.062839] ? __kthread_parkme+0x82/0x160 [ 32.063271] ? preempt_count_sub+0x50/0x80 [ 32.063747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.064230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.064818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.065183] kthread+0x257/0x310 [ 32.065592] ? __pfx_kthread+0x10/0x10 [ 32.065954] ret_from_fork+0x41/0x80 [ 32.066354] ? __pfx_kthread+0x10/0x10 [ 32.066786] ret_from_fork_asm+0x1a/0x30 [ 32.067129] </TASK> [ 32.067321] [ 32.067509] Allocated by task 274: [ 32.067738] kasan_save_stack+0x3d/0x60 [ 32.068010] kasan_save_track+0x18/0x40 [ 32.068430] kasan_save_alloc_info+0x3b/0x50 [ 32.068902] __kasan_kmalloc+0xb7/0xc0 [ 32.069302] __kmalloc_cache_noprof+0x184/0x410 [ 32.069799] kasan_atomics+0x96/0x310 [ 32.070199] kunit_try_run_case+0x1b3/0x490 [ 32.070650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.071153] kthread+0x257/0x310 [ 32.071553] ret_from_fork+0x41/0x80 [ 32.071934] ret_from_fork_asm+0x1a/0x30 [ 32.072311] [ 32.072560] The buggy address belongs to the object at ffff888102a59b80 [ 32.072560] which belongs to the cache kmalloc-64 of size 64 [ 32.073124] The buggy address is located 0 bytes to the right of [ 32.073124] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.074154] [ 32.074373] The buggy address belongs to the physical page: [ 32.074924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.075610] flags: 0x200000000000000(node=0|zone=2) [ 32.076009] page_type: f5(slab) [ 32.076366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.076951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.077428] page dumped because: kasan: bad access detected [ 32.077879] [ 32.078030] Memory state around the buggy address: [ 32.080144] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.080769] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.081257] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.081846] ^ [ 32.083643] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.084171] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.084548] ================================================================== [ 29.872491] ================================================================== [ 29.874170] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 29.874724] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 29.875413] [ 29.875709] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.876749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.877192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.877984] Call Trace: [ 29.878321] <TASK> [ 29.878785] dump_stack_lvl+0x73/0xb0 [ 29.879100] print_report+0xd1/0x640 [ 29.879703] ? __virt_addr_valid+0x1db/0x2d0 [ 29.880179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.880681] kasan_report+0x102/0x140 [ 29.881002] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.881532] ? kasan_atomics_helper+0x4b70/0x5450 [ 29.881948] __asan_report_store4_noabort+0x1b/0x30 [ 29.882401] kasan_atomics_helper+0x4b70/0x5450 [ 29.882865] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.883276] ? ret_from_fork_asm+0x1a/0x30 [ 29.883821] ? ret_from_fork+0x41/0x80 [ 29.884300] ? kthread+0x257/0x310 [ 29.884572] kasan_atomics+0x1dd/0x310 [ 29.885296] ? __pfx_kasan_atomics+0x10/0x10 [ 29.885795] ? __pfx_read_tsc+0x10/0x10 [ 29.886420] ? ktime_get_ts64+0x86/0x230 [ 29.887106] kunit_try_run_case+0x1b3/0x490 [ 29.887605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.887970] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.888347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.888920] ? __kthread_parkme+0x82/0x160 [ 29.889318] ? preempt_count_sub+0x50/0x80 [ 29.889744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.890278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.890948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.891404] kthread+0x257/0x310 [ 29.892068] ? __pfx_kthread+0x10/0x10 [ 29.892565] ret_from_fork+0x41/0x80 [ 29.893128] ? __pfx_kthread+0x10/0x10 [ 29.893665] ret_from_fork_asm+0x1a/0x30 [ 29.894153] </TASK> [ 29.894423] [ 29.894713] Allocated by task 274: [ 29.894952] kasan_save_stack+0x3d/0x60 [ 29.895439] kasan_save_track+0x18/0x40 [ 29.896281] kasan_save_alloc_info+0x3b/0x50 [ 29.896943] __kasan_kmalloc+0xb7/0xc0 [ 29.897433] __kmalloc_cache_noprof+0x184/0x410 [ 29.898174] kasan_atomics+0x96/0x310 [ 29.898499] kunit_try_run_case+0x1b3/0x490 [ 29.899288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.899769] kthread+0x257/0x310 [ 29.900224] ret_from_fork+0x41/0x80 [ 29.900524] ret_from_fork_asm+0x1a/0x30 [ 29.901007] [ 29.901232] The buggy address belongs to the object at ffff888102a59b80 [ 29.901232] which belongs to the cache kmalloc-64 of size 64 [ 29.901997] The buggy address is located 0 bytes to the right of [ 29.901997] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 29.903138] [ 29.903287] The buggy address belongs to the physical page: [ 29.904354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 29.905120] flags: 0x200000000000000(node=0|zone=2) [ 29.905929] page_type: f5(slab) [ 29.906519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.906940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.907594] page dumped because: kasan: bad access detected [ 29.907970] [ 29.908171] Memory state around the buggy address: [ 29.908456] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.909018] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.909548] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.910367] ^ [ 29.910646] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.911357] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.911919] ================================================================== [ 30.928817] ================================================================== [ 30.929526] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 30.930237] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.931354] [ 30.932231] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.933021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.933425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.934924] Call Trace: [ 30.935548] <TASK> [ 30.935770] dump_stack_lvl+0x73/0xb0 [ 30.936134] print_report+0xd1/0x640 [ 30.936423] ? __virt_addr_valid+0x1db/0x2d0 [ 30.936849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.937609] kasan_report+0x102/0x140 [ 30.937908] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.938383] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.938703] __asan_report_load4_noabort+0x18/0x20 [ 30.939244] kasan_atomics_helper+0x4a04/0x5450 [ 30.939764] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.940110] ? ret_from_fork_asm+0x1a/0x30 [ 30.940566] ? ret_from_fork+0x41/0x80 [ 30.940974] ? kthread+0x257/0x310 [ 30.941365] kasan_atomics+0x1dd/0x310 [ 30.941741] ? __pfx_kasan_atomics+0x10/0x10 [ 30.942038] ? __pfx_read_tsc+0x10/0x10 [ 30.942631] ? ktime_get_ts64+0x86/0x230 [ 30.943112] kunit_try_run_case+0x1b3/0x490 [ 30.943638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.944153] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.944705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.945257] ? __kthread_parkme+0x82/0x160 [ 30.945754] ? preempt_count_sub+0x50/0x80 [ 30.946332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.946860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.947528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.948119] kthread+0x257/0x310 [ 30.948537] ? __pfx_kthread+0x10/0x10 [ 30.949036] ret_from_fork+0x41/0x80 [ 30.949524] ? __pfx_kthread+0x10/0x10 [ 30.949945] ret_from_fork_asm+0x1a/0x30 [ 30.950404] </TASK> [ 30.950699] [ 30.950905] Allocated by task 274: [ 30.951237] kasan_save_stack+0x3d/0x60 [ 30.952305] kasan_save_track+0x18/0x40 [ 30.952689] kasan_save_alloc_info+0x3b/0x50 [ 30.953108] __kasan_kmalloc+0xb7/0xc0 [ 30.953573] __kmalloc_cache_noprof+0x184/0x410 [ 30.954027] kasan_atomics+0x96/0x310 [ 30.954534] kunit_try_run_case+0x1b3/0x490 [ 30.955102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.955711] kthread+0x257/0x310 [ 30.955953] ret_from_fork+0x41/0x80 [ 30.956393] ret_from_fork_asm+0x1a/0x30 [ 30.957198] [ 30.957406] The buggy address belongs to the object at ffff888102a59b80 [ 30.957406] which belongs to the cache kmalloc-64 of size 64 [ 30.958861] The buggy address is located 0 bytes to the right of [ 30.958861] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.959931] [ 30.960418] The buggy address belongs to the physical page: [ 30.960949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.962038] flags: 0x200000000000000(node=0|zone=2) [ 30.962410] page_type: f5(slab) [ 30.962874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.963779] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.964144] page dumped because: kasan: bad access detected [ 30.964943] [ 30.965175] Memory state around the buggy address: [ 30.965866] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.966427] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.967147] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.968109] ^ [ 30.968727] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.969412] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.970219] ================================================================== [ 30.888426] ================================================================== [ 30.888905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 30.889935] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.890639] [ 30.890900] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.891875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.892328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.893184] Call Trace: [ 30.893520] <TASK> [ 30.893819] dump_stack_lvl+0x73/0xb0 [ 30.894275] print_report+0xd1/0x640 [ 30.894890] ? __virt_addr_valid+0x1db/0x2d0 [ 30.895403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.895997] kasan_report+0x102/0x140 [ 30.896478] ? kasan_atomics_helper+0x1149/0x5450 [ 30.896993] ? kasan_atomics_helper+0x1149/0x5450 [ 30.897544] kasan_check_range+0x10c/0x1c0 [ 30.898015] __kasan_check_write+0x18/0x20 [ 30.898502] kasan_atomics_helper+0x1149/0x5450 [ 30.899038] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.899668] ? ret_from_fork_asm+0x1a/0x30 [ 30.900154] ? ret_from_fork+0x41/0x80 [ 30.900611] ? kthread+0x257/0x310 [ 30.901096] kasan_atomics+0x1dd/0x310 [ 30.901443] ? __pfx_kasan_atomics+0x10/0x10 [ 30.901765] ? __pfx_read_tsc+0x10/0x10 [ 30.902037] ? ktime_get_ts64+0x86/0x230 [ 30.902340] kunit_try_run_case+0x1b3/0x490 [ 30.902659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.902965] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.903275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.903580] ? __kthread_parkme+0x82/0x160 [ 30.903853] ? preempt_count_sub+0x50/0x80 [ 30.904230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.904833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.905464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.906099] kthread+0x257/0x310 [ 30.906512] ? __pfx_kthread+0x10/0x10 [ 30.906948] ret_from_fork+0x41/0x80 [ 30.907392] ? __pfx_kthread+0x10/0x10 [ 30.907827] ret_from_fork_asm+0x1a/0x30 [ 30.908324] </TASK> [ 30.908718] [ 30.908946] Allocated by task 274: [ 30.909724] kasan_save_stack+0x3d/0x60 [ 30.910487] kasan_save_track+0x18/0x40 [ 30.911316] kasan_save_alloc_info+0x3b/0x50 [ 30.911930] __kasan_kmalloc+0xb7/0xc0 [ 30.912109] __kmalloc_cache_noprof+0x184/0x410 [ 30.912273] kasan_atomics+0x96/0x310 [ 30.912424] kunit_try_run_case+0x1b3/0x490 [ 30.913205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.913763] kthread+0x257/0x310 [ 30.914141] ret_from_fork+0x41/0x80 [ 30.914539] ret_from_fork_asm+0x1a/0x30 [ 30.915132] [ 30.915346] The buggy address belongs to the object at ffff888102a59b80 [ 30.915346] which belongs to the cache kmalloc-64 of size 64 [ 30.916905] The buggy address is located 0 bytes to the right of [ 30.916905] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.918249] [ 30.918415] The buggy address belongs to the physical page: [ 30.919115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.919562] flags: 0x200000000000000(node=0|zone=2) [ 30.920289] page_type: f5(slab) [ 30.920652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.921309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.921817] page dumped because: kasan: bad access detected [ 30.922291] [ 30.922937] Memory state around the buggy address: [ 30.923402] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.924216] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.924632] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.925285] ^ [ 30.925778] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.926377] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.927349] ================================================================== [ 30.737073] ================================================================== [ 30.737505] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 30.738315] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.738967] [ 30.739277] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.739881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.740273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.740906] Call Trace: [ 30.741092] <TASK> [ 30.741251] dump_stack_lvl+0x73/0xb0 [ 30.741811] print_report+0xd1/0x640 [ 30.742334] ? __virt_addr_valid+0x1db/0x2d0 [ 30.742826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.743586] kasan_report+0x102/0x140 [ 30.744025] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.744517] ? kasan_atomics_helper+0xfaa/0x5450 [ 30.745013] kasan_check_range+0x10c/0x1c0 [ 30.745413] __kasan_check_write+0x18/0x20 [ 30.745713] kasan_atomics_helper+0xfaa/0x5450 [ 30.746006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.746640] ? ret_from_fork_asm+0x1a/0x30 [ 30.747048] ? ret_from_fork+0x41/0x80 [ 30.747507] ? kthread+0x257/0x310 [ 30.747952] kasan_atomics+0x1dd/0x310 [ 30.748483] ? __pfx_kasan_atomics+0x10/0x10 [ 30.748991] ? __pfx_read_tsc+0x10/0x10 [ 30.749409] ? ktime_get_ts64+0x86/0x230 [ 30.749878] kunit_try_run_case+0x1b3/0x490 [ 30.750190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.750552] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.751145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.751731] ? __kthread_parkme+0x82/0x160 [ 30.752231] ? preempt_count_sub+0x50/0x80 [ 30.752765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.754246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.754805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.755161] kthread+0x257/0x310 [ 30.755407] ? __pfx_kthread+0x10/0x10 [ 30.755679] ret_from_fork+0x41/0x80 [ 30.756272] ? __pfx_kthread+0x10/0x10 [ 30.756820] ret_from_fork_asm+0x1a/0x30 [ 30.757305] </TASK> [ 30.757736] [ 30.757978] Allocated by task 274: [ 30.758524] kasan_save_stack+0x3d/0x60 [ 30.759031] kasan_save_track+0x18/0x40 [ 30.759585] kasan_save_alloc_info+0x3b/0x50 [ 30.760129] __kasan_kmalloc+0xb7/0xc0 [ 30.760651] __kmalloc_cache_noprof+0x184/0x410 [ 30.761191] kasan_atomics+0x96/0x310 [ 30.761689] kunit_try_run_case+0x1b3/0x490 [ 30.762227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.762861] kthread+0x257/0x310 [ 30.763259] ret_from_fork+0x41/0x80 [ 30.763797] ret_from_fork_asm+0x1a/0x30 [ 30.764274] [ 30.764583] The buggy address belongs to the object at ffff888102a59b80 [ 30.764583] which belongs to the cache kmalloc-64 of size 64 [ 30.765688] The buggy address is located 0 bytes to the right of [ 30.765688] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.766813] [ 30.766910] The buggy address belongs to the physical page: [ 30.767121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.767605] flags: 0x200000000000000(node=0|zone=2) [ 30.768016] page_type: f5(slab) [ 30.768380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.768827] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.769480] page dumped because: kasan: bad access detected [ 30.769999] [ 30.770226] Memory state around the buggy address: [ 30.770617] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.771264] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.771778] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.772423] ^ [ 30.772924] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.773370] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.773787] ================================================================== [ 30.627136] ================================================================== [ 30.627529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 30.628263] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.628834] [ 30.629100] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.629865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.630137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.630896] Call Trace: [ 30.631215] <TASK> [ 30.631557] dump_stack_lvl+0x73/0xb0 [ 30.631981] print_report+0xd1/0x640 [ 30.632405] ? __virt_addr_valid+0x1db/0x2d0 [ 30.632828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.633198] kasan_report+0x102/0x140 [ 30.633676] ? kasan_atomics_helper+0xde1/0x5450 [ 30.634157] ? kasan_atomics_helper+0xde1/0x5450 [ 30.634684] kasan_check_range+0x10c/0x1c0 [ 30.635046] __kasan_check_write+0x18/0x20 [ 30.635344] kasan_atomics_helper+0xde1/0x5450 [ 30.635848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.636375] ? ret_from_fork_asm+0x1a/0x30 [ 30.636858] ? ret_from_fork+0x41/0x80 [ 30.637297] ? kthread+0x257/0x310 [ 30.637615] kasan_atomics+0x1dd/0x310 [ 30.637912] ? __pfx_kasan_atomics+0x10/0x10 [ 30.638393] ? __pfx_read_tsc+0x10/0x10 [ 30.638842] ? ktime_get_ts64+0x86/0x230 [ 30.639310] kunit_try_run_case+0x1b3/0x490 [ 30.639702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.640011] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.640496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.640999] ? __kthread_parkme+0x82/0x160 [ 30.641471] ? preempt_count_sub+0x50/0x80 [ 30.641905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.642422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.642971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.643488] kthread+0x257/0x310 [ 30.643868] ? __pfx_kthread+0x10/0x10 [ 30.644232] ret_from_fork+0x41/0x80 [ 30.644558] ? __pfx_kthread+0x10/0x10 [ 30.644901] ret_from_fork_asm+0x1a/0x30 [ 30.645410] </TASK> [ 30.645716] [ 30.645939] Allocated by task 274: [ 30.646303] kasan_save_stack+0x3d/0x60 [ 30.646777] kasan_save_track+0x18/0x40 [ 30.647120] kasan_save_alloc_info+0x3b/0x50 [ 30.647539] __kasan_kmalloc+0xb7/0xc0 [ 30.647799] __kmalloc_cache_noprof+0x184/0x410 [ 30.648106] kasan_atomics+0x96/0x310 [ 30.648367] kunit_try_run_case+0x1b3/0x490 [ 30.648814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.649354] kthread+0x257/0x310 [ 30.649746] ret_from_fork+0x41/0x80 [ 30.650148] ret_from_fork_asm+0x1a/0x30 [ 30.650618] [ 30.650832] The buggy address belongs to the object at ffff888102a59b80 [ 30.650832] which belongs to the cache kmalloc-64 of size 64 [ 30.651537] The buggy address is located 0 bytes to the right of [ 30.651537] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.652608] [ 30.652803] The buggy address belongs to the physical page: [ 30.653272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.653809] flags: 0x200000000000000(node=0|zone=2) [ 30.654137] page_type: f5(slab) [ 30.654519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.655168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.655844] page dumped because: kasan: bad access detected [ 30.656280] [ 30.656477] Memory state around the buggy address: [ 30.656759] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.657149] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.657806] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.658467] ^ [ 30.658919] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.659545] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.659949] ================================================================== [ 30.141534] ================================================================== [ 30.142477] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 30.143827] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.145712] [ 30.145969] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.146813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.147192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.147802] Call Trace: [ 30.148787] <TASK> [ 30.148992] dump_stack_lvl+0x73/0xb0 [ 30.149251] print_report+0xd1/0x640 [ 30.149960] ? __virt_addr_valid+0x1db/0x2d0 [ 30.150335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.151521] kasan_report+0x102/0x140 [ 30.151835] ? kasan_atomics_helper+0x698/0x5450 [ 30.152241] ? kasan_atomics_helper+0x698/0x5450 [ 30.152986] kasan_check_range+0x10c/0x1c0 [ 30.153347] __kasan_check_write+0x18/0x20 [ 30.154132] kasan_atomics_helper+0x698/0x5450 [ 30.154483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.155173] ? ret_from_fork_asm+0x1a/0x30 [ 30.155696] ? ret_from_fork+0x41/0x80 [ 30.156033] ? kthread+0x257/0x310 [ 30.156387] kasan_atomics+0x1dd/0x310 [ 30.157352] ? __pfx_kasan_atomics+0x10/0x10 [ 30.157735] ? __pfx_read_tsc+0x10/0x10 [ 30.158050] ? ktime_get_ts64+0x86/0x230 [ 30.158704] kunit_try_run_case+0x1b3/0x490 [ 30.159299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.159922] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.160318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.160764] ? __kthread_parkme+0x82/0x160 [ 30.161205] ? preempt_count_sub+0x50/0x80 [ 30.161651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.161947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.162593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.163209] kthread+0x257/0x310 [ 30.163649] ? __pfx_kthread+0x10/0x10 [ 30.164031] ret_from_fork+0x41/0x80 [ 30.164352] ? __pfx_kthread+0x10/0x10 [ 30.164875] ret_from_fork_asm+0x1a/0x30 [ 30.165337] </TASK> [ 30.165711] [ 30.165881] Allocated by task 274: [ 30.166276] kasan_save_stack+0x3d/0x60 [ 30.166809] kasan_save_track+0x18/0x40 [ 30.167197] kasan_save_alloc_info+0x3b/0x50 [ 30.167752] __kasan_kmalloc+0xb7/0xc0 [ 30.168150] __kmalloc_cache_noprof+0x184/0x410 [ 30.168631] kasan_atomics+0x96/0x310 [ 30.169075] kunit_try_run_case+0x1b3/0x490 [ 30.169522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.169856] kthread+0x257/0x310 [ 30.170118] ret_from_fork+0x41/0x80 [ 30.170561] ret_from_fork_asm+0x1a/0x30 [ 30.170969] [ 30.171258] The buggy address belongs to the object at ffff888102a59b80 [ 30.171258] which belongs to the cache kmalloc-64 of size 64 [ 30.172455] The buggy address is located 0 bytes to the right of [ 30.172455] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.173094] [ 30.173425] The buggy address belongs to the physical page: [ 30.174157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.175087] flags: 0x200000000000000(node=0|zone=2) [ 30.175622] page_type: f5(slab) [ 30.175951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.176663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.177323] page dumped because: kasan: bad access detected [ 30.177699] [ 30.177849] Memory state around the buggy address: [ 30.178152] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.179040] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.179740] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.180114] ^ [ 30.180406] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.181095] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.181680] ================================================================== [ 32.313525] ================================================================== [ 32.314231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 32.315019] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.315698] [ 32.315924] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.316824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.317237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.317989] Call Trace: [ 32.318306] <TASK> [ 32.318598] dump_stack_lvl+0x73/0xb0 [ 32.318888] print_report+0xd1/0x640 [ 32.319222] ? __virt_addr_valid+0x1db/0x2d0 [ 32.319782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.320314] kasan_report+0x102/0x140 [ 32.320799] ? kasan_atomics_helper+0x5117/0x5450 [ 32.321135] ? kasan_atomics_helper+0x5117/0x5450 [ 32.321678] __asan_report_load8_noabort+0x18/0x20 [ 32.322200] kasan_atomics_helper+0x5117/0x5450 [ 32.322701] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.323123] ? ret_from_fork_asm+0x1a/0x30 [ 32.323502] ? ret_from_fork+0x41/0x80 [ 32.323901] ? kthread+0x257/0x310 [ 32.324309] kasan_atomics+0x1dd/0x310 [ 32.324828] ? __pfx_kasan_atomics+0x10/0x10 [ 32.325284] ? __pfx_read_tsc+0x10/0x10 [ 32.325760] ? ktime_get_ts64+0x86/0x230 [ 32.326231] kunit_try_run_case+0x1b3/0x490 [ 32.326702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.327016] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.327521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.327902] ? __kthread_parkme+0x82/0x160 [ 32.328367] ? preempt_count_sub+0x50/0x80 [ 32.328856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.329376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.329879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.330234] kthread+0x257/0x310 [ 32.330525] ? __pfx_kthread+0x10/0x10 [ 32.330917] ret_from_fork+0x41/0x80 [ 32.331333] ? __pfx_kthread+0x10/0x10 [ 32.331826] ret_from_fork_asm+0x1a/0x30 [ 32.332330] </TASK> [ 32.332661] [ 32.332874] Allocated by task 274: [ 32.333433] kasan_save_stack+0x3d/0x60 [ 32.334606] kasan_save_track+0x18/0x40 [ 32.335096] kasan_save_alloc_info+0x3b/0x50 [ 32.335553] __kasan_kmalloc+0xb7/0xc0 [ 32.335937] __kmalloc_cache_noprof+0x184/0x410 [ 32.336278] kasan_atomics+0x96/0x310 [ 32.336545] kunit_try_run_case+0x1b3/0x490 [ 32.336822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.337304] kthread+0x257/0x310 [ 32.337743] ret_from_fork+0x41/0x80 [ 32.338144] ret_from_fork_asm+0x1a/0x30 [ 32.338587] [ 32.338801] The buggy address belongs to the object at ffff888102a59b80 [ 32.338801] which belongs to the cache kmalloc-64 of size 64 [ 32.339839] The buggy address is located 0 bytes to the right of [ 32.339839] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.340875] [ 32.341113] The buggy address belongs to the physical page: [ 32.341520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.342123] flags: 0x200000000000000(node=0|zone=2) [ 32.342605] page_type: f5(slab) [ 32.342967] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.343532] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.344123] page dumped because: kasan: bad access detected [ 32.344517] [ 32.344671] Memory state around the buggy address: [ 32.345007] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.345378] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.346094] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.346775] ^ [ 32.347295] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.347968] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.348653] ================================================================== [ 32.123846] ================================================================== [ 32.124382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 32.124852] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.126516] [ 32.126771] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.127515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.127909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.128579] Call Trace: [ 32.128843] <TASK> [ 32.129133] dump_stack_lvl+0x73/0xb0 [ 32.129570] print_report+0xd1/0x640 [ 32.129906] ? __virt_addr_valid+0x1db/0x2d0 [ 32.130247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.130640] kasan_report+0x102/0x140 [ 32.131047] ? kasan_atomics_helper+0x20c9/0x5450 [ 32.131565] ? kasan_atomics_helper+0x20c9/0x5450 [ 32.132048] kasan_check_range+0x10c/0x1c0 [ 32.132529] __kasan_check_write+0x18/0x20 [ 32.132867] kasan_atomics_helper+0x20c9/0x5450 [ 32.133261] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.133680] ? ret_from_fork_asm+0x1a/0x30 [ 32.133971] ? ret_from_fork+0x41/0x80 [ 32.134361] ? kthread+0x257/0x310 [ 32.134830] kasan_atomics+0x1dd/0x310 [ 32.135259] ? __pfx_kasan_atomics+0x10/0x10 [ 32.135607] ? __pfx_read_tsc+0x10/0x10 [ 32.136003] ? ktime_get_ts64+0x86/0x230 [ 32.136364] kunit_try_run_case+0x1b3/0x490 [ 32.136713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.137012] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.137540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.138034] ? __kthread_parkme+0x82/0x160 [ 32.138511] ? preempt_count_sub+0x50/0x80 [ 32.138932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.139414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.139973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.141469] kthread+0x257/0x310 [ 32.141734] ? __pfx_kthread+0x10/0x10 [ 32.141994] ret_from_fork+0x41/0x80 [ 32.142270] ? __pfx_kthread+0x10/0x10 [ 32.142671] ret_from_fork_asm+0x1a/0x30 [ 32.143192] </TASK> [ 32.143393] [ 32.143581] Allocated by task 274: [ 32.143959] kasan_save_stack+0x3d/0x60 [ 32.144426] kasan_save_track+0x18/0x40 [ 32.144877] kasan_save_alloc_info+0x3b/0x50 [ 32.145333] __kasan_kmalloc+0xb7/0xc0 [ 32.145701] __kmalloc_cache_noprof+0x184/0x410 [ 32.146181] kasan_atomics+0x96/0x310 [ 32.146489] kunit_try_run_case+0x1b3/0x490 [ 32.146777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.147244] kthread+0x257/0x310 [ 32.147649] ret_from_fork+0x41/0x80 [ 32.148026] ret_from_fork_asm+0x1a/0x30 [ 32.148520] [ 32.148776] The buggy address belongs to the object at ffff888102a59b80 [ 32.148776] which belongs to the cache kmalloc-64 of size 64 [ 32.149548] The buggy address is located 0 bytes to the right of [ 32.149548] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.150573] [ 32.150795] The buggy address belongs to the physical page: [ 32.151328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.151912] flags: 0x200000000000000(node=0|zone=2) [ 32.152414] page_type: f5(slab) [ 32.152806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.153315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.153986] page dumped because: kasan: bad access detected [ 32.154431] [ 32.154624] Memory state around the buggy address: [ 32.155131] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.155794] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.156289] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.156903] ^ [ 32.157399] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.157848] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.158421] ================================================================== [ 31.477670] ================================================================== [ 31.479676] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 31.480669] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.481190] [ 31.481485] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.482619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.483127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.484025] Call Trace: [ 31.484483] <TASK> [ 31.484742] dump_stack_lvl+0x73/0xb0 [ 31.485130] print_report+0xd1/0x640 [ 31.485541] ? __virt_addr_valid+0x1db/0x2d0 [ 31.485914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.486545] kasan_report+0x102/0x140 [ 31.486992] ? kasan_atomics_helper+0x1819/0x5450 [ 31.487563] ? kasan_atomics_helper+0x1819/0x5450 [ 31.488033] kasan_check_range+0x10c/0x1c0 [ 31.488583] __kasan_check_write+0x18/0x20 [ 31.489045] kasan_atomics_helper+0x1819/0x5450 [ 31.489631] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.490071] ? ret_from_fork_asm+0x1a/0x30 [ 31.490527] ? ret_from_fork+0x41/0x80 [ 31.491021] ? kthread+0x257/0x310 [ 31.491419] kasan_atomics+0x1dd/0x310 [ 31.491924] ? __pfx_kasan_atomics+0x10/0x10 [ 31.492358] ? __pfx_read_tsc+0x10/0x10 [ 31.492714] ? ktime_get_ts64+0x86/0x230 [ 31.493260] kunit_try_run_case+0x1b3/0x490 [ 31.493818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.494303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.494814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.495332] ? __kthread_parkme+0x82/0x160 [ 31.495791] ? preempt_count_sub+0x50/0x80 [ 31.496244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.496672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.497285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.497908] kthread+0x257/0x310 [ 31.498233] ? __pfx_kthread+0x10/0x10 [ 31.498732] ret_from_fork+0x41/0x80 [ 31.499142] ? __pfx_kthread+0x10/0x10 [ 31.499569] ret_from_fork_asm+0x1a/0x30 [ 31.500019] </TASK> [ 31.500336] [ 31.500604] Allocated by task 274: [ 31.501016] kasan_save_stack+0x3d/0x60 [ 31.501493] kasan_save_track+0x18/0x40 [ 31.501952] kasan_save_alloc_info+0x3b/0x50 [ 31.502380] __kasan_kmalloc+0xb7/0xc0 [ 31.502848] __kmalloc_cache_noprof+0x184/0x410 [ 31.503227] kasan_atomics+0x96/0x310 [ 31.503732] kunit_try_run_case+0x1b3/0x490 [ 31.504228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.504761] kthread+0x257/0x310 [ 31.505097] ret_from_fork+0x41/0x80 [ 31.505590] ret_from_fork_asm+0x1a/0x30 [ 31.505920] [ 31.506154] The buggy address belongs to the object at ffff888102a59b80 [ 31.506154] which belongs to the cache kmalloc-64 of size 64 [ 31.507031] The buggy address is located 0 bytes to the right of [ 31.507031] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.508090] [ 31.508370] The buggy address belongs to the physical page: [ 31.508871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.509599] flags: 0x200000000000000(node=0|zone=2) [ 31.510118] page_type: f5(slab) [ 31.510518] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.511002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.511737] page dumped because: kasan: bad access detected [ 31.512197] [ 31.512350] Memory state around the buggy address: [ 31.512896] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.513486] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.514021] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.514685] ^ [ 31.515083] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.515787] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.516307] ================================================================== [ 31.081181] ================================================================== [ 31.082035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 31.082759] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.083269] [ 31.083582] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.084236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.084681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.085300] Call Trace: [ 31.085655] <TASK> [ 31.085907] dump_stack_lvl+0x73/0xb0 [ 31.086340] print_report+0xd1/0x640 [ 31.086800] ? __virt_addr_valid+0x1db/0x2d0 [ 31.087217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.087773] kasan_report+0x102/0x140 [ 31.088216] ? kasan_atomics_helper+0x49d0/0x5450 [ 31.088675] ? kasan_atomics_helper+0x49d0/0x5450 [ 31.089180] __asan_report_load4_noabort+0x18/0x20 [ 31.089595] kasan_atomics_helper+0x49d0/0x5450 [ 31.089901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.090340] ? ret_from_fork_asm+0x1a/0x30 [ 31.090854] ? ret_from_fork+0x41/0x80 [ 31.091270] ? kthread+0x257/0x310 [ 31.091729] kasan_atomics+0x1dd/0x310 [ 31.092165] ? __pfx_kasan_atomics+0x10/0x10 [ 31.092698] ? __pfx_read_tsc+0x10/0x10 [ 31.093084] ? ktime_get_ts64+0x86/0x230 [ 31.093407] kunit_try_run_case+0x1b3/0x490 [ 31.093929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.094320] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.094872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.095213] ? __kthread_parkme+0x82/0x160 [ 31.095706] ? preempt_count_sub+0x50/0x80 [ 31.096161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.096669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.097211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.097729] kthread+0x257/0x310 [ 31.098098] ? __pfx_kthread+0x10/0x10 [ 31.098581] ret_from_fork+0x41/0x80 [ 31.098924] ? __pfx_kthread+0x10/0x10 [ 31.099214] ret_from_fork_asm+0x1a/0x30 [ 31.099570] </TASK> [ 31.099801] [ 31.099960] Allocated by task 274: [ 31.100204] kasan_save_stack+0x3d/0x60 [ 31.100535] kasan_save_track+0x18/0x40 [ 31.100789] kasan_save_alloc_info+0x3b/0x50 [ 31.101221] __kasan_kmalloc+0xb7/0xc0 [ 31.101623] __kmalloc_cache_noprof+0x184/0x410 [ 31.102072] kasan_atomics+0x96/0x310 [ 31.102479] kunit_try_run_case+0x1b3/0x490 [ 31.102903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.103416] kthread+0x257/0x310 [ 31.103810] ret_from_fork+0x41/0x80 [ 31.104195] ret_from_fork_asm+0x1a/0x30 [ 31.104593] [ 31.104746] The buggy address belongs to the object at ffff888102a59b80 [ 31.104746] which belongs to the cache kmalloc-64 of size 64 [ 31.105386] The buggy address is located 0 bytes to the right of [ 31.105386] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.106411] [ 31.106672] The buggy address belongs to the physical page: [ 31.107153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.107739] flags: 0x200000000000000(node=0|zone=2) [ 31.108135] page_type: f5(slab) [ 31.108496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.109760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.110871] page dumped because: kasan: bad access detected [ 31.111327] [ 31.111532] Memory state around the buggy address: [ 31.111881] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.114216] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.115037] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.115594] ^ [ 31.115922] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.116478] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.116934] ================================================================== [ 32.085868] ================================================================== [ 32.086523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 32.087198] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.087849] [ 32.088101] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.088967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.089378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.090138] Call Trace: [ 32.090474] <TASK> [ 32.090759] dump_stack_lvl+0x73/0xb0 [ 32.091200] print_report+0xd1/0x640 [ 32.091647] ? __virt_addr_valid+0x1db/0x2d0 [ 32.092076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.092425] kasan_report+0x102/0x140 [ 32.092734] ? kasan_atomics_helper+0x4f9a/0x5450 [ 32.093121] ? kasan_atomics_helper+0x4f9a/0x5450 [ 32.093640] __asan_report_load8_noabort+0x18/0x20 [ 32.094121] kasan_atomics_helper+0x4f9a/0x5450 [ 32.094615] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.095145] ? ret_from_fork_asm+0x1a/0x30 [ 32.095626] ? ret_from_fork+0x41/0x80 [ 32.095959] ? kthread+0x257/0x310 [ 32.096246] kasan_atomics+0x1dd/0x310 [ 32.096573] ? __pfx_kasan_atomics+0x10/0x10 [ 32.096953] ? __pfx_read_tsc+0x10/0x10 [ 32.097364] ? ktime_get_ts64+0x86/0x230 [ 32.097812] kunit_try_run_case+0x1b3/0x490 [ 32.098263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.098774] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.099263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.099770] ? __kthread_parkme+0x82/0x160 [ 32.100191] ? preempt_count_sub+0x50/0x80 [ 32.100665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.101126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.101517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.102024] kthread+0x257/0x310 [ 32.102398] ? __pfx_kthread+0x10/0x10 [ 32.102838] ret_from_fork+0x41/0x80 [ 32.103243] ? __pfx_kthread+0x10/0x10 [ 32.103576] ret_from_fork_asm+0x1a/0x30 [ 32.104017] </TASK> [ 32.104256] [ 32.104419] Allocated by task 274: [ 32.104829] kasan_save_stack+0x3d/0x60 [ 32.105240] kasan_save_track+0x18/0x40 [ 32.105661] kasan_save_alloc_info+0x3b/0x50 [ 32.106109] __kasan_kmalloc+0xb7/0xc0 [ 32.106420] __kmalloc_cache_noprof+0x184/0x410 [ 32.106756] kasan_atomics+0x96/0x310 [ 32.107142] kunit_try_run_case+0x1b3/0x490 [ 32.107566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.108081] kthread+0x257/0x310 [ 32.108438] ret_from_fork+0x41/0x80 [ 32.108789] ret_from_fork_asm+0x1a/0x30 [ 32.110695] [ 32.111676] The buggy address belongs to the object at ffff888102a59b80 [ 32.111676] which belongs to the cache kmalloc-64 of size 64 [ 32.113573] The buggy address is located 0 bytes to the right of [ 32.113573] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.114500] [ 32.114668] The buggy address belongs to the physical page: [ 32.115493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.116123] flags: 0x200000000000000(node=0|zone=2) [ 32.116431] page_type: f5(slab) [ 32.116823] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.117389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.117926] page dumped because: kasan: bad access detected [ 32.118277] [ 32.118526] Memory state around the buggy address: [ 32.118948] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.119491] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.120003] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.120627] ^ [ 32.120978] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121697] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.122165] ================================================================== [ 31.192087] ================================================================== [ 31.192713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 31.193347] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.193893] [ 31.194153] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.194815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.195069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.195737] Call Trace: [ 31.196038] <TASK> [ 31.196325] dump_stack_lvl+0x73/0xb0 [ 31.196682] print_report+0xd1/0x640 [ 31.196961] ? __virt_addr_valid+0x1db/0x2d0 [ 31.197408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.197968] kasan_report+0x102/0x140 [ 31.198368] ? kasan_atomics_helper+0x1468/0x5450 [ 31.198860] ? kasan_atomics_helper+0x1468/0x5450 [ 31.199320] kasan_check_range+0x10c/0x1c0 [ 31.199659] __kasan_check_write+0x18/0x20 [ 31.199972] kasan_atomics_helper+0x1468/0x5450 [ 31.200498] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.200968] ? ret_from_fork_asm+0x1a/0x30 [ 31.201846] ? ret_from_fork+0x41/0x80 [ 31.202270] ? kthread+0x257/0x310 [ 31.202671] kasan_atomics+0x1dd/0x310 [ 31.203090] ? __pfx_kasan_atomics+0x10/0x10 [ 31.204319] ? __pfx_read_tsc+0x10/0x10 [ 31.204879] ? ktime_get_ts64+0x86/0x230 [ 31.205464] kunit_try_run_case+0x1b3/0x490 [ 31.206033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.206567] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.206915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.207688] ? __kthread_parkme+0x82/0x160 [ 31.208244] ? preempt_count_sub+0x50/0x80 [ 31.208743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.209281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.209660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.210378] kthread+0x257/0x310 [ 31.210875] ? __pfx_kthread+0x10/0x10 [ 31.211393] ret_from_fork+0x41/0x80 [ 31.211901] ? __pfx_kthread+0x10/0x10 [ 31.212363] ret_from_fork_asm+0x1a/0x30 [ 31.212936] </TASK> [ 31.213172] [ 31.213343] Allocated by task 274: [ 31.213780] kasan_save_stack+0x3d/0x60 [ 31.214210] kasan_save_track+0x18/0x40 [ 31.214621] kasan_save_alloc_info+0x3b/0x50 [ 31.215029] __kasan_kmalloc+0xb7/0xc0 [ 31.215476] __kmalloc_cache_noprof+0x184/0x410 [ 31.215900] kasan_atomics+0x96/0x310 [ 31.216349] kunit_try_run_case+0x1b3/0x490 [ 31.216770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.217283] kthread+0x257/0x310 [ 31.217672] ret_from_fork+0x41/0x80 [ 31.217933] ret_from_fork_asm+0x1a/0x30 [ 31.218372] [ 31.218618] The buggy address belongs to the object at ffff888102a59b80 [ 31.218618] which belongs to the cache kmalloc-64 of size 64 [ 31.219642] The buggy address is located 0 bytes to the right of [ 31.219642] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.220552] [ 31.220801] The buggy address belongs to the physical page: [ 31.221233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.221783] flags: 0x200000000000000(node=0|zone=2) [ 31.222301] page_type: f5(slab) [ 31.222689] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.223357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.224018] page dumped because: kasan: bad access detected [ 31.224605] [ 31.224759] Memory state around the buggy address: [ 31.225100] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.225763] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.226233] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.226897] ^ [ 31.227348] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.227867] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.228325] ================================================================== [ 31.229523] ================================================================== [ 31.230509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 31.231091] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.231663] [ 31.231942] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.233511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.233767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.235847] Call Trace: [ 31.236107] <TASK> [ 31.236307] dump_stack_lvl+0x73/0xb0 [ 31.237131] print_report+0xd1/0x640 [ 31.237436] ? __virt_addr_valid+0x1db/0x2d0 [ 31.238190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.238840] kasan_report+0x102/0x140 [ 31.239207] ? kasan_atomics_helper+0x50d6/0x5450 [ 31.239903] ? kasan_atomics_helper+0x50d6/0x5450 [ 31.240508] __asan_report_store8_noabort+0x1b/0x30 [ 31.241049] kasan_atomics_helper+0x50d6/0x5450 [ 31.241398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.241729] ? ret_from_fork_asm+0x1a/0x30 [ 31.242178] ? ret_from_fork+0x41/0x80 [ 31.242694] ? kthread+0x257/0x310 [ 31.243380] kasan_atomics+0x1dd/0x310 [ 31.243896] ? __pfx_kasan_atomics+0x10/0x10 [ 31.244745] ? __pfx_read_tsc+0x10/0x10 [ 31.245203] ? ktime_get_ts64+0x86/0x230 [ 31.245739] kunit_try_run_case+0x1b3/0x490 [ 31.246156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.246953] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.247614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.248112] ? __kthread_parkme+0x82/0x160 [ 31.248822] ? preempt_count_sub+0x50/0x80 [ 31.249268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.249997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.250862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.251290] kthread+0x257/0x310 [ 31.251834] ? __pfx_kthread+0x10/0x10 [ 31.252153] ret_from_fork+0x41/0x80 [ 31.252813] ? __pfx_kthread+0x10/0x10 [ 31.253240] ret_from_fork_asm+0x1a/0x30 [ 31.253880] </TASK> [ 31.254208] [ 31.254688] Allocated by task 274: [ 31.255008] kasan_save_stack+0x3d/0x60 [ 31.255372] kasan_save_track+0x18/0x40 [ 31.256192] kasan_save_alloc_info+0x3b/0x50 [ 31.256913] __kasan_kmalloc+0xb7/0xc0 [ 31.257257] __kmalloc_cache_noprof+0x184/0x410 [ 31.258032] kasan_atomics+0x96/0x310 [ 31.258995] kunit_try_run_case+0x1b3/0x490 [ 31.259383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.260285] kthread+0x257/0x310 [ 31.260839] ret_from_fork+0x41/0x80 [ 31.261241] ret_from_fork_asm+0x1a/0x30 [ 31.262037] [ 31.262215] The buggy address belongs to the object at ffff888102a59b80 [ 31.262215] which belongs to the cache kmalloc-64 of size 64 [ 31.263136] The buggy address is located 0 bytes to the right of [ 31.263136] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.264281] [ 31.265093] The buggy address belongs to the physical page: [ 31.265451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.266411] flags: 0x200000000000000(node=0|zone=2) [ 31.266868] page_type: f5(slab) [ 31.267147] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.268161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.268557] page dumped because: kasan: bad access detected [ 31.269109] [ 31.269260] Memory state around the buggy address: [ 31.269789] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.270268] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.271680] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.272142] ^ [ 31.273000] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.273478] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.274220] ================================================================== [ 31.005348] ================================================================== [ 31.006047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 31.006746] Read of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.007356] [ 31.007629] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.008506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.008802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.009250] Call Trace: [ 31.009487] <TASK> [ 31.009768] dump_stack_lvl+0x73/0xb0 [ 31.010212] print_report+0xd1/0x640 [ 31.010646] ? __virt_addr_valid+0x1db/0x2d0 [ 31.011112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.011677] kasan_report+0x102/0x140 [ 31.012090] ? kasan_atomics_helper+0x49ea/0x5450 [ 31.012604] ? kasan_atomics_helper+0x49ea/0x5450 [ 31.012987] __asan_report_load4_noabort+0x18/0x20 [ 31.013319] kasan_atomics_helper+0x49ea/0x5450 [ 31.013666] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.014157] ? ret_from_fork_asm+0x1a/0x30 [ 31.014619] ? ret_from_fork+0x41/0x80 [ 31.015022] ? kthread+0x257/0x310 [ 31.017075] kasan_atomics+0x1dd/0x310 [ 31.017514] ? __pfx_kasan_atomics+0x10/0x10 [ 31.017945] ? __pfx_read_tsc+0x10/0x10 [ 31.018374] ? ktime_get_ts64+0x86/0x230 [ 31.018787] kunit_try_run_case+0x1b3/0x490 [ 31.021646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.022172] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.022645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.023156] ? __kthread_parkme+0x82/0x160 [ 31.023464] ? preempt_count_sub+0x50/0x80 [ 31.023879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.024324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.024743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.025179] kthread+0x257/0x310 [ 31.025581] ? __pfx_kthread+0x10/0x10 [ 31.025965] ret_from_fork+0x41/0x80 [ 31.026379] ? __pfx_kthread+0x10/0x10 [ 31.026776] ret_from_fork_asm+0x1a/0x30 [ 31.027096] </TASK> [ 31.027375] [ 31.027639] Allocated by task 274: [ 31.027993] kasan_save_stack+0x3d/0x60 [ 31.028496] kasan_save_track+0x18/0x40 [ 31.028877] kasan_save_alloc_info+0x3b/0x50 [ 31.029168] __kasan_kmalloc+0xb7/0xc0 [ 31.029573] __kmalloc_cache_noprof+0x184/0x410 [ 31.030027] kasan_atomics+0x96/0x310 [ 31.030584] kunit_try_run_case+0x1b3/0x490 [ 31.030874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.031210] kthread+0x257/0x310 [ 31.031596] ret_from_fork+0x41/0x80 [ 31.032005] ret_from_fork_asm+0x1a/0x30 [ 31.032475] [ 31.032695] The buggy address belongs to the object at ffff888102a59b80 [ 31.032695] which belongs to the cache kmalloc-64 of size 64 [ 31.033610] The buggy address is located 0 bytes to the right of [ 31.033610] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.034258] [ 31.034522] The buggy address belongs to the physical page: [ 31.035016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.035738] flags: 0x200000000000000(node=0|zone=2) [ 31.036198] page_type: f5(slab) [ 31.036586] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.037136] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.037758] page dumped because: kasan: bad access detected [ 31.038218] [ 31.038372] Memory state around the buggy address: [ 31.038690] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.039313] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.039962] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.040615] ^ [ 31.041076] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.041508] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.041995] ================================================================== [ 30.101010] ================================================================== [ 30.102511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 30.103351] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.104040] [ 30.104326] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.105182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.105651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.106389] Call Trace: [ 30.106725] <TASK> [ 30.106918] dump_stack_lvl+0x73/0xb0 [ 30.107223] print_report+0xd1/0x640 [ 30.107804] ? __virt_addr_valid+0x1db/0x2d0 [ 30.108278] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.108956] kasan_report+0x102/0x140 [ 30.109381] ? kasan_atomics_helper+0x5ff/0x5450 [ 30.109877] ? kasan_atomics_helper+0x5ff/0x5450 [ 30.110398] kasan_check_range+0x10c/0x1c0 [ 30.110878] __kasan_check_write+0x18/0x20 [ 30.111374] kasan_atomics_helper+0x5ff/0x5450 [ 30.112632] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.113138] ? ret_from_fork_asm+0x1a/0x30 [ 30.113587] ? ret_from_fork+0x41/0x80 [ 30.113989] ? kthread+0x257/0x310 [ 30.116927] kasan_atomics+0x1dd/0x310 [ 30.117380] ? __pfx_kasan_atomics+0x10/0x10 [ 30.117822] ? __pfx_read_tsc+0x10/0x10 [ 30.118209] ? ktime_get_ts64+0x86/0x230 [ 30.118715] kunit_try_run_case+0x1b3/0x490 [ 30.119049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.119601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.120034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.120608] ? __kthread_parkme+0x82/0x160 [ 30.120965] ? preempt_count_sub+0x50/0x80 [ 30.121273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.121819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.122390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.122932] kthread+0x257/0x310 [ 30.123204] ? __pfx_kthread+0x10/0x10 [ 30.123688] ret_from_fork+0x41/0x80 [ 30.124103] ? __pfx_kthread+0x10/0x10 [ 30.124551] ret_from_fork_asm+0x1a/0x30 [ 30.124911] </TASK> [ 30.125226] [ 30.125478] Allocated by task 274: [ 30.125713] kasan_save_stack+0x3d/0x60 [ 30.126151] kasan_save_track+0x18/0x40 [ 30.126639] kasan_save_alloc_info+0x3b/0x50 [ 30.127096] __kasan_kmalloc+0xb7/0xc0 [ 30.127492] __kmalloc_cache_noprof+0x184/0x410 [ 30.127834] kasan_atomics+0x96/0x310 [ 30.128117] kunit_try_run_case+0x1b3/0x490 [ 30.128618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.129139] kthread+0x257/0x310 [ 30.129414] ret_from_fork+0x41/0x80 [ 30.129882] ret_from_fork_asm+0x1a/0x30 [ 30.130214] [ 30.130369] The buggy address belongs to the object at ffff888102a59b80 [ 30.130369] which belongs to the cache kmalloc-64 of size 64 [ 30.131175] The buggy address is located 0 bytes to the right of [ 30.131175] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.132227] [ 30.132520] The buggy address belongs to the physical page: [ 30.132864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.133507] flags: 0x200000000000000(node=0|zone=2) [ 30.133808] page_type: f5(slab) [ 30.134156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.134947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.135650] page dumped because: kasan: bad access detected [ 30.136132] [ 30.136284] Memory