Date
Dec. 4, 2024, 3:07 p.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 22.540608] ================================================================== [ 22.541944] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 22.542722] Read of size 1 at addr ffff888100394200 by task kunit_try_catch/172 [ 22.545102] [ 22.545919] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.547263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.547824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.548800] Call Trace: [ 22.549247] <TASK> [ 22.549505] dump_stack_lvl+0x73/0xb0 [ 22.551277] print_report+0xd1/0x640 [ 22.551720] ? __virt_addr_valid+0x1db/0x2d0 [ 22.552747] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.553601] kasan_report+0x102/0x140 [ 22.554122] ? krealloc_uaf+0x1b9/0x5e0 [ 22.554782] ? krealloc_uaf+0x1b9/0x5e0 [ 22.555549] ? krealloc_uaf+0x1b9/0x5e0 [ 22.556116] __kasan_check_byte+0x3d/0x50 [ 22.556510] krealloc_noprof+0x3f/0x340 [ 22.557527] ? stack_depot_save_flags+0x43d/0x7c0 [ 22.557914] krealloc_uaf+0x1b9/0x5e0 [ 22.558407] ? __pfx_krealloc_uaf+0x10/0x10 [ 22.559393] ? finish_task_switch.isra.0+0x153/0x700 [ 22.560072] ? __switch_to+0x5d9/0xf60 [ 22.560496] ? __schedule+0xc3e/0x2790 [ 22.561170] ? __pfx_read_tsc+0x10/0x10 [ 22.561907] ? ktime_get_ts64+0x86/0x230 [ 22.562284] kunit_try_run_case+0x1b3/0x490 [ 22.563283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.563755] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.564203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.565151] ? __kthread_parkme+0x82/0x160 [ 22.565882] ? preempt_count_sub+0x50/0x80 [ 22.566301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.567118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.568035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.569468] kthread+0x257/0x310 [ 22.569937] ? __pfx_kthread+0x10/0x10 [ 22.570444] ret_from_fork+0x41/0x80 [ 22.571200] ? __pfx_kthread+0x10/0x10 [ 22.571598] ret_from_fork_asm+0x1a/0x30 [ 22.572072] </TASK> [ 22.572441] [ 22.572661] Allocated by task 172: [ 22.573102] kasan_save_stack+0x3d/0x60 [ 22.573558] kasan_save_track+0x18/0x40 [ 22.574153] kasan_save_alloc_info+0x3b/0x50 [ 22.574927] __kasan_kmalloc+0xb7/0xc0 [ 22.575165] __kmalloc_cache_noprof+0x184/0x410 [ 22.575884] krealloc_uaf+0xbc/0x5e0 [ 22.576449] kunit_try_run_case+0x1b3/0x490 [ 22.577010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.577459] kthread+0x257/0x310 [ 22.578176] ret_from_fork+0x41/0x80 [ 22.578987] ret_from_fork_asm+0x1a/0x30 [ 22.579564] [ 22.579944] Freed by task 172: [ 22.580180] kasan_save_stack+0x3d/0x60 [ 22.580543] kasan_save_track+0x18/0x40 [ 22.581437] kasan_save_free_info+0x3f/0x60 [ 22.581975] __kasan_slab_free+0x56/0x70 [ 22.582942] kfree+0x123/0x3f0 [ 22.583271] krealloc_uaf+0x13e/0x5e0 [ 22.583804] kunit_try_run_case+0x1b3/0x490 [ 22.584659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.586963] kthread+0x257/0x310 [ 22.587357] ret_from_fork+0x41/0x80 [ 22.587735] ret_from_fork_asm+0x1a/0x30 [ 22.588189] [ 22.588360] The buggy address belongs to the object at ffff888100394200 [ 22.588360] which belongs to the cache kmalloc-256 of size 256 [ 22.589666] The buggy address is located 0 bytes inside of [ 22.589666] freed 256-byte region [ffff888100394200, ffff888100394300) [ 22.592176] [ 22.593048] The buggy address belongs to the physical page: [ 22.593788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 22.594666] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.595182] flags: 0x200000000000040(head|node=0|zone=2) [ 22.595899] page_type: f5(slab) [ 22.596254] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.597077] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.597913] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.598596] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.599655] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 22.600676] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.601207] page dumped because: kasan: bad access detected [ 22.602157] [ 22.602519] Memory state around the buggy address: [ 22.603185] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.603569] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.603982] >ffff888100394200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.604759] ^ [ 22.605570] ffff888100394280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.605994] ffff888100394300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.606657] ================================================================== [ 22.607812] ================================================================== [ 22.608784] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 22.609560] Read of size 1 at addr ffff888100394200 by task kunit_try_catch/172 [ 22.610235] [ 22.610511] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.611549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.612260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.613038] Call Trace: [ 22.613586] <TASK> [ 22.613917] dump_stack_lvl+0x73/0xb0 [ 22.614504] print_report+0xd1/0x640 [ 22.614976] ? __virt_addr_valid+0x1db/0x2d0 [ 22.615299] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.615660] kasan_report+0x102/0x140 [ 22.616348] ? krealloc_uaf+0x53e/0x5e0 [ 22.617143] ? krealloc_uaf+0x53e/0x5e0 [ 22.617829] __asan_report_load1_noabort+0x18/0x20 [ 22.618529] krealloc_uaf+0x53e/0x5e0 [ 22.619126] ? __pfx_krealloc_uaf+0x10/0x10 [ 22.619449] ? finish_task_switch.isra.0+0x153/0x700 [ 22.620200] ? __switch_to+0x5d9/0xf60 [ 22.620693] ? __schedule+0xc3e/0x2790 [ 22.621232] ? __pfx_read_tsc+0x10/0x10 [ 22.621846] ? ktime_get_ts64+0x86/0x230 [ 22.622167] kunit_try_run_case+0x1b3/0x490 [ 22.622994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.623638] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.624255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.624808] ? __kthread_parkme+0x82/0x160 [ 22.625435] ? preempt_count_sub+0x50/0x80 [ 22.625968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.626533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.627161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.627570] kthread+0x257/0x310 [ 22.628278] ? __pfx_kthread+0x10/0x10 [ 22.628944] ret_from_fork+0x41/0x80 [ 22.629406] ? __pfx_kthread+0x10/0x10 [ 22.629893] ret_from_fork_asm+0x1a/0x30 [ 22.630219] </TASK> [ 22.630763] [ 22.631050] Allocated by task 172: [ 22.631467] kasan_save_stack+0x3d/0x60 [ 22.632021] kasan_save_track+0x18/0x40 [ 22.632408] kasan_save_alloc_info+0x3b/0x50 [ 22.633107] __kasan_kmalloc+0xb7/0xc0 [ 22.633682] __kmalloc_cache_noprof+0x184/0x410 [ 22.634091] krealloc_uaf+0xbc/0x5e0 [ 22.634521] kunit_try_run_case+0x1b3/0x490 [ 22.634874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.635376] kthread+0x257/0x310 [ 22.635889] ret_from_fork+0x41/0x80 [ 22.636329] ret_from_fork_asm+0x1a/0x30 [ 22.636714] [ 22.636979] Freed by task 172: [ 22.637434] kasan_save_stack+0x3d/0x60 [ 22.637959] kasan_save_track+0x18/0x40 [ 22.638320] kasan_save_free_info+0x3f/0x60 [ 22.638786] __kasan_slab_free+0x56/0x70 [ 22.639192] kfree+0x123/0x3f0 [ 22.639703] krealloc_uaf+0x13e/0x5e0 [ 22.640118] kunit_try_run_case+0x1b3/0x490 [ 22.640660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.641401] kthread+0x257/0x310 [ 22.641816] ret_from_fork+0x41/0x80 [ 22.642368] ret_from_fork_asm+0x1a/0x30 [ 22.642839] [ 22.643107] The buggy address belongs to the object at ffff888100394200 [ 22.643107] which belongs to the cache kmalloc-256 of size 256 [ 22.644055] The buggy address is located 0 bytes inside of [ 22.644055] freed 256-byte region [ffff888100394200, ffff888100394300) [ 22.645947] [ 22.646200] The buggy address belongs to the physical page: [ 22.647214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 22.648188] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.651178] flags: 0x200000000000040(head|node=0|zone=2) [ 22.651481] page_type: f5(slab) [ 22.651642] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.652328] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.653706] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.655261] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.656931] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 22.657318] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.658136] page dumped because: kasan: bad access detected [ 22.659362] [ 22.659651] Memory state around the buggy address: [ 22.660489] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.661982] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.662846] >ffff888100394200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.663231] ^ [ 22.663722] ffff888100394280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.665022] ffff888100394300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.666764] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 22.350701] ================================================================== [ 22.352294] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 22.353301] Write of size 1 at addr ffff888102c3a0d0 by task kunit_try_catch/170 [ 22.354728] [ 22.355008] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.357209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.357879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.358322] Call Trace: [ 22.358893] <TASK> [ 22.359568] dump_stack_lvl+0x73/0xb0 [ 22.359979] print_report+0xd1/0x640 [ 22.361110] ? __virt_addr_valid+0x1db/0x2d0 [ 22.361700] ? kasan_addr_to_slab+0x11/0xa0 [ 22.362216] kasan_report+0x102/0x140 [ 22.362616] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 22.363066] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 22.363689] __asan_report_store1_noabort+0x1b/0x30 [ 22.364511] krealloc_less_oob_helper+0xe25/0x11d0 [ 22.365068] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.365518] ? finish_task_switch.isra.0+0x153/0x700 [ 22.366238] ? __switch_to+0x5d9/0xf60 [ 22.367033] ? __schedule+0xc3e/0x2790 [ 22.367401] ? __pfx_read_tsc+0x10/0x10 [ 22.367820] krealloc_large_less_oob+0x1c/0x30 [ 22.368901] kunit_try_run_case+0x1b3/0x490 [ 22.369254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.369573] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.370189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.370996] ? __kthread_parkme+0x82/0x160 [ 22.371314] ? preempt_count_sub+0x50/0x80 [ 22.372119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.372690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.373345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.373719] kthread+0x257/0x310 [ 22.374152] ? __pfx_kthread+0x10/0x10 [ 22.374675] ret_from_fork+0x41/0x80 [ 22.375269] ? __pfx_kthread+0x10/0x10 [ 22.376007] ret_from_fork_asm+0x1a/0x30 [ 22.376608] </TASK> [ 22.376900] [ 22.377110] The buggy address belongs to the physical page: [ 22.377658] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c38 [ 22.378493] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.378999] flags: 0x200000000000040(head|node=0|zone=2) [ 22.379904] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.380638] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.381186] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.381889] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.382660] head: 0200000000000002 ffffea00040b0e01 ffffffffffffffff 0000000000000000 [ 22.383261] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.384026] page dumped because: kasan: bad access detected [ 22.384615] [ 22.384793] Memory state around the buggy address: [ 22.385269] ffff888102c39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.386407] ffff888102c3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.387011] >ffff888102c3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.387904] ^ [ 22.388496] ffff888102c3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.389556] ffff888102c3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.390026] ================================================================== [ 21.991688] ================================================================== [ 21.992348] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 21.992846] Write of size 1 at addr ffff8881003940d0 by task kunit_try_catch/166 [ 21.994625] [ 21.994917] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.995881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.996902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.998124] Call Trace: [ 21.998819] <TASK> [ 21.999060] dump_stack_lvl+0x73/0xb0 [ 21.999564] print_report+0xd1/0x640 [ 21.999936] ? __virt_addr_valid+0x1db/0x2d0 [ 22.001070] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.001722] kasan_report+0x102/0x140 [ 22.002214] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 22.002741] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 22.003507] __asan_report_store1_noabort+0x1b/0x30 [ 22.003945] krealloc_less_oob_helper+0xe25/0x11d0 [ 22.005167] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.005651] ? finish_task_switch.isra.0+0x153/0x700 [ 22.006293] ? __switch_to+0x5d9/0xf60 [ 22.006670] ? __schedule+0xc3e/0x2790 [ 22.007480] ? __pfx_read_tsc+0x10/0x10 [ 22.007865] krealloc_less_oob+0x1c/0x30 [ 22.008853] kunit_try_run_case+0x1b3/0x490 [ 22.009454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.009906] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.010380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.010928] ? __kthread_parkme+0x82/0x160 [ 22.011546] ? preempt_count_sub+0x50/0x80 [ 22.011923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.012890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.013519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.014147] kthread+0x257/0x310 [ 22.014730] ? __pfx_kthread+0x10/0x10 [ 22.015097] ret_from_fork+0x41/0x80 [ 22.015820] ? __pfx_kthread+0x10/0x10 [ 22.016116] ret_from_fork_asm+0x1a/0x30 [ 22.016652] </TASK> [ 22.016884] [ 22.017113] Allocated by task 166: [ 22.017476] kasan_save_stack+0x3d/0x60 [ 22.017765] kasan_save_track+0x18/0x40 [ 22.019479] kasan_save_alloc_info+0x3b/0x50 [ 22.019835] __kasan_krealloc+0x190/0x1f0 [ 22.020477] krealloc_noprof+0xf3/0x340 [ 22.020888] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.021740] krealloc_less_oob+0x1c/0x30 [ 22.022105] kunit_try_run_case+0x1b3/0x490 [ 22.023110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.023692] kthread+0x257/0x310 [ 22.024060] ret_from_fork+0x41/0x80 [ 22.024523] ret_from_fork_asm+0x1a/0x30 [ 22.025239] [ 22.025624] The buggy address belongs to the object at ffff888100394000 [ 22.025624] which belongs to the cache kmalloc-256 of size 256 [ 22.026625] The buggy address is located 7 bytes to the right of [ 22.026625] allocated 201-byte region [ffff888100394000, ffff8881003940c9) [ 22.027622] [ 22.028614] The buggy address belongs to the physical page: [ 22.028971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 22.029843] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.031291] flags: 0x200000000000040(head|node=0|zone=2) [ 22.032189] page_type: f5(slab) [ 22.033054] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.033664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.034508] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.035246] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.036402] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 22.036821] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.037685] page dumped because: kasan: bad access detected [ 22.038684] [ 22.039135] Memory state around the buggy address: [ 22.040097] ffff888100393f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.041502] ffff888100394000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.042369] >ffff888100394080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.042962] ^ [ 22.043517] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.045038] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.045873] ================================================================== [ 22.484446] ================================================================== [ 22.485575] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 22.487483] Write of size 1 at addr ffff888102c3a0eb by task kunit_try_catch/170 [ 22.488040] [ 22.488295] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.489414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.489822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.490593] Call Trace: [ 22.491217] <TASK> [ 22.491677] dump_stack_lvl+0x73/0xb0 [ 22.492016] print_report+0xd1/0x640 [ 22.492635] ? __virt_addr_valid+0x1db/0x2d0 [ 22.493102] ? kasan_addr_to_slab+0x11/0xa0 [ 22.493740] kasan_report+0x102/0x140 [ 22.494090] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 22.495148] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 22.496035] __asan_report_store1_noabort+0x1b/0x30 [ 22.496700] krealloc_less_oob_helper+0xd49/0x11d0 [ 22.497156] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.497886] ? finish_task_switch.isra.0+0x153/0x700 [ 22.498239] ? __switch_to+0x5d9/0xf60 [ 22.499112] ? __schedule+0xc3e/0x2790 [ 22.499544] ? __pfx_read_tsc+0x10/0x10 [ 22.500105] krealloc_large_less_oob+0x1c/0x30 [ 22.501523] kunit_try_run_case+0x1b3/0x490 [ 22.502035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.503010] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.503515] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.504103] ? __kthread_parkme+0x82/0x160 [ 22.504509] ? preempt_count_sub+0x50/0x80 [ 22.505067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.506051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.507185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.508293] kthread+0x257/0x310 [ 22.509097] ? __pfx_kthread+0x10/0x10 [ 22.509483] ret_from_fork+0x41/0x80 [ 22.509823] ? __pfx_kthread+0x10/0x10 [ 22.510623] ret_from_fork_asm+0x1a/0x30 [ 22.511393] </TASK> [ 22.511684] [ 22.511874] The buggy address belongs to the physical page: [ 22.512441] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c38 [ 22.513578] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.514151] flags: 0x200000000000040(head|node=0|zone=2) [ 22.515143] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.516739] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.517745] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.518827] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.519790] head: 0200000000000002 ffffea00040b0e01 ffffffffffffffff 0000000000000000 [ 22.520433] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.522020] page dumped because: kasan: bad access detected [ 22.522739] [ 22.522955] Memory state around the buggy address: [ 22.525008] ffff888102c39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.526043] ffff888102c3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.526914] >ffff888102c3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.527534] ^ [ 22.528577] ffff888102c3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.529669] ffff888102c3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.531071] ================================================================== [ 21.919143] ================================================================== [ 21.920681] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 21.922142] Write of size 1 at addr ffff8881003940c9 by task kunit_try_catch/166 [ 21.923264] [ 21.923468] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.924324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.925312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.926269] Call Trace: [ 21.926597] <TASK> [ 21.926887] dump_stack_lvl+0x73/0xb0 [ 21.927296] print_report+0xd1/0x640 [ 21.928099] ? __virt_addr_valid+0x1db/0x2d0 [ 21.928423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.929112] kasan_report+0x102/0x140 [ 21.929543] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 21.930549] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 21.931094] __asan_report_store1_noabort+0x1b/0x30 [ 21.932230] krealloc_less_oob_helper+0xd72/0x11d0 [ 21.932814] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.933560] ? finish_task_switch.isra.0+0x153/0x700 [ 21.934481] ? __switch_to+0x5d9/0xf60 [ 21.935089] ? __schedule+0xc3e/0x2790 [ 21.935991] ? __pfx_read_tsc+0x10/0x10 [ 21.936948] krealloc_less_oob+0x1c/0x30 [ 21.937605] kunit_try_run_case+0x1b3/0x490 [ 21.937942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.938989] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.939605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.940467] ? __kthread_parkme+0x82/0x160 [ 21.940940] ? preempt_count_sub+0x50/0x80 [ 21.941981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.942679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.943587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.943981] kthread+0x257/0x310 [ 21.944267] ? __pfx_kthread+0x10/0x10 [ 21.944830] ret_from_fork+0x41/0x80 [ 21.946317] ? __pfx_kthread+0x10/0x10 [ 21.947306] ret_from_fork_asm+0x1a/0x30 [ 21.948680] </TASK> [ 21.949356] [ 21.949841] Allocated by task 166: [ 21.950172] kasan_save_stack+0x3d/0x60 [ 21.951939] kasan_save_track+0x18/0x40 [ 21.952806] kasan_save_alloc_info+0x3b/0x50 [ 21.953272] __kasan_krealloc+0x190/0x1f0 [ 21.953732] krealloc_noprof+0xf3/0x340 [ 21.954068] krealloc_less_oob_helper+0x1ab/0x11d0 [ 21.954652] krealloc_less_oob+0x1c/0x30 [ 21.955917] kunit_try_run_case+0x1b3/0x490 [ 21.956338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.957290] kthread+0x257/0x310 [ 21.958018] ret_from_fork+0x41/0x80 [ 21.959208] ret_from_fork_asm+0x1a/0x30 [ 21.960189] [ 21.961390] The buggy address belongs to the object at ffff888100394000 [ 21.961390] which belongs to the cache kmalloc-256 of size 256 [ 21.963503] The buggy address is located 0 bytes to the right of [ 21.963503] allocated 201-byte region [ffff888100394000, ffff8881003940c9) [ 21.965714] [ 21.966034] The buggy address belongs to the physical page: [ 21.967148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 21.968683] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.969840] flags: 0x200000000000040(head|node=0|zone=2) [ 21.970867] page_type: f5(slab) [ 21.971257] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.972832] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.974015] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.975371] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.976863] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 21.978109] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 21.979446] page dumped because: kasan: bad access detected [ 21.979892] [ 21.980080] Memory state around the buggy address: [ 21.980475] ffff888100393f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.981325] ffff888100394000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.983118] >ffff888100394080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 21.983919] ^ [ 21.984445] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.985502] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.987520] ================================================================== [ 22.099617] ================================================================== [ 22.100172] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 22.101110] Write of size 1 at addr ffff8881003940ea by task kunit_try_catch/166 [ 22.101990] [ 22.102212] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.103655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.104151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.104936] Call Trace: [ 22.105198] <TASK> [ 22.105517] dump_stack_lvl+0x73/0xb0 [ 22.106879] print_report+0xd1/0x640 [ 22.107150] ? __virt_addr_valid+0x1db/0x2d0 [ 22.107910] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.108589] kasan_report+0x102/0x140 [ 22.108981] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 22.109847] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 22.110403] __asan_report_store1_noabort+0x1b/0x30 [ 22.110770] krealloc_less_oob_helper+0xe92/0x11d0 [ 22.111282] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.111712] ? finish_task_switch.isra.0+0x153/0x700 [ 22.112993] ? __switch_to+0x5d9/0xf60 [ 22.113538] ? __schedule+0xc3e/0x2790 [ 22.114186] ? __pfx_read_tsc+0x10/0x10 [ 22.114670] krealloc_less_oob+0x1c/0x30 [ 22.115105] kunit_try_run_case+0x1b3/0x490 [ 22.116246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.116725] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.117499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.117901] ? __kthread_parkme+0x82/0x160 [ 22.118458] ? preempt_count_sub+0x50/0x80 [ 22.118845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.120070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.120574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.121139] kthread+0x257/0x310 [ 22.121420] ? __pfx_kthread+0x10/0x10 [ 22.122155] ret_from_fork+0x41/0x80 [ 22.122741] ? __pfx_kthread+0x10/0x10 [ 22.123060] ret_from_fork_asm+0x1a/0x30 [ 22.124543] </TASK> [ 22.124874] [ 22.125033] Allocated by task 166: [ 22.125456] kasan_save_stack+0x3d/0x60 [ 22.125878] kasan_save_track+0x18/0x40 [ 22.126299] kasan_save_alloc_info+0x3b/0x50 [ 22.126882] __kasan_krealloc+0x190/0x1f0 [ 22.128157] krealloc_noprof+0xf3/0x340 [ 22.128786] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.129254] krealloc_less_oob+0x1c/0x30 [ 22.129869] kunit_try_run_case+0x1b3/0x490 [ 22.130165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.130874] kthread+0x257/0x310 [ 22.131277] ret_from_fork+0x41/0x80 [ 22.132541] ret_from_fork_asm+0x1a/0x30 [ 22.133066] [ 22.133235] The buggy address belongs to the object at ffff888100394000 [ 22.133235] which belongs to the cache kmalloc-256 of size 256 [ 22.134729] The buggy address is located 33 bytes to the right of [ 22.134729] allocated 201-byte region [ffff888100394000, ffff8881003940c9) [ 22.136390] [ 22.136642] The buggy address belongs to the physical page: [ 22.137210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 22.138041] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.138890] flags: 0x200000000000040(head|node=0|zone=2) [ 22.139401] page_type: f5(slab) [ 22.140247] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.141191] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.142224] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.142969] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.143598] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 22.144296] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.145470] page dumped because: kasan: bad access detected [ 22.146057] [ 22.146480] Memory state around the buggy address: [ 22.147505] ffff888100393f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.148837] ffff888100394000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.150238] >ffff888100394080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.151700] ^ [ 22.152458] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.153654] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.154298] ================================================================== [ 22.391370] ================================================================== [ 22.392041] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 22.393153] Write of size 1 at addr ffff888102c3a0da by task kunit_try_catch/170 [ 22.393999] [ 22.394212] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.395375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.395879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.396378] Call Trace: [ 22.396739] <TASK> [ 22.397283] dump_stack_lvl+0x73/0xb0 [ 22.397737] print_report+0xd1/0x640 [ 22.398084] ? __virt_addr_valid+0x1db/0x2d0 [ 22.398477] ? kasan_addr_to_slab+0x11/0xa0 [ 22.399473] kasan_report+0x102/0x140 [ 22.399848] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 22.400188] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 22.401126] __asan_report_store1_noabort+0x1b/0x30 [ 22.401745] krealloc_less_oob_helper+0xec8/0x11d0 [ 22.402117] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.402653] ? finish_task_switch.isra.0+0x153/0x700 [ 22.403214] ? __switch_to+0x5d9/0xf60 [ 22.403629] ? __schedule+0xc3e/0x2790 [ 22.404158] ? __pfx_read_tsc+0x10/0x10 [ 22.404630] krealloc_large_less_oob+0x1c/0x30 [ 22.405150] kunit_try_run_case+0x1b3/0x490 [ 22.405884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.406588] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.407032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.407658] ? __kthread_parkme+0x82/0x160 [ 22.408115] ? preempt_count_sub+0x50/0x80 [ 22.408425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.409423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.409799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.410744] kthread+0x257/0x310 [ 22.411213] ? __pfx_kthread+0x10/0x10 [ 22.411794] ret_from_fork+0x41/0x80 [ 22.412095] ? __pfx_kthread+0x10/0x10 [ 22.412545] ret_from_fork_asm+0x1a/0x30 [ 22.412957] </TASK> [ 22.413141] [ 22.413513] The buggy address belongs to the physical page: [ 22.416031] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c38 [ 22.416647] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.417324] flags: 0x200000000000040(head|node=0|zone=2) [ 22.418167] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.418926] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.420467] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.421247] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.422292] head: 0200000000000002 ffffea00040b0e01 ffffffffffffffff 0000000000000000 [ 22.423669] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.425036] page dumped because: kasan: bad access detected [ 22.425260] [ 22.426047] Memory state around the buggy address: [ 22.427621] ffff888102c39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.429002] ffff888102c3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.430153] >ffff888102c3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.430702] ^ [ 22.431413] ffff888102c3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.432185] ffff888102c3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.433719] ================================================================== [ 22.047452] ================================================================== [ 22.049432] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 22.050990] Write of size 1 at addr ffff8881003940da by task kunit_try_catch/166 [ 22.051520] [ 22.051716] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.052592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.052968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.053638] Call Trace: [ 22.055059] <TASK> [ 22.055609] dump_stack_lvl+0x73/0xb0 [ 22.056136] print_report+0xd1/0x640 [ 22.056793] ? __virt_addr_valid+0x1db/0x2d0 [ 22.057613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.058872] kasan_report+0x102/0x140 [ 22.059329] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 22.059850] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 22.060275] __asan_report_store1_noabort+0x1b/0x30 [ 22.061158] krealloc_less_oob_helper+0xec8/0x11d0 [ 22.061683] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.062633] ? finish_task_switch.isra.0+0x153/0x700 [ 22.063202] ? __switch_to+0x5d9/0xf60 [ 22.063569] ? __schedule+0xc3e/0x2790 [ 22.064004] ? __pfx_read_tsc+0x10/0x10 [ 22.064501] krealloc_less_oob+0x1c/0x30 [ 22.065350] kunit_try_run_case+0x1b3/0x490 [ 22.065772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.066152] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.067167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.067859] ? __kthread_parkme+0x82/0x160 [ 22.068261] ? preempt_count_sub+0x50/0x80 [ 22.068959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.069399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.069974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.070432] kthread+0x257/0x310 [ 22.071545] ? __pfx_kthread+0x10/0x10 [ 22.071931] ret_from_fork+0x41/0x80 [ 22.072425] ? __pfx_kthread+0x10/0x10 [ 22.072816] ret_from_fork_asm+0x1a/0x30 [ 22.073356] </TASK> [ 22.073576] [ 22.073836] Allocated by task 166: [ 22.074106] kasan_save_stack+0x3d/0x60 [ 22.075010] kasan_save_track+0x18/0x40 [ 22.075534] kasan_save_alloc_info+0x3b/0x50 [ 22.075996] __kasan_krealloc+0x190/0x1f0 [ 22.076570] krealloc_noprof+0xf3/0x340 [ 22.076960] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.077564] krealloc_less_oob+0x1c/0x30 [ 22.077923] kunit_try_run_case+0x1b3/0x490 [ 22.079045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.079519] kthread+0x257/0x310 [ 22.079994] ret_from_fork+0x41/0x80 [ 22.080582] ret_from_fork_asm+0x1a/0x30 [ 22.080937] [ 22.081168] The buggy address belongs to the object at ffff888100394000 [ 22.081168] which belongs to the cache kmalloc-256 of size 256 [ 22.082053] The buggy address is located 17 bytes to the right of [ 22.082053] allocated 201-byte region [ffff888100394000, ffff8881003940c9) [ 22.083636] [ 22.083866] The buggy address belongs to the physical page: [ 22.084530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 22.085346] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.085917] flags: 0x200000000000040(head|node=0|zone=2) [ 22.086846] page_type: f5(slab) [ 22.087141] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.088004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.088849] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.089666] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.090771] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 22.091460] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.092034] page dumped because: kasan: bad access detected [ 22.092696] [ 22.092974] Memory state around the buggy address: [ 22.093462] ffff888100393f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.094046] ffff888100394000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.095272] >ffff888100394080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.095792] ^ [ 22.096394] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.097375] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.097947] ================================================================== [ 22.434881] ================================================================== [ 22.436591] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 22.437245] Write of size 1 at addr ffff888102c3a0ea by task kunit_try_catch/170 [ 22.438708] [ 22.438906] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.441018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.441905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.442803] Call Trace: [ 22.443020] <TASK> [ 22.443898] dump_stack_lvl+0x73/0xb0 [ 22.444452] print_report+0xd1/0x640 [ 22.444881] ? __virt_addr_valid+0x1db/0x2d0 [ 22.445358] ? kasan_addr_to_slab+0x11/0xa0 [ 22.446351] kasan_report+0x102/0x140 [ 22.447121] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 22.447650] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 22.448705] __asan_report_store1_noabort+0x1b/0x30 [ 22.449548] krealloc_less_oob_helper+0xe92/0x11d0 [ 22.450048] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.450561] ? finish_task_switch.isra.0+0x153/0x700 [ 22.452135] ? __switch_to+0x5d9/0xf60 [ 22.453520] ? __schedule+0xc3e/0x2790 [ 22.453914] ? __pfx_read_tsc+0x10/0x10 [ 22.454883] krealloc_large_less_oob+0x1c/0x30 [ 22.455490] kunit_try_run_case+0x1b3/0x490 [ 22.457211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.457713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.458188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.459064] ? __kthread_parkme+0x82/0x160 [ 22.459913] ? preempt_count_sub+0x50/0x80 [ 22.461365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.461825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.462787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.463893] kthread+0x257/0x310 [ 22.464547] ? __pfx_kthread+0x10/0x10 [ 22.465561] ret_from_fork+0x41/0x80 [ 22.465966] ? __pfx_kthread+0x10/0x10 [ 22.467097] ret_from_fork_asm+0x1a/0x30 [ 22.467604] </TASK> [ 22.467728] [ 22.467822] The buggy address belongs to the physical page: [ 22.468773] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c38 [ 22.469812] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.470204] flags: 0x200000000000040(head|node=0|zone=2) [ 22.470562] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.471894] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.472665] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.474109] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.474936] head: 0200000000000002 ffffea00040b0e01 ffffffffffffffff 0000000000000000 [ 22.475802] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.476559] page dumped because: kasan: bad access detected [ 22.477100] [ 22.477667] Memory state around the buggy address: [ 22.478618] ffff888102c39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.479228] ffff888102c3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.480142] >ffff888102c3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.481016] ^ [ 22.482057] ffff888102c3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.483078] ffff888102c3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.483734] ================================================================== [ 22.305420] ================================================================== [ 22.306380] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 22.307267] Write of size 1 at addr ffff888102c3a0c9 by task kunit_try_catch/170 [ 22.308160] [ 22.308578] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.309902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.310247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.310928] Call Trace: [ 22.311192] <TASK> [ 22.311422] dump_stack_lvl+0x73/0xb0 [ 22.311810] print_report+0xd1/0x640 [ 22.312572] ? __virt_addr_valid+0x1db/0x2d0 [ 22.313914] ? kasan_addr_to_slab+0x11/0xa0 [ 22.314843] kasan_report+0x102/0x140 [ 22.315367] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 22.315857] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 22.316338] __asan_report_store1_noabort+0x1b/0x30 [ 22.317217] krealloc_less_oob_helper+0xd72/0x11d0 [ 22.318038] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.318768] ? finish_task_switch.isra.0+0x153/0x700 [ 22.319495] ? __switch_to+0x5d9/0xf60 [ 22.320017] ? __schedule+0xc3e/0x2790 [ 22.320606] ? __pfx_read_tsc+0x10/0x10 [ 22.321150] krealloc_large_less_oob+0x1c/0x30 [ 22.321873] kunit_try_run_case+0x1b3/0x490 [ 22.322579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.323132] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.323840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.324260] ? __kthread_parkme+0x82/0x160 [ 22.325032] ? preempt_count_sub+0x50/0x80 [ 22.326026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.326924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.327533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.328664] kthread+0x257/0x310 [ 22.328986] ? __pfx_kthread+0x10/0x10 [ 22.329703] ret_from_fork+0x41/0x80 [ 22.330350] ? __pfx_kthread+0x10/0x10 [ 22.330901] ret_from_fork_asm+0x1a/0x30 [ 22.331817] </TASK> [ 22.332175] [ 22.332379] The buggy address belongs to the physical page: [ 22.332894] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c38 [ 22.333993] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.334964] flags: 0x200000000000040(head|node=0|zone=2) [ 22.336100] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.337342] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.338209] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.339338] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.340627] head: 0200000000000002 ffffea00040b0e01 ffffffffffffffff 0000000000000000 [ 22.341564] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.342634] page dumped because: kasan: bad access detected [ 22.343199] [ 22.343523] Memory state around the buggy address: [ 22.344087] ffff888102c39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.345154] ffff888102c3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.346143] >ffff888102c3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.346963] ^ [ 22.347711] ffff888102c3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.348534] ffff888102c3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.349246] ================================================================== [ 22.155797] ================================================================== [ 22.156383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 22.157472] Write of size 1 at addr ffff8881003940eb by task kunit_try_catch/166 [ 22.158119] [ 22.158346] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.159342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.160159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.160974] Call Trace: [ 22.161484] <TASK> [ 22.161697] dump_stack_lvl+0x73/0xb0 [ 22.162263] print_report+0xd1/0x640 [ 22.162841] ? __virt_addr_valid+0x1db/0x2d0 [ 22.163483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.163940] kasan_report+0x102/0x140 [ 22.164383] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 22.165032] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 22.166279] __asan_report_store1_noabort+0x1b/0x30 [ 22.166952] krealloc_less_oob_helper+0xd49/0x11d0 [ 22.167426] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.168222] ? finish_task_switch.isra.0+0x153/0x700 [ 22.168894] ? __switch_to+0x5d9/0xf60 [ 22.169959] ? __schedule+0xc3e/0x2790 [ 22.171198] ? __pfx_read_tsc+0x10/0x10 [ 22.171834] krealloc_less_oob+0x1c/0x30 [ 22.172862] kunit_try_run_case+0x1b3/0x490 [ 22.173329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.174727] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.175135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.176091] ? __kthread_parkme+0x82/0x160 [ 22.176895] ? preempt_count_sub+0x50/0x80 [ 22.177280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.177783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.178438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.179615] kthread+0x257/0x310 [ 22.179880] ? __pfx_kthread+0x10/0x10 [ 22.180623] ret_from_fork+0x41/0x80 [ 22.181162] ? __pfx_kthread+0x10/0x10 [ 22.181844] ret_from_fork_asm+0x1a/0x30 [ 22.182725] </TASK> [ 22.183148] [ 22.183563] Allocated by task 166: [ 22.184047] kasan_save_stack+0x3d/0x60 [ 22.184725] kasan_save_track+0x18/0x40 [ 22.185232] kasan_save_alloc_info+0x3b/0x50 [ 22.185692] __kasan_krealloc+0x190/0x1f0 [ 22.186197] krealloc_noprof+0xf3/0x340 [ 22.186589] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.187574] krealloc_less_oob+0x1c/0x30 [ 22.188028] kunit_try_run_case+0x1b3/0x490 [ 22.188767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.189599] kthread+0x257/0x310 [ 22.190036] ret_from_fork+0x41/0x80 [ 22.190876] ret_from_fork_asm+0x1a/0x30 [ 22.191170] [ 22.191628] The buggy address belongs to the object at ffff888100394000 [ 22.191628] which belongs to the cache kmalloc-256 of size 256 [ 22.192999] The buggy address is located 34 bytes to the right of [ 22.192999] allocated 201-byte region [ffff888100394000, ffff8881003940c9) [ 22.194032] [ 22.194585] The buggy address belongs to the physical page: [ 22.194963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 22.196842] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.197962] flags: 0x200000000000040(head|node=0|zone=2) [ 22.198693] page_type: f5(slab) [ 22.198941] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.199231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.200350] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.201951] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.203747] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 22.204541] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.205130] page dumped because: kasan: bad access detected [ 22.206008] [ 22.206226] Memory state around the buggy address: [ 22.206621] ffff888100393f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.208298] ffff888100394000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.209245] >ffff888100394080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.209940] ^ [ 22.211096] ffff888100394100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.211799] ffff888100394180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.212715] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 21.852456] ================================================================== [ 21.854533] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 21.855539] Write of size 1 at addr ffff8881009a84f0 by task kunit_try_catch/164 [ 21.856826] [ 21.857000] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.858738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.859096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.860057] Call Trace: [ 21.860757] <TASK> [ 21.860986] dump_stack_lvl+0x73/0xb0 [ 21.861876] print_report+0xd1/0x640 [ 21.862158] ? __virt_addr_valid+0x1db/0x2d0 [ 21.863044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.863726] kasan_report+0x102/0x140 [ 21.864110] ? krealloc_more_oob_helper+0x7ed/0x930 [ 21.864586] ? krealloc_more_oob_helper+0x7ed/0x930 [ 21.865679] __asan_report_store1_noabort+0x1b/0x30 [ 21.866465] krealloc_more_oob_helper+0x7ed/0x930 [ 21.867192] ? __schedule+0xc3e/0x2790 [ 21.867765] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 21.868246] ? finish_task_switch.isra.0+0x153/0x700 [ 21.869633] ? __switch_to+0x5d9/0xf60 [ 21.870079] ? __schedule+0xc3e/0x2790 [ 21.870495] ? __pfx_read_tsc+0x10/0x10 [ 21.871130] krealloc_more_oob+0x1c/0x30 [ 21.872046] kunit_try_run_case+0x1b3/0x490 [ 21.872833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.873562] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.874213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.875198] ? __kthread_parkme+0x82/0x160 [ 21.875451] ? preempt_count_sub+0x50/0x80 [ 21.875647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.875924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.876992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.877645] kthread+0x257/0x310 [ 21.877910] ? __pfx_kthread+0x10/0x10 [ 21.878247] ret_from_fork+0x41/0x80 [ 21.878962] ? __pfx_kthread+0x10/0x10 [ 21.880055] ret_from_fork_asm+0x1a/0x30 [ 21.880868] </TASK> [ 21.881309] [ 21.881448] Allocated by task 164: [ 21.881660] kasan_save_stack+0x3d/0x60 [ 21.882018] kasan_save_track+0x18/0x40 [ 21.883003] kasan_save_alloc_info+0x3b/0x50 [ 21.884035] __kasan_krealloc+0x190/0x1f0 [ 21.884580] krealloc_noprof+0xf3/0x340 [ 21.885024] krealloc_more_oob_helper+0x1aa/0x930 [ 21.885481] krealloc_more_oob+0x1c/0x30 [ 21.885917] kunit_try_run_case+0x1b3/0x490 [ 21.887211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.887809] kthread+0x257/0x310 [ 21.888436] ret_from_fork+0x41/0x80 [ 21.888695] ret_from_fork_asm+0x1a/0x30 [ 21.889754] [ 21.890131] The buggy address belongs to the object at ffff8881009a8400 [ 21.890131] which belongs to the cache kmalloc-256 of size 256 [ 21.891713] The buggy address is located 5 bytes to the right of [ 21.891713] allocated 235-byte region [ffff8881009a8400, ffff8881009a84eb) [ 21.894150] [ 21.894611] The buggy address belongs to the physical page: [ 21.895169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a8 [ 21.896675] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.897871] flags: 0x200000000000040(head|node=0|zone=2) [ 21.899007] page_type: f5(slab) [ 21.899703] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.900670] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.901659] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.902288] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.903648] head: 0200000000000001 ffffea0004026a01 ffffffffffffffff 0000000000000000 [ 21.904880] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 21.905462] page dumped because: kasan: bad access detected [ 21.906024] [ 21.906217] Memory state around the buggy address: [ 21.906659] ffff8881009a8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.907917] ffff8881009a8400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.908906] >ffff8881009a8480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 21.909733] ^ [ 21.910605] ffff8881009a8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.911453] ffff8881009a8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.911969] ================================================================== [ 21.790052] ================================================================== [ 21.791919] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 21.792658] Write of size 1 at addr ffff8881009a84eb by task kunit_try_catch/164 [ 21.794462] [ 21.794747] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.795985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.796601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.797909] Call Trace: [ 21.798135] <TASK> [ 21.798682] dump_stack_lvl+0x73/0xb0 [ 21.799614] print_report+0xd1/0x640 [ 21.800161] ? __virt_addr_valid+0x1db/0x2d0 [ 21.801142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.802192] kasan_report+0x102/0x140 [ 21.803111] ? krealloc_more_oob_helper+0x823/0x930 [ 21.804376] ? krealloc_more_oob_helper+0x823/0x930 [ 21.805431] __asan_report_store1_noabort+0x1b/0x30 [ 21.805735] krealloc_more_oob_helper+0x823/0x930 [ 21.806235] ? __schedule+0xc3e/0x2790 [ 21.806616] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 21.807154] ? finish_task_switch.isra.0+0x153/0x700 [ 21.807692] ? __switch_to+0x5d9/0xf60 [ 21.808890] ? __schedule+0xc3e/0x2790 [ 21.810063] ? __pfx_read_tsc+0x10/0x10 [ 21.810556] krealloc_more_oob+0x1c/0x30 [ 21.810757] kunit_try_run_case+0x1b3/0x490 [ 21.811595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.812069] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.813050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.814009] ? __kthread_parkme+0x82/0x160 [ 21.814760] ? preempt_count_sub+0x50/0x80 [ 21.815044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.815927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.817168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.818021] kthread+0x257/0x310 [ 21.818283] ? __pfx_kthread+0x10/0x10 [ 21.819285] ret_from_fork+0x41/0x80 [ 21.820297] ? __pfx_kthread+0x10/0x10 [ 21.820718] ret_from_fork_asm+0x1a/0x30 [ 21.821135] </TASK> [ 21.822150] [ 21.822410] Allocated by task 164: [ 21.822671] kasan_save_stack+0x3d/0x60 [ 21.823461] kasan_save_track+0x18/0x40 [ 21.823912] kasan_save_alloc_info+0x3b/0x50 [ 21.824207] __kasan_krealloc+0x190/0x1f0 [ 21.825264] krealloc_noprof+0xf3/0x340 [ 21.825871] krealloc_more_oob_helper+0x1aa/0x930 [ 21.826867] krealloc_more_oob+0x1c/0x30 [ 21.827392] kunit_try_run_case+0x1b3/0x490 [ 21.827938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.828450] kthread+0x257/0x310 [ 21.828882] ret_from_fork+0x41/0x80 [ 21.829485] ret_from_fork_asm+0x1a/0x30 [ 21.830382] [ 21.830665] The buggy address belongs to the object at ffff8881009a8400 [ 21.830665] which belongs to the cache kmalloc-256 of size 256 [ 21.832630] The buggy address is located 0 bytes to the right of [ 21.832630] allocated 235-byte region [ffff8881009a8400, ffff8881009a84eb) [ 21.834315] [ 21.834668] The buggy address belongs to the physical page: [ 21.835208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a8 [ 21.836179] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.837210] flags: 0x200000000000040(head|node=0|zone=2) [ 21.838050] page_type: f5(slab) [ 21.838752] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.840175] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.842099] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.842822] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.843452] head: 0200000000000001 ffffea0004026a01 ffffffffffffffff 0000000000000000 [ 21.844338] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 21.844926] page dumped because: kasan: bad access detected [ 21.845310] [ 21.845657] Memory state around the buggy address: [ 21.846087] ffff8881009a8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.846708] ffff8881009a8400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.847397] >ffff8881009a8480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 21.848618] ^ [ 21.849085] ffff8881009a8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.849918] ffff8881009a8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.850748] ================================================================== [ 22.263515] ================================================================== [ 22.264116] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 22.265880] Write of size 1 at addr ffff888102b2e0f0 by task kunit_try_catch/168 [ 22.266647] [ 22.266859] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.267483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.267967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.268885] Call Trace: [ 22.269240] <TASK> [ 22.269596] dump_stack_lvl+0x73/0xb0 [ 22.269979] print_report+0xd1/0x640 [ 22.270476] ? __virt_addr_valid+0x1db/0x2d0 [ 22.270908] ? kasan_addr_to_slab+0x11/0xa0 [ 22.271447] kasan_report+0x102/0x140 [ 22.271804] ? krealloc_more_oob_helper+0x7ed/0x930 [ 22.272380] ? krealloc_more_oob_helper+0x7ed/0x930 [ 22.273044] __asan_report_store1_noabort+0x1b/0x30 [ 22.274804] krealloc_more_oob_helper+0x7ed/0x930 [ 22.275311] ? __schedule+0xc3e/0x2790 [ 22.275661] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 22.276170] ? finish_task_switch.isra.0+0x153/0x700 [ 22.276784] ? __switch_to+0x5d9/0xf60 [ 22.277187] ? __schedule+0xc3e/0x2790 [ 22.277513] ? __pfx_read_tsc+0x10/0x10 [ 22.278044] krealloc_large_more_oob+0x1c/0x30 [ 22.278503] kunit_try_run_case+0x1b3/0x490 [ 22.279031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.279568] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.280040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.280463] ? __kthread_parkme+0x82/0x160 [ 22.281012] ? preempt_count_sub+0x50/0x80 [ 22.281430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.282011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.282693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.283195] kthread+0x257/0x310 [ 22.283567] ? __pfx_kthread+0x10/0x10 [ 22.284011] ret_from_fork+0x41/0x80 [ 22.284516] ? __pfx_kthread+0x10/0x10 [ 22.284895] ret_from_fork_asm+0x1a/0x30 [ 22.285332] </TASK> [ 22.285639] [ 22.285920] The buggy address belongs to the physical page: [ 22.286565] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 22.287069] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.287909] flags: 0x200000000000040(head|node=0|zone=2) [ 22.288470] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.289198] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.289994] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.290705] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.291493] head: 0200000000000002 ffffea00040acb01 ffffffffffffffff 0000000000000000 [ 22.292216] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.292918] page dumped because: kasan: bad access detected [ 22.293404] [ 22.293633] Memory state around the buggy address: [ 22.294107] ffff888102b2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.294848] ffff888102b2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.295360] >ffff888102b2e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 22.296168] ^ [ 22.296735] ffff888102b2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.297516] ffff888102b2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.298294] ================================================================== [ 22.220548] ================================================================== [ 22.221625] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 22.222600] Write of size 1 at addr ffff888102b2e0eb by task kunit_try_catch/168 [ 22.223893] [ 22.224107] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.225935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.226315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.227282] Call Trace: [ 22.227585] <TASK> [ 22.227875] dump_stack_lvl+0x73/0xb0 [ 22.228190] print_report+0xd1/0x640 [ 22.229610] ? __virt_addr_valid+0x1db/0x2d0 [ 22.230277] ? kasan_addr_to_slab+0x11/0xa0 [ 22.231102] kasan_report+0x102/0x140 [ 22.231635] ? krealloc_more_oob_helper+0x823/0x930 [ 22.232065] ? krealloc_more_oob_helper+0x823/0x930 [ 22.232472] __asan_report_store1_noabort+0x1b/0x30 [ 22.233006] krealloc_more_oob_helper+0x823/0x930 [ 22.233591] ? __schedule+0xc3e/0x2790 [ 22.234157] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 22.234908] ? finish_task_switch.isra.0+0x153/0x700 [ 22.235740] ? __switch_to+0x5d9/0xf60 [ 22.236412] ? __schedule+0xc3e/0x2790 [ 22.236893] ? __pfx_read_tsc+0x10/0x10 [ 22.237249] krealloc_large_more_oob+0x1c/0x30 [ 22.237976] kunit_try_run_case+0x1b3/0x490 [ 22.238644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.239095] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.240138] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.241037] ? __kthread_parkme+0x82/0x160 [ 22.241758] ? preempt_count_sub+0x50/0x80 [ 22.242181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.242918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.243554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.244292] kthread+0x257/0x310 [ 22.245006] ? __pfx_kthread+0x10/0x10 [ 22.245356] ret_from_fork+0x41/0x80 [ 22.245711] ? __pfx_kthread+0x10/0x10 [ 22.246580] ret_from_fork_asm+0x1a/0x30 [ 22.247095] </TASK> [ 22.247374] [ 22.247539] The buggy address belongs to the physical page: [ 22.248112] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 22.248807] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.250188] flags: 0x200000000000040(head|node=0|zone=2) [ 22.250944] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.251938] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.252977] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.253602] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.254255] head: 0200000000000002 ffffea00040acb01 ffffffffffffffff 0000000000000000 [ 22.255008] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.255924] page dumped because: kasan: bad access detected [ 22.256554] [ 22.256908] Memory state around the buggy address: [ 22.257524] ffff888102b2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.258244] ffff888102b2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.259097] >ffff888102b2e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 22.259885] ^ [ 22.260689] ffff888102b2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.261368] ffff888102b2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.262054] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 168.054502] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 21.204942] ================================================================== [ 21.206157] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 21.206887] Read of size 1 at addr ffff888101ae3480 by task kunit_try_catch/144 [ 21.207509] [ 21.207813] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.208834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.209369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.210047] Call Trace: [ 21.210509] <TASK> [ 21.210787] dump_stack_lvl+0x73/0xb0 [ 21.211367] print_report+0xd1/0x640 [ 21.211852] ? __virt_addr_valid+0x1db/0x2d0 [ 21.212162] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.212853] kasan_report+0x102/0x140 [ 21.213446] ? kmalloc_oob_right+0x68c/0x7f0 [ 21.213893] ? kmalloc_oob_right+0x68c/0x7f0 [ 21.214504] __asan_report_load1_noabort+0x18/0x20 [ 21.215023] kmalloc_oob_right+0x68c/0x7f0 [ 21.215449] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.216079] ? __schedule+0xc3e/0x2790 [ 21.216466] ? __pfx_read_tsc+0x10/0x10 [ 21.216962] ? ktime_get_ts64+0x86/0x230 [ 21.217525] kunit_try_run_case+0x1b3/0x490 [ 21.217986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.218574] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.219110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.219666] ? __kthread_parkme+0x82/0x160 [ 21.220208] ? preempt_count_sub+0x50/0x80 [ 21.220781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.221210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.221953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.222508] kthread+0x257/0x310 [ 21.222976] ? __pfx_kthread+0x10/0x10 [ 21.223258] ret_from_fork+0x41/0x80 [ 21.223829] ? __pfx_kthread+0x10/0x10 [ 21.224152] ret_from_fork_asm+0x1a/0x30 [ 21.224827] </TASK> [ 21.225092] [ 21.225351] Allocated by task 144: [ 21.225640] kasan_save_stack+0x3d/0x60 [ 21.225938] kasan_save_track+0x18/0x40 [ 21.226206] kasan_save_alloc_info+0x3b/0x50 [ 21.226502] __kasan_kmalloc+0xb7/0xc0 [ 21.226870] __kmalloc_cache_noprof+0x184/0x410 [ 21.227687] kmalloc_oob_right+0xaa/0x7f0 [ 21.228204] kunit_try_run_case+0x1b3/0x490 [ 21.228869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.229524] kthread+0x257/0x310 [ 21.229801] ret_from_fork+0x41/0x80 [ 21.230282] ret_from_fork_asm+0x1a/0x30 [ 21.230855] [ 21.231171] The buggy address belongs to the object at ffff888101ae3400 [ 21.231171] which belongs to the cache kmalloc-128 of size 128 [ 21.232595] The buggy address is located 13 bytes to the right of [ 21.232595] allocated 115-byte region [ffff888101ae3400, ffff888101ae3473) [ 21.233822] [ 21.233983] The buggy address belongs to the physical page: [ 21.234638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ae3 [ 21.235680] flags: 0x200000000000000(node=0|zone=2) [ 21.236423] page_type: f5(slab) [ 21.236677] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.237147] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.237733] page dumped because: kasan: bad access detected [ 21.238373] [ 21.238632] Memory state around the buggy address: [ 21.239184] ffff888101ae3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.240143] ffff888101ae3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.240671] >ffff888101ae3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.241116] ^ [ 21.241357] ffff888101ae3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.241831] ffff888101ae3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.243123] ================================================================== [ 21.115075] ================================================================== [ 21.116349] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 21.117853] Write of size 1 at addr ffff888101ae3473 by task kunit_try_catch/144 [ 21.118490] [ 21.120632] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.13.0-rc1-next-20241204 #1 [ 21.121783] Tainted: [N]=TEST [ 21.122159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.123736] Call Trace: [ 21.124104] <TASK> [ 21.124850] dump_stack_lvl+0x73/0xb0 [ 21.125732] print_report+0xd1/0x640 [ 21.126135] ? __virt_addr_valid+0x1db/0x2d0 [ 21.126543] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.127094] kasan_report+0x102/0x140 [ 21.127525] ? kmalloc_oob_right+0x6f2/0x7f0 [ 21.127966] ? kmalloc_oob_right+0x6f2/0x7f0 [ 21.128375] __asan_report_store1_noabort+0x1b/0x30 [ 21.128919] kmalloc_oob_right+0x6f2/0x7f0 [ 21.129819] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.130168] ? __schedule+0xc3e/0x2790 [ 21.130681] ? __pfx_read_tsc+0x10/0x10 [ 21.131110] ? ktime_get_ts64+0x86/0x230 [ 21.131493] kunit_try_run_case+0x1b3/0x490 [ 21.132071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.132527] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.133008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.133867] ? __kthread_parkme+0x82/0x160 [ 21.134193] ? preempt_count_sub+0x50/0x80 [ 21.134749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.135295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.135729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.136731] kthread+0x257/0x310 [ 21.137348] ? __pfx_kthread+0x10/0x10 [ 21.137619] ret_from_fork+0x41/0x80 [ 21.138352] ? __pfx_kthread+0x10/0x10 [ 21.138829] ret_from_fork_asm+0x1a/0x30 [ 21.139446] </TASK> [ 21.140116] [ 21.140452] Allocated by task 144: [ 21.141088] kasan_save_stack+0x3d/0x60 [ 21.141585] kasan_save_track+0x18/0x40 [ 21.141898] kasan_save_alloc_info+0x3b/0x50 [ 21.142362] __kasan_kmalloc+0xb7/0xc0 [ 21.142829] __kmalloc_cache_noprof+0x184/0x410 [ 21.143292] kmalloc_oob_right+0xaa/0x7f0 [ 21.143702] kunit_try_run_case+0x1b3/0x490 [ 21.144101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.144727] kthread+0x257/0x310 [ 21.144980] ret_from_fork+0x41/0x80 [ 21.145490] ret_from_fork_asm+0x1a/0x30 [ 21.146089] [ 21.146479] The buggy address belongs to the object at ffff888101ae3400 [ 21.146479] which belongs to the cache kmalloc-128 of size 128 [ 21.147689] The buggy address is located 0 bytes to the right of [ 21.147689] allocated 115-byte region [ffff888101ae3400, ffff888101ae3473) [ 21.149040] [ 21.149502] The buggy address belongs to the physical page: [ 21.150471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ae3 [ 21.151600] flags: 0x200000000000000(node=0|zone=2) [ 21.152848] page_type: f5(slab) [ 21.153926] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.154562] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.155412] page dumped because: kasan: bad access detected [ 21.155925] [ 21.156305] Memory state around the buggy address: [ 21.157320] ffff888101ae3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.158052] ffff888101ae3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159206] >ffff888101ae3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.160056] ^ [ 21.160808] ffff888101ae3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.161565] ffff888101ae3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.162278] ================================================================== [ 21.165687] ================================================================== [ 21.166605] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 21.167200] Write of size 1 at addr ffff888101ae3478 by task kunit_try_catch/144 [ 21.167949] [ 21.168150] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.169188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.169624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.170586] Call Trace: [ 21.170959] <TASK> [ 21.171246] dump_stack_lvl+0x73/0xb0 [ 21.171738] print_report+0xd1/0x640 [ 21.172089] ? __virt_addr_valid+0x1db/0x2d0 [ 21.172629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.173208] kasan_report+0x102/0x140 [ 21.173669] ? kmalloc_oob_right+0x6bf/0x7f0 [ 21.174230] ? kmalloc_oob_right+0x6bf/0x7f0 [ 21.174803] __asan_report_store1_noabort+0x1b/0x30 [ 21.175160] kmalloc_oob_right+0x6bf/0x7f0 [ 21.175677] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.176475] ? __schedule+0xc3e/0x2790 [ 21.176943] ? __pfx_read_tsc+0x10/0x10 [ 21.177591] ? ktime_get_ts64+0x86/0x230 [ 21.178099] kunit_try_run_case+0x1b3/0x490 [ 21.178638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.179060] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.179373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.180282] ? __kthread_parkme+0x82/0x160 [ 21.180843] ? preempt_count_sub+0x50/0x80 [ 21.181299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.181820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.182453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.183189] kthread+0x257/0x310 [ 21.183674] ? __pfx_kthread+0x10/0x10 [ 21.184025] ret_from_fork+0x41/0x80 [ 21.184301] ? __pfx_kthread+0x10/0x10 [ 21.185331] ret_from_fork_asm+0x1a/0x30 [ 21.185892] </TASK> [ 21.186210] [ 21.187307] Allocated by task 144: [ 21.187611] kasan_save_stack+0x3d/0x60 [ 21.187919] kasan_save_track+0x18/0x40 [ 21.188224] kasan_save_alloc_info+0x3b/0x50 [ 21.188591] __kasan_kmalloc+0xb7/0xc0 [ 21.189081] __kmalloc_cache_noprof+0x184/0x410 [ 21.189470] kmalloc_oob_right+0xaa/0x7f0 [ 21.189989] kunit_try_run_case+0x1b3/0x490 [ 21.190432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.190798] kthread+0x257/0x310 [ 21.191218] ret_from_fork+0x41/0x80 [ 21.191618] ret_from_fork_asm+0x1a/0x30 [ 21.191978] [ 21.192143] The buggy address belongs to the object at ffff888101ae3400 [ 21.192143] which belongs to the cache kmalloc-128 of size 128 [ 21.193459] The buggy address is located 5 bytes to the right of [ 21.193459] allocated 115-byte region [ffff888101ae3400, ffff888101ae3473) [ 21.194556] [ 21.194776] The buggy address belongs to the physical page: [ 21.195186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ae3 [ 21.195766] flags: 0x200000000000000(node=0|zone=2) [ 21.196330] page_type: f5(slab) [ 21.196914] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.197607] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.198059] page dumped because: kasan: bad access detected [ 21.198877] [ 21.199088] Memory state around the buggy address: [ 21.199471] ffff888101ae3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.200182] ffff888101ae3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200780] >ffff888101ae3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.201176] ^ [ 21.202061] ffff888101ae3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.203065] ffff888101ae3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.203772] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 219.272815] WARNING: CPU: 1 PID: 2254 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 219.274706] Modules linked in: [ 219.275209] CPU: 1 UID: 0 PID: 2254 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241204 #1 [ 219.276734] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 219.277614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 219.278463] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 219.279086] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 219.280806] RSP: 0000:ffff8881048afce8 EFLAGS: 00010286 [ 219.281542] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 219.282939] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb960aabc [ 219.284179] RBP: ffff8881048afd10 R08: 0000000000000000 R09: ffffed10208857a0 [ 219.284643] R10: ffff88810442bd07 R11: 0000000000000000 R12: ffffffffb960aaa8 [ 219.286333] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881048afda8 [ 219.287180] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 219.288442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.289749] CR2: 00007ffff7ffe000 CR3: 0000000175ab8000 CR4: 00000000000006f0 [ 219.290570] DR0: ffffffffbb5ed160 DR1: ffffffffbb5ed161 DR2: ffffffffbb5ed163 [ 219.291570] DR3: ffffffffbb5ed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 219.292891] Call Trace: [ 219.293161] <TASK> [ 219.294015] ? show_regs+0x68/0x80 [ 219.295079] ? __warn+0xd5/0x260 [ 219.295484] ? drm_rect_calc_vscale+0x130/0x190 [ 219.295961] ? report_bug+0x278/0x2e0 [ 219.296364] ? handle_bug+0x5c/0xb0 [ 219.296796] ? exc_invalid_op+0x1c/0x50 [ 219.298386] ? asm_exc_invalid_op+0x1f/0x30 [ 219.299075] ? drm_rect_calc_vscale+0x130/0x190 [ 219.299928] drm_test_rect_calc_vscale+0x109/0x270 [ 219.300425] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 219.301254] ? __schedule+0xc3e/0x2790 [ 219.301794] ? __pfx_read_tsc+0x10/0x10 [ 219.302637] ? ktime_get_ts64+0x86/0x230 [ 219.303028] kunit_try_run_case+0x1b3/0x490 [ 219.303669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.304006] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 219.304696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 219.305134] ? __kthread_parkme+0x82/0x160 [ 219.305498] ? preempt_count_sub+0x50/0x80 [ 