state around the buggy address: [ 30.136803] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.137411] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.137855] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.138519] ^ [ 30.138908] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.139513] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.139905] ================================================================== [ 32.198934] ================================================================== [ 32.199379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 32.200228] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.200832] [ 32.201141] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.201895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.202353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.202988] Call Trace: [ 32.203306] <TASK> [ 32.203676] dump_stack_lvl+0x73/0xb0 [ 32.204167] print_report+0xd1/0x640 [ 32.204560] ? __virt_addr_valid+0x1db/0x2d0 [ 32.205148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.205685] kasan_report+0x102/0x140 [ 32.206109] ? kasan_atomics_helper+0x218b/0x5450 [ 32.206605] ? kasan_atomics_helper+0x218b/0x5450 [ 32.207088] kasan_check_range+0x10c/0x1c0 [ 32.207489] __kasan_check_write+0x18/0x20 [ 32.207912] kasan_atomics_helper+0x218b/0x5450 [ 32.208502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.208966] ? ret_from_fork_asm+0x1a/0x30 [ 32.209479] ? ret_from_fork+0x41/0x80 [ 32.209896] ? kthread+0x257/0x310 [ 32.210305] kasan_atomics+0x1dd/0x310 [ 32.210746] ? __pfx_kasan_atomics+0x10/0x10 [ 32.211233] ? __pfx_read_tsc+0x10/0x10 [ 32.211558] ? ktime_get_ts64+0x86/0x230 [ 32.212086] kunit_try_run_case+0x1b3/0x490 [ 32.212651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.213183] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.213742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.214167] ? __kthread_parkme+0x82/0x160 [ 32.214486] ? preempt_count_sub+0x50/0x80 [ 32.215013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.215591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.216226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.216771] kthread+0x257/0x310 [ 32.217209] ? __pfx_kthread+0x10/0x10 [ 32.217518] ret_from_fork+0x41/0x80 [ 32.217926] ? __pfx_kthread+0x10/0x10 [ 32.218310] ret_from_fork_asm+0x1a/0x30 [ 32.218824] </TASK> [ 32.219132] [ 32.219345] Allocated by task 274: [ 32.219739] kasan_save_stack+0x3d/0x60 [ 32.220145] kasan_save_track+0x18/0x40 [ 32.220583] kasan_save_alloc_info+0x3b/0x50 [ 32.221014] __kasan_kmalloc+0xb7/0xc0 [ 32.221424] __kmalloc_cache_noprof+0x184/0x410 [ 32.221988] kasan_atomics+0x96/0x310 [ 32.222398] kunit_try_run_case+0x1b3/0x490 [ 32.222931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.223549] kthread+0x257/0x310 [ 32.223968] ret_from_fork+0x41/0x80 [ 32.224464] ret_from_fork_asm+0x1a/0x30 [ 32.224994] [ 32.225226] The buggy address belongs to the object at ffff888102a59b80 [ 32.225226] which belongs to the cache kmalloc-64 of size 64 [ 32.226285] The buggy address is located 0 bytes to the right of [ 32.226285] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.227209] [ 32.227410] The buggy address belongs to the physical page: [ 32.227720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.228137] flags: 0x200000000000000(node=0|zone=2) [ 32.228617] page_type: f5(slab) [ 32.228971] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.229772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.230423] page dumped because: kasan: bad access detected [ 32.230944] [ 32.231234] Memory state around the buggy address: [ 32.231638] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.232276] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.232940] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.234405] ^ [ 32.234992] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.235376] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.236526] ================================================================== [ 30.812672] ================================================================== [ 30.813127] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 30.813532] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.814210] [ 30.814427] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.816036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.816433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.817893] Call Trace: [ 30.818180] <TASK> [ 30.818374] dump_stack_lvl+0x73/0xb0 [ 30.819343] print_report+0xd1/0x640 [ 30.819962] ? __virt_addr_valid+0x1db/0x2d0 [ 30.820343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.820955] kasan_report+0x102/0x140 [ 30.821371] ? kasan_atomics_helper+0x107a/0x5450 [ 30.821912] ? kasan_atomics_helper+0x107a/0x5450 [ 30.822386] kasan_check_range+0x10c/0x1c0 [ 30.822715] __kasan_check_write+0x18/0x20 [ 30.823215] kasan_atomics_helper+0x107a/0x5450 [ 30.823845] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.824192] ? ret_from_fork_asm+0x1a/0x30 [ 30.824898] ? ret_from_fork+0x41/0x80 [ 30.825337] ? kthread+0x257/0x310 [ 30.825701] kasan_atomics+0x1dd/0x310 [ 30.826048] ? __pfx_kasan_atomics+0x10/0x10 [ 30.826404] ? __pfx_read_tsc+0x10/0x10 [ 30.826939] ? ktime_get_ts64+0x86/0x230 [ 30.827321] kunit_try_run_case+0x1b3/0x490 [ 30.827625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.828137] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.828653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.829159] ? __kthread_parkme+0x82/0x160 [ 30.829827] ? preempt_count_sub+0x50/0x80 [ 30.830290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.831340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.831945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.832387] kthread+0x257/0x310 [ 30.832900] ? __pfx_kthread+0x10/0x10 [ 30.833256] ret_from_fork+0x41/0x80 [ 30.834198] ? __pfx_kthread+0x10/0x10 [ 30.834785] ret_from_fork_asm+0x1a/0x30 [ 30.835261] </TASK> [ 30.835457] [ 30.835646] Allocated by task 274: [ 30.835918] kasan_save_stack+0x3d/0x60 [ 30.836232] kasan_save_track+0x18/0x40 [ 30.837164] kasan_save_alloc_info+0x3b/0x50 [ 30.837467] __kasan_kmalloc+0xb7/0xc0 [ 30.838173] __kmalloc_cache_noprof+0x184/0x410 [ 30.838993] kasan_atomics+0x96/0x310 [ 30.839488] kunit_try_run_case+0x1b3/0x490 [ 30.840115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.840759] kthread+0x257/0x310 [ 30.841113] ret_from_fork+0x41/0x80 [ 30.841427] ret_from_fork_asm+0x1a/0x30 [ 30.842106] [ 30.842267] The buggy address belongs to the object at ffff888102a59b80 [ 30.842267] which belongs to the cache kmalloc-64 of size 64 [ 30.843823] The buggy address is located 0 bytes to the right of [ 30.843823] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.844802] [ 30.845331] The buggy address belongs to the physical page: [ 30.845976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.846957] flags: 0x200000000000000(node=0|zone=2) [ 30.847655] page_type: f5(slab) [ 30.848043] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.848793] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.849365] page dumped because: kasan: bad access detected [ 30.849635] [ 30.849829] Memory state around the buggy address: [ 30.850400] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.850886] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.851420] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.851928] ^ [ 30.852291] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.852912] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.853656] ================================================================== [ 31.729043] ================================================================== [ 31.729946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 31.731212] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.732439] [ 31.732913] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.733762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.734118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.735160] Call Trace: [ 31.735397] <TASK> [ 31.735939] dump_stack_lvl+0x73/0xb0 [ 31.736287] print_report+0xd1/0x640 [ 31.737338] ? __virt_addr_valid+0x1db/0x2d0 [ 31.738025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.738440] kasan_report+0x102/0x140 [ 31.739032] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.739432] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.740317] kasan_check_range+0x10c/0x1c0 [ 31.740732] __kasan_check_write+0x18/0x20 [ 31.741150] kasan_atomics_helper+0x1c19/0x5450 [ 31.741797] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.742354] ? ret_from_fork_asm+0x1a/0x30 [ 31.742950] ? ret_from_fork+0x41/0x80 [ 31.743267] ? kthread+0x257/0x310 [ 31.743998] kasan_atomics+0x1dd/0x310 [ 31.744340] ? __pfx_kasan_atomics+0x10/0x10 [ 31.744970] ? __pfx_read_tsc+0x10/0x10 [ 31.745323] ? ktime_get_ts64+0x86/0x230 [ 31.746138] kunit_try_run_case+0x1b3/0x490 [ 31.746434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.747351] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.747788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.748181] ? __kthread_parkme+0x82/0x160 [ 31.748866] ? preempt_count_sub+0x50/0x80 [ 31.749233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.749650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.750531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.751181] kthread+0x257/0x310 [ 31.751663] ? __pfx_kthread+0x10/0x10 [ 31.752163] ret_from_fork+0x41/0x80 [ 31.752497] ? __pfx_kthread+0x10/0x10 [ 31.753133] ret_from_fork_asm+0x1a/0x30 [ 31.753687] </TASK> [ 31.753872] [ 31.754095] Allocated by task 274: [ 31.754434] kasan_save_stack+0x3d/0x60 [ 31.755405] kasan_save_track+0x18/0x40 [ 31.755731] kasan_save_alloc_info+0x3b/0x50 [ 31.756071] __kasan_kmalloc+0xb7/0xc0 [ 31.756415] __kmalloc_cache_noprof+0x184/0x410 [ 31.757185] kasan_atomics+0x96/0x310 [ 31.757567] kunit_try_run_case+0x1b3/0x490 [ 31.758430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.758881] kthread+0x257/0x310 [ 31.759249] ret_from_fork+0x41/0x80 [ 31.759593] ret_from_fork_asm+0x1a/0x30 [ 31.759957] [ 31.760592] The buggy address belongs to the object at ffff888102a59b80 [ 31.760592] which belongs to the cache kmalloc-64 of size 64 [ 31.761216] The buggy address is located 0 bytes to the right of [ 31.761216] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.762593] [ 31.762817] The buggy address belongs to the physical page: [ 31.763323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.764359] flags: 0x200000000000000(node=0|zone=2) [ 31.764911] page_type: f5(slab) [ 31.765497] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.766255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.767100] page dumped because: kasan: bad access detected [ 31.767717] [ 31.767901] Memory state around the buggy address: [ 31.768688] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.769339] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.770385] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.771202] ^ [ 31.771583] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.772196] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.773209] ================================================================== [ 32.238604] ================================================================== [ 32.239157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 32.239628] Read of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 32.239910] [ 32.240014] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 32.240633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.241157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.242047] Call Trace: [ 32.242468] <TASK> [ 32.242769] dump_stack_lvl+0x73/0xb0 [ 32.243304] print_report+0xd1/0x640 [ 32.243849] ? __virt_addr_valid+0x1db/0x2d0 [ 32.244305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.244997] kasan_report+0x102/0x140 [ 32.245516] ? kasan_atomics_helper+0x4fa7/0x5450 [ 32.246086] ? kasan_atomics_helper+0x4fa7/0x5450 [ 32.246639] __asan_report_load8_noabort+0x18/0x20 [ 32.247182] kasan_atomics_helper+0x4fa7/0x5450 [ 32.247718] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.248505] ? ret_from_fork_asm+0x1a/0x30 [ 32.248826] ? ret_from_fork+0x41/0x80 [ 32.249200] ? kthread+0x257/0x310 [ 32.249862] kasan_atomics+0x1dd/0x310 [ 32.250178] ? __pfx_kasan_atomics+0x10/0x10 [ 32.250480] ? __pfx_read_tsc+0x10/0x10 [ 32.250914] ? ktime_get_ts64+0x86/0x230 [ 32.251350] kunit_try_run_case+0x1b3/0x490 [ 32.252035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.252363] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.252680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.253208] ? __kthread_parkme+0x82/0x160 [ 32.253696] ? preempt_count_sub+0x50/0x80 [ 32.254009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.254528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.255076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.255410] kthread+0x257/0x310 [ 32.255807] ? __pfx_kthread+0x10/0x10 [ 32.256286] ret_from_fork+0x41/0x80 [ 32.256776] ? __pfx_kthread+0x10/0x10 [ 32.257226] ret_from_fork_asm+0x1a/0x30 [ 32.257667] </TASK> [ 32.257938] [ 32.258190] Allocated by task 274: [ 32.258527] kasan_save_stack+0x3d/0x60 [ 32.258840] kasan_save_track+0x18/0x40 [ 32.259233] kasan_save_alloc_info+0x3b/0x50 [ 32.259604] __kasan_kmalloc+0xb7/0xc0 [ 32.260027] __kmalloc_cache_noprof+0x184/0x410 [ 32.260565] kasan_atomics+0x96/0x310 [ 32.261186] kunit_try_run_case+0x1b3/0x490 [ 32.261683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.262150] kthread+0x257/0x310 [ 32.262393] ret_from_fork+0x41/0x80 [ 32.262784] ret_from_fork_asm+0x1a/0x30 [ 32.263266] [ 32.263500] The buggy address belongs to the object at ffff888102a59b80 [ 32.263500] which belongs to the cache kmalloc-64 of size 64 [ 32.264481] The buggy address is located 0 bytes to the right of [ 32.264481] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 32.265285] [ 32.265530] The buggy address belongs to the physical page: [ 32.266095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 32.266957] flags: 0x200000000000000(node=0|zone=2) [ 32.267362] page_type: f5(slab) [ 32.267694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.268482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.268958] page dumped because: kasan: bad access detected [ 32.269337] [ 32.269567] Memory state around the buggy address: [ 32.270010] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.270937] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.271583] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.272198] ^ [ 32.273261] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.274069] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.274659] ================================================================== [ 30.512854] ================================================================== [ 30.513845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 30.514471] Write of size 4 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 30.515001] [ 30.515271] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 30.516210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.516627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.517343] Call Trace: [ 30.517740] <TASK> [ 30.518100] dump_stack_lvl+0x73/0xb0 [ 30.518559] print_report+0xd1/0x640 [ 30.518961] ? __virt_addr_valid+0x1db/0x2d0 [ 30.519478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.519999] kasan_report+0x102/0x140 [ 30.520486] ? kasan_atomics_helper+0xc71/0x5450 [ 30.520976] ? kasan_atomics_helper+0xc71/0x5450 [ 30.521413] kasan_check_range+0x10c/0x1c0 [ 30.521939] __kasan_check_write+0x18/0x20 [ 30.522390] kasan_atomics_helper+0xc71/0x5450 [ 30.522883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.523524] ? ret_from_fork_asm+0x1a/0x30 [ 30.523950] ? ret_from_fork+0x41/0x80 [ 30.524396] ? kthread+0x257/0x310 [ 30.524932] kasan_atomics+0x1dd/0x310 [ 30.525546] ? __pfx_kasan_atomics+0x10/0x10 [ 30.525927] ? __pfx_read_tsc+0x10/0x10 [ 30.526378] ? ktime_get_ts64+0x86/0x230 [ 30.526910] kunit_try_run_case+0x1b3/0x490 [ 30.527371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.527927] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.528407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.528955] ? __kthread_parkme+0x82/0x160 [ 30.529394] ? preempt_count_sub+0x50/0x80 [ 30.529911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.530424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.531037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.531665] kthread+0x257/0x310 [ 30.532016] ? __pfx_kthread+0x10/0x10 [ 30.532533] ret_from_fork+0x41/0x80 [ 30.532878] ? __pfx_kthread+0x10/0x10 [ 30.533276] ret_from_fork_asm+0x1a/0x30 [ 30.533757] </TASK> [ 30.533968] [ 30.534134] Allocated by task 274: [ 30.534359] kasan_save_stack+0x3d/0x60 [ 30.534726] kasan_save_track+0x18/0x40 [ 30.535179] kasan_save_alloc_info+0x3b/0x50 [ 30.535660] __kasan_kmalloc+0xb7/0xc0 [ 30.536068] __kmalloc_cache_noprof+0x184/0x410 [ 30.536590] kasan_atomics+0x96/0x310 [ 30.537021] kunit_try_run_case+0x1b3/0x490 [ 30.537528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.538032] kthread+0x257/0x310 [ 30.538471] ret_from_fork+0x41/0x80 [ 30.538868] ret_from_fork_asm+0x1a/0x30 [ 30.539316] [ 30.539598] The buggy address belongs to the object at ffff888102a59b80 [ 30.539598] which belongs to the cache kmalloc-64 of size 64 [ 30.540343] The buggy address is located 0 bytes to the right of [ 30.540343] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 30.541184] [ 30.541429] The buggy address belongs to the physical page: [ 30.541983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 30.542621] flags: 0x200000000000000(node=0|zone=2) [ 30.543112] page_type: f5(slab) [ 30.543380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.543808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.544198] page dumped because: kasan: bad access detected [ 30.544552] [ 30.544850] Memory state around the buggy address: [ 30.545312] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.545969] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.546631] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.547275] ^ [ 30.547654] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.548234] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.548759] ================================================================== [ 31.441956] ================================================================== [ 31.442853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 31.443646] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.444149] [ 31.444448] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.445104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.445584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.446361] Call Trace: [ 31.446721] <TASK> [ 31.446933] dump_stack_lvl+0x73/0xb0 [ 31.447925] print_report+0xd1/0x640 [ 31.448312] ? __virt_addr_valid+0x1db/0x2d0 [ 31.448636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.449221] kasan_report+0x102/0x140 [ 31.449595] ? kasan_atomics_helper+0x1780/0x5450 [ 31.450111] ? kasan_atomics_helper+0x1780/0x5450 [ 31.450521] kasan_check_range+0x10c/0x1c0 [ 31.450973] __kasan_check_write+0x18/0x20 [ 31.451485] kasan_atomics_helper+0x1780/0x5450 [ 31.451832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.452383] ? ret_from_fork_asm+0x1a/0x30 [ 31.452745] ? ret_from_fork+0x41/0x80 [ 31.453224] ? kthread+0x257/0x310 [ 31.453630] kasan_atomics+0x1dd/0x310 [ 31.453913] ? __pfx_kasan_atomics+0x10/0x10 [ 31.454401] ? __pfx_read_tsc+0x10/0x10 [ 31.454925] ? ktime_get_ts64+0x86/0x230 [ 31.455402] kunit_try_run_case+0x1b3/0x490 [ 31.455798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.456298] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.456685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.457025] ? __kthread_parkme+0x82/0x160 [ 31.457537] ? preempt_count_sub+0x50/0x80 [ 31.457966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.458359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.458878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.459457] kthread+0x257/0x310 [ 31.459830] ? __pfx_kthread+0x10/0x10 [ 31.460301] ret_from_fork+0x41/0x80 [ 31.460689] ? __pfx_kthread+0x10/0x10 [ 31.461117] ret_from_fork_asm+0x1a/0x30 [ 31.461422] </TASK> [ 31.461741] [ 31.461996] Allocated by task 274: [ 31.462397] kasan_save_stack+0x3d/0x60 [ 31.462850] kasan_save_track+0x18/0x40 [ 31.463289] kasan_save_alloc_info+0x3b/0x50 [ 31.463666] __kasan_kmalloc+0xb7/0xc0 [ 31.464108] __kmalloc_cache_noprof+0x184/0x410 [ 31.464549] kasan_atomics+0x96/0x310 [ 31.465034] kunit_try_run_case+0x1b3/0x490 [ 31.465497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.465833] kthread+0x257/0x310 [ 31.466089] ret_from_fork+0x41/0x80 [ 31.466537] ret_from_fork_asm+0x1a/0x30 [ 31.466933] [ 31.467195] The buggy address belongs to the object at ffff888102a59b80 [ 31.467195] which belongs to the cache kmalloc-64 of size 64 [ 31.468049] The buggy address is located 0 bytes to the right of [ 31.468049] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.469077] [ 31.469314] The buggy address belongs to the physical page: [ 31.469796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.470412] flags: 0x200000000000000(node=0|zone=2) [ 31.470866] page_type: f5(slab) [ 31.471256] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.471821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.472411] page dumped because: kasan: bad access detected [ 31.472834] [ 31.473068] Memory state around the buggy address: [ 31.473476] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.474120] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.474745] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.475122] ^ [ 31.475406] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.475902] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.476555] ================================================================== [ 31.399880] ================================================================== [ 31.401218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 31.401896] Write of size 8 at addr ffff888102a59bb0 by task kunit_try_catch/274 [ 31.403484] [ 31.403788] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 31.404837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.405295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.406046] Call Trace: [ 31.406359] <TASK> [ 31.406702] dump_stack_lvl+0x73/0xb0 [ 31.407194] print_report+0xd1/0x640 [ 31.407636] ? __virt_addr_valid+0x1db/0x2d0 [ 31.408137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.408716] kasan_report+0x102/0x140 [ 31.409197] ? kasan_atomics_helper+0x16e8/0x5450 [ 31.409720] ? kasan_atomics_helper+0x16e8/0x5450 [ 31.410158] kasan_check_range+0x10c/0x1c0 [ 31.410693] __kasan_check_write+0x18/0x20 [ 31.411202] kasan_atomics_helper+0x16e8/0x5450 [ 31.411774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.412243] ? ret_from_fork_asm+0x1a/0x30 [ 31.412828] ? ret_from_fork+0x41/0x80 [ 31.413121] ? kthread+0x257/0x310 [ 31.413382] kasan_atomics+0x1dd/0x310 [ 31.413999] ? __pfx_kasan_atomics+0x10/0x10 [ 31.414554] ? __pfx_read_tsc+0x10/0x10 [ 31.415074] ? ktime_get_ts64+0x86/0x230 [ 31.415593] kunit_try_run_case+0x1b3/0x490 [ 31.416182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.417517] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.417917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.418253] ? __kthread_parkme+0x82/0x160 [ 31.418636] ? preempt_count_sub+0x50/0x80 [ 31.419034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.419775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.420472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.420946] kthread+0x257/0x310 [ 31.421178] ? __pfx_kthread+0x10/0x10 [ 31.421575] ret_from_fork+0x41/0x80 [ 31.422122] ? __pfx_kthread+0x10/0x10 [ 31.422665] ret_from_fork_asm+0x1a/0x30 [ 31.423229] </TASK> [ 31.423624] [ 31.423952] Allocated by task 274: [ 31.424469] kasan_save_stack+0x3d/0x60 [ 31.425029] kasan_save_track+0x18/0x40 [ 31.425552] kasan_save_alloc_info+0x3b/0x50 [ 31.426001] __kasan_kmalloc+0xb7/0xc0 [ 31.426304] __kmalloc_cache_noprof+0x184/0x410 [ 31.426852] kasan_atomics+0x96/0x310 [ 31.427174] kunit_try_run_case+0x1b3/0x490 [ 31.427686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.428250] kthread+0x257/0x310 [ 31.428653] ret_from_fork+0x41/0x80 [ 31.429181] ret_from_fork_asm+0x1a/0x30 [ 31.429643] [ 31.429926] The buggy address belongs to the object at ffff888102a59b80 [ 31.429926] which belongs to the cache kmalloc-64 of size 64 [ 31.430805] The buggy address is located 0 bytes to the right of [ 31.430805] allocated 48-byte region [ffff888102a59b80, ffff888102a59bb0) [ 31.431726] [ 31.431951] The buggy address belongs to the physical page: [ 31.432616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 31.433266] flags: 0x200000000000000(node=0|zone=2) [ 31.433791] page_type: f5(slab) [ 31.434141] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.434905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.435483] page dumped because: kasan: bad access detected [ 31.435955] [ 31.436238] Memory state around the buggy address: [ 31.436629] ffff888102a59a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.437374] ffff888102a59b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.437923] >ffff888102a59b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.438620] ^ [ 31.439001] ffff888102a59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.439697] ffff888102a59c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.440211] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 29.487299] ================================================================== [ 29.487888] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.488673] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.489208] [ 29.489428] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.490256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.490739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.491385] Call Trace: [ 29.491731] <TASK> [ 29.492017] dump_stack_lvl+0x73/0xb0 [ 29.492634] print_report+0xd1/0x640 [ 29.492866] ? __virt_addr_valid+0x1db/0x2d0 [ 29.493172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.493690] kasan_report+0x102/0x140 [ 29.494105] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.494524] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.495011] kasan_check_range+0x10c/0x1c0 [ 29.495577] __kasan_check_write+0x18/0x20 [ 29.495855] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 29.496221] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.496980] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.497596] ? trace_hardirqs_on+0x37/0xe0 [ 29.498028] ? kasan_bitops_generic+0x93/0x1c0 [ 29.498645] kasan_bitops_generic+0x122/0x1c0 [ 29.499578] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.500887] ? __pfx_read_tsc+0x10/0x10 [ 29.501306] ? ktime_get_ts64+0x86/0x230 [ 29.502666] kunit_try_run_case+0x1b3/0x490 [ 29.502940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.503558] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.504146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.504741] ? __kthread_parkme+0x82/0x160 [ 29.505128] ? preempt_count_sub+0x50/0x80 [ 29.505458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.506035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.506925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.507541] kthread+0x257/0x310 [ 29.507879] ? __pfx_kthread+0x10/0x10 [ 29.508199] ret_from_fork+0x41/0x80 [ 29.508640] ? __pfx_kthread+0x10/0x10 [ 29.509096] ret_from_fork_asm+0x1a/0x30 [ 29.509912] </TASK> [ 29.510155] [ 29.510304] Allocated by task 270: [ 29.510866] kasan_save_stack+0x3d/0x60 [ 29.511432] kasan_save_track+0x18/0x40 [ 29.511696] kasan_save_alloc_info+0x3b/0x50 [ 29.512244] __kasan_kmalloc+0xb7/0xc0 [ 29.512861] __kmalloc_cache_noprof+0x184/0x410 [ 29.513367] kasan_bitops_generic+0x93/0x1c0 [ 29.514016] kunit_try_run_case+0x1b3/0x490 [ 29.514594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.515077] kthread+0x257/0x310 [ 29.515431] ret_from_fork+0x41/0x80 [ 29.515897] ret_from_fork_asm+0x1a/0x30 [ 29.516361] [ 29.516668] The buggy address belongs to the object at ffff888101adffe0 [ 29.516668] which belongs to the cache kmalloc-16 of size 16 [ 29.517599] The buggy address is located 8 bytes inside of [ 29.517599] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.518920] [ 29.519093] The buggy address belongs to the physical page: [ 29.519551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.520332] flags: 0x200000000000000(node=0|zone=2) [ 29.521119] page_type: f5(slab) [ 29.521353] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.522099] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.522682] page dumped because: kasan: bad access detected [ 29.523273] [ 29.523542] Memory state around the buggy address: [ 29.524158] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.524887] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.525492] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.526240] ^ [ 29.526769] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.527484] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.527962] ================================================================== [ 29.529338] ================================================================== [ 29.530767] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.531466] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.531993] [ 29.532243] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.532896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.533306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.534219] Call Trace: [ 29.534504] <TASK> [ 29.534727] dump_stack_lvl+0x73/0xb0 [ 29.535169] print_report+0xd1/0x640 [ 29.535492] ? __virt_addr_valid+0x1db/0x2d0 [ 29.535854] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.536311] kasan_report+0x102/0x140 [ 29.536761] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.537296] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.537864] kasan_check_range+0x10c/0x1c0 [ 29.538171] __kasan_check_write+0x18/0x20 [ 29.538633] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 29.539208] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.539835] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.540248] ? trace_hardirqs_on+0x37/0xe0 [ 29.540588] ? kasan_bitops_generic+0x93/0x1c0 [ 29.541034] kasan_bitops_generic+0x122/0x1c0 [ 29.541527] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.542012] ? __pfx_read_tsc+0x10/0x10 [ 29.542370] ? ktime_get_ts64+0x86/0x230 [ 29.542799] kunit_try_run_case+0x1b3/0x490 [ 29.543126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.543539] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.544001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.544540] ? __kthread_parkme+0x82/0x160 [ 29.544893] ? preempt_count_sub+0x50/0x80 [ 29.545251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.545645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.545986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.546569] kthread+0x257/0x310 [ 29.546947] ? __pfx_kthread+0x10/0x10 [ 29.547365] ret_from_fork+0x41/0x80 [ 29.547766] ? __pfx_kthread+0x10/0x10 [ 29.548126] ret_from_fork_asm+0x1a/0x30 [ 29.548602] </TASK> [ 29.548794] [ 29.548928] Allocated by task 270: [ 29.549284] kasan_save_stack+0x3d/0x60 [ 29.549726] kasan_save_track+0x18/0x40 [ 29.550123] kasan_save_alloc_info+0x3b/0x50 [ 29.550409] __kasan_kmalloc+0xb7/0xc0 [ 29.550836] __kmalloc_cache_noprof+0x184/0x410 [ 29.551168] kasan_bitops_generic+0x93/0x1c0 [ 29.551626] kunit_try_run_case+0x1b3/0x490 [ 29.551994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.552390] kthread+0x257/0x310 [ 29.552791] ret_from_fork+0x41/0x80 [ 29.553175] ret_from_fork_asm+0x1a/0x30 [ 29.555307] [ 29.558428] The buggy address belongs to the object at ffff888101adffe0 [ 29.558428] which belongs to the cache kmalloc-16 of size 16 [ 29.559254] The buggy address is located 8 bytes inside of [ 29.559254] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.560250] [ 29.560947] The buggy address belongs to the physical page: [ 29.561389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.562021] flags: 0x200000000000000(node=0|zone=2) [ 29.562540] page_type: f5(slab) [ 29.562949] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.563518] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.564033] page dumped because: kasan: bad access detected [ 29.564658] [ 29.564859] Memory state around the buggy address: [ 29.565172] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.566092] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.566672] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.567194] ^ [ 29.567841] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.568523] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.568968] ================================================================== [ 29.365594] ================================================================== [ 29.366528] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.367456] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.368049] [ 29.368242] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.369408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.370021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.371129] Call Trace: [ 29.371500] <TASK> [ 29.371836] dump_stack_lvl+0x73/0xb0 [ 29.372338] print_report+0xd1/0x640 [ 29.372802] ? __virt_addr_valid+0x1db/0x2d0 [ 29.373164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.374130] kasan_report+0x102/0x140 [ 29.374614] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.375171] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.375620] kasan_check_range+0x10c/0x1c0 [ 29.376170] __kasan_check_write+0x18/0x20 [ 29.376662] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 29.377366] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.377948] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.378216] ? trace_hardirqs_on+0x37/0xe0 [ 29.378726] ? kasan_bitops_generic+0x93/0x1c0 [ 29.379072] kasan_bitops_generic+0x122/0x1c0 [ 29.379544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.379965] ? __pfx_read_tsc+0x10/0x10 [ 29.380421] ? ktime_get_ts64+0x86/0x230 [ 29.380723] kunit_try_run_case+0x1b3/0x490 [ 29.381244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.381673] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.382189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.382658] ? __kthread_parkme+0x82/0x160 [ 29.383049] ? preempt_count_sub+0x50/0x80 [ 29.383373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.383872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.384491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.384973] kthread+0x257/0x310 [ 29.385313] ? __pfx_kthread+0x10/0x10 [ 29.385592] ret_from_fork+0x41/0x80 [ 29.386101] ? __pfx_kthread+0x10/0x10 [ 29.386509] ret_from_fork_asm+0x1a/0x30 [ 29.386962] </TASK> [ 29.387169] [ 29.387356] Allocated by task 270: [ 29.387776] kasan_save_stack+0x3d/0x60 [ 29.388197] kasan_save_track+0x18/0x40 [ 29.388697] kasan_save_alloc_info+0x3b/0x50 [ 29.388996] __kasan_kmalloc+0xb7/0xc0 [ 29.389423] __kmalloc_cache_noprof+0x184/0x410 [ 29.389836] kasan_bitops_generic+0x93/0x1c0 [ 29.390297] kunit_try_run_case+0x1b3/0x490 [ 29.390631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.390945] kthread+0x257/0x310 [ 29.391298] ret_from_fork+0x41/0x80 [ 29.391849] ret_from_fork_asm+0x1a/0x30 [ 29.392277] [ 29.392508] The buggy address belongs to the object at ffff888101adffe0 [ 29.392508] which belongs to the cache kmalloc-16 of size 16 [ 29.393148] The buggy address is located 8 bytes inside of [ 29.393148] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.394386] [ 29.394598] The buggy address belongs to the physical page: [ 29.395199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.395601] flags: 0x200000000000000(node=0|zone=2) [ 29.395895] page_type: f5(slab) [ 29.396227] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.396881] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.397531] page dumped because: kasan: bad access detected [ 29.398332] [ 29.398567] Memory state around the buggy address: [ 29.398829] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.399489] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.399934] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.400482] ^ [ 29.401077] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.401441] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.401790] ================================================================== [ 29.607870] ================================================================== [ 29.608571] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.610370] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.611102] [ 29.611346] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.612164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.612417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.612885] Call Trace: [ 29.613097] <TASK> [ 29.613411] dump_stack_lvl+0x73/0xb0 [ 29.613967] print_report+0xd1/0x640 [ 29.614425] ? __virt_addr_valid+0x1db/0x2d0 [ 29.614873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.615466] kasan_report+0x102/0x140 [ 29.615871] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.616530] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.617133] kasan_check_range+0x10c/0x1c0 [ 29.617632] __kasan_check_write+0x18/0x20 [ 29.618092] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 29.618731] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.619225] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.619577] ? trace_hardirqs_on+0x37/0xe0 [ 29.619940] ? kasan_bitops_generic+0x93/0x1c0 [ 29.620479] kasan_bitops_generic+0x122/0x1c0 [ 29.620994] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.621846] ? __pfx_read_tsc+0x10/0x10 [ 29.622299] ? ktime_get_ts64+0x86/0x230 [ 29.622770] kunit_try_run_case+0x1b3/0x490 [ 29.623515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.623895] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.624385] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.625543] ? __kthread_parkme+0x82/0x160 [ 29.625980] ? preempt_count_sub+0x50/0x80 [ 29.626297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.626832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.627934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.628246] kthread+0x257/0x310 [ 29.628892] ? __pfx_kthread+0x10/0x10 [ 29.629365] ret_from_fork+0x41/0x80 [ 29.629832] ? __pfx_kthread+0x10/0x10 [ 29.630249] ret_from_fork_asm+0x1a/0x30 [ 29.630794] </TASK> [ 29.631082] [ 29.631282] Allocated by task 270: [ 29.631733] kasan_save_stack+0x3d/0x60 [ 29.632035] kasan_save_track+0x18/0x40 [ 29.632525] kasan_save_alloc_info+0x3b/0x50 [ 29.632985] __kasan_kmalloc+0xb7/0xc0 [ 29.633389] __kmalloc_cache_noprof+0x184/0x410 [ 29.633945] kasan_bitops_generic+0x93/0x1c0 [ 29.634380] kunit_try_run_case+0x1b3/0x490 [ 29.634751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.635265] kthread+0x257/0x310 [ 29.635684] ret_from_fork+0x41/0x80 [ 29.636086] ret_from_fork_asm+0x1a/0x30 [ 29.636594] [ 29.636793] The buggy address belongs to the object at ffff888101adffe0 [ 29.636793] which belongs to the cache kmalloc-16 of size 16 [ 29.637806] The buggy address is located 8 bytes inside of [ 29.637806] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.638735] [ 29.638986] The buggy address belongs to the physical page: [ 29.639488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.640138] flags: 0x200000000000000(node=0|zone=2) [ 29.640707] page_type: f5(slab) [ 29.641135] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.641643] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.642412] page dumped because: kasan: bad access detected [ 29.642945] [ 29.643257] Memory state around the buggy address: [ 29.643805] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.644700] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.645380] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.645934] ^ [ 29.646743] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.647424] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.647963] ================================================================== [ 29.446156] ================================================================== [ 29.446802] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.447776] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.448521] [ 29.448877] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.449589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.449980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.451011] Call Trace: [ 29.451272] <TASK> [ 29.451598] dump_stack_lvl+0x73/0xb0 [ 29.452037] print_report+0xd1/0x640 [ 29.452663] ? __virt_addr_valid+0x1db/0x2d0 [ 29.453192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.453828] kasan_report+0x102/0x140 [ 29.454110] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.454710] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.455584] kasan_check_range+0x10c/0x1c0 [ 29.456028] __kasan_check_write+0x18/0x20 [ 29.456593] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 29.457209] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.457816] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.458481] ? trace_hardirqs_on+0x37/0xe0 [ 29.458998] ? kasan_bitops_generic+0x93/0x1c0 [ 29.459360] kasan_bitops_generic+0x122/0x1c0 [ 29.460018] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.460626] ? __pfx_read_tsc+0x10/0x10 [ 29.461139] ? ktime_get_ts64+0x86/0x230 [ 29.461571] kunit_try_run_case+0x1b3/0x490 [ 29.462126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.462654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.463243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.463723] ? __kthread_parkme+0x82/0x160 [ 29.464196] ? preempt_count_sub+0x50/0x80 [ 29.464674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.465146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.465741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.466283] kthread+0x257/0x310 [ 29.466856] ? __pfx_kthread+0x10/0x10 [ 29.467185] ret_from_fork+0x41/0x80 [ 29.467702] ? __pfx_kthread+0x10/0x10 [ 29.468203] ret_from_fork_asm+0x1a/0x30 [ 29.468800] </TASK> [ 29.469092] [ 29.469389] Allocated by task 270: [ 29.469740] kasan_save_stack+0x3d/0x60 [ 29.470269] kasan_save_track+0x18/0x40 [ 29.470773] kasan_save_alloc_info+0x3b/0x50 [ 29.471213] __kasan_kmalloc+0xb7/0xc0 [ 29.471608] __kmalloc_cache_noprof+0x184/0x410 [ 29.472195] kasan_bitops_generic+0x93/0x1c0 [ 29.472617] kunit_try_run_case+0x1b3/0x490 [ 29.472893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.473393] kthread+0x257/0x310 [ 29.474003] ret_from_fork+0x41/0x80 [ 29.474390] ret_from_fork_asm+0x1a/0x30 [ 29.474979] [ 29.475362] The buggy address belongs to the object at ffff888101adffe0 [ 29.475362] which belongs to the cache kmalloc-16 of size 16 [ 29.476030] The buggy address is located 8 bytes inside of [ 29.476030] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.477211] [ 29.477364] The buggy address belongs to the physical page: [ 29.477954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.478774] flags: 0x200000000000000(node=0|zone=2) [ 29.479252] page_type: f5(slab) [ 29.479639] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.480391] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.481176] page dumped because: kasan: bad access detected [ 29.481693] [ 29.481975] Memory state around the buggy address: [ 29.482433] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.483140] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.483571] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.484175] ^ [ 29.484767] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.485374] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.485921] ================================================================== [ 29.690931] ================================================================== [ 29.691569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.692251] Read of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.692913] [ 29.693225] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.693860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.694330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.695025] Call Trace: [ 29.695339] <TASK> [ 29.695704] dump_stack_lvl+0x73/0xb0 [ 29.696148] print_report+0xd1/0x640 [ 29.696585] ? __virt_addr_valid+0x1db/0x2d0 [ 29.697127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.697679] kasan_report+0x102/0x140 [ 29.698138] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.698693] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.699333] __asan_report_load8_noabort+0x18/0x20 [ 29.699916] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 29.700424] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.701102] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.701551] ? trace_hardirqs_on+0x37/0xe0 [ 29.702066] ? kasan_bitops_generic+0x93/0x1c0 [ 29.702504] kasan_bitops_generic+0x122/0x1c0 [ 29.703026] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.703527] ? __pfx_read_tsc+0x10/0x10 [ 29.704000] ? ktime_get_ts64+0x86/0x230 [ 29.704466] kunit_try_run_case+0x1b3/0x490 [ 29.704900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.705318] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.705806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.706219] ? __kthread_parkme+0x82/0x160 [ 29.706644] ? preempt_count_sub+0x50/0x80 [ 29.706983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.707630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.708072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.708698] kthread+0x257/0x310 [ 29.709026] ? __pfx_kthread+0x10/0x10 [ 29.709494] ret_from_fork+0x41/0x80 [ 29.709846] ? __pfx_kthread+0x10/0x10 [ 29.710132] ret_from_fork_asm+0x1a/0x30 [ 29.710429] </TASK> [ 29.710775] [ 29.711416] Allocated by task 270: [ 29.712258] kasan_save_stack+0x3d/0x60 [ 29.712700] kasan_save_track+0x18/0x40 [ 29.712937] kasan_save_alloc_info+0x3b/0x50 [ 29.714007] __kasan_kmalloc+0xb7/0xc0 [ 29.714415] __kmalloc_cache_noprof+0x184/0x410 [ 29.714787] kasan_bitops_generic+0x93/0x1c0 [ 29.715234] kunit_try_run_case+0x1b3/0x490 [ 29.715752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.716309] kthread+0x257/0x310 [ 29.717110] ret_from_fork+0x41/0x80 [ 29.717614] ret_from_fork_asm+0x1a/0x30 [ 29.717880] [ 29.718145] The buggy address belongs to the object at ffff888101adffe0 [ 29.718145] which belongs to the cache kmalloc-16 of size 16 [ 29.719027] The buggy address is located 8 bytes inside of [ 29.719027] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.719996] [ 29.720526] The buggy address belongs to the physical page: [ 29.721411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.721800] flags: 0x200000000000000(node=0|zone=2) [ 29.722199] page_type: f5(slab) [ 29.723026] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.723991] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.724478] page dumped because: kasan: bad access detected [ 29.725046] [ 29.725318] Memory state around the buggy address: [ 29.726043] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.727105] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.727631] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.728156] ^ [ 29.729135] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.729800] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.730347] ================================================================== [ 29.570654] ================================================================== [ 29.571327] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.572030] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.572595] [ 29.572863] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.573684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.574105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.574741] Call Trace: [ 29.574993] <TASK> [ 29.575311] dump_stack_lvl+0x73/0xb0 [ 29.575751] print_report+0xd1/0x640 [ 29.576208] ? __virt_addr_valid+0x1db/0x2d0 [ 29.576662] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.577088] kasan_report+0x102/0x140 [ 29.577527] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.578112] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.578737] kasan_check_range+0x10c/0x1c0 [ 29.579190] __kasan_check_write+0x18/0x20 [ 29.579536] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 29.580152] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.580632] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.581134] ? trace_hardirqs_on+0x37/0xe0 [ 29.581625] ? kasan_bitops_generic+0x93/0x1c0 [ 29.581976] kasan_bitops_generic+0x122/0x1c0 [ 29.582498] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.582913] ? __pfx_read_tsc+0x10/0x10 [ 29.583323] ? ktime_get_ts64+0x86/0x230 [ 29.583805] kunit_try_run_case+0x1b3/0x490 [ 29.584173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.584644] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.585121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.585717] ? __kthread_parkme+0x82/0x160 [ 29.586087] ? preempt_count_sub+0x50/0x80 [ 29.586586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.586903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.587286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.587888] kthread+0x257/0x310 [ 29.588308] ? __pfx_kthread+0x10/0x10 [ 29.588789] ret_from_fork+0x41/0x80 [ 29.589224] ? __pfx_kthread+0x10/0x10 [ 29.589680] ret_from_fork_asm+0x1a/0x30 [ 29.590074] </TASK> [ 29.590346] [ 29.590629] Allocated by task 270: [ 29.590874] kasan_save_stack+0x3d/0x60 [ 29.591154] kasan_save_track+0x18/0x40 [ 29.591406] kasan_save_alloc_info+0x3b/0x50 [ 29.591701] __kasan_kmalloc+0xb7/0xc0 [ 29.591947] __kmalloc_cache_noprof+0x184/0x410 [ 29.592426] kasan_bitops_generic+0x93/0x1c0 [ 29.592853] kunit_try_run_case+0x1b3/0x490 [ 29.593376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.593922] kthread+0x257/0x310 [ 29.594277] ret_from_fork+0x41/0x80 [ 29.594761] ret_from_fork_asm+0x1a/0x30 [ 29.595214] [ 29.595423] The buggy address belongs to the object at ffff888101adffe0 [ 29.595423] which belongs to the cache kmalloc-16 of size 16 [ 29.596471] The buggy address is located 8 bytes inside of [ 29.596471] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.597320] [ 29.597518] The buggy address belongs to the physical page: [ 29.597817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.598392] flags: 0x200000000000000(node=0|zone=2) [ 29.598981] page_type: f5(slab) [ 29.599384] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.600092] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.600793] page dumped because: kasan: bad access detected [ 29.601325] [ 29.601560] Memory state around the buggy address: [ 29.601892] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.602376] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.602887] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.603542] ^ [ 29.604131] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.604728] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.605345] ================================================================== [ 29.402816] ================================================================== [ 29.403518] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.404366] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.405244] [ 29.405530] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.406690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.407424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.409330] Call Trace: [ 29.409750] <TASK> [ 29.411280] dump_stack_lvl+0x73/0xb0 [ 29.412001] print_report+0xd1/0x640 [ 29.412372] ? __virt_addr_valid+0x1db/0x2d0 [ 29.412939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.413417] kasan_report+0x102/0x140 [ 29.413820] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.414336] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.415039] kasan_check_range+0x10c/0x1c0 [ 29.415558] __kasan_check_write+0x18/0x20 [ 29.416072] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 29.416453] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.417290] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.417640] ? trace_hardirqs_on+0x37/0xe0 [ 29.418345] ? kasan_bitops_generic+0x93/0x1c0 [ 29.418929] kasan_bitops_generic+0x122/0x1c0 [ 29.419643] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.420146] ? __pfx_read_tsc+0x10/0x10 [ 29.420386] ? ktime_get_ts64+0x86/0x230 [ 29.421078] kunit_try_run_case+0x1b3/0x490 [ 29.421628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.422086] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.422594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.423128] ? __kthread_parkme+0x82/0x160 [ 29.423567] ? preempt_count_sub+0x50/0x80 [ 29.424018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.424520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.425099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.425615] kthread+0x257/0x310 [ 29.425988] ? __pfx_kthread+0x10/0x10 [ 29.426410] ret_from_fork+0x41/0x80 [ 29.426953] ? __pfx_kthread+0x10/0x10 [ 29.427352] ret_from_fork_asm+0x1a/0x30 [ 29.427884] </TASK> [ 29.428227] [ 29.428375] Allocated by task 270: [ 29.428836] kasan_save_stack+0x3d/0x60 [ 29.429306] kasan_save_track+0x18/0x40 [ 29.429688] kasan_save_alloc_info+0x3b/0x50 [ 29.430160] __kasan_kmalloc+0xb7/0xc0 [ 29.430609] __kmalloc_cache_noprof+0x184/0x410 [ 29.431081] kasan_bitops_generic+0x93/0x1c0 [ 29.431544] kunit_try_run_case+0x1b3/0x490 [ 29.431946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.432563] kthread+0x257/0x310 [ 29.432885] ret_from_fork+0x41/0x80 [ 29.433331] ret_from_fork_asm+0x1a/0x30 [ 29.433794] [ 29.434027] The buggy address belongs to the object at ffff888101adffe0 [ 29.434027] which belongs to the cache kmalloc-16 of size 16 [ 29.434600] The buggy address is located 8 bytes inside of [ 29.434600] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.435671] [ 29.435890] The buggy address belongs to the physical page: [ 29.436363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.436888] flags: 0x200000000000000(node=0|zone=2) [ 29.437515] page_type: f5(slab) [ 29.437873] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.438567] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.439375] page dumped because: kasan: bad access detected [ 29.439979] [ 29.440348] Memory state around the buggy address: [ 29.440846] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.441485] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.442093] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.442856] ^ [ 29.443600] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.443965] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.444707] ================================================================== [ 29.649390] ================================================================== [ 29.650169] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.651035] Read of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.651543] [ 29.651871] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.652714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.653129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.653901] Call Trace: [ 29.654192] <TASK> [ 29.654765] dump_stack_lvl+0x73/0xb0 [ 29.655243] print_report+0xd1/0x640 [ 29.655760] ? __virt_addr_valid+0x1db/0x2d0 [ 29.656194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.656855] kasan_report+0x102/0x140 [ 29.657246] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.657919] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.658421] kasan_check_range+0x10c/0x1c0 [ 29.658973] __kasan_check_read+0x15/0x20 [ 29.659410] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 29.660065] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.660718] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.661100] ? trace_hardirqs_on+0x37/0xe0 [ 29.661631] ? kasan_bitops_generic+0x93/0x1c0 [ 29.662115] kasan_bitops_generic+0x122/0x1c0 [ 29.662620] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.663079] ? __pfx_read_tsc+0x10/0x10 [ 29.663557] ? ktime_get_ts64+0x86/0x230 [ 29.664037] kunit_try_run_case+0x1b3/0x490 [ 29.664619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.665064] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.665509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.666141] ? __kthread_parkme+0x82/0x160 [ 29.666630] ? preempt_count_sub+0x50/0x80 [ 29.667000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.667643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.668263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.668811] kthread+0x257/0x310 [ 29.669285] ? __pfx_kthread+0x10/0x10 [ 29.669784] ret_from_fork+0x41/0x80 [ 29.670261] ? __pfx_kthread+0x10/0x10 [ 29.670688] ret_from_fork_asm+0x1a/0x30 [ 29.670990] </TASK> [ 29.671281] [ 29.671502] Allocated by task 270: [ 29.671849] kasan_save_stack+0x3d/0x60 [ 29.672267] kasan_save_track+0x18/0x40 [ 29.672655] kasan_save_alloc_info+0x3b/0x50 [ 29.673049] __kasan_kmalloc+0xb7/0xc0 [ 29.673729] __kmalloc_cache_noprof+0x184/0x410 [ 29.674024] kasan_bitops_generic+0x93/0x1c0 [ 29.674311] kunit_try_run_case+0x1b3/0x490 [ 29.674575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.675109] kthread+0x257/0x310 [ 29.675468] ret_from_fork+0x41/0x80 [ 29.675854] ret_from_fork_asm+0x1a/0x30 [ 29.676275] [ 29.676497] The buggy address belongs to the object at ffff888101adffe0 [ 29.676497] which belongs to the cache kmalloc-16 of size 16 [ 29.678304] The buggy address is located 8 bytes inside of [ 29.678304] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.679792] [ 29.680175] The buggy address belongs to the physical page: [ 29.680505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.681190] flags: 0x200000000000000(node=0|zone=2) [ 29.681820] page_type: f5(slab) [ 29.682265] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.682884] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.683312] page dumped because: kasan: bad access detected [ 29.684117] [ 29.684264] Memory state around the buggy address: [ 29.684754] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.685321] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.685914] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.686574] ^ [ 29.687209] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.687702] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.688314] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 29.246598] ================================================================== [ 29.247795] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.248509] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.248876] [ 29.249067] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.249783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.250206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.252115] Call Trace: [ 29.252423] <TASK> [ 29.253899] dump_stack_lvl+0x73/0xb0 [ 29.254201] print_report+0xd1/0x640 [ 29.254463] ? __virt_addr_valid+0x1db/0x2d0 [ 29.254838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.255381] kasan_report+0x102/0x140 [ 29.256666] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.257309] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.257929] kasan_check_range+0x10c/0x1c0 [ 29.258358] __kasan_check_write+0x18/0x20 [ 29.258738] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 29.259303] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.259708] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.260196] ? trace_hardirqs_on+0x37/0xe0 [ 29.260664] ? kasan_bitops_generic+0x93/0x1c0 [ 29.260981] kasan_bitops_generic+0x117/0x1c0 [ 29.261455] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.261922] ? __pfx_read_tsc+0x10/0x10 [ 29.262258] ? ktime_get_ts64+0x86/0x230 [ 29.262696] kunit_try_run_case+0x1b3/0x490 [ 29.262991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.263486] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.263897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.264313] ? __kthread_parkme+0x82/0x160 [ 29.264693] ? preempt_count_sub+0x50/0x80 [ 29.265113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.265523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.265978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.266370] kthread+0x257/0x310 [ 29.266618] ? __pfx_kthread+0x10/0x10 [ 29.266881] ret_from_fork+0x41/0x80 [ 29.267286] ? __pfx_kthread+0x10/0x10 [ 29.267773] ret_from_fork_asm+0x1a/0x30 [ 29.268215] </TASK> [ 29.268510] [ 29.268717] Allocated by task 270: [ 29.269076] kasan_save_stack+0x3d/0x60 [ 29.269479] kasan_save_track+0x18/0x40 [ 29.269912] kasan_save_alloc_info+0x3b/0x50 [ 29.270217] __kasan_kmalloc+0xb7/0xc0 [ 29.270506] __kmalloc_cache_noprof+0x184/0x410 [ 29.270927] kasan_bitops_generic+0x93/0x1c0 [ 29.271353] kunit_try_run_case+0x1b3/0x490 [ 29.271869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.272218] kthread+0x257/0x310 [ 29.272458] ret_from_fork+0x41/0x80 [ 29.272865] ret_from_fork_asm+0x1a/0x30 [ 29.273268] [ 29.273499] The buggy address belongs to the object at ffff888101adffe0 [ 29.273499] which belongs to the cache kmalloc-16 of size 16 [ 29.274205] The buggy address is located 8 bytes inside of [ 29.274205] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.275358] [ 29.275603] The buggy address belongs to the physical page: [ 29.275934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.276592] flags: 0x200000000000000(node=0|zone=2) [ 29.277048] page_type: f5(slab) [ 29.277321] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.277702] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.278306] page dumped because: kasan: bad access detected [ 29.278903] [ 29.279232] Memory state around the buggy address: [ 29.279796] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.280288] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.281183] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.281535] ^ [ 29.282001] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.282610] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.283363] ================================================================== [ 29.319273] ================================================================== [ 29.320047] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.320905] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.321541] [ 29.321777] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.322631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.323012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.323881] Call Trace: [ 29.324110] <TASK> [ 29.324379] dump_stack_lvl+0x73/0xb0 [ 29.324769] print_report+0xd1/0x640 [ 29.325040] ? __virt_addr_valid+0x1db/0x2d0 [ 29.325505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.326149] kasan_report+0x102/0x140 [ 29.326513] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.326900] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.327264] kasan_check_range+0x10c/0x1c0 [ 29.327583] __kasan_check_write+0x18/0x20 [ 29.328003] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 29.328608] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.329146] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.329586] ? trace_hardirqs_on+0x37/0xe0 [ 29.329929] ? kasan_bitops_generic+0x93/0x1c0 [ 29.330253] kasan_bitops_generic+0x117/0x1c0 [ 29.330818] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.331156] ? __pfx_read_tsc+0x10/0x10 [ 29.331422] ? ktime_get_ts64+0x86/0x230 [ 29.331688] kunit_try_run_case+0x1b3/0x490 [ 29.331969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.332438] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.332994] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.333484] ? __kthread_parkme+0x82/0x160 [ 29.333997] ? preempt_count_sub+0x50/0x80 [ 29.334440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.334855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.335414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.335923] kthread+0x257/0x310 [ 29.336279] ? __pfx_kthread+0x10/0x10 [ 29.336672] ret_from_fork+0x41/0x80 [ 29.337047] ? __pfx_kthread+0x10/0x10 [ 29.337439] ret_from_fork_asm+0x1a/0x30 [ 29.338537] </TASK> [ 29.338728] [ 29.338879] Allocated by task 270: [ 29.339122] kasan_save_stack+0x3d/0x60 [ 29.339519] kasan_save_track+0x18/0x40 [ 29.339911] kasan_save_alloc_info+0x3b/0x50 [ 29.340349] __kasan_kmalloc+0xb7/0xc0 [ 29.340841] __kmalloc_cache_noprof+0x184/0x410 [ 29.341158] kasan_bitops_generic+0x93/0x1c0 [ 29.341436] kunit_try_run_case+0x1b3/0x490 [ 29.341960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.342470] kthread+0x257/0x310 [ 29.342823] ret_from_fork+0x41/0x80 [ 29.343163] ret_from_fork_asm+0x1a/0x30 [ 29.343615] [ 29.343770] The buggy address belongs to the object at ffff888101adffe0 [ 29.343770] which belongs to the cache kmalloc-16 of size 16 [ 29.346133] The buggy address is located 8 bytes inside of [ 29.346133] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.349147] [ 29.349391] The buggy address belongs to the physical page: [ 29.349881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.350294] flags: 0x200000000000000(node=0|zone=2) [ 29.350591] page_type: f5(slab) [ 29.350816] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.353405] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.354086] page dumped because: kasan: bad access detected [ 29.355947] [ 29.356191] Memory state around the buggy address: [ 29.356748] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.357387] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.359306] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.360091] ^ [ 29.360778] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.362006] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.362387] ================================================================== [ 29.164280] ================================================================== [ 29.164892] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.165876] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.166461] [ 29.166954] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.167850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.168289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.169628] Call Trace: [ 29.169854] <TASK> [ 29.170244] dump_stack_lvl+0x73/0xb0 [ 29.170916] print_report+0xd1/0x640 [ 29.171300] ? __virt_addr_valid+0x1db/0x2d0 [ 29.171763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.172432] kasan_report+0x102/0x140 [ 29.172815] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.173401] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.173807] kasan_check_range+0x10c/0x1c0 [ 29.174296] __kasan_check_write+0x18/0x20 [ 29.174686] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 29.175285] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.178695] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.179071] ? trace_hardirqs_on+0x37/0xe0 [ 29.179477] ? kasan_bitops_generic+0x93/0x1c0 [ 29.179996] kasan_bitops_generic+0x117/0x1c0 [ 29.180500] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.180904] ? __pfx_read_tsc+0x10/0x10 [ 29.181345] ? ktime_get_ts64+0x86/0x230 [ 29.181742] kunit_try_run_case+0x1b3/0x490 [ 29.182339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.182688] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.183372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.183831] ? __kthread_parkme+0x82/0x160 [ 29.184272] ? preempt_count_sub+0x50/0x80 [ 29.184782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.186134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.186532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.187087] kthread+0x257/0x310 [ 29.187353] ? __pfx_kthread+0x10/0x10 [ 29.187848] ret_from_fork+0x41/0x80 [ 29.188440] ? __pfx_kthread+0x10/0x10 [ 29.189392] ret_from_fork_asm+0x1a/0x30 [ 29.189977] </TASK> [ 29.190264] [ 29.190498] Allocated by task 270: [ 29.190818] kasan_save_stack+0x3d/0x60 [ 29.191128] kasan_save_track+0x18/0x40 [ 29.191578] kasan_save_alloc_info+0x3b/0x50 [ 29.191955] __kasan_kmalloc+0xb7/0xc0 [ 29.192368] __kmalloc_cache_noprof+0x184/0x410 [ 29.192665] kasan_bitops_generic+0x93/0x1c0 [ 29.193166] kunit_try_run_case+0x1b3/0x490 [ 29.193783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.194219] kthread+0x257/0x310 [ 29.194658] ret_from_fork+0x41/0x80 [ 29.194950] ret_from_fork_asm+0x1a/0x30 [ 29.195403] [ 29.195569] The buggy address belongs to the object at ffff888101adffe0 [ 29.195569] which belongs to the cache kmalloc-16 of size 16 [ 29.196519] The buggy address is located 8 bytes inside of [ 29.196519] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.197348] [ 29.197659] The buggy address belongs to the physical page: [ 29.198084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.198653] flags: 0x200000000000000(node=0|zone=2) [ 29.199090] page_type: f5(slab) [ 29.199472] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.200130] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.200753] page dumped because: kasan: bad access detected [ 29.201043] [ 29.201268] Memory state around the buggy address: [ 29.201839] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.202724] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.203143] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.203880] ^ [ 29.204489] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.204885] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.205501] ================================================================== [ 29.119015] ================================================================== [ 29.120418] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 29.121160] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.122000] [ 29.122317] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.123126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.123449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.124215] Call Trace: [ 29.124432] <TASK> [ 29.124688] dump_stack_lvl+0x73/0xb0 [ 29.125250] print_report+0xd1/0x640 [ 29.125735] ? __virt_addr_valid+0x1db/0x2d0 [ 29.126413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.126794] kasan_report+0x102/0x140 [ 29.127269] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 29.127893] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 29.128532] kasan_check_range+0x10c/0x1c0 [ 29.128819] __kasan_check_write+0x18/0x20 [ 29.129301] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 29.129930] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.130490] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.130975] ? trace_hardirqs_on+0x37/0xe0 [ 29.133175] ? kasan_bitops_generic+0x93/0x1c0 [ 29.133735] kasan_bitops_generic+0x117/0x1c0 [ 29.134517] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.135105] ? __pfx_read_tsc+0x10/0x10 [ 29.135383] ? ktime_get_ts64+0x86/0x230 [ 29.135862] kunit_try_run_case+0x1b3/0x490 [ 29.136341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.136841] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.137207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.137755] ? __kthread_parkme+0x82/0x160 [ 29.138217] ? preempt_count_sub+0x50/0x80 [ 29.138681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.139985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.140642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.140956] kthread+0x257/0x310 [ 29.142213] ? __pfx_kthread+0x10/0x10 [ 29.143141] ret_from_fork+0x41/0x80 [ 29.143415] ? __pfx_kthread+0x10/0x10 [ 29.143846] ret_from_fork_asm+0x1a/0x30 [ 29.144260] </TASK> [ 29.144458] [ 29.144662] Allocated by task 270: [ 29.145003] kasan_save_stack+0x3d/0x60 [ 29.145670] kasan_save_track+0x18/0x40 [ 29.146116] kasan_save_alloc_info+0x3b/0x50 [ 29.146945] __kasan_kmalloc+0xb7/0xc0 [ 29.147387] __kmalloc_cache_noprof+0x184/0x410 [ 29.148218] kasan_bitops_generic+0x93/0x1c0 [ 29.148743] kunit_try_run_case+0x1b3/0x490 [ 29.149148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.150194] kthread+0x257/0x310 [ 29.150871] ret_from_fork+0x41/0x80 [ 29.151184] ret_from_fork_asm+0x1a/0x30 [ 29.151606] [ 29.151853] The buggy address belongs to the object at ffff888101adffe0 [ 29.151853] which belongs to the cache kmalloc-16 of size 16 [ 29.152680] The buggy address is located 8 bytes inside of [ 29.152680] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.153418] [ 29.154560] The buggy address belongs to the physical page: [ 29.154857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.155552] flags: 0x200000000000000(node=0|zone=2) [ 29.155891] page_type: f5(slab) [ 29.156293] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.156817] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.157313] page dumped because: kasan: bad access detected [ 29.157855] [ 29.158149] Memory state around the buggy address: [ 29.158657] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.159116] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.159873] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.160344] ^ [ 29.160721] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.161378] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.161985] ================================================================== [ 29.284419] ================================================================== [ 29.285112] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.286188] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.286623] [ 29.286801] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.287582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.288155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.289228] Call Trace: [ 29.289441] <TASK> [ 29.289634] dump_stack_lvl+0x73/0xb0 [ 29.289915] print_report+0xd1/0x640 [ 29.290292] ? __virt_addr_valid+0x1db/0x2d0 [ 29.290810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.291340] kasan_report+0x102/0x140 [ 29.291871] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.292420] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.292967] kasan_check_range+0x10c/0x1c0 [ 29.293285] __kasan_check_write+0x18/0x20 [ 29.293559] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 29.293880] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.294484] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.294951] ? trace_hardirqs_on+0x37/0xe0 [ 29.295379] ? kasan_bitops_generic+0x93/0x1c0 [ 29.295852] kasan_bitops_generic+0x117/0x1c0 [ 29.296302] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.296976] ? __pfx_read_tsc+0x10/0x10 [ 29.297284] ? ktime_get_ts64+0x86/0x230 [ 29.297564] kunit_try_run_case+0x1b3/0x490 [ 29.297843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.298151] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.298453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.298761] ? __kthread_parkme+0x82/0x160 [ 29.299032] ? preempt_count_sub+0x50/0x80 [ 29.299479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.299942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.300520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.301024] kthread+0x257/0x310 [ 29.301419] ? __pfx_kthread+0x10/0x10 [ 29.301833] ret_from_fork+0x41/0x80 [ 29.302223] ? __pfx_kthread+0x10/0x10 [ 29.302665] ret_from_fork_asm+0x1a/0x30 [ 29.303113] </TASK> [ 29.303384] [ 29.303635] Allocated by task 270: [ 29.303865] kasan_save_stack+0x3d/0x60 [ 29.304191] kasan_save_track+0x18/0x40 [ 29.304604] kasan_save_alloc_info+0x3b/0x50 [ 29.305012] __kasan_kmalloc+0xb7/0xc0 [ 29.305378] __kmalloc_cache_noprof+0x184/0x410 [ 29.305737] kasan_bitops_generic+0x93/0x1c0 [ 29.306014] kunit_try_run_case+0x1b3/0x490 [ 29.306294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.306714] kthread+0x257/0x310 [ 29.307230] ret_from_fork+0x41/0x80 [ 29.307644] ret_from_fork_asm+0x1a/0x30 [ 29.308034] [ 29.308255] The buggy address belongs to the object at ffff888101adffe0 [ 29.308255] which belongs to the cache kmalloc-16 of size 16 [ 29.309428] The buggy address is located 8 bytes inside of [ 29.309428] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.310106] [ 29.310266] The buggy address belongs to the physical page: [ 29.310554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.310943] flags: 0x200000000000000(node=0|zone=2) [ 29.311441] page_type: f5(slab) [ 29.311790] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.312807] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.313901] page dumped because: kasan: bad access detected [ 29.314390] [ 29.314656] Memory state around the buggy address: [ 29.315106] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.315735] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.316376] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.316962] ^ [ 29.317318] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.317672] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.318016] ================================================================== [ 29.019341] ================================================================== [ 29.020498] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 29.021005] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.021335] [ 29.021503] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.023358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.024068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.025372] Call Trace: [ 29.025713] <TASK> [ 29.026303] dump_stack_lvl+0x73/0xb0 [ 29.027175] print_report+0xd1/0x640 [ 29.027604] ? __virt_addr_valid+0x1db/0x2d0 [ 29.028249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.028987] kasan_report+0x102/0x140 [ 29.029401] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 29.029952] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 29.031147] kasan_check_range+0x10c/0x1c0 [ 29.031452] __kasan_check_write+0x18/0x20 [ 29.032108] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 29.032979] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.033515] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.033894] ? trace_hardirqs_on+0x37/0xe0 [ 29.034229] ? kasan_bitops_generic+0x93/0x1c0 [ 29.035801] kasan_bitops_generic+0x117/0x1c0 [ 29.036265] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.036635] ? __pfx_read_tsc+0x10/0x10 [ 29.037188] ? ktime_get_ts64+0x86/0x230 [ 29.037515] kunit_try_run_case+0x1b3/0x490 [ 29.038312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.039317] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.040212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.040511] ? __kthread_parkme+0x82/0x160 [ 29.041529] ? preempt_count_sub+0x50/0x80 [ 29.041799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.042357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.042866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.043291] kthread+0x257/0x310 [ 29.043571] ? __pfx_kthread+0x10/0x10 [ 29.043869] ret_from_fork+0x41/0x80 [ 29.045086] ? __pfx_kthread+0x10/0x10 [ 29.046087] ret_from_fork_asm+0x1a/0x30 [ 29.047024] </TASK> [ 29.047378] [ 29.047608] Allocated by task 270: [ 29.048187] kasan_save_stack+0x3d/0x60 [ 29.048741] kasan_save_track+0x18/0x40 [ 29.049601] kasan_save_alloc_info+0x3b/0x50 [ 29.049981] __kasan_kmalloc+0xb7/0xc0 [ 29.050322] __kmalloc_cache_noprof+0x184/0x410 [ 29.050950] kasan_bitops_generic+0x93/0x1c0 [ 29.051302] kunit_try_run_case+0x1b3/0x490 [ 29.051803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.052233] kthread+0x257/0x310 [ 29.052915] ret_from_fork+0x41/0x80 [ 29.053303] ret_from_fork_asm+0x1a/0x30 [ 29.054570] [ 29.054834] The buggy address belongs to the object at ffff888101adffe0 [ 29.054834] which belongs to the cache kmalloc-16 of size 16 [ 29.055718] The buggy address is located 8 bytes inside of [ 29.055718] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.056697] [ 29.057358] The buggy address belongs to the physical page: [ 29.058071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.058655] flags: 0x200000000000000(node=0|zone=2) [ 29.059403] page_type: f5(slab) [ 29.059719] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.060631] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.061829] page dumped because: kasan: bad access detected [ 29.062389] [ 29.062557] Memory state around the buggy address: [ 29.063139] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.063741] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.064508] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.065374] ^ [ 29.065940] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.066583] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.067925] ================================================================== [ 29.208956] ================================================================== [ 29.209407] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.210876] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.211398] [ 29.211641] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.212274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.212531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.213309] Call Trace: [ 29.213724] <TASK> [ 29.213996] dump_stack_lvl+0x73/0xb0 [ 29.214464] print_report+0xd1/0x640 [ 29.214826] ? __virt_addr_valid+0x1db/0x2d0 [ 29.215147] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.215616] kasan_report+0x102/0x140 [ 29.216118] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.216719] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.217299] kasan_check_range+0x10c/0x1c0 [ 29.217839] __kasan_check_write+0x18/0x20 [ 29.218167] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 29.218592] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.220282] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.221308] ? trace_hardirqs_on+0x37/0xe0 [ 29.222045] ? kasan_bitops_generic+0x93/0x1c0 [ 29.222443] kasan_bitops_generic+0x117/0x1c0 [ 29.223069] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.223805] ? __pfx_read_tsc+0x10/0x10 [ 29.224165] ? ktime_get_ts64+0x86/0x230 [ 29.224706] kunit_try_run_case+0x1b3/0x490 [ 29.225023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.225459] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.225855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.226253] ? __kthread_parkme+0x82/0x160 [ 29.227284] ? preempt_count_sub+0x50/0x80 [ 29.227627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.228235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.228726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.229235] kthread+0x257/0x310 [ 29.229579] ? __pfx_kthread+0x10/0x10 [ 29.229878] ret_from_fork+0x41/0x80 [ 29.230221] ? __pfx_kthread+0x10/0x10 [ 29.230649] ret_from_fork_asm+0x1a/0x30 [ 29.230984] </TASK> [ 29.231254] [ 29.231482] Allocated by task 270: [ 29.231736] kasan_save_stack+0x3d/0x60 [ 29.232117] kasan_save_track+0x18/0x40 [ 29.232372] kasan_save_alloc_info+0x3b/0x50 [ 29.232691] __kasan_kmalloc+0xb7/0xc0 [ 29.233136] __kmalloc_cache_noprof+0x184/0x410 [ 29.233641] kasan_bitops_generic+0x93/0x1c0 [ 29.234082] kunit_try_run_case+0x1b3/0x490 [ 29.234418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.234802] kthread+0x257/0x310 [ 29.235034] ret_from_fork+0x41/0x80 [ 29.235404] ret_from_fork_asm+0x1a/0x30 [ 29.235811] [ 29.236004] The buggy address belongs to the object at ffff888101adffe0 [ 29.236004] which belongs to the cache kmalloc-16 of size 16 [ 29.236907] The buggy address is located 8 bytes inside of [ 29.236907] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.237722] [ 29.237895] The buggy address belongs to the physical page: [ 29.238322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.239006] flags: 0x200000000000000(node=0|zone=2) [ 29.239417] page_type: f5(slab) [ 29.239741] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.240247] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.240726] page dumped because: kasan: bad access detected [ 29.241211] [ 29.241418] Memory state around the buggy address: [ 29.241811] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.242265] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.242975] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.243421] ^ [ 29.243845] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.244452] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.244948] ================================================================== [ 29.070069] ================================================================== [ 29.070724] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 29.071623] Write of size 8 at addr ffff888101adffe8 by task kunit_try_catch/270 [ 29.072364] [ 29.073263] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 29.074008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.074676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.075477] Call Trace: [ 29.075906] <TASK> [ 29.076277] dump_stack_lvl+0x73/0xb0 [ 29.076702] print_report+0xd1/0x640 [ 29.077202] ? __virt_addr_valid+0x1db/0x2d0 [ 29.078230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.078957] kasan_report+0x102/0x140 [ 29.079372] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 29.080210] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 29.080732] kasan_check_range+0x10c/0x1c0 [ 29.081181] __kasan_check_write+0x18/0x20 [ 29.081718] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 29.082734] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.083303] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.084011] ? trace_hardirqs_on+0x37/0xe0 [ 29.084385] ? kasan_bitops_generic+0x93/0x1c0 [ 29.084934] kasan_bitops_generic+0x117/0x1c0 [ 29.085490] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.085972] ? __pfx_read_tsc+0x10/0x10 [ 29.086488] ? ktime_get_ts64+0x86/0x230 [ 29.087125] kunit_try_run_case+0x1b3/0x490 [ 29.087923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.088403] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.088987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.089737] ? __kthread_parkme+0x82/0x160 [ 29.090283] ? preempt_count_sub+0x50/0x80 [ 29.090806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.091413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.092040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.092969] kthread+0x257/0x310 [ 29.093347] ? __pfx_kthread+0x10/0x10 [ 29.094312] ret_from_fork+0x41/0x80 [ 29.094677] ? __pfx_kthread+0x10/0x10 [ 29.095296] ret_from_fork_asm+0x1a/0x30 [ 29.095756] </TASK> [ 29.096067] [ 29.096254] Allocated by task 270: [ 29.096830] kasan_save_stack+0x3d/0x60 [ 29.097389] kasan_save_track+0x18/0x40 [ 29.097705] kasan_save_alloc_info+0x3b/0x50 [ 29.098192] __kasan_kmalloc+0xb7/0xc0 [ 29.098772] __kmalloc_cache_noprof+0x184/0x410 [ 29.099369] kasan_bitops_generic+0x93/0x1c0 [ 29.099667] kunit_try_run_case+0x1b3/0x490 [ 29.100728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.101244] kthread+0x257/0x310 [ 29.101538] ret_from_fork+0x41/0x80 [ 29.102116] ret_from_fork_asm+0x1a/0x30 [ 29.102542] [ 29.102827] The buggy address belongs to the object at ffff888101adffe0 [ 29.102827] which belongs to the cache kmalloc-16 of size 16 [ 29.104378] The buggy address is located 8 bytes inside of [ 29.104378] allocated 9-byte region [ffff888101adffe0, ffff888101adffe9) [ 29.105335] [ 29.105487] The buggy address belongs to the physical page: [ 29.106179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 29.107617] flags: 0x200000000000000(node=0|zone=2) [ 29.108358] page_type: f5(slab) [ 29.108919] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.109498] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.110186] page dumped because: kasan: bad access detected [ 29.110820] [ 29.111027] Memory state around the buggy address: [ 29.111907] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 29.112718] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 29.113699] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 29.114229] ^ [ 29.115068] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.115850] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 29.116501] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 28.969597] ================================================================== [ 28.970606] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 28.971266] Read of size 1 at addr ffff888102a07b90 by task kunit_try_catch/268 [ 28.972133] [ 28.972430] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.973448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.973893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.974851] Call Trace: [ 28.975142] <TASK> [ 28.975418] dump_stack_lvl+0x73/0xb0 [ 28.975866] print_report+0xd1/0x640 [ 28.976360] ? __virt_addr_valid+0x1db/0x2d0 [ 28.977015] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.977778] kasan_report+0x102/0x140 [ 28.978279] ? strnlen+0x73/0x80 [ 28.978510] ? strnlen+0x73/0x80 [ 28.978879] __asan_report_load1_noabort+0x18/0x20 [ 28.979372] strnlen+0x73/0x80 [ 28.979718] kasan_strings+0x4c3/0xb60 [ 28.979990] ? __pfx_kasan_strings+0x10/0x10 [ 28.980427] ? __schedule+0xc3e/0x2790 [ 28.980996] ? __pfx_read_tsc+0x10/0x10 [ 28.981425] ? ktime_get_ts64+0x86/0x230 [ 28.981826] kunit_try_run_case+0x1b3/0x490 [ 28.982185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.982898] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.983378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.983941] ? __kthread_parkme+0x82/0x160 [ 28.984450] ? preempt_count_sub+0x50/0x80 [ 28.984964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.985377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.986018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.986488] kthread+0x257/0x310 [ 28.986935] ? __pfx_kthread+0x10/0x10 [ 28.987350] ret_from_fork+0x41/0x80 [ 28.987699] ? __pfx_kthread+0x10/0x10 [ 28.988151] ret_from_fork_asm+0x1a/0x30 [ 28.988651] </TASK> [ 28.988847] [ 28.989137] Allocated by task 268: [ 28.989511] kasan_save_stack+0x3d/0x60 [ 28.989981] kasan_save_track+0x18/0x40 [ 28.990410] kasan_save_alloc_info+0x3b/0x50 [ 28.990821] __kasan_kmalloc+0xb7/0xc0 [ 28.991283] __kmalloc_cache_noprof+0x184/0x410 [ 28.991939] kasan_strings+0xb9/0xb60 [ 28.992348] kunit_try_run_case+0x1b3/0x490 [ 28.992796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.993278] kthread+0x257/0x310 [ 28.993822] ret_from_fork+0x41/0x80 [ 28.994179] ret_from_fork_asm+0x1a/0x30 [ 28.994747] [ 28.995065] Freed by task 268: [ 28.995300] kasan_save_stack+0x3d/0x60 [ 28.995775] kasan_save_track+0x18/0x40 [ 28.996179] kasan_save_free_info+0x3f/0x60 [ 28.996460] __kasan_slab_free+0x56/0x70 [ 28.996861] kfree+0x123/0x3f0 [ 28.997302] kasan_strings+0x13c/0xb60 [ 28.997795] kunit_try_run_case+0x1b3/0x490 [ 28.998244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.998721] kthread+0x257/0x310 [ 28.999155] ret_from_fork+0x41/0x80 [ 28.999625] ret_from_fork_asm+0x1a/0x30 [ 29.000022] [ 29.000204] The buggy address belongs to the object at ffff888102a07b80 [ 29.000204] which belongs to the cache kmalloc-32 of size 32 [ 29.001173] The buggy address is located 16 bytes inside of [ 29.001173] freed 32-byte region [ffff888102a07b80, ffff888102a07ba0) [ 29.002195] [ 29.002440] The buggy address belongs to the physical page: [ 29.002846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 29.003606] flags: 0x200000000000000(node=0|zone=2) [ 29.004019] page_type: f5(slab) [ 29.004368] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 29.005108] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.005723] page dumped because: kasan: bad access detected [ 29.006096] [ 29.006298] Memory state around the buggy address: [ 29.006631] ffff888102a07a80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.007090] ffff888102a07b00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 29.007811] >ffff888102a07b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.008426] ^ [ 29.009004] ffff888102a07c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.009739] ffff888102a07c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.010398] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 28.923546] ================================================================== [ 28.923975] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 28.924593] Read of size 1 at addr ffff888102a07b90 by task kunit_try_catch/268 [ 28.925508] [ 28.925723] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.926239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.926476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.927267] Call Trace: [ 28.927629] <TASK> [ 28.927918] dump_stack_lvl+0x73/0xb0 [ 28.928338] print_report+0xd1/0x640 [ 28.928823] ? __virt_addr_valid+0x1db/0x2d0 [ 28.929330] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.929905] kasan_report+0x102/0x140 [ 28.930198] ? strlen+0x8f/0xb0 [ 28.930514] ? strlen+0x8f/0xb0 [ 28.930914] __asan_report_load1_noabort+0x18/0x20 [ 28.931437] strlen+0x8f/0xb0 [ 28.931813] kasan_strings+0x425/0xb60 [ 28.932251] ? __pfx_kasan_strings+0x10/0x10 [ 28.932630] ? __schedule+0xc3e/0x2790 [ 28.932995] ? __pfx_read_tsc+0x10/0x10 [ 28.933443] ? ktime_get_ts64+0x86/0x230 [ 28.933866] kunit_try_run_case+0x1b3/0x490 [ 28.934315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.935123] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.935632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.936091] ? __kthread_parkme+0x82/0x160 [ 28.936472] ? preempt_count_sub+0x50/0x80 [ 28.936882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.937390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.937957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.938503] kthread+0x257/0x310 [ 28.938908] ? __pfx_kthread+0x10/0x10 [ 28.939239] ret_from_fork+0x41/0x80 [ 28.939737] ? __pfx_kthread+0x10/0x10 [ 28.940150] ret_from_fork_asm+0x1a/0x30 [ 28.940681] </TASK> [ 28.940933] [ 28.941102] Allocated by task 268: [ 28.941487] kasan_save_stack+0x3d/0x60 [ 28.941894] kasan_save_track+0x18/0x40 [ 28.942245] kasan_save_alloc_info+0x3b/0x50 [ 28.942765] __kasan_kmalloc+0xb7/0xc0 [ 28.943154] __kmalloc_cache_noprof+0x184/0x410 [ 28.943699] kasan_strings+0xb9/0xb60 [ 28.943957] kunit_try_run_case+0x1b3/0x490 [ 28.944417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.944979] kthread+0x257/0x310 [ 28.945354] ret_from_fork+0x41/0x80 [ 28.945814] ret_from_fork_asm+0x1a/0x30 [ 28.946138] [ 28.946382] Freed by task 268: [ 28.946814] kasan_save_stack+0x3d/0x60 [ 28.947234] kasan_save_track+0x18/0x40 [ 28.947614] kasan_save_free_info+0x3f/0x60 [ 28.947989] __kasan_slab_free+0x56/0x70 [ 28.948385] kfree+0x123/0x3f0 [ 28.948749] kasan_strings+0x13c/0xb60 [ 28.948999] kunit_try_run_case+0x1b3/0x490 [ 28.949275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.949576] kthread+0x257/0x310 [ 28.949807] ret_from_fork+0x41/0x80 [ 28.950101] ret_from_fork_asm+0x1a/0x30 [ 28.950514] [ 28.950730] The buggy address belongs to the object at ffff888102a07b80 [ 28.950730] which belongs to the cache kmalloc-32 of size 32 [ 28.951856] The buggy address is located 16 bytes inside of [ 28.951856] freed 32-byte region [ffff888102a07b80, ffff888102a07ba0) [ 28.953107] [ 28.953330] The buggy address belongs to the physical page: [ 28.954322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 28.954932] flags: 0x200000000000000(node=0|zone=2) [ 28.955251] page_type: f5(slab) [ 28.955531] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.958344] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.959830] page dumped because: kasan: bad access detected [ 28.960335] [ 28.961624] Memory state around the buggy address: [ 28.962095] ffff888102a07a80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.963977] ffff888102a07b00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.965011] >ffff888102a07b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.965926] ^ [ 28.966107] ffff888102a07c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.967262] ffff888102a07c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.967863] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 28.883419] ================================================================== [ 28.884972] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 28.885883] Read of size 1 at addr ffff888102a07b90 by task kunit_try_catch/268 [ 28.886323] [ 28.886587] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.887537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.887959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.888715] Call Trace: [ 28.888948] <TASK> [ 28.889164] dump_stack_lvl+0x73/0xb0 [ 28.889693] print_report+0xd1/0x640 [ 28.890152] ? __virt_addr_valid+0x1db/0x2d0 [ 28.890663] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.891096] kasan_report+0x102/0x140 [ 28.891465] ? kasan_strings+0xa0c/0xb60 [ 28.891884] ? kasan_strings+0xa0c/0xb60 [ 28.892318] __asan_report_load1_noabort+0x18/0x20 [ 28.893108] kasan_strings+0xa0c/0xb60 [ 28.893526] ? __pfx_kasan_strings+0x10/0x10 [ 28.893982] ? __schedule+0xc3e/0x2790 [ 28.894413] ? __pfx_read_tsc+0x10/0x10 [ 28.894885] ? ktime_get_ts64+0x86/0x230 [ 28.895226] kunit_try_run_case+0x1b3/0x490 [ 28.895748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.896201] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.896743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.897234] ? __kthread_parkme+0x82/0x160 [ 28.897648] ? preempt_count_sub+0x50/0x80 [ 28.897991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.898503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.898966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.899407] kthread+0x257/0x310 [ 28.899793] ? __pfx_kthread+0x10/0x10 [ 28.900195] ret_from_fork+0x41/0x80 [ 28.900579] ? __pfx_kthread+0x10/0x10 [ 28.900957] ret_from_fork_asm+0x1a/0x30 [ 28.901375] </TASK> [ 28.901593] [ 28.901741] Allocated by task 268: [ 28.901960] kasan_save_stack+0x3d/0x60 [ 28.902379] kasan_save_track+0x18/0x40 [ 28.902799] kasan_save_alloc_info+0x3b/0x50 [ 28.903246] __kasan_kmalloc+0xb7/0xc0 [ 28.903629] __kmalloc_cache_noprof+0x184/0x410 [ 28.904273] kasan_strings+0xb9/0xb60 [ 28.904787] kunit_try_run_case+0x1b3/0x490 [ 28.905215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.905798] kthread+0x257/0x310 [ 28.906182] ret_from_fork+0x41/0x80 [ 28.906607] ret_from_fork_asm+0x1a/0x30 [ 28.906982] [ 28.907147] Freed by task 268: [ 28.907348] kasan_save_stack+0x3d/0x60 [ 28.907781] kasan_save_track+0x18/0x40 [ 28.908385] kasan_save_free_info+0x3f/0x60 [ 28.908806] __kasan_slab_free+0x56/0x70 [ 28.909164] kfree+0x123/0x3f0 [ 28.909509] kasan_strings+0x13c/0xb60 [ 28.909931] kunit_try_run_case+0x1b3/0x490 [ 28.910344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.910793] kthread+0x257/0x310 [ 28.911162] ret_from_fork+0x41/0x80 [ 28.911531] ret_from_fork_asm+0x1a/0x30 [ 28.911843] [ 28.912071] The buggy address belongs to the object at ffff888102a07b80 [ 28.912071] which belongs to the cache kmalloc-32 of size 32 [ 28.913153] The buggy address is located 16 bytes inside of [ 28.913153] freed 32-byte region [ffff888102a07b80, ffff888102a07ba0) [ 28.913808] [ 28.914036] The buggy address belongs to the physical page: [ 28.914532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 28.915256] flags: 0x200000000000000(node=0|zone=2) [ 28.915791] page_type: f5(slab) [ 28.916167] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.916972] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.917645] page dumped because: kasan: bad access detected [ 28.918045] [ 28.918309] Memory state around the buggy address: [ 28.918869] ffff888102a07a80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.919427] ffff888102a07b00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.919900] >ffff888102a07b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.920268] ^ [ 28.920747] ffff888102a07c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.921395] ffff888102a07c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.922031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 28.831303] ================================================================== [ 28.834323] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 28.834690] Read of size 1 at addr ffff888102a07b90 by task kunit_try_catch/268 [ 28.835763] [ 28.836189] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.837287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.837874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.838256] Call Trace: [ 28.838426] <TASK> [ 28.839477] dump_stack_lvl+0x73/0xb0 [ 28.840177] print_report+0xd1/0x640 [ 28.840572] ? __virt_addr_valid+0x1db/0x2d0 [ 28.841033] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.841646] kasan_report+0x102/0x140 [ 28.842121] ? strcmp+0xb0/0xc0 [ 28.842312] ? strcmp+0xb0/0xc0 [ 28.842460] __asan_report_load1_noabort+0x18/0x20 [ 28.843036] strcmp+0xb0/0xc0 [ 28.843535] kasan_strings+0x2d3/0xb60 [ 28.844208] ? __pfx_kasan_strings+0x10/0x10 [ 28.844620] ? __schedule+0xc3e/0x2790 [ 28.845023] ? __pfx_read_tsc+0x10/0x10 [ 28.845268] ? ktime_get_ts64+0x86/0x230 [ 28.845541] kunit_try_run_case+0x1b3/0x490 [ 28.846091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.846980] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.847303] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.848029] ? __kthread_parkme+0x82/0x160 [ 28.848732] ? preempt_count_sub+0x50/0x80 [ 28.849288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.850361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.851128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.851676] kthread+0x257/0x310 [ 28.851922] ? __pfx_kthread+0x10/0x10 [ 28.852349] ret_from_fork+0x41/0x80 [ 28.852781] ? __pfx_kthread+0x10/0x10 [ 28.853268] ret_from_fork_asm+0x1a/0x30 [ 28.854009] </TASK> [ 28.854221] [ 28.854371] Allocated by task 268: [ 28.854835] kasan_save_stack+0x3d/0x60 [ 28.855815] kasan_save_track+0x18/0x40 [ 28.857097] kasan_save_alloc_info+0x3b/0x50 [ 28.857496] __kasan_kmalloc+0xb7/0xc0 [ 28.857827] __kmalloc_cache_noprof+0x184/0x410 [ 28.858294] kasan_strings+0xb9/0xb60 [ 28.858775] kunit_try_run_case+0x1b3/0x490 [ 28.859198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.859768] kthread+0x257/0x310 [ 28.860120] ret_from_fork+0x41/0x80 [ 28.860662] ret_from_fork_asm+0x1a/0x30 [ 28.861773] [ 28.862074] Freed by task 268: [ 28.862490] kasan_save_stack+0x3d/0x60 [ 28.862996] kasan_save_track+0x18/0x40 [ 28.863278] kasan_save_free_info+0x3f/0x60 [ 28.863920] __kasan_slab_free+0x56/0x70 [ 28.864429] kfree+0x123/0x3f0 [ 28.864763] kasan_strings+0x13c/0xb60 [ 28.865371] kunit_try_run_case+0x1b3/0x490 [ 28.866027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.866449] kthread+0x257/0x310 [ 28.866688] ret_from_fork+0x41/0x80 [ 28.867077] ret_from_fork_asm+0x1a/0x30 [ 28.868376] [ 28.868633] The buggy address belongs to the object at ffff888102a07b80 [ 28.868633] which belongs to the cache kmalloc-32 of size 32 [ 28.870106] The buggy address is located 16 bytes inside of [ 28.870106] freed 32-byte region [ffff888102a07b80, ffff888102a07ba0) [ 28.870683] [ 28.870838] The buggy address belongs to the physical page: [ 28.871583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 28.872571] flags: 0x200000000000000(node=0|zone=2) [ 28.873758] page_type: f5(slab) [ 28.874423] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.875196] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.875729] page dumped because: kasan: bad access detected [ 28.876509] [ 28.876887] Memory state around the buggy address: [ 28.877286] ffff888102a07a80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.878154] ffff888102a07b00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.878699] >ffff888102a07b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.879834] ^ [ 28.880224] ffff888102a07c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.880807] ffff888102a07c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.881739] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 28.778298] ================================================================== [ 28.779335] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 28.779730] Read of size 1 at addr ffff888102998458 by task kunit_try_catch/266 [ 28.780595] [ 28.780824] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.781656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.781946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.783488] Call Trace: [ 28.783973] <TASK> [ 28.784267] dump_stack_lvl+0x73/0xb0 [ 28.784670] print_report+0xd1/0x640 [ 28.785257] ? __virt_addr_valid+0x1db/0x2d0 [ 28.786229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.786942] kasan_report+0x102/0x140 [ 28.787246] ? memcmp+0x1b4/0x1d0 [ 28.787509] ? memcmp+0x1b4/0x1d0 [ 28.787788] __asan_report_load1_noabort+0x18/0x20 [ 28.788270] memcmp+0x1b4/0x1d0 [ 28.788590] kasan_memcmp+0x190/0x390 [ 28.788965] ? trace_hardirqs_on+0x37/0xe0 [ 28.790281] ? __pfx_kasan_memcmp+0x10/0x10 [ 28.790851] ? finish_task_switch.isra.0+0x153/0x700 [ 28.791215] ? __switch_to+0x5d9/0xf60 [ 28.791618] ? __pfx_read_tsc+0x10/0x10 [ 28.792105] ? ktime_get_ts64+0x86/0x230 [ 28.792431] kunit_try_run_case+0x1b3/0x490 [ 28.792843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.793392] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.794512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.794941] ? __kthread_parkme+0x82/0x160 [ 28.795482] ? preempt_count_sub+0x50/0x80 [ 28.795970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.796322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.796822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.797351] kthread+0x257/0x310 [ 28.798559] ? __pfx_kthread+0x10/0x10 [ 28.799110] ret_from_fork+0x41/0x80 [ 28.799384] ? __pfx_kthread+0x10/0x10 [ 28.799806] ret_from_fork_asm+0x1a/0x30 [ 28.800251] </TASK> [ 28.800487] [ 28.800643] Allocated by task 266: [ 28.801167] kasan_save_stack+0x3d/0x60 [ 28.801597] kasan_save_track+0x18/0x40 [ 28.802502] kasan_save_alloc_info+0x3b/0x50 [ 28.803040] __kasan_kmalloc+0xb7/0xc0 [ 28.803736] __kmalloc_cache_noprof+0x184/0x410 [ 28.804090] kasan_memcmp+0xb8/0x390 [ 28.804347] kunit_try_run_case+0x1b3/0x490 [ 28.804861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.805375] kthread+0x257/0x310 [ 28.806392] ret_from_fork+0x41/0x80 [ 28.806910] ret_from_fork_asm+0x1a/0x30 [ 28.807204] [ 28.807370] The buggy address belongs to the object at ffff888102998440 [ 28.807370] which belongs to the cache kmalloc-32 of size 32 [ 28.808421] The buggy address is located 0 bytes to the right of [ 28.808421] allocated 24-byte region [ffff888102998440, ffff888102998458) [ 28.809517] [ 28.809746] The buggy address belongs to the physical page: [ 28.810044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102998 [ 28.810721] flags: 0x200000000000000(node=0|zone=2) [ 28.811188] page_type: f5(slab) [ 28.812508] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.813346] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.813982] page dumped because: kasan: bad access detected [ 28.814321] [ 28.814564] Memory state around the buggy address: [ 28.815402] ffff888102998300: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.815822] ffff888102998380: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 28.816992] >ffff888102998400: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.817651] ^ [ 28.819013] ffff888102998480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.819407] ffff888102998500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.820540] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 28.731267] ================================================================== [ 28.732224] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 28.733127] Read of size 1 at addr ffff888102b7fcaa by task kunit_try_catch/262 [ 28.733818] [ 28.734037] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.734797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.736003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.737273] Call Trace: [ 28.737817] <TASK> [ 28.738354] dump_stack_lvl+0x73/0xb0 [ 28.738817] print_report+0xd1/0x640 [ 28.739139] ? __virt_addr_valid+0x1db/0x2d0 [ 28.739596] ? kasan_addr_to_slab+0x11/0xa0 [ 28.739927] kasan_report+0x102/0x140 [ 28.740389] ? kasan_alloca_oob_right+0x328/0x390 [ 28.741371] ? kasan_alloca_oob_right+0x328/0x390 [ 28.742086] __asan_report_load1_noabort+0x18/0x20 [ 28.742498] kasan_alloca_oob_right+0x328/0x390 [ 28.743139] ? uclamp_rq_dec_id+0x340/0x460 [ 28.743550] ? __schedule+0xc3e/0x2790 [ 28.744022] ? trace_hardirqs_on+0x37/0xe0 [ 28.744555] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 28.744934] ? __schedule+0xc3e/0x2790 [ 28.745480] ? __pfx_read_tsc+0x10/0x10 [ 28.745763] ? ktime_get_ts64+0x86/0x230 [ 28.746228] kunit_try_run_case+0x1b3/0x490 [ 28.746696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.747117] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.747589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.747984] ? __kthread_parkme+0x82/0x160 [ 28.748414] ? preempt_count_sub+0x50/0x80 [ 28.748913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.749378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.749866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.750491] kthread+0x257/0x310 [ 28.750781] ? __pfx_kthread+0x10/0x10 [ 28.751145] ret_from_fork+0x41/0x80 [ 28.751609] ? __pfx_kthread+0x10/0x10 [ 28.752005] ret_from_fork_asm+0x1a/0x30 [ 28.752425] </TASK> [ 28.752727] [ 28.752920] The buggy address belongs to stack of task kunit_try_catch/262 [ 28.753526] [ 28.753741] The buggy address belongs to the physical page: [ 28.754258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7f [ 28.754987] flags: 0x200000000000000(node=0|zone=2) [ 28.755368] raw: 0200000000000000 ffffea00040adfc8 ffffea00040adfc8 0000000000000000 [ 28.756029] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.756668] page dumped because: kasan: bad access detected [ 28.757156] [ 28.757361] Memory state around the buggy address: [ 28.757818] ffff888102b7fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.758266] ffff888102b7fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.758927] >ffff888102b7fc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 28.759501] ^ [ 28.759921] ffff888102b7fd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 28.760292] ffff888102b7fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.760714] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 28.691529] ================================================================== [ 