219.306341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.306829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 219.307744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 219.308271] kthread+0x257/0x310 [ 219.308640] ? __pfx_kthread+0x10/0x10 [ 219.309079] ret_from_fork+0x41/0x80 [ 219.309610] ? __pfx_kthread+0x10/0x10 [ 219.310088] ret_from_fork_asm+0x1a/0x30 [ 219.310780] </TASK> [ 219.311031] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 219.317677] WARNING: CPU: 0 PID: 2256 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 219.319324] Modules linked in: [ 219.319908] CPU: 0 UID: 0 PID: 2256 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241204 #1 [ 219.320475] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 219.321328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 219.323045] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 219.323517] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 219.325808] RSP: 0000:ffff8881045efce8 EFLAGS: 00010286 [ 219.326223] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 219.327517] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb960aaf4 [ 219.328025] RBP: ffff8881045efd10 R08: 0000000000000000 R09: ffffed102090ba20 [ 219.328891] R10: ffff88810485d107 R11: 0000000000000000 R12: ffffffffb960aae0 [ 219.329703] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881045efda8 [ 219.330455] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 219.331206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.332209] CR2: 00007ffff7ffe000 CR3: 0000000175ab8000 CR4: 00000000000006f0 [ 219.333040] DR0: ffffffffbb5ed160 DR1: ffffffffbb5ed161 DR2: ffffffffbb5ed162 [ 219.333705] DR3: ffffffffbb5ed163 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 219.334721] Call Trace: [ 219.334984] <TASK> [ 219.336070] ? show_regs+0x68/0x80 [ 219.337079] ? __warn+0xd5/0x260 [ 219.337372] ? drm_rect_calc_vscale+0x130/0x190 [ 219.337928] ? report_bug+0x278/0x2e0 [ 219.338326] ? handle_bug+0x5c/0xb0 [ 219.338638] ? exc_invalid_op+0x1c/0x50 [ 219.339108] ? asm_exc_invalid_op+0x1f/0x30 [ 219.339775] ? drm_rect_calc_vscale+0x130/0x190 [ 219.340182] drm_test_rect_calc_vscale+0x109/0x270 [ 219.341528] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 219.342032] ? __schedule+0xc3e/0x2790 [ 219.342657] ? __pfx_read_tsc+0x10/0x10 [ 219.343046] ? ktime_get_ts64+0x86/0x230 [ 219.343714] kunit_try_run_case+0x1b3/0x490 [ 219.344188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.345186] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 219.345870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 219.346591] ? __kthread_parkme+0x82/0x160 [ 219.347092] ? preempt_count_sub+0x50/0x80 [ 219.347704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.348128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 219.349122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 219.349507] kthread+0x257/0x310 [ 219.349926] ? __pfx_kthread+0x10/0x10 [ 219.350569] ret_from_fork+0x41/0x80 [ 219.351277] ? __pfx_kthread+0x10/0x10 [ 219.352635] ret_from_fork_asm+0x1a/0x30 [ 219.353056] </TASK> [ 219.353332] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 63.481139] ================================================================== [ 63.481902] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 63.481902] [ 63.482594] Use-after-free read at 0x(____ptrval____) (in kfence-#184): [ 63.483342] test_krealloc+0x6fd/0xbe0 [ 63.483772] kunit_try_run_case+0x1b3/0x490 [ 63.484355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.484888] kthread+0x257/0x310 [ 63.485365] ret_from_fork+0x41/0x80 [ 63.485891] ret_from_fork_asm+0x1a/0x30 [ 63.486484] [ 63.486663] kfence-#184: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 63.486663] [ 63.487647] allocated by task 345 on cpu 0 at 63.480005s (0.007637s ago): [ 63.488483] test_alloc+0x35f/0x10d0 [ 63.488875] test_krealloc+0xae/0xbe0 [ 63.489299] kunit_try_run_case+0x1b3/0x490 [ 63.489797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.490378] kthread+0x257/0x310 [ 63.490812] ret_from_fork+0x41/0x80 [ 63.491177] ret_from_fork_asm+0x1a/0x30 [ 63.491466] [ 63.491767] freed by task 345 on cpu 0 at 63.480536s (0.011227s ago): [ 63.492852] krealloc_noprof+0x108/0x340 [ 63.493521] test_krealloc+0x227/0xbe0 [ 63.493933] kunit_try_run_case+0x1b3/0x490 [ 63.494471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.495062] kthread+0x257/0x310 [ 63.495394] ret_from_fork+0x41/0x80 [ 63.496029] ret_from_fork_asm+0x1a/0x30 [ 63.496435] [ 63.496634] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 63.497620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.498394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.499312] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 63.388961] ================================================================== [ 63.389626] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.389626] [ 63.390659] Use-after-free read at 0x(____ptrval____) (in kfence-#183): [ 63.392052] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.392538] kunit_try_run_case+0x1b3/0x490 [ 63.392880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.393498] kthread+0x257/0x310 [ 63.394201] ret_from_fork+0x41/0x80 [ 63.395009] ret_from_fork_asm+0x1a/0x30 [ 63.395577] [ 63.395821] kfence-#183: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 63.395821] [ 63.396662] allocated by task 343 on cpu 0 at 63.376863s (0.019778s ago): [ 63.397376] test_alloc+0x2a7/0x10d0 [ 63.397952] test_memcache_typesafe_by_rcu+0x170/0x670 [ 63.399004] kunit_try_run_case+0x1b3/0x490 [ 63.399714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.400628] kthread+0x257/0x310 [ 63.400994] ret_from_fork+0x41/0x80 [ 63.401949] ret_from_fork_asm+0x1a/0x30 [ 63.402589] [ 63.402895] freed by task 343 on cpu 0 at 63.377029s (0.025862s ago): [ 63.403424] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 63.403882] kunit_try_run_case+0x1b3/0x490 [ 63.404326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.404961] kthread+0x257/0x310 [ 63.405452] ret_from_fork+0x41/0x80 [ 63.405794] ret_from_fork_asm+0x1a/0x30 [ 63.406285] [ 63.406476] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 63.407478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.407801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.408710] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 39.578731] ================================================================== [ 39.579627] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 39.579627] [ 39.581393] Invalid read at 0x(____ptrval____): [ 39.581993] test_invalid_access+0xf1/0x210 [ 39.582575] kunit_try_run_case+0x1b3/0x490 [ 39.583144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.583976] kthread+0x257/0x310 [ 39.584619] ret_from_fork+0x41/0x80 [ 39.585162] ret_from_fork_asm+0x1a/0x30 [ 39.585962] [ 39.586357] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 39.587449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.588376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.589425] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 39.352152] ================================================================== [ 39.352904] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.352904] [ 39.353777] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#179): [ 39.355431] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.356038] kunit_try_run_case+0x1b3/0x490 [ 39.356514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.357079] kthread+0x257/0x310 [ 39.357786] ret_from_fork+0x41/0x80 [ 39.358294] ret_from_fork_asm+0x1a/0x30 [ 39.358930] [ 39.359166] kfence-#179: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.359166] [ 39.360253] allocated by task 333 on cpu 0 at 39.351813s (0.008437s ago): [ 39.360806] test_alloc+0x35f/0x10d0 [ 39.361314] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 39.361936] kunit_try_run_case+0x1b3/0x490 [ 39.362325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.363070] kthread+0x257/0x310 [ 39.363337] ret_from_fork+0x41/0x80 [ 39.363831] ret_from_fork_asm+0x1a/0x30 [ 39.364278] [ 39.364539] freed by task 333 on cpu 0 at 39.352015s (0.012520s ago): [ 39.365120] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.365756] kunit_try_run_case+0x1b3/0x490 [ 39.366053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.366968] kthread+0x257/0x310 [ 39.367311] ret_from_fork+0x41/0x80 [ 39.367883] ret_from_fork_asm+0x1a/0x30 [ 39.368461] [ 39.368658] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 39.369985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.370413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.371554] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 219.155508] WARNING: CPU: 1 PID: 2242 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 219.156306] Modules linked in: [ 219.156663] CPU: 1 UID: 0 PID: 2242 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241204 #1 [ 219.159475] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 219.161001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 219.162217] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 219.162720] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 219.163985] RSP: 0000:ffff8881047c7ce8 EFLAGS: 00010286 [ 219.165170] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 219.166607] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb960aac0 [ 219.167286] RBP: ffff8881047c7d10 R08: 0000000000000000 R09: ffffed1020885720 [ 219.168225] R10: ffff88810442b907 R11: 0000000000000000 R12: ffffffffb960aaa8 [ 219.169912] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881047c7da8 [ 219.171391] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 219.172257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.173206] CR2: 00007ffff7ffe000 CR3: 0000000175ab8000 CR4: 00000000000006f0 [ 219.174181] DR0: ffffffffbb5ed160 DR1: ffffffffbb5ed161 DR2: ffffffffbb5ed163 [ 219.175504] DR3: ffffffffbb5ed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 219.176743] Call Trace: [ 219.176991] <TASK> [ 219.177217] ? show_regs+0x68/0x80 [ 219.178301] ? __warn+0xd5/0x260 [ 219.178877] ? drm_rect_calc_hscale+0x125/0x190 [ 219.179659] ? report_bug+0x278/0x2e0 [ 219.180166] ? handle_bug+0x5c/0xb0 [ 219.180776] ? exc_invalid_op+0x1c/0x50 [ 219.181569] ? asm_exc_invalid_op+0x1f/0x30 [ 219.182607] ? drm_rect_calc_hscale+0x125/0x190 [ 219.183305] drm_test_rect_calc_hscale+0x109/0x270 [ 219.183922] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 219.184757] ? __schedule+0xc3e/0x2790 [ 219.185217] ? __pfx_read_tsc+0x10/0x10 [ 219.186082] ? ktime_get_ts64+0x86/0x230 [ 219.186723] kunit_try_run_case+0x1b3/0x490 [ 219.187499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.188103] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 219.188643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 219.189314] ? __kthread_parkme+0x82/0x160 [ 219.190244] ? preempt_count_sub+0x50/0x80 [ 219.190700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.191464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 219.192000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 219.192569] kthread+0x257/0x310 [ 219.193054] ? __pfx_kthread+0x10/0x10 [ 219.193878] ret_from_fork+0x41/0x80 [ 219.194418] ? __pfx_kthread+0x10/0x10 [ 219.194741] ret_from_fork_asm+0x1a/0x30 [ 219.195240] </TASK> [ 219.195699] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 219.203485] WARNING: CPU: 0 PID: 2244 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 219.204166] Modules linked in: [ 219.204788] CPU: 0 UID: 0 PID: 2244 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241204 #1 [ 219.206516] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 219.207355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 219.208208] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 219.209205] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 219.211290] RSP: 0000:ffff888104b47ce8 EFLAGS: 00010286 [ 219.211853] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 219.213120] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb960aaf8 [ 219.214263] RBP: ffff888104b47d10 R08: 0000000000000000 R09: ffffed102048e920 [ 219.215085] R10: ffff888102474907 R11: 0000000000000000 R12: ffffffffb960aae0 [ 219.215855] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104b47da8 [ 219.217418] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 219.217855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.218414] CR2: 00007ffff7ffe000 CR3: 0000000175ab8000 CR4: 00000000000006f0 [ 219.219771] DR0: ffffffffbb5ed160 DR1: ffffffffbb5ed161 DR2: ffffffffbb5ed162 [ 219.221044] DR3: ffffffffbb5ed163 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 219.221924] Call Trace: [ 219.222487] <TASK> [ 219.222870] ? show_regs+0x68/0x80 [ 219.223787] ? __warn+0xd5/0x260 [ 219.224221] ? drm_rect_calc_hscale+0x125/0x190 [ 219.225177] ? report_bug+0x278/0x2e0 [ 219.225795] ? handle_bug+0x5c/0xb0 [ 219.226509] ? exc_invalid_op+0x1c/0x50 [ 219.227499] ? asm_exc_invalid_op+0x1f/0x30 [ 219.228702] ? drm_rect_calc_hscale+0x125/0x190 [ 219.229838] drm_test_rect_calc_hscale+0x109/0x270 [ 219.231189] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 219.231879] ? __schedule+0xc3e/0x2790 [ 219.232278] ? __pfx_read_tsc+0x10/0x10 [ 219.232942] ? ktime_get_ts64+0x86/0x230 [ 219.234010] kunit_try_run_case+0x1b3/0x490 [ 219.234455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.235026] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 219.235629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 219.236597] ? __kthread_parkme+0x82/0x160 [ 219.236899] ? preempt_count_sub+0x50/0x80 [ 219.237661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 219.238223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 219.239431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 219.240124] kthread+0x257/0x310 [ 219.241162] ? __pfx_kthread+0x10/0x10 [ 219.241965] ret_from_fork+0x41/0x80 [ 219.242397] ? __pfx_kthread+0x10/0x10 [ 219.243113] ret_from_fork_asm+0x1a/0x30 [ 219.243798] </TASK> [ 219.244301] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 217.556432] WARNING: CPU: 0 PID: 2050 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 217.557745] Modules linked in: [ 217.558588] CPU: 0 UID: 0 PID: 2050 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241204 #1 [ 217.560365] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 217.561584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 217.562197] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 217.563606] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 217.565145] RSP: 0000:ffff88810418fba0 EFLAGS: 00010246 [ 217.565669] RAX: dffffc0000000000 RBX: ffff88810418fc98 RCX: 0000000000000000 [ 217.566415] RDX: 1ffff11020831f9c RSI: ffff88810418fc98 RDI: ffff88810418fce0 [ 217.567305] RBP: ffff88810418fbe0 R08: ffff888105974000 R09: ffffffffb95b7680 [ 217.568326] R10: 0000000000000003 R11: 00000000cb13849e R12: ffff888105974000 [ 217.569528] R13: ffff888100317b20 R14: ffff88810418fc18 R15: ffff88810418fe28 [ 217.570062] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 217.571116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.572068] CR2: 00007ffff7ffe000 CR3: 0000000175ab8000 CR4: 00000000000006f0 [ 217.573068] DR0: ffffffffbb5ed160 DR1: ffffffffbb5ed161 DR2: ffffffffbb5ed162 [ 217.573766] DR3: ffffffffbb5ed163 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 217.574141] Call Trace: [ 217.575505] <TASK> [ 217.575719] ? show_regs+0x68/0x80 [ 217.576359] ? __warn+0xd5/0x260 [ 217.577700] ? drm_framebuffer_init+0x44/0x300 [ 217.578185] ? report_bug+0x278/0x2e0 [ 217.578726] ? handle_bug+0x5c/0xb0 [ 217.579379] ? exc_invalid_op+0x1c/0x50 [ 217.580038] ? asm_exc_invalid_op+0x1f/0x30 [ 217.581645] ? drm_framebuffer_init+0x44/0x300 [ 217.582128] ? add_dr+0xc1/0x1d0 [ 217.583208] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 217.584113] ? add_dr+0x148/0x1d0 [ 217.584579] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 217.585127] ? __drmm_add_action+0x1a4/0x280 [ 217.586136] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 217.587081] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 217.587922] ? __drmm_add_action_or_reset+0x22/0x50 [ 217.588424] ? __schedule+0xc3e/0x2790 [ 217.588767] ? __pfx_read_tsc+0x10/0x10 [ 217.589123] ? ktime_get_ts64+0x86/0x230 [ 217.589643] kunit_try_run_case+0x1b3/0x490 [ 217.590375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 217.592120] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 217.592715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 217.593453] ? __kthread_parkme+0x82/0x160 [ 217.594093] ? preempt_count_sub+0x50/0x80 [ 217.594607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 217.596005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 217.597473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 217.598188] kthread+0x257/0x310 [ 217.598582] ? __pfx_kthread+0x10/0x10 [ 217.599014] ret_from_fork+0x41/0x80 [ 217.599279] ? __pfx_kthread+0x10/0x10 [ 217.601554] ret_from_fork_asm+0x1a/0x30 [ 217.602807] </TASK> [ 217.603342] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 217.479403] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 217.481159] WARNING: CPU: 0 PID: 2046 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 217.483087] Modules linked in: [ 217.483847] CPU: 0 UID: 0 PID: 2046 Comm: kunit_try_catch Tainted: G B D N 6.13.0-rc1-next-20241204 #1 [ 217.485086] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 217.485819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 217.487067] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 217.487868] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 14 49 80 00 48 c7 c1 80 26 5b b9 4c 89 fa 48 c7 c7 e0 26 5b b9 48 89 c6 e8 eb 08 87 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 217.489669] RSP: 0000:ffff88810418fbd8 EFLAGS: 00010282 [ 217.490589] RAX: 0000000000000000 RBX: ffff88810418fcb0 RCX: 1ffffffff7464254 [ 217.491313] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 217.492414] RBP: ffff88810418fc00 R08: 0000000000000000 R09: fffffbfff7464254 [ 217.493106] R10: 0000000000000003 R11: 0000000000026ba0 R12: ffff88810418fc88 [ 217.493909] R13: ffff888102fa0000 R14: ffff888105972000 R15: ffff888102fd3780 [ 217.494736] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 217.495665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.496246] CR2: 00007ffff7ffe000 CR3: 0000000175ab8000 CR4: 00000000000006f0 [ 217.497009] DR0: ffffffffbb5ed160 DR1: ffffffffbb5ed161 DR2: ffffffffbb5ed162 [ 217.497936] DR3: ffffffffbb5ed163 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 217.498770] Call Trace: [ 217.499131] <TASK> [ 217.499468] ? show_regs+0x68/0x80 [ 217.500111] ? __warn+0xd5/0x260 [ 217.500855] ? drm_framebuffer_free+0x136/0x1b0 [ 217.501583] ? report_bug+0x278/0x2e0 [ 217.502144] ? drm_framebuffer_free+0x137/0x1b0 [ 217.503157] ? handle_bug+0x5c/0xb0 [ 217.503958] ? exc_invalid_op+0x1c/0x50 [ 217.505049] ? asm_exc_invalid_op+0x1f/0x30 [ 217.505398] ? drm_framebuffer_free+0x136/0x1b0 [ 217.506579] ? drm_framebuffer_free+0x135/0x1b0 [ 217.507496] drm_test_framebuffer_free+0x1ac/0x610 [ 217.508066] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 217.509144] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 217.509759] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 217.510501] ? __drmm_add_action_or_reset+0x22/0x50 [ 217.511578] ? __schedule+0xc3e/0x2790 [ 217.511988] ? __pfx_read_tsc+0x10/0x10 [ 217.512408] ? ktime_get_ts64+0x86/0x230 [ 217.513496] kunit_try_run_case+0x1b3/0x490 [ 217.514018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 217.514386] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 217.515550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 217.515797] ? __kthread_parkme+0x82/0x160 [ 217.516031] ? preempt_count_sub+0x50/0x80 [ 217.516371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 217.516763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 217.517614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 217.518887] kthread+0x257/0x310 [ 217.519605] ? __pfx_kthread+0x10/0x10 [ 217.520110] ret_from_fork+0x41/0x80 [ 217.520615] ? __pfx_kthread+0x10/0x10 [ 217.521047] ret_from_fork_asm+0x1a/0x30 [ 217.521637] </TASK> [ 217.522196] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.040187] ================================================================== [ 39.040927] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.040927] [ 39.041914] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#176): [ 39.043109] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.043703] kunit_try_run_case+0x1b3/0x490 [ 39.044488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.045160] kthread+0x257/0x310 [ 39.045829] ret_from_fork+0x41/0x80 [ 39.046467] ret_from_fork_asm+0x1a/0x30 [ 39.046914] [ 39.047151] kfence-#176: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.047151] [ 39.048405] allocated by task 331 on cpu 1 at 39.039855s (0.008546s ago): [ 39.048841] test_alloc+0x35f/0x10d0 [ 39.049488] test_kmalloc_aligned_oob_read+0x106/0x570 [ 39.050288] kunit_try_run_case+0x1b3/0x490 [ 39.050748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.051250] kthread+0x257/0x310 [ 39.051670] ret_from_fork+0x41/0x80 [ 39.052211] ret_from_fork_asm+0x1a/0x30 [ 39.052634] [ 39.052851] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 39.054292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.054818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.055645] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 33.528089] ================================================================== [ 33.528971] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 33.528971] [ 33.529517] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#123): [ 33.530417] test_corruption+0x217/0x3e0 [ 33.530914] kunit_try_run_case+0x1b3/0x490 [ 33.531315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.531735] kthread+0x257/0x310 [ 33.532199] ret_from_fork+0x41/0x80 [ 33.532770] ret_from_fork_asm+0x1a/0x30 [ 33.533080] [ 33.533389] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.533389] [ 33.534138] allocated by task 321 on cpu 1 at 33.527873s (0.006260s ago): [ 33.535004] test_alloc+0x2a7/0x10d0 [ 33.535443] test_corruption+0x1cc/0x3e0 [ 33.535778] kunit_try_run_case+0x1b3/0x490 [ 33.536131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.536683] kthread+0x257/0x310 [ 33.537163] ret_from_fork+0x41/0x80 [ 33.537567] ret_from_fork_asm+0x1a/0x30 [ 33.538011] [ 33.538258] freed by task 321 on cpu 1 at 33.527986s (0.010268s ago): [ 33.538676] test_corruption+0x217/0x3e0 [ 33.539031] kunit_try_run_case+0x1b3/0x490 [ 33.539531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.540468] kthread+0x257/0x310 [ 33.540811] ret_from_fork+0x41/0x80 [ 33.541112] ret_from_fork_asm+0x1a/0x30 [ 33.541824] [ 33.542102] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 33.543265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.543654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.544302] ================================================================== [ 33.112224] ================================================================== [ 33.112984] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 33.112984] [ 33.113699] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#119): [ 33.115359] test_corruption+0x2d4/0x3e0 [ 33.115713] kunit_try_run_case+0x1b3/0x490 [ 33.116130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.116683] kthread+0x257/0x310 [ 33.117003] ret_from_fork+0x41/0x80 [ 33.117453] ret_from_fork_asm+0x1a/0x30 [ 33.118057] [ 33.118226] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.118226] [ 33.119014] allocated by task 319 on cpu 1 at 33.111887s (0.007122s ago): [ 33.119591] test_alloc+0x35f/0x10d0 [ 33.120161] test_corruption+0xe7/0x3e0 [ 33.120733] kunit_try_run_case+0x1b3/0x490 [ 33.121089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.121713] kthread+0x257/0x310 [ 33.122213] ret_from_fork+0x41/0x80 [ 33.122785] ret_from_fork_asm+0x1a/0x30 [ 33.123172] [ 33.123394] freed by task 319 on cpu 1 at 33.112020s (0.011369s ago): [ 33.123835] test_corruption+0x2d4/0x3e0 [ 33.124307] kunit_try_run_case+0x1b3/0x490 [ 33.124799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.125226] kthread+0x257/0x310 [ 33.125618] ret_from_fork+0x41/0x80 [ 33.125928] ret_from_fork_asm+0x1a/0x30 [ 33.126223] [ 33.126521] CPU: 1 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 33.127906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.128196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.129156] ================================================================== [ 33.320192] ================================================================== [ 33.320892] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 33.320892] [ 33.321456] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#121): [ 33.322012] test_corruption+0x2e1/0x3e0 [ 33.322275] kunit_try_run_case+0x1b3/0x490 [ 33.322573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.323349] kthread+0x257/0x310 [ 33.323905] ret_from_fork+0x41/0x80 [ 33.324406] ret_from_fork_asm+0x1a/0x30 [ 33.324703] [ 33.324864] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.324864] [ 33.326118] allocated by task 319 on cpu 1 at 33.319804s (0.006309s ago): [ 33.326853] test_alloc+0x35f/0x10d0 [ 33.327188] test_corruption+0x1cc/0x3e0 [ 33.327817] kunit_try_run_case+0x1b3/0x490 [ 33.328278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.329017] kthread+0x257/0x310 [ 33.329430] ret_from_fork+0x41/0x80 [ 33.329883] ret_from_fork_asm+0x1a/0x30 [ 33.330464] [ 33.330701] freed by task 319 on cpu 1 at 33.319980s (0.010717s ago): [ 33.331474] test_corruption+0x2e1/0x3e0 [ 33.331796] kunit_try_run_case+0x1b3/0x490 [ 33.332276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.332971] kthread+0x257/0x310 [ 33.333379] ret_from_fork+0x41/0x80 [ 33.333862] ret_from_fork_asm+0x1a/0x30 [ 33.334429] [ 33.334770] CPU: 1 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 33.335745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.336273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.337145] ================================================================== [ 33.424087] ================================================================== [ 33.424607] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 33.424607] [ 33.425021] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#122): [ 33.426464] test_corruption+0x132/0x3e0 [ 33.427018] kunit_try_run_case+0x1b3/0x490 [ 33.427593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.428202] kthread+0x257/0x310 [ 33.428626] ret_from_fork+0x41/0x80 [ 33.429148] ret_from_fork_asm+0x1a/0x30 [ 33.429687] [ 33.429963] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.429963] [ 33.430917] allocated by task 321 on cpu 1 at 33.423875s (0.007038s ago): [ 33.431618] test_alloc+0x2a7/0x10d0 [ 33.432066] test_corruption+0xe7/0x3e0 [ 33.432703] kunit_try_run_case+0x1b3/0x490 [ 33.433076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.433691] kthread+0x257/0x310 [ 33.434232] ret_from_fork+0x41/0x80 [ 33.434623] ret_from_fork_asm+0x1a/0x30 [ 33.435092] [ 33.435256] freed by task 321 on cpu 1 at 33.423984s (0.011269s ago): [ 33.436075] test_corruption+0x132/0x3e0 [ 33.436608] kunit_try_run_case+0x1b3/0x490 [ 33.437094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.437550] kthread+0x257/0x310 [ 33.438066] ret_from_fork+0x41/0x80 [ 33.438626] ret_from_fork_asm+0x1a/0x30 [ 33.438992] [ 33.439340] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 33.440259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.440669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.441452] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 32.904062] ================================================================== [ 32.904761] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 32.904761] [ 32.905666] Invalid free of 0x(____ptrval____) (in kfence-#117): [ 32.906024] test_invalid_addr_free+0xfc/0x260 [ 32.906237] kunit_try_run_case+0x1b3/0x490 [ 32.906610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.907238] kthread+0x257/0x310 [ 32.907759] ret_from_fork+0x41/0x80 [ 32.908220] ret_from_fork_asm+0x1a/0x30 [ 32.908507] [ 32.908723] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.908723] [ 32.910499] allocated by task 317 on cpu 0 at 32.903895s (0.006599s ago): [ 32.911234] test_alloc+0x2a7/0x10d0 [ 32.911700] test_invalid_addr_free+0xdc/0x260 [ 32.912196] kunit_try_run_case+0x1b3/0x490 [ 32.912878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.913608] kthread+0x257/0x310 [ 32.914012] ret_from_fork+0x41/0x80 [ 32.914331] ret_from_fork_asm+0x1a/0x30 [ 32.914815] [ 32.915122] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.915999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.916406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.917170] ================================================================== [ 32.800083] ================================================================== [ 32.800878] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 32.800878] [ 32.801579] Invalid free of 0x(____ptrval____) (in kfence-#116): [ 32.802230] test_invalid_addr_free+0x1e3/0x260 [ 32.802753] kunit_try_run_case+0x1b3/0x490 [ 32.803355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.804102] kthread+0x257/0x310 [ 32.804704] ret_from_fork+0x41/0x80 [ 32.805136] ret_from_fork_asm+0x1a/0x30 [ 32.805559] [ 32.805719] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.805719] [ 32.806703] allocated by task 315 on cpu 1 at 32.799890s (0.006809s ago): [ 32.807174] test_alloc+0x35f/0x10d0 [ 32.807986] test_invalid_addr_free+0xdc/0x260 [ 32.808328] kunit_try_run_case+0x1b3/0x490 [ 32.808862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.809520] kthread+0x257/0x310 [ 32.810070] ret_from_fork+0x41/0x80 [ 32.810505] ret_from_fork_asm+0x1a/0x30 [ 32.810933] [ 32.811266] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.812169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.812452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.813773] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 32.696077] ================================================================== [ 32.696727] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 32.696727] [ 32.697378] Invalid free of 0x(____ptrval____) (in kfence-#115): [ 32.697878] test_double_free+0x113/0x260 [ 32.698286] kunit_try_run_case+0x1b3/0x490 [ 32.698732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.699619] kthread+0x257/0x310 [ 32.700304] ret_from_fork+0x41/0x80 [ 32.700944] ret_from_fork_asm+0x1a/0x30 [ 32.701626] [ 32.701793] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.701793] [ 32.702787] allocated by task 313 on cpu 0 at 32.695832s (0.006951s ago): [ 32.703559] test_alloc+0x2a7/0x10d0 [ 32.703998] test_double_free+0xdc/0x260 [ 32.704449] kunit_try_run_case+0x1b3/0x490 [ 32.705015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.705430] kthread+0x257/0x310 [ 32.705976] ret_from_fork+0x41/0x80 [ 32.706471] ret_from_fork_asm+0x1a/0x30 [ 32.706835] [ 32.707081] freed by task 313 on cpu 0 at 32.695921s (0.011156s ago): [ 32.707641] test_double_free+0xfb/0x260 [ 32.708197] kunit_try_run_case+0x1b3/0x490 [ 32.708671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.709301] kthread+0x257/0x310 [ 32.709715] ret_from_fork+0x41/0x80 [ 32.710182] ret_from_fork_asm+0x1a/0x30 [ 32.710707] [ 32.711015] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.712052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.712608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.713477] ================================================================== [ 32.592438] ================================================================== [ 32.593157] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 32.593157] [ 32.594857] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 32.595995] test_double_free+0x1d5/0x260 [ 32.596819] kunit_try_run_case+0x1b3/0x490 [ 32.597607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.598144] kthread+0x257/0x310 [ 32.598880] ret_from_fork+0x41/0x80 [ 32.599274] ret_from_fork_asm+0x1a/0x30 [ 32.600097] [ 32.600566] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.600566] [ 32.601892] allocated by task 311 on cpu 1 at 32.591998s (0.009891s ago): [ 32.602995] test_alloc+0x35f/0x10d0 [ 32.603587] test_double_free+0xdc/0x260 [ 32.603992] kunit_try_run_case+0x1b3/0x490 [ 32.604778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.605586] kthread+0x257/0x310 [ 32.606019] ret_from_fork+0x41/0x80 [ 32.606511] ret_from_fork_asm+0x1a/0x30 [ 32.606964] [ 32.607430] freed by task 311 on cpu 1 at 32.592076s (0.015349s ago): [ 32.608148] test_double_free+0x1e2/0x260 [ 32.608830] kunit_try_run_case+0x1b3/0x490 [ 32.609398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.610482] kthread+0x257/0x310 [ 32.610880] ret_from_fork+0x41/0x80 [ 32.611270] ret_from_fork_asm+0x1a/0x30 [ 32.611749] [ 32.612049] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.613706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.614024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.615140] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 32.176168] ================================================================== [ 32.176978] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 32.176978] [ 32.177694] Use-after-free read at 0x(____ptrval____) (in kfence-#110): [ 32.178535] test_use_after_free_read+0x12a/0x270 [ 32.178963] kunit_try_run_case+0x1b3/0x490 [ 32.179498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.180008] kthread+0x257/0x310 [ 32.180457] ret_from_fork+0x41/0x80 [ 32.180897] ret_from_fork_asm+0x1a/0x30 [ 32.181293] [ 32.181622] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.181622] [ 32.182353] allocated by task 303 on cpu 0 at 32.175843s (0.006490s ago): [ 32.183147] test_alloc+0x35f/0x10d0 [ 32.183573] test_use_after_free_read+0xdd/0x270 [ 32.184100] kunit_try_run_case+0x1b3/0x490 [ 32.184663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.185026] kthread+0x257/0x310 [ 32.185699] ret_from_fork+0x41/0x80 [ 32.186144] ret_from_fork_asm+0x1a/0x30 [ 32.186611] [ 32.187135] freed by task 303 on cpu 0 at 32.175950s (0.011005s ago): [ 32.187804] test_use_after_free_read+0x1e9/0x270 [ 32.188200] kunit_try_run_case+0x1b3/0x490 [ 32.188826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.189571] kthread+0x257/0x310 [ 32.190071] ret_from_fork+0x41/0x80 [ 32.190517] ret_from_fork_asm+0x1a/0x30 [ 32.190979] [ 32.191262] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.192026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.192796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.193748] ================================================================== [ 32.280050] ================================================================== [ 32.280555] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 32.280555] [ 32.281030] Use-after-free read at 0x(____ptrval____) (in kfence-#111): [ 32.281794] test_use_after_free_read+0x12a/0x270 [ 32.282485] kunit_try_run_case+0x1b3/0x490 [ 32.282971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.283483] kthread+0x257/0x310 [ 32.283885] ret_from_fork+0x41/0x80 [ 32.284444] ret_from_fork_asm+0x1a/0x30 [ 32.284845] [ 32.285060] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.285060] [ 32.286082] allocated by task 305 on cpu 0 at 32.279838s (0.006240s ago): [ 32.286567] test_alloc+0x2a7/0x10d0 [ 32.287085] test_use_after_free_read+0xdd/0x270 [ 32.287678] kunit_try_run_case+0x1b3/0x490 [ 32.287984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.288679] kthread+0x257/0x310 [ 32.289165] ret_from_fork+0x41/0x80 [ 32.289646] ret_from_fork_asm+0x1a/0x30 [ 32.290149] [ 32.290433] freed by task 305 on cpu 0 at 32.279917s (0.010512s ago): [ 32.291030] test_use_after_free_read+0xfc/0x270 [ 32.291518] kunit_try_run_case+0x1b3/0x490 [ 32.292027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.292429] kthread+0x257/0x310 [ 32.292681] ret_from_fork+0x41/0x80 [ 32.293190] ret_from_fork_asm+0x1a/0x30 [ 32.293816] [ 32.294110] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.295121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.295509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.296363] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 32.071920] ================================================================== [ 32.072690] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 32.072690] [ 32.074153] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#109): [ 32.074588] test_out_of_bounds_write+0x10e/0x260 [ 32.075646] kunit_try_run_case+0x1b3/0x490 [ 32.076039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.076614] kthread+0x257/0x310 [ 32.076991] ret_from_fork+0x41/0x80 [ 32.077277] ret_from_fork_asm+0x1a/0x30 [ 32.078083] [ 32.078485] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.078485] [ 32.079931] allocated by task 301 on cpu 0 at 32.071835s (0.008092s ago): [ 32.080933] test_alloc+0x2a7/0x10d0 [ 32.081389] test_out_of_bounds_write+0xd5/0x260 [ 32.081928] kunit_try_run_case+0x1b3/0x490 [ 32.082638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.083137] kthread+0x257/0x310 [ 32.083604] ret_from_fork+0x41/0x80 [ 32.084031] ret_from_fork_asm+0x1a/0x30 [ 32.084461] [ 32.084738] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 32.085599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.086165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.086997] ================================================================== [ 31.968040] ================================================================== [ 31.968721] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 31.968721] [ 31.969475] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#108): [ 31.970187] test_out_of_bounds_write+0x10e/0x260 [ 31.970608] kunit_try_run_case+0x1b3/0x490 [ 31.972049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.972790] kthread+0x257/0x310 [ 31.973356] ret_from_fork+0x41/0x80 [ 31.973899] ret_from_fork_asm+0x1a/0x30 [ 31.974573] [ 31.974864] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.974864] [ 31.975594] allocated by task 299 on cpu 1 at 31.967855s (0.007735s ago): [ 31.976319] test_alloc+0x35f/0x10d0 [ 31.976806] test_out_of_bounds_write+0xd5/0x260 [ 31.977307] kunit_try_run_case+0x1b3/0x490 [ 31.977765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.978357] kthread+0x257/0x310 [ 31.978821] ret_from_fork+0x41/0x80 [ 31.979310] ret_from_fork_asm+0x1a/0x30 [ 31.979825] [ 31.980116] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 31.980905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.981495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.982500] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 31.344135] ================================================================== [ 31.344857] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 31.344857] [ 31.345602] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#102): [ 31.346331] test_out_of_bounds_read+0x217/0x4e0 [ 31.346821] kunit_try_run_case+0x1b3/0x490 [ 31.347228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.347587] kthread+0x257/0x310 [ 31.347877] ret_from_fork+0x41/0x80 [ 31.348333] ret_from_fork_asm+0x1a/0x30 [ 31.348880] [ 31.349135] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.349135] [ 31.350048] allocated by task 295 on cpu 1 at 31.343852s (0.006192s ago): [ 31.350517] test_alloc+0x35f/0x10d0 [ 31.350806] test_out_of_bounds_read+0x1e3/0x4e0 [ 31.351645] kunit_try_run_case+0x1b3/0x490 [ 31.352171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.352635] kthread+0x257/0x310 [ 31.353202] ret_from_fork+0x41/0x80 [ 31.353676] ret_from_fork_asm+0x1a/0x30 [ 31.354105] [ 31.354322] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 31.354917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.355509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.356443] ================================================================== [ 31.759854] ================================================================== [ 31.760666] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 31.760666] [ 31.761428] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#106): [ 31.762194] test_out_of_bounds_read+0x127/0x4e0 [ 31.762843] kunit_try_run_case+0x1b3/0x490 [ 31.763149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.763754] kthread+0x257/0x310 [ 31.764320] ret_from_fork+0x41/0x80 [ 31.764815] ret_from_fork_asm+0x1a/0x30 [ 31.765897] [ 31.766090] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.766090] [ 31.767549] allocated by task 297 on cpu 0 at 31.759763s (0.007782s ago): [ 31.768098] test_alloc+0x2a7/0x10d0 [ 31.768788] test_out_of_bounds_read+0xee/0x4e0 [ 31.769987] kunit_try_run_case+0x1b3/0x490 [ 31.770662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.771448] kthread+0x257/0x310 [ 31.772007] ret_from_fork+0x41/0x80 [ 31.772385] ret_from_fork_asm+0x1a/0x30 [ 31.772868] [ 31.773119] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 31.773999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.774498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.775047] ================================================================== [ 31.863913] ================================================================== [ 31.864667] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 31.864667] [ 31.865726] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#107): [ 31.866179] test_out_of_bounds_read+0x217/0x4e0 [ 31.867233] kunit_try_run_case+0x1b3/0x490 [ 31.868232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.869041] kthread+0x257/0x310 [ 31.869403] ret_from_fork+0x41/0x80 [ 31.869822] ret_from_fork_asm+0x1a/0x30 [ 31.870592] [ 31.870842] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.870842] [ 31.872055] allocated by task 297 on cpu 0 at 31.863832s (0.008219s ago): [ 31.872857] test_alloc+0x2a7/0x10d0 [ 31.873231] test_out_of_bounds_read+0x1e3/0x4e0 [ 31.873766] kunit_try_run_case+0x1b3/0x490 [ 31.874775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.875368] kthread+0x257/0x310 [ 31.875950] ret_from_fork+0x41/0x80 [ 31.876338] ret_from_fork_asm+0x1a/0x30 [ 31.876934] [ 31.877264] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 31.878668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.879312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.880169] ================================================================== [ 31.241366] ================================================================== [ 31.242169] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 31.242169] [ 31.242869] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#101): [ 31.243981] test_out_of_bounds_read+0x127/0x4e0 [ 31.244549] kunit_try_run_case+0x1b3/0x490 [ 31.244994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.245337] kthread+0x257/0x310 [ 31.245846] ret_from_fork+0x41/0x80 [ 31.246208] ret_from_fork_asm+0x1a/0x30 [ 31.246580] [ 31.247136] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.247136] [ 31.248154] allocated by task 295 on cpu 1 at 31.239772s (0.008235s ago): [ 31.249409] test_alloc+0x35f/0x10d0 [ 31.249828] test_out_of_bounds_read+0xee/0x4e0 [ 31.250304] kunit_try_run_case+0x1b3/0x490 [ 31.250828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.251450] kthread+0x257/0x310 [ 31.251736] ret_from_fork+0x41/0x80 [ 31.252181] ret_from_fork_asm+0x1a/0x30 [ 31.252776] [ 31.253120] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 31.253889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.254477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.255143] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 30.883439] ================================================================== [ 30.883966] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 30.884474] Write of size 1 at addr ffff8881029a4b78 by task kunit_try_catch/293 [ 30.884890] [ 30.885110] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.885721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.886001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.886825] Call Trace: [ 30.887035] <TASK> [ 30.887279] dump_stack_lvl+0x73/0xb0 [ 30.887572] print_report+0xd1/0x640 [ 30.887862] ? __virt_addr_valid+0x1db/0x2d0 [ 30.888200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.888561] kasan_report+0x102/0x140 [ 30.888870] ? strncpy_from_user+0x1a7/0x1e0 [ 30.889239] ? strncpy_from_user+0x1a7/0x1e0 [ 30.889553] __asan_report_store1_noabort+0x1b/0x30 [ 30.890239] strncpy_from_user+0x1a7/0x1e0 [ 30.890789] copy_user_test_oob+0x761/0x10f0 [ 30.891376] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.891971] ? finish_task_switch.isra.0+0x153/0x700 [ 30.892620] ? __switch_to+0x5d9/0xf60 [ 30.893276] ? __schedule+0xc3e/0x2790 [ 30.893800] ? __pfx_read_tsc+0x10/0x10 [ 30.894132] ? ktime_get_ts64+0x86/0x230 [ 30.894702] kunit_try_run_case+0x1b3/0x490 [ 30.895349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.895866] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.896387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.896960] ? __kthread_parkme+0x82/0x160 [ 30.897467] ? preempt_count_sub+0x50/0x80 [ 30.897977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.898535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.899221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.899873] kthread+0x257/0x310 [ 30.900203] ? __pfx_kthread+0x10/0x10 [ 30.900493] ret_from_fork+0x41/0x80 [ 30.900798] ? __pfx_kthread+0x10/0x10 [ 30.901127] ret_from_fork_asm+0x1a/0x30 [ 30.901997] </TASK> [ 30.903017] [ 30.903575] Allocated by task 293: [ 30.904147] kasan_save_stack+0x3d/0x60 [ 30.904690] kasan_save_track+0x18/0x40 [ 30.905327] kasan_save_alloc_info+0x3b/0x50 [ 30.905986] __kasan_kmalloc+0xb7/0xc0 [ 30.906498] __kmalloc_noprof+0x1c4/0x500 [ 30.906988] kunit_kmalloc_array+0x25/0x60 [ 30.907507] copy_user_test_oob+0xac/0x10f0 [ 30.908111] kunit_try_run_case+0x1b3/0x490 [ 30.908426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.908906] kthread+0x257/0x310 [ 30.909663] ret_from_fork+0x41/0x80 [ 30.910270] ret_from_fork_asm+0x1a/0x30 [ 30.910847] [ 30.911287] The buggy address belongs to the object at ffff8881029a4b00 [ 30.911287] which belongs to the cache kmalloc-128 of size 128 [ 30.912060] The buggy address is located 0 bytes to the right of [ 30.912060] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.912935] [ 30.913261] The buggy address belongs to the physical page: [ 30.913958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.915477] flags: 0x200000000000000(node=0|zone=2) [ 30.915995] page_type: f5(slab) [ 30.916532] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.917167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.917716] page dumped because: kasan: bad access detected [ 30.918289] [ 30.918521] Memory state around the buggy address: [ 30.919334] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.920325] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.920820] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.921393] ^ [ 30.921980] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.922585] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.923185] ================================================================== [ 30.839567] ================================================================== [ 30.840541] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 30.841315] Write of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.842168] [ 30.842474] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.843506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.844107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.844829] Call Trace: [ 30.845291] <TASK> [ 30.845666] dump_stack_lvl+0x73/0xb0 [ 30.846020] print_report+0xd1/0x640 [ 30.846547] ? __virt_addr_valid+0x1db/0x2d0 [ 30.847043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.847709] kasan_report+0x102/0x140 [ 30.848299] ? strncpy_from_user+0x2e/0x1e0 [ 30.848747] ? strncpy_from_user+0x2e/0x1e0 [ 30.849378] kasan_check_range+0x10c/0x1c0 [ 30.849902] __kasan_check_write+0x18/0x20 [ 30.850370] strncpy_from_user+0x2e/0x1e0 [ 30.850936] copy_user_test_oob+0x761/0x10f0 [ 30.851525] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.852044] ? finish_task_switch.isra.0+0x153/0x700 [ 30.852674] ? __switch_to+0x5d9/0xf60 [ 30.853183] ? __schedule+0xc3e/0x2790 [ 30.853712] ? __pfx_read_tsc+0x10/0x10 [ 30.854296] ? ktime_get_ts64+0x86/0x230 [ 30.854779] kunit_try_run_case+0x1b3/0x490 [ 30.855264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.855921] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.856417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.856948] ? __kthread_parkme+0x82/0x160 [ 30.857562] ? preempt_count_sub+0x50/0x80 [ 30.858206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.858753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.859472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.860197] kthread+0x257/0x310 [ 30.860691] ? __pfx_kthread+0x10/0x10 [ 30.861035] ret_from_fork+0x41/0x80 [ 30.861541] ? __pfx_kthread+0x10/0x10 [ 30.861971] ret_from_fork_asm+0x1a/0x30 [ 30.862593] </TASK> [ 30.862912] [ 30.863260] Allocated by task 293: [ 30.863695] kasan_save_stack+0x3d/0x60 [ 30.864294] kasan_save_track+0x18/0x40 [ 30.864764] kasan_save_alloc_info+0x3b/0x50 [ 30.865406] __kasan_kmalloc+0xb7/0xc0 [ 30.865890] __kmalloc_noprof+0x1c4/0x500 [ 30.866514] kunit_kmalloc_array+0x25/0x60 [ 30.866907] copy_user_test_oob+0xac/0x10f0 [ 30.867444] kunit_try_run_case+0x1b3/0x490 [ 30.867925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.868605] kthread+0x257/0x310 [ 30.868983] ret_from_fork+0x41/0x80 [ 30.869304] ret_from_fork_asm+0x1a/0x30 [ 30.869914] [ 30.870270] The buggy address belongs to the object at ffff8881029a4b00 [ 30.870270] which belongs to the cache kmalloc-128 of size 128 [ 30.871236] The buggy address is located 0 bytes inside of [ 30.871236] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.872535] [ 30.872833] The buggy address belongs to the physical page: [ 30.873385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.874282] flags: 0x200000000000000(node=0|zone=2) [ 30.874840] page_type: f5(slab) [ 30.875290] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.876015] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.876825] page dumped because: kasan: bad access detected [ 30.877338] [ 30.877603] Memory state around the buggy address: [ 30.878047] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.878788] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.879510] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.880183] ^ [ 30.880607] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.881316] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.881983] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 30.660639] ================================================================== [ 30.661285] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 30.661949] Write of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.662603] [ 30.662846] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.663711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.664416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.665338] Call Trace: [ 30.665674] <TASK> [ 30.666005] dump_stack_lvl+0x73/0xb0 [ 30.666395] print_report+0xd1/0x640 [ 30.666750] ? __virt_addr_valid+0x1db/0x2d0 [ 30.667278] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.667696] kasan_report+0x102/0x140 [ 30.668165] ? copy_user_test_oob+0x3fe/0x10f0 [ 30.668780] ? copy_user_test_oob+0x3fe/0x10f0 [ 30.669164] kasan_check_range+0x10c/0x1c0 [ 30.669544] __kasan_check_write+0x18/0x20 [ 30.670193] copy_user_test_oob+0x3fe/0x10f0 [ 30.670592] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.671151] ? finish_task_switch.isra.0+0x153/0x700 [ 30.671702] ? __switch_to+0x5d9/0xf60 [ 30.672022] ? __schedule+0xc3e/0x2790 [ 30.672502] ? __pfx_read_tsc+0x10/0x10 [ 30.673012] ? ktime_get_ts64+0x86/0x230 [ 30.673493] kunit_try_run_case+0x1b3/0x490 [ 30.673920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.674585] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.674991] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.675577] ? __kthread_parkme+0x82/0x160 [ 30.675969] ? preempt_count_sub+0x50/0x80 [ 30.676429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.676780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.677405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.678072] kthread+0x257/0x310 [ 30.678475] ? __pfx_kthread+0x10/0x10 [ 30.678922] ret_from_fork+0x41/0x80 [ 30.679282] ? __pfx_kthread+0x10/0x10 [ 30.679568] ret_from_fork_asm+0x1a/0x30 [ 30.680339] </TASK> [ 30.680761] [ 30.680923] Allocated by task 293: [ 30.681344] kasan_save_stack+0x3d/0x60 [ 30.682109] kasan_save_track+0x18/0x40 [ 30.682483] kasan_save_alloc_info+0x3b/0x50 [ 30.682997] __kasan_kmalloc+0xb7/0xc0 [ 30.683431] __kmalloc_noprof+0x1c4/0x500 [ 30.683748] kunit_kmalloc_array+0x25/0x60 [ 30.684271] copy_user_test_oob+0xac/0x10f0 [ 30.684763] kunit_try_run_case+0x1b3/0x490 [ 30.685070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.685418] kthread+0x257/0x310 [ 30.685774] ret_from_fork+0x41/0x80 [ 30.686267] ret_from_fork_asm+0x1a/0x30 [ 30.686612] [ 30.686800] The buggy address belongs to the object at ffff8881029a4b00 [ 30.686800] which belongs to the cache kmalloc-128 of size 128 [ 30.688066] The buggy address is located 0 bytes inside of [ 30.688066] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.689479] [ 30.689687] The buggy address belongs to the physical page: [ 30.690367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.690845] flags: 0x200000000000000(node=0|zone=2) [ 30.691729] page_type: f5(slab) [ 30.691991] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.693311] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.693791] page dumped because: kasan: bad access detected [ 30.694414] [ 30.694803] Memory state around the buggy address: [ 30.695138] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.695559] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.696340] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.697267] ^ [ 30.698057] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.698596] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.699029] ================================================================== [ 30.793778] ================================================================== [ 30.794499] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 30.796646] Read of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.797936] [ 30.798404] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.799728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.800308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.801148] Call Trace: [ 30.801430] <TASK> [ 30.801871] dump_stack_lvl+0x73/0xb0 [ 30.802538] print_report+0xd1/0x640 [ 30.802974] ? __virt_addr_valid+0x1db/0x2d0 [ 30.803722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.804737] kasan_report+0x102/0x140 [ 30.805489] ? copy_user_test_oob+0x605/0x10f0 [ 30.805892] ? copy_user_test_oob+0x605/0x10f0 [ 30.806342] kasan_check_range+0x10c/0x1c0 [ 30.806764] __kasan_check_read+0x15/0x20 [ 30.807437] copy_user_test_oob+0x605/0x10f0 [ 30.807879] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.808492] ? finish_task_switch.isra.0+0x153/0x700 [ 30.809037] ? __switch_to+0x5d9/0xf60 [ 30.809595] ? __schedule+0xc3e/0x2790 [ 30.810114] ? __pfx_read_tsc+0x10/0x10 [ 30.810437] ? ktime_get_ts64+0x86/0x230 [ 30.810988] kunit_try_run_case+0x1b3/0x490 [ 30.811553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.812040] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.812471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.813145] ? __kthread_parkme+0x82/0x160 [ 30.813720] ? preempt_count_sub+0x50/0x80 [ 30.814235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.814884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.815426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.816002] kthread+0x257/0x310 [ 30.816445] ? __pfx_kthread+0x10/0x10 [ 30.816885] ret_from_fork+0x41/0x80 [ 30.817427] ? __pfx_kthread+0x10/0x10 [ 30.817955] ret_from_fork_asm+0x1a/0x30 [ 30.818463] </TASK> [ 30.818723] [ 30.818973] Allocated by task 293: [ 30.819439] kasan_save_stack+0x3d/0x60 [ 30.819974] kasan_save_track+0x18/0x40 [ 30.820466] kasan_save_alloc_info+0x3b/0x50 [ 30.821152] __kasan_kmalloc+0xb7/0xc0 [ 30.821713] __kmalloc_noprof+0x1c4/0x500 [ 30.822289] kunit_kmalloc_array+0x25/0x60 [ 30.822734] copy_user_test_oob+0xac/0x10f0 [ 30.823232] kunit_try_run_case+0x1b3/0x490 [ 30.823745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.824396] kthread+0x257/0x310 [ 30.824690] ret_from_fork+0x41/0x80 [ 30.825161] ret_from_fork_asm+0x1a/0x30 [ 30.825685] [ 30.825925] The buggy address belongs to the object at ffff8881029a4b00 [ 30.825925] which belongs to the cache kmalloc-128 of size 128 [ 30.827011] The buggy address is located 0 bytes inside of [ 30.827011] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.828230] [ 30.828445] The buggy address belongs to the physical page: [ 30.829013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.829815] flags: 0x200000000000000(node=0|zone=2) [ 30.830427] page_type: f5(slab) [ 30.830773] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.831629] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.832412] page dumped because: kasan: bad access detected [ 30.832937] [ 30.833260] Memory state around the buggy address: [ 30.833715] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.834314] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.835149] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.835795] ^ [ 30.836597] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.837307] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.838017] ================================================================== [ 30.744109] ================================================================== [ 30.745827] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 30.746832] Write of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.747593] [ 30.747793] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.749722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.750673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.751536] Call Trace: [ 30.751849] <TASK> [ 30.752870] dump_stack_lvl+0x73/0xb0 [ 30.753280] print_report+0xd1/0x640 [ 30.753886] ? __virt_addr_valid+0x1db/0x2d0 [ 30.754336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.755178] kasan_report+0x102/0x140 [ 30.755599] ? copy_user_test_oob+0x558/0x10f0 [ 30.756068] ? copy_user_test_oob+0x558/0x10f0 [ 30.756960] kasan_check_range+0x10c/0x1c0 [ 30.757687] __kasan_check_write+0x18/0x20 [ 30.758306] copy_user_test_oob+0x558/0x10f0 [ 30.758897] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.759861] ? finish_task_switch.isra.0+0x153/0x700 [ 30.760716] ? __switch_to+0x5d9/0xf60 [ 30.761091] ? __schedule+0xc3e/0x2790 [ 30.761752] ? __pfx_read_tsc+0x10/0x10 [ 30.762676] ? ktime_get_ts64+0x86/0x230 [ 30.763042] kunit_try_run_case+0x1b3/0x490 [ 30.763967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.765204] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.765864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.766473] ? __kthread_parkme+0x82/0x160 [ 30.766933] ? preempt_count_sub+0x50/0x80 [ 30.767512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.768062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.768980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.769744] kthread+0x257/0x310 [ 30.770392] ? __pfx_kthread+0x10/0x10 [ 30.770975] ret_from_fork+0x41/0x80 [ 30.771276] ? __pfx_kthread+0x10/0x10 [ 30.771985] ret_from_fork_asm+0x1a/0x30 [ 30.772793] </TASK> [ 30.773011] [ 30.773475] Allocated by task 293: [ 30.773798] kasan_save_stack+0x3d/0x60 [ 30.774206] kasan_save_track+0x18/0x40 [ 30.774585] kasan_save_alloc_info+0x3b/0x50 [ 30.774997] __kasan_kmalloc+0xb7/0xc0 [ 30.775368] __kmalloc_noprof+0x1c4/0x500 [ 30.776533] kunit_kmalloc_array+0x25/0x60 [ 30.776911] copy_user_test_oob+0xac/0x10f0 [ 30.777770] kunit_try_run_case+0x1b3/0x490 [ 30.778271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.779189] kthread+0x257/0x310 [ 30.779491] ret_from_fork+0x41/0x80 [ 30.779803] ret_from_fork_asm+0x1a/0x30 [ 30.780329] [ 30.780529] The buggy address belongs to the object at ffff8881029a4b00 [ 30.780529] which belongs to the cache kmalloc-128 of size 128 [ 30.781748] The buggy address is located 0 bytes inside of [ 30.781748] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.782567] [ 30.782844] The buggy address belongs to the physical page: [ 30.783571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.784318] flags: 0x200000000000000(node=0|zone=2) [ 30.784734] page_type: f5(slab) [ 30.785263] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.785945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.786771] page dumped because: kasan: bad access detected [ 30.787321] [ 30.787570] Memory state around the buggy address: [ 30.787992] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.788712] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.789381] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.789913] ^ [ 30.790725] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.791438] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.792170] ================================================================== [ 30.700493] ================================================================== [ 30.701587] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 30.702484] Read of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.703151] [ 30.703384] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.704373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.704718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.705547] Call Trace: [ 30.705807] <TASK> [ 30.706016] dump_stack_lvl+0x73/0xb0 [ 30.706319] print_report+0xd1/0x640 [ 30.706743] ? __virt_addr_valid+0x1db/0x2d0 [ 30.707345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.708270] kasan_report+0x102/0x140 [ 30.708817] ? copy_user_test_oob+0x4ab/0x10f0 [ 30.709427] ? copy_user_test_oob+0x4ab/0x10f0 [ 30.709878] kasan_check_range+0x10c/0x1c0 [ 30.710192] __kasan_check_read+0x15/0x20 [ 30.710494] copy_user_test_oob+0x4ab/0x10f0 [ 30.711470] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.712205] ? finish_task_switch.isra.0+0x153/0x700 [ 30.712825] ? __switch_to+0x5d9/0xf60 [ 30.713341] ? __schedule+0xc3e/0x2790 [ 30.714116] ? __pfx_read_tsc+0x10/0x10 [ 30.714587] ? ktime_get_ts64+0x86/0x230 [ 30.715200] kunit_try_run_case+0x1b3/0x490 [ 30.715765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.716365] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.716835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.717552] ? __kthread_parkme+0x82/0x160 [ 30.718009] ? preempt_count_sub+0x50/0x80 [ 30.718703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.719423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.720197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.720787] kthread+0x257/0x310 [ 30.721242] ? __pfx_kthread+0x10/0x10 [ 30.721551] ret_from_fork+0x41/0x80 [ 30.722186] ? __pfx_kthread+0x10/0x10 [ 30.722486] ret_from_fork_asm+0x1a/0x30 [ 30.723126] </TASK> [ 30.723452] [ 30.723699] Allocated by task 293: [ 30.724015] kasan_save_stack+0x3d/0x60 [ 30.724652] kasan_save_track+0x18/0x40 [ 30.725005] kasan_save_alloc_info+0x3b/0x50 [ 30.725674] __kasan_kmalloc+0xb7/0xc0 [ 30.726248] __kmalloc_noprof+0x1c4/0x500 [ 30.726745] kunit_kmalloc_array+0x25/0x60 [ 30.727140] copy_user_test_oob+0xac/0x10f0 [ 30.727655] kunit_try_run_case+0x1b3/0x490 [ 30.728293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.728695] kthread+0x257/0x310 [ 30.729246] ret_from_fork+0x41/0x80 [ 30.729740] ret_from_fork_asm+0x1a/0x30 [ 30.730264] [ 30.730556] The buggy address belongs to the object at ffff8881029a4b00 [ 30.730556] which belongs to the cache kmalloc-128 of size 128 [ 30.731715] The buggy address is located 0 bytes inside of [ 30.731715] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.733145] [ 30.733389] The buggy address belongs to the physical page: [ 30.733819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.734737] flags: 0x200000000000000(node=0|zone=2) [ 30.735259] page_type: f5(slab) [ 30.735527] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.736498] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.737426] page dumped because: kasan: bad access detected [ 30.737966] [ 30.738248] Memory state around the buggy address: [ 30.738737] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.739509] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.740042] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.740814] ^ [ 30.741399] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.742001] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.742828] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 30.615295] ================================================================== [ 30.615944] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 30.616532] Read of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.617203] [ 30.617460] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.618370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.618811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.619597] Call Trace: [ 30.619901] <TASK> [ 30.620214] dump_stack_lvl+0x73/0xb0 [ 30.620664] print_report+0xd1/0x640 [ 30.620948] ? __virt_addr_valid+0x1db/0x2d0 [ 30.621527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.622122] kasan_report+0x102/0x140 [ 30.622629] ? _copy_to_user+0x4a/0x70 [ 30.623008] ? _copy_to_user+0x4a/0x70 [ 30.623309] kasan_check_range+0x10c/0x1c0 [ 30.623831] __kasan_check_read+0x15/0x20 [ 30.624341] _copy_to_user+0x4a/0x70 [ 30.624651] copy_user_test_oob+0x365/0x10f0 [ 30.625183] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.625568] ? finish_task_switch.isra.0+0x153/0x700 [ 30.626114] ? __switch_to+0x5d9/0xf60 [ 30.626606] ? __schedule+0xc3e/0x2790 [ 30.627132] ? __pfx_read_tsc+0x10/0x10 [ 30.627464] ? ktime_get_ts64+0x86/0x230 [ 30.628014] kunit_try_run_case+0x1b3/0x490 [ 30.628470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.628954] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.629478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.630161] ? __kthread_parkme+0x82/0x160 [ 30.630584] ? preempt_count_sub+0x50/0x80 [ 30.631061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.631539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.632037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.632582] kthread+0x257/0x310 [ 30.632884] ? __pfx_kthread+0x10/0x10 [ 30.633463] ret_from_fork+0x41/0x80 [ 30.633806] ? __pfx_kthread+0x10/0x10 [ 30.634090] ret_from_fork_asm+0x1a/0x30 [ 30.634688] </TASK> [ 30.634981] [ 30.635198] Allocated by task 293: [ 30.635449] kasan_save_stack+0x3d/0x60 [ 30.635886] kasan_save_track+0x18/0x40 [ 30.636530] kasan_save_alloc_info+0x3b/0x50 [ 30.636912] __kasan_kmalloc+0xb7/0xc0 [ 30.637298] __kmalloc_noprof+0x1c4/0x500 [ 30.637852] kunit_kmalloc_array+0x25/0x60 [ 30.638228] copy_user_test_oob+0xac/0x10f0 [ 30.638872] kunit_try_run_case+0x1b3/0x490 [ 30.639178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.639521] kthread+0x257/0x310 [ 30.640119] ret_from_fork+0x41/0x80 [ 30.640632] ret_from_fork_asm+0x1a/0x30 [ 30.641143] [ 30.641338] The buggy address belongs to the object at ffff8881029a4b00 [ 30.641338] which belongs to the cache kmalloc-128 of size 128 [ 30.642033] The buggy address is located 0 bytes inside of [ 30.642033] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.643416] [ 30.643665] The buggy address belongs to the physical page: [ 30.644363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.645167] flags: 0x200000000000000(node=0|zone=2) [ 30.645501] page_type: f5(slab) [ 30.645807] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.646632] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.647180] page dumped because: kasan: bad access detected [ 30.647517] [ 30.647698] Memory state around the buggy address: [ 30.648006] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.648421] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.649519] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.650266] ^ [ 30.651116] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.651784] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.652435] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 30.560433] ================================================================== [ 30.562451] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 30.563165] Write of size 121 at addr ffff8881029a4b00 by task kunit_try_catch/293 [ 30.563937] [ 30.564381] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.565672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.566673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.567440] Call Trace: [ 30.567731] <TASK> [ 30.568031] dump_stack_lvl+0x73/0xb0 [ 30.568452] print_report+0xd1/0x640 [ 30.568971] ? __virt_addr_valid+0x1db/0x2d0 [ 30.569350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.570218] kasan_report+0x102/0x140 [ 30.570783] ? _copy_from_user+0x33/0xa0 [ 30.571341] ? _copy_from_user+0x33/0xa0 [ 30.571810] kasan_check_range+0x10c/0x1c0 [ 30.572540] __kasan_check_write+0x18/0x20 [ 30.573186] _copy_from_user+0x33/0xa0 [ 30.573792] copy_user_test_oob+0x2bf/0x10f0 [ 30.574457] ? __pfx_copy_user_test_oob+0x10/0x10 [ 30.574862] ? finish_task_switch.isra.0+0x153/0x700 [ 30.575671] ? __switch_to+0x5d9/0xf60 [ 30.576275] ? __schedule+0xc3e/0x2790 [ 30.576927] ? __pfx_read_tsc+0x10/0x10 [ 30.577594] ? ktime_get_ts64+0x86/0x230 [ 30.577990] kunit_try_run_case+0x1b3/0x490 [ 30.578533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.578906] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.579824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.580577] ? __kthread_parkme+0x82/0x160 [ 30.580998] ? preempt_count_sub+0x50/0x80 [ 30.581423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.581876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.582685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.583243] kthread+0x257/0x310 [ 30.583741] ? __pfx_kthread+0x10/0x10 [ 30.584327] ret_from_fork+0x41/0x80 [ 30.584778] ? __pfx_kthread+0x10/0x10 [ 30.585080] ret_from_fork_asm+0x1a/0x30 [ 30.585700] </TASK> [ 30.586372] [ 30.586556] Allocated by task 293: [ 30.586837] kasan_save_stack+0x3d/0x60 [ 30.587384] kasan_save_track+0x18/0x40 [ 30.588275] kasan_save_alloc_info+0x3b/0x50 [ 30.588656] __kasan_kmalloc+0xb7/0xc0 [ 30.589355] __kmalloc_noprof+0x1c4/0x500 [ 30.589764] kunit_kmalloc_array+0x25/0x60 [ 30.590638] copy_user_test_oob+0xac/0x10f0 [ 30.591144] kunit_try_run_case+0x1b3/0x490 [ 30.591714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.593059] kthread+0x257/0x310 [ 30.593411] ret_from_fork+0x41/0x80 [ 30.593883] ret_from_fork_asm+0x1a/0x30 [ 30.594738] [ 30.595035] The buggy address belongs to the object at ffff8881029a4b00 [ 30.595035] which belongs to the cache kmalloc-128 of size 128 [ 30.596272] The buggy address is located 0 bytes inside of [ 30.596272] allocated 120-byte region [ffff8881029a4b00, ffff8881029a4b78) [ 30.597785] [ 30.598245] The buggy address belongs to the physical page: [ 30.598943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 30.600158] flags: 0x200000000000000(node=0|zone=2) [ 30.600715] page_type: f5(slab) [ 30.601102] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.601953] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.602936] page dumped because: kasan: bad access detected [ 30.603494] [ 30.603739] Memory state around the buggy address: [ 30.604204] ffff8881029a4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.605198] ffff8881029a4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.606031] >ffff8881029a4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.606766] ^ [ 30.607539] ffff8881029a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.608413] ffff8881029a4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.609031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 30.481565] ================================================================== [ 30.482359] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 30.483156] Write of size 8 at addr ffff888101b00078 by task kunit_try_catch/289 [ 30.484016] [ 30.484331] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.485418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.485814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.486655] Call Trace: [ 30.486938] <TASK> [ 30.487287] dump_stack_lvl+0x73/0xb0 [ 30.487824] print_report+0xd1/0x640 [ 30.488757] ? __virt_addr_valid+0x1db/0x2d0 [ 30.489119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.489998] kasan_report+0x102/0x140 [ 30.490766] ? copy_to_kernel_nofault+0x99/0x260 [ 30.491819] ? copy_to_kernel_nofault+0x99/0x260 [ 30.492190] kasan_check_range+0x10c/0x1c0 [ 30.492931] __kasan_check_write+0x18/0x20 [ 30.493597] copy_to_kernel_nofault+0x99/0x260 [ 30.494116] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 30.494799] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 30.495492] ? finish_task_switch.isra.0+0x153/0x700 [ 30.495927] ? __schedule+0xc3e/0x2790 [ 30.496340] ? trace_hardirqs_on+0x37/0xe0 [ 30.497239] ? irqentry_exit+0x2a/0x60 [ 30.497897] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 30.498746] ? __pfx_read_tsc+0x10/0x10 [ 30.499372] ? ktime_get_ts64+0x86/0x230 [ 30.499762] kunit_try_run_case+0x1b3/0x490 [ 30.501123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.501898] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.502399] ? __kthread_parkme+0x82/0x160 [ 30.502848] ? __kthread_parkme+0x82/0x160 [ 30.503272] ? preempt_count_sub+0x50/0x80 [ 30.503745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.504218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.504957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.505405] kthread+0x257/0x310 [ 30.505876] ? __pfx_kthread+0x10/0x10 [ 30.506362] ret_from_fork+0x41/0x80 [ 30.506872] ? __pfx_kthread+0x10/0x10 [ 30.507213] ret_from_fork_asm+0x1a/0x30 [ 30.507649] </TASK> [ 30.508142] [ 30.508380] Allocated by task 289: [ 30.509008] kasan_save_stack+0x3d/0x60 [ 30.509637] kasan_save_track+0x18/0x40 [ 30.510300] kasan_save_alloc_info+0x3b/0x50 [ 30.510847] __kasan_kmalloc+0xb7/0xc0 [ 30.511319] __kmalloc_cache_noprof+0x184/0x410 [ 30.511660] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 30.511986] kunit_try_run_case+0x1b3/0x490 [ 30.512654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.514014] kthread+0x257/0x310 [ 30.514455] ret_from_fork+0x41/0x80 [ 30.514936] ret_from_fork_asm+0x1a/0x30 [ 30.515430] [ 30.515592] The buggy address belongs to the object at ffff888101b00000 [ 30.515592] which belongs to the cache kmalloc-128 of size 128 [ 30.516276] The buggy address is located 0 bytes to the right of [ 30.516276] allocated 120-byte region [ffff888101b00000, ffff888101b00078) [ 30.518983] [ 30.519280] The buggy address belongs to the physical page: [ 30.520120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b00 [ 30.521460] flags: 0x200000000000000(node=0|zone=2) [ 30.522595] page_type: f5(slab) [ 30.523119] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.524284] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.525896] page dumped because: kasan: bad access detected [ 30.526801] [ 30.526958] Memory state around the buggy address: [ 30.528631] ffff888101afff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.529353] ffff888101afff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.531072] >ffff888101b00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.531565] ^ [ 30.532845] ffff888101b00080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.533922] ffff888101b00100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.534776] ================================================================== [ 30.428122] ================================================================== [ 30.429625] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 30.431131] Read of size 8 at addr ffff888101b00078 by task kunit_try_catch/289 [ 30.432205] [ 30.432730] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.433585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.434123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.434958] Call Trace: [ 30.435561] <TASK> [ 30.435861] dump_stack_lvl+0x73/0xb0 [ 30.436393] print_report+0xd1/0x640 [ 30.436862] ? __virt_addr_valid+0x1db/0x2d0 [ 30.437455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.437986] kasan_report+0x102/0x140 [ 30.438432] ? copy_to_kernel_nofault+0x225/0x260 [ 30.438929] ? copy_to_kernel_nofault+0x225/0x260 [ 30.439430] __asan_report_load8_noabort+0x18/0x20 [ 30.440195] copy_to_kernel_nofault+0x225/0x260 [ 30.440837] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 30.441466] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 30.442155] ? finish_task_switch.isra.0+0x153/0x700 [ 30.442711] ? __schedule+0xc3e/0x2790 [ 30.443405] ? trace_hardirqs_on+0x37/0xe0 [ 30.443941] ? irqentry_exit+0x2a/0x60 [ 30.444481] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 30.444931] ? __pfx_read_tsc+0x10/0x10 [ 30.445558] ? ktime_get_ts64+0x86/0x230 [ 30.445942] kunit_try_run_case+0x1b3/0x490 [ 30.446571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.446989] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.448351] ? __kthread_parkme+0x82/0x160 [ 30.449087] ? __kthread_parkme+0x82/0x160 [ 30.449850] ? preempt_count_sub+0x50/0x80 [ 30.450152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.450478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.451198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.452281] kthread+0x257/0x310 [ 30.452641] ? __pfx_kthread+0x10/0x10 [ 30.452985] ret_from_fork+0x41/0x80 [ 30.453348] ? __pfx_kthread+0x10/0x10 [ 30.453810] ret_from_fork_asm+0x1a/0x30 [ 30.454149] </TASK> [ 30.454452] [ 30.456173] Allocated by task 289: [ 30.456626] kasan_save_stack+0x3d/0x60 [ 30.457408] kasan_save_track+0x18/0x40 [ 30.457999] kasan_save_alloc_info+0x3b/0x50 [ 30.458921] __kasan_kmalloc+0xb7/0xc0 [ 30.459926] __kmalloc_cache_noprof+0x184/0x410 [ 30.460923] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 30.461804] kunit_try_run_case+0x1b3/0x490 [ 30.462665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.463813] kthread+0x257/0x310 [ 30.464547] ret_from_fork+0x41/0x80 [ 30.465304] ret_from_fork_asm+0x1a/0x30 [ 30.465878] [ 30.466236] The buggy address belongs to the object at ffff888101b00000 [ 30.466236] which belongs to the cache kmalloc-128 of size 128 [ 30.468541] The buggy address is located 0 bytes to the right of [ 30.468541] allocated 120-byte region [ffff888101b00000, ffff888101b00078) [ 30.470626] [ 30.470959] The buggy address belongs to the physical page: [ 30.472384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b00 [ 30.473051] flags: 0x200000000000000(node=0|zone=2) [ 30.473419] page_type: f5(slab) [ 30.473796] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.474422] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.475065] page dumped because: kasan: bad access detected [ 30.475556] [ 30.475834] Memory state around the buggy address: [ 30.476351] ffff888101afff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.476794] ffff888101afff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.477723] >ffff888101b00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.478432] ^ [ 30.479181] ffff888101b00080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.479791] ffff888101b00100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.480285] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 29.100851] ================================================================== [ 29.102484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 29.103202] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.104713] [ 29.104991] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.105962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.106403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.107216] Call Trace: [ 29.107454] <TASK> [ 29.107942] dump_stack_lvl+0x73/0xb0 [ 29.108506] print_report+0xd1/0x640 [ 29.108840] ? __virt_addr_valid+0x1db/0x2d0 [ 29.109612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.110422] kasan_report+0x102/0x140 [ 29.110931] ? kasan_atomics_helper+0x50d6/0x5450 [ 29.111525] ? kasan_atomics_helper+0x50d6/0x5450 [ 29.112184] __asan_report_store8_noabort+0x1b/0x30 [ 29.112738] kasan_atomics_helper+0x50d6/0x5450 [ 29.113053] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.113702] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.114273] ? __schedule+0xc3e/0x2790 [ 29.115074] ? finish_task_switch.isra.0+0x153/0x700 [ 29.115798] ? kasan_atomics+0x153/0x310 [ 29.116323] kasan_atomics+0x1dd/0x310 [ 29.116842] ? __pfx_kasan_atomics+0x10/0x10 [ 29.117683] ? __pfx_read_tsc+0x10/0x10 [ 29.118350] ? ktime_get_ts64+0x86/0x230 [ 29.118710] kunit_try_run_case+0x1b3/0x490 [ 29.119754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.120357] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.120816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.122162] ? __kthread_parkme+0x82/0x160 [ 29.122592] ? preempt_count_sub+0x50/0x80 [ 29.122957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.123440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.124553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.125080] kthread+0x257/0x310 [ 29.125320] ? __pfx_kthread+0x10/0x10 [ 29.125584] ret_from_fork+0x41/0x80 [ 29.125770] ? __pfx_kthread+0x10/0x10 [ 29.126200] ret_from_fork_asm+0x1a/0x30 [ 29.126943] </TASK> [ 29.127319] [ 29.127893] Allocated by task 273: [ 29.128586] kasan_save_stack+0x3d/0x60 [ 29.129510] kasan_save_track+0x18/0x40 [ 29.129794] kasan_save_alloc_info+0x3b/0x50 [ 29.130150] __kasan_kmalloc+0xb7/0xc0 [ 29.130590] __kmalloc_cache_noprof+0x184/0x410 [ 29.131024] kasan_atomics+0x96/0x310 [ 29.131389] kunit_try_run_case+0x1b3/0x490 [ 29.131890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.132444] kthread+0x257/0x310 [ 29.132776] ret_from_fork+0x41/0x80 [ 29.133137] ret_from_fork_asm+0x1a/0x30 [ 29.133653] [ 29.133818] The buggy address belongs to the object at ffff888101afb700 [ 29.133818] which belongs to the cache kmalloc-64 of size 64 [ 29.134972] The buggy address is located 0 bytes to the right of [ 29.134972] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.136054] [ 29.136292] The buggy address belongs to the physical page: [ 29.136968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.137614] flags: 0x200000000000000(node=0|zone=2) [ 29.138086] page_type: f5(slab) [ 29.138349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.139176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.139811] page dumped because: kasan: bad access detected [ 29.140415] [ 29.140629] Memory state around the buggy address: [ 29.141105] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.141764] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.142320] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.143116] ^ [ 29.143516] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.144266] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.144869] ================================================================== [ 27.561417] ================================================================== [ 27.563139] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 27.564015] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.565862] [ 27.566059] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.567520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.568203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.569533] Call Trace: [ 27.569813] <TASK> [ 27.570837] dump_stack_lvl+0x73/0xb0 [ 27.571543] print_report+0xd1/0x640 [ 27.572085] ? __virt_addr_valid+0x1db/0x2d0 [ 27.573073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.573900] kasan_report+0x102/0x140 [ 27.574093] ? kasan_atomics_helper+0x566/0x5450 [ 27.574474] ? kasan_atomics_helper+0x566/0x5450 [ 27.575157] kasan_check_range+0x10c/0x1c0 [ 27.576286] __kasan_check_write+0x18/0x20 [ 27.577289] kasan_atomics_helper+0x566/0x5450 [ 27.578279] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.578766] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.579580] ? __schedule+0xc3e/0x2790 [ 27.580173] ? finish_task_switch.isra.0+0x153/0x700 [ 27.581059] ? kasan_atomics+0x153/0x310 [ 27.582277] kasan_atomics+0x1dd/0x310 [ 27.582989] ? __pfx_kasan_atomics+0x10/0x10 [ 27.583633] ? __pfx_read_tsc+0x10/0x10 [ 27.584093] ? ktime_get_ts64+0x86/0x230 [ 27.584636] kunit_try_run_case+0x1b3/0x490 [ 27.585567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.586196] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.586622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.587405] ? __kthread_parkme+0x82/0x160 [ 27.587992] ? preempt_count_sub+0x50/0x80 [ 27.588964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.589269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.589652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.590296] kthread+0x257/0x310 [ 27.590650] ? __pfx_kthread+0x10/0x10 [ 27.591419] ret_from_fork+0x41/0x80 [ 27.591809] ? __pfx_kthread+0x10/0x10 [ 27.592236] ret_from_fork_asm+0x1a/0x30 [ 27.592835] </TASK> [ 27.593081] [ 27.593239] Allocated by task 273: [ 27.593770] kasan_save_stack+0x3d/0x60 [ 27.594147] kasan_save_track+0x18/0x40 [ 27.594572] kasan_save_alloc_info+0x3b/0x50 [ 27.595609] __kasan_kmalloc+0xb7/0xc0 [ 27.596093] __kmalloc_cache_noprof+0x184/0x410 [ 27.596636] kasan_atomics+0x96/0x310 [ 27.597402] kunit_try_run_case+0x1b3/0x490 [ 27.598138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.598626] kthread+0x257/0x310 [ 27.599214] ret_from_fork+0x41/0x80 [ 27.599764] ret_from_fork_asm+0x1a/0x30 [ 27.600256] [ 27.600649] The buggy address belongs to the object at ffff888101afb700 [ 27.600649] which belongs to the cache kmalloc-64 of size 64 [ 27.602112] The buggy address is located 0 bytes to the right of [ 27.602112] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.605530] [ 27.605863] The buggy address belongs to the physical page: [ 27.606192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.607680] flags: 0x200000000000000(node=0|zone=2) [ 27.609267] page_type: f5(slab) [ 27.609861] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.611380] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.611850] page dumped because: kasan: bad access detected [ 27.612766] [ 27.613379] Memory state around the buggy address: [ 27.613666] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.614086] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.614903] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.616416] ^ [ 27.616917] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.618233] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.618707] ================================================================== [ 28.520702] ================================================================== [ 28.521434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 28.522305] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.523078] [ 28.523253] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.524382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.524685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.526619] Call Trace: [ 28.526998] <TASK> [ 28.527610] dump_stack_lvl+0x73/0xb0 [ 28.528439] print_report+0xd1/0x640 [ 28.529077] ? __virt_addr_valid+0x1db/0x2d0 [ 28.529833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.530620] kasan_report+0x102/0x140 [ 28.531444] ? kasan_atomics_helper+0x4a38/0x5450 [ 28.532381] ? kasan_atomics_helper+0x4a38/0x5450 [ 28.532969] __asan_report_load4_noabort+0x18/0x20 [ 28.533756] kasan_atomics_helper+0x4a38/0x5450 [ 28.534363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.534828] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.535681] ? __schedule+0xc3e/0x2790 [ 28.536462] ? finish_task_switch.isra.0+0x153/0x700 [ 28.537107] ? kasan_atomics+0x153/0x310 [ 28.537528] kasan_atomics+0x1dd/0x310 [ 28.538331] ? __pfx_kasan_atomics+0x10/0x10 [ 28.538737] ? __pfx_read_tsc+0x10/0x10 [ 28.539332] ? ktime_get_ts64+0x86/0x230 [ 28.539744] kunit_try_run_case+0x1b3/0x490 [ 28.540585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.541145] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.541810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.542375] ? __kthread_parkme+0x82/0x160 [ 28.542824] ? preempt_count_sub+0x50/0x80 [ 28.543878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.544666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.545682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.546040] kthread+0x257/0x310 [ 28.546477] ? __pfx_kthread+0x10/0x10 [ 28.546849] ret_from_fork+0x41/0x80 [ 28.547749] ? __pfx_kthread+0x10/0x10 [ 28.548450] ret_from_fork_asm+0x1a/0x30 [ 28.549522] </TASK> [ 28.549760] [ 28.549907] Allocated by task 273: [ 28.550462] kasan_save_stack+0x3d/0x60 [ 28.551674] kasan_save_track+0x18/0x40 [ 28.552077] kasan_save_alloc_info+0x3b/0x50 [ 28.552610] __kasan_kmalloc+0xb7/0xc0 [ 28.553318] __kmalloc_cache_noprof+0x184/0x410 [ 28.554077] kasan_atomics+0x96/0x310 [ 28.554444] kunit_try_run_case+0x1b3/0x490 [ 28.554811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.555662] kthread+0x257/0x310 [ 28.556406] ret_from_fork+0x41/0x80 [ 28.556787] ret_from_fork_asm+0x1a/0x30 [ 28.557458] [ 28.557624] The buggy address belongs to the object at ffff888101afb700 [ 28.557624] which belongs to the cache kmalloc-64 of size 64 [ 28.559220] The buggy address is located 0 bytes to the right of [ 28.559220] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.560087] [ 28.560636] The buggy address belongs to the physical page: [ 28.561616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.562353] flags: 0x200000000000000(node=0|zone=2) [ 28.562672] page_type: f5(slab) [ 28.563097] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.564229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.565163] page dumped because: kasan: bad access detected [ 28.565642] [ 28.565861] Memory state around the buggy address: [ 28.566711] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.567451] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.568050] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.568915] ^ [ 28.569654] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.570464] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.571402] ================================================================== [ 28.710473] ================================================================== [ 28.711290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 28.711945] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.712771] [ 28.713149] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.714113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.714676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.715376] Call Trace: [ 28.715810] <TASK> [ 28.716164] dump_stack_lvl+0x73/0xb0 [ 28.716597] print_report+0xd1/0x640 [ 28.717119] ? __virt_addr_valid+0x1db/0x2d0 [ 28.717724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.718452] kasan_report+0x102/0x140 [ 28.718839] ? kasan_atomics_helper+0x4a04/0x5450 [ 28.719465] ? kasan_atomics_helper+0x4a04/0x5450 [ 28.719999] __asan_report_load4_noabort+0x18/0x20 [ 28.720500] kasan_atomics_helper+0x4a04/0x5450 [ 28.721018] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.721666] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.722120] ? __schedule+0xc3e/0x2790 [ 28.722668] ? finish_task_switch.isra.0+0x153/0x700 [ 28.723239] ? kasan_atomics+0x153/0x310 [ 28.723761] kasan_atomics+0x1dd/0x310 [ 28.724254] ? __pfx_kasan_atomics+0x10/0x10 [ 28.724630] ? __pfx_read_tsc+0x10/0x10 [ 28.725232] ? ktime_get_ts64+0x86/0x230 [ 28.725660] kunit_try_run_case+0x1b3/0x490 [ 28.726100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.726626] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.727025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.727610] ? __kthread_parkme+0x82/0x160 [ 28.728105] ? preempt_count_sub+0x50/0x80 [ 28.728694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.729358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.730009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.730562] kthread+0x257/0x310 [ 28.731105] ? __pfx_kthread+0x10/0x10 [ 28.731429] ret_from_fork+0x41/0x80 [ 28.731845] ? __pfx_kthread+0x10/0x10 [ 28.732353] ret_from_fork_asm+0x1a/0x30 [ 28.732923] </TASK> [ 28.733310] [ 28.733539] Allocated by task 273: [ 28.734019] kasan_save_stack+0x3d/0x60 [ 28.734347] kasan_save_track+0x18/0x40 [ 28.734944] kasan_save_alloc_info+0x3b/0x50 [ 28.735288] __kasan_kmalloc+0xb7/0xc0 [ 28.735837] __kmalloc_cache_noprof+0x184/0x410 [ 28.736372] kasan_atomics+0x96/0x310 [ 28.736769] kunit_try_run_case+0x1b3/0x490 [ 28.737354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.737932] kthread+0x257/0x310 [ 28.738361] ret_from_fork+0x41/0x80 [ 28.738770] ret_from_fork_asm+0x1a/0x30 [ 28.739256] [ 28.739595] The buggy address belongs to the object at ffff888101afb700 [ 28.739595] which belongs to the cache kmalloc-64 of size 64 [ 28.740671] The buggy address is located 0 bytes to the right of [ 28.740671] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.741777] [ 28.742285] The buggy address belongs to the physical page: [ 28.742560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.742867] flags: 0x200000000000000(node=0|zone=2) [ 28.743704] page_type: f5(slab) [ 28.743969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.744551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.745214] page dumped because: kasan: bad access detected [ 28.745816] [ 28.746032] Memory state around the buggy address: [ 28.746529] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.747187] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.747739] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.748369] ^ [ 28.748746] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.749496] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.750214] ================================================================== [ 29.322640] ================================================================== [ 29.323233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 29.324303] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.325124] [ 29.325338] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.326370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.326881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.328770] Call Trace: [ 29.329333] <TASK> [ 29.329583] dump_stack_lvl+0x73/0xb0 [ 29.330208] print_report+0xd1/0x640 [ 29.330672] ? __virt_addr_valid+0x1db/0x2d0 [ 29.331211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.331794] kasan_report+0x102/0x140 [ 29.332395] ? kasan_atomics_helper+0x1780/0x5450 [ 29.332847] ? kasan_atomics_helper+0x1780/0x5450 [ 29.333544] kasan_check_range+0x10c/0x1c0 [ 29.333879] __kasan_check_write+0x18/0x20 [ 29.334458] kasan_atomics_helper+0x1780/0x5450 [ 29.334895] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.335545] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.336073] ? __schedule+0xc3e/0x2790 [ 29.336643] ? finish_task_switch.isra.0+0x153/0x700 [ 29.337263] ? kasan_atomics+0x153/0x310 [ 29.337692] kasan_atomics+0x1dd/0x310 [ 29.338286] ? __pfx_kasan_atomics+0x10/0x10 [ 29.338911] ? __pfx_read_tsc+0x10/0x10 [ 29.339536] ? ktime_get_ts64+0x86/0x230 [ 29.340014] kunit_try_run_case+0x1b3/0x490 [ 29.340589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.341128] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.341665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.342278] ? __kthread_parkme+0x82/0x160 [ 29.342830] ? preempt_count_sub+0x50/0x80 [ 29.343447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.343822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.344643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.345295] kthread+0x257/0x310 [ 29.345647] ? __pfx_kthread+0x10/0x10 [ 29.346186] ret_from_fork+0x41/0x80 [ 29.346684] ? __pfx_kthread+0x10/0x10 [ 29.347230] ret_from_fork_asm+0x1a/0x30 [ 29.347810] </TASK> [ 29.348257] [ 29.348538] Allocated by task 273: [ 29.348795] kasan_save_stack+0x3d/0x60 [ 29.349360] kasan_save_track+0x18/0x40 [ 29.349753] kasan_save_alloc_info+0x3b/0x50 [ 29.350352] __kasan_kmalloc+0xb7/0xc0 [ 29.350708] __kmalloc_cache_noprof+0x184/0x410 [ 29.351292] kasan_atomics+0x96/0x310 [ 29.351721] kunit_try_run_case+0x1b3/0x490 [ 29.352149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.352886] kthread+0x257/0x310 [ 29.353238] ret_from_fork+0x41/0x80 [ 29.353786] ret_from_fork_asm+0x1a/0x30 [ 29.354261] [ 29.354573] The buggy address belongs to the object at ffff888101afb700 [ 29.354573] which belongs to the cache kmalloc-64 of size 64 [ 29.355777] The buggy address is located 0 bytes to the right of [ 29.355777] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.356885] [ 29.357166] The buggy address belongs to the physical page: [ 29.357783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.358516] flags: 0x200000000000000(node=0|zone=2) [ 29.359033] page_type: f5(slab) [ 29.359477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.360301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.361165] page dumped because: kasan: bad access detected [ 29.361697] [ 29.361978] Memory state around the buggy address: [ 29.363127] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.363820] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.364717] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.365241] ^ [ 29.365801] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.366428] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.367095] ================================================================== [ 29.184869] ================================================================== [ 29.185543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 29.186058] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.187216] [ 29.187500] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.188585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.188860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.189832] Call Trace: [ 29.190221] <TASK> [ 29.190683] dump_stack_lvl+0x73/0xb0 [ 29.191181] print_report+0xd1/0x640 [ 29.193334] ? __virt_addr_valid+0x1db/0x2d0 [ 29.194181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.194713] kasan_report+0x102/0x140 [ 29.195386] ? kasan_atomics_helper+0x15b7/0x5450 [ 29.195776] ? kasan_atomics_helper+0x15b7/0x5450 [ 29.196302] kasan_check_range+0x10c/0x1c0 [ 29.196664] __kasan_check_write+0x18/0x20 [ 29.197219] kasan_atomics_helper+0x15b7/0x5450 [ 29.197708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.198211] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.198672] ? __schedule+0xc3e/0x2790 [ 29.199026] ? finish_task_switch.isra.0+0x153/0x700 [ 29.199533] ? kasan_atomics+0x153/0x310 [ 29.199881] kasan_atomics+0x1dd/0x310 [ 29.200416] ? __pfx_kasan_atomics+0x10/0x10 [ 29.200887] ? __pfx_read_tsc+0x10/0x10 [ 29.201416] ? ktime_get_ts64+0x86/0x230 [ 29.201766] kunit_try_run_case+0x1b3/0x490 [ 29.202365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.202826] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.203407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.203901] ? __kthread_parkme+0x82/0x160 [ 29.204289] ? preempt_count_sub+0x50/0x80 [ 29.204742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.205297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.205793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.206463] kthread+0x257/0x310 [ 29.206887] ? __pfx_kthread+0x10/0x10 [ 29.207344] ret_from_fork+0x41/0x80 [ 29.207734] ? __pfx_kthread+0x10/0x10 [ 29.208114] ret_from_fork_asm+0x1a/0x30 [ 29.208647] </TASK> [ 29.209023] [ 29.209202] Allocated by task 273: [ 29.209640] kasan_save_stack+0x3d/0x60 [ 29.210101] kasan_save_track+0x18/0x40 [ 29.210400] kasan_save_alloc_info+0x3b/0x50 [ 29.210976] __kasan_kmalloc+0xb7/0xc0 [ 29.211434] __kmalloc_cache_noprof+0x184/0x410 [ 29.211897] kasan_atomics+0x96/0x310 [ 29.212321] kunit_try_run_case+0x1b3/0x490 [ 29.212644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.213335] kthread+0x257/0x310 [ 29.213823] ret_from_fork+0x41/0x80 [ 29.214215] ret_from_fork_asm+0x1a/0x30 [ 29.214722] [ 29.214949] The buggy address belongs to the object at ffff888101afb700 [ 29.214949] which belongs to the cache kmalloc-64 of size 64 [ 29.215982] The buggy address is located 0 bytes to the right of [ 29.215982] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.216745] [ 29.217077] The buggy address belongs to the physical page: [ 29.217550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.218200] flags: 0x200000000000000(node=0|zone=2) [ 29.218814] page_type: f5(slab) [ 29.219275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.219884] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.220519] page dumped because: kasan: bad access detected [ 29.221103] [ 29.221330] Memory state around the buggy address: [ 29.221708] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.222397] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.223157] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.223739] ^ [ 29.224226] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.225559] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.226536] ================================================================== [ 27.846308] ================================================================== [ 27.848172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 27.849045] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.850415] [ 27.850803] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.851683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.852104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.852937] Call Trace: [ 27.853228] <TASK> [ 27.854505] dump_stack_lvl+0x73/0xb0 [ 27.854789] print_report+0xd1/0x640 [ 27.855558] ? __virt_addr_valid+0x1db/0x2d0 [ 27.856162] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.857055] kasan_report+0x102/0x140 [ 27.857577] ? kasan_atomics_helper+0x861/0x5450 [ 27.859037] ? kasan_atomics_helper+0x861/0x5450 [ 27.859612] kasan_check_range+0x10c/0x1c0 [ 27.860000] __kasan_check_write+0x18/0x20 [ 27.860459] kasan_atomics_helper+0x861/0x5450 [ 27.860976] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.861539] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.862206] ? __schedule+0xc3e/0x2790 [ 27.862998] ? finish_task_switch.isra.0+0x153/0x700 [ 27.863654] ? kasan_atomics+0x153/0x310 [ 27.864096] kasan_atomics+0x1dd/0x310 [ 27.864449] ? __pfx_kasan_atomics+0x10/0x10 [ 27.865150] ? __pfx_read_tsc+0x10/0x10 [ 27.866274] ? ktime_get_ts64+0x86/0x230 [ 27.866856] kunit_try_run_case+0x1b3/0x490 [ 27.867564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.868194] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.868751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.869475] ? __kthread_parkme+0x82/0x160 [ 27.870010] ? preempt_count_sub+0x50/0x80 [ 27.870409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.870986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.872148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.872832] kthread+0x257/0x310 [ 27.873239] ? __pfx_kthread+0x10/0x10 [ 27.873704] ret_from_fork+0x41/0x80 [ 27.874200] ? __pfx_kthread+0x10/0x10 [ 27.874696] ret_from_fork_asm+0x1a/0x30 [ 27.875176] </TASK> [ 27.875962] [ 27.876173] Allocated by task 273: [ 27.876574] kasan_save_stack+0x3d/0x60 [ 27.877072] kasan_save_track+0x18/0x40 [ 27.877523] kasan_save_alloc_info+0x3b/0x50 [ 27.878096] __kasan_kmalloc+0xb7/0xc0 [ 27.878652] __kmalloc_cache_noprof+0x184/0x410 [ 27.879057] kasan_atomics+0x96/0x310 [ 27.879667] kunit_try_run_case+0x1b3/0x490 [ 27.880127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.880718] kthread+0x257/0x310 [ 27.881201] ret_from_fork+0x41/0x80 [ 27.882595] ret_from_fork_asm+0x1a/0x30 [ 27.883188] [ 27.883690] The buggy address belongs to the object at ffff888101afb700 [ 27.883690] which belongs to the cache kmalloc-64 of size 64 [ 27.885100] The buggy address is located 0 bytes to the right of [ 27.885100] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.886308] [ 27.886799] The buggy address belongs to the physical page: [ 27.887430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.888563] flags: 0x200000000000000(node=0|zone=2) [ 27.889749] page_type: f5(slab) [ 27.890770] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.891600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.892435] page dumped because: kasan: bad access detected [ 27.893095] [ 27.893374] Memory state around the buggy address: [ 27.894634] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.895348] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.896196] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.896902] ^ [ 27.897483] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.898243] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.899089] ================================================================== [ 29.614854] ================================================================== [ 29.616135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 29.617141] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.617782] [ 29.618083] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.619460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.619805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.621125] Call Trace: [ 29.621545] <TASK> [ 29.621799] dump_stack_lvl+0x73/0xb0 [ 29.622149] print_report+0xd1/0x640 [ 29.622695] ? __virt_addr_valid+0x1db/0x2d0 [ 29.623468] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.623953] kasan_report+0x102/0x140 [ 29.624744] ? kasan_atomics_helper+0x1b23/0x5450 [ 29.625366] ? kasan_atomics_helper+0x1b23/0x5450 [ 29.625920] kasan_check_range+0x10c/0x1c0 [ 29.626744] __kasan_check_write+0x18/0x20 [ 29.627481] kasan_atomics_helper+0x1b23/0x5450 [ 29.628428] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.628896] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.629971] ? __schedule+0xc3e/0x2790 [ 29.630397] ? finish_task_switch.isra.0+0x153/0x700 [ 29.630919] ? kasan_atomics+0x153/0x310 [ 29.631701] kasan_atomics+0x1dd/0x310 [ 29.632580] ? __pfx_kasan_atomics+0x10/0x10 [ 29.633412] ? __pfx_read_tsc+0x10/0x10 [ 29.633943] ? ktime_get_ts64+0x86/0x230 [ 29.634770] kunit_try_run_case+0x1b3/0x490 [ 29.635644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.636218] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.636810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.637442] ? __kthread_parkme+0x82/0x160 [ 29.637856] ? preempt_count_sub+0x50/0x80 [ 29.638739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.639319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.640388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.640947] kthread+0x257/0x310 [ 29.641661] ? __pfx_kthread+0x10/0x10 [ 29.642088] ret_from_fork+0x41/0x80 [ 29.642645] ? __pfx_kthread+0x10/0x10 [ 29.642996] ret_from_fork_asm+0x1a/0x30 [ 29.643890] </TASK> [ 29.644407] [ 29.644691] Allocated by task 273: [ 29.644984] kasan_save_stack+0x3d/0x60 [ 29.645538] kasan_save_track+0x18/0x40 [ 29.645937] kasan_save_alloc_info+0x3b/0x50 [ 29.647057] __kasan_kmalloc+0xb7/0xc0 [ 29.647588] __kmalloc_cache_noprof+0x184/0x410 [ 29.648276] kasan_atomics+0x96/0x310 [ 29.648916] kunit_try_run_case+0x1b3/0x490 [ 29.649696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.650481] kthread+0x257/0x310 [ 29.651134] ret_from_fork+0x41/0x80 [ 29.651655] ret_from_fork_asm+0x1a/0x30 [ 29.652120] [ 29.652333] The buggy address belongs to the object at ffff888101afb700 [ 29.652333] which belongs to the cache kmalloc-64 of size 64 [ 29.653961] The buggy address is located 0 bytes to the right of [ 29.653961] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.655238] [ 29.655508] The buggy address belongs to the physical page: [ 29.656376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.656883] flags: 0x200000000000000(node=0|zone=2) [ 29.657813] page_type: f5(slab) [ 29.658475] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.659285] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.659978] page dumped because: kasan: bad access detected [ 29.660469] [ 29.661476] Memory state around the buggy address: [ 29.661813] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.662824] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.663645] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.664654] ^ [ 29.665992] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.666516] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.667573] ================================================================== [ 28.801661] ================================================================== [ 28.802362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 28.803357] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.803982] [ 28.804288] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.805459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.805847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.806714] Call Trace: [ 28.807145] <TASK> [ 28.807460] dump_stack_lvl+0x73/0xb0 [ 28.807948] print_report+0xd1/0x640 [ 28.808824] ? __virt_addr_valid+0x1db/0x2d0 [ 28.809379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.810517] kasan_report+0x102/0x140 [ 28.811030] ? kasan_atomics_helper+0x49ea/0x5450 [ 28.811413] ? kasan_atomics_helper+0x49ea/0x5450 [ 28.811988] __asan_report_load4_noabort+0x18/0x20 [ 28.812673] kasan_atomics_helper+0x49ea/0x5450 [ 28.813343] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.813888] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.814692] ? __schedule+0xc3e/0x2790 [ 28.815020] ? finish_task_switch.isra.0+0x153/0x700 [ 28.815663] ? kasan_atomics+0x153/0x310 [ 28.816099] kasan_atomics+0x1dd/0x310 [ 28.816705] ? __pfx_kasan_atomics+0x10/0x10 [ 28.817149] ? __pfx_read_tsc+0x10/0x10 [ 28.817844] ? ktime_get_ts64+0x86/0x230 [ 28.818370] kunit_try_run_case+0x1b3/0x490 [ 28.818905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.819309] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.819749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.820363] ? __kthread_parkme+0x82/0x160 [ 28.820797] ? preempt_count_sub+0x50/0x80 [ 28.821101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.821814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.822389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.822885] kthread+0x257/0x310 [ 28.823421] ? __pfx_kthread+0x10/0x10 [ 28.824008] ret_from_fork+0x41/0x80 [ 28.824644] ? __pfx_kthread+0x10/0x10 [ 28.824996] ret_from_fork_asm+0x1a/0x30 [ 28.825641] </TASK> [ 28.826063] [ 28.826260] Allocated by task 273: [ 28.826743] kasan_save_stack+0x3d/0x60 [ 28.827183] kasan_save_track+0x18/0x40 [ 28.827618] kasan_save_alloc_info+0x3b/0x50 [ 28.828204] __kasan_kmalloc+0xb7/0xc0 [ 28.828732] __kmalloc_cache_noprof+0x184/0x410 [ 28.829239] kasan_atomics+0x96/0x310 [ 28.829710] kunit_try_run_case+0x1b3/0x490 [ 28.830334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.830712] kthread+0x257/0x310 [ 28.831340] ret_from_fork+0x41/0x80 [ 28.831942] ret_from_fork_asm+0x1a/0x30 [ 28.832402] [ 28.832666] The buggy address belongs to the object at ffff888101afb700 [ 28.832666] which belongs to the cache kmalloc-64 of size 64 [ 28.833755] The buggy address is located 0 bytes to the right of [ 28.833755] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.835013] [ 28.835236] The buggy address belongs to the physical page: [ 28.835844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.836657] flags: 0x200000000000000(node=0|zone=2) [ 28.837219] page_type: f5(slab) [ 28.837662] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.838347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.838940] page dumped because: kasan: bad access detected [ 28.839684] [ 28.840175] Memory state around the buggy address: [ 28.840757] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.841747] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.842571] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.843142] ^ [ 28.843740] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.844574] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.845406] ================================================================== [ 28.898752] ================================================================== [ 28.899346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 28.900791] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.902200] [ 28.902999] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.905480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.906273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.907262] Call Trace: [ 28.907527] <TASK> [ 28.907877] dump_stack_lvl+0x73/0xb0 [ 28.908318] print_report+0xd1/0x640 [ 28.909019] ? __virt_addr_valid+0x1db/0x2d0 [ 28.909528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.910955] kasan_report+0x102/0x140 [ 28.911713] ? kasan_atomics_helper+0x49d0/0x5450 [ 28.912212] ? kasan_atomics_helper+0x49d0/0x5450 [ 28.912735] __asan_report_load4_noabort+0x18/0x20 [ 28.913545] kasan_atomics_helper+0x49d0/0x5450 [ 28.914150] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.914673] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.915735] ? __schedule+0xc3e/0x2790 [ 28.916885] ? finish_task_switch.isra.0+0x153/0x700 [ 28.917559] ? kasan_atomics+0x153/0x310 [ 28.917774] kasan_atomics+0x1dd/0x310 [ 28.918210] ? __pfx_kasan_atomics+0x10/0x10 [ 28.919161] ? __pfx_read_tsc+0x10/0x10 [ 28.919661] ? ktime_get_ts64+0x86/0x230 [ 28.920119] kunit_try_run_case+0x1b3/0x490 [ 28.920917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.921528] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.922260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.922910] ? __kthread_parkme+0x82/0x160 [ 28.923504] ? preempt_count_sub+0x50/0x80 [ 28.924178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.924607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.925588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.926349] kthread+0x257/0x310 [ 28.926830] ? __pfx_kthread+0x10/0x10 [ 28.927224] ret_from_fork+0x41/0x80 [ 28.927889] ? __pfx_kthread+0x10/0x10 [ 28.928298] ret_from_fork_asm+0x1a/0x30 [ 28.929105] </TASK> [ 28.929332] [ 28.929629] Allocated by task 273: [ 28.930092] kasan_save_stack+0x3d/0x60 [ 28.930628] kasan_save_track+0x18/0x40 [ 28.931061] kasan_save_alloc_info+0x3b/0x50 [ 28.931797] __kasan_kmalloc+0xb7/0xc0 [ 28.932247] __kmalloc_cache_noprof+0x184/0x410 [ 28.932858] kasan_atomics+0x96/0x310 [ 28.933471] kunit_try_run_case+0x1b3/0x490 [ 28.933844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.934657] kthread+0x257/0x310 [ 28.934997] ret_from_fork+0x41/0x80 [ 28.935663] ret_from_fork_asm+0x1a/0x30 [ 28.936062] [ 28.936284] The buggy address belongs to the object at ffff888101afb700 [ 28.936284] which belongs to the cache kmalloc-64 of size 64 [ 28.937896] The buggy address is located 0 bytes to the right of [ 28.937896] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.939820] [ 28.940036] The buggy address belongs to the physical page: [ 28.940596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.941635] flags: 0x200000000000000(node=0|zone=2) [ 28.942170] page_type: f5(slab) [ 28.942786] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.943410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.944482] page dumped because: kasan: bad access detected [ 28.945110] [ 28.945413] Memory state around the buggy address: [ 28.945960] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.946899] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.947635] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.948433] ^ [ 28.948883] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.949693] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.950651] ================================================================== [ 28.665883] ================================================================== [ 28.667099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 28.667406] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.667721] [ 28.667840] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.669416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.670229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.671396] Call Trace: [ 28.671807] <TASK> [ 28.672097] dump_stack_lvl+0x73/0xb0 [ 28.672604] print_report+0xd1/0x640 [ 28.673063] ? __virt_addr_valid+0x1db/0x2d0 [ 28.673667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.674192] kasan_report+0x102/0x140 [ 28.674695] ? kasan_atomics_helper+0x1149/0x5450 [ 28.675258] ? kasan_atomics_helper+0x1149/0x5450 [ 28.675708] kasan_check_range+0x10c/0x1c0 [ 28.676248] __kasan_check_write+0x18/0x20 [ 28.676703] kasan_atomics_helper+0x1149/0x5450 [ 28.677273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.677901] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.678319] ? __schedule+0xc3e/0x2790 [ 28.678896] ? finish_task_switch.isra.0+0x153/0x700 [ 28.679325] ? kasan_atomics+0x153/0x310 [ 28.679807] kasan_atomics+0x1dd/0x310 [ 28.680334] ? __pfx_kasan_atomics+0x10/0x10 [ 28.680768] ? __pfx_read_tsc+0x10/0x10 [ 28.681332] ? ktime_get_ts64+0x86/0x230 [ 28.681732] kunit_try_run_case+0x1b3/0x490 [ 28.682308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.682945] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.683315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.683917] ? __kthread_parkme+0x82/0x160 [ 28.684463] ? preempt_count_sub+0x50/0x80 [ 28.684996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.685624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.686197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.686837] kthread+0x257/0x310 [ 28.687301] ? __pfx_kthread+0x10/0x10 [ 28.687644] ret_from_fork+0x41/0x80 [ 28.688127] ? __pfx_kthread+0x10/0x10 [ 28.688623] ret_from_fork_asm+0x1a/0x30 [ 28.689175] </TASK> [ 28.689454] [ 28.689711] Allocated by task 273: [ 28.690172] kasan_save_stack+0x3d/0x60 [ 28.690568] kasan_save_track+0x18/0x40 [ 28.691098] kasan_save_alloc_info+0x3b/0x50 [ 28.691577] __kasan_kmalloc+0xb7/0xc0 [ 28.692028] __kmalloc_cache_noprof+0x184/0x410 [ 28.692612] kasan_atomics+0x96/0x310 [ 28.693100] kunit_try_run_case+0x1b3/0x490 [ 28.693647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.694321] kthread+0x257/0x310 [ 28.694705] ret_from_fork+0x41/0x80 [ 28.695251] ret_from_fork_asm+0x1a/0x30 [ 28.695995] [ 28.696342] The buggy address belongs to the object at ffff888101afb700 [ 28.696342] which belongs to the cache kmalloc-64 of size 64 [ 28.697587] The buggy address is located 0 bytes to the right of [ 28.697587] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.698984] [ 28.699236] The buggy address belongs to the physical page: [ 28.699973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.700916] flags: 0x200000000000000(node=0|zone=2) [ 28.701656] page_type: f5(slab) [ 28.702559] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.703296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.703881] page dumped because: kasan: bad access detected [ 28.704243] [ 28.704598] Memory state around the buggy address: [ 28.705193] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.705907] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.706620] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.707281] ^ [ 28.707728] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.708453] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.709086] ================================================================== [ 27.145239] ================================================================== [ 27.146654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 27.148185] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.149741] [ 27.150051] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.151547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.152139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.154115] Call Trace: [ 27.154926] <TASK> [ 27.155475] dump_stack_lvl+0x73/0xb0 [ 27.156240] print_report+0xd1/0x640 [ 27.156682] ? __virt_addr_valid+0x1db/0x2d0 [ 27.157135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.157665] kasan_report+0x102/0x140 [ 27.158082] ? kasan_atomics_helper+0x4ba4/0x5450 [ 27.159595] ? kasan_atomics_helper+0x4ba4/0x5450 [ 27.160436] __asan_report_store4_noabort+0x1b/0x30 [ 27.161358] kasan_atomics_helper+0x4ba4/0x5450 [ 27.162225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.163124] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.164201] ? __schedule+0xc3e/0x2790 [ 27.165062] ? finish_task_switch.isra.0+0x153/0x700 [ 27.166245] ? kasan_atomics+0x153/0x310 [ 27.166699] kasan_atomics+0x1dd/0x310 [ 27.167275] ? __pfx_kasan_atomics+0x10/0x10 [ 27.168018] ? __pfx_read_tsc+0x10/0x10 [ 27.168815] ? ktime_get_ts64+0x86/0x230 [ 27.169135] kunit_try_run_case+0x1b3/0x490 [ 27.169449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.170885] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.171792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.172779] ? __kthread_parkme+0x82/0x160 [ 27.173166] ? preempt_count_sub+0x50/0x80 [ 27.173796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.175378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.176630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.177679] kthread+0x257/0x310 [ 27.178424] ? __pfx_kthread+0x10/0x10 [ 27.179201] ret_from_fork+0x41/0x80 [ 27.179633] ? __pfx_kthread+0x10/0x10 [ 27.180035] ret_from_fork_asm+0x1a/0x30 [ 27.180484] </TASK> [ 27.180752] [ 27.180968] Allocated by task 273: [ 27.182622] kasan_save_stack+0x3d/0x60 [ 27.183663] kasan_save_track+0x18/0x40 [ 27.184325] kasan_save_alloc_info+0x3b/0x50 [ 27.185618] __kasan_kmalloc+0xb7/0xc0 [ 27.186536] __kmalloc_cache_noprof+0x184/0x410 [ 27.187697] kasan_atomics+0x96/0x310 [ 27.188730] kunit_try_run_case+0x1b3/0x490 [ 27.189844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.191365] kthread+0x257/0x310 [ 27.192098] ret_from_fork+0x41/0x80 [ 27.192879] ret_from_fork_asm+0x1a/0x30 [ 27.193484] [ 27.193622] The buggy address belongs to the object at ffff888101afb700 [ 27.193622] which belongs to the cache kmalloc-64 of size 64 [ 27.194590] The buggy address is located 0 bytes to the right of [ 27.194590] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.197171] [ 27.197714] The buggy address belongs to the physical page: [ 27.198954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.200652] flags: 0x200000000000000(node=0|zone=2) [ 27.201702] page_type: f5(slab) [ 27.202372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.203070] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.204781] page dumped because: kasan: bad access detected [ 27.205819] [ 27.205966] Memory state around the buggy address: [ 27.206561] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.207265] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.208214] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.208912] ^ [ 27.209252] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.209934] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.210608] ================================================================== [ 27.788644] ================================================================== [ 27.789234] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 27.790456] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.791224] [ 27.791587] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.793014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.793328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.794371] Call Trace: [ 27.794753] <TASK> [ 27.795122] dump_stack_lvl+0x73/0xb0 [ 27.796607] print_report+0xd1/0x640 [ 27.797059] ? __virt_addr_valid+0x1db/0x2d0 [ 27.797614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.798524] kasan_report+0x102/0x140 [ 27.799031] ? kasan_atomics_helper+0x7c8/0x5450 [ 27.799653] ? kasan_atomics_helper+0x7c8/0x5450 [ 27.800683] kasan_check_range+0x10c/0x1c0 [ 27.801736] __kasan_check_write+0x18/0x20 [ 27.802139] kasan_atomics_helper+0x7c8/0x5450 [ 27.802885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.804090] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.804756] ? __schedule+0xc3e/0x2790 [ 27.805250] ? finish_task_switch.isra.0+0x153/0x700 [ 27.806484] ? kasan_atomics+0x153/0x310 [ 27.807272] kasan_atomics+0x1dd/0x310 [ 27.807890] ? __pfx_kasan_atomics+0x10/0x10 [ 27.808413] ? __pfx_read_tsc+0x10/0x10 [ 27.809209] ? ktime_get_ts64+0x86/0x230 [ 27.809753] kunit_try_run_case+0x1b3/0x490 [ 27.810465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.811078] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.812052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.812618] ? __kthread_parkme+0x82/0x160 [ 27.813257] ? preempt_count_sub+0x50/0x80 [ 27.814038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.814872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.815502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.816264] kthread+0x257/0x310 [ 27.816748] ? __pfx_kthread+0x10/0x10 [ 27.817394] ret_from_fork+0x41/0x80 [ 27.818363] ? __pfx_kthread+0x10/0x10 [ 27.819028] ret_from_fork_asm+0x1a/0x30 [ 27.819664] </TASK> [ 27.820045] [ 27.820531] Allocated by task 273: [ 27.820887] kasan_save_stack+0x3d/0x60 [ 27.821659] kasan_save_track+0x18/0x40 [ 27.822124] kasan_save_alloc_info+0x3b/0x50 [ 27.822942] __kasan_kmalloc+0xb7/0xc0 [ 27.823468] __kmalloc_cache_noprof+0x184/0x410 [ 27.824662] kasan_atomics+0x96/0x310 [ 27.825145] kunit_try_run_case+0x1b3/0x490 [ 27.825830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.826667] kthread+0x257/0x310 [ 27.827326] ret_from_fork+0x41/0x80 [ 27.827721] ret_from_fork_asm+0x1a/0x30 [ 27.828567] [ 27.828843] The buggy address belongs to the object at ffff888101afb700 [ 27.828843] which belongs to the cache kmalloc-64 of size 64 [ 27.830538] The buggy address is located 0 bytes to the right of [ 27.830538] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.831900] [ 27.832135] The buggy address belongs to the physical page: [ 27.832818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.833559] flags: 0x200000000000000(node=0|zone=2) [ 27.834611] page_type: f5(slab) [ 27.835390] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.836865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.837576] page dumped because: kasan: bad access detected [ 27.838099] [ 27.838305] Memory state around the buggy address: [ 27.838691] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.840162] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.841551] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.841968] ^ [ 27.842459] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.843125] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.844138] ================================================================== [ 27.677180] ================================================================== [ 27.678877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 27.680403] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.681012] [ 27.681683] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.683066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.683313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.684175] Call Trace: [ 27.684818] <TASK> [ 27.685208] dump_stack_lvl+0x73/0xb0 [ 27.685747] print_report+0xd1/0x640 [ 27.686148] ? __virt_addr_valid+0x1db/0x2d0 [ 27.686612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.687147] kasan_report+0x102/0x140 [ 27.687736] ? kasan_atomics_helper+0x698/0x5450 [ 27.688106] ? kasan_atomics_helper+0x698/0x5450 [ 27.689579] kasan_check_range+0x10c/0x1c0 [ 27.690505] __kasan_check_write+0x18/0x20 [ 27.691538] kasan_atomics_helper+0x698/0x5450 [ 27.691938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.692722] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.693867] ? __schedule+0xc3e/0x2790 [ 27.694243] ? finish_task_switch.isra.0+0x153/0x700 [ 27.695241] ? kasan_atomics+0x153/0x310 [ 27.696248] kasan_atomics+0x1dd/0x310 [ 27.696760] ? __pfx_kasan_atomics+0x10/0x10 [ 27.697322] ? __pfx_read_tsc+0x10/0x10 [ 27.697790] ? ktime_get_ts64+0x86/0x230 [ 27.698232] kunit_try_run_case+0x1b3/0x490 [ 27.698699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.700731] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.701369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.702036] ? __kthread_parkme+0x82/0x160 [ 27.702712] ? preempt_count_sub+0x50/0x80 [ 27.703532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.703979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.704866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.705737] kthread+0x257/0x310 [ 27.706200] ? __pfx_kthread+0x10/0x10 [ 27.707044] ret_from_fork+0x41/0x80 [ 27.707628] ? __pfx_kthread+0x10/0x10 [ 27.708520] ret_from_fork_asm+0x1a/0x30 [ 27.709034] </TASK> [ 27.709503] [ 27.710277] Allocated by task 273: [ 27.710729] kasan_save_stack+0x3d/0x60 [ 27.711290] kasan_save_track+0x18/0x40 [ 27.712429] kasan_save_alloc_info+0x3b/0x50 [ 27.713008] __kasan_kmalloc+0xb7/0xc0 [ 27.713442] __kmalloc_cache_noprof+0x184/0x410 [ 27.713969] kasan_atomics+0x96/0x310 [ 27.714696] kunit_try_run_case+0x1b3/0x490 [ 27.715003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.716322] kthread+0x257/0x310 [ 27.717207] ret_from_fork+0x41/0x80 [ 27.717522] ret_from_fork_asm+0x1a/0x30 [ 27.718578] [ 27.718824] The buggy address belongs to the object at ffff888101afb700 [ 27.718824] which belongs to the cache kmalloc-64 of size 64 [ 27.720881] The buggy address is located 0 bytes to the right of [ 27.720881] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.722116] [ 27.722608] The buggy address belongs to the physical page: [ 27.723442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.724072] flags: 0x200000000000000(node=0|zone=2) [ 27.724789] page_type: f5(slab) [ 27.725728] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.727068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.727746] page dumped because: kasan: bad access detected [ 27.728213] [ 27.728635] Memory state around the buggy address: [ 27.729003] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.729796] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.730712] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.731728] ^ [ 27.732363] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.732878] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.734090] ================================================================== [ 29.227726] ================================================================== [ 29.228252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 29.228708] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.230031] [ 29.230865] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.232128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.232564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.233556] Call Trace: [ 29.234037] <TASK> [ 29.234533] dump_stack_lvl+0x73/0xb0 [ 29.234939] print_report+0xd1/0x640 [ 29.235720] ? __virt_addr_valid+0x1db/0x2d0 [ 29.236385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.237070] kasan_report+0x102/0x140 [ 29.237328] ? kasan_atomics_helper+0x1650/0x5450 [ 29.237651] ? kasan_atomics_helper+0x1650/0x5450 [ 29.238114] kasan_check_range+0x10c/0x1c0 [ 29.238541] __kasan_check_write+0x18/0x20 [ 29.238925] kasan_atomics_helper+0x1650/0x5450 [ 29.240148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.240684] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.241618] ? __schedule+0xc3e/0x2790 [ 29.241953] ? finish_task_switch.isra.0+0x153/0x700 [ 29.242844] ? kasan_atomics+0x153/0x310 [ 29.243862] kasan_atomics+0x1dd/0x310 [ 29.244526] ? __pfx_kasan_atomics+0x10/0x10 [ 29.244897] ? __pfx_read_tsc+0x10/0x10 [ 29.245860] ? ktime_get_ts64+0x86/0x230 [ 29.246561] kunit_try_run_case+0x1b3/0x490 [ 29.247199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.247606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.248545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.249297] ? __kthread_parkme+0x82/0x160 [ 29.249695] ? preempt_count_sub+0x50/0x80 [ 29.250372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.250829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.251617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.252419] kthread+0x257/0x310 [ 29.253165] ? __pfx_kthread+0x10/0x10 [ 29.253743] ret_from_fork+0x41/0x80 [ 29.253944] ? __pfx_kthread+0x10/0x10 [ 29.254751] ret_from_fork_asm+0x1a/0x30 [ 29.255683] </TASK> [ 29.256205] [ 29.256409] Allocated by task 273: [ 29.256761] kasan_save_stack+0x3d/0x60 [ 29.257940] kasan_save_track+0x18/0x40 [ 29.258322] kasan_save_alloc_info+0x3b/0x50 [ 29.258697] __kasan_kmalloc+0xb7/0xc0 [ 29.259107] __kmalloc_cache_noprof+0x184/0x410 [ 29.259631] kasan_atomics+0x96/0x310 [ 29.260346] kunit_try_run_case+0x1b3/0x490 [ 29.261109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.261822] kthread+0x257/0x310 [ 29.262352] ret_from_fork+0x41/0x80 [ 29.263033] ret_from_fork_asm+0x1a/0x30 [ 29.263537] [ 29.264022] The buggy address belongs to the object at ffff888101afb700 [ 29.264022] which belongs to the cache kmalloc-64 of size 64 [ 29.265464] The buggy address is located 0 bytes to the right of [ 29.265464] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.266772] [ 29.267163] The buggy address belongs to the physical page: [ 29.267978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.268916] flags: 0x200000000000000(node=0|zone=2) [ 29.269523] page_type: f5(slab) [ 29.270004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.270586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.271526] page dumped because: kasan: bad access detected [ 29.271966] [ 29.272336] Memory state around the buggy address: [ 29.272792] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.273575] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.274627] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.275206] ^ [ 29.275896] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.276642] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.277248] ================================================================== [ 28.418032] ================================================================== [ 28.418843] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 28.420010] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.420645] [ 28.420855] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.422628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.423028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.423845] Call Trace: [ 28.424707] <TASK> [ 28.424963] dump_stack_lvl+0x73/0xb0 [ 28.425357] print_report+0xd1/0x640 [ 28.426066] ? __virt_addr_valid+0x1db/0x2d0 [ 28.426657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.427385] kasan_report+0x102/0x140 [ 28.427791] ? kasan_atomics_helper+0xf11/0x5450 [ 28.428540] ? kasan_atomics_helper+0xf11/0x5450 [ 28.429043] kasan_check_range+0x10c/0x1c0 [ 28.429486] __kasan_check_write+0x18/0x20 [ 28.429867] kasan_atomics_helper+0xf11/0x5450 [ 28.430785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.431186] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.431893] ? __schedule+0xc3e/0x2790 [ 28.432492] ? finish_task_switch.isra.0+0x153/0x700 [ 28.433178] ? kasan_atomics+0x153/0x310 [ 28.433781] kasan_atomics+0x1dd/0x310 [ 28.434342] ? __pfx_kasan_atomics+0x10/0x10 [ 28.434779] ? __pfx_read_tsc+0x10/0x10 [ 28.435480] ? ktime_get_ts64+0x86/0x230 [ 28.436107] kunit_try_run_case+0x1b3/0x490 [ 28.436907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.437304] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.437842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.438597] ? __kthread_parkme+0x82/0x160 [ 28.439179] ? preempt_count_sub+0x50/0x80 [ 28.439588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.440401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.440926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.441709] kthread+0x257/0x310 [ 28.442309] ? __pfx_kthread+0x10/0x10 [ 28.442665] ret_from_fork+0x41/0x80 [ 28.443507] ? __pfx_kthread+0x10/0x10 [ 28.443879] ret_from_fork_asm+0x1a/0x30 [ 28.444588] </TASK> [ 28.444834] [ 28.445368] Allocated by task 273: [ 28.445793] kasan_save_stack+0x3d/0x60 [ 28.446489] kasan_save_track+0x18/0x40 [ 28.446921] kasan_save_alloc_info+0x3b/0x50 [ 28.447335] __kasan_kmalloc+0xb7/0xc0 [ 28.447705] __kmalloc_cache_noprof+0x184/0x410 [ 28.448800] kasan_atomics+0x96/0x310 [ 28.449180] kunit_try_run_case+0x1b3/0x490 [ 28.449676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.450588] kthread+0x257/0x310 [ 28.451128] ret_from_fork+0x41/0x80 [ 28.451696] ret_from_fork_asm+0x1a/0x30 [ 28.452364] [ 28.452585] The buggy address belongs to the object at ffff888101afb700 [ 28.452585] which belongs to the cache kmalloc-64 of size 64 [ 28.454130] The buggy address is located 0 bytes to the right of [ 28.454130] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.455153] [ 28.455809] The buggy address belongs to the physical page: [ 28.456400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.457233] flags: 0x200000000000000(node=0|zone=2) [ 28.457790] page_type: f5(slab) [ 28.458339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.459520] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.459816] page dumped because: kasan: bad access detected [ 28.460793] [ 28.461011] Memory state around the buggy address: [ 28.461516] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.462165] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.464029] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.464700] ^ [ 28.465530] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.466874] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.467511] ================================================================== [ 29.278361] ================================================================== [ 29.279336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 29.279948] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.280774] [ 29.281100] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.281542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.282282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.283117] Call Trace: [ 29.283633] <TASK> [ 29.284117] dump_stack_lvl+0x73/0xb0 [ 29.284679] print_report+0xd1/0x640 [ 29.285312] ? __virt_addr_valid+0x1db/0x2d0 [ 29.285994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.286715] kasan_report+0x102/0x140 [ 29.287366] ? kasan_atomics_helper+0x16e8/0x5450 [ 29.287819] ? kasan_atomics_helper+0x16e8/0x5450 [ 29.288438] kasan_check_range+0x10c/0x1c0 [ 29.288991] __kasan_check_write+0x18/0x20 [ 29.289551] kasan_atomics_helper+0x16e8/0x5450 [ 29.290010] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.290714] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.291175] ? __schedule+0xc3e/0x2790 [ 29.291740] ? finish_task_switch.isra.0+0x153/0x700 [ 29.292334] ? kasan_atomics+0x153/0x310 [ 29.292907] kasan_atomics+0x1dd/0x310 [ 29.293523] ? __pfx_kasan_atomics+0x10/0x10 [ 29.294158] ? __pfx_read_tsc+0x10/0x10 [ 29.294454] ? ktime_get_ts64+0x86/0x230 [ 29.295041] kunit_try_run_case+0x1b3/0x490 [ 29.295520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.296169] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.296647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.297189] ? __kthread_parkme+0x82/0x160 [ 29.297761] ? preempt_count_sub+0x50/0x80 [ 29.298189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.298813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.299381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.300120] kthread+0x257/0x310 [ 29.300455] ? __pfx_kthread+0x10/0x10 [ 29.300937] ret_from_fork+0x41/0x80 [ 29.301342] ? __pfx_kthread+0x10/0x10 [ 29.301901] ret_from_fork_asm+0x1a/0x30 [ 29.302452] </TASK> [ 29.302840] [ 29.303077] Allocated by task 273: [ 29.303470] kasan_save_stack+0x3d/0x60 [ 29.303991] kasan_save_track+0x18/0x40 [ 29.304524] kasan_save_alloc_info+0x3b/0x50 [ 29.304855] __kasan_kmalloc+0xb7/0xc0 [ 29.305403] __kmalloc_cache_noprof+0x184/0x410 [ 29.305898] kasan_atomics+0x96/0x310 [ 29.306516] kunit_try_run_case+0x1b3/0x490 [ 29.306908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.307562] kthread+0x257/0x310 [ 29.308099] ret_from_fork+0x41/0x80 [ 29.308432] ret_from_fork_asm+0x1a/0x30 [ 29.309070] [ 29.309294] The buggy address belongs to the object at ffff888101afb700 [ 29.309294] which belongs to the cache kmalloc-64 of size 64 [ 29.310548] The buggy address is located 0 bytes to the right of [ 29.310548] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.311664] [ 29.311981] The buggy address belongs to the physical page: [ 29.312449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.313386] flags: 0x200000000000000(node=0|zone=2) [ 29.313996] page_type: f5(slab) [ 29.314445] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.315244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.315755] page dumped because: kasan: bad access detected [ 29.316291] [ 29.316655] Memory state around the buggy address: [ 29.317169] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.317850] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.318598] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.319267] ^ [ 29.319737] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.320430] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.321134] ================================================================== [ 29.561907] ================================================================== [ 29.562699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 29.563266] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.563917] [ 29.564144] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.565197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.566272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.567794] Call Trace: [ 29.567945] <TASK> [ 29.568326] dump_stack_lvl+0x73/0xb0 [ 29.568847] print_report+0xd1/0x640 [ 29.569328] ? __virt_addr_valid+0x1db/0x2d0 [ 29.569840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.570302] kasan_report+0x102/0x140 [ 29.571331] ? kasan_atomics_helper+0x1a80/0x5450 [ 29.571790] ? kasan_atomics_helper+0x1a80/0x5450 [ 29.572768] kasan_check_range+0x10c/0x1c0 [ 29.573196] __kasan_check_write+0x18/0x20 [ 29.573619] kasan_atomics_helper+0x1a80/0x5450 [ 