28.692371] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 28.693360] Read of size 1 at addr ffff888102b3fc9f by task kunit_try_catch/260 [ 28.693876] [ 28.694554] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.695293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.696130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.697177] Call Trace: [ 28.697386] <TASK> [ 28.697552] dump_stack_lvl+0x73/0xb0 [ 28.698147] print_report+0xd1/0x640 [ 28.698480] ? __virt_addr_valid+0x1db/0x2d0 [ 28.698904] ? kasan_addr_to_slab+0x11/0xa0 [ 28.699271] kasan_report+0x102/0x140 [ 28.699878] ? kasan_alloca_oob_left+0x31f/0x380 [ 28.700248] ? kasan_alloca_oob_left+0x31f/0x380 [ 28.701197] __asan_report_load1_noabort+0x18/0x20 [ 28.701788] kasan_alloca_oob_left+0x31f/0x380 [ 28.702335] ? uclamp_rq_dec_id+0x340/0x460 [ 28.702962] ? __schedule+0xc3e/0x2790 [ 28.703353] ? trace_hardirqs_on+0x37/0xe0 [ 28.704015] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 28.704462] ? __schedule+0xc3e/0x2790 [ 28.705140] ? __pfx_read_tsc+0x10/0x10 [ 28.705649] ? ktime_get_ts64+0x86/0x230 [ 28.706089] kunit_try_run_case+0x1b3/0x490 [ 28.706760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.707363] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.707812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.708898] ? __kthread_parkme+0x82/0x160 [ 28.709261] ? preempt_count_sub+0x50/0x80 [ 28.709673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.710319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.710849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.711292] kthread+0x257/0x310 [ 28.711630] ? __pfx_kthread+0x10/0x10 [ 28.712484] ret_from_fork+0x41/0x80 [ 28.713146] ? __pfx_kthread+0x10/0x10 [ 28.713862] ret_from_fork_asm+0x1a/0x30 [ 28.714235] </TASK> [ 28.714649] [ 28.715022] The buggy address belongs to stack of task kunit_try_catch/260 [ 28.715627] [ 28.715848] The buggy address belongs to the physical page: [ 28.716295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3f [ 28.716879] flags: 0x200000000000000(node=0|zone=2) [ 28.717786] raw: 0200000000000000 ffffea00040acfc8 ffffea00040acfc8 0000000000000000 [ 28.718306] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.718895] page dumped because: kasan: bad access detected [ 28.719337] [ 28.719521] Memory state around the buggy address: [ 28.719843] ffff888102b3fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.721075] ffff888102b3fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.721855] >ffff888102b3fc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 28.722355] ^ [ 28.722610] ffff888102b3fd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 28.723498] ffff888102b3fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.723964] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 28.643240] ================================================================== [ 28.644464] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 28.646547] Read of size 1 at addr ffff888102b57d72 by task kunit_try_catch/258 [ 28.647366] [ 28.647840] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.649070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.649371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.650649] Call Trace: [ 28.651142] <TASK> [ 28.651420] dump_stack_lvl+0x73/0xb0 [ 28.652146] print_report+0xd1/0x640 [ 28.652465] ? __virt_addr_valid+0x1db/0x2d0 [ 28.652800] ? kasan_addr_to_slab+0x11/0xa0 [ 28.653274] kasan_report+0x102/0x140 [ 28.653988] ? kasan_stack_oob+0x2ae/0x300 [ 28.654728] ? kasan_stack_oob+0x2ae/0x300 [ 28.655366] __asan_report_load1_noabort+0x18/0x20 [ 28.655905] kasan_stack_oob+0x2ae/0x300 [ 28.656327] ? __pfx_kasan_stack_oob+0x10/0x10 [ 28.656742] ? finish_task_switch.isra.0+0x153/0x700 [ 28.657344] ? __switch_to+0x5d9/0xf60 [ 28.658210] ? __schedule+0xc3e/0x2790 [ 28.658487] ? __pfx_read_tsc+0x10/0x10 [ 28.659388] ? ktime_get_ts64+0x86/0x230 [ 28.660216] kunit_try_run_case+0x1b3/0x490 [ 28.660644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.661124] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.661493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.661980] ? __kthread_parkme+0x82/0x160 [ 28.662542] ? preempt_count_sub+0x50/0x80 [ 28.662822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.663795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.664361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.665370] kthread+0x257/0x310 [ 28.665744] ? __pfx_kthread+0x10/0x10 [ 28.666049] ret_from_fork+0x41/0x80 [ 28.666455] ? __pfx_kthread+0x10/0x10 [ 28.667397] ret_from_fork_asm+0x1a/0x30 [ 28.667840] </TASK> [ 28.668111] [ 28.668455] The buggy address belongs to stack of task kunit_try_catch/258 [ 28.670084] and is located at offset 138 in frame: [ 28.670459] kasan_stack_oob+0x0/0x300 [ 28.671208] [ 28.671411] This frame has 4 objects: [ 28.671891] [48, 49) '__assertion' [ 28.671967] [64, 72) 'array' [ 28.672360] [96, 112) '__assertion' [ 28.672745] [128, 138) 'stack_array' [ 28.673184] [ 28.673615] The buggy address belongs to the physical page: [ 28.674304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b57 [ 28.675262] flags: 0x200000000000000(node=0|zone=2) [ 28.675751] raw: 0200000000000000 ffffea00040ad5c8 ffffea00040ad5c8 0000000000000000 [ 28.676621] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 28.677102] page dumped because: kasan: bad access detected [ 28.677689] [ 28.678855] Memory state around the buggy address: [ 28.679371] ffff888102b57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.680131] ffff888102b57c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.680805] >ffff888102b57d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 28.681886] ^ [ 28.682490] ffff888102b57d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 28.683117] ffff888102b57e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 28.684373] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 28.594648] ================================================================== [ 28.595572] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 28.596555] Read of size 1 at addr ffffffffb31febed by task kunit_try_catch/254 [ 28.596889] [ 28.597146] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.598887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.600068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.600944] Call Trace: [ 28.601731] <TASK> [ 28.602043] dump_stack_lvl+0x73/0xb0 [ 28.602386] print_report+0xd1/0x640 [ 28.602714] ? __virt_addr_valid+0x1db/0x2d0 [ 28.603710] ? kasan_addr_to_slab+0x11/0xa0 [ 28.604079] kasan_report+0x102/0x140 [ 28.604677] ? kasan_global_oob_right+0x288/0x2d0 [ 28.605302] ? kasan_global_oob_right+0x288/0x2d0 [ 28.605686] __asan_report_load1_noabort+0x18/0x20 [ 28.606342] kasan_global_oob_right+0x288/0x2d0 [ 28.606650] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 28.607818] ? __schedule+0xc3e/0x2790 [ 28.608159] ? __pfx_read_tsc+0x10/0x10 [ 28.609586] ? ktime_get_ts64+0x86/0x230 [ 28.610109] kunit_try_run_case+0x1b3/0x490 [ 28.610486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.610862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.611259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.611644] ? __kthread_parkme+0x82/0x160 [ 28.611988] ? preempt_count_sub+0x50/0x80 [ 28.613123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.613841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.614569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.615316] kthread+0x257/0x310 [ 28.616034] ? __pfx_kthread+0x10/0x10 [ 28.616484] ret_from_fork+0x41/0x80 [ 28.617076] ? __pfx_kthread+0x10/0x10 [ 28.617393] ret_from_fork_asm+0x1a/0x30 [ 28.617635] </TASK> [ 28.618856] [ 28.619091] The buggy address belongs to the variable: [ 28.619368] global_array+0xd/0x40 [ 28.620286] [ 28.621172] The buggy address belongs to the physical page: [ 28.621617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1433fe [ 28.622208] flags: 0x200000000002000(reserved|node=0|zone=2) [ 28.623189] raw: 0200000000002000 ffffea00050cff88 ffffea00050cff88 0000000000000000 [ 28.623911] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.624631] page dumped because: kasan: bad access detected [ 28.625413] [ 28.625612] Memory state around the buggy address: [ 28.626546] ffffffffb31fea80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.628143] ffffffffb31feb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.628625] >ffffffffb31feb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 [ 28.629175] ^ [ 28.630137] ffffffffb31fec00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 28.630511] ffffffffb31fec80: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 28.630951] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 28.542364] ================================================================== [ 28.543713] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.544336] Free of addr ffff888102ba0001 by task kunit_try_catch/252 [ 28.544792] [ 28.545030] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.546752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.547856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.548638] Call Trace: [ 28.549478] <TASK> [ 28.549882] dump_stack_lvl+0x73/0xb0 [ 28.550436] print_report+0xd1/0x640 [ 28.551419] ? __virt_addr_valid+0x1db/0x2d0 [ 28.552039] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.552554] ? kasan_addr_to_slab+0x11/0xa0 [ 28.553516] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.554322] kasan_report_invalid_free+0xc0/0xf0 [ 28.554700] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.555794] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.556213] __kasan_mempool_poison_object+0x102/0x1d0 [ 28.557166] mempool_free+0x2ec/0x380 [ 28.557491] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.558094] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 28.558524] ? finish_task_switch.isra.0+0x153/0x700 [ 28.559244] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 28.559613] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 28.560992] ? __switch_to+0x5d9/0xf60 [ 28.561339] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.562115] ? __pfx_mempool_kfree+0x10/0x10 [ 28.562717] ? __pfx_read_tsc+0x10/0x10 [ 28.563305] ? ktime_get_ts64+0x86/0x230 [ 28.563543] kunit_try_run_case+0x1b3/0x490 [ 28.563798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.564815] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.565461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.565947] ? __kthread_parkme+0x82/0x160 [ 28.566296] ? preempt_count_sub+0x50/0x80 [ 28.566812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.568005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.568265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.568486] kthread+0x257/0x310 [ 28.568764] ? __pfx_kthread+0x10/0x10 [ 28.569326] ret_from_fork+0x41/0x80 [ 28.570318] ? __pfx_kthread+0x10/0x10 [ 28.570811] ret_from_fork_asm+0x1a/0x30 [ 28.571843] </TASK> [ 28.572005] [ 28.572270] The buggy address belongs to the physical page: [ 28.573335] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba0 [ 28.574190] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.574978] flags: 0x200000000000040(head|node=0|zone=2) [ 28.575379] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.575823] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.577098] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.578145] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.579199] head: 0200000000000002 ffffea00040ae801 ffffffffffffffff 0000000000000000 [ 28.580287] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 28.580862] page dumped because: kasan: bad access detected [ 28.581399] [ 28.582229] Memory state around the buggy address: [ 28.582684] ffff888102b9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.583483] ffff888102b9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.584273] >ffff888102ba0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.585073] ^ [ 28.585390] ffff888102ba0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.586972] ffff888102ba0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.587420] ================================================================== [ 28.486490] ================================================================== [ 28.487624] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.488613] Free of addr ffff888102996601 by task kunit_try_catch/250 [ 28.489754] [ 28.489942] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.490462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.490830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.492520] Call Trace: [ 28.492993] <TASK> [ 28.493319] dump_stack_lvl+0x73/0xb0 [ 28.493843] print_report+0xd1/0x640 [ 28.494379] ? __virt_addr_valid+0x1db/0x2d0 [ 28.495042] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.496314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.496815] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.497366] kasan_report_invalid_free+0xc0/0xf0 [ 28.498199] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.499340] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.500154] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.501044] check_slab_allocation+0x11f/0x130 [ 28.501478] __kasan_mempool_poison_object+0x91/0x1d0 [ 28.501899] mempool_free+0x2ec/0x380 [ 28.502464] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 28.503535] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 28.504157] ? finish_task_switch.isra.0+0x153/0x700 [ 28.504861] mempool_kmalloc_invalid_free+0xb1/0x100 [ 28.505354] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 28.506355] ? __switch_to+0x5d9/0xf60 [ 28.506907] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.507169] ? __pfx_mempool_kfree+0x10/0x10 [ 28.507406] ? __pfx_read_tsc+0x10/0x10 [ 28.507683] ? ktime_get_ts64+0x86/0x230 [ 28.508213] kunit_try_run_case+0x1b3/0x490 [ 28.508829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.509406] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.510111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.510524] ? __kthread_parkme+0x82/0x160 [ 28.511220] ? preempt_count_sub+0x50/0x80 [ 28.511763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.512113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.512732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.513185] kthread+0x257/0x310 [ 28.513650] ? __pfx_kthread+0x10/0x10 [ 28.514001] ret_from_fork+0x41/0x80 [ 28.514516] ? __pfx_kthread+0x10/0x10 [ 28.515007] ret_from_fork_asm+0x1a/0x30 [ 28.515542] </TASK> [ 28.515937] [ 28.516153] Allocated by task 250: [ 28.516475] kasan_save_stack+0x3d/0x60 [ 28.516980] kasan_save_track+0x18/0x40 [ 28.517393] kasan_save_alloc_info+0x3b/0x50 [ 28.517776] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 28.518102] remove_element+0x11e/0x190 [ 28.518497] mempool_alloc_preallocated+0x4d/0x90 [ 28.518957] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 28.519606] mempool_kmalloc_invalid_free+0xb1/0x100 [ 28.520213] kunit_try_run_case+0x1b3/0x490 [ 28.520690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.521299] kthread+0x257/0x310 [ 28.521587] ret_from_fork+0x41/0x80 [ 28.521838] ret_from_fork_asm+0x1a/0x30 [ 28.522130] [ 28.522332] The buggy address belongs to the object at ffff888102996600 [ 28.522332] which belongs to the cache kmalloc-128 of size 128 [ 28.523729] The buggy address is located 1 bytes inside of [ 28.523729] 128-byte region [ffff888102996600, ffff888102996680) [ 28.524495] [ 28.524715] The buggy address belongs to the physical page: [ 28.525012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102996 [ 28.525838] flags: 0x200000000000000(node=0|zone=2) [ 28.526605] page_type: f5(slab) [ 28.526932] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.527591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.528499] page dumped because: kasan: bad access detected [ 28.528951] [ 28.529115] Memory state around the buggy address: [ 28.529384] ffff888102996500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.529861] ffff888102996580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.530548] >ffff888102996600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.531208] ^ [ 28.531558] ffff888102996680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.532283] ffff888102996700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.532806] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 28.441964] ================================================================== [ 28.443075] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 28.443648] Free of addr ffff888102764000 by task kunit_try_catch/248 [ 28.443996] [ 28.444540] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.446145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.446881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.447908] Call Trace: [ 28.448280] <TASK> [ 28.448629] dump_stack_lvl+0x73/0xb0 [ 28.449518] print_report+0xd1/0x640 [ 28.449827] ? __virt_addr_valid+0x1db/0x2d0 [ 28.450436] ? mempool_double_free_helper+0x185/0x370 [ 28.451154] ? kasan_addr_to_slab+0x11/0xa0 [ 28.451587] ? mempool_double_free_helper+0x185/0x370 [ 28.452110] kasan_report_invalid_free+0xc0/0xf0 [ 28.452644] ? mempool_double_free_helper+0x185/0x370 [ 28.453455] ? mempool_double_free_helper+0x185/0x370 [ 28.453778] __kasan_mempool_poison_pages+0x115/0x130 [ 28.454404] mempool_free+0x290/0x380 [ 28.455248] mempool_double_free_helper+0x185/0x370 [ 28.455755] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 28.456659] ? irqentry_exit+0x2a/0x60 [ 28.457010] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 28.457788] mempool_page_alloc_double_free+0xac/0x100 [ 28.458294] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 28.458984] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 28.459653] ? __pfx_mempool_free_pages+0x10/0x10 [ 28.459986] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 28.460857] kunit_try_run_case+0x1b3/0x490 [ 28.461316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.462022] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.462378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.463281] ? __kthread_parkme+0x82/0x160 [ 28.464014] ? preempt_count_sub+0x50/0x80 [ 28.464492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.465033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.465690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.466249] kthread+0x257/0x310 [ 28.466527] ? __pfx_kthread+0x10/0x10 [ 28.466741] ret_from_fork+0x41/0x80 [ 28.467554] ? __pfx_kthread+0x10/0x10 [ 28.468207] ret_from_fork_asm+0x1a/0x30 [ 28.468950] </TASK> [ 28.469274] [ 28.469865] The buggy address belongs to the physical page: [ 28.470285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102764 [ 28.471455] flags: 0x200000000000000(node=0|zone=2) [ 28.472393] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.472980] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.473552] page dumped because: kasan: bad access detected [ 28.473980] [ 28.474180] Memory state around the buggy address: [ 28.474560] ffff888102763f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.475121] ffff888102763f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.476050] >ffff888102764000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.477048] ^ [ 28.477288] ffff888102764080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.478373] ffff888102764100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.479358] ================================================================== [ 28.394715] ================================================================== [ 28.395494] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 28.396339] Free of addr ffff888102ba0000 by task kunit_try_catch/246 [ 28.396940] [ 28.397117] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.398108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.398439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.399161] Call Trace: [ 28.399828] <TASK> [ 28.400070] dump_stack_lvl+0x73/0xb0 [ 28.400499] print_report+0xd1/0x640 [ 28.401690] ? __virt_addr_valid+0x1db/0x2d0 [ 28.402111] ? mempool_double_free_helper+0x185/0x370 [ 28.403262] ? kasan_addr_to_slab+0x11/0xa0 [ 28.404014] ? mempool_double_free_helper+0x185/0x370 [ 28.404356] kasan_report_invalid_free+0xc0/0xf0 [ 28.404751] ? mempool_double_free_helper+0x185/0x370 [ 28.405328] ? mempool_double_free_helper+0x185/0x370 [ 28.405662] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 28.406254] mempool_free+0x2ec/0x380 [ 28.406605] mempool_double_free_helper+0x185/0x370 [ 28.407370] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 28.407777] ? finish_task_switch.isra.0+0x153/0x700 [ 28.408426] mempool_kmalloc_large_double_free+0xb1/0x100 [ 28.409512] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 28.410531] ? __switch_to+0x5d9/0xf60 [ 28.411085] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.411613] ? __pfx_mempool_kfree+0x10/0x10 [ 28.412163] ? __pfx_read_tsc+0x10/0x10 [ 28.412386] ? ktime_get_ts64+0x86/0x230 [ 28.413300] kunit_try_run_case+0x1b3/0x490 [ 28.413664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.414546] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.415283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.415788] ? __kthread_parkme+0x82/0x160 [ 28.416242] ? preempt_count_sub+0x50/0x80 [ 28.416626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.417379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.418217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.419044] kthread+0x257/0x310 [ 28.419311] ? __pfx_kthread+0x10/0x10 [ 28.419533] ret_from_fork+0x41/0x80 [ 28.419768] ? __pfx_kthread+0x10/0x10 [ 28.419958] ret_from_fork_asm+0x1a/0x30 [ 28.420317] </TASK> [ 28.420697] [ 28.421091] The buggy address belongs to the physical page: [ 28.421535] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba0 [ 28.422501] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.423218] flags: 0x200000000000040(head|node=0|zone=2) [ 28.423795] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.424702] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.425694] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.426491] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.427485] head: 0200000000000002 ffffea00040ae801 ffffffffffffffff 0000000000000000 [ 28.428099] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 28.428956] page dumped because: kasan: bad access detected [ 28.429585] [ 28.429842] Memory state around the buggy address: [ 28.430409] ffff888102b9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.431466] ffff888102b9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.432250] >ffff888102ba0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.433152] ^ [ 28.433532] ffff888102ba0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.434214] ffff888102ba0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.434696] ================================================================== [ 28.325399] ================================================================== [ 28.326255] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 28.326928] Free of addr ffff888102996000 by task kunit_try_catch/244 [ 28.327393] [ 28.327639] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.329044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.329377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.331009] Call Trace: [ 28.331214] <TASK> [ 28.331371] dump_stack_lvl+0x73/0xb0 [ 28.331620] print_report+0xd1/0x640 [ 28.332999] ? __virt_addr_valid+0x1db/0x2d0 [ 28.333422] ? mempool_double_free_helper+0x185/0x370 [ 28.333997] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.335012] ? mempool_double_free_helper+0x185/0x370 [ 28.335293] kasan_report_invalid_free+0xc0/0xf0 [ 28.335536] ? mempool_double_free_helper+0x185/0x370 [ 28.335999] ? mempool_double_free_helper+0x185/0x370 [ 28.337538] ? mempool_double_free_helper+0x185/0x370 [ 28.338202] check_slab_allocation+0x101/0x130 [ 28.338841] __kasan_mempool_poison_object+0x91/0x1d0 [ 28.339131] mempool_free+0x2ec/0x380 [ 28.339353] mempool_double_free_helper+0x185/0x370 [ 28.340104] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 28.340723] ? irqentry_exit+0x2a/0x60 [ 28.341234] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 28.342566] mempool_kmalloc_double_free+0xb1/0x100 [ 28.343427] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 28.344286] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.345114] ? __pfx_mempool_kfree+0x10/0x10 [ 28.345886] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 28.346339] kunit_try_run_case+0x1b3/0x490 [ 28.346763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.347157] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.347597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.348346] ? __kthread_parkme+0x82/0x160 [ 28.349186] ? preempt_count_sub+0x50/0x80 [ 28.349603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.350224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.350768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.351392] kthread+0x257/0x310 [ 28.351975] ? __pfx_kthread+0x10/0x10 [ 28.352515] ret_from_fork+0x41/0x80 [ 28.353180] ? __pfx_kthread+0x10/0x10 [ 28.353641] ret_from_fork_asm+0x1a/0x30 [ 28.354189] </TASK> [ 28.354599] [ 28.354802] Allocated by task 244: [ 28.355029] kasan_save_stack+0x3d/0x60 [ 28.355590] kasan_save_track+0x18/0x40 [ 28.356155] kasan_save_alloc_info+0x3b/0x50 [ 28.356780] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 28.357244] remove_element+0x11e/0x190 [ 28.357732] mempool_alloc_preallocated+0x4d/0x90 [ 28.358316] mempool_double_free_helper+0x8b/0x370 [ 28.359113] mempool_kmalloc_double_free+0xb1/0x100 [ 28.359706] kunit_try_run_case+0x1b3/0x490 [ 28.360099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.361446] kthread+0x257/0x310 [ 28.362387] ret_from_fork+0x41/0x80 [ 28.363141] ret_from_fork_asm+0x1a/0x30 [ 28.363478] [ 28.363895] Freed by task 244: [ 28.364178] kasan_save_stack+0x3d/0x60 [ 28.364995] kasan_save_track+0x18/0x40 [ 28.365981] kasan_save_free_info+0x3f/0x60 [ 28.366934] __kasan_mempool_poison_object+0x131/0x1d0 [ 28.367291] mempool_free+0x2ec/0x380 [ 28.368178] mempool_double_free_helper+0x10a/0x370 [ 28.368564] mempool_kmalloc_double_free+0xb1/0x100 [ 28.369084] kunit_try_run_case+0x1b3/0x490 [ 28.369313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.370426] kthread+0x257/0x310 [ 28.370783] ret_from_fork+0x41/0x80 [ 28.371217] ret_from_fork_asm+0x1a/0x30 [ 28.371948] [ 28.372297] The buggy address belongs to the object at ffff888102996000 [ 28.372297] which belongs to the cache kmalloc-128 of size 128 [ 28.373910] The buggy address is located 0 bytes inside of [ 28.373910] 128-byte region [ffff888102996000, ffff888102996080) [ 28.375184] [ 28.375494] The buggy address belongs to the physical page: [ 28.376104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102996 [ 28.376786] flags: 0x200000000000000(node=0|zone=2) [ 28.377173] page_type: f5(slab) [ 28.377881] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.379308] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.379891] page dumped because: kasan: bad access detected [ 28.380736] [ 28.381017] Memory state around the buggy address: [ 28.381421] ffff888102995f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.381937] ffff888102995f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.382915] >ffff888102996000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.384149] ^ [ 28.384498] ffff888102996080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.385226] ffff888102996100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.386030] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 28.173980] ================================================================== [ 28.175565] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 28.176350] Read of size 1 at addr ffff888102760000 by task kunit_try_catch/238 [ 28.177119] [ 28.177387] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.178205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.178487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.179420] Call Trace: [ 28.179906] <TASK> [ 28.180223] dump_stack_lvl+0x73/0xb0 [ 28.180947] print_report+0xd1/0x640 [ 28.181335] ? __virt_addr_valid+0x1db/0x2d0 [ 28.181991] ? kasan_addr_to_slab+0x11/0xa0 [ 28.182508] kasan_report+0x102/0x140 [ 28.183074] ? mempool_uaf_helper+0x394/0x400 [ 28.183583] ? mempool_uaf_helper+0x394/0x400 [ 28.184130] __asan_report_load1_noabort+0x18/0x20 [ 28.184559] mempool_uaf_helper+0x394/0x400 [ 28.185043] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 28.185383] ? finish_task_switch.isra.0+0x153/0x700 [ 28.186527] mempool_kmalloc_large_uaf+0xb3/0x100 [ 28.186916] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 28.187421] ? __switch_to+0x5d9/0xf60 [ 28.187776] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.188350] ? __pfx_mempool_kfree+0x10/0x10 [ 28.188922] ? __pfx_read_tsc+0x10/0x10 [ 28.189337] ? ktime_get_ts64+0x86/0x230 [ 28.189918] kunit_try_run_case+0x1b3/0x490 [ 28.190254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.190865] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.191332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.192497] ? __kthread_parkme+0x82/0x160 [ 28.192913] ? preempt_count_sub+0x50/0x80 [ 28.193534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.193979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.194574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.195120] kthread+0x257/0x310 [ 28.195369] ? __pfx_kthread+0x10/0x10 [ 28.195916] ret_from_fork+0x41/0x80 [ 28.196315] ? __pfx_kthread+0x10/0x10 [ 28.196721] ret_from_fork_asm+0x1a/0x30 [ 28.197684] </TASK> [ 28.197962] [ 28.198182] The buggy address belongs to the physical page: [ 28.198669] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102760 [ 28.199199] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.199737] flags: 0x200000000000040(head|node=0|zone=2) [ 28.200804] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.201382] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.201931] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.202737] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.203382] head: 0200000000000002 ffffea000409d801 ffffffffffffffff 0000000000000000 [ 28.204714] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 28.205460] page dumped because: kasan: bad access detected [ 28.205827] [ 28.205971] Memory state around the buggy address: [ 28.206419] ffff88810275ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.206930] ffff88810275ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.207807] >ffff888102760000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.208368] ^ [ 28.208701] ffff888102760080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.209433] ffff888102760100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.210645] ================================================================== [ 28.282534] ================================================================== [ 28.283454] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 28.283874] Read of size 1 at addr ffff888102ba0000 by task kunit_try_catch/242 [ 28.284673] [ 28.284915] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.285455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.286594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.288081] Call Trace: [ 28.288391] <TASK> [ 28.288879] dump_stack_lvl+0x73/0xb0 [ 28.289432] print_report+0xd1/0x640 [ 28.289947] ? __virt_addr_valid+0x1db/0x2d0 [ 28.290553] ? kasan_addr_to_slab+0x11/0xa0 [ 28.290988] kasan_report+0x102/0x140 [ 28.291820] ? mempool_uaf_helper+0x394/0x400 [ 28.292835] ? mempool_uaf_helper+0x394/0x400 [ 28.293210] __asan_report_load1_noabort+0x18/0x20 [ 28.293779] mempool_uaf_helper+0x394/0x400 [ 28.294316] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 28.294729] ? finish_task_switch.isra.0+0x153/0x700 [ 28.295466] mempool_page_alloc_uaf+0xb1/0x100 [ 28.295999] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 28.296340] ? __switch_to+0x5d9/0xf60 [ 28.296788] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 28.297194] ? __pfx_mempool_free_pages+0x10/0x10 [ 28.297791] ? __pfx_read_tsc+0x10/0x10 [ 28.298127] ? ktime_get_ts64+0x86/0x230 [ 28.299246] kunit_try_run_case+0x1b3/0x490 [ 28.299573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.300076] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.300517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.301028] ? __kthread_parkme+0x82/0x160 [ 28.301454] ? preempt_count_sub+0x50/0x80 [ 28.302432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.302999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.303463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.303896] kthread+0x257/0x310 [ 28.304234] ? __pfx_kthread+0x10/0x10 [ 28.304642] ret_from_fork+0x41/0x80 [ 28.304981] ? __pfx_kthread+0x10/0x10 [ 28.306150] ret_from_fork_asm+0x1a/0x30 [ 28.306450] </TASK> [ 28.306703] [ 28.307175] The buggy address belongs to the physical page: [ 28.307635] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba0 [ 28.307967] flags: 0x200000000000000(node=0|zone=2) [ 28.308802] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.309205] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.310185] page dumped because: kasan: bad access detected [ 28.310498] [ 28.311027] Memory state around the buggy address: [ 28.311462] ffff888102b9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.312971] ffff888102b9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.313326] >ffff888102ba0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.314311] ^ [ 28.314860] ffff888102ba0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.315709] ffff888102ba0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.316630] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 28.221089] ================================================================== [ 28.221757] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 28.222524] Read of size 1 at addr ffff888102a59240 by task kunit_try_catch/240 [ 28.223132] [ 28.223354] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.224111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.224828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.225827] Call Trace: [ 28.226119] <TASK> [ 28.226314] dump_stack_lvl+0x73/0xb0 [ 28.226956] print_report+0xd1/0x640 [ 28.227311] ? __virt_addr_valid+0x1db/0x2d0 [ 28.228105] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.228626] kasan_report+0x102/0x140 [ 28.228927] ? mempool_uaf_helper+0x394/0x400 [ 28.229418] ? mempool_uaf_helper+0x394/0x400 [ 28.229928] __asan_report_load1_noabort+0x18/0x20 [ 28.230340] mempool_uaf_helper+0x394/0x400 [ 28.230746] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 28.231149] ? finish_task_switch.isra.0+0x153/0x700 [ 28.232154] mempool_slab_uaf+0xae/0x100 [ 28.232698] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 28.233405] ? __switch_to+0x5d9/0xf60 [ 28.233766] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 28.234330] ? __pfx_mempool_free_slab+0x10/0x10 [ 28.234964] ? __pfx_read_tsc+0x10/0x10 [ 28.235517] ? ktime_get_ts64+0x86/0x230 [ 28.236151] kunit_try_run_case+0x1b3/0x490 [ 28.236577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.236955] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.237404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.237942] ? __kthread_parkme+0x82/0x160 [ 28.238954] ? preempt_count_sub+0x50/0x80 [ 28.239537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.240166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.240760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.241415] kthread+0x257/0x310 [ 28.242066] ? __pfx_kthread+0x10/0x10 [ 28.242733] ret_from_fork+0x41/0x80 [ 28.243231] ? __pfx_kthread+0x10/0x10 [ 28.243796] ret_from_fork_asm+0x1a/0x30 [ 28.244096] </TASK> [ 28.244359] [ 28.245025] Allocated by task 240: [ 28.245246] kasan_save_stack+0x3d/0x60 [ 28.246011] kasan_save_track+0x18/0x40 [ 28.246435] kasan_save_alloc_info+0x3b/0x50 [ 28.247371] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 28.248140] remove_element+0x11e/0x190 [ 28.248480] mempool_alloc_preallocated+0x4d/0x90 [ 28.249025] mempool_uaf_helper+0x97/0x400 [ 28.249930] mempool_slab_uaf+0xae/0x100 [ 28.250305] kunit_try_run_case+0x1b3/0x490 [ 28.250742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.251288] kthread+0x257/0x310 [ 28.251993] ret_from_fork+0x41/0x80 [ 28.252694] ret_from_fork_asm+0x1a/0x30 [ 28.252952] [ 28.253181] Freed by task 240: [ 28.253480] kasan_save_stack+0x3d/0x60 [ 28.254347] kasan_save_track+0x18/0x40 [ 28.254670] kasan_save_free_info+0x3f/0x60 [ 28.255306] __kasan_mempool_poison_object+0x131/0x1d0 [ 28.256043] mempool_free+0x2ec/0x380 [ 28.256447] mempool_uaf_helper+0x11b/0x400 [ 28.256836] mempool_slab_uaf+0xae/0x100 [ 28.257170] kunit_try_run_case+0x1b3/0x490 [ 28.257577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.258431] kthread+0x257/0x310 [ 28.258759] ret_from_fork+0x41/0x80 [ 28.259027] ret_from_fork_asm+0x1a/0x30 [ 28.259215] [ 28.259296] The buggy address belongs to the object at ffff888102a59240 [ 28.259296] which belongs to the cache test_cache of size 123 [ 28.260936] The buggy address is located 0 bytes inside of [ 28.260936] freed 123-byte region [ffff888102a59240, ffff888102a592bb) [ 28.262011] [ 28.262175] The buggy address belongs to the physical page: [ 28.262594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a59 [ 28.263282] flags: 0x200000000000000(node=0|zone=2) [ 28.263766] page_type: f5(slab) [ 28.264184] raw: 0200000000000000 ffff888101e708c0 dead000000000122 0000000000000000 [ 28.265045] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 28.265416] page dumped because: kasan: bad access detected [ 28.265907] [ 28.266129] Memory state around the buggy address: [ 28.266578] ffff888102a59100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.267261] ffff888102a59180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.268118] >ffff888102a59200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 28.268847] ^ [ 28.269395] ffff888102a59280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.269942] ffff888102a59300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.270245] ================================================================== [ 28.116375] ================================================================== [ 28.117350] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 28.118124] Read of size 1 at addr ffff888102994800 by task kunit_try_catch/236 [ 28.118661] [ 28.118847] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.120933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.121632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.122252] Call Trace: [ 28.122530] <TASK> [ 28.122764] dump_stack_lvl+0x73/0xb0 [ 28.123094] print_report+0xd1/0x640 [ 28.123480] ? __virt_addr_valid+0x1db/0x2d0 [ 28.123937] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.124575] kasan_report+0x102/0x140 [ 28.125222] ? mempool_uaf_helper+0x394/0x400 [ 28.125837] ? mempool_uaf_helper+0x394/0x400 [ 28.126296] __asan_report_load1_noabort+0x18/0x20 [ 28.126934] mempool_uaf_helper+0x394/0x400 [ 28.127281] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 28.127896] ? finish_task_switch.isra.0+0x153/0x700 [ 28.128417] mempool_kmalloc_uaf+0xb3/0x100 [ 28.129111] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 28.129508] ? __switch_to+0x5d9/0xf60 [ 28.130519] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.131045] ? __pfx_mempool_kfree+0x10/0x10 [ 28.131500] ? __pfx_read_tsc+0x10/0x10 [ 28.131876] ? ktime_get_ts64+0x86/0x230 [ 28.132309] kunit_try_run_case+0x1b3/0x490 [ 28.132736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.133221] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.133615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.134404] ? __kthread_parkme+0x82/0x160 [ 28.134910] ? preempt_count_sub+0x50/0x80 [ 28.135356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.135984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.136547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.137224] kthread+0x257/0x310 [ 28.137856] ? __pfx_kthread+0x10/0x10 [ 28.138232] ret_from_fork+0x41/0x80 [ 28.138498] ? __pfx_kthread+0x10/0x10 [ 28.138999] ret_from_fork_asm+0x1a/0x30 [ 28.139435] </TASK> [ 28.139872] [ 28.140099] Allocated by task 236: [ 28.140455] kasan_save_stack+0x3d/0x60 [ 28.141021] kasan_save_track+0x18/0x40 [ 28.141440] kasan_save_alloc_info+0x3b/0x50 [ 28.142099] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 28.142441] remove_element+0x11e/0x190 [ 28.142942] mempool_alloc_preallocated+0x4d/0x90 [ 28.143405] mempool_uaf_helper+0x97/0x400 [ 28.143943] mempool_kmalloc_uaf+0xb3/0x100 [ 28.144239] kunit_try_run_case+0x1b3/0x490 [ 28.144519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.145200] kthread+0x257/0x310 [ 28.145583] ret_from_fork+0x41/0x80 [ 28.146277] ret_from_fork_asm+0x1a/0x30 [ 28.146835] [ 28.147050] Freed by task 236: [ 28.147381] kasan_save_stack+0x3d/0x60 [ 28.148001] kasan_save_track+0x18/0x40 [ 28.148334] kasan_save_free_info+0x3f/0x60 [ 28.148631] __kasan_mempool_poison_object+0x131/0x1d0 [ 28.149301] mempool_free+0x2ec/0x380 [ 28.149984] mempool_uaf_helper+0x11b/0x400 [ 28.150493] mempool_kmalloc_uaf+0xb3/0x100 [ 28.151091] kunit_try_run_case+0x1b3/0x490 [ 28.151499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.152143] kthread+0x257/0x310 [ 28.152524] ret_from_fork+0x41/0x80 [ 28.152829] ret_from_fork_asm+0x1a/0x30 [ 28.153355] [ 28.153869] The buggy address belongs to the object at ffff888102994800 [ 28.153869] which belongs to the cache kmalloc-128 of size 128 [ 28.154852] The buggy address is located 0 bytes inside of [ 28.154852] freed 128-byte region [ffff888102994800, ffff888102994880) [ 28.155408] [ 28.155601] The buggy address belongs to the physical page: [ 28.156298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 28.157227] flags: 0x200000000000000(node=0|zone=2) [ 28.157947] page_type: f5(slab) [ 28.158308] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.159169] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.159854] page dumped because: kasan: bad access detected [ 28.160166] [ 28.160310] Memory state around the buggy address: [ 28.160602] ffff888102994700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.161225] ffff888102994780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.161833] >ffff888102994800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.163665] ^ [ 28.164200] ffff888102994880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.164991] ffff888102994900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.165473] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 28.062225] ================================================================== [ 28.063215] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 28.063643] Read of size 1 at addr ffff888102a072bb by task kunit_try_catch/234 [ 28.064383] [ 28.064566] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.064892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.065029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.066719] Call Trace: [ 28.067019] <TASK> [ 28.067232] dump_stack_lvl+0x73/0xb0 [ 28.067897] print_report+0xd1/0x640 [ 28.068253] ? __virt_addr_valid+0x1db/0x2d0 [ 28.069081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.069597] kasan_report+0x102/0x140 [ 28.069899] ? mempool_oob_right_helper+0x31a/0x380 [ 28.070321] ? mempool_oob_right_helper+0x31a/0x380 [ 28.070793] __asan_report_load1_noabort+0x18/0x20 [ 28.071244] mempool_oob_right_helper+0x31a/0x380 [ 28.071928] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 28.072378] ? finish_task_switch.isra.0+0x153/0x700 [ 28.073412] mempool_slab_oob_right+0xb1/0x100 [ 28.073876] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 28.074538] ? __switch_to+0x5d9/0xf60 [ 28.075019] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 28.075784] ? __pfx_mempool_free_slab+0x10/0x10 [ 28.076183] ? __pfx_read_tsc+0x10/0x10 [ 28.076545] ? ktime_get_ts64+0x86/0x230 [ 28.076972] kunit_try_run_case+0x1b3/0x490 [ 28.077843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.078307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.079121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.079691] ? __kthread_parkme+0x82/0x160 [ 28.080022] ? preempt_count_sub+0x50/0x80 [ 28.080359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.081620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.082086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.082854] kthread+0x257/0x310 [ 28.083372] ? __pfx_kthread+0x10/0x10 [ 28.083988] ret_from_fork+0x41/0x80 [ 28.084326] ? __pfx_kthread+0x10/0x10 [ 28.085166] ret_from_fork_asm+0x1a/0x30 [ 28.085705] </TASK> [ 28.085987] [ 28.086200] Allocated by task 234: [ 28.086534] kasan_save_stack+0x3d/0x60 [ 28.087145] kasan_save_track+0x18/0x40 [ 28.087823] kasan_save_alloc_info+0x3b/0x50 [ 28.088248] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 28.089047] remove_element+0x11e/0x190 [ 28.089344] mempool_alloc_preallocated+0x4d/0x90 [ 28.090135] mempool_oob_right_helper+0x8b/0x380 [ 28.090678] mempool_slab_oob_right+0xb1/0x100 [ 28.091290] kunit_try_run_case+0x1b3/0x490 [ 28.091575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.092045] kthread+0x257/0x310 [ 28.092514] ret_from_fork+0x41/0x80 [ 28.092935] ret_from_fork_asm+0x1a/0x30 [ 28.093391] [ 28.093658] The buggy address belongs to the object at ffff888102a07240 [ 28.093658] which belongs to the cache test_cache of size 123 [ 28.094824] The buggy address is located 0 bytes to the right of [ 28.094824] allocated 123-byte region [ffff888102a07240, ffff888102a072bb) [ 28.095401] [ 28.095599] The buggy address belongs to the physical page: [ 28.096072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 28.096698] flags: 0x200000000000000(node=0|zone=2) [ 28.097072] page_type: f5(slab) [ 28.097326] raw: 0200000000000000 ffff888101e70780 dead000000000122 0000000000000000 [ 28.097988] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 28.098519] page dumped because: kasan: bad access detected [ 28.098923] [ 28.099142] Memory state around the buggy address: [ 28.099613] ffff888102a07180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.100124] ffff888102a07200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 28.100756] >ffff888102a07280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 28.101258] ^ [ 28.101588] ffff888102a07300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.102202] ffff888102a07380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.102729] ================================================================== [ 27.963647] ================================================================== [ 27.964364] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 27.964790] Read of size 1 at addr ffff888102989e73 by task kunit_try_catch/230 [ 27.965155] [ 27.965317] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 27.966969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.967379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.968990] Call Trace: [ 27.969221] <TASK> [ 27.969414] dump_stack_lvl+0x73/0xb0 [ 27.970421] print_report+0xd1/0x640 [ 27.971406] ? __virt_addr_valid+0x1db/0x2d0 [ 27.971996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.972589] kasan_report+0x102/0x140 [ 27.973199] ? mempool_oob_right_helper+0x31a/0x380 [ 27.973536] ? mempool_oob_right_helper+0x31a/0x380 [ 27.973983] __asan_report_load1_noabort+0x18/0x20 [ 27.974580] mempool_oob_right_helper+0x31a/0x380 [ 27.974984] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 27.975450] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.975950] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 27.976694] ? __switch_to+0x5d9/0xf60 [ 27.976965] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.977238] ? __pfx_mempool_kfree+0x10/0x10 [ 27.978656] ? __pfx_read_tsc+0x10/0x10 [ 27.979239] ? ktime_get_ts64+0x86/0x230 [ 27.979833] kunit_try_run_case+0x1b3/0x490 [ 27.980422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.981082] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.981446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.982377] ? __kthread_parkme+0x82/0x160 [ 27.983031] ? preempt_count_sub+0x50/0x80 [ 27.983324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.984449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.984956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.985381] kthread+0x257/0x310 [ 27.986235] ? __pfx_kthread+0x10/0x10 [ 27.986825] ret_from_fork+0x41/0x80 [ 27.987174] ? __pfx_kthread+0x10/0x10 [ 27.987529] ret_from_fork_asm+0x1a/0x30 [ 27.988582] </TASK> [ 27.988924] [ 27.989049] Allocated by task 230: [ 27.989255] kasan_save_stack+0x3d/0x60 [ 27.990086] kasan_save_track+0x18/0x40 [ 27.990609] kasan_save_alloc_info+0x3b/0x50 [ 27.991042] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.991524] remove_element+0x11e/0x190 [ 27.991757] mempool_alloc_preallocated+0x4d/0x90 [ 27.992221] mempool_oob_right_helper+0x8b/0x380 [ 27.992676] mempool_kmalloc_oob_right+0xb6/0x100 [ 27.994134] kunit_try_run_case+0x1b3/0x490 [ 27.994577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.995174] kthread+0x257/0x310 [ 27.995763] ret_from_fork+0x41/0x80 [ 27.996085] ret_from_fork_asm+0x1a/0x30 [ 27.996354] [ 27.996593] The buggy address belongs to the object at ffff888102989e00 [ 27.996593] which belongs to the cache kmalloc-128 of size 128 [ 27.997833] The buggy address is located 0 bytes to the right of [ 27.997833] allocated 115-byte region [ffff888102989e00, ffff888102989e73) [ 27.999566] [ 27.999871] The buggy address belongs to the physical page: [ 28.000181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102989 [ 28.001400] flags: 0x200000000000000(node=0|zone=2) [ 28.002069] page_type: f5(slab) [ 28.002506] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.004031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.004777] page dumped because: kasan: bad access detected [ 28.005073] [ 28.005321] Memory state around the buggy address: [ 28.005776] ffff888102989d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.006300] ffff888102989d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.007020] >ffff888102989e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.007848] ^ [ 28.008320] ffff888102989e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.009745] ffff888102989f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.011333] ================================================================== [ 28.019364] ================================================================== [ 28.020567] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 28.021245] Read of size 1 at addr ffff888102a4e001 by task kunit_try_catch/232 [ 28.021614] [ 28.021842] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 28.022754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.023016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.023853] Call Trace: [ 28.024081] <TASK> [ 28.024365] dump_stack_lvl+0x73/0xb0 [ 28.024905] print_report+0xd1/0x640 [ 28.025277] ? __virt_addr_valid+0x1db/0x2d0 [ 28.025896] ? kasan_addr_to_slab+0x11/0xa0 [ 28.026348] kasan_report+0x102/0x140 [ 28.026892] ? mempool_oob_right_helper+0x31a/0x380 [ 28.027226] ? mempool_oob_right_helper+0x31a/0x380 [ 28.027870] __asan_report_load1_noabort+0x18/0x20 [ 28.028346] mempool_oob_right_helper+0x31a/0x380 [ 28.028874] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 28.029389] ? finish_task_switch.isra.0+0x153/0x700 [ 28.029984] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 28.030376] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 28.031134] ? __switch_to+0x5d9/0xf60 [ 28.031532] ? __pfx_mempool_kmalloc+0x10/0x10 [ 28.032131] ? __pfx_mempool_kfree+0x10/0x10 [ 28.032588] ? __pfx_read_tsc+0x10/0x10 [ 28.033005] ? ktime_get_ts64+0x86/0x230 [ 28.033407] kunit_try_run_case+0x1b3/0x490 [ 28.033999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.034478] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.034878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.035210] ? __kthread_parkme+0x82/0x160 [ 28.035635] ? preempt_count_sub+0x50/0x80 [ 28.036047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.036998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.037583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.038246] kthread+0x257/0x310 [ 28.038756] ? __pfx_kthread+0x10/0x10 [ 28.039174] ret_from_fork+0x41/0x80 [ 28.039559] ? __pfx_kthread+0x10/0x10 [ 28.040041] ret_from_fork_asm+0x1a/0x30 [ 28.040353] </TASK> [ 28.040542] [ 28.040687] The buggy address belongs to the physical page: [ 28.040977] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4c [ 28.041647] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.042616] flags: 0x200000000000040(head|node=0|zone=2) [ 28.043400] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.044260] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.044997] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.045403] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.045980] head: 0200000000000002 ffffea00040a9301 ffffffffffffffff 0000000000000000 [ 28.046972] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 28.047380] page dumped because: kasan: bad access detected [ 28.047858] [ 28.048067] Memory state around the buggy address: [ 28.048661] ffff888102a4df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.049541] ffff888102a4df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.050006] >ffff888102a4e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 28.050710] ^ [ 28.050936] ffff888102a4e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 28.051634] ffff888102a4e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 28.052246] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 27.349185] ================================================================== [ 27.350020] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 27.350966] Read of size 1 at addr ffff88810298f000 by task kunit_try_catch/224 [ 27.351960] [ 27.352298] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 27.353369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.354099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.354656] Call Trace: [ 27.355259] <TASK> [ 27.355527] dump_stack_lvl+0x73/0xb0 [ 27.356205] print_report+0xd1/0x640 [ 27.356488] ? __virt_addr_valid+0x1db/0x2d0 [ 27.356968] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.357575] kasan_report+0x102/0x140 [ 27.358428] ? kmem_cache_double_destroy+0x1bd/0x380 [ 27.359213] ? kmem_cache_double_destroy+0x1bd/0x380 [ 27.359632] ? kmem_cache_double_destroy+0x1bd/0x380 [ 27.360489] __kasan_check_byte+0x3d/0x50 [ 27.361305] kmem_cache_destroy+0x25/0x1d0 [ 27.361989] kmem_cache_double_destroy+0x1bd/0x380 [ 27.362371] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 27.362841] ? finish_task_switch.isra.0+0x153/0x700 [ 27.363409] ? __switch_to+0x5d9/0xf60 [ 27.364009] ? __pfx_empty_cache_ctor+0x10/0x10 [ 27.365172] ? __pfx_read_tsc+0x10/0x10 [ 27.365531] ? ktime_get_ts64+0x86/0x230 [ 27.366089] kunit_try_run_case+0x1b3/0x490 [ 