29.574580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.574983] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.576103] ? __schedule+0xc3e/0x2790 [ 29.576533] ? finish_task_switch.isra.0+0x153/0x700 [ 29.577212] ? kasan_atomics+0x153/0x310 [ 29.578072] kasan_atomics+0x1dd/0x310 [ 29.578461] ? __pfx_kasan_atomics+0x10/0x10 [ 29.578878] ? __pfx_read_tsc+0x10/0x10 [ 29.579258] ? ktime_get_ts64+0x86/0x230 [ 29.580428] kunit_try_run_case+0x1b3/0x490 [ 29.581247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.581799] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.582104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.582739] ? __kthread_parkme+0x82/0x160 [ 29.583253] ? preempt_count_sub+0x50/0x80 [ 29.583638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.584228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.584710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.585477] kthread+0x257/0x310 [ 29.585793] ? __pfx_kthread+0x10/0x10 [ 29.586391] ret_from_fork+0x41/0x80 [ 29.586973] ? __pfx_kthread+0x10/0x10 [ 29.587864] ret_from_fork_asm+0x1a/0x30 [ 29.588263] </TASK> [ 29.588746] [ 29.589129] Allocated by task 273: [ 29.589658] kasan_save_stack+0x3d/0x60 [ 29.590049] kasan_save_track+0x18/0x40 [ 29.590572] kasan_save_alloc_info+0x3b/0x50 [ 29.591139] __kasan_kmalloc+0xb7/0xc0 [ 29.591819] __kmalloc_cache_noprof+0x184/0x410 [ 29.592482] kasan_atomics+0x96/0x310 [ 29.593235] kunit_try_run_case+0x1b3/0x490 [ 29.593875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.594815] kthread+0x257/0x310 [ 29.595511] ret_from_fork+0x41/0x80 [ 29.596420] ret_from_fork_asm+0x1a/0x30 [ 29.596801] [ 29.597037] The buggy address belongs to the object at ffff888101afb700 [ 29.597037] which belongs to the cache kmalloc-64 of size 64 [ 29.598739] The buggy address is located 0 bytes to the right of [ 29.598739] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.600359] [ 29.600632] The buggy address belongs to the physical page: [ 29.601602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.602982] flags: 0x200000000000000(node=0|zone=2) [ 29.603458] page_type: f5(slab) [ 29.604124] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.604789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.605483] page dumped because: kasan: bad access detected [ 29.606535] [ 29.606876] Memory state around the buggy address: [ 29.607691] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.608770] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.610173] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.611219] ^ [ 29.611759] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.612728] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.613500] ================================================================== [ 29.852926] ================================================================== [ 29.854076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 29.855170] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.856819] [ 29.857346] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.859413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.860303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.861622] Call Trace: [ 29.862105] <TASK> [ 29.862502] dump_stack_lvl+0x73/0xb0 [ 29.863170] print_report+0xd1/0x640 [ 29.863682] ? __virt_addr_valid+0x1db/0x2d0 [ 29.864097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.864668] kasan_report+0x102/0x140 [ 29.864980] ? kasan_atomics_helper+0x1e13/0x5450 [ 29.865479] ? kasan_atomics_helper+0x1e13/0x5450 [ 29.865901] kasan_check_range+0x10c/0x1c0 [ 29.866513] __kasan_check_write+0x18/0x20 [ 29.866955] kasan_atomics_helper+0x1e13/0x5450 [ 29.867384] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.867893] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.868394] ? __schedule+0xc3e/0x2790 [ 29.868853] ? finish_task_switch.isra.0+0x153/0x700 [ 29.869321] ? kasan_atomics+0x153/0x310 [ 29.869823] kasan_atomics+0x1dd/0x310 [ 29.870136] ? __pfx_kasan_atomics+0x10/0x10 [ 29.870703] ? __pfx_read_tsc+0x10/0x10 [ 29.871219] ? ktime_get_ts64+0x86/0x230 [ 29.871916] kunit_try_run_case+0x1b3/0x490 [ 29.872313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.872717] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.873210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.873598] ? __kthread_parkme+0x82/0x160 [ 29.873906] ? preempt_count_sub+0x50/0x80 [ 29.874834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.875368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.875786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.876396] kthread+0x257/0x310 [ 29.876936] ? __pfx_kthread+0x10/0x10 [ 29.877394] ret_from_fork+0x41/0x80 [ 29.877727] ? __pfx_kthread+0x10/0x10 [ 29.878014] ret_from_fork_asm+0x1a/0x30 [ 29.878326] </TASK> [ 29.878670] [ 29.878932] Allocated by task 273: [ 29.879344] kasan_save_stack+0x3d/0x60 [ 29.879878] kasan_save_track+0x18/0x40 [ 29.880353] kasan_save_alloc_info+0x3b/0x50 [ 29.881050] __kasan_kmalloc+0xb7/0xc0 [ 29.881418] __kmalloc_cache_noprof+0x184/0x410 [ 29.881795] kasan_atomics+0x96/0x310 [ 29.882187] kunit_try_run_case+0x1b3/0x490 [ 29.882883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.883313] kthread+0x257/0x310 [ 29.883596] ret_from_fork+0x41/0x80 [ 29.884054] ret_from_fork_asm+0x1a/0x30 [ 29.884662] [ 29.884857] The buggy address belongs to the object at ffff888101afb700 [ 29.884857] which belongs to the cache kmalloc-64 of size 64 [ 29.886153] The buggy address is located 0 bytes to the right of [ 29.886153] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.886895] [ 29.887095] The buggy address belongs to the physical page: [ 29.887755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.888486] flags: 0x200000000000000(node=0|zone=2) [ 29.888962] page_type: f5(slab) [ 29.889368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.889847] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.890668] page dumped because: kasan: bad access detected [ 29.891310] [ 29.891586] Memory state around the buggy address: [ 29.892006] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.892713] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.893211] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.893885] ^ [ 29.894337] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.894771] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.895233] ================================================================== [ 29.896521] ================================================================== [ 29.897497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 29.898394] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.899257] [ 29.899524] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.900292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.900589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.901638] Call Trace: [ 29.902028] <TASK> [ 29.902322] dump_stack_lvl+0x73/0xb0 [ 29.902829] print_report+0xd1/0x640 [ 29.903301] ? __virt_addr_valid+0x1db/0x2d0 [ 29.903667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.904246] kasan_report+0x102/0x140 [ 29.904678] ? kasan_atomics_helper+0x1eab/0x5450 [ 29.905188] ? kasan_atomics_helper+0x1eab/0x5450 [ 29.905536] kasan_check_range+0x10c/0x1c0 [ 29.905869] __kasan_check_write+0x18/0x20 [ 29.906223] kasan_atomics_helper+0x1eab/0x5450 [ 29.906569] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.907248] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.907880] ? __schedule+0xc3e/0x2790 [ 29.908445] ? finish_task_switch.isra.0+0x153/0x700 [ 29.909055] ? kasan_atomics+0x153/0x310 [ 29.909599] kasan_atomics+0x1dd/0x310 [ 29.910132] ? __pfx_kasan_atomics+0x10/0x10 [ 29.910663] ? __pfx_read_tsc+0x10/0x10 [ 29.911154] ? ktime_get_ts64+0x86/0x230 [ 29.911516] kunit_try_run_case+0x1b3/0x490 [ 29.911860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.912241] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.912595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.913257] ? __kthread_parkme+0x82/0x160 [ 29.913809] ? preempt_count_sub+0x50/0x80 [ 29.914353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.914937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.915564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.916159] kthread+0x257/0x310 [ 29.916468] ? __pfx_kthread+0x10/0x10 [ 29.916847] ret_from_fork+0x41/0x80 [ 29.917180] ? __pfx_kthread+0x10/0x10 [ 29.917465] ret_from_fork_asm+0x1a/0x30 [ 29.917820] </TASK> [ 29.918064] [ 29.918226] Allocated by task 273: [ 29.918474] kasan_save_stack+0x3d/0x60 [ 29.919031] kasan_save_track+0x18/0x40 [ 29.919533] kasan_save_alloc_info+0x3b/0x50 [ 29.920157] __kasan_kmalloc+0xb7/0xc0 [ 29.920666] __kmalloc_cache_noprof+0x184/0x410 [ 29.921264] kasan_atomics+0x96/0x310 [ 29.921740] kunit_try_run_case+0x1b3/0x490 [ 29.922303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.922932] kthread+0x257/0x310 [ 29.923364] ret_from_fork+0x41/0x80 [ 29.924225] ret_from_fork_asm+0x1a/0x30 [ 29.925375] [ 29.926025] The buggy address belongs to the object at ffff888101afb700 [ 29.926025] which belongs to the cache kmalloc-64 of size 64 [ 29.927577] The buggy address is located 0 bytes to the right of [ 29.927577] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.929229] [ 29.929413] The buggy address belongs to the physical page: [ 29.930329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.931990] flags: 0x200000000000000(node=0|zone=2) [ 29.932616] page_type: f5(slab) [ 29.932974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.933726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.934828] page dumped because: kasan: bad access detected [ 29.935910] [ 29.936128] Memory state around the buggy address: [ 29.936594] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.937369] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.938362] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.939121] ^ [ 29.939602] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.940627] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.940942] ================================================================== [ 28.368617] ================================================================== [ 28.369394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 28.370101] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.370692] [ 28.370962] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.371743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.372295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.373093] Call Trace: [ 28.373490] <TASK> [ 28.373747] dump_stack_lvl+0x73/0xb0 [ 28.374269] print_report+0xd1/0x640 [ 28.374709] ? __virt_addr_valid+0x1db/0x2d0 [ 28.375189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.375751] kasan_report+0x102/0x140 [ 28.376266] ? kasan_atomics_helper+0xe79/0x5450 [ 28.376747] ? kasan_atomics_helper+0xe79/0x5450 [ 28.377229] kasan_check_range+0x10c/0x1c0 [ 28.377684] __kasan_check_write+0x18/0x20 [ 28.378081] kasan_atomics_helper+0xe79/0x5450 [ 28.378596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.379091] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.379672] ? __schedule+0xc3e/0x2790 [ 28.380167] ? finish_task_switch.isra.0+0x153/0x700 [ 28.380550] ? kasan_atomics+0x153/0x310 [ 28.381124] kasan_atomics+0x1dd/0x310 [ 28.381583] ? __pfx_kasan_atomics+0x10/0x10 [ 28.383324] ? __pfx_read_tsc+0x10/0x10 [ 28.383731] ? ktime_get_ts64+0x86/0x230 [ 28.384257] kunit_try_run_case+0x1b3/0x490 [ 28.384710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.385661] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.386081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.386717] ? __kthread_parkme+0x82/0x160 [ 28.387208] ? preempt_count_sub+0x50/0x80 [ 28.388106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.388655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.389844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.390428] kthread+0x257/0x310 [ 28.390720] ? __pfx_kthread+0x10/0x10 [ 28.391148] ret_from_fork+0x41/0x80 [ 28.391649] ? __pfx_kthread+0x10/0x10 [ 28.392064] ret_from_fork_asm+0x1a/0x30 [ 28.392572] </TASK> [ 28.392838] [ 28.393116] Allocated by task 273: [ 28.393385] kasan_save_stack+0x3d/0x60 [ 28.393970] kasan_save_track+0x18/0x40 [ 28.394642] kasan_save_alloc_info+0x3b/0x50 [ 28.395191] __kasan_kmalloc+0xb7/0xc0 [ 28.395747] __kmalloc_cache_noprof+0x184/0x410 [ 28.396069] kasan_atomics+0x96/0x310 [ 28.396891] kunit_try_run_case+0x1b3/0x490 [ 28.397368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.397745] kthread+0x257/0x310 [ 28.398482] ret_from_fork+0x41/0x80 [ 28.399277] ret_from_fork_asm+0x1a/0x30 [ 28.399612] [ 28.399795] The buggy address belongs to the object at ffff888101afb700 [ 28.399795] which belongs to the cache kmalloc-64 of size 64 [ 28.401779] The buggy address is located 0 bytes to the right of [ 28.401779] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.403567] [ 28.404032] The buggy address belongs to the physical page: [ 28.404576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.405292] flags: 0x200000000000000(node=0|zone=2) [ 28.406100] page_type: f5(slab) [ 28.406609] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.407562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.408730] page dumped because: kasan: bad access detected [ 28.409426] [ 28.410053] Memory state around the buggy address: [ 28.410661] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.411936] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.412700] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.413799] ^ [ 28.414621] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.415508] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.416329] ================================================================== [ 27.502512] ================================================================== [ 27.503135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 27.504182] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.505214] [ 27.505671] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.506255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.506789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.508062] Call Trace: [ 27.508645] <TASK> [ 27.509207] dump_stack_lvl+0x73/0xb0 [ 27.510039] print_report+0xd1/0x640 [ 27.511173] ? __virt_addr_valid+0x1db/0x2d0 [ 27.511827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.512676] kasan_report+0x102/0x140 [ 27.513100] ? kasan_atomics_helper+0x4b3c/0x5450 [ 27.513684] ? kasan_atomics_helper+0x4b3c/0x5450 [ 27.514442] __asan_report_store4_noabort+0x1b/0x30 [ 27.514851] kasan_atomics_helper+0x4b3c/0x5450 [ 27.516013] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.516573] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.517208] ? __schedule+0xc3e/0x2790 [ 27.517739] ? finish_task_switch.isra.0+0x153/0x700 [ 27.518513] ? kasan_atomics+0x153/0x310 [ 27.519022] kasan_atomics+0x1dd/0x310 [ 27.519630] ? __pfx_kasan_atomics+0x10/0x10 [ 27.520226] ? __pfx_read_tsc+0x10/0x10 [ 27.521266] ? ktime_get_ts64+0x86/0x230 [ 27.521695] kunit_try_run_case+0x1b3/0x490 [ 27.522426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.523525] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.524556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.525344] ? __kthread_parkme+0x82/0x160 [ 27.526090] ? preempt_count_sub+0x50/0x80 [ 27.526613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.527056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.528643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.530197] kthread+0x257/0x310 [ 27.531085] ? __pfx_kthread+0x10/0x10 [ 27.532043] ret_from_fork+0x41/0x80 [ 27.533474] ? __pfx_kthread+0x10/0x10 [ 27.534060] ret_from_fork_asm+0x1a/0x30 [ 27.535179] </TASK> [ 27.535388] [ 27.535875] Allocated by task 273: [ 27.536179] kasan_save_stack+0x3d/0x60 [ 27.536497] kasan_save_track+0x18/0x40 [ 27.536782] kasan_save_alloc_info+0x3b/0x50 [ 27.538547] __kasan_kmalloc+0xb7/0xc0 [ 27.539205] __kmalloc_cache_noprof+0x184/0x410 [ 27.540387] kasan_atomics+0x96/0x310 [ 27.540734] kunit_try_run_case+0x1b3/0x490 [ 27.541575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.542008] kthread+0x257/0x310 [ 27.542177] ret_from_fork+0x41/0x80 [ 27.542451] ret_from_fork_asm+0x1a/0x30 [ 27.543303] [ 27.543578] The buggy address belongs to the object at ffff888101afb700 [ 27.543578] which belongs to the cache kmalloc-64 of size 64 [ 27.545674] The buggy address is located 0 bytes to the right of [ 27.545674] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.547046] [ 27.547150] The buggy address belongs to the physical page: [ 27.547468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.548778] flags: 0x200000000000000(node=0|zone=2) [ 27.549919] page_type: f5(slab) [ 27.550548] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.551804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.552531] page dumped because: kasan: bad access detected [ 27.552752] [ 27.553369] Memory state around the buggy address: [ 27.554246] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.555468] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.556270] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.557186] ^ [ 27.557889] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.559602] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.560719] ================================================================== [ 28.131734] ================================================================== [ 28.132484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 28.133185] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.133743] [ 28.134070] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.136216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.136640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.137720] Call Trace: [ 28.138425] <TASK> [ 28.138680] dump_stack_lvl+0x73/0xb0 [ 28.139677] print_report+0xd1/0x640 [ 28.140302] ? __virt_addr_valid+0x1db/0x2d0 [ 28.140653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.141372] kasan_report+0x102/0x140 [ 28.141708] ? kasan_atomics_helper+0xb6b/0x5450 [ 28.142336] ? kasan_atomics_helper+0xb6b/0x5450 [ 28.143336] kasan_check_range+0x10c/0x1c0 [ 28.144425] __kasan_check_write+0x18/0x20 [ 28.145002] kasan_atomics_helper+0xb6b/0x5450 [ 28.145668] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.146532] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.146855] ? __schedule+0xc3e/0x2790 [ 28.147451] ? finish_task_switch.isra.0+0x153/0x700 [ 28.148427] ? kasan_atomics+0x153/0x310 [ 28.149139] kasan_atomics+0x1dd/0x310 [ 28.149344] ? __pfx_kasan_atomics+0x10/0x10 [ 28.149842] ? __pfx_read_tsc+0x10/0x10 [ 28.150370] ? ktime_get_ts64+0x86/0x230 [ 28.151097] kunit_try_run_case+0x1b3/0x490 [ 28.151483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.152198] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.153032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.153979] ? __kthread_parkme+0x82/0x160 [ 28.154307] ? preempt_count_sub+0x50/0x80 [ 28.155022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.155372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.156121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.156775] kthread+0x257/0x310 [ 28.157122] ? __pfx_kthread+0x10/0x10 [ 28.157697] ret_from_fork+0x41/0x80 [ 28.158050] ? __pfx_kthread+0x10/0x10 [ 28.158436] ret_from_fork_asm+0x1a/0x30 [ 28.159111] </TASK> [ 28.159348] [ 28.159650] Allocated by task 273: [ 28.160044] kasan_save_stack+0x3d/0x60 [ 28.160491] kasan_save_track+0x18/0x40 [ 28.161078] kasan_save_alloc_info+0x3b/0x50 [ 28.161592] __kasan_kmalloc+0xb7/0xc0 [ 28.162121] __kmalloc_cache_noprof+0x184/0x410 [ 28.162597] kasan_atomics+0x96/0x310 [ 28.162989] kunit_try_run_case+0x1b3/0x490 [ 28.163569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.164179] kthread+0x257/0x310 [ 28.164673] ret_from_fork+0x41/0x80 [ 28.165095] ret_from_fork_asm+0x1a/0x30 [ 28.165618] [ 28.165845] The buggy address belongs to the object at ffff888101afb700 [ 28.165845] which belongs to the cache kmalloc-64 of size 64 [ 28.166714] The buggy address is located 0 bytes to the right of [ 28.166714] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.167800] [ 28.168021] The buggy address belongs to the physical page: [ 28.168559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.169560] flags: 0x200000000000000(node=0|zone=2) [ 28.170047] page_type: f5(slab) [ 28.170307] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.171292] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.172102] page dumped because: kasan: bad access detected [ 28.172572] [ 28.172925] Memory state around the buggy address: [ 28.173310] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.174065] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.174702] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.175358] ^ [ 28.175915] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.176784] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.177560] ================================================================== [ 30.037893] ================================================================== [ 30.038975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 30.039891] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.040699] [ 30.041030] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.041787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.042381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.043144] Call Trace: [ 30.043505] <TASK> [ 30.043810] dump_stack_lvl+0x73/0xb0 [ 30.044111] print_report+0xd1/0x640 [ 30.044645] ? __virt_addr_valid+0x1db/0x2d0 [ 30.045321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.045832] kasan_report+0x102/0x140 [ 30.046360] ? kasan_atomics_helper+0x2007/0x5450 [ 30.046983] ? kasan_atomics_helper+0x2007/0x5450 [ 30.047586] kasan_check_range+0x10c/0x1c0 [ 30.048064] __kasan_check_write+0x18/0x20 [ 30.048520] kasan_atomics_helper+0x2007/0x5450 [ 30.049095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.049748] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.050301] ? __schedule+0xc3e/0x2790 [ 30.050732] ? finish_task_switch.isra.0+0x153/0x700 [ 30.051119] ? kasan_atomics+0x153/0x310 [ 30.051429] kasan_atomics+0x1dd/0x310 [ 30.052031] ? __pfx_kasan_atomics+0x10/0x10 [ 30.052780] ? __pfx_read_tsc+0x10/0x10 [ 30.053363] ? ktime_get_ts64+0x86/0x230 [ 30.053948] kunit_try_run_case+0x1b3/0x490 [ 30.054473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.054959] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.055499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.057117] ? __kthread_parkme+0x82/0x160 [ 30.057492] ? preempt_count_sub+0x50/0x80 [ 30.058022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.058574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.059544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.060203] kthread+0x257/0x310 [ 30.060860] ? __pfx_kthread+0x10/0x10 [ 30.061584] ret_from_fork+0x41/0x80 [ 30.062069] ? __pfx_kthread+0x10/0x10 [ 30.062816] ret_from_fork_asm+0x1a/0x30 [ 30.063646] </TASK> [ 30.064264] [ 30.064717] Allocated by task 273: [ 30.065102] kasan_save_stack+0x3d/0x60 [ 30.065309] kasan_save_track+0x18/0x40 [ 30.065491] kasan_save_alloc_info+0x3b/0x50 [ 30.065936] __kasan_kmalloc+0xb7/0xc0 [ 30.066599] __kmalloc_cache_noprof+0x184/0x410 [ 30.067362] kasan_atomics+0x96/0x310 [ 30.067934] kunit_try_run_case+0x1b3/0x490 [ 30.068535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.070090] kthread+0x257/0x310 [ 30.070438] ret_from_fork+0x41/0x80 [ 30.071197] ret_from_fork_asm+0x1a/0x30 [ 30.071615] [ 30.071784] The buggy address belongs to the object at ffff888101afb700 [ 30.071784] which belongs to the cache kmalloc-64 of size 64 [ 30.073781] The buggy address is located 0 bytes to the right of [ 30.073781] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.076205] [ 30.076437] The buggy address belongs to the physical page: [ 30.076984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.077748] flags: 0x200000000000000(node=0|zone=2) [ 30.079232] page_type: f5(slab) [ 30.079641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.080181] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.081074] page dumped because: kasan: bad access detected [ 30.081649] [ 30.081928] Memory state around the buggy address: [ 30.082386] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.083191] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.083793] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.084509] ^ [ 30.085047] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.085741] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.086500] ================================================================== [ 27.272857] ================================================================== [ 27.273577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 27.274465] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.275215] [ 27.275507] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.276428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.277638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.278812] Call Trace: [ 27.279088] <TASK> [ 27.279493] dump_stack_lvl+0x73/0xb0 [ 27.279986] print_report+0xd1/0x640 [ 27.280485] ? __virt_addr_valid+0x1db/0x2d0 [ 27.281553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.282153] kasan_report+0x102/0x140 [ 27.282778] ? kasan_atomics_helper+0x4b70/0x5450 [ 27.283106] ? kasan_atomics_helper+0x4b70/0x5450 [ 27.284005] __asan_report_store4_noabort+0x1b/0x30 [ 27.284565] kasan_atomics_helper+0x4b70/0x5450 [ 27.285177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.285563] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.286488] ? __schedule+0xc3e/0x2790 [ 27.286985] ? finish_task_switch.isra.0+0x153/0x700 [ 27.287563] ? kasan_atomics+0x153/0x310 [ 27.288270] kasan_atomics+0x1dd/0x310 [ 27.288675] ? __pfx_kasan_atomics+0x10/0x10 [ 27.288994] ? __pfx_read_tsc+0x10/0x10 [ 27.290365] ? ktime_get_ts64+0x86/0x230 [ 27.290903] kunit_try_run_case+0x1b3/0x490 [ 27.291629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.291964] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.292510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.293162] ? __kthread_parkme+0x82/0x160 [ 27.293698] ? preempt_count_sub+0x50/0x80 [ 27.293991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.294716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.295403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.297089] kthread+0x257/0x310 [ 27.297810] ? __pfx_kthread+0x10/0x10 [ 27.298379] ret_from_fork+0x41/0x80 [ 27.298791] ? __pfx_kthread+0x10/0x10 [ 27.299876] ret_from_fork_asm+0x1a/0x30 [ 27.300476] </TASK> [ 27.300693] [ 27.300922] Allocated by task 273: [ 27.301258] kasan_save_stack+0x3d/0x60 [ 27.301921] kasan_save_track+0x18/0x40 [ 27.302553] kasan_save_alloc_info+0x3b/0x50 [ 27.302939] __kasan_kmalloc+0xb7/0xc0 [ 27.303219] __kmalloc_cache_noprof+0x184/0x410 [ 27.303900] kasan_atomics+0x96/0x310 [ 27.304440] kunit_try_run_case+0x1b3/0x490 [ 27.305505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.305894] kthread+0x257/0x310 [ 27.306147] ret_from_fork+0x41/0x80 [ 27.306737] ret_from_fork_asm+0x1a/0x30 [ 27.307247] [ 27.307505] The buggy address belongs to the object at ffff888101afb700 [ 27.307505] which belongs to the cache kmalloc-64 of size 64 [ 27.308391] The buggy address is located 0 bytes to the right of [ 27.308391] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.309958] [ 27.310166] The buggy address belongs to the physical page: [ 27.311275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.312111] flags: 0x200000000000000(node=0|zone=2) [ 27.312648] page_type: f5(slab) [ 27.312996] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.313483] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.314557] page dumped because: kasan: bad access detected [ 27.314902] [ 27.315154] Memory state around the buggy address: [ 27.315702] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.316348] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.316837] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.318425] ^ [ 27.318953] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.319876] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.320591] ================================================================== [ 30.179906] ================================================================== [ 30.180598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 30.181779] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.182503] [ 30.182887] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.183834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.184406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.185176] Call Trace: [ 30.185601] <TASK> [ 30.185861] dump_stack_lvl+0x73/0xb0 [ 30.186321] print_report+0xd1/0x640 [ 30.186867] ? __virt_addr_valid+0x1db/0x2d0 [ 30.187410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.188055] kasan_report+0x102/0x140 [ 30.188517] ? kasan_atomics_helper+0x4fb4/0x5450 [ 30.188997] ? kasan_atomics_helper+0x4fb4/0x5450 [ 30.189623] __asan_report_load8_noabort+0x18/0x20 [ 30.190274] kasan_atomics_helper+0x4fb4/0x5450 [ 30.190688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.191384] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.191880] ? __schedule+0xc3e/0x2790 [ 30.192450] ? finish_task_switch.isra.0+0x153/0x700 [ 30.192897] ? kasan_atomics+0x153/0x310 [ 30.193400] kasan_atomics+0x1dd/0x310 [ 30.193965] ? __pfx_kasan_atomics+0x10/0x10 [ 30.194380] ? __pfx_read_tsc+0x10/0x10 [ 30.194959] ? ktime_get_ts64+0x86/0x230 [ 30.195392] kunit_try_run_case+0x1b3/0x490 [ 30.195989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.196501] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.197063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.197631] ? __kthread_parkme+0x82/0x160 [ 30.198230] ? preempt_count_sub+0x50/0x80 [ 30.198757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.199281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.199938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.200490] kthread+0x257/0x310 [ 30.200953] ? __pfx_kthread+0x10/0x10 [ 30.201371] ret_from_fork+0x41/0x80 [ 30.201857] ? __pfx_kthread+0x10/0x10 [ 30.202327] ret_from_fork_asm+0x1a/0x30 [ 30.202895] </TASK> [ 30.203310] [ 30.203525] Allocated by task 273: [ 30.203966] kasan_save_stack+0x3d/0x60 [ 30.204500] kasan_save_track+0x18/0x40 [ 30.204871] kasan_save_alloc_info+0x3b/0x50 [ 30.205330] __kasan_kmalloc+0xb7/0xc0 [ 30.205901] __kmalloc_cache_noprof+0x184/0x410 [ 30.206342] kasan_atomics+0x96/0x310 [ 30.206902] kunit_try_run_case+0x1b3/0x490 [ 30.207472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.208108] kthread+0x257/0x310 [ 30.208560] ret_from_fork+0x41/0x80 [ 30.209099] ret_from_fork_asm+0x1a/0x30 [ 30.209635] [ 30.209905] The buggy address belongs to the object at ffff888101afb700 [ 30.209905] which belongs to the cache kmalloc-64 of size 64 [ 30.210962] The buggy address is located 0 bytes to the right of [ 30.210962] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.212223] [ 30.212517] The buggy address belongs to the physical page: [ 30.213078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.213819] flags: 0x200000000000000(node=0|zone=2) [ 30.214458] page_type: f5(slab) [ 30.214845] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.215635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.216303] page dumped because: kasan: bad access detected [ 30.216878] [ 30.217085] Memory state around the buggy address: [ 30.217522] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.218255] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.218933] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.219513] ^ [ 30.220177] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.220779] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.221511] ================================================================== [ 29.512603] ================================================================== [ 29.513403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 29.514484] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.516182] [ 29.516419] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.517800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.518404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.519346] Call Trace: [ 29.519874] <TASK> [ 29.520582] dump_stack_lvl+0x73/0xb0 [ 29.520937] print_report+0xd1/0x640 [ 29.521404] ? __virt_addr_valid+0x1db/0x2d0 [ 29.521870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.523199] kasan_report+0x102/0x140 [ 29.523761] ? kasan_atomics_helper+0x19e4/0x5450 [ 29.524534] ? kasan_atomics_helper+0x19e4/0x5450 [ 29.524965] kasan_check_range+0x10c/0x1c0 [ 29.525378] __kasan_check_write+0x18/0x20 [ 29.525781] kasan_atomics_helper+0x19e4/0x5450 [ 29.526908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.527361] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.528073] ? __schedule+0xc3e/0x2790 [ 29.528476] ? finish_task_switch.isra.0+0x153/0x700 [ 29.529008] ? kasan_atomics+0x153/0x310 [ 29.529436] kasan_atomics+0x1dd/0x310 [ 29.530585] ? __pfx_kasan_atomics+0x10/0x10 [ 29.531265] ? __pfx_read_tsc+0x10/0x10 [ 29.531805] ? ktime_get_ts64+0x86/0x230 [ 29.532506] kunit_try_run_case+0x1b3/0x490 [ 29.533179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.533883] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.534435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.535591] ? __kthread_parkme+0x82/0x160 [ 29.535997] ? preempt_count_sub+0x50/0x80 [ 29.536567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.537010] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.538260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.538891] kthread+0x257/0x310 [ 29.539630] ? __pfx_kthread+0x10/0x10 [ 29.539825] ret_from_fork+0x41/0x80 [ 29.540170] ? __pfx_kthread+0x10/0x10 [ 29.540548] ret_from_fork_asm+0x1a/0x30 [ 29.541016] </TASK> [ 29.541352] [ 29.541594] Allocated by task 273: [ 29.542047] kasan_save_stack+0x3d/0x60 [ 29.542472] kasan_save_track+0x18/0x40 [ 29.543162] kasan_save_alloc_info+0x3b/0x50 [ 29.543751] __kasan_kmalloc+0xb7/0xc0 [ 29.544252] __kmalloc_cache_noprof+0x184/0x410 [ 29.544788] kasan_atomics+0x96/0x310 [ 29.545235] kunit_try_run_case+0x1b3/0x490 [ 29.545780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.546369] kthread+0x257/0x310 [ 29.546787] ret_from_fork+0x41/0x80 [ 29.547236] ret_from_fork_asm+0x1a/0x30 [ 29.547725] [ 29.548078] The buggy address belongs to the object at ffff888101afb700 [ 29.548078] which belongs to the cache kmalloc-64 of size 64 [ 29.549135] The buggy address is located 0 bytes to the right of [ 29.549135] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.550345] [ 29.550597] The buggy address belongs to the physical page: [ 29.551270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.552160] flags: 0x200000000000000(node=0|zone=2) [ 29.552652] page_type: f5(slab) [ 29.553152] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.553816] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.554604] page dumped because: kasan: bad access detected [ 29.555135] [ 29.555415] Memory state around the buggy address: [ 29.555985] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.556617] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.557383] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.558147] ^ [ 29.558614] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.559407] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.559925] ================================================================== [ 28.469826] ================================================================== [ 28.471468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 28.472281] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.472960] [ 28.473252] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.474121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.474635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.475555] Call Trace: [ 28.475781] <TASK> [ 28.476226] dump_stack_lvl+0x73/0xb0 [ 28.476900] print_report+0xd1/0x640 [ 28.477478] ? __virt_addr_valid+0x1db/0x2d0 [ 28.477996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.478785] kasan_report+0x102/0x140 [ 28.479321] ? kasan_atomics_helper+0xfaa/0x5450 [ 28.479997] ? kasan_atomics_helper+0xfaa/0x5450 [ 28.480556] kasan_check_range+0x10c/0x1c0 [ 28.481111] __kasan_check_write+0x18/0x20 [ 28.481581] kasan_atomics_helper+0xfaa/0x5450 [ 28.482228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.482728] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.483383] ? __schedule+0xc3e/0x2790 [ 28.483919] ? finish_task_switch.isra.0+0x153/0x700 [ 28.484476] ? kasan_atomics+0x153/0x310 [ 28.485177] kasan_atomics+0x1dd/0x310 [ 28.485731] ? __pfx_kasan_atomics+0x10/0x10 [ 28.486372] ? __pfx_read_tsc+0x10/0x10 [ 28.486986] ? ktime_get_ts64+0x86/0x230 [ 28.487539] kunit_try_run_case+0x1b3/0x490 [ 28.488112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.488596] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.489299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.490024] ? __kthread_parkme+0x82/0x160 [ 28.490593] ? preempt_count_sub+0x50/0x80 [ 28.491158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.491698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.492438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.493015] kthread+0x257/0x310 [ 28.493337] ? __pfx_kthread+0x10/0x10 [ 28.494006] ret_from_fork+0x41/0x80 [ 28.494571] ? __pfx_kthread+0x10/0x10 [ 28.495072] ret_from_fork_asm+0x1a/0x30 [ 28.495493] </TASK> [ 28.495985] [ 28.496177] Allocated by task 273: [ 28.496733] kasan_save_stack+0x3d/0x60 [ 28.497293] kasan_save_track+0x18/0x40 [ 28.497655] kasan_save_alloc_info+0x3b/0x50 [ 28.498186] __kasan_kmalloc+0xb7/0xc0 [ 28.498623] __kmalloc_cache_noprof+0x184/0x410 [ 28.499060] kasan_atomics+0x96/0x310 [ 28.499816] kunit_try_run_case+0x1b3/0x490 [ 28.500398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.501351] kthread+0x257/0x310 [ 28.501745] ret_from_fork+0x41/0x80 [ 28.502263] ret_from_fork_asm+0x1a/0x30 [ 28.503509] [ 28.503712] The buggy address belongs to the object at ffff888101afb700 [ 28.503712] which belongs to the cache kmalloc-64 of size 64 [ 28.505211] The buggy address is located 0 bytes to the right of [ 28.505211] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.506614] [ 28.506861] The buggy address belongs to the physical page: [ 28.507448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.508575] flags: 0x200000000000000(node=0|zone=2) [ 28.509252] page_type: f5(slab) [ 28.509678] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.511249] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.511893] page dumped because: kasan: bad access detected [ 28.512679] [ 28.513285] Memory state around the buggy address: [ 28.513943] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.515318] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.516339] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.517148] ^ [ 28.517475] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.518485] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.519218] ================================================================== [ 30.134790] ================================================================== [ 30.136372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 30.137398] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.138933] [ 30.139438] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.140693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.140883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.141795] Call Trace: [ 30.142118] <TASK> [ 30.142392] dump_stack_lvl+0x73/0xb0 [ 30.142826] print_report+0xd1/0x640 [ 30.143302] ? __virt_addr_valid+0x1db/0x2d0 [ 30.143902] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.144504] kasan_report+0x102/0x140 [ 30.145169] ? kasan_atomics_helper+0x20c9/0x5450 [ 30.145647] ? kasan_atomics_helper+0x20c9/0x5450 [ 30.146305] kasan_check_range+0x10c/0x1c0 [ 30.146845] __kasan_check_write+0x18/0x20 [ 30.147326] kasan_atomics_helper+0x20c9/0x5450 [ 30.147854] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.148489] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.149151] ? __schedule+0xc3e/0x2790 [ 30.149672] ? finish_task_switch.isra.0+0x153/0x700 [ 30.150182] ? kasan_atomics+0x153/0x310 [ 30.150620] kasan_atomics+0x1dd/0x310 [ 30.151245] ? __pfx_kasan_atomics+0x10/0x10 [ 30.151629] ? __pfx_read_tsc+0x10/0x10 [ 30.152235] ? ktime_get_ts64+0x86/0x230 [ 30.152651] kunit_try_run_case+0x1b3/0x490 [ 30.153334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.153778] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.154477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.154913] ? __kthread_parkme+0x82/0x160 [ 30.155390] ? preempt_count_sub+0x50/0x80 [ 30.155866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.156502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.156979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.157715] kthread+0x257/0x310 [ 30.158188] ? __pfx_kthread+0x10/0x10 [ 30.158707] ret_from_fork+0x41/0x80 [ 30.159085] ? __pfx_kthread+0x10/0x10 [ 30.159508] ret_from_fork_asm+0x1a/0x30 [ 30.159971] </TASK> [ 30.160390] [ 30.160671] Allocated by task 273: [ 30.161085] kasan_save_stack+0x3d/0x60 [ 30.161660] kasan_save_track+0x18/0x40 [ 30.162203] kasan_save_alloc_info+0x3b/0x50 [ 30.162679] __kasan_kmalloc+0xb7/0xc0 [ 30.163208] __kmalloc_cache_noprof+0x184/0x410 [ 30.163702] kasan_atomics+0x96/0x310 [ 30.164277] kunit_try_run_case+0x1b3/0x490 [ 30.164717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.165100] kthread+0x257/0x310 [ 30.165515] ret_from_fork+0x41/0x80 [ 30.166152] ret_from_fork_asm+0x1a/0x30 [ 30.166555] [ 30.166846] The buggy address belongs to the object at ffff888101afb700 [ 30.166846] which belongs to the cache kmalloc-64 of size 64 [ 30.167892] The buggy address is located 0 bytes to the right of [ 30.167892] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.169246] [ 30.169439] The buggy address belongs to the physical page: [ 30.170236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.170927] flags: 0x200000000000000(node=0|zone=2) [ 30.171647] page_type: f5(slab) [ 30.172038] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.172650] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.173293] page dumped because: kasan: bad access detected [ 30.173929] [ 30.174237] Memory state around the buggy address: [ 30.174758] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.175497] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.176207] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.176782] ^ [ 30.177486] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.178206] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.178927] ================================================================== [ 30.265932] ================================================================== [ 30.266462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 30.267223] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.267798] [ 30.268107] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.268936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.269269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.270248] Call Trace: [ 30.270472] <TASK> [ 30.270698] dump_stack_lvl+0x73/0xb0 [ 30.271063] print_report+0xd1/0x640 [ 30.271530] ? __virt_addr_valid+0x1db/0x2d0 [ 30.272132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.272799] kasan_report+0x102/0x140 [ 30.273178] ? kasan_atomics_helper+0x4fa7/0x5450 [ 30.273654] ? kasan_atomics_helper+0x4fa7/0x5450 [ 30.274258] __asan_report_load8_noabort+0x18/0x20 [ 30.274857] kasan_atomics_helper+0x4fa7/0x5450 [ 30.275353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.275823] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.276306] ? __schedule+0xc3e/0x2790 [ 30.276651] ? finish_task_switch.isra.0+0x153/0x700 [ 30.277248] ? kasan_atomics+0x153/0x310 [ 30.277569] kasan_atomics+0x1dd/0x310 [ 30.278120] ? __pfx_kasan_atomics+0x10/0x10 [ 30.278680] ? __pfx_read_tsc+0x10/0x10 [ 30.279134] ? ktime_get_ts64+0x86/0x230 [ 30.279509] kunit_try_run_case+0x1b3/0x490 [ 30.280051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.280636] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.281076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.281438] ? __kthread_parkme+0x82/0x160 [ 30.282054] ? preempt_count_sub+0x50/0x80 [ 30.282577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.282982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.283636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.284253] kthread+0x257/0x310 [ 30.284615] ? __pfx_kthread+0x10/0x10 [ 30.285136] ret_from_fork+0x41/0x80 [ 30.285571] ? __pfx_kthread+0x10/0x10 [ 30.285901] ret_from_fork_asm+0x1a/0x30 [ 30.286471] </TASK> [ 30.286799] [ 30.286953] Allocated by task 273: [ 30.287256] kasan_save_stack+0x3d/0x60 [ 30.287567] kasan_save_track+0x18/0x40 [ 30.288127] kasan_save_alloc_info+0x3b/0x50 [ 30.288704] __kasan_kmalloc+0xb7/0xc0 [ 30.289225] __kmalloc_cache_noprof+0x184/0x410 [ 30.289670] kasan_atomics+0x96/0x310 [ 30.290190] kunit_try_run_case+0x1b3/0x490 [ 30.290674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.291184] kthread+0x257/0x310 [ 30.291550] ret_from_fork+0x41/0x80 [ 30.291960] ret_from_fork_asm+0x1a/0x30 [ 30.292295] [ 30.292462] The buggy address belongs to the object at ffff888101afb700 [ 30.292462] which belongs to the cache kmalloc-64 of size 64 [ 30.293742] The buggy address is located 0 bytes to the right of [ 30.293742] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.294703] [ 30.294950] The buggy address belongs to the physical page: [ 30.295542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.296294] flags: 0x200000000000000(node=0|zone=2) [ 30.296786] page_type: f5(slab) [ 30.297138] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.297885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.298512] page dumped because: kasan: bad access detected [ 30.298911] [ 30.299212] Memory state around the buggy address: [ 30.299678] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.300303] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.300831] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.301576] ^ [ 30.302005] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.302469] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.303287] ================================================================== [ 28.952242] ================================================================== [ 28.953444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 28.954487] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.955815] [ 28.956888] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.957759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.958380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.959311] Call Trace: [ 28.959869] <TASK> [ 28.960291] dump_stack_lvl+0x73/0xb0 [ 28.960754] print_report+0xd1/0x640 [ 28.961239] ? __virt_addr_valid+0x1db/0x2d0 [ 28.961988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.962779] kasan_report+0x102/0x140 [ 28.963307] ? kasan_atomics_helper+0x13b6/0x5450 [ 28.963802] ? kasan_atomics_helper+0x13b6/0x5450 [ 28.964397] kasan_check_range+0x10c/0x1c0 [ 28.964987] __kasan_check_read+0x15/0x20 [ 28.965374] kasan_atomics_helper+0x13b6/0x5450 [ 28.965933] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.966589] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.967102] ? __schedule+0xc3e/0x2790 [ 28.967528] ? finish_task_switch.isra.0+0x153/0x700 [ 28.968089] ? kasan_atomics+0x153/0x310 [ 28.968640] kasan_atomics+0x1dd/0x310 [ 28.969284] ? __pfx_kasan_atomics+0x10/0x10 [ 28.969824] ? __pfx_read_tsc+0x10/0x10 [ 28.970337] ? ktime_get_ts64+0x86/0x230 [ 28.970934] kunit_try_run_case+0x1b3/0x490 [ 28.971493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.971880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.972506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.973051] ? __kthread_parkme+0x82/0x160 [ 28.973410] ? preempt_count_sub+0x50/0x80 [ 28.973945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.974424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.975132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.975640] kthread+0x257/0x310 [ 28.976083] ? __pfx_kthread+0x10/0x10 [ 28.976447] ret_from_fork+0x41/0x80 [ 28.977067] ? __pfx_kthread+0x10/0x10 [ 28.977475] ret_from_fork_asm+0x1a/0x30 [ 28.978160] </TASK> [ 28.978373] [ 28.978655] Allocated by task 273: [ 28.979197] kasan_save_stack+0x3d/0x60 [ 28.979577] kasan_save_track+0x18/0x40 [ 28.980215] kasan_save_alloc_info+0x3b/0x50 [ 28.980583] __kasan_kmalloc+0xb7/0xc0 [ 28.981158] __kmalloc_cache_noprof+0x184/0x410 [ 28.981674] kasan_atomics+0x96/0x310 [ 28.982167] kunit_try_run_case+0x1b3/0x490 [ 28.982626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.983223] kthread+0x257/0x310 [ 28.983727] ret_from_fork+0x41/0x80 [ 28.984259] ret_from_fork_asm+0x1a/0x30 [ 28.984815] [ 28.985141] The buggy address belongs to the object at ffff888101afb700 [ 28.985141] which belongs to the cache kmalloc-64 of size 64 [ 28.986186] The buggy address is located 0 bytes to the right of [ 28.986186] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.987411] [ 28.987718] The buggy address belongs to the physical page: [ 28.988280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.989162] flags: 0x200000000000000(node=0|zone=2) [ 28.989784] page_type: f5(slab) [ 28.990193] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.991058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.991699] page dumped because: kasan: bad access detected [ 28.992300] [ 28.992548] Memory state around the buggy address: [ 28.993007] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.993569] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.994193] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.994883] ^ [ 28.995395] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.995874] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.996681] ================================================================== [ 28.846808] ================================================================== [ 28.847713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 28.848714] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.849298] [ 28.849619] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.850780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.851399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.852322] Call Trace: [ 28.852711] <TASK> [ 28.853168] dump_stack_lvl+0x73/0xb0 [ 28.853732] print_report+0xd1/0x640 [ 28.854244] ? __virt_addr_valid+0x1db/0x2d0 [ 28.854857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.855561] kasan_report+0x102/0x140 [ 28.856202] ? kasan_atomics_helper+0x12e7/0x5450 [ 28.856668] ? kasan_atomics_helper+0x12e7/0x5450 [ 28.857341] kasan_check_range+0x10c/0x1c0 [ 28.857957] __kasan_check_write+0x18/0x20 [ 28.858490] kasan_atomics_helper+0x12e7/0x5450 [ 28.859046] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.859632] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.860221] ? __schedule+0xc3e/0x2790 [ 28.860694] ? finish_task_switch.isra.0+0x153/0x700 [ 28.861315] ? kasan_atomics+0x153/0x310 [ 28.862001] kasan_atomics+0x1dd/0x310 [ 28.862483] ? __pfx_kasan_atomics+0x10/0x10 [ 28.863163] ? __pfx_read_tsc+0x10/0x10 [ 28.863645] ? ktime_get_ts64+0x86/0x230 [ 28.864122] kunit_try_run_case+0x1b3/0x490 [ 28.864640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.865129] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.865718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.866209] ? __kthread_parkme+0x82/0x160 [ 28.866703] ? preempt_count_sub+0x50/0x80 [ 28.867332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.868042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.868716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.869310] kthread+0x257/0x310 [ 28.869938] ? __pfx_kthread+0x10/0x10 [ 28.870409] ret_from_fork+0x41/0x80 [ 28.871357] ? __pfx_kthread+0x10/0x10 [ 28.871655] ret_from_fork_asm+0x1a/0x30 [ 28.872217] </TASK> [ 28.872574] [ 28.872844] Allocated by task 273: [ 28.873166] kasan_save_stack+0x3d/0x60 [ 28.874312] kasan_save_track+0x18/0x40 [ 28.874889] kasan_save_alloc_info+0x3b/0x50 [ 28.875573] __kasan_kmalloc+0xb7/0xc0 [ 28.876222] __kmalloc_cache_noprof+0x184/0x410 [ 28.877152] kasan_atomics+0x96/0x310 [ 28.877772] kunit_try_run_case+0x1b3/0x490 [ 28.878543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.879054] kthread+0x257/0x310 [ 28.879393] ret_from_fork+0x41/0x80 [ 28.879820] ret_from_fork_asm+0x1a/0x30 [ 28.880400] [ 28.880687] The buggy address belongs to the object at ffff888101afb700 [ 28.880687] which belongs to the cache kmalloc-64 of size 64 [ 28.882519] The buggy address is located 0 bytes to the right of [ 28.882519] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.884004] [ 28.884427] The buggy address belongs to the physical page: [ 28.885638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.886491] flags: 0x200000000000000(node=0|zone=2) [ 28.887596] page_type: f5(slab) [ 28.887925] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.888939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.889651] page dumped because: kasan: bad access detected [ 28.890670] [ 28.890844] Memory state around the buggy address: [ 28.891157] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.892667] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.893126] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.894533] ^ [ 28.895307] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.896251] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.897440] ================================================================== [ 29.414006] ================================================================== [ 29.415412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 29.416810] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.418054] [ 29.418249] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.419294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.419692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.420636] Call Trace: [ 29.421052] <TASK> [ 29.421527] dump_stack_lvl+0x73/0xb0 [ 29.421905] print_report+0xd1/0x640 [ 29.422345] ? __virt_addr_valid+0x1db/0x2d0 [ 29.422993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.423542] kasan_report+0x102/0x140 [ 29.424561] ? kasan_atomics_helper+0x18b2/0x5450 [ 29.425286] ? kasan_atomics_helper+0x18b2/0x5450 [ 29.426110] kasan_check_range+0x10c/0x1c0 [ 29.426842] __kasan_check_write+0x18/0x20 [ 29.427775] kasan_atomics_helper+0x18b2/0x5450 [ 29.428791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.429720] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.430560] ? __schedule+0xc3e/0x2790 [ 29.431171] ? finish_task_switch.isra.0+0x153/0x700 [ 29.431858] ? kasan_atomics+0x153/0x310 [ 29.432672] kasan_atomics+0x1dd/0x310 [ 29.433048] ? __pfx_kasan_atomics+0x10/0x10 [ 29.433264] ? __pfx_read_tsc+0x10/0x10 [ 29.433455] ? ktime_get_ts64+0x86/0x230 [ 29.434340] kunit_try_run_case+0x1b3/0x490 [ 29.435234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.435935] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.436561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.437028] ? __kthread_parkme+0x82/0x160 [ 29.437748] ? preempt_count_sub+0x50/0x80 [ 29.438337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.438845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.439688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.440192] kthread+0x257/0x310 [ 29.440879] ? __pfx_kthread+0x10/0x10 [ 29.441592] ret_from_fork+0x41/0x80 [ 29.442074] ? __pfx_kthread+0x10/0x10 [ 29.443061] ret_from_fork_asm+0x1a/0x30 [ 29.443408] </TASK> [ 29.443783] [ 29.444307] Allocated by task 273: [ 29.444721] kasan_save_stack+0x3d/0x60 [ 29.445532] kasan_save_track+0x18/0x40 [ 29.446216] kasan_save_alloc_info+0x3b/0x50 [ 29.446746] __kasan_kmalloc+0xb7/0xc0 [ 29.447143] __kmalloc_cache_noprof+0x184/0x410 [ 29.447770] kasan_atomics+0x96/0x310 [ 29.448137] kunit_try_run_case+0x1b3/0x490 [ 29.449381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.449884] kthread+0x257/0x310 [ 29.450386] ret_from_fork+0x41/0x80 [ 29.450709] ret_from_fork_asm+0x1a/0x30 [ 29.451290] [ 29.451547] The buggy address belongs to the object at ffff888101afb700 [ 29.451547] which belongs to the cache kmalloc-64 of size 64 [ 29.452579] The buggy address is located 0 bytes to the right of [ 29.452579] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.453713] [ 29.453989] The buggy address belongs to the physical page: [ 29.454556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.455265] flags: 0x200000000000000(node=0|zone=2) [ 29.455707] page_type: f5(slab) [ 29.456027] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.456858] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.457607] page dumped because: kasan: bad access detected [ 29.458192] [ 29.458417] Memory state around the buggy address: [ 29.459033] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.459766] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.460546] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.461090] ^ [ 29.461524] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.462215] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.462880] ================================================================== [ 29.762213] ================================================================== [ 29.763122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 29.763865] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.764630] [ 29.764912] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.765874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.766350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.767156] Call Trace: [ 29.767526] <TASK> [ 29.767838] dump_stack_lvl+0x73/0xb0 [ 29.768518] print_report+0xd1/0x640 [ 29.768984] ? __virt_addr_valid+0x1db/0x2d0 [ 29.769519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.769977] kasan_report+0x102/0x140 [ 29.770524] ? kasan_atomics_helper+0x1ce2/0x5450 [ 29.771202] ? kasan_atomics_helper+0x1ce2/0x5450 [ 29.771798] kasan_check_range+0x10c/0x1c0 [ 29.772109] __kasan_check_write+0x18/0x20 [ 29.772459] kasan_atomics_helper+0x1ce2/0x5450 [ 29.773605] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.774387] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.775065] ? __schedule+0xc3e/0x2790 [ 29.775589] ? finish_task_switch.isra.0+0x153/0x700 [ 29.776390] ? kasan_atomics+0x153/0x310 [ 29.777265] kasan_atomics+0x1dd/0x310 [ 29.777633] ? __pfx_kasan_atomics+0x10/0x10 [ 29.778435] ? __pfx_read_tsc+0x10/0x10 [ 29.778859] ? ktime_get_ts64+0x86/0x230 [ 29.779302] kunit_try_run_case+0x1b3/0x490 [ 29.780196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.780862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.781482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.782000] ? __kthread_parkme+0x82/0x160 [ 29.782693] ? preempt_count_sub+0x50/0x80 [ 29.783385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.783908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.784499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.785240] kthread+0x257/0x310 [ 29.785662] ? __pfx_kthread+0x10/0x10 [ 29.786211] ret_from_fork+0x41/0x80 [ 29.786511] ? __pfx_kthread+0x10/0x10 [ 29.787100] ret_from_fork_asm+0x1a/0x30 [ 29.787623] </TASK> [ 29.787841] [ 29.788249] Allocated by task 273: [ 29.788605] kasan_save_stack+0x3d/0x60 [ 29.789248] kasan_save_track+0x18/0x40 [ 29.790260] kasan_save_alloc_info+0x3b/0x50 [ 29.790749] __kasan_kmalloc+0xb7/0xc0 [ 29.791607] __kmalloc_cache_noprof+0x184/0x410 [ 29.792332] kasan_atomics+0x96/0x310 [ 29.792747] kunit_try_run_case+0x1b3/0x490 [ 29.793087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.793697] kthread+0x257/0x310 [ 29.794284] ret_from_fork+0x41/0x80 [ 29.794684] ret_from_fork_asm+0x1a/0x30 [ 29.795969] [ 29.796182] The buggy address belongs to the object at ffff888101afb700 [ 29.796182] which belongs to the cache kmalloc-64 of size 64 [ 29.797397] The buggy address is located 0 bytes to the right of [ 29.797397] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.798658] [ 29.798808] The buggy address belongs to the physical page: [ 29.799357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.800045] flags: 0x200000000000000(node=0|zone=2) [ 29.800429] page_type: f5(slab) [ 29.800901] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.801492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.802437] page dumped because: kasan: bad access detected [ 29.803055] [ 29.803278] Memory state around the buggy address: [ 29.803667] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.804382] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.805248] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.805730] ^ [ 29.806386] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.807204] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.807840] ================================================================== [ 29.942880] ================================================================== [ 29.943341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 29.944821] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.946378] [ 29.946606] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.947727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.948051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.948781] Call Trace: [ 29.949205] <TASK> [ 29.949578] dump_stack_lvl+0x73/0xb0 [ 29.950161] print_report+0xd1/0x640 [ 29.950500] ? __virt_addr_valid+0x1db/0x2d0 [ 29.951012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.951520] kasan_report+0x102/0x140 [ 29.952001] ? kasan_atomics_helper+0x1f44/0x5450 [ 29.952464] ? kasan_atomics_helper+0x1f44/0x5450 [ 29.952949] kasan_check_range+0x10c/0x1c0 [ 29.953490] __kasan_check_write+0x18/0x20 [ 29.953836] kasan_atomics_helper+0x1f44/0x5450 [ 29.954505] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.954991] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.955619] ? __schedule+0xc3e/0x2790 [ 29.955942] ? finish_task_switch.isra.0+0x153/0x700 [ 29.956577] ? kasan_atomics+0x153/0x310 [ 29.957138] kasan_atomics+0x1dd/0x310 [ 29.957591] ? __pfx_kasan_atomics+0x10/0x10 [ 29.957933] ? __pfx_read_tsc+0x10/0x10 [ 29.958523] ? ktime_get_ts64+0x86/0x230 [ 29.959065] kunit_try_run_case+0x1b3/0x490 [ 29.959410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.959995] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.960605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.961104] ? __kthread_parkme+0x82/0x160 [ 29.961489] ? preempt_count_sub+0x50/0x80 [ 29.962127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.962611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.963000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.963766] kthread+0x257/0x310 [ 29.964159] ? __pfx_kthread+0x10/0x10 [ 29.964727] ret_from_fork+0x41/0x80 [ 29.965215] ? __pfx_kthread+0x10/0x10 [ 29.965598] ret_from_fork_asm+0x1a/0x30 [ 29.965924] </TASK> [ 29.966393] [ 29.966707] Allocated by task 273: [ 29.967263] kasan_save_stack+0x3d/0x60 [ 29.967801] kasan_save_track+0x18/0x40 [ 29.968224] kasan_save_alloc_info+0x3b/0x50 [ 29.968766] __kasan_kmalloc+0xb7/0xc0 [ 29.969168] __kmalloc_cache_noprof+0x184/0x410 [ 29.969668] kasan_atomics+0x96/0x310 [ 29.969948] kunit_try_run_case+0x1b3/0x490 [ 29.970517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.971212] kthread+0x257/0x310 [ 29.971577] ret_from_fork+0x41/0x80 [ 29.971913] ret_from_fork_asm+0x1a/0x30 [ 29.972526] [ 29.972709] The buggy address belongs to the object at ffff888101afb700 [ 29.972709] which belongs to the cache kmalloc-64 of size 64 [ 29.974144] The buggy address is located 0 bytes to the right of [ 29.974144] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.975219] [ 29.975424] The buggy address belongs to the physical page: [ 29.976055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.976529] flags: 0x200000000000000(node=0|zone=2) [ 29.977610] page_type: f5(slab) [ 29.978604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.979239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.979948] page dumped because: kasan: bad access detected [ 29.980449] [ 29.981099] Memory state around the buggy address: [ 29.981431] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.982843] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.983696] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.984528] ^ [ 29.984976] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.985911] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.986653] ================================================================== [ 27.620883] ================================================================== [ 27.621502] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 27.622677] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.623686] [ 27.623808] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.624188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.624473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.626279] Call Trace: [ 27.626630] <TASK> [ 27.627000] dump_stack_lvl+0x73/0xb0 [ 27.627431] print_report+0xd1/0x640 [ 27.627808] ? __virt_addr_valid+0x1db/0x2d0 [ 27.628169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.629616] kasan_report+0x102/0x140 [ 27.629860] ? kasan_atomics_helper+0x5ff/0x5450 [ 27.630205] ? kasan_atomics_helper+0x5ff/0x5450 [ 27.631131] kasan_check_range+0x10c/0x1c0 [ 27.631710] __kasan_check_write+0x18/0x20 [ 27.632225] kasan_atomics_helper+0x5ff/0x5450 [ 27.632705] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.633379] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.634063] ? __schedule+0xc3e/0x2790 [ 27.634476] ? finish_task_switch.isra.0+0x153/0x700 [ 27.636012] ? kasan_atomics+0x153/0x310 [ 27.636747] kasan_atomics+0x1dd/0x310 [ 27.637379] ? __pfx_kasan_atomics+0x10/0x10 [ 27.637840] ? __pfx_read_tsc+0x10/0x10 [ 27.638264] ? ktime_get_ts64+0x86/0x230 [ 27.639145] kunit_try_run_case+0x1b3/0x490 [ 27.639697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.641550] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.642220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.642922] ? __kthread_parkme+0x82/0x160 [ 27.643754] ? preempt_count_sub+0x50/0x80 [ 27.644129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.644829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.645342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.646116] kthread+0x257/0x310 [ 27.646500] ? __pfx_kthread+0x10/0x10 [ 27.647414] ret_from_fork+0x41/0x80 [ 27.648731] ? __pfx_kthread+0x10/0x10 [ 27.649156] ret_from_fork_asm+0x1a/0x30 [ 27.649707] </TASK> [ 27.650261] [ 27.650585] Allocated by task 273: [ 27.651051] kasan_save_stack+0x3d/0x60 [ 27.651808] kasan_save_track+0x18/0x40 [ 27.652125] kasan_save_alloc_info+0x3b/0x50 [ 27.652945] __kasan_kmalloc+0xb7/0xc0 [ 27.653388] __kmalloc_cache_noprof+0x184/0x410 [ 27.653798] kasan_atomics+0x96/0x310 [ 27.654149] kunit_try_run_case+0x1b3/0x490 [ 27.654973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.655919] kthread+0x257/0x310 [ 27.656166] ret_from_fork+0x41/0x80 [ 27.657327] ret_from_fork_asm+0x1a/0x30 [ 27.657744] [ 27.658123] The buggy address belongs to the object at ffff888101afb700 [ 27.658123] which belongs to the cache kmalloc-64 of size 64 [ 27.658787] The buggy address is located 0 bytes to the right of [ 27.658787] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.661032] [ 27.661269] The buggy address belongs to the physical page: [ 27.662595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.663898] flags: 0x200000000000000(node=0|zone=2) [ 27.665158] page_type: f5(slab) [ 27.665863] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.666669] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.667859] page dumped because: kasan: bad access detected [ 27.668191] [ 27.668702] Memory state around the buggy address: [ 27.669772] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.671631] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.672857] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.673791] ^ [ 27.674212] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.675366] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.676073] ================================================================== [ 27.382670] ================================================================== [ 27.384358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 27.385487] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.385937] [ 27.386333] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.388016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.388463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.389293] Call Trace: [ 27.389537] <TASK> [ 27.390942] dump_stack_lvl+0x73/0xb0 [ 27.391892] print_report+0xd1/0x640 [ 27.392525] ? __virt_addr_valid+0x1db/0x2d0 [ 27.392766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.393790] kasan_report+0x102/0x140 [ 27.394195] ? kasan_atomics_helper+0x4b56/0x5450 [ 27.395120] ? kasan_atomics_helper+0x4b56/0x5450 [ 27.395946] __asan_report_load4_noabort+0x18/0x20 [ 27.396958] kasan_atomics_helper+0x4b56/0x5450 [ 27.397816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.398274] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.399922] ? __schedule+0xc3e/0x2790 [ 27.400295] ? finish_task_switch.isra.0+0x153/0x700 [ 27.401329] ? kasan_atomics+0x153/0x310 [ 27.401822] kasan_atomics+0x1dd/0x310 [ 27.402228] ? __pfx_kasan_atomics+0x10/0x10 [ 27.402573] ? __pfx_read_tsc+0x10/0x10 [ 27.403501] ? ktime_get_ts64+0x86/0x230 [ 27.403887] kunit_try_run_case+0x1b3/0x490 [ 27.404895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.405879] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.406700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.407745] ? __kthread_parkme+0x82/0x160 [ 27.408575] ? preempt_count_sub+0x50/0x80 [ 27.409353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.410052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.411191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.411996] kthread+0x257/0x310 [ 27.412251] ? __pfx_kthread+0x10/0x10 [ 27.412694] ret_from_fork+0x41/0x80 [ 27.413120] ? __pfx_kthread+0x10/0x10 [ 27.413687] ret_from_fork_asm+0x1a/0x30 [ 27.414705] </TASK> [ 27.415190] [ 27.415363] Allocated by task 273: [ 27.416865] kasan_save_stack+0x3d/0x60 [ 27.417374] kasan_save_track+0x18/0x40 [ 27.417794] kasan_save_alloc_info+0x3b/0x50 [ 27.418238] __kasan_kmalloc+0xb7/0xc0 [ 27.419210] __kmalloc_cache_noprof+0x184/0x410 [ 27.419938] kasan_atomics+0x96/0x310 [ 27.421036] kunit_try_run_case+0x1b3/0x490 [ 27.421466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.421724] kthread+0x257/0x310 [ 27.421996] ret_from_fork+0x41/0x80 [ 27.423085] ret_from_fork_asm+0x1a/0x30 [ 27.423912] [ 27.424061] The buggy address belongs to the object at ffff888101afb700 [ 27.424061] which belongs to the cache kmalloc-64 of size 64 [ 27.425160] The buggy address is located 0 bytes to the right of [ 27.425160] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.426544] [ 27.426869] The buggy address belongs to the physical page: [ 27.427600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.429306] flags: 0x200000000000000(node=0|zone=2) [ 