27.366482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.366843] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.367747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.368180] ? __kthread_parkme+0x82/0x160 [ 27.368610] ? preempt_count_sub+0x50/0x80 [ 27.368973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.369803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.370266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.371269] kthread+0x257/0x310 [ 27.371698] ? __pfx_kthread+0x10/0x10 [ 27.372094] ret_from_fork+0x41/0x80 [ 27.372482] ? __pfx_kthread+0x10/0x10 [ 27.372777] ret_from_fork_asm+0x1a/0x30 [ 27.373365] </TASK> [ 27.373851] [ 27.374089] Allocated by task 224: [ 27.374428] kasan_save_stack+0x3d/0x60 [ 27.375322] kasan_save_track+0x18/0x40 [ 27.375793] kasan_save_alloc_info+0x3b/0x50 [ 27.376163] __kasan_slab_alloc+0x91/0xa0 [ 27.376595] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.377098] __kmem_cache_create_args+0x177/0x250 [ 27.377575] kmem_cache_double_destroy+0xd3/0x380 [ 27.377942] kunit_try_run_case+0x1b3/0x490 [ 27.378269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.378762] kthread+0x257/0x310 [ 27.379786] ret_from_fork+0x41/0x80 [ 27.380177] ret_from_fork_asm+0x1a/0x30 [ 27.380544] [ 27.380884] Freed by task 224: [ 27.381204] kasan_save_stack+0x3d/0x60 [ 27.381758] kasan_save_track+0x18/0x40 [ 27.382141] kasan_save_free_info+0x3f/0x60 [ 27.382413] __kasan_slab_free+0x56/0x70 [ 27.383364] kmem_cache_free+0x120/0x420 [ 27.383751] slab_kmem_cache_release+0x2e/0x40 [ 27.384277] kmem_cache_release+0x16/0x20 [ 27.384849] kobject_put+0x181/0x450 [ 27.385200] sysfs_slab_release+0x16/0x20 [ 27.385680] kmem_cache_destroy+0xf0/0x1d0 [ 27.386211] kmem_cache_double_destroy+0x14c/0x380 [ 27.387220] kunit_try_run_case+0x1b3/0x490 [ 27.387711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.388220] kthread+0x257/0x310 [ 27.388851] ret_from_fork+0x41/0x80 [ 27.389138] ret_from_fork_asm+0x1a/0x30 [ 27.389749] [ 27.389977] The buggy address belongs to the object at ffff88810298f000 [ 27.389977] which belongs to the cache kmem_cache of size 208 [ 27.391213] The buggy address is located 0 bytes inside of [ 27.391213] freed 208-byte region [ffff88810298f000, ffff88810298f0d0) [ 27.392008] [ 27.392237] The buggy address belongs to the physical page: [ 27.392711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 27.393556] flags: 0x200000000000000(node=0|zone=2) [ 27.394011] page_type: f5(slab) [ 27.394301] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 27.394871] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 27.395261] page dumped because: kasan: bad access detected [ 27.395543] [ 27.395684] Memory state around the buggy address: [ 27.396097] ffff88810298ef00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 27.396685] ffff88810298ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.398041] >ffff88810298f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.398758] ^ [ 27.399109] ffff88810298f080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 27.399808] ffff88810298f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.400288] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 27.267020] ================================================================== [ 27.267678] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 27.268304] Read of size 1 at addr ffff888102a02000 by task kunit_try_catch/222 [ 27.268915] [ 27.269310] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 27.270797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.271621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.272425] Call Trace: [ 27.272797] <TASK> [ 27.273095] dump_stack_lvl+0x73/0xb0 [ 27.273690] print_report+0xd1/0x640 [ 27.274156] ? __virt_addr_valid+0x1db/0x2d0 [ 27.275110] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.275732] kasan_report+0x102/0x140 [ 27.276018] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 27.276634] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 27.277223] __asan_report_load1_noabort+0x18/0x20 [ 27.278007] kmem_cache_rcu_uaf+0x3e5/0x510 [ 27.278523] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 27.279094] ? finish_task_switch.isra.0+0x153/0x700 [ 27.279583] ? __switch_to+0x5d9/0xf60 [ 27.279957] ? __pfx_read_tsc+0x10/0x10 [ 27.280451] ? ktime_get_ts64+0x86/0x230 [ 27.281171] kunit_try_run_case+0x1b3/0x490 [ 27.281719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.282246] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.282809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.283111] ? __kthread_parkme+0x82/0x160 [ 27.283359] ? preempt_count_sub+0x50/0x80 [ 27.283650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.283975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.284508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.285092] kthread+0x257/0x310 [ 27.285494] ? __pfx_kthread+0x10/0x10 [ 27.285912] ret_from_fork+0x41/0x80 [ 27.286278] ? __pfx_kthread+0x10/0x10 [ 27.286579] ret_from_fork_asm+0x1a/0x30 [ 27.286913] </TASK> [ 27.287197] [ 27.287421] Allocated by task 222: [ 27.287816] kasan_save_stack+0x3d/0x60 [ 27.288216] kasan_save_track+0x18/0x40 [ 27.288644] kasan_save_alloc_info+0x3b/0x50 [ 27.289037] __kasan_slab_alloc+0x91/0xa0 [ 27.290734] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.291264] kmem_cache_rcu_uaf+0x156/0x510 [ 27.291547] kunit_try_run_case+0x1b3/0x490 [ 27.291928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.292436] kthread+0x257/0x310 [ 27.292736] ret_from_fork+0x41/0x80 [ 27.293964] ret_from_fork_asm+0x1a/0x30 [ 27.294433] [ 27.294592] Freed by task 0: [ 27.294914] kasan_save_stack+0x3d/0x60 [ 27.295235] kasan_save_track+0x18/0x40 [ 27.295516] kasan_save_free_info+0x3f/0x60 [ 27.295895] __kasan_slab_free+0x56/0x70 [ 27.296361] slab_free_after_rcu_debug+0xe4/0x310 [ 27.296672] rcu_core+0x680/0x1d70 [ 27.296910] rcu_core_si+0x12/0x20 [ 27.297276] handle_softirqs+0x209/0x720 [ 27.297653] __irq_exit_rcu+0xc9/0x110 [ 27.298035] irq_exit_rcu+0x12/0x20 [ 27.299230] sysvec_apic_timer_interrupt+0x81/0x90 [ 27.299875] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 27.300378] [ 27.300765] Last potentially related work creation: [ 27.301163] kasan_save_stack+0x3d/0x60 [ 27.301418] kasan_record_aux_stack+0xb2/0xc0 [ 27.302448] kmem_cache_free+0x284/0x420 [ 27.302832] kmem_cache_rcu_uaf+0x195/0x510 [ 27.303398] kunit_try_run_case+0x1b3/0x490 [ 27.303990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.304421] kthread+0x257/0x310 [ 27.304865] ret_from_fork+0x41/0x80 [ 27.305276] ret_from_fork_asm+0x1a/0x30 [ 27.306267] [ 27.306527] The buggy address belongs to the object at ffff888102a02000 [ 27.306527] which belongs to the cache test_cache of size 200 [ 27.307282] The buggy address is located 0 bytes inside of [ 27.307282] freed 200-byte region [ffff888102a02000, ffff888102a020c8) [ 27.308494] [ 27.308789] The buggy address belongs to the physical page: [ 27.309279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a02 [ 27.310524] flags: 0x200000000000000(node=0|zone=2) [ 27.311007] page_type: f5(slab) [ 27.311357] raw: 0200000000000000 ffff888101e70500 dead000000000122 0000000000000000 [ 27.311928] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 27.312597] page dumped because: kasan: bad access detected [ 27.313072] [ 27.313279] Memory state around the buggy address: [ 27.313702] ffff888102a01f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.314137] ffff888102a01f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.314698] >ffff888102a02000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.316027] ^ [ 27.316348] ffff888102a02080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 27.316996] ffff888102a02100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.317761] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 27.179889] ================================================================== [ 27.180572] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 27.181254] Free of addr ffff88810298f001 by task kunit_try_catch/220 [ 27.181996] [ 27.182183] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 27.183167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.183454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.184193] Call Trace: [ 27.184413] <TASK> [ 27.184950] dump_stack_lvl+0x73/0xb0 [ 27.185364] print_report+0xd1/0x640 [ 27.186393] ? __virt_addr_valid+0x1db/0x2d0 [ 27.187124] ? kmem_cache_invalid_free+0x1d9/0x470 [ 27.187427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.187759] ? kmem_cache_invalid_free+0x1d9/0x470 [ 27.188362] kasan_report_invalid_free+0xc0/0xf0 [ 27.188842] ? kmem_cache_invalid_free+0x1d9/0x470 [ 27.189516] ? kmem_cache_invalid_free+0x1d9/0x470 [ 27.189825] check_slab_allocation+0x11f/0x130 [ 27.190204] __kasan_slab_pre_free+0x28/0x40 [ 27.190830] kmem_cache_free+0xee/0x420 [ 27.191271] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.191895] ? kmem_cache_invalid_free+0x1d9/0x470 [ 27.192223] kmem_cache_invalid_free+0x1d9/0x470 [ 27.192537] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 27.193181] ? finish_task_switch.isra.0+0x153/0x700 [ 27.193856] ? __switch_to+0x5d9/0xf60 [ 27.194292] ? __pfx_read_tsc+0x10/0x10 [ 27.194869] ? ktime_get_ts64+0x86/0x230 [ 27.195199] kunit_try_run_case+0x1b3/0x490 [ 27.195794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.196206] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.197793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.198172] ? __kthread_parkme+0x82/0x160 [ 27.199020] ? preempt_count_sub+0x50/0x80 [ 27.199371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.200480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.201007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.201750] kthread+0x257/0x310 [ 27.202049] ? __pfx_kthread+0x10/0x10 [ 27.202316] ret_from_fork+0x41/0x80 [ 27.203401] ? __pfx_kthread+0x10/0x10 [ 27.203836] ret_from_fork_asm+0x1a/0x30 [ 27.204233] </TASK> [ 27.204470] [ 27.205314] Allocated by task 220: [ 27.205816] kasan_save_stack+0x3d/0x60 [ 27.206102] kasan_save_track+0x18/0x40 [ 27.206460] kasan_save_alloc_info+0x3b/0x50 [ 27.207558] __kasan_slab_alloc+0x91/0xa0 [ 27.207963] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.208326] kmem_cache_invalid_free+0x158/0x470 [ 27.209300] kunit_try_run_case+0x1b3/0x490 [ 27.209794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.210224] kthread+0x257/0x310 [ 27.211345] ret_from_fork+0x41/0x80 [ 27.211745] ret_from_fork_asm+0x1a/0x30 [ 27.212140] [ 27.212803] The buggy address belongs to the object at ffff88810298f000 [ 27.212803] which belongs to the cache test_cache of size 200 [ 27.213850] The buggy address is located 1 bytes inside of [ 27.213850] 200-byte region [ffff88810298f000, ffff88810298f0c8) [ 27.215145] [ 27.215555] The buggy address belongs to the physical page: [ 27.216152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 27.217416] flags: 0x200000000000000(node=0|zone=2) [ 27.217815] page_type: f5(slab) [ 27.218517] raw: 0200000000000000 ffff88810155cdc0 dead000000000122 0000000000000000 [ 27.219217] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 27.220269] page dumped because: kasan: bad access detected [ 27.220982] [ 27.221202] Memory state around the buggy address: [ 27.221985] ffff88810298ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.222451] ffff88810298ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.223097] >ffff88810298f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.223784] ^ [ 27.224021] ffff88810298f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 27.225277] ffff88810298f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.226113] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 27.109326] ================================================================== [ 27.110447] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 27.112243] Free of addr ffff88810298d000 by task kunit_try_catch/218 [ 27.112735] [ 27.112919] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 27.114289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.114605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.115782] Call Trace: [ 27.116248] <TASK> [ 27.116441] dump_stack_lvl+0x73/0xb0 [ 27.117473] print_report+0xd1/0x640 [ 27.117952] ? __virt_addr_valid+0x1db/0x2d0 [ 27.118732] ? kmem_cache_double_free+0x1e6/0x490 [ 27.119233] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.120000] ? kmem_cache_double_free+0x1e6/0x490 [ 27.120843] kasan_report_invalid_free+0xc0/0xf0 [ 27.121303] ? kmem_cache_double_free+0x1e6/0x490 [ 27.122102] ? kmem_cache_double_free+0x1e6/0x490 [ 27.122683] check_slab_allocation+0x101/0x130 [ 27.123353] __kasan_slab_pre_free+0x28/0x40 [ 27.123879] kmem_cache_free+0xee/0x420 [ 27.124220] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.124747] ? kmem_cache_double_free+0x1e6/0x490 [ 27.125046] kmem_cache_double_free+0x1e6/0x490 [ 27.126164] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 27.126939] ? finish_task_switch.isra.0+0x153/0x700 [ 27.127364] ? __switch_to+0x5d9/0xf60 [ 27.128532] ? __pfx_read_tsc+0x10/0x10 [ 27.129121] ? ktime_get_ts64+0x86/0x230 [ 27.129409] kunit_try_run_case+0x1b3/0x490 [ 27.130050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.130829] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.131583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.132177] ? __kthread_parkme+0x82/0x160 [ 27.133127] ? preempt_count_sub+0x50/0x80 [ 27.133500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.134344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.135562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.136025] kthread+0x257/0x310 [ 27.136431] ? __pfx_kthread+0x10/0x10 [ 27.136810] ret_from_fork+0x41/0x80 [ 27.137330] ? __pfx_kthread+0x10/0x10 [ 27.137732] ret_from_fork_asm+0x1a/0x30 [ 27.138220] </TASK> [ 27.139126] [ 27.139420] Allocated by task 218: [ 27.140039] kasan_save_stack+0x3d/0x60 [ 27.140976] kasan_save_track+0x18/0x40 [ 27.141378] kasan_save_alloc_info+0x3b/0x50 [ 27.141779] __kasan_slab_alloc+0x91/0xa0 [ 27.142345] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.142630] kmem_cache_double_free+0x150/0x490 [ 27.143359] kunit_try_run_case+0x1b3/0x490 [ 27.143856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.144798] kthread+0x257/0x310 [ 27.145215] ret_from_fork+0x41/0x80 [ 27.145740] ret_from_fork_asm+0x1a/0x30 [ 27.146104] [ 27.146296] Freed by task 218: [ 27.146583] kasan_save_stack+0x3d/0x60 [ 27.146843] kasan_save_track+0x18/0x40 [ 27.147247] kasan_save_free_info+0x3f/0x60 [ 27.148122] __kasan_slab_free+0x56/0x70 [ 27.148682] kmem_cache_free+0x120/0x420 [ 27.148932] kmem_cache_double_free+0x16b/0x490 [ 27.150394] kunit_try_run_case+0x1b3/0x490 [ 27.151021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.152380] kthread+0x257/0x310 [ 27.152697] ret_from_fork+0x41/0x80 [ 27.152941] ret_from_fork_asm+0x1a/0x30 [ 27.154092] [ 27.154246] The buggy address belongs to the object at ffff88810298d000 [ 27.154246] which belongs to the cache test_cache of size 200 [ 27.154982] The buggy address is located 0 bytes inside of [ 27.154982] 200-byte region [ffff88810298d000, ffff88810298d0c8) [ 27.156181] [ 27.157385] The buggy address belongs to the physical page: [ 27.157862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298d [ 27.158891] flags: 0x200000000000000(node=0|zone=2) [ 27.159187] page_type: f5(slab) [ 27.160333] raw: 0200000000000000 ffff88810155cc80 dead000000000122 0000000000000000 [ 27.161028] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 27.161656] page dumped because: kasan: bad access detected [ 27.162098] [ 27.162293] Memory state around the buggy address: [ 27.162784] ffff88810298cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.163423] ffff88810298cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.164019] >ffff88810298d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.164534] ^ [ 27.164749] ffff88810298d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 27.165632] ffff88810298d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.166869] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 27.037171] ================================================================== [ 27.038237] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 27.039270] Read of size 1 at addr ffff888102a170c8 by task kunit_try_catch/216 [ 27.040168] [ 27.040420] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 27.042222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.042714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.043545] Call Trace: [ 27.043950] <TASK> [ 27.044315] dump_stack_lvl+0x73/0xb0 [ 27.044901] print_report+0xd1/0x640 [ 27.045394] ? __virt_addr_valid+0x1db/0x2d0 [ 27.045869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.046615] kasan_report+0x102/0x140 [ 27.046839] ? kmem_cache_oob+0x404/0x530 [ 27.047089] ? kmem_cache_oob+0x404/0x530 [ 27.047652] __asan_report_load1_noabort+0x18/0x20 [ 27.048219] kmem_cache_oob+0x404/0x530 [ 27.048788] ? trace_hardirqs_on+0x37/0xe0 [ 27.049294] ? __pfx_kmem_cache_oob+0x10/0x10 [ 27.050017] ? finish_task_switch.isra.0+0x153/0x700 [ 27.050806] ? __switch_to+0x5d9/0xf60 [ 27.051407] ? __pfx_read_tsc+0x10/0x10 [ 27.051857] ? ktime_get_ts64+0x86/0x230 [ 27.052347] kunit_try_run_case+0x1b3/0x490 [ 27.053266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.053943] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.054347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.055928] ? __kthread_parkme+0x82/0x160 [ 27.056465] ? preempt_count_sub+0x50/0x80 [ 27.057123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.057923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.058404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.058842] kthread+0x257/0x310 [ 27.059643] ? __pfx_kthread+0x10/0x10 [ 27.060008] ret_from_fork+0x41/0x80 [ 27.061046] ? __pfx_kthread+0x10/0x10 [ 27.061421] ret_from_fork_asm+0x1a/0x30 [ 27.062302] </TASK> [ 27.062781] [ 27.063185] Allocated by task 216: [ 27.063387] kasan_save_stack+0x3d/0x60 [ 27.064391] kasan_save_track+0x18/0x40 [ 27.065091] kasan_save_alloc_info+0x3b/0x50 [ 27.065646] __kasan_slab_alloc+0x91/0xa0 [ 27.066391] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 27.066901] kmem_cache_oob+0x158/0x530 [ 27.067290] kunit_try_run_case+0x1b3/0x490 [ 27.068338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.068667] kthread+0x257/0x310 [ 27.068976] ret_from_fork+0x41/0x80 [ 27.069773] ret_from_fork_asm+0x1a/0x30 [ 27.070478] [ 27.070689] The buggy address belongs to the object at ffff888102a17000 [ 27.070689] which belongs to the cache test_cache of size 200 [ 27.072147] The buggy address is located 0 bytes to the right of [ 27.072147] allocated 200-byte region [ffff888102a17000, ffff888102a170c8) [ 27.073572] [ 27.074318] The buggy address belongs to the physical page: [ 27.074626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a17 [ 27.075483] flags: 0x200000000000000(node=0|zone=2) [ 27.076175] page_type: f5(slab) [ 27.076727] raw: 0200000000000000 ffff888101e703c0 dead000000000122 0000000000000000 [ 27.077269] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 27.078134] page dumped because: kasan: bad access detected [ 27.078429] [ 27.078589] Memory state around the buggy address: [ 27.079282] ffff888102a16f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.080295] ffff888102a17000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.080993] >ffff888102a17080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 27.082099] ^ [ 27.082649] ffff888102a17100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.083532] ffff888102a17180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.084243] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 26.963454] ================================================================== [ 26.964251] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 26.965179] Read of size 8 at addr ffff888102984e00 by task kunit_try_catch/209 [ 26.965944] [ 26.966280] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.967511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.968246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.969279] Call Trace: [ 26.969925] <TASK> [ 26.970198] dump_stack_lvl+0x73/0xb0 [ 26.970661] print_report+0xd1/0x640 [ 26.971157] ? __virt_addr_valid+0x1db/0x2d0 [ 26.971582] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.972581] kasan_report+0x102/0x140 [ 26.973146] ? workqueue_uaf+0x4d8/0x560 [ 26.973643] ? workqueue_uaf+0x4d8/0x560 [ 26.974322] __asan_report_load8_noabort+0x18/0x20 [ 26.974976] workqueue_uaf+0x4d8/0x560 [ 26.975665] ? __pfx_workqueue_uaf+0x10/0x10 [ 26.976533] ? __schedule+0xc3e/0x2790 [ 26.977158] ? __pfx_read_tsc+0x10/0x10 [ 26.977769] ? ktime_get_ts64+0x86/0x230 [ 26.978619] kunit_try_run_case+0x1b3/0x490 [ 26.979190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.979952] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.980234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.980930] ? __kthread_parkme+0x82/0x160 [ 26.981360] ? preempt_count_sub+0x50/0x80 [ 26.982222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.983155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.983911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.984319] kthread+0x257/0x310 [ 26.985301] ? __pfx_kthread+0x10/0x10 [ 26.985640] ret_from_fork+0x41/0x80 [ 26.986027] ? __pfx_kthread+0x10/0x10 [ 26.986387] ret_from_fork_asm+0x1a/0x30 [ 26.987355] </TASK> [ 26.987607] [ 26.988176] Allocated by task 209: [ 26.988462] kasan_save_stack+0x3d/0x60 [ 26.988882] kasan_save_track+0x18/0x40 [ 26.989308] kasan_save_alloc_info+0x3b/0x50 [ 26.989797] __kasan_kmalloc+0xb7/0xc0 [ 26.990043] __kmalloc_cache_noprof+0x184/0x410 [ 26.991079] workqueue_uaf+0x153/0x560 [ 26.991486] kunit_try_run_case+0x1b3/0x490 [ 26.991862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.992271] kthread+0x257/0x310 [ 26.992635] ret_from_fork+0x41/0x80 [ 26.993010] ret_from_fork_asm+0x1a/0x30 [ 26.993942] [ 26.994167] Freed by task 8: [ 26.994476] kasan_save_stack+0x3d/0x60 [ 26.994959] kasan_save_track+0x18/0x40 [ 26.995389] kasan_save_free_info+0x3f/0x60 [ 26.995996] __kasan_slab_free+0x56/0x70 [ 26.996347] kfree+0x123/0x3f0 [ 26.996718] workqueue_uaf_work+0x12/0x20 [ 26.997701] process_one_work+0x5ee/0xf60 [ 26.998277] worker_thread+0x720/0x1300 [ 26.998609] kthread+0x257/0x310 [ 26.999131] ret_from_fork+0x41/0x80 [ 26.999511] ret_from_fork_asm+0x1a/0x30 [ 27.000121] [ 27.000335] Last potentially related work creation: [ 27.000908] kasan_save_stack+0x3d/0x60 [ 27.001274] kasan_record_aux_stack+0xb2/0xc0 [ 27.001788] __queue_work+0x626/0xe60 [ 27.002660] queue_work_on+0x74/0xa0 [ 27.003069] workqueue_uaf+0x26e/0x560 [ 27.003406] kunit_try_run_case+0x1b3/0x490 [ 27.003843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.004494] kthread+0x257/0x310 [ 27.004954] ret_from_fork+0x41/0x80 [ 27.005247] ret_from_fork_asm+0x1a/0x30 [ 27.005811] [ 27.006019] The buggy address belongs to the object at ffff888102984e00 [ 27.006019] which belongs to the cache kmalloc-32 of size 32 [ 27.007077] The buggy address is located 0 bytes inside of [ 27.007077] freed 32-byte region [ffff888102984e00, ffff888102984e20) [ 27.008453] [ 27.008699] The buggy address belongs to the physical page: [ 27.009362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102984 [ 27.010112] flags: 0x200000000000000(node=0|zone=2) [ 27.010716] page_type: f5(slab) [ 27.011088] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.011654] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.012292] page dumped because: kasan: bad access detected [ 27.013273] [ 27.013415] Memory state around the buggy address: [ 27.013860] ffff888102984d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.014464] ffff888102984d80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.014907] >ffff888102984e00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 27.015883] ^ [ 27.016230] ffff888102984e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.016779] ffff888102984f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.017409] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 26.886918] ================================================================== [ 26.887687] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 26.888592] Read of size 4 at addr ffff888102984d40 by task swapper/0/0 [ 26.889567] [ 26.889813] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.891116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.892106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.892964] Call Trace: [ 26.893249] <IRQ> [ 26.893458] dump_stack_lvl+0x73/0xb0 [ 26.894281] print_report+0xd1/0x640 [ 26.895118] ? __virt_addr_valid+0x1db/0x2d0 [ 26.895700] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.896208] kasan_report+0x102/0x140 [ 26.896594] ? rcu_uaf_reclaim+0x50/0x60 [ 26.897201] ? rcu_uaf_reclaim+0x50/0x60 [ 26.897847] __asan_report_load4_noabort+0x18/0x20 [ 26.898324] rcu_uaf_reclaim+0x50/0x60 [ 26.898938] rcu_core+0x680/0x1d70 [ 26.899331] ? __pfx_rcu_core+0x10/0x10 [ 26.899883] rcu_core_si+0x12/0x20 [ 26.900129] handle_softirqs+0x209/0x720 [ 26.900367] ? hrtimer_interrupt+0x2fe/0x780 [ 26.900751] ? __pfx_handle_softirqs+0x10/0x10 [ 26.901241] __irq_exit_rcu+0xc9/0x110 [ 26.901572] irq_exit_rcu+0x12/0x20 [ 26.902004] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.902561] </IRQ> [ 26.903006] <TASK> [ 26.903320] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.903976] RIP: 0010:default_idle+0xf/0x20 [ 26.905318] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 99 35 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 26.906910] RSP: 0000:ffffffffb1e07df0 EFLAGS: 00010216 [ 26.907653] RAX: ffff88815b000000 RBX: ffffffffb1e1a680 RCX: ffffffffb0b01165 [ 26.908297] RDX: ffffed102b606b23 RSI: 0000000000000004 RDI: 000000000001da0c [ 26.908829] RBP: ffffffffb1e07df8 R08: 0000000000000001 R09: ffffed102b606b22 [ 26.909542] R10: ffff88815b035913 R11: 0000000000000000 R12: 0000000000000000 [ 26.910021] R13: fffffbfff63c34d0 R14: ffffffffb2974110 R15: 0000000000000000 [ 26.911243] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 26.911867] ? arch_cpu_idle+0xd/0x20 [ 26.912230] default_idle_call+0x48/0x80 [ 26.912608] do_idle+0x310/0x3c0 [ 26.913332] ? __pfx_do_idle+0x10/0x10 [ 26.913948] ? rest_init+0x10b/0x140 [ 26.914347] cpu_startup_entry+0x5c/0x70 [ 26.914929] rest_init+0x11a/0x140 [ 26.915344] ? acpi_subsystem_init+0x5d/0x150 [ 26.915952] start_kernel+0x320/0x400 [ 26.916484] x86_64_start_reservations+0x1c/0x30 [ 26.916882] x86_64_start_kernel+0xcf/0xe0 [ 26.917294] common_startup_64+0x12c/0x138 [ 26.917747] </TASK> [ 26.918014] [ 26.918921] Allocated by task 207: [ 26.919324] kasan_save_stack+0x3d/0x60 [ 26.919882] kasan_save_track+0x18/0x40 [ 26.920290] kasan_save_alloc_info+0x3b/0x50 [ 26.920951] __kasan_kmalloc+0xb7/0xc0 [ 26.921297] __kmalloc_cache_noprof+0x184/0x410 [ 26.921866] rcu_uaf+0xb1/0x330 [ 26.922874] kunit_try_run_case+0x1b3/0x490 [ 26.923351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.923915] kthread+0x257/0x310 [ 26.924264] ret_from_fork+0x41/0x80 [ 26.924935] ret_from_fork_asm+0x1a/0x30 [ 26.925359] [ 26.925555] Freed by task 0: [ 26.926125] kasan_save_stack+0x3d/0x60 [ 26.927074] kasan_save_track+0x18/0x40 [ 26.927538] kasan_save_free_info+0x3f/0x60 [ 26.928085] __kasan_slab_free+0x56/0x70 [ 26.928544] kfree+0x123/0x3f0 [ 26.929122] rcu_uaf_reclaim+0x1f/0x60 [ 26.929513] rcu_core+0x680/0x1d70 [ 26.930177] rcu_core_si+0x12/0x20 [ 26.930509] handle_softirqs+0x209/0x720 [ 26.931512] __irq_exit_rcu+0xc9/0x110 [ 26.931910] irq_exit_rcu+0x12/0x20 [ 26.932301] sysvec_apic_timer_interrupt+0x81/0x90 [ 26.932792] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 26.933293] [ 26.933518] Last potentially related work creation: [ 26.934322] kasan_save_stack+0x3d/0x60 [ 26.934676] kasan_record_aux_stack+0xb2/0xc0 [ 26.935042] __call_rcu_common.constprop.0+0x72/0xaa0 [ 26.935984] call_rcu+0x12/0x20 [ 26.936384] rcu_uaf+0x169/0x330 [ 26.936632] kunit_try_run_case+0x1b3/0x490 [ 26.936901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.937356] kthread+0x257/0x310 [ 26.937805] ret_from_fork+0x41/0x80 [ 26.938635] ret_from_fork_asm+0x1a/0x30 [ 26.939551] [ 26.939863] The buggy address belongs to the object at ffff888102984d40 [ 26.939863] which belongs to the cache kmalloc-32 of size 32 [ 26.941007] The buggy address is located 0 bytes inside of [ 26.941007] freed 32-byte region [ffff888102984d40, ffff888102984d60) [ 26.942373] [ 26.942559] The buggy address belongs to the physical page: [ 26.943141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102984 [ 26.943496] flags: 0x200000000000000(node=0|zone=2) [ 26.944767] page_type: f5(slab) [ 26.945329] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.946131] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.947013] page dumped because: kasan: bad access detected [ 26.947544] [ 26.947807] Memory state around the buggy address: [ 26.948369] ffff888102984c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.949241] ffff888102984c80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 26.949985] >ffff888102984d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.951150] ^ [ 26.951638] ffff888102984d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.952704] ffff888102984e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.953414] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 26.793433] ================================================================== [ 26.794273] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 26.794933] Read of size 1 at addr ffff888102a15400 by task kunit_try_catch/205 [ 26.795507] [ 26.795735] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.796510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.796828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.797606] Call Trace: [ 26.797902] <TASK> [ 26.798179] dump_stack_lvl+0x73/0xb0 [ 26.798651] print_report+0xd1/0x640 [ 26.799035] ? __virt_addr_valid+0x1db/0x2d0 [ 26.799522] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.800070] kasan_report+0x102/0x140 [ 26.800478] ? ksize_uaf+0x600/0x6c0 [ 26.800872] ? ksize_uaf+0x600/0x6c0 [ 26.801344] __asan_report_load1_noabort+0x18/0x20 [ 26.801829] ksize_uaf+0x600/0x6c0 [ 26.802219] ? __pfx_ksize_uaf+0x10/0x10 [ 26.802693] ? __pfx_ksize_uaf+0x10/0x10 [ 26.803125] kunit_try_run_case+0x1b3/0x490 [ 26.803413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.803934] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.804490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.805072] ? __kthread_parkme+0x82/0x160 [ 26.805516] ? preempt_count_sub+0x50/0x80 [ 26.805869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.806249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.806848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.807377] kthread+0x257/0x310 [ 26.807781] ? __pfx_kthread+0x10/0x10 [ 26.808180] ret_from_fork+0x41/0x80 [ 26.808615] ? __pfx_kthread+0x10/0x10 [ 26.809066] ret_from_fork_asm+0x1a/0x30 [ 26.809544] </TASK> [ 26.809778] [ 26.809972] Allocated by task 205: [ 26.810309] kasan_save_stack+0x3d/0x60 [ 26.810748] kasan_save_track+0x18/0x40 [ 26.811102] kasan_save_alloc_info+0x3b/0x50 [ 26.811586] __kasan_kmalloc+0xb7/0xc0 [ 26.811963] __kmalloc_cache_noprof+0x184/0x410 [ 26.812358] ksize_uaf+0xab/0x6c0 [ 26.812747] kunit_try_run_case+0x1b3/0x490 [ 26.813196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.813728] kthread+0x257/0x310 [ 26.814103] ret_from_fork+0x41/0x80 [ 26.814936] ret_from_fork_asm+0x1a/0x30 [ 26.815352] [ 26.815609] Freed by task 205: [ 26.815926] kasan_save_stack+0x3d/0x60 [ 26.816209] kasan_save_track+0x18/0x40 [ 26.816546] kasan_save_free_info+0x3f/0x60 [ 26.816995] __kasan_slab_free+0x56/0x70 [ 26.817465] kfree+0x123/0x3f0 [ 26.817816] ksize_uaf+0x12d/0x6c0 [ 26.818216] kunit_try_run_case+0x1b3/0x490 [ 26.818662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.819157] kthread+0x257/0x310 [ 26.819495] ret_from_fork+0x41/0x80 [ 26.819831] ret_from_fork_asm+0x1a/0x30 [ 26.820208] [ 26.820426] The buggy address belongs to the object at ffff888102a15400 [ 26.820426] which belongs to the cache kmalloc-128 of size 128 [ 26.821470] The buggy address is located 0 bytes inside of [ 26.821470] freed 128-byte region [ffff888102a15400, ffff888102a15480) [ 26.822383] [ 26.822578] The buggy address belongs to the physical page: [ 26.822863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a15 [ 26.823468] flags: 0x200000000000000(node=0|zone=2) [ 26.823957] page_type: f5(slab) [ 26.824349] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.825127] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.825610] page dumped because: kasan: bad access detected [ 26.825963] [ 26.826198] Memory state around the buggy address: [ 26.826672] ffff888102a15300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.827291] ffff888102a15380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.827951] >ffff888102a15400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.828641] ^ [ 26.828975] ffff888102a15480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.829559] ffff888102a15500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.829995] ================================================================== [ 26.831754] ================================================================== [ 26.832364] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 26.832734] Read of size 1 at addr ffff888102a15478 by task kunit_try_catch/205 [ 26.834426] [ 26.834975] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.836023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.836466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.837529] Call Trace: [ 26.838662] <TASK> [ 26.838955] dump_stack_lvl+0x73/0xb0 [ 26.839381] print_report+0xd1/0x640 [ 26.839794] ? __virt_addr_valid+0x1db/0x2d0 [ 26.840189] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.840580] kasan_report+0x102/0x140 [ 26.840836] ? ksize_uaf+0x5e6/0x6c0 [ 26.841100] ? ksize_uaf+0x5e6/0x6c0 [ 26.841561] __asan_report_load1_noabort+0x18/0x20 [ 26.842109] ksize_uaf+0x5e6/0x6c0 [ 26.842535] ? __pfx_ksize_uaf+0x10/0x10 [ 26.842982] ? __pfx_ksize_uaf+0x10/0x10 [ 26.843476] kunit_try_run_case+0x1b3/0x490 [ 26.843922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.844473] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.844997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.846030] ? __kthread_parkme+0x82/0x160 [ 26.846738] ? preempt_count_sub+0x50/0x80 [ 26.847018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.847324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.847702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.848021] kthread+0x257/0x310 [ 26.848393] ? __pfx_kthread+0x10/0x10 [ 26.848899] ret_from_fork+0x41/0x80 [ 26.849361] ? __pfx_kthread+0x10/0x10 [ 26.849835] ret_from_fork_asm+0x1a/0x30 [ 26.850332] </TASK> [ 26.850635] [ 26.850871] Allocated by task 205: [ 26.851207] kasan_save_stack+0x3d/0x60 [ 26.851673] kasan_save_track+0x18/0x40 [ 26.852075] kasan_save_alloc_info+0x3b/0x50 [ 26.852584] __kasan_kmalloc+0xb7/0xc0 [ 26.852962] __kmalloc_cache_noprof+0x184/0x410 [ 26.853491] ksize_uaf+0xab/0x6c0 [ 26.853855] kunit_try_run_case+0x1b3/0x490 [ 26.854327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.854823] kthread+0x257/0x310 [ 26.855097] ret_from_fork+0x41/0x80 [ 26.855550] ret_from_fork_asm+0x1a/0x30 [ 26.855976] [ 26.856204] Freed by task 205: [ 26.856579] kasan_save_stack+0x3d/0x60 [ 26.856973] kasan_save_track+0x18/0x40 [ 26.857401] kasan_save_free_info+0x3f/0x60 [ 26.857817] __kasan_slab_free+0x56/0x70 [ 26.858172] kfree+0x123/0x3f0 [ 26.858542] ksize_uaf+0x12d/0x6c0 [ 26.858906] kunit_try_run_case+0x1b3/0x490 [ 26.859368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.859753] kthread+0x257/0x310 [ 26.859980] ret_from_fork+0x41/0x80 [ 26.860390] ret_from_fork_asm+0x1a/0x30 [ 26.860885] [ 26.861129] The buggy address belongs to the object at ffff888102a15400 [ 26.861129] which belongs to the cache kmalloc-128 of size 128 [ 26.862003] The buggy address is located 120 bytes inside of [ 26.862003] freed 128-byte region [ffff888102a15400, ffff888102a15480) [ 26.862606] [ 26.862753] The buggy address belongs to the physical page: [ 26.863263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a15 [ 26.863989] flags: 0x200000000000000(node=0|zone=2) [ 26.864540] page_type: f5(slab) [ 26.864969] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.865690] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.866336] page dumped because: kasan: bad access detected [ 26.866689] [ 26.866833] Memory state around the buggy address: [ 26.867134] ffff888102a15300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.867814] ffff888102a15380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.868471] >ffff888102a15400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.869111] ^ [ 26.869594] ffff888102a15480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.870103] ffff888102a15500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.870648] ================================================================== [ 26.752092] ================================================================== [ 26.752941] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 26.753532] Read of size 1 at addr ffff888102a15400 by task kunit_try_catch/205 [ 26.754826] [ 26.755072] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.755574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.755956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.757255] Call Trace: [ 26.757504] <TASK> [ 26.757789] dump_stack_lvl+0x73/0xb0 [ 26.758175] print_report+0xd1/0x640 [ 26.758555] ? __virt_addr_valid+0x1db/0x2d0 [ 26.759405] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.759879] kasan_report+0x102/0x140 [ 26.760191] ? ksize_uaf+0x19e/0x6c0 [ 26.760668] ? ksize_uaf+0x19e/0x6c0 [ 26.761475] ? ksize_uaf+0x19e/0x6c0 [ 26.761889] __kasan_check_byte+0x3d/0x50 [ 26.762186] ksize+0x20/0x60 [ 26.762598] ksize_uaf+0x19e/0x6c0 [ 26.763106] ? __pfx_ksize_uaf+0x10/0x10 [ 26.763631] ? __pfx_ksize_uaf+0x10/0x10 [ 26.764159] kunit_try_run_case+0x1b3/0x490 [ 26.764730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.765168] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.765598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.766101] ? __kthread_parkme+0x82/0x160 [ 26.766617] ? preempt_count_sub+0x50/0x80 [ 26.767110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.767635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.768008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.768562] kthread+0x257/0x310 [ 26.768899] ? __pfx_kthread+0x10/0x10 [ 26.769181] ret_from_fork+0x41/0x80 [ 26.769609] ? __pfx_kthread+0x10/0x10 [ 26.769990] ret_from_fork_asm+0x1a/0x30 [ 26.770422] </TASK> [ 26.770713] [ 26.770858] Allocated by task 205: [ 26.771218] kasan_save_stack+0x3d/0x60 [ 26.771648] kasan_save_track+0x18/0x40 [ 26.771984] kasan_save_alloc_info+0x3b/0x50 [ 26.772274] __kasan_kmalloc+0xb7/0xc0 [ 26.772628] __kmalloc_cache_noprof+0x184/0x410 [ 26.773089] ksize_uaf+0xab/0x6c0 [ 26.773465] kunit_try_run_case+0x1b3/0x490 [ 26.773885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.774388] kthread+0x257/0x310 [ 26.774775] ret_from_fork+0x41/0x80 [ 26.775027] ret_from_fork_asm+0x1a/0x30 [ 26.775305] [ 26.775565] Freed by task 205: [ 26.775868] kasan_save_stack+0x3d/0x60 [ 26.776272] kasan_save_track+0x18/0x40 [ 26.776706] kasan_save_free_info+0x3f/0x60 [ 26.777130] __kasan_slab_free+0x56/0x70 [ 26.777476] kfree+0x123/0x3f0 [ 26.777713] ksize_uaf+0x12d/0x6c0 [ 26.777941] kunit_try_run_case+0x1b3/0x490 [ 26.778366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.778882] kthread+0x257/0x310 [ 26.779236] ret_from_fork+0x41/0x80 [ 26.779640] ret_from_fork_asm+0x1a/0x30 [ 26.780022] [ 26.780245] The buggy address belongs to the object at ffff888102a15400 [ 26.780245] which belongs to the cache kmalloc-128 of size 128 [ 26.780941] The buggy address is located 0 bytes inside of [ 26.780941] freed 128-byte region [ffff888102a15400, ffff888102a15480) [ 26.781885] [ 26.782100] The buggy address belongs to the physical page: [ 26.782402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a15 [ 26.783084] flags: 0x200000000000000(node=0|zone=2) [ 26.784228] page_type: f5(slab) [ 26.785356] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.786038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.786631] page dumped because: kasan: bad access detected [ 26.787242] [ 26.787451] Memory state around the buggy address: [ 26.787941] ffff888102a15300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.788416] ffff888102a15380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.789050] >ffff888102a15400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.789570] ^ [ 26.789913] ffff888102a15480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.790521] ffff888102a15500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.791150] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 26.625117] ================================================================== [ 26.626361] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 26.626984] Read of size 1 at addr ffff888102a15373 by task kunit_try_catch/203 [ 26.627488] [ 26.627678] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.628222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.628596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.630074] Call Trace: [ 26.630357] <TASK> [ 26.631290] dump_stack_lvl+0x73/0xb0 [ 26.631642] print_report+0xd1/0x640 [ 26.632047] ? __virt_addr_valid+0x1db/0x2d0 [ 26.632952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.633947] kasan_report+0x102/0x140 [ 26.634649] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 26.635762] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 26.636189] __asan_report_load1_noabort+0x18/0x20 [ 26.636996] ksize_unpoisons_memory+0x81e/0x9b0 [ 26.637436] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.638236] ? finish_task_switch.isra.0+0x153/0x700 [ 26.638687] ? __switch_to+0x5d9/0xf60 [ 26.639354] ? __schedule+0xc3e/0x2790 [ 26.640309] ? __pfx_read_tsc+0x10/0x10 [ 26.640846] ? ktime_get_ts64+0x86/0x230 [ 26.641256] kunit_try_run_case+0x1b3/0x490 [ 26.642116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.642688] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.643133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.644284] ? __kthread_parkme+0x82/0x160 [ 26.645090] ? preempt_count_sub+0x50/0x80 [ 26.645436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.646282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.647043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.648145] kthread+0x257/0x310 [ 26.648958] ? __pfx_kthread+0x10/0x10 [ 26.649167] ret_from_fork+0x41/0x80 [ 26.649387] ? __pfx_kthread+0x10/0x10 [ 26.650111] ret_from_fork_asm+0x1a/0x30 [ 26.650681] </TASK> [ 26.651191] [ 26.651351] Allocated by task 203: [ 26.651561] kasan_save_stack+0x3d/0x60 [ 26.651953] kasan_save_track+0x18/0x40 [ 26.652326] kasan_save_alloc_info+0x3b/0x50 [ 26.652873] __kasan_kmalloc+0xb7/0xc0 [ 26.653278] __kmalloc_cache_noprof+0x184/0x410 [ 26.653833] ksize_unpoisons_memory+0xc8/0x9b0 [ 26.654771] kunit_try_run_case+0x1b3/0x490 [ 26.655289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.656016] kthread+0x257/0x310 [ 26.656226] ret_from_fork+0x41/0x80 [ 26.656500] ret_from_fork_asm+0x1a/0x30 [ 26.657165] [ 26.657396] The buggy address belongs to the object at ffff888102a15300 [ 26.657396] which belongs to the cache kmalloc-128 of size 128 [ 26.658544] The buggy address is located 0 bytes to the right of [ 26.658544] allocated 115-byte region [ffff888102a15300, ffff888102a15373) [ 26.659587] [ 26.660075] The buggy address belongs to the physical page: [ 26.660567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a15 [ 26.661842] flags: 0x200000000000000(node=0|zone=2) [ 26.662331] page_type: f5(slab) [ 26.662698] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.663338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.664352] page dumped because: kasan: bad access detected [ 26.664705] [ 26.664915] Memory state around the buggy address: [ 26.665389] ffff888102a15200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 26.665797] ffff888102a15280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.666796] >ffff888102a15300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.667242] ^ [ 26.668538] ffff888102a15380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.669136] ffff888102a15400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.669886] ================================================================== [ 26.707862] ================================================================== [ 26.708561] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.710096] Read of size 1 at addr ffff888102a1537f by task kunit_try_catch/203 [ 26.711029] [ 26.711294] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.711930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.712240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.712837] Call Trace: [ 26.713153] <TASK> [ 26.713413] dump_stack_lvl+0x73/0xb0 [ 26.713881] print_report+0xd1/0x640 [ 26.714290] ? __virt_addr_valid+0x1db/0x2d0 [ 26.714880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.715417] kasan_report+0x102/0x140 [ 26.715885] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.716396] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.716950] __asan_report_load1_noabort+0x18/0x20 [ 26.717501] ksize_unpoisons_memory+0x7b8/0x9b0 [ 26.717964] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.718498] ? finish_task_switch.isra.0+0x153/0x700 [ 26.718963] ? __switch_to+0x5d9/0xf60 [ 26.719377] ? __schedule+0xc3e/0x2790 [ 26.719732] ? __pfx_read_tsc+0x10/0x10 [ 26.720150] ? ktime_get_ts64+0x86/0x230 [ 26.720642] kunit_try_run_case+0x1b3/0x490 [ 26.721012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.721554] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.721975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.722533] ? __kthread_parkme+0x82/0x160 [ 26.722975] ? preempt_count_sub+0x50/0x80 [ 26.723278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.723825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.724248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.724790] kthread+0x257/0x310 [ 26.725130] ? __pfx_kthread+0x10/0x10 [ 26.725580] ret_from_fork+0x41/0x80 [ 26.725969] ? __pfx_kthread+0x10/0x10 [ 26.726376] ret_from_fork_asm+0x1a/0x30 [ 26.726845] </TASK> [ 26.727123] [ 26.727320] Allocated by task 203: [ 26.727732] kasan_save_stack+0x3d/0x60 [ 26.728146] kasan_save_track+0x18/0x40 [ 26.728584] kasan_save_alloc_info+0x3b/0x50 [ 26.729048] __kasan_kmalloc+0xb7/0xc0 [ 26.729321] __kmalloc_cache_noprof+0x184/0x410 [ 26.729807] ksize_unpoisons_memory+0xc8/0x9b0 [ 26.730282] kunit_try_run_case+0x1b3/0x490 [ 26.730715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.731043] kthread+0x257/0x310 [ 26.731431] ret_from_fork+0x41/0x80 [ 26.731882] ret_from_fork_asm+0x1a/0x30 [ 26.732313] [ 26.732545] The buggy address belongs to the object at ffff888102a15300 [ 26.732545] which belongs to the cache kmalloc-128 of size 128 [ 26.733307] The buggy address is located 12 bytes to the right of [ 26.733307] allocated 115-byte region [ffff888102a15300, ffff888102a15373) [ 26.734230] [ 26.734510] The buggy address belongs to the physical page: [ 26.735083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a15 [ 26.735685] flags: 0x200000000000000(node=0|zone=2) [ 26.736136] page_type: f5(slab) [ 26.736357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.737075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.737633] page dumped because: kasan: bad access detected [ 26.737988] [ 26.738234] Memory state around the buggy address: [ 26.738718] ffff888102a15200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.739342] ffff888102a15280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.739971] >ffff888102a15300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.740653] ^ [ 26.741143] ffff888102a15380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.741699] ffff888102a15400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.742048] ================================================================== [ 26.672320] ================================================================== [ 26.672835] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.673566] Read of size 1 at addr ffff888102a15378 by task kunit_try_catch/203 [ 26.674161] [ 26.674396] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.675170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.675517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.675959] Call Trace: [ 26.676254] <TASK> [ 26.676541] dump_stack_lvl+0x73/0xb0 [ 26.676958] print_report+0xd1/0x640 [ 26.677397] ? __virt_addr_valid+0x1db/0x2d0 [ 26.677876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.678342] kasan_report+0x102/0x140 [ 26.678653] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.679016] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.679607] __asan_report_load1_noabort+0x18/0x20 [ 26.680092] ksize_unpoisons_memory+0x7eb/0x9b0 [ 26.680628] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 26.681142] ? finish_task_switch.isra.0+0x153/0x700 [ 26.681639] ? __switch_to+0x5d9/0xf60 [ 26.682103] ? __schedule+0xc3e/0x2790 [ 26.682479] ? __pfx_read_tsc+0x10/0x10 [ 26.682751] ? ktime_get_ts64+0x86/0x230 [ 26.683109] kunit_try_run_case+0x1b3/0x490 [ 26.683644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.684145] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.684740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.685262] ? __kthread_parkme+0x82/0x160 [ 26.685758] ? preempt_count_sub+0x50/0x80 [ 26.686145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.686665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.687110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.687470] kthread+0x257/0x310 [ 26.687866] ? __pfx_kthread+0x10/0x10 [ 26.688344] ret_from_fork+0x41/0x80 [ 26.688812] ? __pfx_kthread+0x10/0x10 [ 26.689248] ret_from_fork_asm+0x1a/0x30 [ 26.689724] </TASK> [ 26.689990] [ 26.690244] Allocated by task 203: [ 26.690619] kasan_save_stack+0x3d/0x60 [ 26.691017] kasan_save_track+0x18/0x40 [ 26.691388] kasan_save_alloc_info+0x3b/0x50 [ 26.691771] __kasan_kmalloc+0xb7/0xc0 [ 26.692175] __kmalloc_cache_noprof+0x184/0x410 [ 26.692626] ksize_unpoisons_memory+0xc8/0x9b0 [ 26.693049] kunit_try_run_case+0x1b3/0x490 [ 26.693473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.693822] kthread+0x257/0x310 [ 26.694143] ret_from_fork+0x41/0x80 [ 26.694577] ret_from_fork_asm+0x1a/0x30 [ 26.695049] [ 26.695275] The buggy address belongs to the object at ffff888102a15300 [ 26.695275] which belongs to the cache kmalloc-128 of size 128 [ 26.696255] The buggy address is located 5 bytes to the right of [ 26.696255] allocated 115-byte region [ffff888102a15300, ffff888102a15373) [ 26.696874] [ 26.697023] The buggy address belongs to the physical page: [ 26.697565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a15 [ 26.698254] flags: 0x200000000000000(node=0|zone=2) [ 26.698763] page_type: f5(slab) [ 26.699151] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.699857] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.700556] page dumped because: kasan: bad access detected [ 26.701037] [ 26.701240] Memory state around the buggy address: [ 26.701670] ffff888102a15200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.702026] ffff888102a15280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.702752] >ffff888102a15300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.703378] ^ [ 26.704071] ffff888102a15380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.704738] ffff888102a15400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.705209] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 26.569358] ================================================================== [ 26.570597] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 26.571402] Free of addr ffff888101adffc0 by task kunit_try_catch/201 [ 26.572109] [ 26.572795] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.574044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.574306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.575583] Call Trace: [ 26.575878] <TASK> [ 26.576170] dump_stack_lvl+0x73/0xb0 [ 26.576801] print_report+0xd1/0x640 [ 26.577210] ? __virt_addr_valid+0x1db/0x2d0 [ 26.577684] ? kfree_sensitive+0x2e/0x90 [ 26.577994] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.578415] ? kfree_sensitive+0x2e/0x90 [ 26.578998] kasan_report_invalid_free+0xc0/0xf0 [ 26.579527] ? kfree_sensitive+0x2e/0x90 [ 26.579940] ? kfree_sensitive+0x2e/0x90 [ 26.580413] check_slab_allocation+0x101/0x130 [ 26.580810] __kasan_slab_pre_free+0x28/0x40 [ 26.581110] kfree+0xf1/0x3f0 [ 26.581350] ? kfree_sensitive+0x2e/0x90 [ 26.581778] kfree_sensitive+0x2e/0x90 [ 26.582254] kmalloc_double_kzfree+0x19d/0x360 [ 26.582809] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 26.583328] ? __schedule+0xc3e/0x2790 [ 26.583799] ? __pfx_read_tsc+0x10/0x10 [ 26.584246] ? ktime_get_ts64+0x86/0x230 [ 26.584803] kunit_try_run_case+0x1b3/0x490 [ 26.585182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.585552] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.586082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.586629] ? __kthread_parkme+0x82/0x160 [ 26.587076] ? preempt_count_sub+0x50/0x80 [ 26.587514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.587969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.588580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.589130] kthread+0x257/0x310 [ 26.589434] ? __pfx_kthread+0x10/0x10 [ 26.589838] ret_from_fork+0x41/0x80 [ 26.590117] ? __pfx_kthread+0x10/0x10 [ 26.590373] ret_from_fork_asm+0x1a/0x30 [ 26.590827] </TASK> [ 26.591242] [ 26.591501] Allocated by task 201: [ 26.591872] kasan_save_stack+0x3d/0x60 [ 26.592348] kasan_save_track+0x18/0x40 [ 26.592888] kasan_save_alloc_info+0x3b/0x50 [ 26.593322] __kasan_kmalloc+0xb7/0xc0 [ 26.593722] __kmalloc_cache_noprof+0x184/0x410 [ 26.594172] kmalloc_double_kzfree+0xaa/0x360 [ 26.594450] kunit_try_run_case+0x1b3/0x490 [ 26.594913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.595506] kthread+0x257/0x310 [ 26.595922] ret_from_fork+0x41/0x80 [ 26.596273] ret_from_fork_asm+0x1a/0x30 [ 26.596842] [ 26.597114] Freed by task 201: [ 26.597325] kasan_save_stack+0x3d/0x60 [ 26.597666] kasan_save_track+0x18/0x40 [ 26.598285] kasan_save_free_info+0x3f/0x60 [ 26.598831] __kasan_slab_free+0x56/0x70 [ 26.599208] kfree+0x123/0x3f0 [ 26.599717] kfree_sensitive+0x67/0x90 [ 26.600104] kmalloc_double_kzfree+0x12c/0x360 [ 26.600711] kunit_try_run_case+0x1b3/0x490 [ 26.600989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.601317] kthread+0x257/0x310 [ 26.601540] ret_from_fork+0x41/0x80 [ 26.601775] ret_from_fork_asm+0x1a/0x30 [ 26.602028] [ 26.602248] The buggy address belongs to the object at ffff888101adffc0 [ 26.602248] which belongs to the cache kmalloc-16 of size 16 [ 26.603330] The buggy address is located 0 bytes inside of [ 26.603330] 16-byte region [ffff888101adffc0, ffff888101adffd0) [ 26.604565] [ 26.604748] The buggy address belongs to the physical page: [ 26.605247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 26.606275] flags: 0x200000000000000(node=0|zone=2) [ 26.606977] page_type: f5(slab) [ 26.607234] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.608072] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.608445] page dumped because: kasan: bad access detected [ 26.608729] [ 26.608868] Memory state around the buggy address: [ 26.609173] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.609993] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 26.610865] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 26.611680] ^ [ 26.612189] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.613043] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 26.613629] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 26.525409] ================================================================== [ 26.527187] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 26.527927] Read of size 1 at addr ffff888101adffc0 by task kunit_try_catch/201 [ 26.529269] [ 26.529515] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.530569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.530935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.531696] Call Trace: [ 26.531820] <TASK> [ 26.531928] dump_stack_lvl+0x73/0xb0 [ 26.532150] print_report+0xd1/0x640 [ 26.532482] ? __virt_addr_valid+0x1db/0x2d0 [ 26.533396] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.533935] kasan_report+0x102/0x140 [ 26.534371] ? kmalloc_double_kzfree+0x19d/0x360 [ 26.534966] ? kmalloc_double_kzfree+0x19d/0x360 [ 26.535398] ? kmalloc_double_kzfree+0x19d/0x360 [ 26.536066] __kasan_check_byte+0x3d/0x50 [ 26.536415] kfree_sensitive+0x22/0x90 [ 26.536717] kmalloc_double_kzfree+0x19d/0x360 [ 26.537256] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 26.537923] ? __schedule+0xc3e/0x2790 [ 26.538356] ? __pfx_read_tsc+0x10/0x10 [ 26.538684] ? ktime_get_ts64+0x86/0x230 [ 26.539139] kunit_try_run_case+0x1b3/0x490 [ 26.539586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.540081] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.540486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.540963] ? __kthread_parkme+0x82/0x160 [ 26.541323] ? preempt_count_sub+0x50/0x80 [ 26.541828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.542169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.542989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.543473] kthread+0x257/0x310 [ 26.543836] ? __pfx_kthread+0x10/0x10 [ 26.544156] ret_from_fork+0x41/0x80 [ 26.544505] ? __pfx_kthread+0x10/0x10 [ 26.544857] ret_from_fork_asm+0x1a/0x30 [ 26.545312] </TASK> [ 26.545700] [ 26.545910] Allocated by task 201: [ 26.546297] kasan_save_stack+0x3d/0x60 [ 26.546601] kasan_save_track+0x18/0x40 [ 26.546853] kasan_save_alloc_info+0x3b/0x50 [ 26.547264] __kasan_kmalloc+0xb7/0xc0 [ 26.547679] __kmalloc_cache_noprof+0x184/0x410 [ 26.548171] kmalloc_double_kzfree+0xaa/0x360 [ 26.548659] kunit_try_run_case+0x1b3/0x490 [ 26.548976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.549515] kthread+0x257/0x310 [ 26.549884] ret_from_fork+0x41/0x80 [ 26.550265] ret_from_fork_asm+0x1a/0x30 [ 26.550733] [ 26.550950] Freed by task 201: [ 26.551234] kasan_save_stack+0x3d/0x60 [ 26.551603] kasan_save_track+0x18/0x40 [ 26.551997] kasan_save_free_info+0x3f/0x60 [ 26.552441] __kasan_slab_free+0x56/0x70 [ 26.552862] kfree+0x123/0x3f0 [ 26.553218] kfree_sensitive+0x67/0x90 [ 26.553721] kmalloc_double_kzfree+0x12c/0x360 [ 26.554194] kunit_try_run_case+0x1b3/0x490 [ 26.554465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.554760] kthread+0x257/0x310 [ 26.554985] ret_from_fork+0x41/0x80 [ 26.555534] ret_from_fork_asm+0x1a/0x30 [ 26.555962] [ 26.556220] The buggy address belongs to the object at ffff888101adffc0 [ 26.556220] which belongs to the cache kmalloc-16 of size 16 [ 26.557270] The buggy address is located 0 bytes inside of [ 26.557270] freed 16-byte region [ffff888101adffc0, ffff888101adffd0) [ 26.558186] [ 26.558344] The buggy address belongs to the physical page: [ 26.558823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 26.559482] flags: 0x200000000000000(node=0|zone=2) [ 26.560063] page_type: f5(slab) [ 26.560554] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.561046] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.561772] page dumped because: kasan: bad access detected [ 26.562186] [ 26.562331] Memory state around the buggy address: [ 26.562786] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.563425] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 26.563903] >ffff888101adff80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 26.564473] ^ [ 26.565156] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.565851] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 26.566354] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 26.413418] ================================================================== [ 26.414464] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 26.414992] Write of size 33 at addr ffff888102a12480 by task kunit_try_catch/195 [ 26.415946] [ 26.416218] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.417293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.418035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.419133] Call Trace: [ 26.419322] <TASK> [ 26.419486] dump_stack_lvl+0x73/0xb0 [ 26.419778] print_report+0xd1/0x640 [ 26.420720] ? __virt_addr_valid+0x1db/0x2d0 [ 26.421024] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.421690] kasan_report+0x102/0x140 [ 26.422391] ? kmalloc_uaf_memset+0x1a4/0x360 [ 26.422667] ? kmalloc_uaf_memset+0x1a4/0x360 [ 26.423121] kasan_check_range+0x10c/0x1c0 [ 26.423426] __asan_memset+0x27/0x50 [ 26.423811] kmalloc_uaf_memset+0x1a4/0x360 [ 26.424173] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 26.424756] ? __schedule+0xc3e/0x2790 [ 26.425115] ? __pfx_read_tsc+0x10/0x10 [ 26.425381] ? ktime_get_ts64+0x86/0x230 [ 26.425899] kunit_try_run_case+0x1b3/0x490 [ 26.426337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.426916] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.427372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.427793] ? __kthread_parkme+0x82/0x160 [ 26.428286] ? preempt_count_sub+0x50/0x80 [ 26.428686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.429124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.429505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.430018] kthread+0x257/0x310 [ 26.430367] ? __pfx_kthread+0x10/0x10 [ 26.430773] ret_from_fork+0x41/0x80 [ 26.431032] ? __pfx_kthread+0x10/0x10 [ 26.431932] ret_from_fork_asm+0x1a/0x30 [ 26.432860] </TASK> [ 26.433142] [ 26.433346] Allocated by task 195: [ 26.434251] kasan_save_stack+0x3d/0x60 [ 26.434815] kasan_save_track+0x18/0x40 [ 26.435211] kasan_save_alloc_info+0x3b/0x50 [ 26.435526] __kasan_kmalloc+0xb7/0xc0 [ 26.435941] __kmalloc_cache_noprof+0x184/0x410 [ 26.436382] kmalloc_uaf_memset+0xaa/0x360 [ 26.436966] kunit_try_run_case+0x1b3/0x490 [ 26.437391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.438034] kthread+0x257/0x310 [ 26.438341] ret_from_fork+0x41/0x80 [ 26.439358] ret_from_fork_asm+0x1a/0x30 [ 26.439708] [ 26.439884] Freed by task 195: [ 26.440288] kasan_save_stack+0x3d/0x60 [ 26.440882] kasan_save_track+0x18/0x40 [ 26.441248] kasan_save_free_info+0x3f/0x60 [ 26.441568] __kasan_slab_free+0x56/0x70 [ 26.442102] kfree+0x123/0x3f0 [ 26.442473] kmalloc_uaf_memset+0x12c/0x360 [ 26.443017] kunit_try_run_case+0x1b3/0x490 [ 26.443478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.444710] kthread+0x257/0x310 [ 26.444963] ret_from_fork+0x41/0x80 [ 26.445260] ret_from_fork_asm+0x1a/0x30 [ 26.445649] [ 26.445843] The buggy address belongs to the object at ffff888102a12480 [ 26.445843] which belongs to the cache kmalloc-64 of size 64 [ 26.447030] The buggy address is located 0 bytes inside of [ 26.447030] freed 64-byte region [ffff888102a12480, ffff888102a124c0) [ 26.447946] [ 26.448117] The buggy address belongs to the physical page: [ 26.448735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a12 [ 26.449389] flags: 0x200000000000000(node=0|zone=2) [ 26.450468] page_type: f5(slab) [ 26.450705] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.451472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.452266] page dumped because: kasan: bad access detected [ 26.452850] [ 26.453069] Memory state around the buggy address: [ 26.453343] ffff888102a12380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.453994] ffff888102a12400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.455313] >ffff888102a12480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.455915] ^ [ 26.456194] ffff888102a12500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.456766] ffff888102a12580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.457349] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 26.306237] ================================================================== [ 26.307341] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 26.308431] Read of size 64 at addr ffff888102a12304 by task kunit_try_catch/191 [ 26.309755] [ 26.310106] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.311150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.311506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.312537] Call Trace: [ 26.313030] <TASK> [ 26.313693] dump_stack_lvl+0x73/0xb0 [ 26.314156] print_report+0xd1/0x640 [ 26.314769] ? __virt_addr_valid+0x1db/0x2d0 [ 26.315457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.315919] kasan_report+0x102/0x140 [ 26.316202] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 26.317049] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 26.317700] kasan_check_range+0x10c/0x1c0 [ 26.317892] __asan_memmove+0x27/0x70 [ 26.318034] kmalloc_memmove_invalid_size+0x170/0x330 [ 26.318330] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 26.319409] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 26.320250] kunit_try_run_case+0x1b3/0x490 [ 26.320911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.321481] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.322078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.322656] ? __kthread_parkme+0x82/0x160 [ 26.323019] ? preempt_count_sub+0x50/0x80 [ 26.323341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.324271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.324991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.325716] kthread+0x257/0x310 [ 26.326270] ? __pfx_kthread+0x10/0x10 [ 26.326956] ret_from_fork+0x41/0x80 [ 26.327209] ? __pfx_kthread+0x10/0x10 [ 26.327851] ret_from_fork_asm+0x1a/0x30 [ 26.328578] </TASK> [ 26.329123] [ 26.329326] Allocated by task 191: [ 26.329937] kasan_save_stack+0x3d/0x60 [ 26.330292] kasan_save_track+0x18/0x40 [ 26.330617] kasan_save_alloc_info+0x3b/0x50 [ 26.331202] __kasan_kmalloc+0xb7/0xc0 [ 26.331487] __kmalloc_cache_noprof+0x184/0x410 [ 26.331846] kmalloc_memmove_invalid_size+0xad/0x330 [ 26.332473] kunit_try_run_case+0x1b3/0x490 [ 26.332989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.333366] kthread+0x257/0x310 [ 26.333596] ret_from_fork+0x41/0x80 [ 26.334018] ret_from_fork_asm+0x1a/0x30 [ 26.334708] [ 26.334994] The buggy address belongs to the object at ffff888102a12300 [ 26.334994] which belongs to the cache kmalloc-64 of size 64 [ 26.335971] The buggy address is located 4 bytes inside of [ 26.335971] allocated 64-byte region [ffff888102a12300, ffff888102a12340) [ 26.337014] [ 26.337198] The buggy address belongs to the physical page: [ 26.338350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a12 [ 26.339216] flags: 0x200000000000000(node=0|zone=2) [ 26.339586] page_type: f5(slab) [ 26.340187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.341017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.342272] page dumped because: kasan: bad access detected [ 26.342621] [ 26.343209] Memory state around the buggy address: [ 26.343796] ffff888102a12200: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 26.344919] ffff888102a12280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.345390] >ffff888102a12300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.345912] ^ [ 26.346647] ffff888102a12380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.347433] ffff888102a12400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.348370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 26.253623] ================================================================== [ 26.254405] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 26.255435] Read of size 18446744073709551614 at addr ffff888102986284 by task kunit_try_catch/189 [ 26.256553] [ 26.256825] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.257772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.258330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.259434] Call Trace: [ 26.260073] <TASK> [ 26.260329] dump_stack_lvl+0x73/0xb0 [ 26.260898] print_report+0xd1/0x640 [ 26.261253] ? __virt_addr_valid+0x1db/0x2d0 [ 26.261641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.262897] kasan_report+0x102/0x140 [ 26.263228] ? kmalloc_memmove_negative_size+0x172/0x330 [ 26.263886] ? kmalloc_memmove_negative_size+0x172/0x330 [ 26.264580] kasan_check_range+0x10c/0x1c0 [ 26.265231] __asan_memmove+0x27/0x70 [ 26.266001] kmalloc_memmove_negative_size+0x172/0x330 [ 26.266592] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 26.267158] ? __schedule+0xc3e/0x2790 [ 26.267853] ? __pfx_read_tsc+0x10/0x10 [ 26.268218] ? ktime_get_ts64+0x86/0x230 [ 26.268557] kunit_try_run_case+0x1b3/0x490 [ 26.269793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.270177] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.271258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.272005] ? __kthread_parkme+0x82/0x160 [ 26.272367] ? preempt_count_sub+0x50/0x80 [ 26.272975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.273377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.274448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.275096] kthread+0x257/0x310 [ 26.275459] ? __pfx_kthread+0x10/0x10 [ 26.276549] ret_from_fork+0x41/0x80 [ 26.277083] ? __pfx_kthread+0x10/0x10 [ 26.277634] ret_from_fork_asm+0x1a/0x30 [ 26.278290] </TASK> [ 26.279243] [ 26.279376] Allocated by task 189: [ 26.279604] kasan_save_stack+0x3d/0x60 [ 26.280341] kasan_save_track+0x18/0x40 [ 26.281417] kasan_save_alloc_info+0x3b/0x50 [ 26.281784] __kasan_kmalloc+0xb7/0xc0 [ 26.282528] __kmalloc_cache_noprof+0x184/0x410 [ 26.283198] kmalloc_memmove_negative_size+0xad/0x330 [ 26.283662] kunit_try_run_case+0x1b3/0x490 [ 26.284473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.284771] kthread+0x257/0x310 [ 26.285179] ret_from_fork+0x41/0x80 [ 26.286252] ret_from_fork_asm+0x1a/0x30 [ 26.286598] [ 26.287183] The buggy address belongs to the object at ffff888102986280 [ 26.287183] which belongs to the cache kmalloc-64 of size 64 [ 26.288074] The buggy address is located 4 bytes inside of [ 26.288074] 64-byte region [ffff888102986280, ffff8881029862c0) [ 26.288917] [ 26.290128] The buggy address belongs to the physical page: [ 26.290529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102986 [ 26.291194] flags: 0x200000000000000(node=0|zone=2) [ 26.291666] page_type: f5(slab) [ 26.292045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.292817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.293264] page dumped because: kasan: bad access detected [ 26.293753] [ 26.293921] Memory state around the buggy address: [ 26.294299] ffff888102986180: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 26.294867] ffff888102986200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.296580] >ffff888102986280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.297028] ^ [ 26.297350] ffff888102986300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.297966] ffff888102986380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.298491] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 26.109849] ================================================================== [ 26.110590] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 26.112084] Write of size 4 at addr ffff888102985375 by task kunit_try_catch/183 [ 26.113293] [ 26.113489] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.115047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.115383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.116610] Call Trace: [ 26.117090] <TASK> [ 26.117610] dump_stack_lvl+0x73/0xb0 [ 26.118351] print_report+0xd1/0x640 [ 26.118734] ? __virt_addr_valid+0x1db/0x2d0 [ 26.119231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.120007] kasan_report+0x102/0x140 [ 26.120254] ? kmalloc_oob_memset_4+0x167/0x330 [ 26.121260] ? kmalloc_oob_memset_4+0x167/0x330 [ 26.122218] kasan_check_range+0x10c/0x1c0 [ 26.122595] __asan_memset+0x27/0x50 [ 26.122844] kmalloc_oob_memset_4+0x167/0x330 [ 26.123598] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 26.124927] ? __schedule+0xc3e/0x2790 [ 26.125273] ? __pfx_read_tsc+0x10/0x10 [ 26.126122] ? ktime_get_ts64+0x86/0x230 [ 26.126521] kunit_try_run_case+0x1b3/0x490 [ 26.126944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.127523] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.128246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.129217] ? __kthread_parkme+0x82/0x160 [ 26.129577] ? preempt_count_sub+0x50/0x80 [ 26.130275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.130954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.131541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.132171] kthread+0x257/0x310 [ 26.132652] ? __pfx_kthread+0x10/0x10 [ 26.133439] ret_from_fork+0x41/0x80 [ 26.133892] ? __pfx_kthread+0x10/0x10 [ 26.134323] ret_from_fork_asm+0x1a/0x30 [ 26.135153] </TASK> [ 26.135519] [ 26.135917] Allocated by task 183: [ 26.136221] kasan_save_stack+0x3d/0x60 [ 26.137186] kasan_save_track+0x18/0x40 [ 26.137864] kasan_save_alloc_info+0x3b/0x50 [ 26.138283] __kasan_kmalloc+0xb7/0xc0 [ 26.138648] __kmalloc_cache_noprof+0x184/0x410 [ 26.139148] kmalloc_oob_memset_4+0xad/0x330 [ 26.139756] kunit_try_run_case+0x1b3/0x490 [ 26.140190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.140814] kthread+0x257/0x310 [ 26.141189] ret_from_fork+0x41/0x80 [ 26.142127] ret_from_fork_asm+0x1a/0x30 [ 26.142434] [ 26.142858] The buggy address belongs to the object at ffff888102985300 [ 26.142858] which belongs to the cache kmalloc-128 of size 128 [ 26.143676] The buggy address is located 117 bytes inside of [ 26.143676] allocated 120-byte region [ffff888102985300, ffff888102985378) [ 26.145095] [ 26.145327] The buggy address belongs to the physical page: [ 26.145839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102985 [ 26.146809] flags: 0x200000000000000(node=0|zone=2) [ 26.148014] page_type: f5(slab) [ 26.148460] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.149094] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.149905] page dumped because: kasan: bad access detected [ 26.150524] [ 26.150684] Memory state around the buggy address: [ 26.151688] ffff888102985200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.152420] ffff888102985280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.153258] >ffff888102985300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.153856] ^ [ 26.154547] ffff888102985380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.155030] ffff888102985400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.155758] ================================================================== [ 26.210048] ================================================================== [ 26.210978] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 26.211780] Write of size 16 at addr ffff888102a11869 by task kunit_try_catch/187 [ 26.212151] [ 26.213043] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.213780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.214327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.215176] Call Trace: [ 26.215669] <TASK> [ 26.215875] dump_stack_lvl+0x73/0xb0 [ 26.216203] print_report+0xd1/0x640 [ 26.217176] ? __virt_addr_valid+0x1db/0x2d0 [ 26.217710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.218165] kasan_report+0x102/0x140 [ 26.218506] ? kmalloc_oob_memset_16+0x167/0x330 [ 26.218891] ? kmalloc_oob_memset_16+0x167/0x330 [ 26.219362] kasan_check_range+0x10c/0x1c0 [ 26.219834] __asan_memset+0x27/0x50 [ 26.220406] kmalloc_oob_memset_16+0x167/0x330 [ 26.220954] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 26.221542] ? __schedule+0xc3e/0x2790 [ 26.221874] ? __pfx_read_tsc+0x10/0x10 [ 26.222341] ? ktime_get_ts64+0x86/0x230 [ 26.222780] kunit_try_run_case+0x1b3/0x490 [ 26.223239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.223767] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.224247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.224844] ? __kthread_parkme+0x82/0x160 [ 26.225330] ? preempt_count_sub+0x50/0x80 [ 26.225770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.226373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.226887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.227507] kthread+0x257/0x310 [ 26.227837] ? __pfx_kthread+0x10/0x10 [ 26.228320] ret_from_fork+0x41/0x80 [ 26.228775] ? __pfx_kthread+0x10/0x10 [ 26.229194] ret_from_fork_asm+0x1a/0x30 [ 26.229698] </TASK> [ 26.229988] [ 26.230232] Allocated by task 187: [ 26.230567] kasan_save_stack+0x3d/0x60 [ 26.230967] kasan_save_track+0x18/0x40 [ 26.231431] kasan_save_alloc_info+0x3b/0x50 [ 26.231904] __kasan_kmalloc+0xb7/0xc0 [ 26.232348] __kmalloc_cache_noprof+0x184/0x410 [ 26.232898] kmalloc_oob_memset_16+0xad/0x330 [ 26.233251] kunit_try_run_case+0x1b3/0x490 [ 26.233734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.234240] kthread+0x257/0x310 [ 26.234671] ret_from_fork+0x41/0x80 [ 26.235126] ret_from_fork_asm+0x1a/0x30 [ 26.235543] [ 26.235853] The buggy address belongs to the object at ffff888102a11800 [ 26.235853] which belongs to the cache kmalloc-128 of size 128 [ 26.236798] The buggy address is located 105 bytes inside of [ 26.236798] allocated 120-byte region [ffff888102a11800, ffff888102a11878) [ 26.237732] [ 26.238017] The buggy address belongs to the physical page: [ 26.238412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a11 [ 26.239187] flags: 0x200000000000000(node=0|zone=2) [ 26.239733] page_type: f5(slab) [ 26.240085] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.240703] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.241141] page dumped because: kasan: bad access detected [ 26.241419] [ 26.241561] Memory state around the buggy address: [ 26.241822] ffff888102a11700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.242585] ffff888102a11780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.243215] >ffff888102a11800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.243907] ^ [ 26.244691] ffff888102a11880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.245130] ffff888102a11900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.245521] ================================================================== [ 26.057034] ================================================================== [ 26.057666] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 26.058237] Write of size 2 at addr ffff888102a11577 by task kunit_try_catch/181 [ 26.058685] [ 26.058861] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.060071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.062006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.062972] Call Trace: [ 26.063516] <TASK> [ 26.063760] dump_stack_lvl+0x73/0xb0 [ 26.064109] print_report+0xd1/0x640 [ 26.064604] ? __virt_addr_valid+0x1db/0x2d0 [ 26.064929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.066437] kasan_report+0x102/0x140 [ 26.066920] ? kmalloc_oob_memset_2+0x167/0x330 [ 26.067549] ? kmalloc_oob_memset_2+0x167/0x330 [ 26.068070] kasan_check_range+0x10c/0x1c0 [ 26.068434] __asan_memset+0x27/0x50 [ 26.069664] kmalloc_oob_memset_2+0x167/0x330 [ 26.070022] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 26.070870] ? __schedule+0xc3e/0x2790 [ 26.071162] ? __pfx_read_tsc+0x10/0x10 [ 26.071923] ? ktime_get_ts64+0x86/0x230 [ 26.072319] kunit_try_run_case+0x1b3/0x490 [ 26.073296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.073641] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.074150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.074623] ? __kthread_parkme+0x82/0x160 [ 26.075271] ? preempt_count_sub+0x50/0x80 [ 26.075634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.075990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.076661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.077366] kthread+0x257/0x310 [ 26.078071] ? __pfx_kthread+0x10/0x10 [ 26.078439] ret_from_fork+0x41/0x80 [ 26.079433] ? __pfx_kthread+0x10/0x10 [ 26.080120] ret_from_fork_asm+0x1a/0x30 [ 26.080510] </TASK> [ 26.081331] [ 26.081466] Allocated by task 181: [ 26.081791] kasan_save_stack+0x3d/0x60 [ 26.082316] kasan_save_track+0x18/0x40 [ 26.083240] kasan_save_alloc_info+0x3b/0x50 [ 26.084132] __kasan_kmalloc+0xb7/0xc0 [ 26.084455] __kmalloc_cache_noprof+0x184/0x410 [ 26.085114] kmalloc_oob_memset_2+0xad/0x330 [ 26.085756] kunit_try_run_case+0x1b3/0x490 [ 26.086637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.087042] kthread+0x257/0x310 [ 26.087737] ret_from_fork+0x41/0x80 [ 26.087982] ret_from_fork_asm+0x1a/0x30 [ 26.088387] [ 26.089242] The buggy address belongs to the object at ffff888102a11500 [ 26.089242] which belongs to the cache kmalloc-128 of size 128 [ 26.089971] The buggy address is located 119 bytes inside of [ 26.089971] allocated 120-byte region [ffff888102a11500, ffff888102a11578) [ 26.091443] [ 26.092136] The buggy address belongs to the physical page: [ 26.092903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a11 [ 26.093708] flags: 0x200000000000000(node=0|zone=2) [ 26.094321] page_type: f5(slab) [ 26.094889] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.095486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.096157] page dumped because: kasan: bad access detected [ 26.096743] [ 26.097018] Memory state around the buggy address: [ 26.097802] ffff888102a11400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.099313] ffff888102a11480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.099844] >ffff888102a11500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.100403] ^ [ 26.101345] ffff888102a11580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.102346] ffff888102a11600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.103314] ================================================================== [ 26.163835] ================================================================== [ 26.164767] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 26.165393] Write of size 8 at addr ffff888102a11771 by task kunit_try_catch/185 [ 26.166119] [ 26.166296] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.168324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.168604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.169516] Call Trace: [ 26.169841] <TASK> [ 26.170226] dump_stack_lvl+0x73/0xb0 [ 26.171026] print_report+0xd1/0x640 [ 26.171452] ? __virt_addr_valid+0x1db/0x2d0 [ 26.171916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.172357] kasan_report+0x102/0x140 [ 26.172653] ? kmalloc_oob_memset_8+0x167/0x330 [ 26.173302] ? kmalloc_oob_memset_8+0x167/0x330 [ 26.173911] kasan_check_range+0x10c/0x1c0 [ 26.174252] __asan_memset+0x27/0x50 [ 26.175029] kmalloc_oob_memset_8+0x167/0x330 [ 26.175525] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 26.176104] ? __schedule+0xc3e/0x2790 [ 26.176560] ? __pfx_read_tsc+0x10/0x10 [ 26.177144] ? ktime_get_ts64+0x86/0x230 [ 26.177534] kunit_try_run_case+0x1b3/0x490 [ 26.178129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.178984] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.179454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.179981] ? __kthread_parkme+0x82/0x160 [ 26.180429] ? preempt_count_sub+0x50/0x80 [ 26.181107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.181431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.182022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.182371] kthread+0x257/0x310 [ 26.182731] ? __pfx_kthread+0x10/0x10 [ 26.183119] ret_from_fork+0x41/0x80 [ 26.183493] ? __pfx_kthread+0x10/0x10 [ 26.183753] ret_from_fork_asm+0x1a/0x30 [ 26.184937] </TASK> [ 26.185213] [ 26.185420] Allocated by task 185: [ 26.185931] kasan_save_stack+0x3d/0x60 [ 26.186314] kasan_save_track+0x18/0x40 [ 26.186606] kasan_save_alloc_info+0x3b/0x50 [ 26.187173] __kasan_kmalloc+0xb7/0xc0 [ 26.187579] __kmalloc_cache_noprof+0x184/0x410 [ 26.188462] kmalloc_oob_memset_8+0xad/0x330 [ 26.189106] kunit_try_run_case+0x1b3/0x490 [ 26.189380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.189996] kthread+0x257/0x310 [ 26.190287] ret_from_fork+0x41/0x80 [ 26.190571] ret_from_fork_asm+0x1a/0x30 [ 26.190972] [ 26.191338] The buggy address belongs to the object at ffff888102a11700 [ 26.191338] which belongs to the cache kmalloc-128 of size 128 [ 26.192704] The buggy address is located 113 bytes inside of [ 26.192704] allocated 120-byte region [ffff888102a11700, ffff888102a11778) [ 26.193525] [ 26.193750] The buggy address belongs to the physical page: [ 26.194241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a11 [ 26.194745] flags: 0x200000000000000(node=0|zone=2) [ 26.195352] page_type: f5(slab) [ 26.196033] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.196920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.197756] page dumped because: kasan: bad access detected [ 26.198149] [ 26.198294] Memory state around the buggy address: [ 26.198890] ffff888102a11600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.199494] ffff888102a11680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.199863] >ffff888102a11700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.200453] ^ [ 26.201019] ffff888102a11780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.202220] ffff888102a11800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.202868] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 26.006830] ================================================================== [ 26.007529] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 26.008089] Write of size 128 at addr ffff888102985000 by task kunit_try_catch/179 [ 26.008719] [ 26.008958] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.011027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.011301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.011900] Call Trace: [ 26.012284] <TASK> [ 26.012599] dump_stack_lvl+0x73/0xb0 [ 26.014098] print_report+0xd1/0x640 [ 26.014656] ? __virt_addr_valid+0x1db/0x2d0 [ 26.015391] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.015799] kasan_report+0x102/0x140 [ 26.016324] ? kmalloc_oob_in_memset+0x160/0x320 [ 26.017021] ? kmalloc_oob_in_memset+0x160/0x320 [ 26.017507] kasan_check_range+0x10c/0x1c0 [ 26.017895] __asan_memset+0x27/0x50 [ 26.018298] kmalloc_oob_in_memset+0x160/0x320 [ 26.018713] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 26.019194] ? __schedule+0xc3e/0x2790 [ 26.020225] ? __pfx_read_tsc+0x10/0x10 [ 26.020751] ? ktime_get_ts64+0x86/0x230 [ 26.021249] kunit_try_run_case+0x1b3/0x490 [ 26.021857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.022348] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.022955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.023403] ? __kthread_parkme+0x82/0x160 [ 26.024393] ? preempt_count_sub+0x50/0x80 [ 26.024739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.025197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.025641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.026049] kthread+0x257/0x310 [ 26.026758] ? __pfx_kthread+0x10/0x10 [ 26.027030] ret_from_fork+0x41/0x80 [ 26.027504] ? __pfx_kthread+0x10/0x10 [ 26.028129] ret_from_fork_asm+0x1a/0x30 [ 26.028609] </TASK> [ 26.029077] [ 26.029287] Allocated by task 179: [ 26.029739] kasan_save_stack+0x3d/0x60 [ 26.030796] kasan_save_track+0x18/0x40 [ 26.031092] kasan_save_alloc_info+0x3b/0x50 [ 26.031589] __kasan_kmalloc+0xb7/0xc0 [ 26.032200] __kmalloc_cache_noprof+0x184/0x410 [ 26.032689] kmalloc_oob_in_memset+0xad/0x320 [ 26.033199] kunit_try_run_case+0x1b3/0x490 [ 26.033931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.034360] kthread+0x257/0x310 [ 26.034969] ret_from_fork+0x41/0x80 [ 26.035432] ret_from_fork_asm+0x1a/0x30 [ 26.036523] [ 26.036883] The buggy address belongs to the object at ffff888102985000 [ 26.036883] which belongs to the cache kmalloc-128 of size 128 [ 26.038028] The buggy address is located 0 bytes inside of [ 26.038028] allocated 120-byte region [ffff888102985000, ffff888102985078) [ 26.038970] [ 26.039268] The buggy address belongs to the physical page: [ 26.039885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102985 [ 26.040507] flags: 0x200000000000000(node=0|zone=2) [ 26.041354] page_type: f5(slab) [ 26.041716] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.042347] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.042866] page dumped because: kasan: bad access detected [ 26.043419] [ 26.043723] Memory state around the buggy address: [ 26.044199] ffff888102984f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.045078] ffff888102984f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.045714] >ffff888102985000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.046670] ^ [ 26.047247] ffff888102985080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.048586] ffff888102985100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.049507] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 26.465404] ================================================================== [ 26.466089] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 26.467078] Read of size 1 at addr ffff8881029865a8 by task kunit_try_catch/197 [ 26.468257] [ 26.468778] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.470000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.470251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.471537] Call Trace: [ 26.472138] <TASK> [ 26.472320] dump_stack_lvl+0x73/0xb0 [ 26.473217] print_report+0xd1/0x640 [ 26.473579] ? __virt_addr_valid+0x1db/0x2d0 [ 26.474634] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.475142] kasan_report+0x102/0x140 [ 26.475415] ? kmalloc_uaf2+0x4aa/0x520 [ 26.476278] ? kmalloc_uaf2+0x4aa/0x520 [ 26.476627] __asan_report_load1_noabort+0x18/0x20 [ 26.477205] kmalloc_uaf2+0x4aa/0x520 [ 26.478048] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 26.478395] ? finish_task_switch.isra.0+0x153/0x700 [ 26.479032] ? __switch_to+0x5d9/0xf60 [ 26.479555] ? __schedule+0xc3e/0x2790 [ 26.480113] ? __pfx_read_tsc+0x10/0x10 [ 26.480779] ? ktime_get_ts64+0x86/0x230 [ 26.481310] kunit_try_run_case+0x1b3/0x490 [ 26.481739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.482245] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.482617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.483288] ? __kthread_parkme+0x82/0x160 [ 26.483573] ? preempt_count_sub+0x50/0x80 [ 26.484149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.485349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.485864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.486299] kthread+0x257/0x310 [ 26.487234] ? __pfx_kthread+0x10/0x10 [ 26.487541] ret_from_fork+0x41/0x80 [ 26.487773] ? __pfx_kthread+0x10/0x10 [ 26.488152] ret_from_fork_asm+0x1a/0x30 [ 26.488597] </TASK> [ 26.488856] [ 26.489029] Allocated by task 197: [ 26.490359] kasan_save_stack+0x3d/0x60 [ 26.491168] kasan_save_track+0x18/0x40 [ 26.491448] kasan_save_alloc_info+0x3b/0x50 [ 26.492242] __kasan_kmalloc+0xb7/0xc0 [ 26.492837] __kmalloc_cache_noprof+0x184/0x410 [ 26.493085] kmalloc_uaf2+0xc7/0x520 [ 26.493232] kunit_try_run_case+0x1b3/0x490 [ 26.493380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.493644] kthread+0x257/0x310 [ 26.493877] ret_from_fork+0x41/0x80 [ 26.495034] ret_from_fork_asm+0x1a/0x30 [ 26.495368] [ 26.495590] Freed by task 197: [ 26.495894] kasan_save_stack+0x3d/0x60 [ 26.496246] kasan_save_track+0x18/0x40 [ 26.496544] kasan_save_free_info+0x3f/0x60 [ 26.496952] __kasan_slab_free+0x56/0x70 [ 26.497537] kfree+0x123/0x3f0 [ 26.497903] kmalloc_uaf2+0x14d/0x520 [ 26.498263] kunit_try_run_case+0x1b3/0x490 [ 26.498882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.499415] kthread+0x257/0x310 [ 26.499961] ret_from_fork+0x41/0x80 [ 26.500352] ret_from_fork_asm+0x1a/0x30 [ 26.501050] [ 26.501278] The buggy address belongs to the object at ffff888102986580 [ 26.501278] which belongs to the cache kmalloc-64 of size 64 [ 26.502278] The buggy address is located 40 bytes inside of [ 26.502278] freed 64-byte region [ffff888102986580, ffff8881029865c0) [ 26.503078] [ 26.503296] The buggy address belongs to the physical page: [ 26.503970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102986 [ 26.504990] flags: 0x200000000000000(node=0|zone=2) [ 26.505509] page_type: f5(slab) [ 26.505819] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.506756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.507338] page dumped because: kasan: bad access detected [ 26.507901] [ 26.508133] Memory state around the buggy address: [ 26.508848] ffff888102986480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.509503] ffff888102986500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.510131] >ffff888102986580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.510606] ^ [ 26.511165] ffff888102986600: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 26.511835] ffff888102986680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.512472] ================================================================== [ 26.356297] ================================================================== [ 26.357425] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 26.358292] Read of size 1 at addr ffff888101adffa8 by task kunit_try_catch/193 [ 26.359392] [ 26.360302] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 26.360882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.361336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.362305] Call Trace: [ 26.362578] <TASK> [ 26.363155] dump_stack_lvl+0x73/0xb0 [ 26.363793] print_report+0xd1/0x640 [ 26.364359] ? __virt_addr_valid+0x1db/0x2d0 [ 26.365143] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.365601] kasan_report+0x102/0x140 [ 26.365876] ? kmalloc_uaf+0x322/0x380 [ 26.366412] ? kmalloc_uaf+0x322/0x380 [ 26.367499] __asan_report_load1_noabort+0x18/0x20 [ 26.367944] kmalloc_uaf+0x322/0x380 [ 26.368198] ? __pfx_kmalloc_uaf+0x10/0x10 [ 26.368508] ? __schedule+0xc3e/0x2790 [ 26.369489] ? __pfx_read_tsc+0x10/0x10 [ 26.370188] ? ktime_get_ts64+0x86/0x230 [ 26.370776] kunit_try_run_case+0x1b3/0x490 [ 26.371169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.372080] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.372479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.373110] ? __kthread_parkme+0x82/0x160 [ 26.373877] ? preempt_count_sub+0x50/0x80 [ 26.375007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.375528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.376076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.376545] kthread+0x257/0x310 [ 26.376882] ? __pfx_kthread+0x10/0x10 [ 26.377730] ret_from_fork+0x41/0x80 [ 26.378279] ? __pfx_kthread+0x10/0x10 [ 26.378498] ret_from_fork_asm+0x1a/0x30 [ 26.378731] </TASK> [ 26.378975] [ 26.379522] Allocated by task 193: [ 26.380736] kasan_save_stack+0x3d/0x60 [ 26.381083] kasan_save_track+0x18/0x40 [ 26.381394] kasan_save_alloc_info+0x3b/0x50 [ 26.382381] __kasan_kmalloc+0xb7/0xc0 [ 26.383004] __kmalloc_cache_noprof+0x184/0x410 [ 26.383748] kmalloc_uaf+0xab/0x380 [ 26.384153] kunit_try_run_case+0x1b3/0x490 [ 26.384750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.385713] kthread+0x257/0x310 [ 26.385914] ret_from_fork+0x41/0x80 [ 26.386142] ret_from_fork_asm+0x1a/0x30 [ 26.386609] [ 26.386828] Freed by task 193: [ 26.387154] kasan_save_stack+0x3d/0x60 [ 26.387480] kasan_save_track+0x18/0x40 [ 26.387870] kasan_save_free_info+0x3f/0x60 [ 26.388321] __kasan_slab_free+0x56/0x70 [ 26.388758] kfree+0x123/0x3f0 [ 26.389128] kmalloc_uaf+0x12d/0x380 [ 26.389374] kunit_try_run_case+0x1b3/0x490 [ 26.389914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.390371] kthread+0x257/0x310 [ 26.390670] ret_from_fork+0x41/0x80 [ 26.391089] ret_from_fork_asm+0x1a/0x30 [ 26.391711] [ 26.391899] The buggy address belongs to the object at ffff888101adffa0 [ 26.391899] which belongs to the cache kmalloc-16 of size 16 [ 26.392530] The buggy address is located 8 bytes inside of [ 26.392530] freed 16-byte region [ffff888101adffa0, ffff888101adffb0) [ 26.393499] [ 26.393776] The buggy address belongs to the physical page: [ 26.394286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 26.395686] flags: 0x200000000000000(node=0|zone=2) [ 26.396850] page_type: f5(slab) [ 26.397296] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.398587] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.399315] page dumped because: kasan: bad access detected [ 26.400408] [ 26.400813] Memory state around the buggy address: [ 26.401124] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.402482] ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 26.403456] >ffff888101adff80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 26.404279] ^ [ 26.404742] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.405902] ffff888101ae0080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 26.407161] ================================================================== [ 25.952444] ================================================================== [ 25.953116] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 25.953771] Read of size 16 at addr ffff8881025733c0 by task kunit_try_catch/177 [ 25.954418] [ 25.954656] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.956209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.956788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.957318] Call Trace: [ 25.957677] <TASK> [ 25.958148] dump_stack_lvl+0x73/0xb0 [ 25.958862] print_report+0xd1/0x640 [ 25.959303] ? __virt_addr_valid+0x1db/0x2d0 [ 25.959659] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.960276] kasan_report+0x102/0x140 [ 25.961038] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.961432] ? kmalloc_uaf_16+0x47d/0x4c0 [ 25.961852] __asan_report_load16_noabort+0x18/0x20 [ 25.962539] kmalloc_uaf_16+0x47d/0x4c0 [ 25.962891] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 25.963453] ? __schedule+0xc3e/0x2790 [ 25.963967] ? __pfx_read_tsc+0x10/0x10 [ 25.964486] ? ktime_get_ts64+0x86/0x230 [ 25.965158] kunit_try_run_case+0x1b3/0x490 [ 25.965536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.966328] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.966722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.967342] ? __kthread_parkme+0x82/0x160 [ 25.967718] ? preempt_count_sub+0x50/0x80 [ 25.968779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.969186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.970192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.970971] kthread+0x257/0x310 [ 25.971210] ? __pfx_kthread+0x10/0x10 [ 25.971636] ret_from_fork+0x41/0x80 [ 25.972533] ? __pfx_kthread+0x10/0x10 [ 25.972988] ret_from_fork_asm+0x1a/0x30 [ 25.973363] </TASK> [ 25.974040] [ 25.974191] Allocated by task 177: [ 25.974909] kasan_save_stack+0x3d/0x60 [ 25.975499] kasan_save_track+0x18/0x40 [ 25.975937] kasan_save_alloc_info+0x3b/0x50 [ 25.976361] __kasan_kmalloc+0xb7/0xc0 [ 25.976734] __kmalloc_cache_noprof+0x184/0x410 [ 25.977102] kmalloc_uaf_16+0x15c/0x4c0 [ 25.977406] kunit_try_run_case+0x1b3/0x490 [ 25.978481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.978903] kthread+0x257/0x310 [ 25.979273] ret_from_fork+0x41/0x80 [ 25.980016] ret_from_fork_asm+0x1a/0x30 [ 25.980655] [ 25.981260] Freed by task 177: [ 25.981569] kasan_save_stack+0x3d/0x60 [ 25.981817] kasan_save_track+0x18/0x40 [ 25.982457] kasan_save_free_info+0x3f/0x60 [ 25.983185] __kasan_slab_free+0x56/0x70 [ 25.983755] kfree+0x123/0x3f0 [ 25.984216] kmalloc_uaf_16+0x1d7/0x4c0 [ 25.984372] kunit_try_run_case+0x1b3/0x490 [ 25.984721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.985213] kthread+0x257/0x310 [ 25.985500] ret_from_fork+0x41/0x80 [ 25.985737] ret_from_fork_asm+0x1a/0x30 [ 25.986837] [ 25.987276] The buggy address belongs to the object at ffff8881025733c0 [ 25.987276] which belongs to the cache kmalloc-16 of size 16 [ 25.988857] The buggy address is located 0 bytes inside of [ 25.988857] freed 16-byte region [ffff8881025733c0, ffff8881025733d0) [ 25.989642] [ 25.990207] The buggy address belongs to the physical page: [ 25.991093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102573 [ 25.991756] flags: 0x200000000000000(node=0|zone=2) [ 25.992308] page_type: f5(slab) [ 25.993360] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.994043] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.994440] page dumped because: kasan: bad access detected [ 25.995153] [ 25.995343] Memory state around the buggy address: [ 25.995680] ffff888102573280: fa fb fc fc 00 05 fc fc 00 05 fc fc fa fb fc fc [ 25.997168] ffff888102573300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.997612] >ffff888102573380: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 25.998252] ^ [ 25.998606] ffff888102573400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.999337] ffff888102573480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.000582] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 25.902218] ================================================================== [ 25.902808] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 25.903450] Write of size 16 at addr ffff888101adff60 by task kunit_try_catch/175 [ 25.904518] [ 25.904984] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.906407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.907235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.907978] Call Trace: [ 25.909039] <TASK> [ 25.909312] dump_stack_lvl+0x73/0xb0 [ 25.910122] print_report+0xd1/0x640 [ 25.911028] ? __virt_addr_valid+0x1db/0x2d0 [ 25.911431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.912368] kasan_report+0x102/0x140 [ 25.913231] ? kmalloc_oob_16+0x454/0x4a0 [ 25.913603] ? kmalloc_oob_16+0x454/0x4a0 [ 25.913885] __asan_report_store16_noabort+0x1b/0x30 [ 25.914504] kmalloc_oob_16+0x454/0x4a0 [ 25.914772] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 25.916022] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 25.916409] kunit_try_run_case+0x1b3/0x490 [ 25.917100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.918043] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.918424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.919101] ? __kthread_parkme+0x82/0x160 [ 25.919346] ? preempt_count_sub+0x50/0x80 [ 25.920136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.920736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.921516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.922223] kthread+0x257/0x310 [ 25.922920] ? __pfx_kthread+0x10/0x10 [ 25.923296] ret_from_fork+0x41/0x80 [ 25.923963] ? __pfx_kthread+0x10/0x10 [ 25.924314] ret_from_fork_asm+0x1a/0x30 [ 25.925471] </TASK> [ 25.925700] [ 25.925888] Allocated by task 175: [ 25.926384] kasan_save_stack+0x3d/0x60 [ 25.927023] kasan_save_track+0x18/0x40 [ 25.927290] kasan_save_alloc_info+0x3b/0x50 [ 25.927819] __kasan_kmalloc+0xb7/0xc0 [ 25.928963] __kmalloc_cache_noprof+0x184/0x410 [ 25.929315] kmalloc_oob_16+0xa9/0x4a0 [ 25.929915] kunit_try_run_case+0x1b3/0x490 [ 25.930617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.931450] kthread+0x257/0x310 [ 25.931791] ret_from_fork+0x41/0x80 [ 25.932894] ret_from_fork_asm+0x1a/0x30 [ 25.933230] [ 25.933396] The buggy address belongs to the object at ffff888101adff60 [ 25.933396] which belongs to the cache kmalloc-16 of size 16 [ 25.934828] The buggy address is located 0 bytes inside of [ 25.934828] allocated 13-byte region [ffff888101adff60, ffff888101adff6d) [ 25.936416] [ 25.936590] The buggy address belongs to the physical page: [ 25.936865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 25.937910] flags: 0x200000000000000(node=0|zone=2) [ 25.938588] page_type: f5(slab) [ 25.939288] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.940208] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.940722] page dumped because: kasan: bad access detected [ 25.941122] [ 25.941299] Memory state around the buggy address: [ 25.941683] ffff888101adfe00: 00 02 fc fc 00 03 fc fc fa fb fc fc 00 02 fc fc [ 25.942359] ffff888101adfe80: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 25.943144] >ffff888101adff00: 00 02 fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 25.943772] ^ [ 25.944358] ffff888101adff80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.945501] ffff888101ae0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.946161] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 25.838931] ================================================================== [ 25.839561] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 25.840750] Read of size 1 at addr ffff888100398600 by task kunit_try_catch/173 [ 25.842370] [ 25.842549] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.843416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.843654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.844675] Call Trace: [ 25.844904] <TASK> [ 25.845196] dump_stack_lvl+0x73/0xb0 [ 25.845597] print_report+0xd1/0x640 [ 25.846857] ? __virt_addr_valid+0x1db/0x2d0 [ 25.847284] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.847830] kasan_report+0x102/0x140 [ 25.848268] ? krealloc_uaf+0x53e/0x5e0 [ 25.848770] ? krealloc_uaf+0x53e/0x5e0 [ 25.849165] __asan_report_load1_noabort+0x18/0x20 [ 25.849578] krealloc_uaf+0x53e/0x5e0 [ 25.850114] ? __pfx_krealloc_uaf+0x10/0x10 [ 25.850527] ? finish_task_switch.isra.0+0x153/0x700 [ 25.851179] ? __switch_to+0x5d9/0xf60 [ 25.851558] ? __schedule+0xc3e/0x2790 [ 25.852860] ? __pfx_read_tsc+0x10/0x10 [ 25.853181] ? ktime_get_ts64+0x86/0x230 [ 25.853502] kunit_try_run_case+0x1b3/0x490 [ 25.853836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.854202] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.854562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.854958] ? __kthread_parkme+0x82/0x160 [ 25.856095] ? preempt_count_sub+0x50/0x80 [ 25.856381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.856683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.857733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.858227] kthread+0x257/0x310 [ 25.858991] ? __pfx_kthread+0x10/0x10 [ 25.859379] ret_from_fork+0x41/0x80 [ 25.860233] ? __pfx_kthread+0x10/0x10 [ 25.860761] ret_from_fork_asm+0x1a/0x30 [ 25.861348] </TASK> [ 25.861546] [ 25.862132] Allocated by task 173: [ 25.862348] kasan_save_stack+0x3d/0x60 [ 25.863215] kasan_save_track+0x18/0x40 [ 25.863438] kasan_save_alloc_info+0x3b/0x50 [ 25.863659] __kasan_kmalloc+0xb7/0xc0 [ 25.864069] __kmalloc_cache_noprof+0x184/0x410 [ 25.864712] krealloc_uaf+0xbc/0x5e0 [ 25.865083] kunit_try_run_case+0x1b3/0x490 [ 25.865444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.866871] kthread+0x257/0x310 [ 25.867150] ret_from_fork+0x41/0x80 [ 25.867611] ret_from_fork_asm+0x1a/0x30 [ 25.868191] [ 25.868351] Freed by task 173: [ 25.868994] kasan_save_stack+0x3d/0x60 [ 25.869864] kasan_save_track+0x18/0x40 [ 25.870453] kasan_save_free_info+0x3f/0x60 [ 25.871154] __kasan_slab_free+0x56/0x70 [ 25.871695] kfree+0x123/0x3f0 [ 25.872027] krealloc_uaf+0x13e/0x5e0 [ 25.872435] kunit_try_run_case+0x1b3/0x490 [ 25.873613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.873881] kthread+0x257/0x310 [ 25.874084] ret_from_fork+0x41/0x80 [ 25.874442] ret_from_fork_asm+0x1a/0x30 [ 25.875677] [ 25.875905] The buggy address belongs to the object at ffff888100398600 [ 25.875905] which belongs to the cache kmalloc-256 of size 256 [ 25.877203] The buggy address is located 0 bytes inside of [ 25.877203] freed 256-byte region [ffff888100398600, ffff888100398700) [ 25.878301] [ 25.878814] The buggy address belongs to the physical page: [ 25.879314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100398 [ 25.880034] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.881434] flags: 0x200000000000040(head|node=0|zone=2) [ 25.881985] page_type: f5(slab) [ 25.882948] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.883486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.884482] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.885816] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.886311] head: 0200000000000001 ffffea000400e601 ffffffffffffffff 0000000000000000 [ 25.887529] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.888314] page dumped because: kasan: bad access detected [ 25.889049] [ 25.889313] Memory state around the buggy address: [ 25.890027] ffff888100398500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.890358] ffff888100398580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.892083] >ffff888100398600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.892523] ^ [ 25.892931] ffff888100398680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.894168] ffff888100398700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.894635] ================================================================== [ 25.776905] ================================================================== [ 25.777541] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 25.778251] Read of size 1 at addr ffff888100398600 by task kunit_try_catch/173 [ 25.778928] [ 25.779731] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.780285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.781366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.782194] Call Trace: [ 25.782438] <TASK> [ 25.783265] dump_stack_lvl+0x73/0xb0 [ 25.784164] print_report+0xd1/0x640 [ 25.784669] ? __virt_addr_valid+0x1db/0x2d0 [ 25.785521] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.785998] kasan_report+0x102/0x140 [ 25.786372] ? krealloc_uaf+0x1b9/0x5e0 [ 25.787023] ? krealloc_uaf+0x1b9/0x5e0 [ 25.787383] ? krealloc_uaf+0x1b9/0x5e0 [ 25.789012] __kasan_check_byte+0x3d/0x50 [ 25.789371] krealloc_noprof+0x3f/0x340 [ 25.789936] ? stack_depot_save_flags+0x43d/0x7c0 [ 25.790359] krealloc_uaf+0x1b9/0x5e0 [ 25.791304] ? __pfx_krealloc_uaf+0x10/0x10 [ 25.792005] ? finish_task_switch.isra.0+0x153/0x700 [ 25.792417] ? __switch_to+0x5d9/0xf60 [ 25.793049] ? __schedule+0xc3e/0x2790 [ 25.793930] ? __pfx_read_tsc+0x10/0x10 [ 25.794274] ? ktime_get_ts64+0x86/0x230 [ 25.794667] kunit_try_run_case+0x1b3/0x490 [ 25.795280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.796133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.796632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.797251] ? __kthread_parkme+0x82/0x160 [ 25.798163] ? preempt_count_sub+0x50/0x80 [ 25.798414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.799370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.800334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.801410] kthread+0x257/0x310 [ 25.801833] ? __pfx_kthread+0x10/0x10 [ 25.802186] ret_from_fork+0x41/0x80 [ 25.802549] ? __pfx_kthread+0x10/0x10 [ 25.803639] ret_from_fork_asm+0x1a/0x30 [ 25.804026] </TASK> [ 25.804320] [ 25.804525] Allocated by task 173: [ 25.804824] kasan_save_stack+0x3d/0x60 [ 25.805155] kasan_save_track+0x18/0x40 [ 25.805529] kasan_save_alloc_info+0x3b/0x50 [ 25.806244] __kasan_kmalloc+0xb7/0xc0 [ 25.806540] __kmalloc_cache_noprof+0x184/0x410 [ 25.806831] krealloc_uaf+0xbc/0x5e0 [ 25.807357] kunit_try_run_case+0x1b3/0x490 [ 25.808031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.808563] kthread+0x257/0x310 [ 25.809321] ret_from_fork+0x41/0x80 [ 25.809676] ret_from_fork_asm+0x1a/0x30 [ 25.810096] [ 25.810302] Freed by task 173: [ 25.810963] kasan_save_stack+0x3d/0x60 [ 25.811242] kasan_save_track+0x18/0x40 [ 25.811642] kasan_save_free_info+0x3f/0x60 [ 25.812203] __kasan_slab_free+0x56/0x70 [ 25.812670] kfree+0x123/0x3f0 [ 25.813021] krealloc_uaf+0x13e/0x5e0 [ 25.814387] kunit_try_run_case+0x1b3/0x490 [ 25.814962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.815493] kthread+0x257/0x310 [ 25.815953] ret_from_fork+0x41/0x80 [ 25.816960] ret_from_fork_asm+0x1a/0x30 [ 25.817218] [ 25.817369] The buggy address belongs to the object at ffff888100398600 [ 25.817369] which belongs to the cache kmalloc-256 of size 256 [ 25.819487] The buggy address is located 0 bytes inside of [ 25.819487] freed 256-byte region [ffff888100398600, ffff888100398700) [ 25.820445] [ 25.821123] The buggy address belongs to the physical page: [ 25.821694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100398 [ 25.822671] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.823928] flags: 0x200000000000040(head|node=0|zone=2) [ 25.824480] page_type: f5(slab) [ 25.824726] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.825380] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.826493] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.827299] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.828733] head: 0200000000000001 ffffea000400e601 ffffffffffffffff 0000000000000000 [ 25.829207] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.829888] page dumped because: kasan: bad access detected [ 25.830859] [ 25.831139] Memory state around the buggy address: [ 25.832166] ffff888100398500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.833071] ffff888100398580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.834212] >ffff888100398600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.834751] ^ [ 25.835405] ffff888100398680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.835952] ffff888100398700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.836539] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 25.407450] ================================================================== [ 25.408249] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 25.410138] Write of size 1 at addr ffff8881009a3eea by task kunit_try_catch/167 [ 25.411314] [ 25.412025] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.412908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.413428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.414683] Call Trace: [ 25.414881] <TASK> [ 25.415094] dump_stack_lvl+0x73/0xb0 [ 25.415512] print_report+0xd1/0x640 [ 25.416945] ? __virt_addr_valid+0x1db/0x2d0 [ 25.417328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.418305] kasan_report+0x102/0x140 [ 25.418646] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 25.419560] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 25.420124] __asan_report_store1_noabort+0x1b/0x30 [ 25.420521] krealloc_less_oob_helper+0xe92/0x11d0 [ 25.421677] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.422087] ? finish_task_switch.isra.0+0x153/0x700 [ 25.422488] ? __switch_to+0x5d9/0xf60 [ 25.423405] ? __schedule+0xc3e/0x2790 [ 25.424200] ? __pfx_read_tsc+0x10/0x10 [ 25.424566] krealloc_less_oob+0x1c/0x30 [ 25.425656] kunit_try_run_case+0x1b3/0x490 [ 25.426002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.426399] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.427432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.427962] ? __kthread_parkme+0x82/0x160 [ 25.428306] ? preempt_count_sub+0x50/0x80 [ 25.428737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.429600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.429939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.430461] kthread+0x257/0x310 [ 25.431539] ? __pfx_kthread+0x10/0x10 [ 25.432008] ret_from_fork+0x41/0x80 [ 25.432344] ? __pfx_kthread+0x10/0x10 [ 25.432787] ret_from_fork_asm+0x1a/0x30 [ 25.434153] </TASK> [ 25.434321] [ 25.434435] Allocated by task 167: [ 25.434742] kasan_save_stack+0x3d/0x60 [ 25.435848] kasan_save_track+0x18/0x40 [ 25.436526] kasan_save_alloc_info+0x3b/0x50 [ 25.437297] __kasan_krealloc+0x190/0x1f0 [ 25.437587] krealloc_noprof+0xf3/0x340 [ 25.437904] krealloc_less_oob_helper+0x1ab/0x11d0 [ 25.438378] krealloc_less_oob+0x1c/0x30 [ 25.439216] kunit_try_run_case+0x1b3/0x490 [ 25.440036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.440864] kthread+0x257/0x310 [ 25.441233] ret_from_fork+0x41/0x80 [ 25.441482] ret_from_fork_asm+0x1a/0x30 [ 25.442039] [ 25.442270] The buggy address belongs to the object at ffff8881009a3e00 [ 25.442270] which belongs to the cache kmalloc-256 of size 256 [ 25.443787] The buggy address is located 33 bytes to the right of [ 25.443787] allocated 201-byte region [ffff8881009a3e00, ffff8881009a3ec9) [ 25.444563] [ 25.444832] The buggy address belongs to the physical page: [ 25.445582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 25.446175] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.447483] flags: 0x200000000000040(head|node=0|zone=2) [ 25.448124] page_type: f5(slab) [ 25.448522] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.449195] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.449995] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.450509] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.451779] head: 0200000000000001 ffffea0004026881 ffffffffffffffff 0000000000000000 [ 25.452331] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.453184] page dumped because: kasan: bad access detected [ 25.453783] [ 25.453994] Memory state around the buggy address: [ 25.454313] ffff8881009a3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.454970] ffff8881009a3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.455419] >ffff8881009a3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.455982] ^ [ 25.457462] ffff8881009a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.458189] ffff8881009a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.458902] ================================================================== [ 25.591904] ================================================================== [ 25.592615] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 25.593379] Write of size 1 at addr ffff8881022560c9 by task kunit_try_catch/171 [ 25.594029] [ 25.594282] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.594968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.595331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.596233] Call Trace: [ 25.596491] <TASK> [ 25.596878] dump_stack_lvl+0x73/0xb0 [ 25.597384] print_report+0xd1/0x640 [ 25.597849] ? __virt_addr_valid+0x1db/0x2d0 [ 25.598298] ? kasan_addr_to_slab+0x11/0xa0 [ 25.598698] kasan_report+0x102/0x140 [ 25.599212] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 25.599741] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 25.600143] __asan_report_store1_noabort+0x1b/0x30 [ 25.600705] krealloc_less_oob_helper+0xd72/0x11d0 [ 25.601032] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.601524] ? finish_task_switch.isra.0+0x153/0x700 [ 25.602169] ? __switch_to+0x5d9/0xf60 [ 25.602610] ? __schedule+0xc3e/0x2790 [ 25.603038] ? __pfx_read_tsc+0x10/0x10 [ 25.603387] krealloc_large_less_oob+0x1c/0x30 [ 25.603915] kunit_try_run_case+0x1b3/0x490 [ 25.604259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.604622] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.604935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.605263] ? __kthread_parkme+0x82/0x160 [ 25.605720] ? preempt_count_sub+0x50/0x80 [ 25.606185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.606719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.607271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.607971] kthread+0x257/0x310 [ 25.608323] ? __pfx_kthread+0x10/0x10 [ 25.608845] ret_from_fork+0x41/0x80 [ 25.609277] ? __pfx_kthread+0x10/0x10 [ 25.609780] ret_from_fork_asm+0x1a/0x30 [ 25.610030] </TASK> [ 25.610298] [ 25.610551] The buggy address belongs to the physical page: [ 25.610985] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.611401] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.611799] flags: 0x200000000000040(head|node=0|zone=2) [ 25.612167] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.612848] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.613996] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.614827] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.616248] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.617878] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.619519] page dumped because: kasan: bad access detected [ 25.619937] [ 25.620671] Memory state around the buggy address: [ 25.621713] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.622318] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.622780] >ffff888102256080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.623351] ^ [ 25.623942] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.624406] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.625016] ================================================================== [ 25.695025] ================================================================== [ 25.696190] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 25.696839] Write of size 1 at addr ffff8881022560ea by task kunit_try_catch/171 [ 25.697352] [ 25.697599] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.698220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.698607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.699498] Call Trace: [ 25.699874] <TASK> [ 25.700084] dump_stack_lvl+0x73/0xb0 [ 25.700549] print_report+0xd1/0x640 [ 25.701079] ? __virt_addr_valid+0x1db/0x2d0 [ 25.701563] ? kasan_addr_to_slab+0x11/0xa0 [ 25.702039] kasan_report+0x102/0x140 [ 25.702480] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 25.703555] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 25.703970] __asan_report_store1_noabort+0x1b/0x30 [ 25.704823] krealloc_less_oob_helper+0xe92/0x11d0 [ 25.705292] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.705823] ? finish_task_switch.isra.0+0x153/0x700 [ 25.706301] ? __switch_to+0x5d9/0xf60 [ 25.706873] ? __schedule+0xc3e/0x2790 [ 25.707238] ? __pfx_read_tsc+0x10/0x10 [ 25.707513] krealloc_large_less_oob+0x1c/0x30 [ 25.708600] kunit_try_run_case+0x1b3/0x490 [ 25.709168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.709772] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.710232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.710765] ? __kthread_parkme+0x82/0x160 [ 25.711260] ? preempt_count_sub+0x50/0x80 [ 25.711836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.712214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.712775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.713869] kthread+0x257/0x310 [ 25.714184] ? __pfx_kthread+0x10/0x10 [ 25.714768] ret_from_fork+0x41/0x80 [ 25.715156] ? __pfx_kthread+0x10/0x10 [ 25.715410] ret_from_fork_asm+0x1a/0x30 [ 25.715702] </TASK> [ 25.715877] [ 25.716018] The buggy address belongs to the physical page: [ 25.716322] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.717333] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.718190] flags: 0x200000000000040(head|node=0|zone=2) [ 25.720172] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.721540] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.722421] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.723177] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.724558] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.725234] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.726310] page dumped because: kasan: bad access detected [ 25.726632] [ 25.726849] Memory state around the buggy address: [ 25.727656] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.728193] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.729240] >ffff888102256080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.729714] ^ [ 25.730200] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.731113] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.732391] ================================================================== [ 25.358196] ================================================================== [ 25.358968] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 25.359809] Write of size 1 at addr ffff8881009a3eda by task kunit_try_catch/167 [ 25.360634] [ 25.361101] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.362234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.362686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.363449] Call Trace: [ 25.363946] <TASK> [ 25.364520] dump_stack_lvl+0x73/0xb0 [ 25.365078] print_report+0xd1/0x640 [ 25.365412] ? __virt_addr_valid+0x1db/0x2d0 [ 25.366277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.366687] kasan_report+0x102/0x140 [ 25.367384] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 25.368282] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 25.368706] __asan_report_store1_noabort+0x1b/0x30 [ 25.369175] krealloc_less_oob_helper+0xec8/0x11d0 [ 25.369493] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.369988] ? finish_task_switch.isra.0+0x153/0x700 [ 25.371189] ? __switch_to+0x5d9/0xf60 [ 25.372003] ? __schedule+0xc3e/0x2790 [ 25.372301] ? __pfx_read_tsc+0x10/0x10 [ 25.373101] krealloc_less_oob+0x1c/0x30 [ 25.373568] kunit_try_run_case+0x1b3/0x490 [ 25.374219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.375424] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.375879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.376315] ? __kthread_parkme+0x82/0x160 [ 25.376782] ? preempt_count_sub+0x50/0x80 [ 25.377706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.378100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.379043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.379426] kthread+0x257/0x310 [ 25.379774] ? __pfx_kthread+0x10/0x10 [ 25.381159] ret_from_fork+0x41/0x80 [ 25.381481] ? __pfx_kthread+0x10/0x10 [ 25.382084] ret_from_fork_asm+0x1a/0x30 [ 25.382456] </TASK> [ 25.382866] [ 25.383029] Allocated by task 167: [ 25.383371] kasan_save_stack+0x3d/0x60 [ 25.383682] kasan_save_track+0x18/0x40 [ 25.383977] kasan_save_alloc_info+0x3b/0x50 [ 25.384415] __kasan_krealloc+0x190/0x1f0 [ 25.385372] krealloc_noprof+0xf3/0x340 [ 25.385740] krealloc_less_oob_helper+0x1ab/0x11d0 [ 25.386098] krealloc_less_oob+0x1c/0x30 [ 25.386785] kunit_try_run_case+0x1b3/0x490 [ 25.387229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.387780] kthread+0x257/0x310 [ 25.388022] ret_from_fork+0x41/0x80 [ 25.388419] ret_from_fork_asm+0x1a/0x30 [ 25.388680] [ 25.388891] The buggy address belongs to the object at ffff8881009a3e00 [ 25.388891] which belongs to the cache kmalloc-256 of size 256 [ 25.390903] The buggy address is located 17 bytes to the right of [ 25.390903] allocated 201-byte region [ffff8881009a3e00, ffff8881009a3ec9) [ 25.391518] [ 25.391734] The buggy address belongs to the physical page: [ 25.392288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 25.393001] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.393571] flags: 0x200000000000040(head|node=0|zone=2) [ 25.394171] page_type: f5(slab) [ 25.394405] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.395996] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.396421] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.397212] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.397798] head: 0200000000000001 ffffea0004026881 ffffffffffffffff 0000000000000000 [ 25.398455] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.399264] page dumped because: kasan: bad access detected [ 25.399642] [ 25.399829] Memory state around the buggy address: [ 25.400110] ffff8881009a3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.400756] ffff8881009a3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.401297] >ffff8881009a3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.404116] ^ [ 25.404598] ffff8881009a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.405399] ffff8881009a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.406611] ================================================================== [ 25.734164] ================================================================== [ 25.735103] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 25.735812] Write of size 1 at addr ffff8881022560eb by task kunit_try_catch/171 [ 25.736821] [ 25.737011] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.737642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.737971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.739188] Call Trace: [ 25.739443] <TASK> [ 25.740574] dump_stack_lvl+0x73/0xb0 [ 25.740890] print_report+0xd1/0x640 [ 25.741214] ? __virt_addr_valid+0x1db/0x2d0 [ 25.742101] ? kasan_addr_to_slab+0x11/0xa0 [ 25.742940] kasan_report+0x102/0x140 [ 25.743151] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 25.743430] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 25.744285] __asan_report_store1_noabort+0x1b/0x30 [ 25.744702] krealloc_less_oob_helper+0xd49/0x11d0 [ 25.745177] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.745615] ? finish_task_switch.isra.0+0x153/0x700 [ 25.746010] ? __switch_to+0x5d9/0xf60 [ 25.746373] ? __schedule+0xc3e/0x2790 [ 25.747514] ? __pfx_read_tsc+0x10/0x10 [ 25.747857] krealloc_large_less_oob+0x1c/0x30 [ 25.748117] kunit_try_run_case+0x1b3/0x490 [ 25.748377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.748735] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.749650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.750105] ? __kthread_parkme+0x82/0x160 [ 25.751010] ? preempt_count_sub+0x50/0x80 [ 25.751428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.752165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.752965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.753414] kthread+0x257/0x310 [ 25.754232] ? __pfx_kthread+0x10/0x10 [ 25.754759] ret_from_fork+0x41/0x80 [ 25.755766] ? __pfx_kthread+0x10/0x10 [ 25.756110] ret_from_fork_asm+0x1a/0x30 [ 25.756446] </TASK> [ 25.757510] [ 25.757683] The buggy address belongs to the physical page: [ 25.757981] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.758371] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.759144] flags: 0x200000000000040(head|node=0|zone=2) [ 25.760239] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.760785] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.761485] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.762211] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.763023] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.763590] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.764668] page dumped because: kasan: bad access detected [ 25.765310] [ 25.765516] Memory state around the buggy address: [ 25.766500] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.767279] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.768620] >ffff888102256080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.768964] ^ [ 25.769271] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.769844] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.770173] ================================================================== [ 25.661128] ================================================================== [ 25.661683] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 25.662138] Write of size 1 at addr ffff8881022560da by task kunit_try_catch/171 [ 25.662493] [ 25.662660] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.663763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.664175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.665088] Call Trace: [ 25.665295] <TASK> [ 25.665606] dump_stack_lvl+0x73/0xb0 [ 25.666162] print_report+0xd1/0x640 [ 25.666579] ? __virt_addr_valid+0x1db/0x2d0 [ 25.667097] ? kasan_addr_to_slab+0x11/0xa0 [ 25.667445] kasan_report+0x102/0x140 [ 25.668463] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 25.668874] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 25.669455] __asan_report_store1_noabort+0x1b/0x30 [ 25.670009] krealloc_less_oob_helper+0xec8/0x11d0 [ 25.670397] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.670731] ? finish_task_switch.isra.0+0x153/0x700 [ 25.671229] ? __switch_to+0x5d9/0xf60 [ 25.671641] ? __schedule+0xc3e/0x2790 [ 25.672045] ? __pfx_read_tsc+0x10/0x10 [ 25.672750] krealloc_large_less_oob+0x1c/0x30 [ 25.673214] kunit_try_run_case+0x1b3/0x490 [ 25.674222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.674782] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.675165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.675566] ? __kthread_parkme+0x82/0x160 [ 25.676104] ? preempt_count_sub+0x50/0x80 [ 25.676579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.677190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.677584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.678244] kthread+0x257/0x310 [ 25.679210] ? __pfx_kthread+0x10/0x10 [ 25.679612] ret_from_fork+0x41/0x80 [ 25.680032] ? __pfx_kthread+0x10/0x10 [ 25.680484] ret_from_fork_asm+0x1a/0x30 [ 25.681001] </TASK> [ 25.681201] [ 25.681412] The buggy address belongs to the physical page: [ 25.681797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.682207] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.682776] flags: 0x200000000000040(head|node=0|zone=2) [ 25.683465] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.684241] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.685495] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.686217] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.686844] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.687475] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.688246] page dumped because: kasan: bad access detected [ 25.688674] [ 25.688855] Memory state around the buggy address: [ 25.689396] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.690847] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.691497] >ffff888102256080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.692046] ^ [ 25.692765] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.693526] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.694186] ================================================================== [ 25.253013] ================================================================== [ 25.253936] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 25.255151] Write of size 1 at addr ffff8881009a3ec9 by task kunit_try_catch/167 [ 25.256938] [ 25.257144] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.257828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.258500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.259370] Call Trace: [ 25.260089] <TASK> [ 25.260865] dump_stack_lvl+0x73/0xb0 [ 25.261148] print_report+0xd1/0x640 [ 25.261461] ? __virt_addr_valid+0x1db/0x2d0 [ 25.262354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.263304] kasan_report+0x102/0x140 [ 25.263802] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 25.264340] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 25.265029] __asan_report_store1_noabort+0x1b/0x30 [ 25.266235] krealloc_less_oob_helper+0xd72/0x11d0 [ 25.266941] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.267439] ? finish_task_switch.isra.0+0x153/0x700 [ 25.268255] ? __switch_to+0x5d9/0xf60 [ 25.269160] ? __schedule+0xc3e/0x2790 [ 25.269712] ? __pfx_read_tsc+0x10/0x10 [ 25.270024] krealloc_less_oob+0x1c/0x30 [ 25.270400] kunit_try_run_case+0x1b3/0x490 [ 25.271348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.271717] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.271990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.272846] ? __kthread_parkme+0x82/0x160 [ 25.273446] ? preempt_count_sub+0x50/0x80 [ 25.274386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.274859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.275227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.275758] kthread+0x257/0x310 [ 25.276217] ? __pfx_kthread+0x10/0x10 [ 25.276984] ret_from_fork+0x41/0x80 [ 25.277350] ? __pfx_kthread+0x10/0x10 [ 25.278312] ret_from_fork_asm+0x1a/0x30 [ 25.278898] </TASK> [ 25.279179] [ 25.279362] Allocated by task 167: [ 25.279682] kasan_save_stack+0x3d/0x60 [ 25.280094] kasan_save_track+0x18/0x40 [ 25.280422] kasan_save_alloc_info+0x3b/0x50 [ 25.281479] __kasan_krealloc+0x190/0x1f0 [ 25.281881] krealloc_noprof+0xf3/0x340 [ 25.282271] krealloc_less_oob_helper+0x1ab/0x11d0 [ 25.282797] krealloc_less_oob+0x1c/0x30 [ 25.283514] kunit_try_run_case+0x1b3/0x490 [ 25.284128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.284830] kthread+0x257/0x310 [ 25.285255] ret_from_fork+0x41/0x80 [ 25.285862] ret_from_fork_asm+0x1a/0x30 [ 25.286118] [ 25.286267] The buggy address belongs to the object at ffff8881009a3e00 [ 25.286267] which belongs to the cache kmalloc-256 of size 256 [ 25.287555] The buggy address is located 0 bytes to the right of [ 25.287555] allocated 201-byte region [ffff8881009a3e00, ffff8881009a3ec9) [ 25.288842] [ 25.289412] The buggy address belongs to the physical page: [ 25.289856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 25.290453] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.290967] flags: 0x200000000000040(head|node=0|zone=2) [ 25.292028] page_type: f5(slab) [ 25.292259] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.292988] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.294169] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.295159] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.296170] head: 0200000000000001 ffffea0004026881 ffffffffffffffff 0000000000000000 [ 25.296648] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.297908] page dumped because: kasan: bad access detected [ 25.298213] [ 25.298682] Memory state around the buggy address: [ 25.299632] ffff8881009a3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.300271] ffff8881009a3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.301446] >ffff8881009a3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.302186] ^ [ 25.302871] ffff8881009a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.303981] ffff8881009a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.305289] ================================================================== [ 25.626571] ================================================================== [ 25.627261] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 25.627902] Write of size 1 at addr ffff8881022560d0 by task kunit_try_catch/171 [ 25.628548] [ 25.628915] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.629749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.630116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.630566] Call Trace: [ 25.630986] <TASK> [ 25.631268] dump_stack_lvl+0x73/0xb0 [ 25.632367] print_report+0xd1/0x640 [ 25.632780] ? __virt_addr_valid+0x1db/0x2d0 [ 25.633351] ? kasan_addr_to_slab+0x11/0xa0 [ 25.633936] kasan_report+0x102/0x140 [ 25.634341] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 25.634959] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 25.635408] __asan_report_store1_noabort+0x1b/0x30 [ 25.635997] krealloc_less_oob_helper+0xe25/0x11d0 [ 25.636515] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.637632] ? finish_task_switch.isra.0+0x153/0x700 [ 25.638126] ? __switch_to+0x5d9/0xf60 [ 25.638426] ? __schedule+0xc3e/0x2790 [ 25.638826] ? __pfx_read_tsc+0x10/0x10 [ 25.639406] krealloc_large_less_oob+0x1c/0x30 [ 25.640003] kunit_try_run_case+0x1b3/0x490 [ 25.640342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.640911] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.641369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.641991] ? __kthread_parkme+0x82/0x160 [ 25.642357] ? preempt_count_sub+0x50/0x80 [ 25.643456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.643786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.644388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.645119] kthread+0x257/0x310 [ 25.645479] ? __pfx_kthread+0x10/0x10 [ 25.645937] ret_from_fork+0x41/0x80 [ 25.646324] ? __pfx_kthread+0x10/0x10 [ 25.646868] ret_from_fork_asm+0x1a/0x30 [ 25.647302] </TASK> [ 25.647603] [ 25.648456] The buggy address belongs to the physical page: [ 25.648855] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.649805] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.650205] flags: 0x200000000000040(head|node=0|zone=2) [ 25.650788] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.651472] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.652079] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.652731] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.653195] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.654897] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.655433] page dumped because: kasan: bad access detected [ 25.656133] [ 25.656288] Memory state around the buggy address: [ 25.656585] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.656939] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.657401] >ffff888102256080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.657847] ^ [ 25.658417] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.659161] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.660351] ================================================================== [ 25.306893] ================================================================== [ 25.307423] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 25.308518] Write of size 1 at addr ffff8881009a3ed0 by task kunit_try_catch/167 [ 25.308771] [ 25.308867] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.309307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.309753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.310895] Call Trace: [ 25.311240] <TASK> [ 25.311550] dump_stack_lvl+0x73/0xb0 [ 25.312209] print_report+0xd1/0x640 [ 25.312661] ? __virt_addr_valid+0x1db/0x2d0 [ 25.313125] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.313826] kasan_report+0x102/0x140 [ 25.314477] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 25.315100] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 25.315681] __asan_report_store1_noabort+0x1b/0x30 [ 25.315991] krealloc_less_oob_helper+0xe25/0x11d0 [ 25.317119] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.318068] ? finish_task_switch.isra.0+0x153/0x700 [ 25.318909] ? __switch_to+0x5d9/0xf60 [ 25.319614] ? __schedule+0xc3e/0x2790 [ 25.320386] ? __pfx_read_tsc+0x10/0x10 [ 25.321136] krealloc_less_oob+0x1c/0x30 [ 25.321417] kunit_try_run_case+0x1b3/0x490 [ 25.321723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.322191] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.322523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.323002] ? __kthread_parkme+0x82/0x160 [ 25.324130] ? preempt_count_sub+0x50/0x80 [ 25.324754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.325274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.326031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.326544] kthread+0x257/0x310 [ 25.327187] ? __pfx_kthread+0x10/0x10 [ 25.327410] ret_from_fork+0x41/0x80 [ 25.327627] ? __pfx_kthread+0x10/0x10 [ 25.327991] ret_from_fork_asm+0x1a/0x30 [ 25.328388] </TASK> [ 25.329685] [ 25.330043] Allocated by task 167: [ 25.330635] kasan_save_stack+0x3d/0x60 [ 25.330874] kasan_save_track+0x18/0x40 [ 25.331099] kasan_save_alloc_info+0x3b/0x50 [ 25.331265] __kasan_krealloc+0x190/0x1f0 [ 25.331406] krealloc_noprof+0xf3/0x340 [ 25.331779] krealloc_less_oob_helper+0x1ab/0x11d0 [ 25.332250] krealloc_less_oob+0x1c/0x30 [ 25.332659] kunit_try_run_case+0x1b3/0x490 [ 25.333496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.334588] kthread+0x257/0x310 [ 25.335495] ret_from_fork+0x41/0x80 [ 25.336131] ret_from_fork_asm+0x1a/0x30 [ 25.336597] [ 25.337128] The buggy address belongs to the object at ffff8881009a3e00 [ 25.337128] which belongs to the cache kmalloc-256 of size 256 [ 25.338271] The buggy address is located 7 bytes to the right of [ 25.338271] allocated 201-byte region [ffff8881009a3e00, ffff8881009a3ec9) [ 25.339826] [ 25.340019] The buggy address belongs to the physical page: [ 25.340411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 25.341027] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.342066] flags: 0x200000000000040(head|node=0|zone=2) [ 25.342752] page_type: f5(slab) [ 25.343204] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.344121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.345026] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.346200] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.346867] head: 0200000000000001 ffffea0004026881 ffffffffffffffff 0000000000000000 [ 25.347427] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.348749] page dumped because: kasan: bad access detected [ 25.349140] [ 25.349332] Memory state around the buggy address: [ 25.349716] ffff8881009a3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.350240] ffff8881009a3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.350817] >ffff8881009a3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.351442] ^ [ 25.353095] ffff8881009a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.353600] ffff8881009a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.354246] ================================================================== [ 25.460217] ================================================================== [ 25.461470] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 25.462143] Write of size 1 at addr ffff8881009a3eeb by task kunit_try_catch/167 [ 25.462881] [ 25.463075] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.463926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.464270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.464823] Call Trace: [ 25.466288] <TASK> [ 25.466673] dump_stack_lvl+0x73/0xb0 [ 25.467361] print_report+0xd1/0x640 [ 25.467966] ? __virt_addr_valid+0x1db/0x2d0 [ 25.468366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.469227] kasan_report+0x102/0x140 [ 25.469963] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 25.470393] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 25.471129] __asan_report_store1_noabort+0x1b/0x30 [ 25.471610] krealloc_less_oob_helper+0xd49/0x11d0 [ 25.472620] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 25.473390] ? finish_task_switch.isra.0+0x153/0x700 [ 25.474369] ? __switch_to+0x5d9/0xf60 [ 25.475192] ? __schedule+0xc3e/0x2790 [ 25.475535] ? __pfx_read_tsc+0x10/0x10 [ 25.475994] krealloc_less_oob+0x1c/0x30 [ 25.476404] kunit_try_run_case+0x1b3/0x490 [ 25.477492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.478270] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.478654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.479123] ? __kthread_parkme+0x82/0x160 [ 25.479465] ? preempt_count_sub+0x50/0x80 [ 25.479856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.480239] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.481201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.482097] kthread+0x257/0x310 [ 25.482582] ? __pfx_kthread+0x10/0x10 [ 25.483132] ret_from_fork+0x41/0x80 [ 25.483670] ? __pfx_kthread+0x10/0x10 [ 25.483957] ret_from_fork_asm+0x1a/0x30 [ 25.484666] </TASK> [ 25.485079] [ 25.485286] Allocated by task 167: [ 25.485874] kasan_save_stack+0x3d/0x60 [ 25.486400] kasan_save_track+0x18/0x40 [ 25.486806] kasan_save_alloc_info+0x3b/0x50 [ 25.487095] __kasan_krealloc+0x190/0x1f0 [ 25.487559] krealloc_noprof+0xf3/0x340 [ 25.488117] krealloc_less_oob_helper+0x1ab/0x11d0 [ 25.488734] krealloc_less_oob+0x1c/0x30 [ 25.489344] kunit_try_run_case+0x1b3/0x490 [ 25.489914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.490563] kthread+0x257/0x310 [ 25.491006] ret_from_fork+0x41/0x80 [ 25.491556] ret_from_fork_asm+0x1a/0x30 [ 25.492130] [ 25.492493] The buggy address belongs to the object at ffff8881009a3e00 [ 25.492493] which belongs to the cache kmalloc-256 of size 256 [ 25.493850] The buggy address is located 34 bytes to the right of [ 25.493850] allocated 201-byte region [ffff8881009a3e00, ffff8881009a3ec9) [ 25.494658] [ 25.494930] The buggy address belongs to the physical page: [ 25.495408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a2 [ 25.496351] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.497228] flags: 0x200000000000040(head|node=0|zone=2) [ 25.497869] page_type: f5(slab) [ 25.498268] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.498901] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.499913] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.500762] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.501603] head: 0200000000000001 ffffea0004026881 ffffffffffffffff 0000000000000000 [ 25.502239] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.503039] page dumped because: kasan: bad access detected [ 25.503584] [ 25.503837] Memory state around the buggy address: [ 25.504353] ffff8881009a3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.505072] ffff8881009a3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.506047] >ffff8881009a3e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.506801] ^ [ 25.507323] ffff8881009a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.508044] ffff8881009a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.508425] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 25.204351] ================================================================== [ 25.204951] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 25.207235] Write of size 1 at addr ffff8881003984f0 by task kunit_try_catch/165 [ 25.207773] [ 25.208206] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.209283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.209615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.210130] Call Trace: [ 25.210446] <TASK> [ 25.210752] dump_stack_lvl+0x73/0xb0 [ 25.211159] print_report+0xd1/0x640 [ 25.211539] ? __virt_addr_valid+0x1db/0x2d0 [ 25.211986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.212528] kasan_report+0x102/0x140 [ 25.212927] ? krealloc_more_oob_helper+0x7ed/0x930 [ 25.213455] ? krealloc_more_oob_helper+0x7ed/0x930 [ 25.213872] __asan_report_store1_noabort+0x1b/0x30 [ 25.214302] krealloc_more_oob_helper+0x7ed/0x930 [ 25.214781] ? __schedule+0xc3e/0x2790 [ 25.215250] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 25.215739] ? finish_task_switch.isra.0+0x153/0x700 [ 25.216156] ? __switch_to+0x5d9/0xf60 [ 25.216544] ? __schedule+0xc3e/0x2790 [ 25.216973] ? __pfx_read_tsc+0x10/0x10 [ 25.217397] krealloc_more_oob+0x1c/0x30 [ 25.217768] kunit_try_run_case+0x1b3/0x490 [ 25.218255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.218623] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.219036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.219523] ? __kthread_parkme+0x82/0x160 [ 25.219961] ? preempt_count_sub+0x50/0x80 [ 25.220347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.220715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.221279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.221668] kthread+0x257/0x310 [ 25.222016] ? __pfx_kthread+0x10/0x10 [ 25.222423] ret_from_fork+0x41/0x80 [ 25.222919] ? __pfx_kthread+0x10/0x10 [ 25.223327] ret_from_fork_asm+0x1a/0x30 [ 25.223701] </TASK> [ 25.223914] [ 25.224139] Allocated by task 165: [ 25.224445] kasan_save_stack+0x3d/0x60 [ 25.224822] kasan_save_track+0x18/0x40 [ 25.225286] kasan_save_alloc_info+0x3b/0x50 [ 25.225784] __kasan_krealloc+0x190/0x1f0 [ 25.226190] krealloc_noprof+0xf3/0x340 [ 25.226636] krealloc_more_oob_helper+0x1aa/0x930 [ 25.227081] krealloc_more_oob+0x1c/0x30 [ 25.227344] kunit_try_run_case+0x1b3/0x490 [ 25.227842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.228390] kthread+0x257/0x310 [ 25.228812] ret_from_fork+0x41/0x80 [ 25.229156] ret_from_fork_asm+0x1a/0x30 [ 25.229427] [ 25.229671] The buggy address belongs to the object at ffff888100398400 [ 25.229671] which belongs to the cache kmalloc-256 of size 256 [ 25.230770] The buggy address is located 5 bytes to the right of [ 25.230770] allocated 235-byte region [ffff888100398400, ffff8881003984eb) [ 25.231641] [ 25.231813] The buggy address belongs to the physical page: [ 25.232163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100398 [ 25.233009] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.233586] flags: 0x200000000000040(head|node=0|zone=2) [ 25.234070] page_type: f5(slab) [ 25.234388] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.234851] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.235466] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.236239] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.237020] head: 0200000000000001 ffffea000400e601 ffffffffffffffff 0000000000000000 [ 25.237809] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.238482] page dumped because: kasan: bad access detected [ 25.238829] [ 25.238974] Memory state around the buggy address: [ 25.239271] ffff888100398380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.240079] ffff888100398400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.240805] >ffff888100398480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 25.241376] ^ [ 25.241868] ffff888100398500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.242596] ffff888100398580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.243205] ================================================================== [ 25.550011] ================================================================== [ 25.551543] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 25.552770] Write of size 1 at addr ffff8881022560f0 by task kunit_try_catch/169 [ 25.553230] [ 25.553532] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.554433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.554979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.555703] Call Trace: [ 25.555998] <TASK> [ 25.556312] dump_stack_lvl+0x73/0xb0 [ 25.556829] print_report+0xd1/0x640 [ 25.557279] ? __virt_addr_valid+0x1db/0x2d0 [ 25.557807] ? kasan_addr_to_slab+0x11/0xa0 [ 25.558322] kasan_report+0x102/0x140 [ 25.558734] ? krealloc_more_oob_helper+0x7ed/0x930 [ 25.559274] ? krealloc_more_oob_helper+0x7ed/0x930 [ 25.559828] __asan_report_store1_noabort+0x1b/0x30 [ 25.560365] krealloc_more_oob_helper+0x7ed/0x930 [ 25.560906] ? __schedule+0xc3e/0x2790 [ 25.561359] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 25.561834] ? finish_task_switch.isra.0+0x153/0x700 [ 25.562401] ? __switch_to+0x5d9/0xf60 [ 25.562869] ? __schedule+0xc3e/0x2790 [ 25.563194] ? __pfx_read_tsc+0x10/0x10 [ 25.563492] krealloc_large_more_oob+0x1c/0x30 [ 25.563943] kunit_try_run_case+0x1b3/0x490 [ 25.564523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.565073] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.565543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.566108] ? __kthread_parkme+0x82/0x160 [ 25.566595] ? preempt_count_sub+0x50/0x80 [ 25.567020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.567558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.568079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.568755] kthread+0x257/0x310 [ 25.569131] ? __pfx_kthread+0x10/0x10 [ 25.569650] ret_from_fork+0x41/0x80 [ 25.569958] ? __pfx_kthread+0x10/0x10 [ 25.570425] ret_from_fork_asm+0x1a/0x30 [ 25.570932] </TASK> [ 25.571262] [ 25.571513] The buggy address belongs to the physical page: [ 25.571995] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.572641] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.573277] flags: 0x200000000000040(head|node=0|zone=2) [ 25.573755] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.574374] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.575154] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.575892] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.576570] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.577255] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.577901] page dumped because: kasan: bad access detected [ 25.578664] [ 25.578812] Memory state around the buggy address: [ 25.579124] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.579561] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.580223] >ffff888102256080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 25.580841] ^ [ 25.581217] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.581898] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.582559] ================================================================== [ 25.516263] ================================================================== [ 25.517460] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 25.518142] Write of size 1 at addr ffff8881022560eb by task kunit_try_catch/169 [ 25.518615] [ 25.518793] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.519652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.519982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.520626] Call Trace: [ 25.520823] <TASK> [ 25.521014] dump_stack_lvl+0x73/0xb0 [ 25.521411] print_report+0xd1/0x640 [ 25.521973] ? __virt_addr_valid+0x1db/0x2d0 [ 25.522580] ? kasan_addr_to_slab+0x11/0xa0 [ 25.523087] kasan_report+0x102/0x140 [ 25.523521] ? krealloc_more_oob_helper+0x823/0x930 [ 25.524002] ? krealloc_more_oob_helper+0x823/0x930 [ 25.524665] __asan_report_store1_noabort+0x1b/0x30 [ 25.525162] krealloc_more_oob_helper+0x823/0x930 [ 25.525659] ? __schedule+0xc3e/0x2790 [ 25.525999] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 25.526676] ? finish_task_switch.isra.0+0x153/0x700 [ 25.527221] ? __switch_to+0x5d9/0xf60 [ 25.527690] ? __schedule+0xc3e/0x2790 [ 25.528139] ? __pfx_read_tsc+0x10/0x10 [ 25.528562] krealloc_large_more_oob+0x1c/0x30 [ 25.529047] kunit_try_run_case+0x1b3/0x490 [ 25.529620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.530137] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.530709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.531280] ? __kthread_parkme+0x82/0x160 [ 25.531763] ? preempt_count_sub+0x50/0x80 [ 25.532271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.532820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.533477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.533936] kthread+0x257/0x310 [ 25.534377] ? __pfx_kthread+0x10/0x10 [ 25.534872] ret_from_fork+0x41/0x80 [ 25.535304] ? __pfx_kthread+0x10/0x10 [ 25.535743] ret_from_fork_asm+0x1a/0x30 [ 25.536270] </TASK> [ 25.536656] [ 25.536896] The buggy address belongs to the physical page: [ 25.537402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102254 [ 25.538026] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.538707] flags: 0x200000000000040(head|node=0|zone=2) [ 25.539350] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.539943] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.540693] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.541260] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.541971] head: 0200000000000002 ffffea0004089501 ffffffffffffffff 0000000000000000 [ 25.542680] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.543314] page dumped because: kasan: bad access detected [ 25.543753] [ 25.544029] Memory state around the buggy address: [ 25.544506] ffff888102255f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.545232] ffff888102256000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.545772] >ffff888102256080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 25.546381] ^ [ 25.547113] ffff888102256100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.547628] ffff888102256180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.548296] ================================================================== [ 25.154506] ================================================================== [ 25.155360] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 25.156732] Write of size 1 at addr ffff8881003984eb by task kunit_try_catch/165 [ 25.158125] [ 25.158399] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.159661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.160009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.160826] Call Trace: [ 25.161049] <TASK> [ 25.161573] dump_stack_lvl+0x73/0xb0 [ 25.162132] print_report+0xd1/0x640 [ 25.162941] ? __virt_addr_valid+0x1db/0x2d0 [ 25.163305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.164047] kasan_report+0x102/0x140 [ 25.164994] ? krealloc_more_oob_helper+0x823/0x930 [ 25.165406] ? krealloc_more_oob_helper+0x823/0x930 [ 25.166342] __asan_report_store1_noabort+0x1b/0x30 [ 25.166938] krealloc_more_oob_helper+0x823/0x930 [ 25.167478] ? __schedule+0xc3e/0x2790 [ 25.167891] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 25.168372] ? finish_task_switch.isra.0+0x153/0x700 [ 25.169198] ? __switch_to+0x5d9/0xf60 [ 25.170134] ? __schedule+0xc3e/0x2790 [ 25.170497] ? __pfx_read_tsc+0x10/0x10 [ 25.171032] krealloc_more_oob+0x1c/0x30 [ 25.171800] kunit_try_run_case+0x1b3/0x490 [ 25.172393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.173048] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.173722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.174133] ? __kthread_parkme+0x82/0x160 [ 25.175104] ? preempt_count_sub+0x50/0x80 [ 25.175496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.175883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.176455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.176886] kthread+0x257/0x310 [ 25.177249] ? __pfx_kthread+0x10/0x10 [ 25.177651] ret_from_fork+0x41/0x80 [ 25.178162] ? __pfx_kthread+0x10/0x10 [ 25.178745] ret_from_fork_asm+0x1a/0x30 [ 25.179166] </TASK> [ 25.179493] [ 25.179790] Allocated by task 165: [ 25.180178] kasan_save_stack+0x3d/0x60 [ 25.180606] kasan_save_track+0x18/0x40 [ 25.181000] kasan_save_alloc_info+0x3b/0x50 [ 25.181921] __kasan_krealloc+0x190/0x1f0 [ 25.182343] krealloc_noprof+0xf3/0x340 [ 25.182619] krealloc_more_oob_helper+0x1aa/0x930 [ 25.183247] krealloc_more_oob+0x1c/0x30 [ 25.183819] kunit_try_run_case+0x1b3/0x490 [ 25.184242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.184871] kthread+0x257/0x310 [ 25.185264] ret_from_fork+0x41/0x80 [ 25.185965] ret_from_fork_asm+0x1a/0x30 [ 25.186381] [ 25.186580] The buggy address belongs to the object at ffff888100398400 [ 25.186580] which belongs to the cache kmalloc-256 of size 256 [ 25.187886] The buggy address is located 0 bytes to the right of [ 25.187886] allocated 235-byte region [ffff888100398400, ffff8881003984eb) [ 25.188973] [ 25.189237] The buggy address belongs to the physical page: [ 25.189749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100398 [ 25.190405] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.191318] flags: 0x200000000000040(head|node=0|zone=2) [ 25.191936] page_type: f5(slab) [ 25.192301] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.192900] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.193773] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 25.194385] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.195202] head: 0200000000000001 ffffea000400e601 ffffffffffffffff 0000000000000000 [ 25.196077] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 25.196889] page dumped because: kasan: bad access detected [ 25.197316] [ 25.197577] Memory state around the buggy address: [ 25.198195] ffff888100398380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.198738] ffff888100398400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.199478] >ffff888100398480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 25.200110] ^ [ 25.201004] ffff888100398500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.201559] ffff888100398580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.202320] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 25.112684] ================================================================== [ 25.113925] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 25.114802] Read of size 1 at addr ffff888102b00000 by task kunit_try_catch/163 [ 25.115242] [ 25.115425] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.117556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.118303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.119088] Call Trace: [ 25.119400] <TASK> [ 25.119768] dump_stack_lvl+0x73/0xb0 [ 25.120244] print_report+0xd1/0x640 [ 25.120754] ? __virt_addr_valid+0x1db/0x2d0 [ 25.121174] ? kasan_addr_to_slab+0x11/0xa0 [ 25.121671] kasan_report+0x102/0x140 [ 25.122115] ? page_alloc_uaf+0x358/0x3d0 [ 25.122543] ? page_alloc_uaf+0x358/0x3d0 [ 25.123173] __asan_report_load1_noabort+0x18/0x20 [ 25.123636] page_alloc_uaf+0x358/0x3d0 [ 25.123888] ? __pfx_page_alloc_uaf+0x10/0x10 [ 25.124253] ? __schedule+0xc3e/0x2790 [ 25.124762] ? __pfx_read_tsc+0x10/0x10 [ 25.125223] ? ktime_get_ts64+0x86/0x230 [ 25.125820] kunit_try_run_case+0x1b3/0x490 [ 25.126230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.126771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.127295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.128074] ? __kthread_parkme+0x82/0x160 [ 25.128808] ? preempt_count_sub+0x50/0x80 [ 25.129623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.130692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.131173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.131793] kthread+0x257/0x310 [ 25.132131] ? __pfx_kthread+0x10/0x10 [ 25.132615] ret_from_fork+0x41/0x80 [ 25.133522] ? __pfx_kthread+0x10/0x10 [ 25.133903] ret_from_fork_asm+0x1a/0x30 [ 25.134207] </TASK> [ 25.134439] [ 25.135431] The buggy address belongs to the physical page: [ 25.136152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b00 [ 25.137265] flags: 0x200000000000000(node=0|zone=2) [ 25.138276] page_type: f0(buddy) [ 25.138883] raw: 0200000000000000 ffff88817fffc5c0 ffff88817fffc5c0 0000000000000000 [ 25.139978] raw: 0000000000000000 0000000000000008 00000000f0000000 0000000000000000 [ 25.140734] page dumped because: kasan: bad access detected [ 25.141443] [ 25.141914] Memory state around the buggy address: [ 25.142313] ffff888102afff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.143319] ffff888102afff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.143898] >ffff888102b00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.144909] ^ [ 25.145450] ffff888102b00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.146396] ffff888102b00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.146967] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 25.057138] ================================================================== [ 25.057855] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 25.059856] Free of addr ffff888102a38001 by task kunit_try_catch/159 [ 25.060255] [ 