27.430209] page_type: f5(slab) [ 27.431265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.431996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.432759] page dumped because: kasan: bad access detected [ 27.433438] [ 27.433618] Memory state around the buggy address: [ 27.434098] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.435246] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.436830] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.437545] ^ [ 27.438089] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.439641] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.440575] ================================================================== [ 30.343384] ================================================================== [ 30.344074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 30.344768] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.345381] [ 30.345654] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.346685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.347085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.347936] Call Trace: [ 30.348343] <TASK> [ 30.348676] dump_stack_lvl+0x73/0xb0 [ 30.349198] print_report+0xd1/0x640 [ 30.349514] ? __virt_addr_valid+0x1db/0x2d0 [ 30.350324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.350833] kasan_report+0x102/0x140 [ 30.351295] ? kasan_atomics_helper+0x5117/0x5450 [ 30.351791] ? kasan_atomics_helper+0x5117/0x5450 [ 30.352255] __asan_report_load8_noabort+0x18/0x20 [ 30.352831] kasan_atomics_helper+0x5117/0x5450 [ 30.353346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.353777] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.354228] ? __schedule+0xc3e/0x2790 [ 30.354716] ? finish_task_switch.isra.0+0x153/0x700 [ 30.355329] ? kasan_atomics+0x153/0x310 [ 30.355829] kasan_atomics+0x1dd/0x310 [ 30.356340] ? __pfx_kasan_atomics+0x10/0x10 [ 30.356679] ? __pfx_read_tsc+0x10/0x10 [ 30.357209] ? ktime_get_ts64+0x86/0x230 [ 30.357906] kunit_try_run_case+0x1b3/0x490 [ 30.359282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.360537] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.360897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.361289] ? __kthread_parkme+0x82/0x160 [ 30.361627] ? preempt_count_sub+0x50/0x80 [ 30.361930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.362783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.363713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.364472] kthread+0x257/0x310 [ 30.365080] ? __pfx_kthread+0x10/0x10 [ 30.365668] ret_from_fork+0x41/0x80 [ 30.366193] ? __pfx_kthread+0x10/0x10 [ 30.366753] ret_from_fork_asm+0x1a/0x30 [ 30.367187] </TASK> [ 30.367632] [ 30.367923] Allocated by task 273: [ 30.368550] kasan_save_stack+0x3d/0x60 [ 30.369092] kasan_save_track+0x18/0x40 [ 30.369653] kasan_save_alloc_info+0x3b/0x50 [ 30.370512] __kasan_kmalloc+0xb7/0xc0 [ 30.370938] __kmalloc_cache_noprof+0x184/0x410 [ 30.371452] kasan_atomics+0x96/0x310 [ 30.371813] kunit_try_run_case+0x1b3/0x490 [ 30.372352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.372827] kthread+0x257/0x310 [ 30.373347] ret_from_fork+0x41/0x80 [ 30.373729] ret_from_fork_asm+0x1a/0x30 [ 30.374254] [ 30.374495] The buggy address belongs to the object at ffff888101afb700 [ 30.374495] which belongs to the cache kmalloc-64 of size 64 [ 30.375738] The buggy address is located 0 bytes to the right of [ 30.375738] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.376885] [ 30.377156] The buggy address belongs to the physical page: [ 30.377806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.378652] flags: 0x200000000000000(node=0|zone=2) [ 30.379112] page_type: f5(slab) [ 30.379575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.380182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.381003] page dumped because: kasan: bad access detected [ 30.381533] [ 30.381798] Memory state around the buggy address: [ 30.382356] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.383114] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.383781] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.384532] ^ [ 30.385147] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.385785] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.386441] ================================================================== [ 27.085973] ================================================================== [ 27.087431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 27.088655] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.089189] [ 27.089676] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.090889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.091570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.092714] Call Trace: [ 27.093140] <TASK> [ 27.093442] dump_stack_lvl+0x73/0xb0 [ 27.093838] print_report+0xd1/0x640 [ 27.094239] ? __virt_addr_valid+0x1db/0x2d0 [ 27.094768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.095386] kasan_report+0x102/0x140 [ 27.095777] ? kasan_atomics_helper+0x4bbe/0x5450 [ 27.096879] ? kasan_atomics_helper+0x4bbe/0x5450 [ 27.097269] __asan_report_load4_noabort+0x18/0x20 [ 27.098155] kasan_atomics_helper+0x4bbe/0x5450 [ 27.099012] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.099540] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.100334] ? __schedule+0xc3e/0x2790 [ 27.101315] ? finish_task_switch.isra.0+0x153/0x700 [ 27.101789] ? kasan_atomics+0x153/0x310 [ 27.102104] kasan_atomics+0x1dd/0x310 [ 27.102489] ? __pfx_kasan_atomics+0x10/0x10 [ 27.102914] ? __pfx_read_tsc+0x10/0x10 [ 27.103407] ? ktime_get_ts64+0x86/0x230 [ 27.103970] kunit_try_run_case+0x1b3/0x490 [ 27.105263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.105763] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.106593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.107511] ? __kthread_parkme+0x82/0x160 [ 27.108171] ? preempt_count_sub+0x50/0x80 [ 27.108716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.109687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.110606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.111331] kthread+0x257/0x310 [ 27.112146] ? __pfx_kthread+0x10/0x10 [ 27.113143] ret_from_fork+0x41/0x80 [ 27.113683] ? __pfx_kthread+0x10/0x10 [ 27.114136] ret_from_fork_asm+0x1a/0x30 [ 27.115080] </TASK> [ 27.115424] [ 27.116141] Allocated by task 273: [ 27.116803] kasan_save_stack+0x3d/0x60 [ 27.117202] kasan_save_track+0x18/0x40 [ 27.118130] kasan_save_alloc_info+0x3b/0x50 [ 27.118587] __kasan_kmalloc+0xb7/0xc0 [ 27.119126] __kmalloc_cache_noprof+0x184/0x410 [ 27.119763] kasan_atomics+0x96/0x310 [ 27.120980] kunit_try_run_case+0x1b3/0x490 [ 27.121785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.122764] kthread+0x257/0x310 [ 27.123265] ret_from_fork+0x41/0x80 [ 27.123807] ret_from_fork_asm+0x1a/0x30 [ 27.124660] [ 27.124896] The buggy address belongs to the object at ffff888101afb700 [ 27.124896] which belongs to the cache kmalloc-64 of size 64 [ 27.127469] The buggy address is located 0 bytes to the right of [ 27.127469] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.129457] [ 27.129661] The buggy address belongs to the physical page: [ 27.130615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.131242] flags: 0x200000000000000(node=0|zone=2) [ 27.132080] page_type: f5(slab) [ 27.132987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.134027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.135070] page dumped because: kasan: bad access detected [ 27.136026] [ 27.136257] Memory state around the buggy address: [ 27.136926] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.138457] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.139535] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.140542] ^ [ 27.141512] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.142108] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.142897] ================================================================== [ 28.230600] ================================================================== [ 28.231544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 28.232288] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.233089] [ 28.233326] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.234315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.234806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.235778] Call Trace: [ 28.236048] <TASK> [ 28.236469] dump_stack_lvl+0x73/0xb0 [ 28.236959] print_report+0xd1/0x640 [ 28.237468] ? __virt_addr_valid+0x1db/0x2d0 [ 28.238228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.238797] kasan_report+0x102/0x140 [ 28.239298] ? kasan_atomics_helper+0x4a86/0x5450 [ 28.240032] ? kasan_atomics_helper+0x4a86/0x5450 [ 28.240420] __asan_report_load4_noabort+0x18/0x20 [ 28.240901] kasan_atomics_helper+0x4a86/0x5450 [ 28.241352] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.242126] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.242650] ? __schedule+0xc3e/0x2790 [ 28.243151] ? finish_task_switch.isra.0+0x153/0x700 [ 28.243632] ? kasan_atomics+0x153/0x310 [ 28.244283] kasan_atomics+0x1dd/0x310 [ 28.244642] ? __pfx_kasan_atomics+0x10/0x10 [ 28.245280] ? __pfx_read_tsc+0x10/0x10 [ 28.245846] ? ktime_get_ts64+0x86/0x230 [ 28.246225] kunit_try_run_case+0x1b3/0x490 [ 28.246743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.247435] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.248091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.248518] ? __kthread_parkme+0x82/0x160 [ 28.249194] ? preempt_count_sub+0x50/0x80 [ 28.249778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.250345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.251369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.251955] kthread+0x257/0x310 [ 28.252337] ? __pfx_kthread+0x10/0x10 [ 28.252894] ret_from_fork+0x41/0x80 [ 28.253346] ? __pfx_kthread+0x10/0x10 [ 28.253882] ret_from_fork_asm+0x1a/0x30 [ 28.254294] </TASK> [ 28.254642] [ 28.254934] Allocated by task 273: [ 28.255273] kasan_save_stack+0x3d/0x60 [ 28.255804] kasan_save_track+0x18/0x40 [ 28.256431] kasan_save_alloc_info+0x3b/0x50 [ 28.257019] __kasan_kmalloc+0xb7/0xc0 [ 28.257351] __kmalloc_cache_noprof+0x184/0x410 [ 28.257886] kasan_atomics+0x96/0x310 [ 28.258517] kunit_try_run_case+0x1b3/0x490 [ 28.258859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.259464] kthread+0x257/0x310 [ 28.259737] ret_from_fork+0x41/0x80 [ 28.260167] ret_from_fork_asm+0x1a/0x30 [ 28.260481] [ 28.260852] The buggy address belongs to the object at ffff888101afb700 [ 28.260852] which belongs to the cache kmalloc-64 of size 64 [ 28.262234] The buggy address is located 0 bytes to the right of [ 28.262234] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.263292] [ 28.263578] The buggy address belongs to the physical page: [ 28.263975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.264914] flags: 0x200000000000000(node=0|zone=2) [ 28.265328] page_type: f5(slab) [ 28.265628] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.266709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.267616] page dumped because: kasan: bad access detected [ 28.268845] [ 28.269118] Memory state around the buggy address: [ 28.269659] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.270259] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.271495] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.272472] ^ [ 28.273432] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.274333] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.275165] ================================================================== [ 29.145983] ================================================================== [ 29.146509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 29.147253] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.147804] [ 29.148120] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.148988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.149323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.150105] Call Trace: [ 29.150393] <TASK> [ 29.150675] dump_stack_lvl+0x73/0xb0 [ 29.151214] print_report+0xd1/0x640 [ 29.151576] ? __virt_addr_valid+0x1db/0x2d0 [ 29.152094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.152635] kasan_report+0x102/0x140 [ 29.153022] ? kasan_atomics_helper+0x151e/0x5450 [ 29.153604] ? kasan_atomics_helper+0x151e/0x5450 [ 29.154026] kasan_check_range+0x10c/0x1c0 [ 29.154567] __kasan_check_write+0x18/0x20 [ 29.155131] kasan_atomics_helper+0x151e/0x5450 [ 29.155490] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.156104] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.156461] ? __schedule+0xc3e/0x2790 [ 29.156957] ? finish_task_switch.isra.0+0x153/0x700 [ 29.157489] ? kasan_atomics+0x153/0x310 [ 29.157883] kasan_atomics+0x1dd/0x310 [ 29.158402] ? __pfx_kasan_atomics+0x10/0x10 [ 29.158806] ? __pfx_read_tsc+0x10/0x10 [ 29.159195] ? ktime_get_ts64+0x86/0x230 [ 29.159692] kunit_try_run_case+0x1b3/0x490 [ 29.160250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.160654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.161131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.161571] ? __kthread_parkme+0x82/0x160 [ 29.162062] ? preempt_count_sub+0x50/0x80 [ 29.162396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.162955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.163648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.164317] kthread+0x257/0x310 [ 29.164656] ? __pfx_kthread+0x10/0x10 [ 29.164988] ret_from_fork+0x41/0x80 [ 29.165266] ? __pfx_kthread+0x10/0x10 [ 29.165589] ret_from_fork_asm+0x1a/0x30 [ 29.166180] </TASK> [ 29.166541] [ 29.166808] Allocated by task 273: [ 29.167317] kasan_save_stack+0x3d/0x60 [ 29.167739] kasan_save_track+0x18/0x40 [ 29.168211] kasan_save_alloc_info+0x3b/0x50 [ 29.168738] __kasan_kmalloc+0xb7/0xc0 [ 29.169156] __kmalloc_cache_noprof+0x184/0x410 [ 29.169667] kasan_atomics+0x96/0x310 [ 29.170048] kunit_try_run_case+0x1b3/0x490 [ 29.170555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.171089] kthread+0x257/0x310 [ 29.171437] ret_from_fork+0x41/0x80 [ 29.171963] ret_from_fork_asm+0x1a/0x30 [ 29.172389] [ 29.172611] The buggy address belongs to the object at ffff888101afb700 [ 29.172611] which belongs to the cache kmalloc-64 of size 64 [ 29.173649] The buggy address is located 0 bytes to the right of [ 29.173649] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.174363] [ 29.174565] The buggy address belongs to the physical page: [ 29.175243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.176182] flags: 0x200000000000000(node=0|zone=2) [ 29.176713] page_type: f5(slab) [ 29.177097] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.177748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.178384] page dumped because: kasan: bad access detected [ 29.178851] [ 29.179135] Memory state around the buggy address: [ 29.179666] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.180201] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.180879] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.181340] ^ [ 29.181890] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.182771] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.183367] ================================================================== [ 27.321718] ================================================================== [ 27.322432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 27.323070] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.324482] [ 27.324690] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.326428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.327065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.328726] Call Trace: [ 27.328956] <TASK> [ 27.329136] dump_stack_lvl+0x73/0xb0 [ 27.329472] print_report+0xd1/0x640 [ 27.329844] ? __virt_addr_valid+0x1db/0x2d0 [ 27.330792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.332321] kasan_report+0x102/0x140 [ 27.332897] ? kasan_atomics_helper+0x3e0/0x5450 [ 27.333372] ? kasan_atomics_helper+0x3e0/0x5450 [ 27.333832] kasan_check_range+0x10c/0x1c0 [ 27.334530] __kasan_check_read+0x15/0x20 [ 27.335278] kasan_atomics_helper+0x3e0/0x5450 [ 27.336464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.336837] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.337802] ? __schedule+0xc3e/0x2790 [ 27.338481] ? finish_task_switch.isra.0+0x153/0x700 [ 27.338797] ? kasan_atomics+0x153/0x310 [ 27.339686] kasan_atomics+0x1dd/0x310 [ 27.340655] ? __pfx_kasan_atomics+0x10/0x10 [ 27.340971] ? __pfx_read_tsc+0x10/0x10 [ 27.341680] ? ktime_get_ts64+0x86/0x230 [ 27.342283] kunit_try_run_case+0x1b3/0x490 [ 27.343646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.344083] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.344942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.345933] ? __kthread_parkme+0x82/0x160 [ 27.346426] ? preempt_count_sub+0x50/0x80 [ 27.346663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.347297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.348591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.350106] kthread+0x257/0x310 [ 27.351013] ? __pfx_kthread+0x10/0x10 [ 27.351648] ret_from_fork+0x41/0x80 [ 27.352066] ? __pfx_kthread+0x10/0x10 [ 27.352492] ret_from_fork_asm+0x1a/0x30 [ 27.353118] </TASK> [ 27.354148] [ 27.354507] Allocated by task 273: [ 27.354775] kasan_save_stack+0x3d/0x60 [ 27.355333] kasan_save_track+0x18/0x40 [ 27.355694] kasan_save_alloc_info+0x3b/0x50 [ 27.356330] __kasan_kmalloc+0xb7/0xc0 [ 27.356680] __kmalloc_cache_noprof+0x184/0x410 [ 27.357180] kasan_atomics+0x96/0x310 [ 27.357557] kunit_try_run_case+0x1b3/0x490 [ 27.358269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.359051] kthread+0x257/0x310 [ 27.359569] ret_from_fork+0x41/0x80 [ 27.359887] ret_from_fork_asm+0x1a/0x30 [ 27.361015] [ 27.361220] The buggy address belongs to the object at ffff888101afb700 [ 27.361220] which belongs to the cache kmalloc-64 of size 64 [ 27.363152] The buggy address is located 0 bytes to the right of [ 27.363152] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.364895] [ 27.365094] The buggy address belongs to the physical page: [ 27.365449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.367373] flags: 0x200000000000000(node=0|zone=2) [ 27.368029] page_type: f5(slab) [ 27.369346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.370121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.370844] page dumped because: kasan: bad access detected [ 27.372091] [ 27.372439] Memory state around the buggy address: [ 27.373369] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.375071] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.376034] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.376700] ^ [ 27.378239] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.379390] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.380499] ================================================================== [ 29.718012] ================================================================== [ 29.718814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 29.719750] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.720513] [ 29.720977] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.722076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.723241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.724076] Call Trace: [ 29.724297] <TASK> [ 29.724832] dump_stack_lvl+0x73/0xb0 [ 29.725305] print_report+0xd1/0x640 [ 29.725807] ? __virt_addr_valid+0x1db/0x2d0 [ 29.726607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.726999] kasan_report+0x102/0x140 [ 29.727548] ? kasan_atomics_helper+0x4f32/0x5450 [ 29.728211] ? kasan_atomics_helper+0x4f32/0x5450 [ 29.728718] __asan_report_load8_noabort+0x18/0x20 [ 29.729348] kasan_atomics_helper+0x4f32/0x5450 [ 29.729799] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.730392] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.730970] ? __schedule+0xc3e/0x2790 [ 29.731288] ? finish_task_switch.isra.0+0x153/0x700 [ 29.731966] ? kasan_atomics+0x153/0x310 [ 29.732438] kasan_atomics+0x1dd/0x310 [ 29.732970] ? __pfx_kasan_atomics+0x10/0x10 [ 29.733518] ? __pfx_read_tsc+0x10/0x10 [ 29.733832] ? ktime_get_ts64+0x86/0x230 [ 29.734234] kunit_try_run_case+0x1b3/0x490 [ 29.734833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.735715] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.736043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.736713] ? __kthread_parkme+0x82/0x160 [ 29.737261] ? preempt_count_sub+0x50/0x80 [ 29.737664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.738181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.738766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.739363] kthread+0x257/0x310 [ 29.739813] ? __pfx_kthread+0x10/0x10 [ 29.740335] ret_from_fork+0x41/0x80 [ 29.740770] ? __pfx_kthread+0x10/0x10 [ 29.741248] ret_from_fork_asm+0x1a/0x30 [ 29.741779] </TASK> [ 29.742060] [ 29.742369] Allocated by task 273: [ 29.742831] kasan_save_stack+0x3d/0x60 [ 29.743583] kasan_save_track+0x18/0x40 [ 29.743945] kasan_save_alloc_info+0x3b/0x50 [ 29.744546] __kasan_kmalloc+0xb7/0xc0 [ 29.744904] __kmalloc_cache_noprof+0x184/0x410 [ 29.745224] kasan_atomics+0x96/0x310 [ 29.745968] kunit_try_run_case+0x1b3/0x490 [ 29.746425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.746999] kthread+0x257/0x310 [ 29.747445] ret_from_fork+0x41/0x80 [ 29.747831] ret_from_fork_asm+0x1a/0x30 [ 29.748305] [ 29.748625] The buggy address belongs to the object at ffff888101afb700 [ 29.748625] which belongs to the cache kmalloc-64 of size 64 [ 29.749653] The buggy address is located 0 bytes to the right of [ 29.749653] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.750838] [ 29.751227] The buggy address belongs to the physical page: [ 29.751633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.752646] flags: 0x200000000000000(node=0|zone=2) [ 29.752977] page_type: f5(slab) [ 29.753319] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.754078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.755138] page dumped because: kasan: bad access detected [ 29.755629] [ 29.755936] Memory state around the buggy address: [ 29.756641] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.757188] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.757900] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.759251] ^ [ 29.759642] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.760434] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.760915] ================================================================== [ 29.988119] ================================================================== [ 29.989550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 29.990196] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.991757] [ 29.992294] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.993623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.994008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.995334] Call Trace: [ 29.995579] <TASK> [ 29.996348] dump_stack_lvl+0x73/0xb0 [ 29.996776] print_report+0xd1/0x640 [ 29.997377] ? __virt_addr_valid+0x1db/0x2d0 [ 29.998051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.998535] kasan_report+0x102/0x140 [ 29.998903] ? kasan_atomics_helper+0x4f73/0x5450 [ 29.999822] ? kasan_atomics_helper+0x4f73/0x5450 [ 30.000326] __asan_report_load8_noabort+0x18/0x20 [ 30.000956] kasan_atomics_helper+0x4f73/0x5450 [ 30.001704] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.002398] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.003004] ? __schedule+0xc3e/0x2790 [ 30.003497] ? finish_task_switch.isra.0+0x153/0x700 [ 30.004001] ? kasan_atomics+0x153/0x310 [ 30.004798] kasan_atomics+0x1dd/0x310 [ 30.005436] ? __pfx_kasan_atomics+0x10/0x10 [ 30.006084] ? __pfx_read_tsc+0x10/0x10 [ 30.006532] ? ktime_get_ts64+0x86/0x230 [ 30.006934] kunit_try_run_case+0x1b3/0x490 [ 30.007690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.008032] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.008810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.009725] ? __kthread_parkme+0x82/0x160 [ 30.010111] ? preempt_count_sub+0x50/0x80 [ 30.010708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.011353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.012118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.012820] kthread+0x257/0x310 [ 30.013313] ? __pfx_kthread+0x10/0x10 [ 30.013959] ret_from_fork+0x41/0x80 [ 30.014440] ? __pfx_kthread+0x10/0x10 [ 30.015157] ret_from_fork_asm+0x1a/0x30 [ 30.015830] </TASK> [ 30.015964] [ 30.016147] Allocated by task 273: [ 30.017014] kasan_save_stack+0x3d/0x60 [ 30.017296] kasan_save_track+0x18/0x40 [ 30.017797] kasan_save_alloc_info+0x3b/0x50 [ 30.018706] __kasan_kmalloc+0xb7/0xc0 [ 30.018992] __kmalloc_cache_noprof+0x184/0x410 [ 30.019574] kasan_atomics+0x96/0x310 [ 30.020287] kunit_try_run_case+0x1b3/0x490 [ 30.020797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.021705] kthread+0x257/0x310 [ 30.022245] ret_from_fork+0x41/0x80 [ 30.022747] ret_from_fork_asm+0x1a/0x30 [ 30.023400] [ 30.023849] The buggy address belongs to the object at ffff888101afb700 [ 30.023849] which belongs to the cache kmalloc-64 of size 64 [ 30.025189] The buggy address is located 0 bytes to the right of [ 30.025189] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.026720] [ 30.026887] The buggy address belongs to the physical page: [ 30.027549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.028328] flags: 0x200000000000000(node=0|zone=2) [ 30.028816] page_type: f5(slab) [ 30.029290] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.030198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.030894] page dumped because: kasan: bad access detected [ 30.031552] [ 30.031753] Memory state around the buggy address: [ 30.032383] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.033108] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.033894] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.034611] ^ [ 30.035187] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.035907] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.036452] ================================================================== [ 27.442669] ================================================================== [ 27.443961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 27.444305] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.445954] [ 27.446441] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.447223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.448030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.449639] Call Trace: [ 27.450409] <TASK> [ 27.450640] dump_stack_lvl+0x73/0xb0 [ 27.451006] print_report+0xd1/0x640 [ 27.451354] ? __virt_addr_valid+0x1db/0x2d0 [ 27.452057] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.453338] kasan_report+0x102/0x140 [ 27.454438] ? kasan_atomics_helper+0x4a1/0x5450 [ 27.455031] ? kasan_atomics_helper+0x4a1/0x5450 [ 27.455921] kasan_check_range+0x10c/0x1c0 [ 27.456867] __kasan_check_write+0x18/0x20 [ 27.457434] kasan_atomics_helper+0x4a1/0x5450 [ 27.458005] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.458460] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.459206] ? __schedule+0xc3e/0x2790 [ 27.460161] ? finish_task_switch.isra.0+0x153/0x700 [ 27.460777] ? kasan_atomics+0x153/0x310 [ 27.461348] kasan_atomics+0x1dd/0x310 [ 27.462083] ? __pfx_kasan_atomics+0x10/0x10 [ 27.462466] ? __pfx_read_tsc+0x10/0x10 [ 27.463266] ? ktime_get_ts64+0x86/0x230 [ 27.464520] kunit_try_run_case+0x1b3/0x490 [ 27.465167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.465884] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.466442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.466916] ? __kthread_parkme+0x82/0x160 [ 27.467302] ? preempt_count_sub+0x50/0x80 [ 27.468062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.468815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.469525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.470201] kthread+0x257/0x310 [ 27.471201] ? __pfx_kthread+0x10/0x10 [ 27.472023] ret_from_fork+0x41/0x80 [ 27.472708] ? __pfx_kthread+0x10/0x10 [ 27.473208] ret_from_fork_asm+0x1a/0x30 [ 27.473856] </TASK> [ 27.474164] [ 27.474943] Allocated by task 273: [ 27.475681] kasan_save_stack+0x3d/0x60 [ 27.476253] kasan_save_track+0x18/0x40 [ 27.477051] kasan_save_alloc_info+0x3b/0x50 [ 27.477723] __kasan_kmalloc+0xb7/0xc0 [ 27.478097] __kmalloc_cache_noprof+0x184/0x410 [ 27.478919] kasan_atomics+0x96/0x310 [ 27.479223] kunit_try_run_case+0x1b3/0x490 [ 27.479996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.481119] kthread+0x257/0x310 [ 27.481711] ret_from_fork+0x41/0x80 [ 27.482678] ret_from_fork_asm+0x1a/0x30 [ 27.483698] [ 27.484132] The buggy address belongs to the object at ffff888101afb700 [ 27.484132] which belongs to the cache kmalloc-64 of size 64 [ 27.485886] The buggy address is located 0 bytes to the right of [ 27.485886] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.487861] [ 27.488097] The buggy address belongs to the physical page: [ 27.489185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.490527] flags: 0x200000000000000(node=0|zone=2) [ 27.491042] page_type: f5(slab) [ 27.491469] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.492945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.493429] page dumped because: kasan: bad access detected [ 27.494627] [ 27.495265] Memory state around the buggy address: [ 27.496002] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.496681] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.497715] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.498396] ^ [ 27.499179] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.500002] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.500608] ================================================================== [ 28.752215] ================================================================== [ 28.753454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 28.754222] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.754866] [ 28.755152] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.756486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.756773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.757568] Call Trace: [ 28.757891] <TASK> [ 28.758577] dump_stack_lvl+0x73/0xb0 [ 28.758967] print_report+0xd1/0x640 [ 28.759331] ? __virt_addr_valid+0x1db/0x2d0 [ 28.759745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.760661] kasan_report+0x102/0x140 [ 28.761009] ? kasan_atomics_helper+0x1218/0x5450 [ 28.761385] ? kasan_atomics_helper+0x1218/0x5450 [ 28.762043] kasan_check_range+0x10c/0x1c0 [ 28.762478] __kasan_check_write+0x18/0x20 [ 28.762966] kasan_atomics_helper+0x1218/0x5450 [ 28.763803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.764360] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.765054] ? __schedule+0xc3e/0x2790 [ 28.765576] ? finish_task_switch.isra.0+0x153/0x700 [ 28.766604] ? kasan_atomics+0x153/0x310 [ 28.767258] kasan_atomics+0x1dd/0x310 [ 28.767851] ? __pfx_kasan_atomics+0x10/0x10 [ 28.768292] ? __pfx_read_tsc+0x10/0x10 [ 28.768653] ? ktime_get_ts64+0x86/0x230 [ 28.769647] kunit_try_run_case+0x1b3/0x490 [ 28.770181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.770845] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.771740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.772520] ? __kthread_parkme+0x82/0x160 [ 28.772952] ? preempt_count_sub+0x50/0x80 [ 28.773786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.774928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.775826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.776716] kthread+0x257/0x310 [ 28.777265] ? __pfx_kthread+0x10/0x10 [ 28.777731] ret_from_fork+0x41/0x80 [ 28.778667] ? __pfx_kthread+0x10/0x10 [ 28.779224] ret_from_fork_asm+0x1a/0x30 [ 28.779782] </TASK> [ 28.780001] [ 28.780391] Allocated by task 273: [ 28.780810] kasan_save_stack+0x3d/0x60 [ 28.781603] kasan_save_track+0x18/0x40 [ 28.782364] kasan_save_alloc_info+0x3b/0x50 [ 28.783136] __kasan_kmalloc+0xb7/0xc0 [ 28.783550] __kmalloc_cache_noprof+0x184/0x410 [ 28.784580] kasan_atomics+0x96/0x310 [ 28.785519] kunit_try_run_case+0x1b3/0x490 [ 28.786333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.786701] kthread+0x257/0x310 [ 28.787112] ret_from_fork+0x41/0x80 [ 28.787735] ret_from_fork_asm+0x1a/0x30 [ 28.788183] [ 28.788472] The buggy address belongs to the object at ffff888101afb700 [ 28.788472] which belongs to the cache kmalloc-64 of size 64 [ 28.789465] The buggy address is located 0 bytes to the right of [ 28.789465] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.790751] [ 28.791042] The buggy address belongs to the physical page: [ 28.791393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.792328] flags: 0x200000000000000(node=0|zone=2) [ 28.792686] page_type: f5(slab) [ 28.792988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.793889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.794480] page dumped because: kasan: bad access detected [ 28.795311] [ 28.795593] Memory state around the buggy address: [ 28.795988] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.796761] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.797496] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.797932] ^ [ 28.798716] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.799322] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.800072] ================================================================== [ 28.082572] ================================================================== [ 28.083488] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 28.085434] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.086445] [ 28.086650] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.088177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.088625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.089605] Call Trace: [ 28.090005] <TASK> [ 28.090414] dump_stack_lvl+0x73/0xb0 [ 28.090981] print_report+0xd1/0x640 [ 28.091642] ? __virt_addr_valid+0x1db/0x2d0 [ 28.092343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.092823] kasan_report+0x102/0x140 [ 28.093667] ? kasan_atomics_helper+0xac8/0x5450 [ 28.094341] ? kasan_atomics_helper+0xac8/0x5450 [ 28.095072] kasan_check_range+0x10c/0x1c0 [ 28.095901] __kasan_check_write+0x18/0x20 [ 28.096258] kasan_atomics_helper+0xac8/0x5450 [ 28.097007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.098185] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.098621] ? __schedule+0xc3e/0x2790 [ 28.099440] ? finish_task_switch.isra.0+0x153/0x700 [ 28.100061] ? kasan_atomics+0x153/0x310 [ 28.100516] kasan_atomics+0x1dd/0x310 [ 28.101631] ? __pfx_kasan_atomics+0x10/0x10 [ 28.102036] ? __pfx_read_tsc+0x10/0x10 [ 28.102460] ? ktime_get_ts64+0x86/0x230 [ 28.103169] kunit_try_run_case+0x1b3/0x490 [ 28.103914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.104347] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.105030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.105639] ? __kthread_parkme+0x82/0x160 [ 28.106285] ? preempt_count_sub+0x50/0x80 [ 28.106746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.107304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.108013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.108578] kthread+0x257/0x310 [ 28.108999] ? __pfx_kthread+0x10/0x10 [ 28.109438] ret_from_fork+0x41/0x80 [ 28.109896] ? __pfx_kthread+0x10/0x10 [ 28.110406] ret_from_fork_asm+0x1a/0x30 [ 28.110736] </TASK> [ 28.111241] [ 28.111423] Allocated by task 273: [ 28.111631] kasan_save_stack+0x3d/0x60 [ 28.111888] kasan_save_track+0x18/0x40 [ 28.112598] kasan_save_alloc_info+0x3b/0x50 [ 28.113464] __kasan_kmalloc+0xb7/0xc0 [ 28.114134] __kmalloc_cache_noprof+0x184/0x410 [ 28.115065] kasan_atomics+0x96/0x310 [ 28.115713] kunit_try_run_case+0x1b3/0x490 [ 28.116139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.116726] kthread+0x257/0x310 [ 28.117202] ret_from_fork+0x41/0x80 [ 28.117623] ret_from_fork_asm+0x1a/0x30 [ 28.118085] [ 28.118403] The buggy address belongs to the object at ffff888101afb700 [ 28.118403] which belongs to the cache kmalloc-64 of size 64 [ 28.119438] The buggy address is located 0 bytes to the right of [ 28.119438] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.120542] [ 28.120800] The buggy address belongs to the physical page: [ 28.121393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.122010] flags: 0x200000000000000(node=0|zone=2) [ 28.122588] page_type: f5(slab) [ 28.122887] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.123852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.124576] page dumped because: kasan: bad access detected [ 28.125218] [ 28.125551] Memory state around the buggy address: [ 28.126020] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.126944] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.127572] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.128227] ^ [ 28.128951] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.129405] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.130090] ================================================================== [ 28.325783] ================================================================== [ 28.326879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 28.327627] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.328511] [ 28.328746] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.329757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.330271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.331131] Call Trace: [ 28.331419] <TASK> [ 28.331745] dump_stack_lvl+0x73/0xb0 [ 28.332242] print_report+0xd1/0x640 [ 28.332617] ? __virt_addr_valid+0x1db/0x2d0 [ 28.332959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.333627] kasan_report+0x102/0x140 [ 28.334148] ? kasan_atomics_helper+0xde1/0x5450 [ 28.334701] ? kasan_atomics_helper+0xde1/0x5450 [ 28.335200] kasan_check_range+0x10c/0x1c0 [ 28.335700] __kasan_check_write+0x18/0x20 [ 28.336163] kasan_atomics_helper+0xde1/0x5450 [ 28.336585] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.337152] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.337537] ? __schedule+0xc3e/0x2790 [ 28.338087] ? finish_task_switch.isra.0+0x153/0x700 [ 28.338674] ? kasan_atomics+0x153/0x310 [ 28.339277] kasan_atomics+0x1dd/0x310 [ 28.339624] ? __pfx_kasan_atomics+0x10/0x10 [ 28.340178] ? __pfx_read_tsc+0x10/0x10 [ 28.340589] ? ktime_get_ts64+0x86/0x230 [ 28.341015] kunit_try_run_case+0x1b3/0x490 [ 28.341460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.341983] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.342537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.342966] ? __kthread_parkme+0x82/0x160 [ 28.343445] ? preempt_count_sub+0x50/0x80 [ 28.343755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.344253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.345055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.345728] kthread+0x257/0x310 [ 28.346182] ? __pfx_kthread+0x10/0x10 [ 28.346542] ret_from_fork+0x41/0x80 [ 28.347015] ? __pfx_kthread+0x10/0x10 [ 28.347337] ret_from_fork_asm+0x1a/0x30 [ 28.347883] </TASK> [ 28.348181] [ 28.348384] Allocated by task 273: [ 28.348780] kasan_save_stack+0x3d/0x60 [ 28.349201] kasan_save_track+0x18/0x40 [ 28.349516] kasan_save_alloc_info+0x3b/0x50 [ 28.349873] __kasan_kmalloc+0xb7/0xc0 [ 28.350275] __kmalloc_cache_noprof+0x184/0x410 [ 28.350895] kasan_atomics+0x96/0x310 [ 28.351390] kunit_try_run_case+0x1b3/0x490 [ 28.351932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.353524] kthread+0x257/0x310 [ 28.354027] ret_from_fork+0x41/0x80 [ 28.354343] ret_from_fork_asm+0x1a/0x30 [ 28.354775] [ 28.355685] The buggy address belongs to the object at ffff888101afb700 [ 28.355685] which belongs to the cache kmalloc-64 of size 64 [ 28.357167] The buggy address is located 0 bytes to the right of [ 28.357167] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.358385] [ 28.358678] The buggy address belongs to the physical page: [ 28.359256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.359979] flags: 0x200000000000000(node=0|zone=2) [ 28.360347] page_type: f5(slab) [ 28.360768] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.361345] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.362116] page dumped because: kasan: bad access detected [ 28.362488] [ 28.362724] Memory state around the buggy address: [ 28.363278] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.363764] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.364579] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.365250] ^ [ 28.365711] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.366305] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.367001] ================================================================== [ 29.464204] ================================================================== [ 29.465711] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 29.467590] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.468595] [ 29.468843] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.469751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.469939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.470719] Call Trace: [ 29.471106] <TASK> [ 29.471476] dump_stack_lvl+0x73/0xb0 [ 29.472218] print_report+0xd1/0x640 [ 29.472730] ? __virt_addr_valid+0x1db/0x2d0 [ 29.473781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.474436] kasan_report+0x102/0x140 [ 29.474659] ? kasan_atomics_helper+0x194b/0x5450 [ 29.474877] ? kasan_atomics_helper+0x194b/0x5450 [ 29.475204] kasan_check_range+0x10c/0x1c0 [ 29.475927] __kasan_check_write+0x18/0x20 [ 29.476907] kasan_atomics_helper+0x194b/0x5450 [ 29.477578] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.478166] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.478664] ? __schedule+0xc3e/0x2790 [ 29.479289] ? finish_task_switch.isra.0+0x153/0x700 [ 29.479752] ? kasan_atomics+0x153/0x310 [ 29.480544] kasan_atomics+0x1dd/0x310 [ 29.481171] ? __pfx_kasan_atomics+0x10/0x10 [ 29.481697] ? __pfx_read_tsc+0x10/0x10 [ 29.482015] ? ktime_get_ts64+0x86/0x230 [ 29.482534] kunit_try_run_case+0x1b3/0x490 [ 29.482956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.483368] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.483920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.484442] ? __kthread_parkme+0x82/0x160 [ 29.484807] ? preempt_count_sub+0x50/0x80 [ 29.485386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.485930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.486814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.487571] kthread+0x257/0x310 [ 29.487992] ? __pfx_kthread+0x10/0x10 [ 29.488497] ret_from_fork+0x41/0x80 [ 29.489159] ? __pfx_kthread+0x10/0x10 [ 29.489458] ret_from_fork_asm+0x1a/0x30 [ 29.490249] </TASK> [ 29.490736] [ 29.490951] Allocated by task 273: [ 29.491832] kasan_save_stack+0x3d/0x60 [ 29.492218] kasan_save_track+0x18/0x40 [ 29.492805] kasan_save_alloc_info+0x3b/0x50 [ 29.493171] __kasan_kmalloc+0xb7/0xc0 [ 29.493625] __kmalloc_cache_noprof+0x184/0x410 [ 29.494241] kasan_atomics+0x96/0x310 [ 29.494685] kunit_try_run_case+0x1b3/0x490 [ 29.495015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.495710] kthread+0x257/0x310 [ 29.496453] ret_from_fork+0x41/0x80 [ 29.496885] ret_from_fork_asm+0x1a/0x30 [ 29.497579] [ 29.497739] The buggy address belongs to the object at ffff888101afb700 [ 29.497739] which belongs to the cache kmalloc-64 of size 64 [ 29.498808] The buggy address is located 0 bytes to the right of [ 29.498808] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.500371] [ 29.500643] The buggy address belongs to the physical page: [ 29.501077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.501970] flags: 0x200000000000000(node=0|zone=2) [ 29.502675] page_type: f5(slab) [ 29.502951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.503823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.504348] page dumped because: kasan: bad access detected [ 29.505282] [ 29.505589] Memory state around the buggy address: [ 29.506012] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.506782] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.507368] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.508148] ^ [ 29.508622] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.509289] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.510312] ================================================================== [ 28.619540] ================================================================== [ 28.620192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 28.621248] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.622298] [ 28.622561] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.623727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.624745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.625918] Call Trace: [ 28.626311] <TASK> [ 28.626506] dump_stack_lvl+0x73/0xb0 [ 28.626729] print_report+0xd1/0x640 [ 28.626962] ? __virt_addr_valid+0x1db/0x2d0 [ 28.627739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.628597] kasan_report+0x102/0x140 [ 28.628960] ? kasan_atomics_helper+0x4a1e/0x5450 [ 28.629464] ? kasan_atomics_helper+0x4a1e/0x5450 [ 28.629815] __asan_report_load4_noabort+0x18/0x20 [ 28.630484] kasan_atomics_helper+0x4a1e/0x5450 [ 28.630910] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.631631] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.632400] ? __schedule+0xc3e/0x2790 [ 28.632837] ? finish_task_switch.isra.0+0x153/0x700 [ 28.633894] ? kasan_atomics+0x153/0x310 [ 28.634293] kasan_atomics+0x1dd/0x310 [ 28.634675] ? __pfx_kasan_atomics+0x10/0x10 [ 28.635109] ? __pfx_read_tsc+0x10/0x10 [ 28.635645] ? ktime_get_ts64+0x86/0x230 [ 28.636170] kunit_try_run_case+0x1b3/0x490 [ 28.636602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.637382] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.637810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.638650] ? __kthread_parkme+0x82/0x160 [ 28.639309] ? preempt_count_sub+0x50/0x80 [ 28.639955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.640563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.641264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.641992] kthread+0x257/0x310 [ 28.642232] ? __pfx_kthread+0x10/0x10 [ 28.642955] ret_from_fork+0x41/0x80 [ 28.643477] ? __pfx_kthread+0x10/0x10 [ 28.643982] ret_from_fork_asm+0x1a/0x30 [ 28.644597] </TASK> [ 28.645062] [ 28.645296] Allocated by task 273: [ 28.645765] kasan_save_stack+0x3d/0x60 [ 28.646307] kasan_save_track+0x18/0x40 [ 28.646936] kasan_save_alloc_info+0x3b/0x50 [ 28.647634] __kasan_kmalloc+0xb7/0xc0 [ 28.648140] __kmalloc_cache_noprof+0x184/0x410 [ 28.648738] kasan_atomics+0x96/0x310 [ 28.649283] kunit_try_run_case+0x1b3/0x490 [ 28.649851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.650534] kthread+0x257/0x310 [ 28.651098] ret_from_fork+0x41/0x80 [ 28.651527] ret_from_fork_asm+0x1a/0x30 [ 28.652106] [ 28.652358] The buggy address belongs to the object at ffff888101afb700 [ 28.652358] which belongs to the cache kmalloc-64 of size 64 [ 28.653379] The buggy address is located 0 bytes to the right of [ 28.653379] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.654612] [ 28.654897] The buggy address belongs to the physical page: [ 28.655528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.656273] flags: 0x200000000000000(node=0|zone=2) [ 28.656666] page_type: f5(slab) [ 28.657005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.657681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.658622] page dumped because: kasan: bad access detected [ 28.659104] [ 28.659360] Memory state around the buggy address: [ 28.660126] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.660663] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.661484] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.662226] ^ [ 28.662820] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.663567] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.664327] ================================================================== [ 27.900836] ================================================================== [ 27.901428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 27.902404] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.903134] [ 27.903596] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.904464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.905136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.906023] Call Trace: [ 27.906240] <TASK> [ 27.907395] dump_stack_lvl+0x73/0xb0 [ 27.907855] print_report+0xd1/0x640 [ 27.908294] ? __virt_addr_valid+0x1db/0x2d0 [ 27.909201] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.909696] kasan_report+0x102/0x140 [ 27.910560] ? kasan_atomics_helper+0x8fa/0x5450 [ 27.911154] ? kasan_atomics_helper+0x8fa/0x5450 [ 27.911727] kasan_check_range+0x10c/0x1c0 [ 27.912249] __kasan_check_write+0x18/0x20 [ 27.913024] kasan_atomics_helper+0x8fa/0x5450 [ 27.913404] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.914930] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.915557] ? __schedule+0xc3e/0x2790 [ 27.916240] ? finish_task_switch.isra.0+0x153/0x700 [ 27.916832] ? kasan_atomics+0x153/0x310 [ 27.917685] kasan_atomics+0x1dd/0x310 [ 27.918276] ? __pfx_kasan_atomics+0x10/0x10 [ 27.918908] ? __pfx_read_tsc+0x10/0x10 [ 27.919474] ? ktime_get_ts64+0x86/0x230 [ 27.919819] kunit_try_run_case+0x1b3/0x490 [ 27.920770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.921567] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.922190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.922789] ? __kthread_parkme+0x82/0x160 [ 27.923977] ? preempt_count_sub+0x50/0x80 [ 27.924272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.924912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.925755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.926749] kthread+0x257/0x310 [ 27.927278] ? __pfx_kthread+0x10/0x10 [ 27.928035] ret_from_fork+0x41/0x80 [ 27.928430] ? __pfx_kthread+0x10/0x10 [ 27.928861] ret_from_fork_asm+0x1a/0x30 [ 27.930139] </TASK> [ 27.930967] [ 27.931112] Allocated by task 273: [ 27.931303] kasan_save_stack+0x3d/0x60 [ 27.931853] kasan_save_track+0x18/0x40 [ 27.933511] kasan_save_alloc_info+0x3b/0x50 [ 27.934088] __kasan_kmalloc+0xb7/0xc0 [ 27.935230] __kmalloc_cache_noprof+0x184/0x410 [ 27.936581] kasan_atomics+0x96/0x310 [ 27.937163] kunit_try_run_case+0x1b3/0x490 [ 27.937499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.938964] kthread+0x257/0x310 [ 27.939286] ret_from_fork+0x41/0x80 [ 27.940704] ret_from_fork_asm+0x1a/0x30 [ 27.941195] [ 27.941587] The buggy address belongs to the object at ffff888101afb700 [ 27.941587] which belongs to the cache kmalloc-64 of size 64 [ 27.943044] The buggy address is located 0 bytes to the right of [ 27.943044] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.944466] [ 27.945230] The buggy address belongs to the physical page: [ 27.946485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.947591] flags: 0x200000000000000(node=0|zone=2) [ 27.948265] page_type: f5(slab) [ 27.948588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.949568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.950268] page dumped because: kasan: bad access detected [ 27.952120] [ 27.952489] Memory state around the buggy address: [ 27.953084] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.954063] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.954811] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.955728] ^ [ 27.956558] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.957905] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.958729] ================================================================== [ 29.049756] ================================================================== [ 29.050153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 29.051296] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.053192] [ 29.053553] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.055264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.055651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.056960] Call Trace: [ 29.057306] <TASK> [ 29.057840] dump_stack_lvl+0x73/0xb0 [ 29.058294] print_report+0xd1/0x640 [ 29.058735] ? __virt_addr_valid+0x1db/0x2d0 [ 29.059789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.060363] kasan_report+0x102/0x140 [ 29.061048] ? kasan_atomics_helper+0x1468/0x5450 [ 29.061729] ? kasan_atomics_helper+0x1468/0x5450 [ 29.062271] kasan_check_range+0x10c/0x1c0 [ 29.062507] __kasan_check_write+0x18/0x20 [ 29.062704] kasan_atomics_helper+0x1468/0x5450 [ 29.062922] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.063459] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.064066] ? __schedule+0xc3e/0x2790 [ 29.064513] ? finish_task_switch.isra.0+0x153/0x700 [ 29.065227] ? kasan_atomics+0x153/0x310 [ 29.065711] kasan_atomics+0x1dd/0x310 [ 29.066389] ? __pfx_kasan_atomics+0x10/0x10 [ 29.067099] ? __pfx_read_tsc+0x10/0x10 [ 29.067502] ? ktime_get_ts64+0x86/0x230 [ 29.068170] kunit_try_run_case+0x1b3/0x490 [ 29.068912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.069571] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.070283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.070886] ? __kthread_parkme+0x82/0x160 [ 29.071514] ? preempt_count_sub+0x50/0x80 [ 29.072274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.072715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.073285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.074461] kthread+0x257/0x310 [ 29.075003] ? __pfx_kthread+0x10/0x10 [ 29.075553] ret_from_fork+0x41/0x80 [ 29.076159] ? __pfx_kthread+0x10/0x10 [ 29.076703] ret_from_fork_asm+0x1a/0x30 [ 29.077241] </TASK> [ 29.077483] [ 29.077737] Allocated by task 273: [ 29.078539] kasan_save_stack+0x3d/0x60 [ 29.078816] kasan_save_track+0x18/0x40 [ 29.079692] kasan_save_alloc_info+0x3b/0x50 [ 29.080461] __kasan_kmalloc+0xb7/0xc0 [ 29.080881] __kmalloc_cache_noprof+0x184/0x410 [ 29.081745] kasan_atomics+0x96/0x310 [ 29.082140] kunit_try_run_case+0x1b3/0x490 [ 29.082624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.083349] kthread+0x257/0x310 [ 29.083609] ret_from_fork+0x41/0x80 [ 29.084095] ret_from_fork_asm+0x1a/0x30 [ 29.084509] [ 29.084750] The buggy address belongs to the object at ffff888101afb700 [ 29.084750] which belongs to the cache kmalloc-64 of size 64 [ 29.086416] The buggy address is located 0 bytes to the right of [ 29.086416] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.088321] [ 29.088543] The buggy address belongs to the physical page: [ 29.088862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.090012] flags: 0x200000000000000(node=0|zone=2) [ 29.090306] page_type: f5(slab) [ 29.090520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.091153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.092174] page dumped because: kasan: bad access detected [ 29.092823] [ 29.093063] Memory state around the buggy address: [ 29.094391] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.094945] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.096138] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.097241] ^ [ 29.097596] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.098865] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.099430] ================================================================== [ 28.022552] ================================================================== [ 28.023052] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 28.024134] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.025361] [ 28.025587] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.028260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.028846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.030083] Call Trace: [ 28.030569] <TASK> [ 28.031209] dump_stack_lvl+0x73/0xb0 [ 28.032163] print_report+0xd1/0x640 [ 28.033079] ? __virt_addr_valid+0x1db/0x2d0 [ 28.033901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.034614] kasan_report+0x102/0x140 [ 28.034994] ? kasan_atomics_helper+0xa2c/0x5450 [ 28.035530] ? kasan_atomics_helper+0xa2c/0x5450 [ 28.036089] kasan_check_range+0x10c/0x1c0 [ 28.036884] __kasan_check_write+0x18/0x20 [ 28.037684] kasan_atomics_helper+0xa2c/0x5450 [ 28.038781] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.039533] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.040214] ? __schedule+0xc3e/0x2790 [ 28.041002] ? finish_task_switch.isra.0+0x153/0x700 [ 28.041678] ? kasan_atomics+0x153/0x310 [ 28.042281] kasan_atomics+0x1dd/0x310 [ 28.043206] ? __pfx_kasan_atomics+0x10/0x10 [ 28.044117] ? __pfx_read_tsc+0x10/0x10 [ 28.044585] ? ktime_get_ts64+0x86/0x230 [ 28.045060] kunit_try_run_case+0x1b3/0x490 [ 28.045761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.046197] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.046792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.047505] ? __kthread_parkme+0x82/0x160 [ 28.047886] ? preempt_count_sub+0x50/0x80 [ 28.049140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.049863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.050862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.051726] kthread+0x257/0x310 [ 28.052116] ? __pfx_kthread+0x10/0x10 [ 28.053077] ret_from_fork+0x41/0x80 [ 28.053649] ? __pfx_kthread+0x10/0x10 [ 28.054614] ret_from_fork_asm+0x1a/0x30 [ 28.055525] </TASK> [ 28.056020] [ 28.056233] Allocated by task 273: [ 28.057182] kasan_save_stack+0x3d/0x60 [ 28.057702] kasan_save_track+0x18/0x40 [ 28.058671] kasan_save_alloc_info+0x3b/0x50 [ 28.059609] __kasan_kmalloc+0xb7/0xc0 [ 28.060898] __kmalloc_cache_noprof+0x184/0x410 [ 28.061356] kasan_atomics+0x96/0x310 [ 28.061959] kunit_try_run_case+0x1b3/0x490 [ 28.062532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.063684] kthread+0x257/0x310 [ 28.064232] ret_from_fork+0x41/0x80 [ 28.064633] ret_from_fork_asm+0x1a/0x30 [ 28.065081] [ 28.065311] The buggy address belongs to the object at ffff888101afb700 [ 28.065311] which belongs to the cache kmalloc-64 of size 64 [ 28.067349] The buggy address is located 0 bytes to the right of [ 28.067349] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.069214] [ 28.069797] The buggy address belongs to the physical page: [ 28.070649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.071101] flags: 0x200000000000000(node=0|zone=2) [ 28.071813] page_type: f5(slab) [ 28.072308] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.073511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.074600] page dumped because: kasan: bad access detected [ 28.074986] [ 28.075245] Memory state around the buggy address: [ 28.076017] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.076698] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.077427] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.078116] ^ [ 28.078780] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.079655] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.080147] ================================================================== [ 30.087770] ================================================================== [ 30.088818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 30.089526] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.090359] [ 30.090549] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.091473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.092060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.092740] Call Trace: [ 30.093169] <TASK> [ 30.093550] dump_stack_lvl+0x73/0xb0 [ 30.093988] print_report+0xd1/0x640 [ 30.094417] ? __virt_addr_valid+0x1db/0x2d0 [ 30.094939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.095671] kasan_report+0x102/0x140 [ 30.096172] ? kasan_atomics_helper+0x4f9a/0x5450 [ 30.096673] ? kasan_atomics_helper+0x4f9a/0x5450 [ 30.097257] __asan_report_load8_noabort+0x18/0x20 [ 30.097910] kasan_atomics_helper+0x4f9a/0x5450 [ 30.098303] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.098761] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.099047] ? __schedule+0xc3e/0x2790 [ 30.099679] ? finish_task_switch.isra.0+0x153/0x700 [ 30.100427] ? kasan_atomics+0x153/0x310 [ 30.100854] kasan_atomics+0x1dd/0x310 [ 30.101154] ? __pfx_kasan_atomics+0x10/0x10 [ 30.101996] ? __pfx_read_tsc+0x10/0x10 [ 30.102507] ? ktime_get_ts64+0x86/0x230 [ 30.102897] kunit_try_run_case+0x1b3/0x490 [ 30.104486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.105472] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.105822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.106587] ? __kthread_parkme+0x82/0x160 [ 30.107634] ? preempt_count_sub+0x50/0x80 [ 30.107963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.108684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.109630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.110656] kthread+0x257/0x310 [ 30.111019] ? __pfx_kthread+0x10/0x10 [ 30.111677] ret_from_fork+0x41/0x80 [ 30.112849] ? __pfx_kthread+0x10/0x10 [ 30.113287] ret_from_fork_asm+0x1a/0x30 [ 30.114018] </TASK> [ 30.114397] [ 30.114552] Allocated by task 273: [ 30.115083] kasan_save_stack+0x3d/0x60 [ 30.115553] kasan_save_track+0x18/0x40 [ 30.116087] kasan_save_alloc_info+0x3b/0x50 [ 30.116587] __kasan_kmalloc+0xb7/0xc0 [ 30.117023] __kmalloc_cache_noprof+0x184/0x410 [ 30.117736] kasan_atomics+0x96/0x310 [ 30.118216] kunit_try_run_case+0x1b3/0x490 [ 30.118659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.119328] kthread+0x257/0x310 [ 30.119672] ret_from_fork+0x41/0x80 [ 30.120201] ret_from_fork_asm+0x1a/0x30 [ 30.120779] [ 30.121070] The buggy address belongs to the object at ffff888101afb700 [ 30.121070] which belongs to the cache kmalloc-64 of size 64 [ 30.121961] The buggy address is located 0 bytes to the right of [ 30.121961] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.123183] [ 30.123499] The buggy address belongs to the physical page: [ 30.123958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.124742] flags: 0x200000000000000(node=0|zone=2) [ 30.125370] page_type: f5(slab) [ 30.125777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.126609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.127374] page dumped because: kasan: bad access detected [ 30.127938] [ 30.128258] Memory state around the buggy address: [ 30.128734] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.129398] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.130179] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.130743] ^ [ 30.131341] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.132335] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.133160] ================================================================== [ 28.998096] ================================================================== [ 28.998760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 28.999644] Read of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.000324] [ 29.000979] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.002098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.002422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.002828] Call Trace: [ 29.003151] <TASK> [ 29.003663] dump_stack_lvl+0x73/0xb0 [ 29.004359] print_report+0xd1/0x640 [ 29.005082] ? __virt_addr_valid+0x1db/0x2d0 [ 29.005814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.006626] kasan_report+0x102/0x140 [ 29.007720] ? kasan_atomics_helper+0x4eb0/0x5450 [ 29.008587] ? kasan_atomics_helper+0x4eb0/0x5450 [ 29.009073] __asan_report_load8_noabort+0x18/0x20 [ 29.009608] kasan_atomics_helper+0x4eb0/0x5450 [ 29.010491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.010915] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.011636] ? __schedule+0xc3e/0x2790 [ 29.012038] ? finish_task_switch.isra.0+0x153/0x700 [ 29.012557] ? kasan_atomics+0x153/0x310 [ 29.013254] kasan_atomics+0x1dd/0x310 [ 29.013862] ? __pfx_kasan_atomics+0x10/0x10 [ 29.014510] ? __pfx_read_tsc+0x10/0x10 [ 29.015673] ? ktime_get_ts64+0x86/0x230 [ 29.016226] kunit_try_run_case+0x1b3/0x490 [ 29.016723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.017685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.018125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.018807] ? __kthread_parkme+0x82/0x160 [ 29.019884] ? preempt_count_sub+0x50/0x80 [ 29.020321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.020952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.021677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.022501] kthread+0x257/0x310 [ 29.022747] ? __pfx_kthread+0x10/0x10 [ 29.023565] ret_from_fork+0x41/0x80 [ 29.023924] ? __pfx_kthread+0x10/0x10 [ 29.024389] ret_from_fork_asm+0x1a/0x30 [ 29.024785] </TASK> [ 29.025115] [ 29.025533] Allocated by task 273: [ 29.025824] kasan_save_stack+0x3d/0x60 [ 29.026934] kasan_save_track+0x18/0x40 [ 29.027341] kasan_save_alloc_info+0x3b/0x50 [ 29.027805] __kasan_kmalloc+0xb7/0xc0 [ 29.029136] __kmalloc_cache_noprof+0x184/0x410 [ 29.029794] kasan_atomics+0x96/0x310 [ 29.030566] kunit_try_run_case+0x1b3/0x490 [ 29.030982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.031424] kthread+0x257/0x310 [ 29.031776] ret_from_fork+0x41/0x80 [ 29.032713] ret_from_fork_asm+0x1a/0x30 [ 29.033224] [ 29.033397] The buggy address belongs to the object at ffff888101afb700 [ 29.033397] which belongs to the cache kmalloc-64 of size 64 [ 29.035012] The buggy address is located 0 bytes to the right of [ 29.035012] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.036531] [ 29.036690] The buggy address belongs to the physical page: [ 29.037679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.038551] flags: 0x200000000000000(node=0|zone=2) [ 29.038944] page_type: f5(slab) [ 29.039682] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.040583] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.041287] page dumped because: kasan: bad access detected [ 29.042078] [ 29.042519] Memory state around the buggy address: [ 29.043265] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.043912] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.045083] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.046067] ^ [ 29.046692] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.047712] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.048501] ================================================================== [ 28.178989] ================================================================== [ 28.180958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 28.181877] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.182593] [ 28.182907] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.184042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.184527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.185015] Call Trace: [ 28.185572] <TASK> [ 28.186160] dump_stack_lvl+0x73/0xb0 [ 28.186652] print_report+0xd1/0x640 [ 28.187720] ? __virt_addr_valid+0x1db/0x2d0 [ 28.188305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.188844] kasan_report+0x102/0x140 [ 28.189735] ? kasan_atomics_helper+0xc71/0x5450 [ 28.190505] ? kasan_atomics_helper+0xc71/0x5450 [ 28.191620] kasan_check_range+0x10c/0x1c0 [ 28.192179] __kasan_check_write+0x18/0x20 [ 28.192593] kasan_atomics_helper+0xc71/0x5450 [ 28.193639] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.194447] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.195377] ? __schedule+0xc3e/0x2790 [ 28.195882] ? finish_task_switch.isra.0+0x153/0x700 [ 28.196429] ? kasan_atomics+0x153/0x310 [ 28.196880] kasan_atomics+0x1dd/0x310 [ 28.197284] ? __pfx_kasan_atomics+0x10/0x10 [ 28.197724] ? __pfx_read_tsc+0x10/0x10 [ 28.198277] ? ktime_get_ts64+0x86/0x230 [ 28.198933] kunit_try_run_case+0x1b3/0x490 [ 28.199304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.199851] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.200271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.201031] ? __kthread_parkme+0x82/0x160 [ 28.201411] ? preempt_count_sub+0x50/0x80 [ 28.202013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.202421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.203160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.203650] kthread+0x257/0x310 [ 28.204226] ? __pfx_kthread+0x10/0x10 [ 28.204546] ret_from_fork+0x41/0x80 [ 28.205155] ? __pfx_kthread+0x10/0x10 [ 28.205624] ret_from_fork_asm+0x1a/0x30 [ 28.206219] </TASK> [ 28.206631] [ 28.206810] Allocated by task 273: [ 28.207105] kasan_save_stack+0x3d/0x60 [ 28.208272] kasan_save_track+0x18/0x40 [ 28.209015] kasan_save_alloc_info+0x3b/0x50 [ 28.209741] __kasan_kmalloc+0xb7/0xc0 [ 28.210467] __kmalloc_cache_noprof+0x184/0x410 [ 28.210783] kasan_atomics+0x96/0x310 [ 28.211444] kunit_try_run_case+0x1b3/0x490 [ 28.212634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.213720] kthread+0x257/0x310 [ 28.214191] ret_from_fork+0x41/0x80 [ 28.214830] ret_from_fork_asm+0x1a/0x30 [ 28.215677] [ 28.216084] The buggy address belongs to the object at ffff888101afb700 [ 28.216084] which belongs to the cache kmalloc-64 of size 64 [ 28.217052] The buggy address is located 0 bytes to the right of [ 28.217052] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.218600] [ 28.218816] The buggy address belongs to the physical page: [ 28.220070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.220866] flags: 0x200000000000000(node=0|zone=2) [ 28.221289] page_type: f5(slab) [ 28.221924] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.222721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.223599] page dumped because: kasan: bad access detected [ 28.224154] [ 28.224415] Memory state around the buggy address: [ 28.224954] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.225580] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.226235] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.227048] ^ [ 28.227459] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.228303] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.229061] ================================================================== [ 28.277550] ================================================================== [ 28.278368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 28.279163] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.279805] [ 28.280317] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.282028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.282577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.283660] Call Trace: [ 28.284371] <TASK> [ 28.284680] dump_stack_lvl+0x73/0xb0 [ 28.285100] print_report+0xd1/0x640 [ 28.285493] ? __virt_addr_valid+0x1db/0x2d0 [ 28.285927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.286659] kasan_report+0x102/0x140 [ 28.287565] ? kasan_atomics_helper+0xd48/0x5450 [ 28.288284] ? kasan_atomics_helper+0xd48/0x5450 [ 28.288742] kasan_check_range+0x10c/0x1c0 [ 28.289469] __kasan_check_write+0x18/0x20 [ 28.290141] kasan_atomics_helper+0xd48/0x5450 [ 28.290620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.291242] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.291536] ? __schedule+0xc3e/0x2790 [ 28.291863] ? finish_task_switch.isra.0+0x153/0x700 [ 28.292542] ? kasan_atomics+0x153/0x310 [ 28.293559] kasan_atomics+0x1dd/0x310 [ 28.294138] ? __pfx_kasan_atomics+0x10/0x10 [ 28.294537] ? __pfx_read_tsc+0x10/0x10 [ 28.295018] ? ktime_get_ts64+0x86/0x230 [ 28.295463] kunit_try_run_case+0x1b3/0x490 [ 28.296038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.296618] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.297142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.297857] ? __kthread_parkme+0x82/0x160 [ 28.298341] ? preempt_count_sub+0x50/0x80 [ 28.298728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.299324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.300072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.300617] kthread+0x257/0x310 [ 28.301208] ? __pfx_kthread+0x10/0x10 [ 28.301646] ret_from_fork+0x41/0x80 [ 28.302123] ? __pfx_kthread+0x10/0x10 [ 28.302438] ret_from_fork_asm+0x1a/0x30 [ 28.302967] </TASK> [ 28.303444] [ 28.303782] Allocated by task 273: [ 28.304052] kasan_save_stack+0x3d/0x60 [ 28.304686] kasan_save_track+0x18/0x40 [ 28.305163] kasan_save_alloc_info+0x3b/0x50 [ 28.305748] __kasan_kmalloc+0xb7/0xc0 [ 28.306042] __kmalloc_cache_noprof+0x184/0x410 [ 28.306362] kasan_atomics+0x96/0x310 [ 28.306872] kunit_try_run_case+0x1b3/0x490 [ 28.307785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.308242] kthread+0x257/0x310 [ 28.308678] ret_from_fork+0x41/0x80 [ 28.309070] ret_from_fork_asm+0x1a/0x30 [ 28.309783] [ 28.310164] The buggy address belongs to the object at ffff888101afb700 [ 28.310164] which belongs to the cache kmalloc-64 of size 64 [ 28.310858] The buggy address is located 0 bytes to the right of [ 28.310858] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.312145] [ 28.312337] The buggy address belongs to the physical page: [ 28.314329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.314995] flags: 0x200000000000000(node=0|zone=2) [ 28.315498] page_type: f5(slab) [ 28.315765] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.316739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.318034] page dumped because: kasan: bad access detected [ 28.318496] [ 28.318667] Memory state around the buggy address: [ 28.319512] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.320861] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.321956] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.322449] ^ [ 28.322891] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.323504] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.324120] ================================================================== [ 27.961053] ================================================================== [ 27.962476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 27.963280] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.963999] [ 27.964234] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.966012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.966614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.967436] Call Trace: [ 27.968134] <TASK> [ 27.969060] dump_stack_lvl+0x73/0xb0 [ 27.970002] print_report+0xd1/0x640 [ 27.971059] ? __virt_addr_valid+0x1db/0x2d0 [ 27.972136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.973119] kasan_report+0x102/0x140 [ 27.973934] ? kasan_atomics_helper+0x993/0x5450 [ 27.974744] ? kasan_atomics_helper+0x993/0x5450 [ 27.975746] kasan_check_range+0x10c/0x1c0 [ 27.976200] __kasan_check_write+0x18/0x20 [ 27.977016] kasan_atomics_helper+0x993/0x5450 [ 27.977891] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.978879] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.979721] ? __schedule+0xc3e/0x2790 [ 27.980831] ? finish_task_switch.isra.0+0x153/0x700 [ 27.981287] ? kasan_atomics+0x153/0x310 [ 27.982107] kasan_atomics+0x1dd/0x310 [ 27.982632] ? __pfx_kasan_atomics+0x10/0x10 [ 27.983804] ? __pfx_read_tsc+0x10/0x10 [ 27.984181] ? ktime_get_ts64+0x86/0x230 [ 27.985856] kunit_try_run_case+0x1b3/0x490 [ 27.986292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.987855] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.988317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.989241] ? __kthread_parkme+0x82/0x160 [ 27.989570] ? preempt_count_sub+0x50/0x80 [ 27.990545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.991418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.992129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.992797] kthread+0x257/0x310 [ 27.994182] ? __pfx_kthread+0x10/0x10 [ 27.994927] ret_from_fork+0x41/0x80 [ 27.995477] ? __pfx_kthread+0x10/0x10 [ 27.995700] ret_from_fork_asm+0x1a/0x30 [ 27.995917] </TASK> [ 27.996041] [ 27.996138] Allocated by task 273: [ 27.996295] kasan_save_stack+0x3d/0x60 [ 27.997084] kasan_save_track+0x18/0x40 [ 27.997809] kasan_save_alloc_info+0x3b/0x50 [ 27.998767] __kasan_kmalloc+0xb7/0xc0 [ 27.999507] __kmalloc_cache_noprof+0x184/0x410 [ 28.000520] kasan_atomics+0x96/0x310 [ 28.001504] kunit_try_run_case+0x1b3/0x490 [ 28.001826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.002335] kthread+0x257/0x310 [ 28.002595] ret_from_fork+0x41/0x80 [ 28.003057] ret_from_fork_asm+0x1a/0x30 [ 28.003638] [ 28.004041] The buggy address belongs to the object at ffff888101afb700 [ 28.004041] which belongs to the cache kmalloc-64 of size 64 [ 28.006148] The buggy address is located 0 bytes to the right of [ 28.006148] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.008336] [ 28.008757] The buggy address belongs to the physical page: [ 28.009256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.010621] flags: 0x200000000000000(node=0|zone=2) [ 28.011205] page_type: f5(slab) [ 28.011897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.012788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.014264] page dumped because: kasan: bad access detected [ 28.014831] [ 28.015499] Memory state around the buggy address: [ 28.015946] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.017130] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.018062] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.018449] ^ [ 28.019395] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.020225] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.021215] ================================================================== [ 30.222938] ================================================================== [ 30.223609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 30.224328] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.225089] [ 30.225403] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.226332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.226636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.227758] Call Trace: [ 30.228212] <TASK> [ 30.228453] dump_stack_lvl+0x73/0xb0 [ 30.228966] print_report+0xd1/0x640 [ 30.229360] ? __virt_addr_valid+0x1db/0x2d0 [ 30.229957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.230511] kasan_report+0x102/0x140 [ 30.230910] ? kasan_atomics_helper+0x218b/0x5450 [ 30.231634] ? kasan_atomics_helper+0x218b/0x5450 [ 30.232229] kasan_check_range+0x10c/0x1c0 [ 30.232787] __kasan_check_write+0x18/0x20 [ 30.233345] kasan_atomics_helper+0x218b/0x5450 [ 30.233821] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.234439] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.235046] ? __schedule+0xc3e/0x2790 [ 30.235523] ? finish_task_switch.isra.0+0x153/0x700 [ 30.236059] ? kasan_atomics+0x153/0x310 [ 30.236622] kasan_atomics+0x1dd/0x310 [ 30.237238] ? __pfx_kasan_atomics+0x10/0x10 [ 30.237725] ? __pfx_read_tsc+0x10/0x10 [ 30.238154] ? ktime_get_ts64+0x86/0x230 [ 30.238751] kunit_try_run_case+0x1b3/0x490 [ 30.239266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.239805] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.240290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.240902] ? __kthread_parkme+0x82/0x160 [ 30.241434] ? preempt_count_sub+0x50/0x80 [ 30.241836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.242393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.243066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.243673] kthread+0x257/0x310 [ 30.244229] ? __pfx_kthread+0x10/0x10 [ 30.244599] ret_from_fork+0x41/0x80 [ 30.245144] ? __pfx_kthread+0x10/0x10 [ 30.245661] ret_from_fork_asm+0x1a/0x30 [ 30.246215] </TASK> [ 30.246520] [ 30.246848] Allocated by task 273: [ 30.247195] kasan_save_stack+0x3d/0x60 [ 30.247759] kasan_save_track+0x18/0x40 [ 30.248216] kasan_save_alloc_info+0x3b/0x50 [ 30.248782] __kasan_kmalloc+0xb7/0xc0 [ 30.249276] __kmalloc_cache_noprof+0x184/0x410 [ 30.249713] kasan_atomics+0x96/0x310 [ 30.250326] kunit_try_run_case+0x1b3/0x490 [ 30.250718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.251360] kthread+0x257/0x310 [ 30.251656] ret_from_fork+0x41/0x80 [ 30.252215] ret_from_fork_asm+0x1a/0x30 [ 30.252671] [ 30.252967] The buggy address belongs to the object at ffff888101afb700 [ 30.252967] which belongs to the cache kmalloc-64 of size 64 [ 30.254096] The buggy address is located 0 bytes to the right of [ 30.254096] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.255231] [ 30.255541] The buggy address belongs to the physical page: [ 30.256083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.256840] flags: 0x200000000000000(node=0|zone=2) [ 30.257379] page_type: f5(slab) [ 30.257845] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.258547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.259331] page dumped because: kasan: bad access detected [ 30.259903] [ 30.260281] Memory state around the buggy address: [ 30.260616] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.261376] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.262184] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.262776] ^ [ 30.263369] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.264247] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.264966] ================================================================== [ 27.735873] ================================================================== [ 27.736861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 27.738032] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.738896] [ 27.739187] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.740415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.740894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.742322] Call Trace: [ 27.742725] <TASK> [ 27.743001] dump_stack_lvl+0x73/0xb0 [ 27.743815] print_report+0xd1/0x640 [ 27.744410] ? __virt_addr_valid+0x1db/0x2d0 [ 27.745067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.745610] kasan_report+0x102/0x140 [ 27.746267] ? kasan_atomics_helper+0x730/0x5450 [ 27.747050] ? kasan_atomics_helper+0x730/0x5450 [ 27.748143] kasan_check_range+0x10c/0x1c0 [ 27.748745] __kasan_check_write+0x18/0x20 [ 27.749278] kasan_atomics_helper+0x730/0x5450 [ 27.750075] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.750494] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.751393] ? __schedule+0xc3e/0x2790 [ 27.751715] ? finish_task_switch.isra.0+0x153/0x700 [ 27.752938] ? kasan_atomics+0x153/0x310 [ 27.753325] kasan_atomics+0x1dd/0x310 [ 27.753994] ? __pfx_kasan_atomics+0x10/0x10 [ 27.754507] ? __pfx_read_tsc+0x10/0x10 [ 27.755062] ? ktime_get_ts64+0x86/0x230 [ 27.755426] kunit_try_run_case+0x1b3/0x490 [ 27.756043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.756775] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.757368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.758074] ? __kthread_parkme+0x82/0x160 [ 27.758725] ? preempt_count_sub+0x50/0x80 [ 27.759397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.759905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.760590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.761188] kthread+0x257/0x310 [ 27.762232] ? __pfx_kthread+0x10/0x10 [ 27.762543] ret_from_fork+0x41/0x80 [ 27.763062] ? __pfx_kthread+0x10/0x10 [ 27.763841] ret_from_fork_asm+0x1a/0x30 [ 27.764439] </TASK> [ 27.764756] [ 27.764986] Allocated by task 273: [ 27.765364] kasan_save_stack+0x3d/0x60 [ 27.765807] kasan_save_track+0x18/0x40 [ 27.766407] kasan_save_alloc_info+0x3b/0x50 [ 27.767390] __kasan_kmalloc+0xb7/0xc0 [ 27.767834] __kmalloc_cache_noprof+0x184/0x410 [ 27.768699] kasan_atomics+0x96/0x310 [ 27.769191] kunit_try_run_case+0x1b3/0x490 [ 27.769656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.770588] kthread+0x257/0x310 [ 27.771093] ret_from_fork+0x41/0x80 [ 27.771722] ret_from_fork_asm+0x1a/0x30 [ 27.772164] [ 27.773001] The buggy address belongs to the object at ffff888101afb700 [ 27.773001] which belongs to the cache kmalloc-64 of size 64 [ 27.774175] The buggy address is located 0 bytes to the right of [ 27.774175] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.775571] [ 27.775823] The buggy address belongs to the physical page: [ 27.776416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.777619] flags: 0x200000000000000(node=0|zone=2) [ 27.778097] page_type: f5(slab) [ 27.778711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.779464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.781026] page dumped because: kasan: bad access detected [ 27.781726] [ 27.781990] Memory state around the buggy address: [ 27.782513] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.783415] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.784107] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.784984] ^ [ 27.785376] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.786920] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.787307] ================================================================== [ 28.572656] ================================================================== [ 28.573732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 28.574498] Write of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 28.575110] [ 28.575321] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 28.576926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.577502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.578264] Call Trace: [ 28.578566] <TASK> [ 28.578828] dump_stack_lvl+0x73/0xb0 [ 28.579671] print_report+0xd1/0x640 [ 28.580236] ? __virt_addr_valid+0x1db/0x2d0 [ 28.580929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.581608] kasan_report+0x102/0x140 [ 28.582057] ? kasan_atomics_helper+0x107a/0x5450 [ 28.582720] ? kasan_atomics_helper+0x107a/0x5450 [ 28.583314] kasan_check_range+0x10c/0x1c0 [ 28.583568] __kasan_check_write+0x18/0x20 [ 28.583765] kasan_atomics_helper+0x107a/0x5450 [ 28.584075] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.584745] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.585598] ? __schedule+0xc3e/0x2790 [ 28.586191] ? finish_task_switch.isra.0+0x153/0x700 [ 28.587100] ? kasan_atomics+0x153/0x310 [ 28.587653] kasan_atomics+0x1dd/0x310 [ 28.588202] ? __pfx_kasan_atomics+0x10/0x10 [ 28.589100] ? __pfx_read_tsc+0x10/0x10 [ 28.589546] ? ktime_get_ts64+0x86/0x230 [ 28.590245] kunit_try_run_case+0x1b3/0x490 [ 28.590789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.591366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.591746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.592236] ? __kthread_parkme+0x82/0x160 [ 28.592566] ? preempt_count_sub+0x50/0x80 [ 28.593099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.593850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.594901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.595494] kthread+0x257/0x310 [ 28.595686] ? __pfx_kthread+0x10/0x10 [ 28.595882] ret_from_fork+0x41/0x80 [ 28.596166] ? __pfx_kthread+0x10/0x10 [ 28.596638] ret_from_fork_asm+0x1a/0x30 [ 28.597070] </TASK> [ 28.597363] [ 28.597575] Allocated by task 273: [ 28.598255] kasan_save_stack+0x3d/0x60 [ 28.598786] kasan_save_track+0x18/0x40 [ 28.599154] kasan_save_alloc_info+0x3b/0x50 [ 28.599519] __kasan_kmalloc+0xb7/0xc0 [ 28.600326] __kmalloc_cache_noprof+0x184/0x410 [ 28.601141] kasan_atomics+0x96/0x310 [ 28.601558] kunit_try_run_case+0x1b3/0x490 [ 28.602557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.602947] kthread+0x257/0x310 [ 28.603520] ret_from_fork+0x41/0x80 [ 28.604019] ret_from_fork_asm+0x1a/0x30 [ 28.604437] [ 28.605163] The buggy address belongs to the object at ffff888101afb700 [ 28.605163] which belongs to the cache kmalloc-64 of size 64 [ 28.606948] The buggy address is located 0 bytes to the right of [ 28.606948] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 28.608527] [ 28.608752] The buggy address belongs to the physical page: [ 28.609371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 28.609768] flags: 0x200000000000000(node=0|zone=2) [ 28.610408] page_type: f5(slab) [ 28.611014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.612187] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.612559] page dumped because: kasan: bad access detected [ 28.613316] [ 28.613522] Memory state around the buggy address: [ 28.613822] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.614661] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.615519] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.616149] ^ [ 28.616739] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.617638] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.618291] ================================================================== [ 29.669051] ================================================================== [ 29.670646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 29.671585] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.672585] [ 29.672819] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.674098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.674701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.675680] Call Trace: [ 29.676241] <TASK> [ 29.676512] dump_stack_lvl+0x73/0xb0 [ 29.676902] print_report+0xd1/0x640 [ 29.677561] ? __virt_addr_valid+0x1db/0x2d0 [ 29.678617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.679444] kasan_report+0x102/0x140 [ 29.680386] ? kasan_atomics_helper+0x1c19/0x5450 [ 29.680877] ? kasan_atomics_helper+0x1c19/0x5450 [ 29.681697] kasan_check_range+0x10c/0x1c0 [ 29.682818] __kasan_check_write+0x18/0x20 [ 29.683443] kasan_atomics_helper+0x1c19/0x5450 [ 29.683907] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.684978] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.685613] ? __schedule+0xc3e/0x2790 [ 29.685981] ? finish_task_switch.isra.0+0x153/0x700 [ 29.686632] ? kasan_atomics+0x153/0x310 [ 29.687242] kasan_atomics+0x1dd/0x310 [ 29.687578] ? __pfx_kasan_atomics+0x10/0x10 [ 29.688108] ? __pfx_read_tsc+0x10/0x10 [ 29.688720] ? ktime_get_ts64+0x86/0x230 [ 29.689773] kunit_try_run_case+0x1b3/0x490 [ 29.690502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.690901] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.691429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.692179] ? __kthread_parkme+0x82/0x160 [ 29.692662] ? preempt_count_sub+0x50/0x80 [ 29.693469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.694761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.695344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.695984] kthread+0x257/0x310 [ 29.696278] ? __pfx_kthread+0x10/0x10 [ 29.696748] ret_from_fork+0x41/0x80 [ 29.697342] ? __pfx_kthread+0x10/0x10 [ 29.697720] ret_from_fork_asm+0x1a/0x30 [ 29.698311] </TASK> [ 29.698588] [ 29.698854] Allocated by task 273: [ 29.699270] kasan_save_stack+0x3d/0x60 [ 29.699797] kasan_save_track+0x18/0x40 [ 29.700422] kasan_save_alloc_info+0x3b/0x50 [ 29.700893] __kasan_kmalloc+0xb7/0xc0 [ 29.701213] __kmalloc_cache_noprof+0x184/0x410 [ 29.701872] kasan_atomics+0x96/0x310 [ 29.702321] kunit_try_run_case+0x1b3/0x490 [ 29.702797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.703338] kthread+0x257/0x310 [ 29.703818] ret_from_fork+0x41/0x80 [ 29.704358] ret_from_fork_asm+0x1a/0x30 [ 29.704758] [ 29.704932] The buggy address belongs to the object at ffff888101afb700 [ 29.704932] which belongs to the cache kmalloc-64 of size 64 [ 29.706225] The buggy address is located 0 bytes to the right of [ 29.706225] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.707445] [ 29.707741] The buggy address belongs to the physical page: [ 29.708265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.708938] flags: 0x200000000000000(node=0|zone=2) [ 29.709582] page_type: f5(slab) [ 29.710058] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.710690] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.711342] page dumped because: kasan: bad access detected [ 29.711698] [ 29.711901] Memory state around the buggy address: [ 29.712896] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.713406] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.714257] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.714909] ^ [ 29.715459] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.716057] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.716569] ================================================================== [ 29.368635] ================================================================== [ 29.369585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 29.370369] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.371076] [ 29.371335] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.372344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.372671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.373599] Call Trace: [ 29.374014] <TASK> [ 29.374392] dump_stack_lvl+0x73/0xb0 [ 29.374988] print_report+0xd1/0x640 [ 29.375291] ? __virt_addr_valid+0x1db/0x2d0 [ 29.375888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.376543] kasan_report+0x102/0x140 [ 29.376962] ? kasan_atomics_helper+0x1819/0x5450 [ 29.377479] ? kasan_atomics_helper+0x1819/0x5450 [ 29.378014] kasan_check_range+0x10c/0x1c0 [ 29.378452] __kasan_check_write+0x18/0x20 [ 29.379110] kasan_atomics_helper+0x1819/0x5450 [ 29.379691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.380219] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.380815] ? __schedule+0xc3e/0x2790 [ 29.381260] ? finish_task_switch.isra.0+0x153/0x700 [ 29.381783] ? kasan_atomics+0x153/0x310 [ 29.382308] kasan_atomics+0x1dd/0x310 [ 29.382668] ? __pfx_kasan_atomics+0x10/0x10 [ 29.383164] ? __pfx_read_tsc+0x10/0x10 [ 29.383880] ? ktime_get_ts64+0x86/0x230 [ 29.384753] kunit_try_run_case+0x1b3/0x490 [ 29.385388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.386075] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.386553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.387018] ? __kthread_parkme+0x82/0x160 [ 29.387588] ? preempt_count_sub+0x50/0x80 [ 29.388058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.388705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.389548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.390190] kthread+0x257/0x310 [ 29.390749] ? __pfx_kthread+0x10/0x10 [ 29.391372] ret_from_fork+0x41/0x80 [ 29.391769] ? __pfx_kthread+0x10/0x10 [ 29.392200] ret_from_fork_asm+0x1a/0x30 [ 29.392983] </TASK> [ 29.393164] [ 29.393309] Allocated by task 273: [ 29.393573] kasan_save_stack+0x3d/0x60 [ 29.393840] kasan_save_track+0x18/0x40 [ 29.394103] kasan_save_alloc_info+0x3b/0x50 [ 29.394400] __kasan_kmalloc+0xb7/0xc0 [ 29.394768] __kmalloc_cache_noprof+0x184/0x410 [ 29.395084] kasan_atomics+0x96/0x310 [ 29.395363] kunit_try_run_case+0x1b3/0x490 [ 29.396440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.397190] kthread+0x257/0x310 [ 29.397715] ret_from_fork+0x41/0x80 [ 29.398387] ret_from_fork_asm+0x1a/0x30 [ 29.398858] [ 29.399221] The buggy address belongs to the object at ffff888101afb700 [ 29.399221] which belongs to the cache kmalloc-64 of size 64 [ 29.399914] The buggy address is located 0 bytes to the right of [ 29.399914] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.401393] [ 29.401601] The buggy address belongs to the physical page: [ 29.402419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.402892] flags: 0x200000000000000(node=0|zone=2) [ 29.403218] page_type: f5(slab) [ 29.403477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.404454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.405903] page dumped because: kasan: bad access detected [ 29.406543] [ 29.406795] Memory state around the buggy address: [ 29.408145] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.409313] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.409762] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.410149] ^ [ 29.410531] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.411902] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.412615] ================================================================== [ 29.809149] ================================================================== [ 29.809737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 29.810627] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 29.811337] [ 29.811661] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 29.812590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.813192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.814039] Call Trace: [ 29.814464] <TASK> [ 29.814789] dump_stack_lvl+0x73/0xb0 [ 29.815429] print_report+0xd1/0x640 [ 29.815819] ? __virt_addr_valid+0x1db/0x2d0 [ 29.816411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.817088] kasan_report+0x102/0x140 [ 29.817527] ? kasan_atomics_helper+0x1d7b/0x5450 [ 29.818115] ? kasan_atomics_helper+0x1d7b/0x5450 [ 29.818779] kasan_check_range+0x10c/0x1c0 [ 29.819289] __kasan_check_write+0x18/0x20 [ 29.819693] kasan_atomics_helper+0x1d7b/0x5450 [ 29.820246] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.820881] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.821444] ? __schedule+0xc3e/0x2790 [ 29.821940] ? finish_task_switch.isra.0+0x153/0x700 [ 29.822630] ? kasan_atomics+0x153/0x310 [ 29.823237] kasan_atomics+0x1dd/0x310 [ 29.823634] ? __pfx_kasan_atomics+0x10/0x10 [ 29.824297] ? __pfx_read_tsc+0x10/0x10 [ 29.824751] ? ktime_get_ts64+0x86/0x230 [ 29.825307] kunit_try_run_case+0x1b3/0x490 [ 29.825790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.826346] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.826801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.827286] ? __kthread_parkme+0x82/0x160 [ 29.827800] ? preempt_count_sub+0x50/0x80 [ 29.828228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.828586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.829416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.830028] kthread+0x257/0x310 [ 29.830530] ? __pfx_kthread+0x10/0x10 [ 29.831037] ret_from_fork+0x41/0x80 [ 29.831498] ? __pfx_kthread+0x10/0x10 [ 29.831933] ret_from_fork_asm+0x1a/0x30 [ 29.832598] </TASK> [ 29.832851] [ 29.833213] Allocated by task 273: [ 29.833609] kasan_save_stack+0x3d/0x60 [ 29.834190] kasan_save_track+0x18/0x40 [ 29.834659] kasan_save_alloc_info+0x3b/0x50 [ 29.835289] __kasan_kmalloc+0xb7/0xc0 [ 29.835632] __kmalloc_cache_noprof+0x184/0x410 [ 29.836311] kasan_atomics+0x96/0x310 [ 29.836796] kunit_try_run_case+0x1b3/0x490 [ 29.837303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.837790] kthread+0x257/0x310 [ 29.838294] ret_from_fork+0x41/0x80 [ 29.838933] ret_from_fork_asm+0x1a/0x30 [ 29.839351] [ 29.839513] The buggy address belongs to the object at ffff888101afb700 [ 29.839513] which belongs to the cache kmalloc-64 of size 64 [ 29.840746] The buggy address is located 0 bytes to the right of [ 29.840746] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 29.841914] [ 29.842173] The buggy address belongs to the physical page: [ 29.842955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 29.843778] flags: 0x200000000000000(node=0|zone=2) [ 29.844388] page_type: f5(slab) [ 29.844808] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.845389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.846379] page dumped because: kasan: bad access detected [ 29.846926] [ 29.847229] Memory state around the buggy address: [ 29.847755] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.848512] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.849177] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.850045] ^ [ 29.850518] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.851271] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.851701] ================================================================== [ 27.212246] ================================================================== [ 27.213104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 27.214671] Read of size 4 at addr ffff888101afb730 by task kunit_try_catch/273 [ 27.215259] [ 27.215749] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.216891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.218343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.219462] Call Trace: [ 27.219820] <TASK> [ 27.220209] dump_stack_lvl+0x73/0xb0 [ 27.220925] print_report+0xd1/0x640 [ 27.221361] ? __virt_addr_valid+0x1db/0x2d0 [ 27.222188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.223012] kasan_report+0x102/0x140 [ 27.223458] ? kasan_atomics_helper+0x4b8a/0x5450 [ 27.224788] ? kasan_atomics_helper+0x4b8a/0x5450 [ 27.225973] __asan_report_load4_noabort+0x18/0x20 [ 27.227019] kasan_atomics_helper+0x4b8a/0x5450 [ 27.227627] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.228268] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.229110] ? __schedule+0xc3e/0x2790 [ 27.230268] ? finish_task_switch.isra.0+0x153/0x700 [ 27.231088] ? kasan_atomics+0x153/0x310 [ 27.231836] kasan_atomics+0x1dd/0x310 [ 27.232224] ? __pfx_kasan_atomics+0x10/0x10 [ 27.233096] ? __pfx_read_tsc+0x10/0x10 [ 27.233607] ? ktime_get_ts64+0x86/0x230 [ 27.234114] kunit_try_run_case+0x1b3/0x490 [ 27.234925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.235607] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.236169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.237145] ? __kthread_parkme+0x82/0x160 [ 27.237913] ? preempt_count_sub+0x50/0x80 [ 27.239262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.240189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.241128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.241929] kthread+0x257/0x310 [ 27.242170] ? __pfx_kthread+0x10/0x10 [ 27.243199] ret_from_fork+0x41/0x80 [ 27.244118] ? __pfx_kthread+0x10/0x10 [ 27.245358] ret_from_fork_asm+0x1a/0x30 [ 27.245714] </TASK> [ 27.246090] [ 27.246242] Allocated by task 273: [ 27.247100] kasan_save_stack+0x3d/0x60 [ 27.248022] kasan_save_track+0x18/0x40 [ 27.248969] kasan_save_alloc_info+0x3b/0x50 [ 27.249804] __kasan_kmalloc+0xb7/0xc0 [ 27.250506] __kmalloc_cache_noprof+0x184/0x410 [ 27.250824] kasan_atomics+0x96/0x310 [ 27.251146] kunit_try_run_case+0x1b3/0x490 [ 27.251514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.252145] kthread+0x257/0x310 [ 27.252893] ret_from_fork+0x41/0x80 [ 27.253191] ret_from_fork_asm+0x1a/0x30 [ 27.254011] [ 27.254518] The buggy address belongs to the object at ffff888101afb700 [ 27.254518] which belongs to the cache kmalloc-64 of size 64 [ 27.255800] The buggy address is located 0 bytes to the right of [ 27.255800] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 27.258704] [ 27.259647] The buggy address belongs to the physical page: [ 27.260230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 27.261016] flags: 0x200000000000000(node=0|zone=2) [ 27.261906] page_type: f5(slab) [ 27.262648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.262944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.263226] page dumped because: kasan: bad access detected [ 27.264026] [ 27.264826] Memory state around the buggy address: [ 27.265716] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.266572] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.267630] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.268751] ^ [ 27.269125] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.269727] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.271069] ================================================================== [ 30.304485] ================================================================== [ 30.305352] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 30.306059] Write of size 8 at addr ffff888101afb730 by task kunit_try_catch/273 [ 30.306758] [ 30.307072] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 30.307824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.308304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.309177] Call Trace: [ 30.309403] <TASK> [ 30.309755] dump_stack_lvl+0x73/0xb0 [ 30.310302] print_report+0xd1/0x640 [ 30.310806] ? __virt_addr_valid+0x1db/0x2d0 [ 30.311248] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.311851] kasan_report+0x102/0x140 [ 30.312303] ? kasan_atomics_helper+0x224d/0x5450 [ 30.312700] ? kasan_atomics_helper+0x224d/0x5450 [ 30.313142] kasan_check_range+0x10c/0x1c0 [ 30.313764] __kasan_check_write+0x18/0x20 [ 30.314226] kasan_atomics_helper+0x224d/0x5450 [ 30.314685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.315124] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.315739] ? __schedule+0xc3e/0x2790 [ 30.316149] ? finish_task_switch.isra.0+0x153/0x700 [ 30.316522] ? kasan_atomics+0x153/0x310 [ 30.316938] kasan_atomics+0x1dd/0x310 [ 30.317483] ? __pfx_kasan_atomics+0x10/0x10 [ 30.318076] ? __pfx_read_tsc+0x10/0x10 [ 30.318516] ? ktime_get_ts64+0x86/0x230 [ 30.318994] kunit_try_run_case+0x1b3/0x490 [ 30.319410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.319802] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.320325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.320814] ? __kthread_parkme+0x82/0x160 [ 30.321275] ? preempt_count_sub+0x50/0x80 [ 30.321674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.322210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.322605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.323314] kthread+0x257/0x310 [ 30.323787] ? __pfx_kthread+0x10/0x10 [ 30.324169] ret_from_fork+0x41/0x80 [ 30.324632] ? __pfx_kthread+0x10/0x10 [ 30.324944] ret_from_fork_asm+0x1a/0x30 [ 30.325445] </TASK> [ 30.325696] [ 30.325955] Allocated by task 273: [ 30.326345] kasan_save_stack+0x3d/0x60 [ 30.326742] kasan_save_track+0x18/0x40 [ 30.327204] kasan_save_alloc_info+0x3b/0x50 [ 30.327572] __kasan_kmalloc+0xb7/0xc0 [ 30.328077] __kmalloc_cache_noprof+0x184/0x410 [ 30.328468] kasan_atomics+0x96/0x310 [ 30.328890] kunit_try_run_case+0x1b3/0x490 [ 30.329361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.329741] kthread+0x257/0x310 [ 30.330004] ret_from_fork+0x41/0x80 [ 30.330339] ret_from_fork_asm+0x1a/0x30 [ 30.330643] [ 30.330906] The buggy address belongs to the object at ffff888101afb700 [ 30.330906] which belongs to the cache kmalloc-64 of size 64 [ 30.332358] The buggy address is located 0 bytes to the right of [ 30.332358] allocated 48-byte region [ffff888101afb700, ffff888101afb730) [ 30.333512] [ 30.333730] The buggy address belongs to the physical page: [ 30.334239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afb [ 30.335134] flags: 0x200000000000000(node=0|zone=2) [ 30.335736] page_type: f5(slab) [ 30.336067] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.336708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.337341] page dumped because: kasan: bad access detected [ 30.337818] [ 30.338128] Memory state around the buggy address: [ 30.338556] ffff888101afb600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.339304] ffff888101afb680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.339871] >ffff888101afb700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.340520] ^ [ 30.340855] ffff888101afb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.341320] ffff888101afb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.341907] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 26.943249] ================================================================== [ 26.944093] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 26.944848] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.946203] [ 26.947542] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.948720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.949302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.950099] Call Trace: [ 26.950391] <TASK> [ 26.950708] dump_stack_lvl+0x73/0xb0 [ 26.951134] print_report+0xd1/0x640 [ 26.951437] ? __virt_addr_valid+0x1db/0x2d0 [ 26.952115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.953159] kasan_report+0x102/0x140 [ 26.954443] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 26.955177] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 26.956537] kasan_check_range+0x10c/0x1c0 [ 26.957426] __kasan_check_write+0x18/0x20 [ 26.957723] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 26.958254] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.958936] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.959526] ? kasan_bitops_generic+0x93/0x1c0 [ 26.960020] kasan_bitops_generic+0x122/0x1c0 [ 26.960685] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.961215] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.961943] kunit_try_run_case+0x1b3/0x490 [ 26.962530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.963051] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.963700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.964231] ? __kthread_parkme+0x82/0x160 [ 26.964718] ? preempt_count_sub+0x50/0x80 [ 26.965153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.965708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.966301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.966996] kthread+0x257/0x310 [ 26.967418] ? __pfx_kthread+0x10/0x10 [ 26.967693] ret_from_fork+0x41/0x80 [ 26.968283] ? __pfx_kthread+0x10/0x10 [ 26.968849] ret_from_fork_asm+0x1a/0x30 [ 26.969201] </TASK> [ 26.969625] [ 26.969895] Allocated by task 269: [ 26.970327] kasan_save_stack+0x3d/0x60 [ 26.970617] kasan_save_track+0x18/0x40 [ 26.971207] kasan_save_alloc_info+0x3b/0x50 [ 26.971730] __kasan_kmalloc+0xb7/0xc0 [ 26.972258] __kmalloc_cache_noprof+0x184/0x410 [ 26.972907] kasan_bitops_generic+0x93/0x1c0 [ 26.973493] kunit_try_run_case+0x1b3/0x490 [ 26.974115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.974484] kthread+0x257/0x310 [ 26.974918] ret_from_fork+0x41/0x80 [ 26.975366] ret_from_fork_asm+0x1a/0x30 [ 26.975699] [ 26.975984] The buggy address belongs to the object at ffff888102795340 [ 26.975984] which belongs to the cache kmalloc-16 of size 16 [ 26.977098] The buggy address is located 8 bytes inside of [ 26.977098] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.978183] [ 26.978400] The buggy address belongs to the physical page: [ 26.979218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.979861] flags: 0x200000000000000(node=0|zone=2) [ 26.980462] page_type: f5(slab) [ 26.980716] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.981754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.982591] page dumped because: kasan: bad access detected [ 26.983165] [ 26.983346] Memory state around the buggy address: [ 26.983656] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.984756] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.985586] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.986403] ^ [ 26.987066] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.987677] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.988370] ================================================================== [ 26.752963] ================================================================== [ 26.753530] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 26.754879] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.756369] [ 26.756586] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.757631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.758195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.759173] Call Trace: [ 26.759418] <TASK> [ 26.759760] dump_stack_lvl+0x73/0xb0 [ 26.760090] print_report+0xd1/0x640 [ 26.760392] ? __virt_addr_valid+0x1db/0x2d0 [ 26.760972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.761579] kasan_report+0x102/0x140 [ 26.762016] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 26.762590] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 26.763191] kasan_check_range+0x10c/0x1c0 [ 26.763614] __kasan_check_write+0x18/0x20 [ 26.764135] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 26.764590] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.765341] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.765823] ? kasan_bitops_generic+0x93/0x1c0 [ 26.766287] kasan_bitops_generic+0x122/0x1c0 [ 26.766611] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.767208] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.767866] kunit_try_run_case+0x1b3/0x490 [ 26.768409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.768817] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.769381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.769804] ? __kthread_parkme+0x82/0x160 [ 26.770138] ? preempt_count_sub+0x50/0x80 [ 26.770732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.771238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.771835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.772336] kthread+0x257/0x310 [ 26.772598] ? __pfx_kthread+0x10/0x10 [ 26.773107] ret_from_fork+0x41/0x80 [ 26.773617] ? __pfx_kthread+0x10/0x10 [ 26.774132] ret_from_fork_asm+0x1a/0x30 [ 26.774586] </TASK> [ 26.774901] [ 26.775070] Allocated by task 269: [ 26.775345] kasan_save_stack+0x3d/0x60 [ 26.775746] kasan_save_track+0x18/0x40 [ 26.776193] kasan_save_alloc_info+0x3b/0x50 [ 26.776766] __kasan_kmalloc+0xb7/0xc0 [ 26.777178] __kmalloc_cache_noprof+0x184/0x410 [ 26.777525] kasan_bitops_generic+0x93/0x1c0 [ 26.777914] kunit_try_run_case+0x1b3/0x490 [ 26.778416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.779079] kthread+0x257/0x310 [ 26.779511] ret_from_fork+0x41/0x80 [ 26.779841] ret_from_fork_asm+0x1a/0x30 [ 26.780355] [ 26.780617] The buggy address belongs to the object at ffff888102795340 [ 26.780617] which belongs to the cache kmalloc-16 of size 16 [ 26.781530] The buggy address is located 8 bytes inside of [ 26.781530] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.782553] [ 26.782779] The buggy address belongs to the physical page: [ 26.783410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.783969] flags: 0x200000000000000(node=0|zone=2) [ 26.784550] page_type: f5(slab) [ 26.785002] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.785726] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.786160] page dumped because: kasan: bad access detected [ 26.787717] [ 26.788103] Memory state around the buggy address: [ 26.788519] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.789583] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.790518] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.790976] ^ [ 26.791889] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.792775] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.793468] ================================================================== [ 26.842051] ================================================================== [ 26.842752] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 26.843296] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.844293] [ 26.844517] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.845207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.845914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.846572] Call Trace: [ 26.846789] <TASK> [ 26.846986] dump_stack_lvl+0x73/0xb0 [ 26.847302] print_report+0xd1/0x640 [ 26.847788] ? __virt_addr_valid+0x1db/0x2d0 [ 26.848393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.850098] kasan_report+0x102/0x140 [ 26.851915] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 26.852621] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 26.853407] kasan_check_range+0x10c/0x1c0 [ 26.854102] __kasan_check_write+0x18/0x20 [ 26.854598] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 26.855317] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.856071] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.856355] ? kasan_bitops_generic+0x93/0x1c0 [ 26.857038] kasan_bitops_generic+0x122/0x1c0 [ 26.857738] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.858308] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.858954] kunit_try_run_case+0x1b3/0x490 [ 26.859614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.860360] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.861288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.861729] ? __kthread_parkme+0x82/0x160 [ 26.862108] ? preempt_count_sub+0x50/0x80 [ 26.862543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.863192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.864593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.865099] kthread+0x257/0x310 [ 26.865363] ? __pfx_kthread+0x10/0x10 [ 26.865608] ret_from_fork+0x41/0x80 [ 26.866271] ? __pfx_kthread+0x10/0x10 [ 26.866801] ret_from_fork_asm+0x1a/0x30 [ 26.867784] </TASK> [ 26.868121] [ 26.868817] Allocated by task 269: [ 26.869165] kasan_save_stack+0x3d/0x60 [ 26.869675] kasan_save_track+0x18/0x40 [ 26.870284] kasan_save_alloc_info+0x3b/0x50 [ 26.870962] __kasan_kmalloc+0xb7/0xc0 [ 26.871637] __kmalloc_cache_noprof+0x184/0x410 [ 26.872332] kasan_bitops_generic+0x93/0x1c0 [ 26.872662] kunit_try_run_case+0x1b3/0x490 [ 26.873279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.874207] kthread+0x257/0x310 [ 26.874604] ret_from_fork+0x41/0x80 [ 26.875065] ret_from_fork_asm+0x1a/0x30 [ 26.875806] [ 26.876022] The buggy address belongs to the object at ffff888102795340 [ 26.876022] which belongs to the cache kmalloc-16 of size 16 [ 26.877206] The buggy address is located 8 bytes inside of [ 26.877206] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.878606] [ 26.878999] The buggy address belongs to the physical page: [ 26.879745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.880853] flags: 0x200000000000000(node=0|zone=2) [ 26.881293] page_type: f5(slab) [ 26.881746] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.882599] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.883198] page dumped because: kasan: bad access detected [ 26.884079] [ 26.884293] Memory state around the buggy address: [ 26.884676] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.885523] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.886573] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.887432] ^ [ 26.888030] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.888943] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.889775] ================================================================== [ 26.707102] ================================================================== [ 26.708605] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 26.709539] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.710162] [ 26.710463] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.711583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.712001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.712966] Call Trace: [ 26.713207] <TASK> [ 26.713627] dump_stack_lvl+0x73/0xb0 [ 26.714021] print_report+0xd1/0x640 [ 26.714538] ? __virt_addr_valid+0x1db/0x2d0 [ 26.715091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.715877] kasan_report+0x102/0x140 [ 26.716180] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 26.716866] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 26.717685] kasan_check_range+0x10c/0x1c0 [ 26.718142] __kasan_check_write+0x18/0x20 [ 26.718615] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 26.719082] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.719975] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.720411] ? kasan_bitops_generic+0x93/0x1c0 [ 26.720975] kasan_bitops_generic+0x122/0x1c0 [ 26.721430] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.721913] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.722566] kunit_try_run_case+0x1b3/0x490 [ 26.722911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.723543] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.724025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.724649] ? __kthread_parkme+0x82/0x160 [ 26.725334] ? preempt_count_sub+0x50/0x80 [ 26.725888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.726379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.726925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.727852] kthread+0x257/0x310 [ 26.728156] ? __pfx_kthread+0x10/0x10 [ 26.728784] ret_from_fork+0x41/0x80 [ 26.729148] ? __pfx_kthread+0x10/0x10 [ 26.730037] ret_from_fork_asm+0x1a/0x30 [ 26.730551] </TASK> [ 26.730843] [ 26.731278] Allocated by task 269: [ 26.731883] kasan_save_stack+0x3d/0x60 [ 26.732439] kasan_save_track+0x18/0x40 [ 26.732897] kasan_save_alloc_info+0x3b/0x50 [ 26.733581] __kasan_kmalloc+0xb7/0xc0 [ 26.734111] __kmalloc_cache_noprof+0x184/0x410 [ 26.734750] kasan_bitops_generic+0x93/0x1c0 [ 26.735301] kunit_try_run_case+0x1b3/0x490 [ 26.735906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.736483] kthread+0x257/0x310 [ 26.737025] ret_from_fork+0x41/0x80 [ 26.737530] ret_from_fork_asm+0x1a/0x30 [ 26.738033] [ 26.738367] The buggy address belongs to the object at ffff888102795340 [ 26.738367] which belongs to the cache kmalloc-16 of size 16 [ 26.739641] The buggy address is located 8 bytes inside of [ 26.739641] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.740943] [ 26.741122] The buggy address belongs to the physical page: [ 26.741863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.742575] flags: 0x200000000000000(node=0|zone=2) [ 26.743102] page_type: f5(slab) [ 26.743638] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.744435] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.745279] page dumped because: kasan: bad access detected [ 26.745920] [ 26.746123] Memory state around the buggy address: [ 26.746915] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.747732] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.748432] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.749466] ^ [ 26.749915] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.750805] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.751649] ================================================================== [ 26.661448] ================================================================== [ 26.663122] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 26.664025] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.664907] [ 26.665144] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.666407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.667110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.668430] Call Trace: [ 26.668969] <TASK> [ 26.669197] dump_stack_lvl+0x73/0xb0 [ 26.669785] print_report+0xd1/0x640 [ 26.670184] ? __virt_addr_valid+0x1db/0x2d0 [ 26.670740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.671277] kasan_report+0x102/0x140 [ 26.671842] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 26.672497] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 26.673061] kasan_check_range+0x10c/0x1c0 [ 26.673489] __kasan_check_write+0x18/0x20 [ 26.673941] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 26.674602] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.675351] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.675765] ? kasan_bitops_generic+0x93/0x1c0 [ 26.676401] kasan_bitops_generic+0x122/0x1c0 [ 26.676762] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.677598] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.678063] kunit_try_run_case+0x1b3/0x490 [ 26.678785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.679303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.679759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.680254] ? __kthread_parkme+0x82/0x160 [ 26.680999] ? preempt_count_sub+0x50/0x80 [ 26.681420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.682115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.682783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.683205] kthread+0x257/0x310 [ 26.683610] ? __pfx_kthread+0x10/0x10 [ 26.684198] ret_from_fork+0x41/0x80 [ 26.684752] ? __pfx_kthread+0x10/0x10 [ 26.685160] ret_from_fork_asm+0x1a/0x30 [ 26.685695] </TASK> [ 26.686127] [ 26.686440] Allocated by task 269: [ 26.686685] kasan_save_stack+0x3d/0x60 [ 26.687206] kasan_save_track+0x18/0x40 [ 26.687855] kasan_save_alloc_info+0x3b/0x50 [ 26.688356] __kasan_kmalloc+0xb7/0xc0 [ 26.688960] __kmalloc_cache_noprof+0x184/0x410 [ 26.689811] kasan_bitops_generic+0x93/0x1c0 [ 26.690210] kunit_try_run_case+0x1b3/0x490 [ 26.690868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.691304] kthread+0x257/0x310 [ 26.691767] ret_from_fork+0x41/0x80 [ 26.692180] ret_from_fork_asm+0x1a/0x30 [ 26.692736] [ 26.692985] The buggy address belongs to the object at ffff888102795340 [ 26.692985] which belongs to the cache kmalloc-16 of size 16 [ 26.695295] The buggy address is located 8 bytes inside of [ 26.695295] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.696355] [ 26.696667] The buggy address belongs to the physical page: [ 26.697190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.697905] flags: 0x200000000000000(node=0|zone=2) [ 26.698376] page_type: f5(slab) [ 26.698896] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.699559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.700338] page dumped because: kasan: bad access detected [ 26.700894] [ 26.701140] Memory state around the buggy address: [ 26.701606] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.702236] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.703055] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.703612] ^ [ 26.704124] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.705067] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.705619] ================================================================== [ 26.795564] ================================================================== [ 26.797004] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 26.798276] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.799176] [ 26.799354] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.801103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.801535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.802802] Call Trace: [ 26.803427] <TASK> [ 26.803951] dump_stack_lvl+0x73/0xb0 [ 26.804597] print_report+0xd1/0x640 [ 26.805441] ? __virt_addr_valid+0x1db/0x2d0 [ 26.805847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.806414] kasan_report+0x102/0x140 [ 26.807225] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 26.807817] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 26.808670] kasan_check_range+0x10c/0x1c0 [ 26.809148] __kasan_check_write+0x18/0x20 [ 26.809898] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 26.810695] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.811375] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.812123] ? kasan_bitops_generic+0x93/0x1c0 [ 26.812775] kasan_bitops_generic+0x122/0x1c0 [ 26.813485] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.814423] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.814862] kunit_try_run_case+0x1b3/0x490 [ 26.815336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.816188] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.816643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.817400] ? __kthread_parkme+0x82/0x160 [ 26.818034] ? preempt_count_sub+0x50/0x80 [ 26.818435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.818950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.819613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.820190] kthread+0x257/0x310 [ 26.820568] ? __pfx_kthread+0x10/0x10 [ 26.820994] ret_from_fork+0x41/0x80 [ 26.821547] ? __pfx_kthread+0x10/0x10 [ 26.822237] ret_from_fork_asm+0x1a/0x30 [ 26.822699] </TASK> [ 26.823088] [ 26.823321] Allocated by task 269: [ 26.823786] kasan_save_stack+0x3d/0x60 [ 26.824224] kasan_save_track+0x18/0x40 [ 26.824555] kasan_save_alloc_info+0x3b/0x50 [ 26.825391] __kasan_kmalloc+0xb7/0xc0 [ 26.825735] __kmalloc_cache_noprof+0x184/0x410 [ 26.826824] kasan_bitops_generic+0x93/0x1c0 [ 26.827352] kunit_try_run_case+0x1b3/0x490 [ 26.827658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.828392] kthread+0x257/0x310 [ 26.829025] ret_from_fork+0x41/0x80 [ 26.829870] ret_from_fork_asm+0x1a/0x30 [ 26.830172] [ 26.830443] The buggy address belongs to the object at ffff888102795340 [ 26.830443] which belongs to the cache kmalloc-16 of size 16 [ 26.831386] The buggy address is located 8 bytes inside of [ 26.831386] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.832409] [ 26.832686] The buggy address belongs to the physical page: [ 26.833335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.834016] flags: 0x200000000000000(node=0|zone=2) [ 26.834418] page_type: f5(slab) [ 26.834826] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.835384] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.836161] page dumped because: kasan: bad access detected [ 26.836613] [ 26.836839] Memory state around the buggy address: [ 26.837147] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.837789] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.838422] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.839087] ^ [ 26.839553] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.839972] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.840735] ================================================================== [ 26.989548] ================================================================== [ 26.990629] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 26.991171] Read of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.992054] [ 26.992372] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.992973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.993262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.994349] Call Trace: [ 26.994714] <TASK> [ 26.994997] dump_stack_lvl+0x73/0xb0 [ 26.995561] print_report+0xd1/0x640 [ 26.996168] ? __virt_addr_valid+0x1db/0x2d0 [ 26.996659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.997199] kasan_report+0x102/0x140 [ 26.997642] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 26.998335] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 26.999093] kasan_check_range+0x10c/0x1c0 [ 26.999587] __kasan_check_read+0x15/0x20 [ 27.000014] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 27.000658] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.001417] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.001861] ? kasan_bitops_generic+0x93/0x1c0 [ 27.002488] kasan_bitops_generic+0x122/0x1c0 [ 27.003047] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.003570] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.004378] kunit_try_run_case+0x1b3/0x490 [ 27.004739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.005164] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.005916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.006303] ? __kthread_parkme+0x82/0x160 [ 27.006791] ? preempt_count_sub+0x50/0x80 [ 27.007201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.007713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.008492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.009288] kthread+0x257/0x310 [ 27.009652] ? __pfx_kthread+0x10/0x10 [ 27.010149] ret_from_fork+0x41/0x80 [ 27.010579] ? __pfx_kthread+0x10/0x10 [ 27.010942] ret_from_fork_asm+0x1a/0x30 [ 27.011477] </TASK> [ 27.011836] [ 27.012183] Allocated by task 269: [ 27.012528] kasan_save_stack+0x3d/0x60 [ 27.012967] kasan_save_track+0x18/0x40 [ 27.013457] kasan_save_alloc_info+0x3b/0x50 [ 27.013757] __kasan_kmalloc+0xb7/0xc0 [ 27.014340] __kmalloc_cache_noprof+0x184/0x410 [ 27.015079] kasan_bitops_generic+0x93/0x1c0 [ 27.015544] kunit_try_run_case+0x1b3/0x490 [ 27.015968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.016497] kthread+0x257/0x310 [ 27.016748] ret_from_fork+0x41/0x80 [ 27.017228] ret_from_fork_asm+0x1a/0x30 [ 27.017562] [ 27.017717] The buggy address belongs to the object at ffff888102795340 [ 27.017717] which belongs to the cache kmalloc-16 of size 16 [ 27.019174] The buggy address is located 8 bytes inside of [ 27.019174] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 27.020379] [ 27.020610] The buggy address belongs to the physical page: [ 27.021497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 27.021946] flags: 0x200000000000000(node=0|zone=2) [ 27.022287] page_type: f5(slab) [ 27.022715] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.023576] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.024632] page dumped because: kasan: bad access detected [ 27.025349] [ 27.025525] Memory state around the buggy address: [ 27.026025] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 27.026598] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.027395] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.028096] ^ [ 27.028454] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.028855] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.029801] ================================================================== [ 27.031495] ================================================================== [ 27.032066] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 27.033385] Read of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 27.034303] [ 27.034498] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 27.035389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.035906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.036576] Call Trace: [ 27.036777] <TASK> [ 27.037115] dump_stack_lvl+0x73/0xb0 [ 27.037862] print_report+0xd1/0x640 [ 27.038343] ? __virt_addr_valid+0x1db/0x2d0 [ 27.038662] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.039029] kasan_report+0x102/0x140 [ 27.039585] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 27.040406] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 27.041305] __asan_report_load8_noabort+0x18/0x20 [ 27.041831] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 27.042392] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.043003] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.043423] ? kasan_bitops_generic+0x93/0x1c0 [ 27.043863] kasan_bitops_generic+0x122/0x1c0 [ 27.044182] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.044681] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.045552] kunit_try_run_case+0x1b3/0x490 [ 27.046322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.046666] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.047311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.047916] ? __kthread_parkme+0x82/0x160 [ 27.048321] ? preempt_count_sub+0x50/0x80 [ 27.048895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.049220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.050023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.050626] kthread+0x257/0x310 [ 27.050984] ? __pfx_kthread+0x10/0x10 [ 27.051466] ret_from_fork+0x41/0x80 [ 27.051832] ? __pfx_kthread+0x10/0x10 [ 27.052569] ret_from_fork_asm+0x1a/0x30 [ 27.052886] </TASK> [ 27.053078] [ 27.053238] Allocated by task 269: [ 27.054035] kasan_save_stack+0x3d/0x60 [ 27.054711] kasan_save_track+0x18/0x40 [ 27.055441] kasan_save_alloc_info+0x3b/0x50 [ 27.056306] __kasan_kmalloc+0xb7/0xc0 [ 27.057044] __kmalloc_cache_noprof+0x184/0x410 [ 27.057640] kasan_bitops_generic+0x93/0x1c0 [ 27.058162] kunit_try_run_case+0x1b3/0x490 [ 27.058593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.059144] kthread+0x257/0x310 [ 27.059629] ret_from_fork+0x41/0x80 [ 27.060159] ret_from_fork_asm+0x1a/0x30 [ 27.060616] [ 27.060964] The buggy address belongs to the object at ffff888102795340 [ 27.060964] which belongs to the cache kmalloc-16 of size 16 [ 27.062092] The buggy address is located 8 bytes inside of [ 27.062092] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 27.063238] [ 27.063508] The buggy address belongs to the physical page: [ 27.063977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 27.064819] flags: 0x200000000000000(node=0|zone=2) [ 27.065428] page_type: f5(slab) [ 27.065808] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.066451] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.067342] page dumped because: kasan: bad access detected [ 27.067857] [ 27.068015] Memory state around the buggy address: [ 27.068693] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 27.069236] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.070095] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.070755] ^ [ 27.071424] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.072167] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.072801] ================================================================== [ 26.891342] ================================================================== [ 26.892068] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 26.893087] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.893885] [ 26.894068] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.895340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.896428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.897736] Call Trace: [ 26.898040] <TASK> [ 26.898345] dump_stack_lvl+0x73/0xb0 [ 26.898677] print_report+0xd1/0x640 [ 26.899899] ? __virt_addr_valid+0x1db/0x2d0 [ 26.900682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.901565] kasan_report+0x102/0x140 [ 26.902858] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 26.903649] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 26.904595] kasan_check_range+0x10c/0x1c0 [ 26.904929] __kasan_check_write+0x18/0x20 [ 26.905576] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 26.906425] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 26.907354] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.907838] ? kasan_bitops_generic+0x93/0x1c0 [ 26.908280] kasan_bitops_generic+0x122/0x1c0 [ 26.908700] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.909660] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.910253] kunit_try_run_case+0x1b3/0x490 [ 26.910859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.911533] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.912213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.912690] ? __kthread_parkme+0x82/0x160 [ 26.913471] ? preempt_count_sub+0x50/0x80 [ 26.913775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.914480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.915189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.916009] kthread+0x257/0x310 [ 26.916497] ? __pfx_kthread+0x10/0x10 [ 26.917095] ret_from_fork+0x41/0x80 [ 26.917463] ? __pfx_kthread+0x10/0x10 [ 26.918195] ret_from_fork_asm+0x1a/0x30 [ 26.919187] </TASK> [ 26.919434] [ 26.919575] Allocated by task 269: [ 26.920413] kasan_save_stack+0x3d/0x60 [ 26.921092] kasan_save_track+0x18/0x40 [ 26.921676] kasan_save_alloc_info+0x3b/0x50 [ 26.922301] __kasan_kmalloc+0xb7/0xc0 [ 26.923080] __kmalloc_cache_noprof+0x184/0x410 [ 26.923643] kasan_bitops_generic+0x93/0x1c0 [ 26.924378] kunit_try_run_case+0x1b3/0x490 [ 26.925070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.925566] kthread+0x257/0x310 [ 26.926151] ret_from_fork+0x41/0x80 [ 26.926959] ret_from_fork_asm+0x1a/0x30 [ 26.927528] [ 26.927724] The buggy address belongs to the object at ffff888102795340 [ 26.927724] which belongs to the cache kmalloc-16 of size 16 [ 26.929179] The buggy address is located 8 bytes inside of [ 26.929179] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.930529] [ 26.931048] The buggy address belongs to the physical page: [ 26.931549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.933252] flags: 0x200000000000000(node=0|zone=2) [ 26.934120] page_type: f5(slab) [ 26.934558] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.935318] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.935615] page dumped because: kasan: bad access detected [ 26.936004] [ 26.936170] Memory state around the buggy address: [ 26.936627] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.937379] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.938195] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.939758] ^ [ 26.940351] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.940936] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.941590] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 26.615623] ================================================================== [ 26.616441] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 26.617679] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.618163] [ 26.618577] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.619396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.619653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.621002] Call Trace: [ 26.621528] <TASK> [ 26.622139] dump_stack_lvl+0x73/0xb0 [ 26.622550] print_report+0xd1/0x640 [ 26.623292] ? __virt_addr_valid+0x1db/0x2d0 [ 26.623749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.624117] kasan_report+0x102/0x140 [ 26.624669] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 26.625977] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 26.626629] kasan_check_range+0x10c/0x1c0 [ 26.626959] __kasan_check_write+0x18/0x20 [ 26.627493] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 26.628448] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.629619] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.630167] ? kasan_bitops_generic+0x93/0x1c0 [ 26.630521] kasan_bitops_generic+0x117/0x1c0 [ 26.631042] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.632030] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.632601] kunit_try_run_case+0x1b3/0x490 [ 26.633173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.633563] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.634108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.635036] ? __kthread_parkme+0x82/0x160 [ 26.635463] ? preempt_count_sub+0x50/0x80 [ 26.635872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.636654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.637692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.638610] kthread+0x257/0x310 [ 26.638979] ? __pfx_kthread+0x10/0x10 [ 26.639510] ret_from_fork+0x41/0x80 [ 26.639999] ? __pfx_kthread+0x10/0x10 [ 26.640464] ret_from_fork_asm+0x1a/0x30 [ 26.640993] </TASK> [ 26.641344] [ 26.641636] Allocated by task 269: [ 26.642129] kasan_save_stack+0x3d/0x60 [ 26.642591] kasan_save_track+0x18/0x40 [ 26.643166] kasan_save_alloc_info+0x3b/0x50 [ 26.643627] __kasan_kmalloc+0xb7/0xc0 [ 26.644079] __kmalloc_cache_noprof+0x184/0x410 [ 26.644587] kasan_bitops_generic+0x93/0x1c0 [ 26.645049] kunit_try_run_case+0x1b3/0x490 [ 26.645618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.646306] kthread+0x257/0x310 [ 26.646813] ret_from_fork+0x41/0x80 [ 26.647160] ret_from_fork_asm+0x1a/0x30 [ 26.647570] [ 26.647916] The buggy address belongs to the object at ffff888102795340 [ 26.647916] which belongs to the cache kmalloc-16 of size 16 [ 26.648957] The buggy address is located 8 bytes inside of [ 26.648957] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.649993] [ 26.650322] The buggy address belongs to the physical page: [ 26.650929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.651794] flags: 0x200000000000000(node=0|zone=2) [ 26.652194] page_type: f5(slab) [ 26.652633] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.653554] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.654383] page dumped because: kasan: bad access detected [ 26.655002] [ 26.655274] Memory state around the buggy address: [ 26.655814] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.656493] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.657076] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.657767] ^ [ 26.658220] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.658914] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.659644] ================================================================== [ 26.346335] ================================================================== [ 26.346993] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 26.347718] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.349080] [ 26.349706] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.350936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.351491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.352197] Call Trace: [ 26.352761] <TASK> [ 26.353196] dump_stack_lvl+0x73/0xb0 [ 26.353720] print_report+0xd1/0x640 [ 26.354066] ? __virt_addr_valid+0x1db/0x2d0 [ 26.354665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.355274] kasan_report+0x102/0x140 [ 26.355788] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 26.356278] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 26.357471] kasan_check_range+0x10c/0x1c0 [ 26.358055] __kasan_check_write+0x18/0x20 [ 26.358525] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 26.359080] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.359570] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.360734] ? kasan_bitops_generic+0x93/0x1c0 [ 26.361236] kasan_bitops_generic+0x117/0x1c0 [ 26.361740] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.362615] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.363136] kunit_try_run_case+0x1b3/0x490 [ 26.363736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.364421] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.365102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.366182] ? __kthread_parkme+0x82/0x160 [ 26.366600] ? preempt_count_sub+0x50/0x80 [ 26.367289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.367741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.368532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.369170] kthread+0x257/0x310 [ 26.369790] ? __pfx_kthread+0x10/0x10 [ 26.370161] ret_from_fork+0x41/0x80 [ 26.370787] ? __pfx_kthread+0x10/0x10 [ 26.371451] ret_from_fork_asm+0x1a/0x30 [ 26.371926] </TASK> [ 26.372153] [ 26.372331] Allocated by task 269: [ 26.372793] kasan_save_stack+0x3d/0x60 [ 26.373256] kasan_save_track+0x18/0x40 [ 26.373554] kasan_save_alloc_info+0x3b/0x50 [ 26.374516] __kasan_kmalloc+0xb7/0xc0 [ 26.375029] __kmalloc_cache_noprof+0x184/0x410 [ 26.375745] kasan_bitops_generic+0x93/0x1c0 [ 26.376295] kunit_try_run_case+0x1b3/0x490 [ 26.376637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.377291] kthread+0x257/0x310 [ 26.377716] ret_from_fork+0x41/0x80 [ 26.378426] ret_from_fork_asm+0x1a/0x30 [ 26.378746] [ 26.379206] The buggy address belongs to the object at ffff888102795340 [ 26.379206] which belongs to the cache kmalloc-16 of size 16 [ 26.380691] The buggy address is located 8 bytes inside of [ 26.380691] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.381672] [ 26.381832] The buggy address belongs to the physical page: [ 26.382571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.383885] flags: 0x200000000000000(node=0|zone=2) [ 26.384404] page_type: f5(slab) [ 26.384662] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.385592] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.386647] page dumped because: kasan: bad access detected [ 26.387180] [ 26.387394] Memory state around the buggy address: [ 26.388466] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.389523] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.390202] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.391103] ^ [ 26.391611] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.393258] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.394050] ================================================================== [ 26.559939] ================================================================== [ 26.561302] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 26.562516] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.563301] [ 26.563481] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.565488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.565950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.567271] Call Trace: [ 26.567546] <TASK> [ 26.567852] dump_stack_lvl+0x73/0xb0 [ 26.569067] print_report+0xd1/0x640 [ 26.569601] ? __virt_addr_valid+0x1db/0x2d0 [ 26.570215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.570721] kasan_report+0x102/0x140 [ 26.571676] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 26.572377] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 26.573158] kasan_check_range+0x10c/0x1c0 [ 26.573875] __kasan_check_write+0x18/0x20 [ 26.574512] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 26.575763] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.576685] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.577118] ? kasan_bitops_generic+0x93/0x1c0 [ 26.578061] kasan_bitops_generic+0x117/0x1c0 [ 26.578513] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.579819] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.580284] kunit_try_run_case+0x1b3/0x490 [ 26.581007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.581885] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.582583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.583808] ? __kthread_parkme+0x82/0x160 [ 26.584192] ? preempt_count_sub+0x50/0x80 [ 26.585271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.585844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.586942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.587431] kthread+0x257/0x310 [ 26.588077] ? __pfx_kthread+0x10/0x10 [ 26.588513] ret_from_fork+0x41/0x80 [ 26.589009] ? __pfx_kthread+0x10/0x10 [ 26.589535] ret_from_fork_asm+0x1a/0x30 [ 26.589807] </TASK> [ 26.589977] [ 26.590210] Allocated by task 269: [ 26.591136] kasan_save_stack+0x3d/0x60 [ 26.591598] kasan_save_track+0x18/0x40 [ 26.592305] kasan_save_alloc_info+0x3b/0x50 [ 26.592924] __kasan_kmalloc+0xb7/0xc0 [ 26.593195] __kmalloc_cache_noprof+0x184/0x410 [ 26.593782] kasan_bitops_generic+0x93/0x1c0 [ 26.595423] kunit_try_run_case+0x1b3/0x490 [ 26.596144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.597055] kthread+0x257/0x310 [ 26.597725] ret_from_fork+0x41/0x80 [ 26.598134] ret_from_fork_asm+0x1a/0x30 [ 26.598448] [ 26.598752] The buggy address belongs to the object at ffff888102795340 [ 26.598752] which belongs to the cache kmalloc-16 of size 16 [ 26.601505] The buggy address is located 8 bytes inside of [ 26.601505] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.602756] [ 26.603690] The buggy address belongs to the physical page: [ 26.604993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.606000] flags: 0x200000000000000(node=0|zone=2) [ 26.606618] page_type: f5(slab) [ 26.607009] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.608056] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.608854] page dumped because: kasan: bad access detected [ 26.609284] [ 26.609521] Memory state around the buggy address: [ 26.610325] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.611402] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.611764] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.612365] ^ [ 26.613263] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.613975] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.614486] ================================================================== [ 26.448912] ================================================================== [ 26.449921] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 26.450301] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.451725] [ 26.452375] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.454071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.454678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.455934] Call Trace: [ 26.456490] <TASK> [ 26.456697] dump_stack_lvl+0x73/0xb0 [ 26.457498] print_report+0xd1/0x640 [ 26.458040] ? __virt_addr_valid+0x1db/0x2d0 [ 26.458622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.459847] kasan_report+0x102/0x140 [ 26.460550] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 26.461168] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 26.462827] kasan_check_range+0x10c/0x1c0 [ 26.464045] __kasan_check_write+0x18/0x20 [ 26.464665] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 26.465812] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.466328] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.467274] ? kasan_bitops_generic+0x93/0x1c0 [ 26.467936] kasan_bitops_generic+0x117/0x1c0 [ 26.468420] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.469862] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.470256] kunit_try_run_case+0x1b3/0x490 [ 26.471269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.472161] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.473006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.473889] ? __kthread_parkme+0x82/0x160 [ 26.474256] ? preempt_count_sub+0x50/0x80 [ 26.475129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.476381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.476891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.477393] kthread+0x257/0x310 [ 26.477733] ? __pfx_kthread+0x10/0x10 [ 26.478161] ret_from_fork+0x41/0x80 [ 26.479121] ? __pfx_kthread+0x10/0x10 [ 26.479782] ret_from_fork_asm+0x1a/0x30 [ 26.480632] </TASK> [ 26.481099] [ 26.481751] Allocated by task 269: [ 26.482091] kasan_save_stack+0x3d/0x60 [ 26.483148] kasan_save_track+0x18/0x40 [ 26.483582] kasan_save_alloc_info+0x3b/0x50 [ 26.483984] __kasan_kmalloc+0xb7/0xc0 [ 26.484654] __kmalloc_cache_noprof+0x184/0x410 [ 26.485207] kasan_bitops_generic+0x93/0x1c0 [ 26.485776] kunit_try_run_case+0x1b3/0x490 [ 26.486607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.486961] kthread+0x257/0x310 [ 26.487869] ret_from_fork+0x41/0x80 [ 26.488185] ret_from_fork_asm+0x1a/0x30 [ 26.488861] [ 26.489089] The buggy address belongs to the object at ffff888102795340 [ 26.489089] which belongs to the cache kmalloc-16 of size 16 [ 26.490071] The buggy address is located 8 bytes inside of [ 26.490071] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.491487] [ 26.491645] The buggy address belongs to the physical page: [ 26.492247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.493273] flags: 0x200000000000000(node=0|zone=2) [ 26.494079] page_type: f5(slab) [ 26.494355] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.495797] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.496622] page dumped because: kasan: bad access detected [ 26.496960] [ 26.497217] Memory state around the buggy address: [ 26.498284] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.499203] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.500055] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.500746] ^ [ 26.501336] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.502443] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.503583] ================================================================== [ 26.504748] ================================================================== [ 26.505661] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 26.506293] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.507321] [ 26.507499] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.510061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.510667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.511860] Call Trace: [ 26.512089] <TASK> [ 26.512390] dump_stack_lvl+0x73/0xb0 [ 26.512923] print_report+0xd1/0x640 [ 26.513643] ? __virt_addr_valid+0x1db/0x2d0 [ 26.514242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.514769] kasan_report+0x102/0x140 [ 26.516030] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 26.516676] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 26.517317] kasan_check_range+0x10c/0x1c0 [ 26.518418] __kasan_check_write+0x18/0x20 [ 26.519134] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 26.519680] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.520575] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.521091] ? kasan_bitops_generic+0x93/0x1c0 [ 26.521993] kasan_bitops_generic+0x117/0x1c0 [ 26.522982] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.523456] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.524299] kunit_try_run_case+0x1b3/0x490 [ 26.524885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.525818] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.526396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.527716] ? __kthread_parkme+0x82/0x160 [ 26.528191] ? preempt_count_sub+0x50/0x80 [ 26.528812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.529311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.530201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.531262] kthread+0x257/0x310 [ 26.531781] ? __pfx_kthread+0x10/0x10 [ 26.532250] ret_from_fork+0x41/0x80 [ 26.532698] ? __pfx_kthread+0x10/0x10 [ 26.533290] ret_from_fork_asm+0x1a/0x30 [ 26.533713] </TASK> [ 26.534216] [ 26.534500] Allocated by task 269: [ 26.534786] kasan_save_stack+0x3d/0x60 [ 26.536180] kasan_save_track+0x18/0x40 [ 26.536655] kasan_save_alloc_info+0x3b/0x50 [ 26.537470] __kasan_kmalloc+0xb7/0xc0 [ 26.537886] __kmalloc_cache_noprof+0x184/0x410 [ 26.538718] kasan_bitops_generic+0x93/0x1c0 [ 26.539185] kunit_try_run_case+0x1b3/0x490 [ 26.539487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.540627] kthread+0x257/0x310 [ 26.541285] ret_from_fork+0x41/0x80 [ 26.541909] ret_from_fork_asm+0x1a/0x30 [ 26.542330] [ 26.542567] The buggy address belongs to the object at ffff888102795340 [ 26.542567] which belongs to the cache kmalloc-16 of size 16 [ 26.543938] The buggy address is located 8 bytes inside of [ 26.543938] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.545944] [ 26.546122] The buggy address belongs to the physical page: [ 26.546776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.548087] flags: 0x200000000000000(node=0|zone=2) [ 26.548447] page_type: f5(slab) [ 26.549050] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.550501] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.551340] page dumped because: kasan: bad access detected [ 26.551941] [ 26.552196] Memory state around the buggy address: [ 26.552911] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.553373] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.554135] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.555701] ^ [ 26.556496] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.557307] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.558259] ================================================================== [ 26.395566] ================================================================== [ 26.396007] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 26.398548] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.400078] [ 26.400525] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.401728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.402137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.403396] Call Trace: [ 26.403658] <TASK> [ 26.404230] dump_stack_lvl+0x73/0xb0 [ 26.404788] print_report+0xd1/0x640 [ 26.405294] ? __virt_addr_valid+0x1db/0x2d0 [ 26.405830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.407039] kasan_report+0x102/0x140 [ 26.407672] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 26.408823] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 26.409484] kasan_check_range+0x10c/0x1c0 [ 26.410039] __kasan_check_write+0x18/0x20 [ 26.410691] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 26.411523] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.412133] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.413034] ? kasan_bitops_generic+0x93/0x1c0 [ 26.413381] kasan_bitops_generic+0x117/0x1c0 [ 26.414278] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.414721] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.415443] kunit_try_run_case+0x1b3/0x490 [ 26.416137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.416959] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.417375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.418454] ? __kthread_parkme+0x82/0x160 [ 26.418925] ? preempt_count_sub+0x50/0x80 [ 26.419340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.420139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.421128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.422153] kthread+0x257/0x310 [ 26.422646] ? __pfx_kthread+0x10/0x10 [ 26.423093] ret_from_fork+0x41/0x80 [ 26.423712] ? __pfx_kthread+0x10/0x10 [ 26.424227] ret_from_fork_asm+0x1a/0x30 [ 26.424875] </TASK> [ 26.425296] [ 26.425796] Allocated by task 269: [ 26.426171] kasan_save_stack+0x3d/0x60 [ 26.426937] kasan_save_track+0x18/0x40 [ 26.427454] kasan_save_alloc_info+0x3b/0x50 [ 26.428159] __kasan_kmalloc+0xb7/0xc0 [ 26.429164] __kmalloc_cache_noprof+0x184/0x410 [ 26.429914] kasan_bitops_generic+0x93/0x1c0 [ 26.430437] kunit_try_run_case+0x1b3/0x490 [ 26.431191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.431728] kthread+0x257/0x310 [ 26.432053] ret_from_fork+0x41/0x80 [ 26.432509] ret_from_fork_asm+0x1a/0x30 [ 26.433023] [ 26.433241] The buggy address belongs to the object at ffff888102795340 [ 26.433241] which belongs to the cache kmalloc-16 of size 16 [ 26.434269] The buggy address is located 8 bytes inside of [ 26.434269] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.435873] [ 26.436070] The buggy address belongs to the physical page: [ 26.436448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.437834] flags: 0x200000000000000(node=0|zone=2) [ 26.438179] page_type: f5(slab) [ 26.439072] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.439792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.440504] page dumped because: kasan: bad access detected [ 26.441396] [ 26.441544] Memory state around the buggy address: [ 26.442149] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.443417] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.443924] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.444894] ^ [ 26.445573] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.446183] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.446898] ================================================================== [ 26.239743] ================================================================== [ 26.240788] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 26.241945] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.243171] [ 26.243988] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.245433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.245943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.247562] Call Trace: [ 26.247764] <TASK> [ 26.248138] dump_stack_lvl+0x73/0xb0 [ 26.249123] print_report+0xd1/0x640 [ 26.249989] ? __virt_addr_valid+0x1db/0x2d0 [ 26.251004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.251616] kasan_report+0x102/0x140 [ 26.252232] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 26.252942] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 26.253425] kasan_check_range+0x10c/0x1c0 [ 26.254140] __kasan_check_write+0x18/0x20 [ 26.254622] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 26.255172] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.255939] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.256634] ? kasan_bitops_generic+0x93/0x1c0 [ 26.257001] kasan_bitops_generic+0x117/0x1c0 [ 26.257723] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.258526] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.258910] kunit_try_run_case+0x1b3/0x490 [ 26.259767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.260247] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.260973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.261806] ? __kthread_parkme+0x82/0x160 [ 26.262364] ? preempt_count_sub+0x50/0x80 [ 26.262967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.263588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.264291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.265227] kthread+0x257/0x310 [ 26.265703] ? __pfx_kthread+0x10/0x10 [ 26.266104] ret_from_fork+0x41/0x80 [ 26.266634] ? __pfx_kthread+0x10/0x10 [ 26.267241] ret_from_fork_asm+0x1a/0x30 [ 26.267685] </TASK> [ 26.268160] [ 26.268514] Allocated by task 269: [ 26.268989] kasan_save_stack+0x3d/0x60 [ 26.269611] kasan_save_track+0x18/0x40 [ 26.270003] kasan_save_alloc_info+0x3b/0x50 [ 26.270766] __kasan_kmalloc+0xb7/0xc0 [ 26.271307] __kmalloc_cache_noprof+0x184/0x410 [ 26.271759] kasan_bitops_generic+0x93/0x1c0 [ 26.272512] kunit_try_run_case+0x1b3/0x490 [ 26.272939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.273672] kthread+0x257/0x310 [ 26.274458] ret_from_fork+0x41/0x80 [ 26.274882] ret_from_fork_asm+0x1a/0x30 [ 26.275182] [ 26.275433] The buggy address belongs to the object at ffff888102795340 [ 26.275433] which belongs to the cache kmalloc-16 of size 16 [ 26.277461] The buggy address is located 8 bytes inside of [ 26.277461] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.278693] [ 26.279147] The buggy address belongs to the physical page: [ 26.279667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.280353] flags: 0x200000000000000(node=0|zone=2) [ 26.280758] page_type: f5(slab) [ 26.281166] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.282793] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.283839] page dumped because: kasan: bad access detected [ 26.284815] [ 26.285577] Memory state around the buggy address: [ 26.286056] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.287180] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.288826] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.289911] ^ [ 26.290287] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.291363] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.292169] ================================================================== [ 26.296001] ================================================================== [ 26.296959] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 26.298117] Write of size 8 at addr ffff888102795348 by task kunit_try_catch/269 [ 26.299051] [ 26.299911] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.302020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.302802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.303716] Call Trace: [ 26.303998] <TASK> [ 26.304295] dump_stack_lvl+0x73/0xb0 [ 26.305278] print_report+0xd1/0x640 [ 26.305966] ? __virt_addr_valid+0x1db/0x2d0 [ 26.306869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.307557] kasan_report+0x102/0x140 [ 26.308338] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 26.309005] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 26.309921] kasan_check_range+0x10c/0x1c0 [ 26.310648] __kasan_check_write+0x18/0x20 [ 26.311257] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 26.312039] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.312904] ? __kmalloc_cache_noprof+0x184/0x410 [ 26.313127] ? kasan_bitops_generic+0x93/0x1c0 [ 26.313923] kasan_bitops_generic+0x117/0x1c0 [ 26.314395] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.314866] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.316016] kunit_try_run_case+0x1b3/0x490 [ 26.316475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.316911] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.317370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.317837] ? __kthread_parkme+0x82/0x160 [ 26.318773] ? preempt_count_sub+0x50/0x80 [ 26.319192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.319795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.320534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.321008] kthread+0x257/0x310 [ 26.321515] ? __pfx_kthread+0x10/0x10 [ 26.321977] ret_from_fork+0x41/0x80 [ 26.322704] ? __pfx_kthread+0x10/0x10 [ 26.323102] ret_from_fork_asm+0x1a/0x30 [ 26.323809] </TASK> [ 26.324016] [ 26.324415] Allocated by task 269: [ 26.324876] kasan_save_stack+0x3d/0x60 [ 26.325521] kasan_save_track+0x18/0x40 [ 26.325892] kasan_save_alloc_info+0x3b/0x50 [ 26.326698] __kasan_kmalloc+0xb7/0xc0 [ 26.327136] __kmalloc_cache_noprof+0x184/0x410 [ 26.327691] kasan_bitops_generic+0x93/0x1c0 [ 26.328071] kunit_try_run_case+0x1b3/0x490 [ 26.328609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.329199] kthread+0x257/0x310 [ 26.329537] ret_from_fork+0x41/0x80 [ 26.329848] ret_from_fork_asm+0x1a/0x30 [ 26.330134] [ 26.330771] The buggy address belongs to the object at ffff888102795340 [ 26.330771] which belongs to the cache kmalloc-16 of size 16 [ 26.332075] The buggy address is located 8 bytes inside of [ 26.332075] allocated 9-byte region [ffff888102795340, ffff888102795349) [ 26.333401] [ 26.333567] The buggy address belongs to the physical page: [ 26.334114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 26.335602] flags: 0x200000000000000(node=0|zone=2) [ 26.336195] page_type: f5(slab) [ 26.336667] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.337389] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.338059] page dumped because: kasan: bad access detected [ 26.338499] [ 26.338735] Memory state around the buggy address: [ 26.339142] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 26.340598] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.341453] >ffff888102795300: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.342105] ^ [ 26.342834] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.343823] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.344572] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 26.179475] ================================================================== [ 26.180422] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 26.180982] Read of size 1 at addr ffff88810299ded0 by task kunit_try_catch/267 [ 26.181558] [ 26.181820] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.182968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.183652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.184301] Call Trace: [ 26.184513] <TASK> [ 26.184789] dump_stack_lvl+0x73/0xb0 [ 26.185406] print_report+0xd1/0x640 [ 26.186019] ? __virt_addr_valid+0x1db/0x2d0 [ 26.186784] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.187524] kasan_report+0x102/0x140 [ 26.188297] ? strnlen+0x73/0x80 [ 26.188988] ? strnlen+0x73/0x80 [ 26.189584] __asan_report_load1_noabort+0x18/0x20 [ 26.190183] strnlen+0x73/0x80 [ 26.191133] kasan_strings+0x4c3/0xb60 [ 26.191545] ? __pfx_kasan_strings+0x10/0x10 [ 26.192888] ? __pfx_kasan_strings+0x10/0x10 [ 26.193350] kunit_try_run_case+0x1b3/0x490 [ 26.194234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.195426] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.196045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.196610] ? __kthread_parkme+0x82/0x160 [ 26.197064] ? preempt_count_sub+0x50/0x80 [ 26.197523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.198006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.199699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.200184] kthread+0x257/0x310 [ 26.200543] ? __pfx_kthread+0x10/0x10 [ 26.201264] ret_from_fork+0x41/0x80 [ 26.202130] ? __pfx_kthread+0x10/0x10 [ 26.202960] ret_from_fork_asm+0x1a/0x30 [ 26.203347] </TASK> [ 26.203742] [ 26.204269] Allocated by task 267: [ 26.204534] kasan_save_stack+0x3d/0x60 [ 26.205591] kasan_save_track+0x18/0x40 [ 26.206413] kasan_save_alloc_info+0x3b/0x50 [ 26.207217] __kasan_kmalloc+0xb7/0xc0 [ 26.207676] __kmalloc_cache_noprof+0x184/0x410 [ 26.208225] kasan_strings+0xb9/0xb60 [ 26.208536] kunit_try_run_case+0x1b3/0x490 [ 26.209023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.209850] kthread+0x257/0x310 [ 26.210118] ret_from_fork+0x41/0x80 [ 26.210482] ret_from_fork_asm+0x1a/0x30 [ 26.211033] [ 26.211271] Freed by task 267: [ 26.211546] kasan_save_stack+0x3d/0x60 [ 26.211989] kasan_save_track+0x18/0x40 [ 26.212655] kasan_save_free_info+0x3f/0x60 [ 26.213064] __kasan_slab_free+0x56/0x70 [ 26.213381] kfree+0x123/0x3f0 [ 26.213747] kasan_strings+0x13c/0xb60 [ 26.214220] kunit_try_run_case+0x1b3/0x490 [ 26.215157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.215574] kthread+0x257/0x310 [ 26.216012] ret_from_fork+0x41/0x80 [ 26.216651] ret_from_fork_asm+0x1a/0x30 [ 26.217066] [ 26.217314] The buggy address belongs to the object at ffff88810299dec0 [ 26.217314] which belongs to the cache kmalloc-32 of size 32 [ 26.218167] The buggy address is located 16 bytes inside of [ 26.218167] freed 32-byte region [ffff88810299dec0, ffff88810299dee0) [ 26.219152] [ 26.220466] The buggy address belongs to the physical page: [ 26.221793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299d [ 26.222603] flags: 0x200000000000000(node=0|zone=2) [ 26.223079] page_type: f5(slab) [ 26.223954] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.225139] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 26.226484] page dumped because: kasan: bad access detected [ 26.227069] [ 26.227229] Memory state around the buggy address: [ 26.227729] ffff88810299dd80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.228789] ffff88810299de00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.229332] >ffff88810299de80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.230582] ^ [ 26.231097] ffff88810299df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.231991] ffff88810299df80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.233320] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 26.125119] ================================================================== [ 26.125585] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 26.127759] Read of size 1 at addr ffff88810299ded0 by task kunit_try_catch/267 [ 26.129256] [ 26.129440] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.130468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.130884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.132217] Call Trace: [ 26.132740] <TASK> [ 26.133054] dump_stack_lvl+0x73/0xb0 [ 26.133790] print_report+0xd1/0x640 [ 26.134182] ? __virt_addr_valid+0x1db/0x2d0 [ 26.134766] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.135856] kasan_report+0x102/0x140 [ 26.136492] ? strlen+0x8f/0xb0 [ 26.136862] ? strlen+0x8f/0xb0 [ 26.137239] __asan_report_load1_noabort+0x18/0x20 [ 26.137929] strlen+0x8f/0xb0 [ 26.138415] kasan_strings+0x425/0xb60 [ 26.138884] ? __pfx_kasan_strings+0x10/0x10 [ 26.139809] ? __pfx_kasan_strings+0x10/0x10 [ 26.140224] kunit_try_run_case+0x1b3/0x490 [ 26.140908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.141482] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.141825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.142571] ? __kthread_parkme+0x82/0x160 [ 26.143080] ? preempt_count_sub+0x50/0x80 [ 26.143893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.144668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.145378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.145902] kthread+0x257/0x310 [ 26.146229] ? __pfx_kthread+0x10/0x10 [ 26.146791] ret_from_fork+0x41/0x80 [ 26.147173] ? __pfx_kthread+0x10/0x10 [ 26.147639] ret_from_fork_asm+0x1a/0x30 [ 26.148133] </TASK> [ 26.149069] [ 26.149510] Allocated by task 267: [ 26.149983] kasan_save_stack+0x3d/0x60 [ 26.150695] kasan_save_track+0x18/0x40 [ 26.151097] kasan_save_alloc_info+0x3b/0x50 [ 26.151759] __kasan_kmalloc+0xb7/0xc0 [ 26.152121] __kmalloc_cache_noprof+0x184/0x410 [ 26.153251] kasan_strings+0xb9/0xb60 [ 26.153632] kunit_try_run_case+0x1b3/0x490 [ 26.154064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.154592] kthread+0x257/0x310 [ 26.154886] ret_from_fork+0x41/0x80 [ 26.155734] ret_from_fork_asm+0x1a/0x30 [ 26.156220] [ 26.157143] Freed by task 267: [ 26.157759] kasan_save_stack+0x3d/0x60 [ 26.158391] kasan_save_track+0x18/0x40 [ 26.158797] kasan_save_free_info+0x3f/0x60 [ 26.159163] __kasan_slab_free+0x56/0x70 [ 26.159801] kfree+0x123/0x3f0 [ 26.160083] kasan_strings+0x13c/0xb60 [ 26.161056] kunit_try_run_case+0x1b3/0x490 [ 26.161767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.162398] kthread+0x257/0x310 [ 26.162804] ret_from_fork+0x41/0x80 [ 26.163106] ret_from_fork_asm+0x1a/0x30 [ 26.163778] [ 26.164019] The buggy address belongs to the object at ffff88810299dec0 [ 26.164019] which belongs to the cache kmalloc-32 of size 32 [ 26.165862] The buggy address is located 16 bytes inside of [ 26.165862] freed 32-byte region [ffff88810299dec0, ffff88810299dee0) [ 26.166997] [ 26.167186] The buggy address belongs to the physical page: [ 26.167990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299d [ 26.169008] flags: 0x200000000000000(node=0|zone=2) [ 26.169723] page_type: f5(slab) [ 26.170100] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.170982] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 26.171935] page dumped because: kasan: bad access detected [ 26.172276] [ 26.172505] Memory state around the buggy address: [ 26.172951] ffff88810299dd80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.174546] ffff88810299de00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.175417] >ffff88810299de80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.176033] ^ [ 26.176746] ffff88810299df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.177822] ffff88810299df80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.178393] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 26.068376] ================================================================== [ 26.069599] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 26.070197] Read of size 1 at addr ffff88810299ded0 by task kunit_try_catch/267 [ 26.070872] [ 26.071276] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.072383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.072741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.073634] Call Trace: [ 26.073847] <TASK> [ 26.074667] dump_stack_lvl+0x73/0xb0 [ 26.075115] print_report+0xd1/0x640 [ 26.075639] ? __virt_addr_valid+0x1db/0x2d0 [ 26.076317] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.076990] kasan_report+0x102/0x140 [ 26.077531] ? kasan_strings+0xa0c/0xb60 [ 26.078328] ? kasan_strings+0xa0c/0xb60 [ 26.078799] __asan_report_load1_noabort+0x18/0x20 [ 26.079527] kasan_strings+0xa0c/0xb60 [ 26.079818] ? __pfx_kasan_strings+0x10/0x10 [ 26.080397] ? __pfx_kasan_strings+0x10/0x10 [ 26.080768] kunit_try_run_case+0x1b3/0x490 [ 26.081939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.082592] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.083197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.083549] ? __kthread_parkme+0x82/0x160 [ 26.084285] ? preempt_count_sub+0x50/0x80 [ 26.084791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.085201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.086074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.086523] kthread+0x257/0x310 [ 26.086950] ? __pfx_kthread+0x10/0x10 [ 26.087722] ret_from_fork+0x41/0x80 [ 26.088108] ? __pfx_kthread+0x10/0x10 [ 26.088766] ret_from_fork_asm+0x1a/0x30 [ 26.089628] </TASK> [ 26.089977] [ 26.090133] Allocated by task 267: [ 26.090688] kasan_save_stack+0x3d/0x60 [ 26.091037] kasan_save_track+0x18/0x40 [ 26.091767] kasan_save_alloc_info+0x3b/0x50 [ 26.092210] __kasan_kmalloc+0xb7/0xc0 [ 26.092617] __kmalloc_cache_noprof+0x184/0x410 [ 26.093283] kasan_strings+0xb9/0xb60 [ 26.093559] kunit_try_run_case+0x1b3/0x490 [ 26.094874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.095511] kthread+0x257/0x310 [ 26.096004] ret_from_fork+0x41/0x80 [ 26.096755] ret_from_fork_asm+0x1a/0x30 [ 26.097419] [ 26.097838] Freed by task 267: [ 26.098483] kasan_save_stack+0x3d/0x60 [ 26.098831] kasan_save_track+0x18/0x40 [ 26.099778] kasan_save_free_info+0x3f/0x60 [ 26.100152] __kasan_slab_free+0x56/0x70 [ 26.100833] kfree+0x123/0x3f0 [ 26.101432] kasan_strings+0x13c/0xb60 [ 26.101891] kunit_try_run_case+0x1b3/0x490 [ 26.102873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.103741] kthread+0x257/0x310 [ 26.104488] ret_from_fork+0x41/0x80 [ 26.105308] ret_from_fork_asm+0x1a/0x30 [ 26.106220] [ 26.106760] The buggy address belongs to the object at ffff88810299dec0 [ 26.106760] which belongs to the cache kmalloc-32 of size 32 [ 26.107309] The buggy address is located 16 bytes inside of [ 26.107309] freed 32-byte region [ffff88810299dec0, ffff88810299dee0) [ 26.109216] [ 26.109452] The buggy address belongs to the physical page: [ 26.109930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299d [ 26.111676] flags: 0x200000000000000(node=0|zone=2) [ 26.112097] page_type: f5(slab) [ 26.112613] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.114037] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 26.114905] page dumped because: kasan: bad access detected [ 26.116139] [ 26.116486] Memory state around the buggy address: [ 26.116770] ffff88810299dd80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.118386] ffff88810299de00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.119269] >ffff88810299de80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.120364] ^ [ 26.121357] ffff88810299df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.122717] ffff88810299df80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.124064] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 26.008702] ================================================================== [ 26.012292] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 26.012932] Read of size 1 at addr ffff88810299ded0 by task kunit_try_catch/267 [ 26.013526] [ 26.014086] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 26.015823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.016921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.018149] Call Trace: [ 26.018383] <TASK> [ 26.019120] dump_stack_lvl+0x73/0xb0 [ 26.019513] print_report+0xd1/0x640 [ 26.020509] ? __virt_addr_valid+0x1db/0x2d0 [ 26.021050] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.021651] kasan_report+0x102/0x140 [ 26.022358] ? strcmp+0xb0/0xc0 [ 26.022681] ? strcmp+0xb0/0xc0 [ 26.023544] __asan_report_load1_noabort+0x18/0x20 [ 26.024115] strcmp+0xb0/0xc0 [ 26.024861] kasan_strings+0x2d3/0xb60 [ 26.025233] ? __pfx_kasan_strings+0x10/0x10 [ 26.026274] ? __pfx_kasan_strings+0x10/0x10 [ 26.026915] kunit_try_run_case+0x1b3/0x490 [ 26.027717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.028677] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.029217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.030103] ? __kthread_parkme+0x82/0x160 [ 26.030886] ? preempt_count_sub+0x50/0x80 [ 26.031933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.032873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.033522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.034093] kthread+0x257/0x310 [ 26.034897] ? __pfx_kthread+0x10/0x10 [ 26.035659] ret_from_fork+0x41/0x80 [ 26.036394] ? __pfx_kthread+0x10/0x10 [ 26.036638] ret_from_fork_asm+0x1a/0x30 [ 26.037133] </TASK> [ 26.037639] [ 26.038048] Allocated by task 267: [ 26.038887] kasan_save_stack+0x3d/0x60 [ 26.039238] kasan_save_track+0x18/0x40 [ 26.040029] kasan_save_alloc_info+0x3b/0x50 [ 26.040738] __kasan_kmalloc+0xb7/0xc0 [ 26.041453] __kmalloc_cache_noprof+0x184/0x410 [ 26.042042] kasan_strings+0xb9/0xb60 [ 26.042441] kunit_try_run_case+0x1b3/0x490 [ 26.043054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.043816] kthread+0x257/0x310 [ 26.044154] ret_from_fork+0x41/0x80 [ 26.044954] ret_from_fork_asm+0x1a/0x30 [ 26.045323] [ 26.045480] Freed by task 267: [ 26.046080] kasan_save_stack+0x3d/0x60 [ 26.046820] kasan_save_track+0x18/0x40 [ 26.047265] kasan_save_free_info+0x3f/0x60 [ 26.047559] __kasan_slab_free+0x56/0x70 [ 26.048405] kfree+0x123/0x3f0 [ 26.048764] kasan_strings+0x13c/0xb60 [ 26.049487] kunit_try_run_case+0x1b3/0x490 [ 26.050022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.050871] kthread+0x257/0x310 [ 26.051404] ret_from_fork+0x41/0x80 [ 26.051674] ret_from_fork_asm+0x1a/0x30 [ 26.052263] [ 26.052689] The buggy address belongs to the object at ffff88810299dec0 [ 26.052689] which belongs to the cache kmalloc-32 of size 32 [ 26.054158] The buggy address is located 16 bytes inside of [ 26.054158] freed 32-byte region [ffff88810299dec0, ffff88810299dee0) [ 26.055536] [ 26.055910] The buggy address belongs to the physical page: [ 26.056544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299d [ 26.057700] flags: 0x200000000000000(node=0|zone=2) [ 26.058084] page_type: f5(slab) [ 26.058770] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.059575] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 26.060229] page dumped because: kasan: bad access detected [ 26.061002] [ 26.061214] Memory state around the buggy address: [ 26.061590] ffff88810299dd80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.062794] ffff88810299de00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.063559] >ffff88810299de80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.064432] ^ [ 26.065490] ffff88810299df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.066529] ffff88810299df80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.067231] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 25.945654] ================================================================== [ 25.947002] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 25.948526] Read of size 1 at addr ffff88810299dd98 by task kunit_try_catch/265 [ 25.950053] [ 25.950716] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.951799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.952223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.953945] Call Trace: [ 25.954196] <TASK> [ 25.954626] dump_stack_lvl+0x73/0xb0 [ 25.955041] print_report+0xd1/0x640 [ 25.955709] ? __virt_addr_valid+0x1db/0x2d0 [ 25.956151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.956902] kasan_report+0x102/0x140 [ 25.957277] ? memcmp+0x1b4/0x1d0 [ 25.957803] ? memcmp+0x1b4/0x1d0 [ 25.958312] __asan_report_load1_noabort+0x18/0x20 [ 25.958936] memcmp+0x1b4/0x1d0 [ 25.959999] kasan_memcmp+0x190/0x390 [ 25.960617] ? __pfx_kasan_memcmp+0x10/0x10 [ 25.961410] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 25.961925] ? __pfx_kasan_memcmp+0x10/0x10 [ 25.962655] kunit_try_run_case+0x1b3/0x490 [ 25.963453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.964193] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.964918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.965694] ? __kthread_parkme+0x82/0x160 [ 25.966137] ? preempt_count_sub+0x50/0x80 [ 25.966547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.967418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.967833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.968673] kthread+0x257/0x310 [ 25.969618] ? __pfx_kthread+0x10/0x10 [ 25.970093] ret_from_fork+0x41/0x80 [ 25.971014] ? __pfx_kthread+0x10/0x10 [ 25.971698] ret_from_fork_asm+0x1a/0x30 [ 25.972094] </TASK> [ 25.972368] [ 25.972688] Allocated by task 265: [ 25.973017] kasan_save_stack+0x3d/0x60 [ 25.974224] kasan_save_track+0x18/0x40 [ 25.974707] kasan_save_alloc_info+0x3b/0x50 [ 25.975102] __kasan_kmalloc+0xb7/0xc0 [ 25.975495] __kmalloc_cache_noprof+0x184/0x410 [ 25.976571] kasan_memcmp+0xb8/0x390 [ 25.976923] kunit_try_run_case+0x1b3/0x490 [ 25.977317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.978220] kthread+0x257/0x310 [ 25.978869] ret_from_fork+0x41/0x80 [ 25.979258] ret_from_fork_asm+0x1a/0x30 [ 25.979859] [ 25.980603] The buggy address belongs to the object at ffff88810299dd80 [ 25.980603] which belongs to the cache kmalloc-32 of size 32 [ 25.982730] The buggy address is located 0 bytes to the right of [ 25.982730] allocated 24-byte region [ffff88810299dd80, ffff88810299dd98) [ 25.983956] [ 25.984263] The buggy address belongs to the physical page: [ 25.985063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299d [ 25.986274] flags: 0x200000000000000(node=0|zone=2) [ 25.987316] page_type: f5(slab) [ 25.987888] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 25.988819] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.989842] page dumped because: kasan: bad access detected [ 25.990280] [ 25.991199] Memory state around the buggy address: [ 25.991838] ffff88810299dc80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.992739] ffff88810299dd00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.993999] >ffff88810299dd80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.994847] ^ [ 25.995802] ffff88810299de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.996558] ffff88810299de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.997854] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 25.885783] ================================================================== [ 25.886952] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 25.887703] Read of size 1 at addr ffff888102d2fcaa by task kunit_try_catch/261 [ 25.888920] [ 25.889181] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.890974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.891427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.893492] Call Trace: [ 25.894307] <TASK> [ 25.894914] dump_stack_lvl+0x73/0xb0 [ 25.895760] print_report+0xd1/0x640 [ 25.896898] ? __virt_addr_valid+0x1db/0x2d0 [ 25.897320] ? kasan_addr_to_slab+0x11/0xa0 [ 25.898137] kasan_report+0x102/0x140 [ 25.899124] ? kasan_alloca_oob_right+0x328/0x390 [ 25.899627] ? kasan_alloca_oob_right+0x328/0x390 [ 25.900466] __asan_report_load1_noabort+0x18/0x20 [ 25.900942] kasan_alloca_oob_right+0x328/0x390 [ 25.901478] ? irqentry_exit+0x2a/0x60 [ 25.901915] ? sysvec_reschedule_ipi+0xa0/0xa0 [ 25.902408] ? trace_hardirqs_on+0x37/0xe0 [ 25.902830] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 25.904049] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 25.905201] kunit_try_run_case+0x1b3/0x490 [ 25.906620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.907116] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.908438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.909050] ? __kthread_parkme+0x82/0x160 [ 25.910021] ? preempt_count_sub+0x50/0x80 [ 25.910439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.911148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.912186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.912957] kthread+0x257/0x310 [ 25.913550] ? __pfx_kthread+0x10/0x10 [ 25.913949] ret_from_fork+0x41/0x80 [ 25.914303] ? __pfx_kthread+0x10/0x10 [ 25.914656] ret_from_fork_asm+0x1a/0x30 [ 25.915130] </TASK> [ 25.915471] [ 25.916230] The buggy address belongs to stack of task kunit_try_catch/261 [ 25.917497] [ 25.917816] The buggy address belongs to the physical page: [ 25.918587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d2f [ 25.919750] flags: 0x200000000000000(node=0|zone=2) [ 25.920319] raw: 0200000000000000 ffffea00040b4bc8 ffffea00040b4bc8 0000000000000000 [ 25.921517] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 25.922658] page dumped because: kasan: bad access detected [ 25.923302] [ 25.923674] Memory state around the buggy address: [ 25.924111] ffff888102d2fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.924863] ffff888102d2fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.926482] >ffff888102d2fc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 25.927085] ^ [ 25.927839] ffff888102d2fd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 25.928542] ffff888102d2fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 25.929788] ==================================================================
Failure - kunit - _kasan
_kasan fail
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 25.834534] ================================================================== [ 25.835292] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 25.837185] Read of size 1 at addr ffff888102cffc9f by task kunit_try_catch/259 [ 25.837994] [ 25.838211] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.839426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.840751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.841958] Call Trace: [ 25.842285] <TASK> [ 25.842714] dump_stack_lvl+0x73/0xb0 [ 25.843072] print_report+0xd1/0x640 [ 25.843656] ? __virt_addr_valid+0x1db/0x2d0 [ 25.844343] ? kasan_addr_to_slab+0x11/0xa0 [ 25.845152] kasan_report+0x102/0x140 [ 25.847126] ? kasan_alloca_oob_left+0x31f/0x380 [ 25.847828] ? kasan_alloca_oob_left+0x31f/0x380 [ 25.848326] __asan_report_load1_noabort+0x18/0x20 [ 25.849007] kasan_alloca_oob_left+0x31f/0x380 [ 25.849613] ? uclamp_rq_dec_id+0x340/0x460 [ 25.850601] ? __schedule+0xc3e/0x2790 [ 25.851045] ? trace_hardirqs_on+0x37/0xe0 [ 25.851761] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 25.852547] ? __schedule+0xc3e/0x2790 [ 25.852997] ? __pfx_read_tsc+0x10/0x10 [ 25.853611] ? ktime_get_ts64+0x86/0x230 [ 25.854197] kunit_try_run_case+0x1b3/0x490 [ 25.854745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.856146] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.856733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.857326] ? __kthread_parkme+0x82/0x160 [ 25.858101] ? preempt_count_sub+0x50/0x80 [ 25.858842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.859509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.861187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.861705] kthread+0x257/0x310 [ 25.862110] ? __pfx_kthread+0x10/0x10 [ 25.862478] ret_from_fork+0x41/0x80 [ 25.863269] ? __pfx_kthread+0x10/0x10 [ 25.864139] ret_from_fork_asm+0x1a/0x30 [ 25.864515] </TASK> [ 25.865254] [ 25.865588] The buggy address belongs to stack of task kunit_try_catch/259 [ 25.866066] [ 25.866349] The buggy address belongs to the physical page: [ 25.867272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cff [ 25.868199] flags: 0x200000000000000(node=0|zone=2) [ 25.869982] raw: 0200000000000000 ffffea00040b3fc8 ffffea00040b3fc8 0000000000000000 [ 25.871156] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 25.871664] page dumped because: kasan: bad access detected [ 25.871978] [ 25.872116] Memory state around the buggy address: [ 25.872612] ffff888102cffb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.874232] ffff888102cffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.875319] >ffff888102cffc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 25.876223] ^ [ 25.876782] ffff888102cffd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 25.877403] ffff888102cffd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 25.878122] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 25.777649] ================================================================== [ 25.779269] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 25.781048] Read of size 1 at addr ffff888102cefd72 by task kunit_try_catch/257 [ 25.782371] [ 25.782604] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.784040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.784481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.785494] Call Trace: [ 25.786556] <TASK> [ 25.786929] dump_stack_lvl+0x73/0xb0 [ 25.787422] print_report+0xd1/0x640 [ 25.788127] ? __virt_addr_valid+0x1db/0x2d0 [ 25.788557] ? kasan_addr_to_slab+0x11/0xa0 [ 25.789256] kasan_report+0x102/0x140 [ 25.789589] ? kasan_stack_oob+0x2ae/0x300 [ 25.790141] ? kasan_stack_oob+0x2ae/0x300 [ 25.790880] __asan_report_load1_noabort+0x18/0x20 [ 25.791234] kasan_stack_oob+0x2ae/0x300 [ 25.791894] ? __pfx_kasan_stack_oob+0x10/0x10 [ 25.793088] ? finish_task_switch.isra.0+0x153/0x700 [ 25.793666] ? __switch_to+0x5d9/0xf60 [ 25.794172] ? __schedule+0xc3e/0x2790 [ 25.794566] ? __pfx_read_tsc+0x10/0x10 [ 25.794961] ? ktime_get_ts64+0x86/0x230 [ 25.795813] kunit_try_run_case+0x1b3/0x490 [ 25.796461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.796981] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.798085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.798426] ? __kthread_parkme+0x82/0x160 [ 25.799325] ? preempt_count_sub+0x50/0x80 [ 25.800319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.801467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.802124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.802745] kthread+0x257/0x310 [ 25.803831] ? __pfx_kthread+0x10/0x10 [ 25.804211] ret_from_fork+0x41/0x80 [ 25.804742] ? __pfx_kthread+0x10/0x10 [ 25.805055] ret_from_fork_asm+0x1a/0x30 [ 25.805985] </TASK> [ 25.806605] [ 25.806922] The buggy address belongs to stack of task kunit_try_catch/257 [ 25.808191] and is located at offset 138 in frame: [ 25.808644] kasan_stack_oob+0x0/0x300 [ 25.809686] [ 25.809877] This frame has 4 objects: [ 25.810804] [48, 49) '__assertion' [ 25.810858] [64, 72) 'array' [ 25.811184] [96, 112) '__assertion' [ 25.811831] [128, 138) 'stack_array' [ 25.812267] [ 25.812916] The buggy address belongs to the physical page: [ 25.814389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cef [ 25.815257] flags: 0x200000000000000(node=0|zone=2) [ 25.815974] raw: 0200000000000000 ffffea00040b3bc8 ffffea00040b3bc8 0000000000000000 [ 25.816913] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 25.817801] page dumped because: kasan: bad access detected [ 25.818470] [ 25.818718] Memory state around the buggy address: [ 25.820234] ffff888102cefc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.821232] ffff888102cefc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 25.822056] >ffff888102cefd00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 25.822682] ^ [ 25.823845] ffff888102cefd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 25.824805] ffff888102cefe00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 25.825484] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 25.722086] ================================================================== [ 25.724060] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 25.725096] Read of size 1 at addr ffffffffbb5febed by task kunit_try_catch/253 [ 25.726071] [ 25.726359] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.727962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.728395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.729684] Call Trace: [ 25.730556] <TASK> [ 25.731250] dump_stack_lvl+0x73/0xb0 [ 25.731749] print_report+0xd1/0x640 [ 25.732189] ? __virt_addr_valid+0x1db/0x2d0 [ 25.732951] ? kasan_addr_to_slab+0x11/0xa0 [ 25.733794] kasan_report+0x102/0x140 [ 25.734214] ? kasan_global_oob_right+0x288/0x2d0 [ 25.735431] ? kasan_global_oob_right+0x288/0x2d0 [ 25.736092] __asan_report_load1_noabort+0x18/0x20 [ 25.736502] kasan_global_oob_right+0x288/0x2d0 [ 25.737447] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 25.738106] ? __schedule+0xc3e/0x2790 [ 25.739243] ? __pfx_read_tsc+0x10/0x10 [ 25.739902] ? ktime_get_ts64+0x86/0x230 [ 25.740648] kunit_try_run_case+0x1b3/0x490 [ 25.741024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.741753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.742583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.743314] ? __kthread_parkme+0x82/0x160 [ 25.744013] ? preempt_count_sub+0x50/0x80 [ 25.744895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.745636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.746194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.747242] kthread+0x257/0x310 [ 25.747724] ? __pfx_kthread+0x10/0x10 [ 25.748488] ret_from_fork+0x41/0x80 [ 25.749222] ? __pfx_kthread+0x10/0x10 [ 25.750056] ret_from_fork_asm+0x1a/0x30 [ 25.750804] </TASK> [ 25.751338] [ 25.752257] The buggy address belongs to the variable: [ 25.752906] global_array+0xd/0x40 [ 25.753637] [ 25.753842] The buggy address belongs to the physical page: [ 25.754685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x176dfe [ 25.755260] flags: 0x200000000002000(reserved|node=0|zone=2) [ 25.756044] raw: 0200000000002000 ffffea0005db7f88 ffffea0005db7f88 0000000000000000 [ 25.757371] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.758281] page dumped because: kasan: bad access detected [ 25.759001] [ 25.759103] Memory state around the buggy address: [ 25.759406] ffffffffbb5fea80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.761231] ffffffffbb5feb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.762105] >ffffffffbb5feb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 [ 25.762943] ^ [ 25.763586] ffffffffbb5fec00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 25.764258] ffffffffbb5fec80: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 25.764915] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 25.664771] ================================================================== [ 25.665776] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.666528] Free of addr ffff888102c58001 by task kunit_try_catch/251 [ 25.667071] [ 25.668327] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.669611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.670172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.671301] Call Trace: [ 25.671597] <TASK> [ 25.671875] dump_stack_lvl+0x73/0xb0 [ 25.672302] print_report+0xd1/0x640 [ 25.673710] ? __virt_addr_valid+0x1db/0x2d0 [ 25.673995] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.674415] ? kasan_addr_to_slab+0x11/0xa0 [ 25.675401] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.676403] kasan_report_invalid_free+0xc0/0xf0 [ 25.677329] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.678135] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.678664] __kasan_mempool_poison_object+0x102/0x1d0 [ 25.680233] mempool_free+0x2ec/0x380 [ 25.681054] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.681891] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 25.682794] ? finish_task_switch.isra.0+0x153/0x700 [ 25.683794] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 25.684307] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 25.685330] ? __switch_to+0x5d9/0xf60 [ 25.686028] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.686785] ? __pfx_mempool_kfree+0x10/0x10 [ 25.687547] ? __pfx_read_tsc+0x10/0x10 [ 25.688177] ? ktime_get_ts64+0x86/0x230 [ 25.688572] kunit_try_run_case+0x1b3/0x490 [ 25.689042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.689531] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.691002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.691473] ? __kthread_parkme+0x82/0x160 [ 25.691772] ? preempt_count_sub+0x50/0x80 [ 25.692255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.692669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.693271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.694376] kthread+0x257/0x310 [ 25.695205] ? __pfx_kthread+0x10/0x10 [ 25.696644] ret_from_fork+0x41/0x80 [ 25.697014] ? __pfx_kthread+0x10/0x10 [ 25.697930] ret_from_fork_asm+0x1a/0x30 [ 25.698535] </TASK> [ 25.698980] [ 25.699354] The buggy address belongs to the physical page: [ 25.700015] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 25.701133] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.701988] flags: 0x200000000000040(head|node=0|zone=2) [ 25.702823] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.703456] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.704364] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.705652] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.706268] head: 0200000000000002 ffffea00040b1601 ffffffffffffffff 0000000000000000 [ 25.707121] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.708398] page dumped because: kasan: bad access detected [ 25.709107] [ 25.709303] Memory state around the buggy address: [ 25.709867] ffff888102c57f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.710960] ffff888102c57f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.712175] >ffff888102c58000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.713162] ^ [ 25.713438] ffff888102c58080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.714288] ffff888102c58100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.715172] ================================================================== [ 25.591105] ================================================================== [ 25.593088] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.593979] Free of addr ffff888101af9d01 by task kunit_try_catch/249 [ 25.594554] [ 25.594780] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.596635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.597324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.599421] Call Trace: [ 25.599691] <TASK> [ 25.600112] dump_stack_lvl+0x73/0xb0 [ 25.600649] print_report+0xd1/0x640 [ 25.601196] ? __virt_addr_valid+0x1db/0x2d0 [ 25.602165] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.602680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.604095] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.605025] kasan_report_invalid_free+0xc0/0xf0 [ 25.605341] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.606484] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.607526] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.608617] check_slab_allocation+0x11f/0x130 [ 25.609335] __kasan_mempool_poison_object+0x91/0x1d0 [ 25.610216] mempool_free+0x2ec/0x380 [ 25.611164] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 25.611982] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 25.612583] ? finish_task_switch.isra.0+0x153/0x700 [ 25.614095] mempool_kmalloc_invalid_free+0xb1/0x100 [ 25.614952] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 25.615903] ? __switch_to+0x5d9/0xf60 [ 25.616502] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.617098] ? __pfx_mempool_kfree+0x10/0x10 [ 25.618044] ? __pfx_read_tsc+0x10/0x10 [ 25.619127] ? ktime_get_ts64+0x86/0x230 [ 25.620263] kunit_try_run_case+0x1b3/0x490 [ 25.621232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.622006] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.622832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.623382] ? __kthread_parkme+0x82/0x160 [ 25.623769] ? preempt_count_sub+0x50/0x80 [ 25.624500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.624943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.625948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.626897] kthread+0x257/0x310 [ 25.627494] ? __pfx_kthread+0x10/0x10 [ 25.627983] ret_from_fork+0x41/0x80 [ 25.628718] ? __pfx_kthread+0x10/0x10 [ 25.629035] ret_from_fork_asm+0x1a/0x30 [ 25.629876] </TASK> [ 25.630624] [ 25.630837] Allocated by task 249: [ 25.631381] kasan_save_stack+0x3d/0x60 [ 25.631955] kasan_save_track+0x18/0x40 [ 25.632697] kasan_save_alloc_info+0x3b/0x50 [ 25.633157] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 25.633950] remove_element+0x11e/0x190 [ 25.634387] mempool_alloc_preallocated+0x4d/0x90 [ 25.634775] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 25.635614] mempool_kmalloc_invalid_free+0xb1/0x100 [ 25.635961] kunit_try_run_case+0x1b3/0x490 [ 25.636852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.637647] kthread+0x257/0x310 [ 25.638086] ret_from_fork+0x41/0x80 [ 25.638821] ret_from_fork_asm+0x1a/0x30 [ 25.639748] [ 25.639935] The buggy address belongs to the object at ffff888101af9d00 [ 25.639935] which belongs to the cache kmalloc-128 of size 128 [ 25.641739] The buggy address is located 1 bytes inside of [ 25.641739] 128-byte region [ffff888101af9d00, ffff888101af9d80) [ 25.643132] [ 25.644121] The buggy address belongs to the physical page: [ 25.644802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af9 [ 25.645847] flags: 0x200000000000000(node=0|zone=2) [ 25.646462] page_type: f5(slab) [ 25.647233] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.648240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.649259] page dumped because: kasan: bad access detected [ 25.650935] [ 25.651124] Memory state around the buggy address: [ 25.651517] ffff888101af9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.653088] ffff888101af9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.653777] >ffff888101af9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.654857] ^ [ 25.655213] ffff888101af9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.656708] ffff888101af9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.658033] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 25.413886] ================================================================== [ 25.415097] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 25.415858] Free of addr ffff888101af9500 by task kunit_try_catch/243 [ 25.416525] [ 25.416762] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.417439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.417881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.418908] Call Trace: [ 25.419137] <TASK> [ 25.419472] dump_stack_lvl+0x73/0xb0 [ 25.420197] print_report+0xd1/0x640 [ 25.420911] ? __virt_addr_valid+0x1db/0x2d0 [ 25.421707] ? mempool_double_free_helper+0x185/0x370 [ 25.422534] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.423160] ? mempool_double_free_helper+0x185/0x370 [ 25.423838] kasan_report_invalid_free+0xc0/0xf0 [ 25.424564] ? mempool_double_free_helper+0x185/0x370 [ 25.425196] ? mempool_double_free_helper+0x185/0x370 [ 25.425847] ? mempool_double_free_helper+0x185/0x370 [ 25.426537] check_slab_allocation+0x101/0x130 [ 25.427142] __kasan_mempool_poison_object+0x91/0x1d0 [ 25.427954] mempool_free+0x2ec/0x380 [ 25.428545] mempool_double_free_helper+0x185/0x370 [ 25.429082] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 25.429930] ? ret_from_fork+0x41/0x80 [ 25.430681] ? kthread+0x257/0x310 [ 25.431113] ? ret_from_fork_asm+0x1a/0x30 [ 25.431742] ? ret_from_fork_asm+0x1a/0x30 [ 25.432146] mempool_kmalloc_double_free+0xb1/0x100 [ 25.432684] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 25.433364] ? __switch_to+0x5d9/0xf60 [ 25.433726] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.434545] ? __pfx_mempool_kfree+0x10/0x10 [ 25.435092] ? __pfx_read_tsc+0x10/0x10 [ 25.435811] ? ktime_get_ts64+0x86/0x230 [ 25.436240] kunit_try_run_case+0x1b3/0x490 [ 25.437019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.437822] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.438616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.439226] ? __kthread_parkme+0x82/0x160 [ 25.439767] ? preempt_count_sub+0x50/0x80 [ 25.440329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.440938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.441839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.442498] kthread+0x257/0x310 [ 25.442920] ? __pfx_kthread+0x10/0x10 [ 25.443524] ret_from_fork+0x41/0x80 [ 25.443997] ? __pfx_kthread+0x10/0x10 [ 25.444617] ret_from_fork_asm+0x1a/0x30 [ 25.445048] </TASK> [ 25.445581] [ 25.445831] Allocated by task 243: [ 25.446095] kasan_save_stack+0x3d/0x60 [ 25.447004] kasan_save_track+0x18/0x40 [ 25.447476] kasan_save_alloc_info+0x3b/0x50 [ 25.448079] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 25.448710] remove_element+0x11e/0x190 [ 25.449210] mempool_alloc_preallocated+0x4d/0x90 [ 25.449608] mempool_double_free_helper+0x8b/0x370 [ 25.450011] mempool_kmalloc_double_free+0xb1/0x100 [ 25.450650] kunit_try_run_case+0x1b3/0x490 [ 25.450944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.451450] kthread+0x257/0x310 [ 25.452184] ret_from_fork+0x41/0x80 [ 25.453207] ret_from_fork_asm+0x1a/0x30 [ 25.453638] [ 25.454500] Freed by task 243: [ 25.455193] kasan_save_stack+0x3d/0x60 [ 25.455802] kasan_save_track+0x18/0x40 [ 25.456171] kasan_save_free_info+0x3f/0x60 [ 25.457039] __kasan_mempool_poison_object+0x131/0x1d0 [ 25.457962] mempool_free+0x2ec/0x380 [ 25.458706] mempool_double_free_helper+0x10a/0x370 [ 25.459515] mempool_kmalloc_double_free+0xb1/0x100 [ 25.460005] kunit_try_run_case+0x1b3/0x490 [ 25.461076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.462106] kthread+0x257/0x310 [ 25.462659] ret_from_fork+0x41/0x80 [ 25.463115] ret_from_fork_asm+0x1a/0x30 [ 25.463731] [ 25.464367] The buggy address belongs to the object at ffff888101af9500 [ 25.464367] which belongs to the cache kmalloc-128 of size 128 [ 25.466248] The buggy address is located 0 bytes inside of [ 25.466248] 128-byte region [ffff888101af9500, ffff888101af9580) [ 25.467887] [ 25.468091] The buggy address belongs to the physical page: [ 25.468746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af9 [ 25.469382] flags: 0x200000000000000(node=0|zone=2) [ 25.470496] page_type: f5(slab) [ 25.471279] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.472279] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.473211] page dumped because: kasan: bad access detected [ 25.474248] [ 25.474538] Memory state around the buggy address: [ 25.475306] ffff888101af9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.476194] ffff888101af9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.477648] >ffff888101af9500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.478112] ^ [ 25.478923] ffff888101af9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.480096] ffff888101af9600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.481161] ================================================================== [ 25.488988] ================================================================== [ 25.490270] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 25.491851] Free of addr ffff888102b40000 by task kunit_try_catch/245 [ 25.492625] [ 25.492912] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.493662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.494675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.495605] Call Trace: [ 25.495893] <TASK> [ 25.496170] dump_stack_lvl+0x73/0xb0 [ 25.496555] print_report+0xd1/0x640 [ 25.496881] ? __virt_addr_valid+0x1db/0x2d0 [ 25.497415] ? mempool_double_free_helper+0x185/0x370 [ 25.498146] ? kasan_addr_to_slab+0x11/0xa0 [ 25.498667] ? mempool_double_free_helper+0x185/0x370 [ 25.499084] kasan_report_invalid_free+0xc0/0xf0 [ 25.499554] ? mempool_double_free_helper+0x185/0x370 [ 25.500379] ? mempool_double_free_helper+0x185/0x370 [ 25.500888] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 25.501740] mempool_free+0x2ec/0x380 [ 25.502277] mempool_double_free_helper+0x185/0x370 [ 25.502754] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 25.503270] ? finish_task_switch.isra.0+0x153/0x700 [ 25.503646] mempool_kmalloc_large_double_free+0xb1/0x100 [ 25.504357] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 25.505109] ? __switch_to+0x5d9/0xf60 [ 25.505713] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.506063] ? __pfx_mempool_kfree+0x10/0x10 [ 25.506825] ? __pfx_read_tsc+0x10/0x10 [ 25.507696] ? ktime_get_ts64+0x86/0x230 [ 25.508298] kunit_try_run_case+0x1b3/0x490 [ 25.508813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.509301] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.509741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.510381] ? __kthread_parkme+0x82/0x160 [ 25.510759] ? preempt_count_sub+0x50/0x80 [ 25.511384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.511897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.513221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.513907] kthread+0x257/0x310 [ 25.514255] ? __pfx_kthread+0x10/0x10 [ 25.514854] ret_from_fork+0x41/0x80 [ 25.515258] ? __pfx_kthread+0x10/0x10 [ 25.516065] ret_from_fork_asm+0x1a/0x30 [ 25.516645] </TASK> [ 25.516883] [ 25.517042] The buggy address belongs to the physical page: [ 25.517702] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 25.519504] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.520673] flags: 0x200000000000040(head|node=0|zone=2) [ 25.521266] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.522701] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.523122] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.524620] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.525880] head: 