25.060787] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.061633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.062766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.064084] Call Trace: [ 25.064323] <TASK> [ 25.065155] dump_stack_lvl+0x73/0xb0 [ 25.065586] print_report+0xd1/0x640 [ 25.066184] ? __virt_addr_valid+0x1db/0x2d0 [ 25.066899] ? kfree+0x271/0x3f0 [ 25.067170] ? kasan_addr_to_slab+0x11/0xa0 [ 25.068227] ? kfree+0x271/0x3f0 [ 25.068496] kasan_report_invalid_free+0xc0/0xf0 [ 25.069005] ? kfree+0x271/0x3f0 [ 25.069822] ? kfree+0x271/0x3f0 [ 25.070106] __kasan_kfree_large+0x86/0xd0 [ 25.070585] free_large_kmalloc+0x3b/0xd0 [ 25.071015] kfree+0x271/0x3f0 [ 25.072042] kmalloc_large_invalid_free+0x121/0x2b0 [ 25.072629] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 25.073400] ? __schedule+0xc3e/0x2790 [ 25.074137] ? __pfx_read_tsc+0x10/0x10 [ 25.074474] ? ktime_get_ts64+0x86/0x230 [ 25.074953] kunit_try_run_case+0x1b3/0x490 [ 25.075264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.076336] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.077042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.077592] ? __kthread_parkme+0x82/0x160 [ 25.078149] ? preempt_count_sub+0x50/0x80 [ 25.079142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.079754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.080196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.081207] kthread+0x257/0x310 [ 25.081515] ? __pfx_kthread+0x10/0x10 [ 25.082270] ret_from_fork+0x41/0x80 [ 25.082825] ? __pfx_kthread+0x10/0x10 [ 25.083173] ret_from_fork_asm+0x1a/0x30 [ 25.084321] </TASK> [ 25.084528] [ 25.084645] The buggy address belongs to the physical page: [ 25.085155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 25.085821] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.086484] flags: 0x200000000000040(head|node=0|zone=2) [ 25.087482] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.088019] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.088726] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.089856] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.090536] head: 0200000000000002 ffffea00040a8e01 ffffffffffffffff 0000000000000000 [ 25.091136] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.091955] page dumped because: kasan: bad access detected [ 25.092896] [ 25.093891] Memory state around the buggy address: [ 25.094277] ffff888102a37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.095157] ffff888102a37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.096005] >ffff888102a38000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.096452] ^ [ 25.097807] ffff888102a38080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.098275] ffff888102a38100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.099526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 25.017119] ================================================================== [ 25.018271] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 25.019266] Read of size 1 at addr ffff888102250000 by task kunit_try_catch/157 [ 25.020145] [ 25.020383] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 25.021232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.022280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.022845] Call Trace: [ 25.023072] <TASK> [ 25.023527] dump_stack_lvl+0x73/0xb0 [ 25.024238] print_report+0xd1/0x640 [ 25.024795] ? __virt_addr_valid+0x1db/0x2d0 [ 25.025267] ? kasan_addr_to_slab+0x11/0xa0 [ 25.025896] kasan_report+0x102/0x140 [ 25.026185] ? kmalloc_large_uaf+0x2f3/0x340 [ 25.026735] ? kmalloc_large_uaf+0x2f3/0x340 [ 25.027168] __asan_report_load1_noabort+0x18/0x20 [ 25.027834] kmalloc_large_uaf+0x2f3/0x340 [ 25.028223] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 25.029133] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 25.029726] kunit_try_run_case+0x1b3/0x490 [ 25.030697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.031089] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.031757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.032597] ? __kthread_parkme+0x82/0x160 [ 25.033163] ? preempt_count_sub+0x50/0x80 [ 25.033883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.034256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.035101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.035581] kthread+0x257/0x310 [ 25.035909] ? __pfx_kthread+0x10/0x10 [ 25.036753] ret_from_fork+0x41/0x80 [ 25.037261] ? __pfx_kthread+0x10/0x10 [ 25.038303] ret_from_fork_asm+0x1a/0x30 [ 25.038566] </TASK> [ 25.039279] [ 25.039438] The buggy address belongs to the physical page: [ 25.040512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102250 [ 25.041424] flags: 0x200000000000000(node=0|zone=2) [ 25.042307] raw: 0200000000000000 ffffea0004089508 ffff88815b03f040 0000000000000000 [ 25.042663] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 25.043297] page dumped because: kasan: bad access detected [ 25.043779] [ 25.043987] Memory state around the buggy address: [ 25.044845] ffff88810224ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.045422] ffff88810224ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.046734] >ffff888102250000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.047004] ^ [ 25.047873] ffff888102250080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.048323] ffff888102250100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.049174] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 24.981252] ================================================================== [ 24.982589] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 24.983390] Write of size 1 at addr ffff888102a3a00a by task kunit_try_catch/155 [ 24.983953] [ 24.984083] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.984622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.984873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.985440] Call Trace: [ 24.985671] <TASK> [ 24.986029] dump_stack_lvl+0x73/0xb0 [ 24.986893] print_report+0xd1/0x640 [ 24.987215] ? __virt_addr_valid+0x1db/0x2d0 [ 24.987711] ? kasan_addr_to_slab+0x11/0xa0 [ 24.988121] kasan_report+0x102/0x140 [ 24.988748] ? kmalloc_large_oob_right+0x2eb/0x340 [ 24.989403] ? kmalloc_large_oob_right+0x2eb/0x340 [ 24.989808] __asan_report_store1_noabort+0x1b/0x30 [ 24.990543] kmalloc_large_oob_right+0x2eb/0x340 [ 24.990930] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 24.991382] ? __schedule+0xc3e/0x2790 [ 24.991867] ? __pfx_read_tsc+0x10/0x10 [ 24.992222] ? ktime_get_ts64+0x86/0x230 [ 24.992592] kunit_try_run_case+0x1b3/0x490 [ 24.993091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.993629] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.994142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.994688] ? __kthread_parkme+0x82/0x160 [ 24.995168] ? preempt_count_sub+0x50/0x80 [ 24.995668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.996182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.996845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.997199] kthread+0x257/0x310 [ 24.997367] ? __pfx_kthread+0x10/0x10 [ 24.997625] ret_from_fork+0x41/0x80 [ 24.997885] ? __pfx_kthread+0x10/0x10 [ 24.998161] ret_from_fork_asm+0x1a/0x30 [ 24.998470] </TASK> [ 24.998710] [ 24.998952] The buggy address belongs to the physical page: [ 24.999420] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 24.999851] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.000520] flags: 0x200000000000040(head|node=0|zone=2) [ 25.000960] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.001492] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.002100] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.002778] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.003281] head: 0200000000000002 ffffea00040a8e01 ffffffffffffffff 0000000000000000 [ 25.003772] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.004329] page dumped because: kasan: bad access detected [ 25.004852] [ 25.005048] Memory state around the buggy address: [ 25.005419] ffff888102a39f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.005950] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.006324] >ffff888102a3a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.006948] ^ [ 25.007306] ffff888102a3a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.007942] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.008554] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 24.928389] ================================================================== [ 24.929407] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 24.930777] Write of size 1 at addr ffff88810226df00 by task kunit_try_catch/153 [ 24.932421] [ 24.932748] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.933358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.933929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.935388] Call Trace: [ 24.935610] <TASK> [ 24.936351] dump_stack_lvl+0x73/0xb0 [ 24.936791] print_report+0xd1/0x640 [ 24.937373] ? __virt_addr_valid+0x1db/0x2d0 [ 24.937936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.938525] kasan_report+0x102/0x140 [ 24.938889] ? kmalloc_big_oob_right+0x318/0x370 [ 24.939490] ? kmalloc_big_oob_right+0x318/0x370 [ 24.940080] __asan_report_store1_noabort+0x1b/0x30 [ 24.940372] kmalloc_big_oob_right+0x318/0x370 [ 24.940674] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 24.941149] ? __schedule+0xc3e/0x2790 [ 24.942207] ? __pfx_read_tsc+0x10/0x10 [ 24.942371] ? ktime_get_ts64+0x86/0x230 [ 24.942645] kunit_try_run_case+0x1b3/0x490 [ 24.943093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.943446] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.943831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.944733] ? __kthread_parkme+0x82/0x160 [ 24.945723] ? preempt_count_sub+0x50/0x80 [ 24.946206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.946508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.946849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.947369] kthread+0x257/0x310 [ 24.947738] ? __pfx_kthread+0x10/0x10 [ 24.948265] ret_from_fork+0x41/0x80 [ 24.949369] ? __pfx_kthread+0x10/0x10 [ 24.949912] ret_from_fork_asm+0x1a/0x30 [ 24.950308] </TASK> [ 24.950608] [ 24.950920] Allocated by task 153: [ 24.951264] kasan_save_stack+0x3d/0x60 [ 24.951844] kasan_save_track+0x18/0x40 [ 24.952232] kasan_save_alloc_info+0x3b/0x50 [ 24.952577] __kasan_kmalloc+0xb7/0xc0 [ 24.953597] __kmalloc_cache_noprof+0x184/0x410 [ 24.954039] kmalloc_big_oob_right+0xaa/0x370 [ 24.954436] kunit_try_run_case+0x1b3/0x490 [ 24.954784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.955520] kthread+0x257/0x310 [ 24.955992] ret_from_fork+0x41/0x80 [ 24.956344] ret_from_fork_asm+0x1a/0x30 [ 24.957481] [ 24.957852] The buggy address belongs to the object at ffff88810226c000 [ 24.957852] which belongs to the cache kmalloc-8k of size 8192 [ 24.958921] The buggy address is located 0 bytes to the right of [ 24.958921] allocated 7936-byte region [ffff88810226c000, ffff88810226df00) [ 24.959933] [ 24.960135] The buggy address belongs to the physical page: [ 24.960594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102268 [ 24.961019] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.961651] flags: 0x200000000000040(head|node=0|zone=2) [ 24.962160] page_type: f5(slab) [ 24.962413] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.963869] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.964418] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.965180] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.965907] head: 0200000000000003 ffffea0004089a01 ffffffffffffffff 0000000000000000 [ 24.966522] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 24.967958] page dumped because: kasan: bad access detected [ 24.968800] [ 24.968939] Memory state around the buggy address: [ 24.969443] ffff88810226de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.970608] ffff88810226de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.971220] >ffff88810226df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.972118] ^ [ 24.972387] ffff88810226df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.973215] ffff88810226e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.974043] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 24.830564] ================================================================== [ 24.831357] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.832525] Write of size 1 at addr ffff888102981378 by task kunit_try_catch/151 [ 24.833342] [ 24.834113] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.835650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.836196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.836874] Call Trace: [ 24.837518] <TASK> [ 24.837717] dump_stack_lvl+0x73/0xb0 [ 24.839004] print_report+0xd1/0x640 [ 24.839405] ? __virt_addr_valid+0x1db/0x2d0 [ 24.840037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.840778] kasan_report+0x102/0x140 [ 24.841173] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.841674] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.842417] __asan_report_store1_noabort+0x1b/0x30 [ 24.842964] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 24.843393] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 24.843875] ? __schedule+0xc3e/0x2790 [ 24.844631] ? __pfx_read_tsc+0x10/0x10 [ 24.844910] ? ktime_get_ts64+0x86/0x230 [ 24.846164] kunit_try_run_case+0x1b3/0x490 [ 24.847109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.847793] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.848412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.848887] ? __kthread_parkme+0x82/0x160 [ 24.849721] ? preempt_count_sub+0x50/0x80 [ 24.850194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.850948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.851268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.851824] kthread+0x257/0x310 [ 24.852573] ? __pfx_kthread+0x10/0x10 [ 24.853212] ret_from_fork+0x41/0x80 [ 24.853427] ? __pfx_kthread+0x10/0x10 [ 24.853796] ret_from_fork_asm+0x1a/0x30 [ 24.855150] </TASK> [ 24.855444] [ 24.856009] Allocated by task 151: [ 24.856362] kasan_save_stack+0x3d/0x60 [ 24.856912] kasan_save_track+0x18/0x40 [ 24.857151] kasan_save_alloc_info+0x3b/0x50 [ 24.857368] __kasan_kmalloc+0xb7/0xc0 [ 24.857602] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 24.858108] kmalloc_track_caller_oob_right+0x9a/0x530 [ 24.858620] kunit_try_run_case+0x1b3/0x490 [ 24.859188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.859574] kthread+0x257/0x310 [ 24.860137] ret_from_fork+0x41/0x80 [ 24.860554] ret_from_fork_asm+0x1a/0x30 [ 24.861219] [ 24.861434] The buggy address belongs to the object at ffff888102981300 [ 24.861434] which belongs to the cache kmalloc-128 of size 128 [ 24.863472] The buggy address is located 0 bytes to the right of [ 24.863472] allocated 120-byte region [ffff888102981300, ffff888102981378) [ 24.864464] [ 24.865126] The buggy address belongs to the physical page: [ 24.866261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102981 [ 24.866996] flags: 0x200000000000000(node=0|zone=2) [ 24.867479] page_type: f5(slab) [ 24.867951] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.868994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.869387] page dumped because: kasan: bad access detected [ 24.870171] [ 24.870409] Memory state around the buggy address: [ 24.871257] ffff888102981200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.872452] ffff888102981280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.873364] >ffff888102981300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.874104] ^ [ 24.874711] ffff888102981380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.875333] ffff888102981400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.876321] ================================================================== [ 24.878505] ================================================================== [ 24.879416] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.880295] Write of size 1 at addr ffff888102981478 by task kunit_try_catch/151 [ 24.881129] [ 24.881392] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.882250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.883270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.884453] Call Trace: [ 24.884949] <TASK> [ 24.885529] dump_stack_lvl+0x73/0xb0 [ 24.886121] print_report+0xd1/0x640 [ 24.886559] ? __virt_addr_valid+0x1db/0x2d0 [ 24.886782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.886972] kasan_report+0x102/0x140 [ 24.887656] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.888896] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.889725] __asan_report_store1_noabort+0x1b/0x30 [ 24.890355] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 24.890937] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 24.891560] ? __schedule+0xc3e/0x2790 [ 24.892434] ? __pfx_read_tsc+0x10/0x10 [ 24.893287] ? ktime_get_ts64+0x86/0x230 [ 24.893761] kunit_try_run_case+0x1b3/0x490 [ 24.894197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.894698] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.895233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.895981] ? __kthread_parkme+0x82/0x160 [ 24.896521] ? preempt_count_sub+0x50/0x80 [ 24.897122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.897540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.898144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.899363] kthread+0x257/0x310 [ 24.900210] ? __pfx_kthread+0x10/0x10 [ 24.900887] ret_from_fork+0x41/0x80 [ 24.901377] ? __pfx_kthread+0x10/0x10 [ 24.901960] ret_from_fork_asm+0x1a/0x30 [ 24.902411] </TASK> [ 24.903015] [ 24.903446] Allocated by task 151: [ 24.903821] kasan_save_stack+0x3d/0x60 [ 24.904997] kasan_save_track+0x18/0x40 [ 24.905290] kasan_save_alloc_info+0x3b/0x50 [ 24.905804] __kasan_kmalloc+0xb7/0xc0 [ 24.906127] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 24.906578] kmalloc_track_caller_oob_right+0x19b/0x530 [ 24.907673] kunit_try_run_case+0x1b3/0x490 [ 24.908331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.908750] kthread+0x257/0x310 [ 24.909220] ret_from_fork+0x41/0x80 [ 24.909776] ret_from_fork_asm+0x1a/0x30 [ 24.910139] [ 24.910291] The buggy address belongs to the object at ffff888102981400 [ 24.910291] which belongs to the cache kmalloc-128 of size 128 [ 24.911078] The buggy address is located 0 bytes to the right of [ 24.911078] allocated 120-byte region [ffff888102981400, ffff888102981478) [ 24.912249] [ 24.912374] The buggy address belongs to the physical page: [ 24.912720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102981 [ 24.913550] flags: 0x200000000000000(node=0|zone=2) [ 24.914188] page_type: f5(slab) [ 24.915558] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.915958] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.916328] page dumped because: kasan: bad access detected [ 24.916574] [ 24.916681] Memory state around the buggy address: [ 24.916892] ffff888102981300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.917403] ffff888102981380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.918240] >ffff888102981400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.919366] ^ [ 24.919909] ffff888102981480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.920822] ffff888102981500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.921569] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 24.776172] ================================================================== [ 24.776828] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 24.777600] Read of size 1 at addr ffff88810281b000 by task kunit_try_catch/149 [ 24.778237] [ 24.778616] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.779677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.779983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.781191] Call Trace: [ 24.781593] <TASK> [ 24.782114] dump_stack_lvl+0x73/0xb0 [ 24.783607] print_report+0xd1/0x640 [ 24.784119] ? __virt_addr_valid+0x1db/0x2d0 [ 24.784887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.785396] kasan_report+0x102/0x140 [ 24.785726] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 24.786236] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 24.786717] __asan_report_load1_noabort+0x18/0x20 [ 24.787383] kmalloc_node_oob_right+0x36b/0x3d0 [ 24.788482] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 24.788767] ? __schedule+0xc3e/0x2790 [ 24.789469] ? __pfx_read_tsc+0x10/0x10 [ 24.790002] ? ktime_get_ts64+0x86/0x230 [ 24.790344] kunit_try_run_case+0x1b3/0x490 [ 24.790943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.791488] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.791833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.792518] ? __kthread_parkme+0x82/0x160 [ 24.793471] ? preempt_count_sub+0x50/0x80 [ 24.793887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.794206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.794968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.795607] kthread+0x257/0x310 [ 24.796091] ? __pfx_kthread+0x10/0x10 [ 24.796488] ret_from_fork+0x41/0x80 [ 24.796935] ? __pfx_kthread+0x10/0x10 [ 24.797516] ret_from_fork_asm+0x1a/0x30 [ 24.798114] </TASK> [ 24.798381] [ 24.798878] Allocated by task 149: [ 24.799377] kasan_save_stack+0x3d/0x60 [ 24.799937] kasan_save_track+0x18/0x40 [ 24.800338] kasan_save_alloc_info+0x3b/0x50 [ 24.800793] __kasan_kmalloc+0xb7/0xc0 [ 24.800998] __kmalloc_cache_node_noprof+0x183/0x410 [ 24.801458] kmalloc_node_oob_right+0xac/0x3d0 [ 24.802401] kunit_try_run_case+0x1b3/0x490 [ 24.803417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.804261] kthread+0x257/0x310 [ 24.804714] ret_from_fork+0x41/0x80 [ 24.805101] ret_from_fork_asm+0x1a/0x30 [ 24.805959] [ 24.806186] The buggy address belongs to the object at ffff88810281a000 [ 24.806186] which belongs to the cache kmalloc-4k of size 4096 [ 24.807322] The buggy address is located 0 bytes to the right of [ 24.807322] allocated 4096-byte region [ffff88810281a000, ffff88810281b000) [ 24.808376] [ 24.809006] The buggy address belongs to the physical page: [ 24.809669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102818 [ 24.811217] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.811752] flags: 0x200000000000040(head|node=0|zone=2) [ 24.812357] page_type: f5(slab) [ 24.813439] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 24.814126] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 24.814741] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 24.815293] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 24.816200] head: 0200000000000003 ffffea00040a0601 ffffffffffffffff 0000000000000000 [ 24.816842] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 24.817918] page dumped because: kasan: bad access detected [ 24.818179] [ 24.818265] Memory state around the buggy address: [ 24.818424] ffff88810281af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.819423] ffff88810281af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.820249] >ffff88810281b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.821881] ^ [ 24.822177] ffff88810281b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.823148] ffff88810281b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.824097] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 24.709296] ================================================================== [ 24.710384] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 24.711229] Read of size 1 at addr ffff88810257337f by task kunit_try_catch/147 [ 24.712301] [ 24.712551] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.713176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.713855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.715219] Call Trace: [ 24.715433] <TASK> [ 24.716112] dump_stack_lvl+0x73/0xb0 [ 24.716491] print_report+0xd1/0x640 [ 24.716885] ? __virt_addr_valid+0x1db/0x2d0 [ 24.717152] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.718396] kasan_report+0x102/0x140 [ 24.719118] ? kmalloc_oob_left+0x363/0x3c0 [ 24.719482] ? kmalloc_oob_left+0x363/0x3c0 [ 24.720071] __asan_report_load1_noabort+0x18/0x20 [ 24.720387] kmalloc_oob_left+0x363/0x3c0 [ 24.720818] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 24.721228] ? __schedule+0xc3e/0x2790 [ 24.721634] ? __pfx_read_tsc+0x10/0x10 [ 24.722125] ? ktime_get_ts64+0x86/0x230 [ 24.722473] kunit_try_run_case+0x1b3/0x490 [ 24.724000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.724444] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.725256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.725676] ? __kthread_parkme+0x82/0x160 [ 24.726346] ? preempt_count_sub+0x50/0x80 [ 24.726645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.727000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.727478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.727900] kthread+0x257/0x310 [ 24.728417] ? __pfx_kthread+0x10/0x10 [ 24.729579] ret_from_fork+0x41/0x80 [ 24.730128] ? __pfx_kthread+0x10/0x10 [ 24.730721] ret_from_fork_asm+0x1a/0x30 [ 24.731173] </TASK> [ 24.731567] [ 24.731973] Allocated by task 1: [ 24.732272] kasan_save_stack+0x3d/0x60 [ 24.732948] kasan_save_track+0x18/0x40 [ 24.733358] kasan_save_alloc_info+0x3b/0x50 [ 24.734240] __kasan_kmalloc+0xb7/0xc0 [ 24.735111] __kmalloc_noprof+0x1c4/0x500 [ 24.735550] x509_fabricate_name.isra.0+0x3c2/0x860 [ 24.736184] x509_note_subject+0x9b/0xf0 [ 24.736782] asn1_ber_decoder+0xe1f/0x1c70 [ 24.737180] x509_cert_parse+0x1be/0x830 [ 24.737687] x509_key_preparse+0x68/0x8a0 [ 24.738246] asymmetric_key_preparse+0xb1/0x160 [ 24.739138] __key_create_or_update+0x407/0xc90 [ 24.739568] key_create_or_update+0x17/0x20 [ 24.740152] x509_load_certificate_list+0x174/0x200 [ 24.740708] regulatory_init_db+0xee/0x3a0 [ 24.741318] do_one_initcall+0xb5/0x370 [ 24.741581] kernel_init_freeable+0x425/0x6f0 [ 24.742034] kernel_init+0x23/0x1e0 [ 24.742658] ret_from_fork+0x41/0x80 [ 24.743227] ret_from_fork_asm+0x1a/0x30 [ 24.743749] [ 24.743955] Freed by task 1: [ 24.744502] kasan_save_stack+0x3d/0x60 [ 24.745169] kasan_save_track+0x18/0x40 [ 24.745758] kasan_save_free_info+0x3f/0x60 [ 24.746143] __kasan_slab_free+0x56/0x70 [ 24.746786] kfree+0x123/0x3f0 [ 24.747087] x509_free_certificate.part.0+0xa9/0x140 [ 24.747405] x509_free_certificate+0x17/0x30 [ 24.748989] x509_key_preparse+0x5c9/0x8a0 [ 24.749475] asymmetric_key_preparse+0xb1/0x160 [ 24.750048] __key_create_or_update+0x407/0xc90 [ 24.750517] key_create_or_update+0x17/0x20 [ 24.751041] x509_load_certificate_list+0x174/0x200 [ 24.751721] regulatory_init_db+0xee/0x3a0 [ 24.752330] do_one_initcall+0xb5/0x370 [ 24.752925] kernel_init_freeable+0x425/0x6f0 [ 24.753319] kernel_init+0x23/0x1e0 [ 24.753697] ret_from_fork+0x41/0x80 [ 24.754787] ret_from_fork_asm+0x1a/0x30 [ 24.755409] [ 24.755842] The buggy address belongs to the object at ffff888102573360 [ 24.755842] which belongs to the cache kmalloc-16 of size 16 [ 24.756705] The buggy address is located 15 bytes to the right of [ 24.756705] allocated 16-byte region [ffff888102573360, ffff888102573370) [ 24.757537] [ 24.757813] The buggy address belongs to the physical page: [ 24.758916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102573 [ 24.760006] flags: 0x200000000000000(node=0|zone=2) [ 24.760378] page_type: f5(slab) [ 24.760628] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.761428] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.762251] page dumped because: kasan: bad access detected [ 24.763018] [ 24.763240] Memory state around the buggy address: [ 24.763918] ffff888102573200: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 24.764304] ffff888102573280: fa fb fc fc 00 05 fc fc 00 05 fc fc fa fb fc fc [ 24.765225] >ffff888102573300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.766598] ^ [ 24.767455] ffff888102573380: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.768363] ffff888102573400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.769032] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 24.630209] ================================================================== [ 24.631348] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 24.631988] Write of size 1 at addr ffff888102715f78 by task kunit_try_catch/145 [ 24.632375] [ 24.632562] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.632880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.633017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.634048] Call Trace: [ 24.634409] <TASK> [ 24.634716] dump_stack_lvl+0x73/0xb0 [ 24.635243] print_report+0xd1/0x640 [ 24.635519] ? __virt_addr_valid+0x1db/0x2d0 [ 24.636312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.636835] kasan_report+0x102/0x140 [ 24.637352] ? kmalloc_oob_right+0x6bf/0x7f0 [ 24.637784] ? kmalloc_oob_right+0x6bf/0x7f0 [ 24.638314] __asan_report_store1_noabort+0x1b/0x30 [ 24.638833] kmalloc_oob_right+0x6bf/0x7f0 [ 24.639348] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.639937] ? __schedule+0xc3e/0x2790 [ 24.640320] ? __pfx_read_tsc+0x10/0x10 [ 24.640804] ? ktime_get_ts64+0x86/0x230 [ 24.641136] kunit_try_run_case+0x1b3/0x490 [ 24.641424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.641737] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.642361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.643253] ? __kthread_parkme+0x82/0x160 [ 24.644178] ? preempt_count_sub+0x50/0x80 [ 24.644570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.645152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.645843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.646623] kthread+0x257/0x310 [ 24.646971] ? __pfx_kthread+0x10/0x10 [ 24.647295] ret_from_fork+0x41/0x80 [ 24.648141] ? __pfx_kthread+0x10/0x10 [ 24.648537] ret_from_fork_asm+0x1a/0x30 [ 24.648947] </TASK> [ 24.649159] [ 24.649332] Allocated by task 145: [ 24.650427] kasan_save_stack+0x3d/0x60 [ 24.650782] kasan_save_track+0x18/0x40 [ 24.651276] kasan_save_alloc_info+0x3b/0x50 [ 24.651810] __kasan_kmalloc+0xb7/0xc0 [ 24.652132] __kmalloc_cache_noprof+0x184/0x410 [ 24.652499] kmalloc_oob_right+0xaa/0x7f0 [ 24.653395] kunit_try_run_case+0x1b3/0x490 [ 24.653761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.654188] kthread+0x257/0x310 [ 24.654801] ret_from_fork+0x41/0x80 [ 24.655151] ret_from_fork_asm+0x1a/0x30 [ 24.655885] [ 24.656026] The buggy address belongs to the object at ffff888102715f00 [ 24.656026] which belongs to the cache kmalloc-128 of size 128 [ 24.656859] The buggy address is located 5 bytes to the right of [ 24.656859] allocated 115-byte region [ffff888102715f00, ffff888102715f73) [ 24.658124] [ 24.658336] The buggy address belongs to the physical page: [ 24.659374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102715 [ 24.659905] flags: 0x200000000000000(node=0|zone=2) [ 24.660473] page_type: f5(slab) [ 24.660819] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.661377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.662507] page dumped because: kasan: bad access detected [ 24.662862] [ 24.663069] Memory state around the buggy address: [ 24.663421] ffff888102715e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.664294] ffff888102715e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.664993] >ffff888102715f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.666028] ^ [ 24.666471] ffff888102715f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.667412] ffff888102716000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.668341] ================================================================== [ 24.669417] ================================================================== [ 24.669918] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 24.670746] Read of size 1 at addr ffff888102715f80 by task kunit_try_catch/145 [ 24.671117] [ 24.671292] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241203 #1 [ 24.671842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.672244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.673005] Call Trace: [ 24.673271] <TASK> [ 24.673576] dump_stack_lvl+0x73/0xb0 [ 24.673944] print_report+0xd1/0x640 [ 24.674229] ? __virt_addr_valid+0x1db/0x2d0 [ 24.674762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.675295] kasan_report+0x102/0x140 [ 24.675715] ? kmalloc_oob_right+0x68c/0x7f0 [ 24.676076] ? kmalloc_oob_right+0x68c/0x7f0 [ 24.676368] __asan_report_load1_noabort+0x18/0x20 [ 24.676874] kmalloc_oob_right+0x68c/0x7f0 [ 24.677291] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.677783] ? __schedule+0xc3e/0x2790 [ 24.678172] ? __pfx_read_tsc+0x10/0x10 [ 24.678480] ? ktime_get_ts64+0x86/0x230 [ 24.678892] kunit_try_run_case+0x1b3/0x490 [ 24.679260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.679595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.679989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.680536] ? __kthread_parkme+0x82/0x160 [ 24.680955] ? preempt_count_sub+0x50/0x80 [ 24.681388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.681740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.682276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.682649] kthread+0x257/0x310 [ 24.682968] ? __pfx_kthread+0x10/0x10 [ 24.683348] ret_from_fork+0x41/0x80 [ 24.683747] ? __pfx_kthread+0x10/0x10 [ 24.684139] ret_from_fork_asm+0x1a/0x30 [ 24.684654] </TASK> [ 24.684922] [ 24.685142] Allocated by task 145: [ 24.685419] kasan_save_stack+0x3d/0x60 [ 24.685729] kasan_save_track+0x18/0x40 [ 24.686021] kasan_save_alloc_info+0x3b/0x50 [ 24.686489] __kasan_kmalloc+0xb7/0xc0 [ 24.686870] __kmalloc_cache_noprof+0x184/0x410 [ 24.687316] kmalloc_oob_right+0xaa/0x7f0 [ 24.687735] kunit_try_run_case+0x1b3/0x490 [ 24.688131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.688486] kthread+0x257/0x310 [ 24.688721] ret_from_fork+0x41/0x80 [ 24.689085] ret_from_fork_asm+0x1a/0x30 [ 24.689515] [ 24.689718] The buggy address belongs to the object at ffff888102715f00 [ 24.689718] which belongs to the cache kmalloc-128 of size 128 [ 24.690697] The buggy address is located 13 bytes to the right of [ 24.690697] allocated 115-byte region [ffff888102715f00, ffff888102715f73) [ 24.691391] [ 24.691629] The buggy address belongs to the physical page: [ 24.692118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102715 [ 24.692799] flags: 0x200000000000000(node=0|zone=2) [ 24.693241] page_type: f5(slab) [ 24.693509] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.693950] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.694620] page dumped because: kasan: bad access detected [ 24.695095] [ 24.695299] Memory state around the buggy address: [ 24.695749] ffff888102715e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.696362] ffff888102715f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.696819] >ffff888102715f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.697252] ^ [ 24.699158] ffff888102716000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.699765] ffff888102716080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 24.700353] ================================================================== [ 24.578150] ================================================================== [ 24.580097] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 24.581230] Write of size 1 at addr ffff888102715f73 by task kunit_try_catch/145 [ 24.581868] [ 24.583660] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G N 6.13.0-rc1-next-20241203 #1 [ 24.584958] Tainted: [N]=TEST [ 24.585299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.586931] Call Trace: [ 24.587321] <TASK> [ 24.588175] dump_stack_lvl+0x73/0xb0 [ 24.588990] print_report+0xd1/0x640 [ 24.589389] ? __virt_addr_valid+0x1db/0x2d0 [ 24.589767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.590483] kasan_report+0x102/0x140 [ 24.591134] ? kmalloc_oob_right+0x6f2/0x7f0 [ 24.591420] ? kmalloc_oob_right+0x6f2/0x7f0 [ 24.591909] __asan_report_store1_noabort+0x1b/0x30 [ 24.592313] kmalloc_oob_right+0x6f2/0x7f0 [ 24.593219] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.593533] ? __schedule+0xc3e/0x2790 [ 24.594067] ? __pfx_read_tsc+0x10/0x10 [ 24.594969] ? ktime_get_ts64+0x86/0x230 [ 24.595273] kunit_try_run_case+0x1b3/0x490 [ 24.595593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.596038] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.596983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.597526] ? __kthread_parkme+0x82/0x160 [ 24.598036] ? preempt_count_sub+0x50/0x80 [ 24.598561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.598855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.599400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.599894] kthread+0x257/0x310 [ 24.600511] ? __pfx_kthread+0x10/0x10 [ 24.600993] ret_from_fork+0x41/0x80 [ 24.601377] ? __pfx_kthread+0x10/0x10 [ 24.601927] ret_from_fork_asm+0x1a/0x30 [ 24.602506] </TASK> [ 24.603124] [ 24.603383] Allocated by task 145: [ 24.604194] kasan_save_stack+0x3d/0x60 [ 24.604868] kasan_save_track+0x18/0x40 [ 24.605286] kasan_save_alloc_info+0x3b/0x50 [ 24.605726] __kasan_kmalloc+0xb7/0xc0 [ 24.606043] __kmalloc_cache_noprof+0x184/0x410 [ 24.606822] kmalloc_oob_right+0xaa/0x7f0 [ 24.607151] kunit_try_run_case+0x1b3/0x490 [ 24.607599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.608263] kthread+0x257/0x310 [ 24.608750] ret_from_fork+0x41/0x80 [ 24.609127] ret_from_fork_asm+0x1a/0x30 [ 24.609789] [ 24.610169] The buggy address belongs to the object at ffff888102715f00 [ 24.610169] which belongs to the cache kmalloc-128 of size 128 [ 24.611106] The buggy address is located 0 bytes to the right of [ 24.611106] allocated 115-byte region [ffff888102715f00, ffff888102715f73) [ 24.612472] [ 24.613044] The buggy address belongs to the physical page: [ 24.614205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102715 [ 24.615379] flags: 0x200000000000000(node=0|zone=2) [ 24.616815] page_type: f5(slab) [ 24.617934] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.619020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.619967] page dumped because: kasan: bad access detected [ 24.620799] [ 24.621017] Memory state around the buggy address: [ 24.622179] ffff888102715e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.623014] ffff888102715e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.623486] >ffff888102715f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.624330] ^ [ 24.624957] ffff888102715f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.625892] ffff888102716000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.626543] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 194.803442] WARNING: CPU: 0 PID: 2257 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 194.804841] Modules linked in: [ 194.805650] CPU: 0 UID: 0 PID: 2257 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241203 #1 [ 194.807280] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.807700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.808439] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 194.809495] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.810970] RSP: 0000:ffff888101187ce8 EFLAGS: 00010286 [ 194.811611] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 194.812153] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb120aaf4 [ 194.813094] RBP: ffff888101187d10 R08: 0000000000000000 R09: ffffed102095bf60 [ 194.813586] R10: ffff888104adfb07 R11: 0000000000000000 R12: ffffffffb120aae0 [ 194.814407] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888101187da8 [ 194.815363] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 194.816212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.816778] CR2: ffffffffffffffff CR3: 00000001420b8000 CR4: 00000000000006f0 [ 194.817368] DR0: ffffffffb31ed160 DR1: ffffffffb31ed161 DR2: ffffffffb31ed162 [ 194.818019] DR3: ffffffffb31ed163 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.818670] Call Trace: [ 194.819578] <TASK> [ 194.819878] ? show_regs+0x68/0x80 [ 194.820503] ? __warn+0xd5/0x260 [ 194.820853] ? drm_rect_calc_vscale+0x130/0x190 [ 194.821708] ? report_bug+0x278/0x2e0 [ 194.822109] ? handle_bug+0x5c/0xb0 [ 194.822489] ? exc_invalid_op+0x1c/0x50 [ 194.823501] ? asm_exc_invalid_op+0x1f/0x30 [ 194.824005] ? drm_rect_calc_vscale+0x130/0x190 [ 194.824434] drm_test_rect_calc_vscale+0x109/0x270 [ 194.825286] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 194.826108] ? __schedule+0xc3e/0x2790 [ 194.826393] ? __pfx_read_tsc+0x10/0x10 [ 194.826805] ? ktime_get_ts64+0x86/0x230 [ 194.827358] kunit_try_run_case+0x1b3/0x490 [ 194.827753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.829125] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 194.829548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.830025] ? __kthread_parkme+0x82/0x160 [ 194.830794] ? preempt_count_sub+0x50/0x80 [ 194.831209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.831735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.833126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.833649] kthread+0x257/0x310 [ 194.834775] ? __pfx_kthread+0x10/0x10 [ 194.835106] ret_from_fork+0x41/0x80 [ 194.835368] ? __pfx_kthread+0x10/0x10 [ 194.836281] ret_from_fork_asm+0x1a/0x30 [ 194.836949] </TASK> [ 194.837198] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 194.763974] WARNING: CPU: 1 PID: 2255 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 194.764904] Modules linked in: [ 194.765308] CPU: 1 UID: 0 PID: 2255 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241203 #1 [ 194.766652] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.767792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.768434] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 194.768803] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.770271] RSP: 0000:ffff8881011b7ce8 EFLAGS: 00010286 [ 194.771367] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 194.771795] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb120aabc [ 194.772674] RBP: ffff8881011b7d10 R08: 0000000000000000 R09: ffffed102095bf40 [ 194.773331] R10: ffff888104adfa07 R11: 0000000000000000 R12: ffffffffb120aaa8 [ 194.773666] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881011b7da8 [ 194.773979] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 194.774344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.774620] CR2: 00007ffff7ffe000 CR3: 00000001420b8000 CR4: 00000000000006f0 [ 194.774932] DR0: ffffffffb31ed160 DR1: ffffffffb31ed161 DR2: ffffffffb31ed163 [ 194.776828] DR3: ffffffffb31ed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.777368] Call Trace: [ 194.777923] <TASK> [ 194.778281] ? show_regs+0x68/0x80 [ 194.779376] ? __warn+0xd5/0x260 [ 194.779831] ? drm_rect_calc_vscale+0x130/0x190 [ 194.780590] ? report_bug+0x278/0x2e0 [ 194.781304] ? handle_bug+0x5c/0xb0 [ 194.781987] ? exc_invalid_op+0x1c/0x50 [ 194.782289] ? asm_exc_invalid_op+0x1f/0x30 [ 194.782769] ? drm_rect_calc_vscale+0x130/0x190 [ 194.783901] drm_test_rect_calc_vscale+0x109/0x270 [ 194.784461] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 194.785027] ? __schedule+0xc3e/0x2790 [ 194.785577] ? __pfx_read_tsc+0x10/0x10 [ 194.786069] ? ktime_get_ts64+0x86/0x230 [ 194.786509] kunit_try_run_case+0x1b3/0x490 [ 194.787060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.788458] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 194.790028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.790444] ? __kthread_parkme+0x82/0x160 [ 194.791127] ? preempt_count_sub+0x50/0x80 [ 194.791449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.792278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.792984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.793467] kthread+0x257/0x310 [ 194.793885] ? __pfx_kthread+0x10/0x10 [ 194.794552] ret_from_fork+0x41/0x80 [ 194.794941] ? __pfx_kthread+0x10/0x10 [ 194.795362] ret_from_fork_asm+0x1a/0x30 [ 194.796447] </TASK> [ 194.796712] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 194.699868] WARNING: CPU: 0 PID: 2245 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 194.700627] Modules linked in: [ 194.702521] CPU: 0 UID: 0 PID: 2245 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241203 #1 [ 194.703248] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.703878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.705246] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 194.705797] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.707666] RSP: 0000:ffff888100ea7ce8 EFLAGS: 00010286 [ 194.708468] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 194.708963] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb120aaf8 [ 194.710008] RBP: ffff888100ea7d10 R08: 0000000000000000 R09: ffffed102095be80 [ 194.710502] R10: ffff888104adf407 R11: 0000000000000000 R12: ffffffffb120aae0 [ 194.711363] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888100ea7da8 [ 194.712079] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 194.712588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.713450] CR2: ffffffffffffffff CR3: 00000001420b8000 CR4: 00000000000006f0 [ 194.714211] DR0: ffffffffb31ed160 DR1: ffffffffb31ed161 DR2: ffffffffb31ed162 [ 194.715382] DR3: ffffffffb31ed163 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.716142] Call Trace: [ 194.716422] <TASK> [ 194.716638] ? show_regs+0x68/0x80 [ 194.717335] ? __warn+0xd5/0x260 [ 194.717745] ? drm_rect_calc_hscale+0x125/0x190 [ 194.718694] ? report_bug+0x278/0x2e0 [ 194.719218] ? handle_bug+0x5c/0xb0 [ 194.719575] ? exc_invalid_op+0x1c/0x50 [ 194.720099] ? asm_exc_invalid_op+0x1f/0x30 [ 194.720473] ? drm_rect_calc_hscale+0x125/0x190 [ 194.720875] drm_test_rect_calc_hscale+0x109/0x270 [ 194.721322] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 194.722592] ? __schedule+0xc3e/0x2790 [ 194.723034] ? __pfx_read_tsc+0x10/0x10 [ 194.723360] ? ktime_get_ts64+0x86/0x230 [ 194.724090] kunit_try_run_case+0x1b3/0x490 [ 194.724484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.724899] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 194.725558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.725891] ? __kthread_parkme+0x82/0x160 [ 194.727090] ? preempt_count_sub+0x50/0x80 [ 194.727500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.727804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.728418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.730115] kthread+0x257/0x310 [ 194.730448] ? __pfx_kthread+0x10/0x10 [ 194.730874] ret_from_fork+0x41/0x80 [ 194.731302] ? __pfx_kthread+0x10/0x10 [ 194.731848] ret_from_fork_asm+0x1a/0x30 [ 194.732210] </TASK> [ 194.732490] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 194.660786] WARNING: CPU: 1 PID: 2243 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 194.661509] Modules linked in: [ 194.662309] CPU: 1 UID: 0 PID: 2243 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241203 #1 [ 194.663476] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.664197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.665072] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 194.665596] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.667296] RSP: 0000:ffff888101187ce8 EFLAGS: 00010286 [ 194.667946] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 194.668410] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb120aac0 [ 194.668936] RBP: ffff888101187d10 R08: 0000000000000000 R09: ffffed10202d18c0 [ 194.669488] R10: ffff88810168c607 R11: 0000000000000000 R12: ffffffffb120aaa8 [ 194.671182] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888101187da8 [ 194.671838] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 194.672597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.672853] CR2: 00007ffff7ffe000 CR3: 00000001420b8000 CR4: 00000000000006f0 [ 194.674200] DR0: ffffffffb31ed160 DR1: ffffffffb31ed161 DR2: ffffffffb31ed163 [ 194.675449] DR3: ffffffffb31ed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.676079] Call Trace: [ 194.676286] <TASK> [ 194.676593] ? show_regs+0x68/0x80 [ 194.677425] ? __warn+0xd5/0x260 [ 194.677785] ? drm_rect_calc_hscale+0x125/0x190 [ 194.678368] ? report_bug+0x278/0x2e0 [ 194.678729] ? handle_bug+0x5c/0xb0 [ 194.679778] ? exc_invalid_op+0x1c/0x50 [ 194.680598] ? asm_exc_invalid_op+0x1f/0x30 [ 194.681318] ? drm_rect_calc_hscale+0x125/0x190 [ 194.682168] drm_test_rect_calc_hscale+0x109/0x270 [ 194.682793] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 194.683226] ? __schedule+0xc3e/0x2790 [ 194.683396] ? __pfx_read_tsc+0x10/0x10 [ 194.683640] ? ktime_get_ts64+0x86/0x230 [ 194.684165] kunit_try_run_case+0x1b3/0x490 [ 194.684438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.684830] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 194.685486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.686227] ? __kthread_parkme+0x82/0x160 [ 194.686980] ? preempt_count_sub+0x50/0x80 [ 194.687488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.688216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.689314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.690438] kthread+0x257/0x310 [ 194.691138] ? __pfx_kthread+0x10/0x10 [ 194.691844] ret_from_fork+0x41/0x80 [ 194.692457] ? __pfx_kthread+0x10/0x10 [ 194.692787] ret_from_fork_asm+0x1a/0x30 [ 194.693152] </TASK> [ 194.693419] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 193.212492] WARNING: CPU: 1 PID: 2051 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 193.213321] Modules linked in: [ 193.213701] CPU: 1 UID: 0 PID: 2051 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241203 #1 [ 193.215084] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.215298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.215778] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 193.216299] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 193.218086] RSP: 0000:ffff88810764fba0 EFLAGS: 00010246 [ 193.218771] RAX: dffffc0000000000 RBX: ffff88810764fc98 RCX: 0000000000000000 [ 193.219428] RDX: 1ffff11020ec9f9c RSI: ffff88810764fc98 RDI: ffff88810764fce0 [ 193.220136] RBP: ffff88810764fbe0 R08: ffff888106d5d000 R09: ffffffffb11b7680 [ 193.221186] R10: 0000000000000003 R11: 000000001c11f709 R12: ffff888106d5d000 [ 193.221941] R13: ffff888100317b20 R14: ffff88810764fc18 R15: ffff88810764fe28 [ 193.222437] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 193.223035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.223463] CR2: 00007ffff7ffe000 CR3: 00000001420b8000 CR4: 00000000000006f0 [ 193.224553] DR0: ffffffffb31ed160 DR1: ffffffffb31ed161 DR2: ffffffffb31ed163 [ 193.225275] DR3: ffffffffb31ed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.225710] Call Trace: [ 193.226414] <TASK> [ 193.226895] ? show_regs+0x68/0x80 [ 193.227274] ? __warn+0xd5/0x260 [ 193.228034] ? drm_framebuffer_init+0x44/0x300 [ 193.228820] ? report_bug+0x278/0x2e0 [ 193.229189] ? handle_bug+0x5c/0xb0 [ 193.230102] ? exc_invalid_op+0x1c/0x50 [ 193.230424] ? asm_exc_invalid_op+0x1f/0x30 [ 193.231265] ? drm_framebuffer_init+0x44/0x300 [ 193.231670] ? add_dr+0xc1/0x1d0 [ 193.232537] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 193.233268] ? add_dr+0x148/0x1d0 [ 193.233525] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 193.234209] ? __drmm_add_action+0x1a4/0x280 [ 193.234631] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.235279] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.235697] ? __drmm_add_action_or_reset+0x22/0x50 [ 193.236312] ? __schedule+0xc3e/0x2790 [ 193.236746] ? __pfx_read_tsc+0x10/0x10 [ 193.237413] ? ktime_get_ts64+0x86/0x230 [ 193.238105] kunit_try_run_case+0x1b3/0x490 [ 193.238945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.239346] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 193.239870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.240485] ? __kthread_parkme+0x82/0x160 [ 193.241076] ? preempt_count_sub+0x50/0x80 [ 193.241367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.241887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.242407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.243129] kthread+0x257/0x310 [ 193.243519] ? __pfx_kthread+0x10/0x10 [ 193.243993] ret_from_fork+0x41/0x80 [ 193.244478] ? __pfx_kthread+0x10/0x10 [ 193.244958] ret_from_fork_asm+0x1a/0x30 [ 193.245462] </TASK> [ 193.245855] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 193.144833] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 193.146256] WARNING: CPU: 1 PID: 2047 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 193.148314] Modules linked in: [ 193.148844] CPU: 1 UID: 0 PID: 2047 Comm: kunit_try_catch Tainted: G B D N 6.13.0-rc1-next-20241203 #1 [ 193.149543] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 193.149996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.150900] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 193.151380] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 74 48 80 00 48 c7 c1 80 26 1b b1 4c 89 fa 48 c7 c7 e0 26 1b b1 48 89 c6 e8 eb 08 87 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 193.152807] RSP: 0000:ffff8881077a7bd8 EFLAGS: 00010282 [ 193.153367] RAX: 0000000000000000 RBX: ffff8881077a7cb0 RCX: 1ffffffff63e4254 [ 193.154173] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 193.154915] RBP: ffff8881077a7c00 R08: 0000000000000000 R09: fffffbfff63e4254 [ 193.155501] R10: 0000000000000003 R11: 0000000000025760 R12: ffff8881077a7c88 [ 193.156093] R13: ffff8881074fe000 R14: ffff888106d59000 R15: ffff888107691380 [ 193.156883] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 193.157604] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.158002] CR2: 00007ffff7ffe000 CR3: 00000001420b8000 CR4: 00000000000006f0 [ 193.158819] DR0: ffffffffb31ed160 DR1: ffffffffb31ed161 DR2: ffffffffb31ed163 [ 193.159488] DR3: ffffffffb31ed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.160150] Call Trace: [ 193.160493] <TASK> [ 193.160952] ? show_regs+0x68/0x80 [ 193.161420] ? __warn+0xd5/0x260 [ 193.161998] ? drm_framebuffer_free+0x136/0x1b0 [ 193.162572] ? report_bug+0x278/0x2e0 [ 193.163117] ? drm_framebuffer_free+0x136/0x1b0 [ 193.163809] ? handle_bug+0x5c/0xb0 [ 193.164279] ? exc_invalid_op+0x1c/0x50 [ 193.164870] ? asm_exc_invalid_op+0x1f/0x30 [ 193.165417] ? drm_framebuffer_free+0x136/0x1b0 [ 193.166082] ? drm_framebuffer_free+0x135/0x1b0 [ 193.166740] drm_test_framebuffer_free+0x1ac/0x610 [ 193.167180] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 193.167956] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.168593] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.169210] ? __drmm_add_action_or_reset+0x22/0x50 [ 193.170062] ? __schedule+0xc3e/0x2790 [ 193.170406] ? __pfx_read_tsc+0x10/0x10 [ 193.171007] ? ktime_get_ts64+0x86/0x230 [ 193.171499] kunit_try_run_case+0x1b3/0x490 [ 193.172084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.172373] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 193.172759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.173419] ? __kthread_parkme+0x82/0x160 [ 193.173914] ? preempt_count_sub+0x50/0x80 [ 193.174470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.175096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.175787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.176397] kthread+0x257/0x310 [ 193.177006] ? __pfx_kthread+0x10/0x10 [ 193.177455] ret_from_fork+0x41/0x80 [ 193.178132] ? __pfx_kthread+0x10/0x10 [ 193.178743] ret_from_fork_asm+0x1a/0x30 [ 193.179238] </TASK> [ 193.180084] ---[ end trace 0000000000000000 ]---