0200000000000002 ffffea00040ad001 ffffffffffffffff 0000000000000000 [ 25.526809] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.527612] page dumped because: kasan: bad access detected [ 25.527929] [ 25.528067] Memory state around the buggy address: [ 25.528661] ffff888102b3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.530576] ffff888102b3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.531781] >ffff888102b40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.533038] ^ [ 25.533328] ffff888102b40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.534546] ffff888102b40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.535291] ================================================================== [ 25.543807] ================================================================== [ 25.545348] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 25.546475] Free of addr ffff888102b40000 by task kunit_try_catch/247 [ 25.547285] [ 25.547965] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.549240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.549977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.550974] Call Trace: [ 25.551236] <TASK> [ 25.551461] dump_stack_lvl+0x73/0xb0 [ 25.552538] print_report+0xd1/0x640 [ 25.552920] ? __virt_addr_valid+0x1db/0x2d0 [ 25.553476] ? mempool_double_free_helper+0x185/0x370 [ 25.554230] ? kasan_addr_to_slab+0x11/0xa0 [ 25.554884] ? mempool_double_free_helper+0x185/0x370 [ 25.555856] kasan_report_invalid_free+0xc0/0xf0 [ 25.556355] ? mempool_double_free_helper+0x185/0x370 [ 25.557214] ? mempool_double_free_helper+0x185/0x370 [ 25.557977] __kasan_mempool_poison_pages+0x115/0x130 [ 25.558510] mempool_free+0x290/0x380 [ 25.559520] mempool_double_free_helper+0x185/0x370 [ 25.560426] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 25.561003] ? finish_task_switch.isra.0+0x153/0x700 [ 25.561493] mempool_page_alloc_double_free+0xac/0x100 [ 25.562405] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 25.562978] ? __switch_to+0x5d9/0xf60 [ 25.563356] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 25.563913] ? __pfx_mempool_free_pages+0x10/0x10 [ 25.564285] ? __pfx_read_tsc+0x10/0x10 [ 25.564970] ? ktime_get_ts64+0x86/0x230 [ 25.565383] kunit_try_run_case+0x1b3/0x490 [ 25.565937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.566639] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.567207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.567806] ? __kthread_parkme+0x82/0x160 [ 25.568382] ? preempt_count_sub+0x50/0x80 [ 25.568912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.569432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.570084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.570695] kthread+0x257/0x310 [ 25.571264] ? __pfx_kthread+0x10/0x10 [ 25.571896] ret_from_fork+0x41/0x80 [ 25.572315] ? __pfx_kthread+0x10/0x10 [ 25.572835] ret_from_fork_asm+0x1a/0x30 [ 25.573436] </TASK> [ 25.573689] [ 25.574067] The buggy address belongs to the physical page: [ 25.574986] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 25.575810] flags: 0x200000000000000(node=0|zone=2) [ 25.576553] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.577401] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.578126] page dumped because: kasan: bad access detected [ 25.578779] [ 25.578964] Memory state around the buggy address: [ 25.579547] ffff888102b3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.580452] ffff888102b3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.581289] >ffff888102b40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.582196] ^ [ 25.582580] ffff888102b40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.583413] ffff888102b40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.584194] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 25.365933] ================================================================== [ 25.366875] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 25.367308] Read of size 1 at addr ffff888102c54000 by task kunit_try_catch/241 [ 25.368358] [ 25.368781] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.371192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.371947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.373775] Call Trace: [ 25.374243] <TASK> [ 25.375131] dump_stack_lvl+0x73/0xb0 [ 25.376036] print_report+0xd1/0x640 [ 25.376335] ? __virt_addr_valid+0x1db/0x2d0 [ 25.376914] ? kasan_addr_to_slab+0x11/0xa0 [ 25.377918] kasan_report+0x102/0x140 [ 25.378319] ? mempool_uaf_helper+0x394/0x400 [ 25.378954] ? mempool_uaf_helper+0x394/0x400 [ 25.379512] __asan_report_load1_noabort+0x18/0x20 [ 25.380144] mempool_uaf_helper+0x394/0x400 [ 25.380794] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 25.381279] ? irqentry_exit+0x2a/0x60 [ 25.381830] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 25.382871] mempool_page_alloc_uaf+0xb1/0x100 [ 25.383382] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 25.383987] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 25.384593] ? __pfx_mempool_free_pages+0x10/0x10 [ 25.385199] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 25.386002] kunit_try_run_case+0x1b3/0x490 [ 25.386435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.387285] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.387848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.388576] ? __kthread_parkme+0x82/0x160 [ 25.388940] ? preempt_count_sub+0x50/0x80 [ 25.389502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.390057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.390717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.391905] kthread+0x257/0x310 [ 25.392531] ? __pfx_kthread+0x10/0x10 [ 25.393342] ret_from_fork+0x41/0x80 [ 25.393696] ? __pfx_kthread+0x10/0x10 [ 25.394198] ret_from_fork_asm+0x1a/0x30 [ 25.395173] </TASK> [ 25.395621] [ 25.395852] The buggy address belongs to the physical page: [ 25.396776] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c54 [ 25.397710] flags: 0x200000000000000(node=0|zone=2) [ 25.398514] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.399340] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.400172] page dumped because: kasan: bad access detected [ 25.400832] [ 25.401167] Memory state around the buggy address: [ 25.401684] ffff888102c53f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.402751] ffff888102c53f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.403458] >ffff888102c54000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.404426] ^ [ 25.404886] ffff888102c54080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.405646] ffff888102c54100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.406304] ================================================================== [ 25.247310] ================================================================== [ 25.248405] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 25.248984] Read of size 1 at addr ffff888102b40000 by task kunit_try_catch/237 [ 25.249647] [ 25.249944] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.251091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.251672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.252377] Call Trace: [ 25.253035] <TASK> [ 25.253296] dump_stack_lvl+0x73/0xb0 [ 25.253976] print_report+0xd1/0x640 [ 25.254295] ? __virt_addr_valid+0x1db/0x2d0 [ 25.255406] ? kasan_addr_to_slab+0x11/0xa0 [ 25.255791] kasan_report+0x102/0x140 [ 25.256463] ? mempool_uaf_helper+0x394/0x400 [ 25.257676] ? mempool_uaf_helper+0x394/0x400 [ 25.258782] __asan_report_load1_noabort+0x18/0x20 [ 25.259390] mempool_uaf_helper+0x394/0x400 [ 25.260435] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 25.261065] ? finish_task_switch.isra.0+0x153/0x700 [ 25.262189] mempool_kmalloc_large_uaf+0xb3/0x100 [ 25.262976] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 25.263528] ? __switch_to+0x5d9/0xf60 [ 25.263916] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.264668] ? __pfx_mempool_kfree+0x10/0x10 [ 25.265213] ? __pfx_read_tsc+0x10/0x10 [ 25.266174] ? ktime_get_ts64+0x86/0x230 [ 25.266614] kunit_try_run_case+0x1b3/0x490 [ 25.267144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.267738] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.268155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.268748] ? __kthread_parkme+0x82/0x160 [ 25.269144] ? preempt_count_sub+0x50/0x80 [ 25.269947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.270485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.271446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.271978] kthread+0x257/0x310 [ 25.272395] ? __pfx_kthread+0x10/0x10 [ 25.272859] ret_from_fork+0x41/0x80 [ 25.273686] ? __pfx_kthread+0x10/0x10 [ 25.274164] ret_from_fork_asm+0x1a/0x30 [ 25.274557] </TASK> [ 25.275101] [ 25.275431] The buggy address belongs to the physical page: [ 25.275891] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 25.276961] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.277526] flags: 0x200000000000040(head|node=0|zone=2) [ 25.278400] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.279069] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.279937] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.280761] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.281348] head: 0200000000000002 ffffea00040ad001 ffffffffffffffff 0000000000000000 [ 25.282290] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.283293] page dumped because: kasan: bad access detected [ 25.283788] [ 25.284215] Memory state around the buggy address: [ 25.284780] ffff888102b3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.285306] ffff888102b3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.286222] >ffff888102b40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.287201] ^ [ 25.287600] ffff888102b40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.288889] ffff888102b40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.289841] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 25.172579] ================================================================== [ 25.173850] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 25.174922] Read of size 1 at addr ffff888102992a00 by task kunit_try_catch/235 [ 25.175616] [ 25.175898] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.178603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.179014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.180249] Call Trace: [ 25.180543] <TASK> [ 25.180793] dump_stack_lvl+0x73/0xb0 [ 25.181797] print_report+0xd1/0x640 [ 25.182179] ? __virt_addr_valid+0x1db/0x2d0 [ 25.182897] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.183326] kasan_report+0x102/0x140 [ 25.184015] ? mempool_uaf_helper+0x394/0x400 [ 25.184905] ? mempool_uaf_helper+0x394/0x400 [ 25.185528] __asan_report_load1_noabort+0x18/0x20 [ 25.186044] mempool_uaf_helper+0x394/0x400 [ 25.186382] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 25.187058] ? finish_task_switch.isra.0+0x153/0x700 [ 25.188161] mempool_kmalloc_uaf+0xb3/0x100 [ 25.189137] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 25.189971] ? __switch_to+0x5d9/0xf60 [ 25.190988] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.191549] ? __pfx_mempool_kfree+0x10/0x10 [ 25.192082] ? __pfx_read_tsc+0x10/0x10 [ 25.192535] ? ktime_get_ts64+0x86/0x230 [ 25.193684] kunit_try_run_case+0x1b3/0x490 [ 25.194143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.195177] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.196261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.197008] ? __kthread_parkme+0x82/0x160 [ 25.197763] ? preempt_count_sub+0x50/0x80 [ 25.198554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.199312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.200197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.201162] kthread+0x257/0x310 [ 25.201786] ? __pfx_kthread+0x10/0x10 [ 25.202305] ret_from_fork+0x41/0x80 [ 25.203012] ? __pfx_kthread+0x10/0x10 [ 25.203961] ret_from_fork_asm+0x1a/0x30 [ 25.204812] </TASK> [ 25.205003] [ 25.205661] Allocated by task 235: [ 25.206044] kasan_save_stack+0x3d/0x60 [ 25.206538] kasan_save_track+0x18/0x40 [ 25.207353] kasan_save_alloc_info+0x3b/0x50 [ 25.207946] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 25.209171] remove_element+0x11e/0x190 [ 25.209745] mempool_alloc_preallocated+0x4d/0x90 [ 25.210038] mempool_uaf_helper+0x97/0x400 [ 25.210855] mempool_kmalloc_uaf+0xb3/0x100 [ 25.212015] kunit_try_run_case+0x1b3/0x490 [ 25.212444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.213083] kthread+0x257/0x310 [ 25.213518] ret_from_fork+0x41/0x80 [ 25.214480] ret_from_fork_asm+0x1a/0x30 [ 25.215036] [ 25.215415] Freed by task 235: [ 25.216095] kasan_save_stack+0x3d/0x60 [ 25.216832] kasan_save_track+0x18/0x40 [ 25.217595] kasan_save_free_info+0x3f/0x60 [ 25.218158] __kasan_mempool_poison_object+0x131/0x1d0 [ 25.218524] mempool_free+0x2ec/0x380 [ 25.219148] mempool_uaf_helper+0x11b/0x400 [ 25.219977] mempool_kmalloc_uaf+0xb3/0x100 [ 25.220924] kunit_try_run_case+0x1b3/0x490 [ 25.221842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.223045] kthread+0x257/0x310 [ 25.223662] ret_from_fork+0x41/0x80 [ 25.223877] ret_from_fork_asm+0x1a/0x30 [ 25.224066] [ 25.224236] The buggy address belongs to the object at ffff888102992a00 [ 25.224236] which belongs to the cache kmalloc-128 of size 128 [ 25.225735] The buggy address is located 0 bytes inside of [ 25.225735] freed 128-byte region [ffff888102992a00, ffff888102992a80) [ 25.227749] [ 25.227949] The buggy address belongs to the physical page: [ 25.228485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102992 [ 25.230027] flags: 0x200000000000000(node=0|zone=2) [ 25.231575] page_type: f5(slab) [ 25.232584] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.234628] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.235239] page dumped because: kasan: bad access detected [ 25.235815] [ 25.236011] Memory state around the buggy address: [ 25.236477] ffff888102992900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.237423] ffff888102992980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.238261] >ffff888102992a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.238984] ^ [ 25.239228] ffff888102992a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.240122] ffff888102992b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.241154] ================================================================== [ 25.298489] ================================================================== [ 25.299507] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 25.300961] Read of size 1 at addr ffff8881029a0240 by task kunit_try_catch/239 [ 25.302715] [ 25.303095] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.304873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.305758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.306470] Call Trace: [ 25.306750] <TASK> [ 25.307298] dump_stack_lvl+0x73/0xb0 [ 25.308459] print_report+0xd1/0x640 [ 25.308816] ? __virt_addr_valid+0x1db/0x2d0 [ 25.309172] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.310032] kasan_report+0x102/0x140 [ 25.310574] ? mempool_uaf_helper+0x394/0x400 [ 25.311228] ? mempool_uaf_helper+0x394/0x400 [ 25.312076] __asan_report_load1_noabort+0x18/0x20 [ 25.312770] mempool_uaf_helper+0x394/0x400 [ 25.313419] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 25.313826] ? finish_task_switch.isra.0+0x153/0x700 [ 25.314395] mempool_slab_uaf+0xae/0x100 [ 25.314902] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 25.315386] ? __switch_to+0x5d9/0xf60 [ 25.315985] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 25.316516] ? __pfx_mempool_free_slab+0x10/0x10 [ 25.317100] ? __pfx_read_tsc+0x10/0x10 [ 25.317446] ? ktime_get_ts64+0x86/0x230 [ 25.318054] kunit_try_run_case+0x1b3/0x490 [ 25.318481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.319084] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.319780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.320217] ? __kthread_parkme+0x82/0x160 [ 25.320832] ? preempt_count_sub+0x50/0x80 [ 25.321300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.321901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.322636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.323301] kthread+0x257/0x310 [ 25.323824] ? __pfx_kthread+0x10/0x10 [ 25.324170] ret_from_fork+0x41/0x80 [ 25.324690] ? __pfx_kthread+0x10/0x10 [ 25.325097] ret_from_fork_asm+0x1a/0x30 [ 25.325715] </TASK> [ 25.326008] [ 25.326304] Allocated by task 239: [ 25.326697] kasan_save_stack+0x3d/0x60 [ 25.327276] kasan_save_track+0x18/0x40 [ 25.327699] kasan_save_alloc_info+0x3b/0x50 [ 25.328239] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 25.328857] remove_element+0x11e/0x190 [ 25.329363] mempool_alloc_preallocated+0x4d/0x90 [ 25.329857] mempool_uaf_helper+0x97/0x400 [ 25.330402] mempool_slab_uaf+0xae/0x100 [ 25.330835] kunit_try_run_case+0x1b3/0x490 [ 25.331388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.331876] kthread+0x257/0x310 [ 25.332334] ret_from_fork+0x41/0x80 [ 25.332822] ret_from_fork_asm+0x1a/0x30 [ 25.333347] [ 25.333697] Freed by task 239: [ 25.334049] kasan_save_stack+0x3d/0x60 [ 25.334603] kasan_save_track+0x18/0x40 [ 25.335179] kasan_save_free_info+0x3f/0x60 [ 25.335779] __kasan_mempool_poison_object+0x131/0x1d0 [ 25.336197] mempool_free+0x2ec/0x380 [ 25.336776] mempool_uaf_helper+0x11b/0x400 [ 25.337266] mempool_slab_uaf+0xae/0x100 [ 25.337673] kunit_try_run_case+0x1b3/0x490 [ 25.338386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.338975] kthread+0x257/0x310 [ 25.339361] ret_from_fork+0x41/0x80 [ 25.339870] ret_from_fork_asm+0x1a/0x30 [ 25.340225] [ 25.340468] The buggy address belongs to the object at ffff8881029a0240 [ 25.340468] which belongs to the cache test_cache of size 123 [ 25.341527] The buggy address is located 0 bytes inside of [ 25.341527] freed 123-byte region [ffff8881029a0240, ffff8881029a02bb) [ 25.342766] [ 25.343021] The buggy address belongs to the physical page: [ 25.343643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a0 [ 25.345219] flags: 0x200000000000000(node=0|zone=2) [ 25.345696] page_type: f5(slab) [ 25.346032] raw: 0200000000000000 ffff8881029973c0 dead000000000122 0000000000000000 [ 25.346956] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 25.347831] page dumped because: kasan: bad access detected [ 25.348492] [ 25.348836] Memory state around the buggy address: [ 25.349435] ffff8881029a0100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.350537] ffff8881029a0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.351430] >ffff8881029a0200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 25.352101] ^ [ 25.352751] ffff8881029a0280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.353371] ffff8881029a0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.354104] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 25.039509] ================================================================== [ 25.041162] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 25.041935] Read of size 1 at addr ffff888102b3e001 by task kunit_try_catch/231 [ 25.043313] [ 25.043542] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.045502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.046265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.047045] Call Trace: [ 25.047445] <TASK> [ 25.047886] dump_stack_lvl+0x73/0xb0 [ 25.048919] print_report+0xd1/0x640 [ 25.049837] ? __virt_addr_valid+0x1db/0x2d0 [ 25.050489] ? kasan_addr_to_slab+0x11/0xa0 [ 25.050879] kasan_report+0x102/0x140 [ 25.051634] ? mempool_oob_right_helper+0x31a/0x380 [ 25.052246] ? mempool_oob_right_helper+0x31a/0x380 [ 25.053181] __asan_report_load1_noabort+0x18/0x20 [ 25.053779] mempool_oob_right_helper+0x31a/0x380 [ 25.054541] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 25.055018] ? finish_task_switch.isra.0+0x153/0x700 [ 25.055975] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 25.056984] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 25.058116] ? __switch_to+0x5d9/0xf60 [ 25.058987] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.059513] ? __pfx_mempool_kfree+0x10/0x10 [ 25.060293] ? __pfx_read_tsc+0x10/0x10 [ 25.061256] ? ktime_get_ts64+0x86/0x230 [ 25.061735] kunit_try_run_case+0x1b3/0x490 [ 25.062532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.063109] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.063797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.065154] ? __kthread_parkme+0x82/0x160 [ 25.065775] ? preempt_count_sub+0x50/0x80 [ 25.066151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.066721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.067547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.068035] kthread+0x257/0x310 [ 25.068922] ? __pfx_kthread+0x10/0x10 [ 25.069252] ret_from_fork+0x41/0x80 [ 25.069775] ? __pfx_kthread+0x10/0x10 [ 25.070268] ret_from_fork_asm+0x1a/0x30 [ 25.070880] </TASK> [ 25.071209] [ 25.071558] The buggy address belongs to the physical page: [ 25.072039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 25.072867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.073879] flags: 0x200000000000040(head|node=0|zone=2) [ 25.074982] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.075717] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.076323] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.077303] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.078132] head: 0200000000000002 ffffea00040acf01 ffffffffffffffff 0000000000000000 [ 25.079484] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.080691] page dumped because: kasan: bad access detected [ 25.081172] [ 25.081406] Memory state around the buggy address: [ 25.082067] ffff888102b3df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.083333] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.084542] >ffff888102b3e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.085624] ^ [ 25.086943] ffff888102b3e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.088145] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.089879] ================================================================== [ 25.098685] ================================================================== [ 25.100595] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 25.101510] Read of size 1 at addr ffff888101af92bb by task kunit_try_catch/233 [ 25.103051] [ 25.103288] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 25.104510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.104945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.105645] Call Trace: [ 25.105994] <TASK> [ 25.106663] dump_stack_lvl+0x73/0xb0 [ 25.107413] print_report+0xd1/0x640 [ 25.108221] ? __virt_addr_valid+0x1db/0x2d0 [ 25.109132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.109473] kasan_report+0x102/0x140 [ 25.110601] ? mempool_oob_right_helper+0x31a/0x380 [ 25.111617] ? mempool_oob_right_helper+0x31a/0x380 [ 25.112393] __asan_report_load1_noabort+0x18/0x20 [ 25.113168] mempool_oob_right_helper+0x31a/0x380 [ 25.114259] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 25.115597] ? finish_task_switch.isra.0+0x153/0x700 [ 25.116122] mempool_slab_oob_right+0xb1/0x100 [ 25.117015] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 25.117753] ? __switch_to+0x5d9/0xf60 [ 25.118295] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 25.119072] ? __pfx_mempool_free_slab+0x10/0x10 [ 25.120027] ? __pfx_read_tsc+0x10/0x10 [ 25.120570] ? ktime_get_ts64+0x86/0x230 [ 25.120951] kunit_try_run_case+0x1b3/0x490 [ 25.121922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.122830] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.123278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.124584] ? __kthread_parkme+0x82/0x160 [ 25.125025] ? preempt_count_sub+0x50/0x80 [ 25.125845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.126644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.127482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.128315] kthread+0x257/0x310 [ 25.129190] ? __pfx_kthread+0x10/0x10 [ 25.129983] ret_from_fork+0x41/0x80 [ 25.130483] ? __pfx_kthread+0x10/0x10 [ 25.131671] ret_from_fork_asm+0x1a/0x30 [ 25.132311] </TASK> [ 25.132766] [ 25.133464] Allocated by task 233: [ 25.134022] kasan_save_stack+0x3d/0x60 [ 25.134769] kasan_save_track+0x18/0x40 [ 25.135139] kasan_save_alloc_info+0x3b/0x50 [ 25.136162] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 25.136829] remove_element+0x11e/0x190 [ 25.137704] mempool_alloc_preallocated+0x4d/0x90 [ 25.138831] mempool_oob_right_helper+0x8b/0x380 [ 25.139739] mempool_slab_oob_right+0xb1/0x100 [ 25.140191] kunit_try_run_case+0x1b3/0x490 [ 25.140555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.142396] kthread+0x257/0x310 [ 25.143010] ret_from_fork+0x41/0x80 [ 25.143428] ret_from_fork_asm+0x1a/0x30 [ 25.144318] [ 25.144750] The buggy address belongs to the object at ffff888101af9240 [ 25.144750] which belongs to the cache test_cache of size 123 [ 25.146575] The buggy address is located 0 bytes to the right of [ 25.146575] allocated 123-byte region [ffff888101af9240, ffff888101af92bb) [ 25.148255] [ 25.148654] The buggy address belongs to the physical page: [ 25.149688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af9 [ 25.150583] flags: 0x200000000000000(node=0|zone=2) [ 25.151430] page_type: f5(slab) [ 25.151775] raw: 0200000000000000 ffff888101a9c780 dead000000000122 0000000000000000 [ 25.152506] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 25.153210] page dumped because: kasan: bad access detected [ 25.154844] [ 25.155081] Memory state around the buggy address: [ 25.156168] ffff888101af9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.157517] ffff888101af9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 25.158478] >ffff888101af9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 25.159205] ^ [ 25.159680] ffff888101af9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.160584] ffff888101af9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.161371] ================================================================== [ 24.983894] ================================================================== [ 24.984928] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 24.986382] Read of size 1 at addr ffff888101af5a73 by task kunit_try_catch/229 [ 24.987208] [ 24.987417] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.988235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.988603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.989486] Call Trace: [ 24.989711] <TASK> [ 24.989958] dump_stack_lvl+0x73/0xb0 [ 24.990552] print_report+0xd1/0x640 [ 24.990979] ? __virt_addr_valid+0x1db/0x2d0 [ 24.991399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.991963] kasan_report+0x102/0x140 [ 24.992414] ? mempool_oob_right_helper+0x31a/0x380 [ 24.992839] ? mempool_oob_right_helper+0x31a/0x380 [ 24.993309] __asan_report_load1_noabort+0x18/0x20 [ 24.993785] mempool_oob_right_helper+0x31a/0x380 [ 24.994366] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 24.995651] ? finish_task_switch.isra.0+0x153/0x700 [ 24.996130] mempool_kmalloc_oob_right+0xb6/0x100 [ 24.996725] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 24.997120] ? __switch_to+0x5d9/0xf60 [ 24.997722] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.998202] ? __pfx_mempool_kfree+0x10/0x10 [ 24.999022] ? __pfx_read_tsc+0x10/0x10 [ 24.999714] ? ktime_get_ts64+0x86/0x230 [ 25.000231] kunit_try_run_case+0x1b3/0x490 [ 25.000871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.001468] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.001936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.003125] ? __kthread_parkme+0x82/0x160 [ 25.003633] ? preempt_count_sub+0x50/0x80 [ 25.004137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.004562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.005231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.005689] kthread+0x257/0x310 [ 25.006225] ? __pfx_kthread+0x10/0x10 [ 25.006951] ret_from_fork+0x41/0x80 [ 25.007274] ? __pfx_kthread+0x10/0x10 [ 25.007790] ret_from_fork_asm+0x1a/0x30 [ 25.008232] </TASK> [ 25.008482] [ 25.008727] Allocated by task 229: [ 25.009222] kasan_save_stack+0x3d/0x60 [ 25.009632] kasan_save_track+0x18/0x40 [ 25.010182] kasan_save_alloc_info+0x3b/0x50 [ 25.010904] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 25.011711] remove_element+0x11e/0x190 [ 25.012018] mempool_alloc_preallocated+0x4d/0x90 [ 25.013202] mempool_oob_right_helper+0x8b/0x380 [ 25.013654] mempool_kmalloc_oob_right+0xb6/0x100 [ 25.014112] kunit_try_run_case+0x1b3/0x490 [ 25.014793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.015216] kthread+0x257/0x310 [ 25.016002] ret_from_fork+0x41/0x80 [ 25.016470] ret_from_fork_asm+0x1a/0x30 [ 25.016762] [ 25.017041] The buggy address belongs to the object at ffff888101af5a00 [ 25.017041] which belongs to the cache kmalloc-128 of size 128 [ 25.018395] The buggy address is located 0 bytes to the right of [ 25.018395] allocated 115-byte region [ffff888101af5a00, ffff888101af5a73) [ 25.019414] [ 25.019719] The buggy address belongs to the physical page: [ 25.020141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af5 [ 25.020631] flags: 0x200000000000000(node=0|zone=2) [ 25.021194] page_type: f5(slab) [ 25.022031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.022492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.023756] page dumped because: kasan: bad access detected [ 25.024204] [ 25.024486] Memory state around the buggy address: [ 25.024934] ffff888101af5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.025957] ffff888101af5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.027063] >ffff888101af5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.027876] ^ [ 25.028758] ffff888101af5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.030003] ffff888101af5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.031010] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 24.379766] ================================================================== [ 24.380611] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 24.381361] Read of size 1 at addr ffff888102997000 by task kunit_try_catch/223 [ 24.382174] [ 24.382420] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.383568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.384258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.385827] Call Trace: [ 24.386064] <TASK> [ 24.386354] dump_stack_lvl+0x73/0xb0 [ 24.387086] print_report+0xd1/0x640 [ 24.387720] ? __virt_addr_valid+0x1db/0x2d0 [ 24.388164] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.388663] kasan_report+0x102/0x140 [ 24.389273] ? kmem_cache_double_destroy+0x1bd/0x380 [ 24.389923] ? kmem_cache_double_destroy+0x1bd/0x380 [ 24.390634] ? kmem_cache_double_destroy+0x1bd/0x380 [ 24.391286] __kasan_check_byte+0x3d/0x50 [ 24.391649] kmem_cache_destroy+0x25/0x1d0 [ 24.391924] kmem_cache_double_destroy+0x1bd/0x380 [ 24.392265] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 24.392743] ? finish_task_switch.isra.0+0x153/0x700 [ 24.393519] ? __switch_to+0x5d9/0xf60 [ 24.393817] ? __pfx_empty_cache_ctor+0x10/0x10 [ 24.394558] ? __pfx_read_tsc+0x10/0x10 [ 24.394849] ? ktime_get_ts64+0x86/0x230 [ 24.395164] kunit_try_run_case+0x1b3/0x490 [ 24.395669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.396141] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.396591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.397083] ? __kthread_parkme+0x82/0x160 [ 24.397581] ? preempt_count_sub+0x50/0x80 [ 24.397938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.398510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.398982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.399593] kthread+0x257/0x310 [ 24.399966] ? __pfx_kthread+0x10/0x10 [ 24.400264] ret_from_fork+0x41/0x80 [ 24.400747] ? __pfx_kthread+0x10/0x10 [ 24.401243] ret_from_fork_asm+0x1a/0x30 [ 24.401675] </TASK> [ 24.401867] [ 24.402132] Allocated by task 223: [ 24.402597] kasan_save_stack+0x3d/0x60 [ 24.403086] kasan_save_track+0x18/0x40 [ 24.403406] kasan_save_alloc_info+0x3b/0x50 [ 24.403801] __kasan_slab_alloc+0x91/0xa0 [ 24.404218] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.404580] __kmem_cache_create_args+0x177/0x250 [ 24.405157] kmem_cache_double_destroy+0xd3/0x380 [ 24.405662] kunit_try_run_case+0x1b3/0x490 [ 24.405975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.407187] kthread+0x257/0x310 [ 24.407620] ret_from_fork+0x41/0x80 [ 24.408080] ret_from_fork_asm+0x1a/0x30 [ 24.408885] [ 24.409068] Freed by task 223: [ 24.409401] kasan_save_stack+0x3d/0x60 [ 24.409999] kasan_save_track+0x18/0x40 [ 24.410284] kasan_save_free_info+0x3f/0x60 [ 24.410799] __kasan_slab_free+0x56/0x70 [ 24.411259] kmem_cache_free+0x120/0x420 [ 24.411623] slab_kmem_cache_release+0x2e/0x40 [ 24.412238] kmem_cache_release+0x16/0x20 [ 24.412743] kobject_put+0x181/0x450 [ 24.413038] sysfs_slab_release+0x16/0x20 [ 24.413544] kmem_cache_destroy+0xf0/0x1d0 [ 24.414046] kmem_cache_double_destroy+0x14c/0x380 [ 24.414445] kunit_try_run_case+0x1b3/0x490 [ 24.414861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.415599] kthread+0x257/0x310 [ 24.415958] ret_from_fork+0x41/0x80 [ 24.416508] ret_from_fork_asm+0x1a/0x30 [ 24.416946] [ 24.417271] The buggy address belongs to the object at ffff888102997000 [ 24.417271] which belongs to the cache kmem_cache of size 208 [ 24.418270] The buggy address is located 0 bytes inside of [ 24.418270] freed 208-byte region [ffff888102997000, ffff8881029970d0) [ 24.419522] [ 24.419683] The buggy address belongs to the physical page: [ 24.420361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102997 [ 24.421089] flags: 0x200000000000000(node=0|zone=2) [ 24.421697] page_type: f5(slab) [ 24.422202] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 24.422924] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 24.423632] page dumped because: kasan: bad access detected [ 24.424255] [ 24.424425] Memory state around the buggy address: [ 24.424983] ffff888102996f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 24.425703] ffff888102996f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.426354] >ffff888102997000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.427083] ^ [ 24.427442] ffff888102997080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 24.428117] ffff888102997100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.429201] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 24.281798] ================================================================== [ 24.282788] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 24.284059] Read of size 1 at addr ffff888102997000 by task kunit_try_catch/221 [ 24.284528] [ 24.284738] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.285566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.285970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.287658] Call Trace: [ 24.287969] <TASK> [ 24.288270] dump_stack_lvl+0x73/0xb0 [ 24.288911] print_report+0xd1/0x640 [ 24.289621] ? __virt_addr_valid+0x1db/0x2d0 [ 24.290214] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.290846] kasan_report+0x102/0x140 [ 24.291398] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 24.292344] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 24.292970] __asan_report_load1_noabort+0x18/0x20 [ 24.293598] kmem_cache_rcu_uaf+0x3e5/0x510 [ 24.294338] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 24.295104] ? finish_task_switch.isra.0+0x153/0x700 [ 24.295602] ? __switch_to+0x5d9/0xf60 [ 24.296537] ? __pfx_read_tsc+0x10/0x10 [ 24.297295] ? ktime_get_ts64+0x86/0x230 [ 24.298034] kunit_try_run_case+0x1b3/0x490 [ 24.298590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.299606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.300936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.301739] ? __kthread_parkme+0x82/0x160 [ 24.302652] ? preempt_count_sub+0x50/0x80 [ 24.303230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.304061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.304797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.305200] kthread+0x257/0x310 [ 24.305640] ? __pfx_kthread+0x10/0x10 [ 24.306213] ret_from_fork+0x41/0x80 [ 24.306922] ? __pfx_kthread+0x10/0x10 [ 24.307231] ret_from_fork_asm+0x1a/0x30 [ 24.307617] </TASK> [ 24.308170] [ 24.308925] Allocated by task 221: [ 24.309290] kasan_save_stack+0x3d/0x60 [ 24.309685] kasan_save_track+0x18/0x40 [ 24.310576] kasan_save_alloc_info+0x3b/0x50 [ 24.310987] __kasan_slab_alloc+0x91/0xa0 [ 24.312000] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.312776] kmem_cache_rcu_uaf+0x156/0x510 [ 24.313281] kunit_try_run_case+0x1b3/0x490 [ 24.313885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.314711] kthread+0x257/0x310 [ 24.315228] ret_from_fork+0x41/0x80 [ 24.315757] ret_from_fork_asm+0x1a/0x30 [ 24.316966] [ 24.317189] Freed by task 0: [ 24.317528] kasan_save_stack+0x3d/0x60 [ 24.318261] kasan_save_track+0x18/0x40 [ 24.318797] kasan_save_free_info+0x3f/0x60 [ 24.319398] __kasan_slab_free+0x56/0x70 [ 24.320226] slab_free_after_rcu_debug+0xe4/0x310 [ 24.320670] rcu_core+0x680/0x1d70 [ 24.321470] rcu_core_si+0x12/0x20 [ 24.321705] handle_softirqs+0x209/0x720 [ 24.322059] __irq_exit_rcu+0xc9/0x110 [ 24.322881] irq_exit_rcu+0x12/0x20 [ 24.323234] sysvec_apic_timer_interrupt+0x81/0x90 [ 24.324252] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 24.325375] [ 24.325629] Last potentially related work creation: [ 24.326188] kasan_save_stack+0x3d/0x60 [ 24.326636] kasan_record_aux_stack+0xb2/0xc0 [ 24.327911] kmem_cache_free+0x284/0x420 [ 24.328273] kmem_cache_rcu_uaf+0x195/0x510 [ 24.328802] kunit_try_run_case+0x1b3/0x490 [ 24.329300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.329925] kthread+0x257/0x310 [ 24.331114] ret_from_fork+0x41/0x80 [ 24.331486] ret_from_fork_asm+0x1a/0x30 [ 24.331852] [ 24.332341] The buggy address belongs to the object at ffff888102997000 [ 24.332341] which belongs to the cache test_cache of size 200 [ 24.334248] The buggy address is located 0 bytes inside of [ 24.334248] freed 200-byte region [ffff888102997000, ffff8881029970c8) [ 24.335792] [ 24.335976] The buggy address belongs to the physical page: [ 24.336815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102997 [ 24.337415] flags: 0x200000000000000(node=0|zone=2) [ 24.338012] page_type: f5(slab) [ 24.338726] raw: 0200000000000000 ffff8881010c4dc0 dead000000000122 0000000000000000 [ 24.339725] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 24.340653] page dumped because: kasan: bad access detected [ 24.341826] [ 24.342282] Memory state around the buggy address: [ 24.342993] ffff888102996f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 24.343708] ffff888102996f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.344596] >ffff888102997000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.345543] ^ [ 24.345861] ffff888102997080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 24.346465] ffff888102997100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.347512] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 24.183733] ================================================================== [ 24.185847] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 24.186890] Free of addr ffff888101af4001 by task kunit_try_catch/219 [ 24.187967] [ 24.188192] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.190155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.190810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.191516] Call Trace: [ 24.191767] <TASK> [ 24.192813] dump_stack_lvl+0x73/0xb0 [ 24.193139] print_report+0xd1/0x640 [ 24.194324] ? __virt_addr_valid+0x1db/0x2d0 [ 24.195056] ? kmem_cache_invalid_free+0x1d9/0x470 [ 24.195772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.196280] ? kmem_cache_invalid_free+0x1d9/0x470 [ 24.196739] kasan_report_invalid_free+0xc0/0xf0 [ 24.197220] ? kmem_cache_invalid_free+0x1d9/0x470 [ 24.197624] ? kmem_cache_invalid_free+0x1d9/0x470 [ 24.198628] check_slab_allocation+0x11f/0x130 [ 24.199175] __kasan_slab_pre_free+0x28/0x40 [ 24.199758] kmem_cache_free+0xee/0x420 [ 24.200652] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.201150] ? kmem_cache_invalid_free+0x1d9/0x470 [ 24.201822] kmem_cache_invalid_free+0x1d9/0x470 [ 24.202592] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 24.203103] ? finish_task_switch.isra.0+0x153/0x700 [ 24.203790] ? __switch_to+0x5d9/0xf60 [ 24.204430] ? __pfx_read_tsc+0x10/0x10 [ 24.204914] ? ktime_get_ts64+0x86/0x230 [ 24.205714] kunit_try_run_case+0x1b3/0x490 [ 24.206301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.206917] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.207617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.208139] ? __kthread_parkme+0x82/0x160 [ 24.208828] ? preempt_count_sub+0x50/0x80 [ 24.209366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.209952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.210798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.211604] kthread+0x257/0x310 [ 24.212075] ? __pfx_kthread+0x10/0x10 [ 24.212426] ret_from_fork+0x41/0x80 [ 24.212836] ? __pfx_kthread+0x10/0x10 [ 24.213338] ret_from_fork_asm+0x1a/0x30 [ 24.213786] </TASK> [ 24.214407] [ 24.214592] Allocated by task 219: [ 24.214955] kasan_save_stack+0x3d/0x60 [ 24.215443] kasan_save_track+0x18/0x40 [ 24.215982] kasan_save_alloc_info+0x3b/0x50 [ 24.217407] __kasan_slab_alloc+0x91/0xa0 [ 24.217807] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.218254] kmem_cache_invalid_free+0x158/0x470 [ 24.219959] kunit_try_run_case+0x1b3/0x490 [ 24.220529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.221515] kthread+0x257/0x310 [ 24.222140] ret_from_fork+0x41/0x80 [ 24.222480] ret_from_fork_asm+0x1a/0x30 [ 24.223172] [ 24.223452] The buggy address belongs to the object at ffff888101af4000 [ 24.223452] which belongs to the cache test_cache of size 200 [ 24.224704] The buggy address is located 1 bytes inside of [ 24.224704] 200-byte region [ffff888101af4000, ffff888101af40c8) [ 24.226572] [ 24.227211] The buggy address belongs to the physical page: [ 24.228034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af4 [ 24.229305] flags: 0x200000000000000(node=0|zone=2) [ 24.229910] page_type: f5(slab) [ 24.230517] raw: 0200000000000000 ffff888101a9c640 dead000000000122 0000000000000000 [ 24.231509] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 24.232792] page dumped because: kasan: bad access detected [ 24.233551] [ 24.234048] Memory state around the buggy address: [ 24.234779] ffff888101af3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.236340] ffff888101af3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.237123] >ffff888101af4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.237851] ^ [ 24.238488] ffff888101af4080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 24.239212] ffff888101af4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.239850] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 24.102723] ================================================================== [ 24.103819] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 24.104884] Free of addr ffff888102996000 by task kunit_try_catch/217 [ 24.106017] [ 24.106564] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.108145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.108672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.109082] Call Trace: [ 24.110081] <TASK> [ 24.111013] dump_stack_lvl+0x73/0xb0 [ 24.112057] print_report+0xd1/0x640 [ 24.112908] ? __virt_addr_valid+0x1db/0x2d0 [ 24.113549] ? kmem_cache_double_free+0x1e6/0x490 [ 24.113971] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.114488] ? kmem_cache_double_free+0x1e6/0x490 [ 24.115685] kasan_report_invalid_free+0xc0/0xf0 [ 24.116703] ? kmem_cache_double_free+0x1e6/0x490 [ 24.117330] ? kmem_cache_double_free+0x1e6/0x490 [ 24.117966] check_slab_allocation+0x101/0x130 [ 24.118741] __kasan_slab_pre_free+0x28/0x40 [ 24.120052] kmem_cache_free+0xee/0x420 [ 24.120688] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.121245] ? kmem_cache_double_free+0x1e6/0x490 [ 24.122070] kmem_cache_double_free+0x1e6/0x490 [ 24.122548] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 24.123216] ? finish_task_switch.isra.0+0x153/0x700 [ 24.124395] ? __switch_to+0x5d9/0xf60 [ 24.124847] ? __pfx_read_tsc+0x10/0x10 [ 24.125264] ? ktime_get_ts64+0x86/0x230 [ 24.126205] kunit_try_run_case+0x1b3/0x490 [ 24.126970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.127437] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.127837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.128298] ? __kthread_parkme+0x82/0x160 [ 24.128665] ? preempt_count_sub+0x50/0x80 [ 24.129901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.130377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.131113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.131983] kthread+0x257/0x310 [ 24.132686] ? __pfx_kthread+0x10/0x10 [ 24.133261] ret_from_fork+0x41/0x80 [ 24.134251] ? __pfx_kthread+0x10/0x10 [ 24.135070] ret_from_fork_asm+0x1a/0x30 [ 24.135479] </TASK> [ 24.136255] [ 24.136502] Allocated by task 217: [ 24.137237] kasan_save_stack+0x3d/0x60 [ 24.138160] kasan_save_track+0x18/0x40 [ 24.138854] kasan_save_alloc_info+0x3b/0x50 [ 24.139900] __kasan_slab_alloc+0x91/0xa0 [ 24.140318] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.141926] kmem_cache_double_free+0x150/0x490 [ 24.142377] kunit_try_run_case+0x1b3/0x490 [ 24.143406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.143876] kthread+0x257/0x310 [ 24.144404] ret_from_fork+0x41/0x80 [ 24.144874] ret_from_fork_asm+0x1a/0x30 [ 24.145360] [ 24.146077] Freed by task 217: [ 24.146345] kasan_save_stack+0x3d/0x60 [ 24.146871] kasan_save_track+0x18/0x40 [ 24.147366] kasan_save_free_info+0x3f/0x60 [ 24.148059] __kasan_slab_free+0x56/0x70 [ 24.148423] kmem_cache_free+0x120/0x420 [ 24.148703] kmem_cache_double_free+0x16b/0x490 [ 24.149445] kunit_try_run_case+0x1b3/0x490 [ 24.150452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.150896] kthread+0x257/0x310 [ 24.151352] ret_from_fork+0x41/0x80 [ 24.152216] ret_from_fork_asm+0x1a/0x30 [ 24.152695] [ 24.152894] The buggy address belongs to the object at ffff888102996000 [ 24.152894] which belongs to the cache test_cache of size 200 [ 24.154551] The buggy address is located 0 bytes inside of [ 24.154551] 200-byte region [ffff888102996000, ffff8881029960c8) [ 24.156337] [ 24.157313] The buggy address belongs to the physical page: [ 24.157729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102996 [ 24.158933] flags: 0x200000000000000(node=0|zone=2) [ 24.159951] page_type: f5(slab) [ 24.161119] raw: 0200000000000000 ffff8881010c4c80 dead000000000122 0000000000000000 [ 24.161972] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 24.163102] page dumped because: kasan: bad access detected [ 24.163639] [ 24.163924] Memory state around the buggy address: [ 24.165017] ffff888102995f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.165591] ffff888102995f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.166885] >ffff888102996000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.168018] ^ [ 24.168244] ffff888102996080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 24.169275] ffff888102996100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.170379] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 24.023466] ================================================================== [ 24.024390] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 24.025097] Read of size 1 at addr ffff888101af20c8 by task kunit_try_catch/215 [ 24.025956] [ 24.026203] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 24.028522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.029128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.030894] Call Trace: [ 24.031439] <TASK> [ 24.031887] dump_stack_lvl+0x73/0xb0 [ 24.032907] print_report+0xd1/0x640 [ 24.033681] ? __virt_addr_valid+0x1db/0x2d0 [ 24.034160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.035618] kasan_report+0x102/0x140 [ 24.036036] ? kmem_cache_oob+0x404/0x530 [ 24.037085] ? kmem_cache_oob+0x404/0x530 [ 24.037757] __asan_report_load1_noabort+0x18/0x20 [ 24.038277] kmem_cache_oob+0x404/0x530 [ 24.038673] ? trace_hardirqs_on+0x37/0xe0 [ 24.039079] ? __pfx_kmem_cache_oob+0x10/0x10 [ 24.039409] ? finish_task_switch.isra.0+0x153/0x700 [ 24.040059] ? __switch_to+0x5d9/0xf60 [ 24.040369] ? __pfx_read_tsc+0x10/0x10 [ 24.040851] ? ktime_get_ts64+0x86/0x230 [ 24.041480] kunit_try_run_case+0x1b3/0x490 [ 24.042493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.043058] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.044292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.045571] ? __kthread_parkme+0x82/0x160 [ 24.046084] ? preempt_count_sub+0x50/0x80 [ 24.047082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.047691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.048315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.048848] kthread+0x257/0x310 [ 24.049817] ? __pfx_kthread+0x10/0x10 [ 24.050764] ret_from_fork+0x41/0x80 [ 24.052101] ? __pfx_kthread+0x10/0x10 [ 24.052804] ret_from_fork_asm+0x1a/0x30 [ 24.053593] </TASK> [ 24.054064] [ 24.054198] Allocated by task 215: [ 24.055078] kasan_save_stack+0x3d/0x60 [ 24.055720] kasan_save_track+0x18/0x40 [ 24.056770] kasan_save_alloc_info+0x3b/0x50 [ 24.057778] __kasan_slab_alloc+0x91/0xa0 [ 24.058347] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 24.059777] kmem_cache_oob+0x158/0x530 [ 24.060582] kunit_try_run_case+0x1b3/0x490 [ 24.061141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.062510] kthread+0x257/0x310 [ 24.063479] ret_from_fork+0x41/0x80 [ 24.063884] ret_from_fork_asm+0x1a/0x30 [ 24.065073] [ 24.065253] The buggy address belongs to the object at ffff888101af2000 [ 24.065253] which belongs to the cache test_cache of size 200 [ 24.066768] The buggy address is located 0 bytes to the right of [ 24.066768] allocated 200-byte region [ffff888101af2000, ffff888101af20c8) [ 24.068363] [ 24.068505] The buggy address belongs to the physical page: [ 24.069309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101af2 [ 24.071090] flags: 0x200000000000000(node=0|zone=2) [ 24.071955] page_type: f5(slab) [ 24.072399] raw: 0200000000000000 ffff888101a9c500 dead000000000122 0000000000000000 [ 24.073805] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 24.074442] page dumped because: kasan: bad access detected [ 24.075833] [ 24.076042] Memory state around the buggy address: [ 24.076573] ffff888101af1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.077948] ffff888101af2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.078655] >ffff888101af2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 24.080115] ^ [ 24.080705] ffff888101af2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.081867] ffff888101af2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.082309] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 23.937661] ================================================================== [ 23.940250] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 23.940910] Read of size 8 at addr ffff888101aeabc0 by task kunit_try_catch/208 [ 23.942057] [ 23.943116] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.944756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.945326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.946162] Call Trace: [ 23.946500] <TASK> [ 23.946801] dump_stack_lvl+0x73/0xb0 [ 23.947689] print_report+0xd1/0x640 [ 23.948135] ? __virt_addr_valid+0x1db/0x2d0 [ 23.948780] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.949233] kasan_report+0x102/0x140 [ 23.950489] ? workqueue_uaf+0x4d8/0x560 [ 23.950879] ? workqueue_uaf+0x4d8/0x560 [ 23.951301] __asan_report_load8_noabort+0x18/0x20 [ 23.951715] workqueue_uaf+0x4d8/0x560 [ 23.952753] ? __pfx_workqueue_uaf+0x10/0x10 [ 23.953213] ? __pfx_workqueue_uaf+0x10/0x10 [ 23.954096] kunit_try_run_case+0x1b3/0x490 [ 23.955028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.955504] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.956703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.957420] ? __kthread_parkme+0x82/0x160 [ 23.958321] ? preempt_count_sub+0x50/0x80 [ 23.958786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.959258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.960681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.961220] kthread+0x257/0x310 [ 23.961614] ? __pfx_kthread+0x10/0x10 [ 23.962526] ret_from_fork+0x41/0x80 [ 23.962859] ? __pfx_kthread+0x10/0x10 [ 23.963269] ret_from_fork_asm+0x1a/0x30 [ 23.964335] </TASK> [ 23.965102] [ 23.965365] Allocated by task 208: [ 23.966539] kasan_save_stack+0x3d/0x60 [ 23.966952] kasan_save_track+0x18/0x40 [ 23.968139] kasan_save_alloc_info+0x3b/0x50 [ 23.969038] __kasan_kmalloc+0xb7/0xc0 [ 23.969683] __kmalloc_cache_noprof+0x184/0x410 [ 23.970188] workqueue_uaf+0x153/0x560 [ 23.970470] kunit_try_run_case+0x1b3/0x490 [ 23.971709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.972109] kthread+0x257/0x310 [ 23.973145] ret_from_fork+0x41/0x80 [ 23.973912] ret_from_fork_asm+0x1a/0x30 [ 23.974459] [ 23.974660] Freed by task 8: [ 23.975161] kasan_save_stack+0x3d/0x60 [ 23.975820] kasan_save_track+0x18/0x40 [ 23.976140] kasan_save_free_info+0x3f/0x60 [ 23.976857] __kasan_slab_free+0x56/0x70 [ 23.978222] kfree+0x123/0x3f0 [ 23.978621] workqueue_uaf_work+0x12/0x20 [ 23.979117] process_one_work+0x5ee/0xf60 [ 23.980146] worker_thread+0x720/0x1300 [ 23.980555] kthread+0x257/0x310 [ 23.981030] ret_from_fork+0x41/0x80 [ 23.982094] ret_from_fork_asm+0x1a/0x30 [ 23.982452] [ 23.982611] Last potentially related work creation: [ 23.983296] kasan_save_stack+0x3d/0x60 [ 23.983890] kasan_record_aux_stack+0xb2/0xc0 [ 23.984364] __queue_work+0x626/0xe60 [ 23.984834] queue_work_on+0x74/0xa0 [ 23.985231] workqueue_uaf+0x26e/0x560 [ 23.985941] kunit_try_run_case+0x1b3/0x490 [ 23.986420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.987110] kthread+0x257/0x310 [ 23.988139] ret_from_fork+0x41/0x80 [ 23.988440] ret_from_fork_asm+0x1a/0x30 [ 23.988980] [ 23.989934] The buggy address belongs to the object at ffff888101aeabc0 [ 23.989934] which belongs to the cache kmalloc-32 of size 32 [ 23.990792] The buggy address is located 0 bytes inside of [ 23.990792] freed 32-byte region [ffff888101aeabc0, ffff888101aeabe0) [ 23.992663] [ 23.992925] The buggy address belongs to the physical page: [ 23.993483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aea [ 23.994225] flags: 0x200000000000000(node=0|zone=2) [ 23.995108] page_type: f5(slab) [ 23.996320] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.997203] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 23.998441] page dumped because: kasan: bad access detected [ 23.998907] [ 23.999105] Memory state around the buggy address: [ 23.999591] ffff888101aeaa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.000368] ffff888101aeab00: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 24.001186] >ffff888101aeab80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.002591] ^ [ 24.003105] ffff888101aeac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.004140] ffff888101aeac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.005006] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 23.849548] ================================================================== [ 23.850379] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 23.851358] Read of size 4 at addr ffff8881029907c0 by task swapper/1/0 [ 23.853002] [ 23.853209] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.855332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.855611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.856197] Call Trace: [ 23.856536] <IRQ> [ 23.857332] dump_stack_lvl+0x73/0xb0 [ 23.857813] print_report+0xd1/0x640 [ 23.858476] ? __virt_addr_valid+0x1db/0x2d0 [ 23.859109] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.859665] kasan_report+0x102/0x140 [ 23.860178] ? rcu_uaf_reclaim+0x50/0x60 [ 23.860588] ? rcu_uaf_reclaim+0x50/0x60 [ 23.861054] __asan_report_load4_noabort+0x18/0x20 [ 23.861539] rcu_uaf_reclaim+0x50/0x60 [ 23.862097] rcu_core+0x680/0x1d70 [ 23.862382] ? __pfx_rcu_core+0x10/0x10 [ 23.863232] ? ktime_get+0x6b/0x150 [ 23.863691] ? handle_softirqs+0x18e/0x720 [ 23.864288] rcu_core_si+0x12/0x20 [ 23.865186] handle_softirqs+0x209/0x720 [ 23.865930] ? hrtimer_interrupt+0x2fe/0x780 [ 23.866421] ? __pfx_handle_softirqs+0x10/0x10 [ 23.867318] __irq_exit_rcu+0xc9/0x110 [ 23.868183] irq_exit_rcu+0x12/0x20 [ 23.868544] sysvec_apic_timer_interrupt+0x81/0x90 [ 23.869101] </IRQ> [ 23.869731] <TASK> [ 23.870153] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 23.871123] RIP: 0010:default_idle+0xf/0x20 [ 23.872300] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 99 35 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 23.873806] RSP: 0000:ffff888100877de0 EFLAGS: 00010206 [ 23.874788] RAX: ffff888154b00000 RBX: ffff88810084c000 RCX: ffffffffb8f01165 [ 23.876440] RDX: ffffed102a966b23 RSI: 0000000000000004 RDI: 000000000000e6c4 [ 23.877183] RBP: ffff888100877de8 R08: 0000000000000001 R09: ffffed102a966b22 [ 23.877886] R10: ffff888154b35913 R11: 0000000000000000 R12: 0000000000000001 [ 23.878866] R13: ffffed1020109800 R14: ffffffffbad74190 R15: 0000000000000000 [ 23.879963] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 23.880672] ? arch_cpu_idle+0xd/0x20 [ 23.881172] default_idle_call+0x48/0x80 [ 23.882024] do_idle+0x310/0x3c0 [ 23.882531] ? __pfx_do_idle+0x10/0x10 [ 23.883233] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 23.884007] ? complete+0x15b/0x1d0 [ 23.884606] cpu_startup_entry+0x5c/0x70 [ 23.885025] start_secondary+0x216/0x290 [ 23.885399] ? __pfx_start_secondary+0x10/0x10 [ 23.886037] common_startup_64+0x12c/0x138 [ 23.886466] </TASK> [ 23.886853] [ 23.887396] Allocated by task 206: [ 23.887705] kasan_save_stack+0x3d/0x60 [ 23.888425] kasan_save_track+0x18/0x40 [ 23.888729] kasan_save_alloc_info+0x3b/0x50 [ 23.889250] __kasan_kmalloc+0xb7/0xc0 [ 23.889909] __kmalloc_cache_noprof+0x184/0x410 [ 23.890807] rcu_uaf+0xb1/0x330 [ 23.891107] kunit_try_run_case+0x1b3/0x490 [ 23.891492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.892279] kthread+0x257/0x310 [ 23.892824] ret_from_fork+0x41/0x80 [ 23.893142] ret_from_fork_asm+0x1a/0x30 [ 23.894115] [ 23.894363] Freed by task 0: [ 23.894926] kasan_save_stack+0x3d/0x60 [ 23.895330] kasan_save_track+0x18/0x40 [ 23.895968] kasan_save_free_info+0x3f/0x60 [ 23.896308] __kasan_slab_free+0x56/0x70 [ 23.896592] kfree+0x123/0x3f0 [ 23.897055] rcu_uaf_reclaim+0x1f/0x60 [ 23.897697] rcu_core+0x680/0x1d70 [ 23.898147] rcu_core_si+0x12/0x20 [ 23.898908] handle_softirqs+0x209/0x720 [ 23.899234] __irq_exit_rcu+0xc9/0x110 [ 23.900087] irq_exit_rcu+0x12/0x20 [ 23.901122] sysvec_apic_timer_interrupt+0x81/0x90 [ 23.901883] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 23.902366] [ 23.902676] Last potentially related work creation: [ 23.903057] kasan_save_stack+0x3d/0x60 [ 23.903402] kasan_record_aux_stack+0xb2/0xc0 [ 23.903933] __call_rcu_common.constprop.0+0x72/0xaa0 [ 23.905175] call_rcu+0x12/0x20 [ 23.905894] rcu_uaf+0x169/0x330 [ 23.906576] kunit_try_run_case+0x1b3/0x490 [ 23.907600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.908280] kthread+0x257/0x310 [ 23.909036] ret_from_fork+0x41/0x80 [ 23.909590] ret_from_fork_asm+0x1a/0x30 [ 23.909873] [ 23.910165] The buggy address belongs to the object at ffff8881029907c0 [ 23.910165] which belongs to the cache kmalloc-32 of size 32 [ 23.911739] The buggy address is located 0 bytes inside of [ 23.911739] freed 32-byte region [ffff8881029907c0, ffff8881029907e0) [ 23.912892] [ 23.913239] The buggy address belongs to the physical page: [ 23.914111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102990 [ 23.915052] flags: 0x200000000000000(node=0|zone=2) [ 23.915717] page_type: f5(slab) [ 23.916218] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 23.917157] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 23.917998] page dumped because: kasan: bad access detected [ 23.918226] [ 23.918621] Memory state around the buggy address: [ 23.919791] ffff888102990680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.920750] ffff888102990700: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 23.922179] >ffff888102990780: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.923053] ^ [ 23.924024] ffff888102990800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.925767] ffff888102990880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.926253] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 23.649576] ================================================================== [ 23.650901] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 23.652053] Read of size 1 at addr ffff888102992000 by task kunit_try_catch/204 [ 23.653235] [ 23.653585] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.655692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.656345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.657580] Call Trace: [ 23.657931] <TASK> [ 23.658195] dump_stack_lvl+0x73/0xb0 [ 23.659042] print_report+0xd1/0x640 [ 23.659581] ? __virt_addr_valid+0x1db/0x2d0 [ 23.660086] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.661131] kasan_report+0x102/0x140 [ 23.661936] ? ksize_uaf+0x19e/0x6c0 [ 23.662261] ? ksize_uaf+0x19e/0x6c0 [ 23.662751] ? ksize_uaf+0x19e/0x6c0 [ 23.663192] __kasan_check_byte+0x3d/0x50 [ 23.664789] ksize+0x20/0x60 [ 23.665138] ksize_uaf+0x19e/0x6c0 [ 23.665394] ? __pfx_ksize_uaf+0x10/0x10 [ 23.666508] ? __schedule+0xc3e/0x2790 [ 23.666939] ? __pfx_read_tsc+0x10/0x10 [ 23.667345] ? ktime_get_ts64+0x86/0x230 [ 23.667821] kunit_try_run_case+0x1b3/0x490 [ 23.668651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.670008] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.670693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.671218] ? __kthread_parkme+0x82/0x160 [ 23.671701] ? preempt_count_sub+0x50/0x80 [ 23.672666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.673031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.674461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.675316] kthread+0x257/0x310 [ 23.675877] ? __pfx_kthread+0x10/0x10 [ 23.676653] ret_from_fork+0x41/0x80 [ 23.677446] ? __pfx_kthread+0x10/0x10 [ 23.678007] ret_from_fork_asm+0x1a/0x30 [ 23.679048] </TASK> [ 23.679234] [ 23.679860] Allocated by task 204: [ 23.680274] kasan_save_stack+0x3d/0x60 [ 23.681151] kasan_save_track+0x18/0x40 [ 23.681409] kasan_save_alloc_info+0x3b/0x50 [ 23.682232] __kasan_kmalloc+0xb7/0xc0 [ 23.683052] __kmalloc_cache_noprof+0x184/0x410 [ 23.683724] ksize_uaf+0xab/0x6c0 [ 23.684094] kunit_try_run_case+0x1b3/0x490 [ 23.685181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.685734] kthread+0x257/0x310 [ 23.685899] ret_from_fork+0x41/0x80 [ 23.686101] ret_from_fork_asm+0x1a/0x30 [ 23.686313] [ 23.686973] Freed by task 204: [ 23.687209] kasan_save_stack+0x3d/0x60 [ 23.687539] kasan_save_track+0x18/0x40 [ 23.688017] kasan_save_free_info+0x3f/0x60 [ 23.688535] __kasan_slab_free+0x56/0x70 [ 23.689106] kfree+0x123/0x3f0 [ 23.689364] ksize_uaf+0x12d/0x6c0 [ 23.690119] kunit_try_run_case+0x1b3/0x490 [ 23.691549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.692181] kthread+0x257/0x310 [ 23.692856] ret_from_fork+0x41/0x80 [ 23.693624] ret_from_fork_asm+0x1a/0x30 [ 23.694164] [ 23.694597] The buggy address belongs to the object at ffff888102992000 [ 23.694597] which belongs to the cache kmalloc-128 of size 128 [ 23.696518] The buggy address is located 0 bytes inside of [ 23.696518] freed 128-byte region [ffff888102992000, ffff888102992080) [ 23.697432] [ 23.698077] The buggy address belongs to the physical page: [ 23.699153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102992 [ 23.699735] flags: 0x200000000000000(node=0|zone=2) [ 23.700231] page_type: f5(slab) [ 23.700655] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.701777] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.702781] page dumped because: kasan: bad access detected [ 23.703288] [ 23.703818] Memory state around the buggy address: [ 23.704626] ffff888102991f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.705689] ffff888102991f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.705994] >ffff888102992000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.706610] ^ [ 23.706914] ffff888102992080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.708070] ffff888102992100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.708985] ================================================================== [ 23.771503] ================================================================== [ 23.772261] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 23.773018] Read of size 1 at addr ffff888102992078 by task kunit_try_catch/204 [ 23.774093] [ 23.774337] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.776235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.777020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.778598] Call Trace: [ 23.779023] <TASK> [ 23.779235] dump_stack_lvl+0x73/0xb0 [ 23.780182] print_report+0xd1/0x640 [ 23.780641] ? __virt_addr_valid+0x1db/0x2d0 [ 23.781404] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.782424] kasan_report+0x102/0x140 [ 23.782838] ? ksize_uaf+0x5e6/0x6c0 [ 23.783236] ? ksize_uaf+0x5e6/0x6c0 [ 23.784843] __asan_report_load1_noabort+0x18/0x20 [ 23.785550] ksize_uaf+0x5e6/0x6c0 [ 23.785734] ? __pfx_ksize_uaf+0x10/0x10 [ 23.785919] ? __schedule+0xc3e/0x2790 [ 23.786631] ? __pfx_read_tsc+0x10/0x10 [ 23.787957] ? ktime_get_ts64+0x86/0x230 [ 23.788986] kunit_try_run_case+0x1b3/0x490 [ 23.789774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.790318] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.790990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.791225] ? __kthread_parkme+0x82/0x160 [ 23.791477] ? preempt_count_sub+0x50/0x80 [ 23.792508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.793881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.794571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.795107] kthread+0x257/0x310 [ 23.795453] ? __pfx_kthread+0x10/0x10 [ 23.795837] ret_from_fork+0x41/0x80 [ 23.796181] ? __pfx_kthread+0x10/0x10 [ 23.796829] ret_from_fork_asm+0x1a/0x30 [ 23.797487] </TASK> [ 23.797809] [ 23.798018] Allocated by task 204: [ 23.798256] kasan_save_stack+0x3d/0x60 [ 23.799793] kasan_save_track+0x18/0x40 [ 23.800646] kasan_save_alloc_info+0x3b/0x50 [ 23.801946] __kasan_kmalloc+0xb7/0xc0 [ 23.802549] __kmalloc_cache_noprof+0x184/0x410 [ 23.803643] ksize_uaf+0xab/0x6c0 [ 23.804079] kunit_try_run_case+0x1b3/0x490 [ 23.804984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.806029] kthread+0x257/0x310 [ 23.807013] ret_from_fork+0x41/0x80 [ 23.807779] ret_from_fork_asm+0x1a/0x30 [ 23.808277] [ 23.808424] Freed by task 204: [ 23.808665] kasan_save_stack+0x3d/0x60 [ 23.809189] kasan_save_track+0x18/0x40 [ 23.809665] kasan_save_free_info+0x3f/0x60 [ 23.811277] __kasan_slab_free+0x56/0x70 [ 23.811827] kfree+0x123/0x3f0 [ 23.812474] ksize_uaf+0x12d/0x6c0 [ 23.813143] kunit_try_run_case+0x1b3/0x490 [ 23.814016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.814641] kthread+0x257/0x310 [ 23.815406] ret_from_fork+0x41/0x80 [ 23.815779] ret_from_fork_asm+0x1a/0x30 [ 23.816188] [ 23.816394] The buggy address belongs to the object at ffff888102992000 [ 23.816394] which belongs to the cache kmalloc-128 of size 128 [ 23.818064] The buggy address is located 120 bytes inside of [ 23.818064] freed 128-byte region [ffff888102992000, ffff888102992080) [ 23.820809] [ 23.821127] The buggy address belongs to the physical page: [ 23.821957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102992 [ 23.822853] flags: 0x200000000000000(node=0|zone=2) [ 23.823989] page_type: f5(slab) [ 23.824472] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.825466] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.826268] page dumped because: kasan: bad access detected [ 23.826993] [ 23.827224] Memory state around the buggy address: [ 23.827842] ffff888102991f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.828904] ffff888102991f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.829789] >ffff888102992000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.831038] ^ [ 23.832236] ffff888102992080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.833540] ffff888102992100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.834499] ================================================================== [ 23.710351] ================================================================== [ 23.711403] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 23.712463] Read of size 1 at addr ffff888102992000 by task kunit_try_catch/204 [ 23.713370] [ 23.713643] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.714999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.715929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.716912] Call Trace: [ 23.717584] <TASK> [ 23.717935] dump_stack_lvl+0x73/0xb0 [ 23.718703] print_report+0xd1/0x640 [ 23.719499] ? __virt_addr_valid+0x1db/0x2d0 [ 23.719906] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.720859] kasan_report+0x102/0x140 [ 23.721222] ? ksize_uaf+0x600/0x6c0 [ 23.721893] ? ksize_uaf+0x600/0x6c0 [ 23.722595] __asan_report_load1_noabort+0x18/0x20 [ 23.723109] ksize_uaf+0x600/0x6c0 [ 23.723600] ? __pfx_ksize_uaf+0x10/0x10 [ 23.724233] ? __schedule+0xc3e/0x2790 [ 23.725046] ? __pfx_read_tsc+0x10/0x10 [ 23.725326] ? ktime_get_ts64+0x86/0x230 [ 23.726074] kunit_try_run_case+0x1b3/0x490 [ 23.726849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.727402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.728373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.729177] ? __kthread_parkme+0x82/0x160 [ 23.729663] ? preempt_count_sub+0x50/0x80 [ 23.730366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.731296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.732144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.733071] kthread+0x257/0x310 [ 23.733406] ? __pfx_kthread+0x10/0x10 [ 23.734135] ret_from_fork+0x41/0x80 [ 23.734626] ? __pfx_kthread+0x10/0x10 [ 23.735575] ret_from_fork_asm+0x1a/0x30 [ 23.736078] </TASK> [ 23.736409] [ 23.736909] Allocated by task 204: [ 23.737485] kasan_save_stack+0x3d/0x60 [ 23.737994] kasan_save_track+0x18/0x40 [ 23.738494] kasan_save_alloc_info+0x3b/0x50 [ 23.739272] __kasan_kmalloc+0xb7/0xc0 [ 23.740016] __kmalloc_cache_noprof+0x184/0x410 [ 23.740867] ksize_uaf+0xab/0x6c0 [ 23.741196] kunit_try_run_case+0x1b3/0x490 [ 23.741737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.742548] kthread+0x257/0x310 [ 23.742927] ret_from_fork+0x41/0x80 [ 23.743416] ret_from_fork_asm+0x1a/0x30 [ 23.743841] [ 23.744325] Freed by task 204: [ 23.744649] kasan_save_stack+0x3d/0x60 [ 23.745281] kasan_save_track+0x18/0x40 [ 23.746049] kasan_save_free_info+0x3f/0x60 [ 23.746838] __kasan_slab_free+0x56/0x70 [ 23.747605] kfree+0x123/0x3f0 [ 23.748179] ksize_uaf+0x12d/0x6c0 [ 23.748891] kunit_try_run_case+0x1b3/0x490 [ 23.749719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.750265] kthread+0x257/0x310 [ 23.751169] ret_from_fork+0x41/0x80 [ 23.751461] ret_from_fork_asm+0x1a/0x30 [ 23.751956] [ 23.752179] The buggy address belongs to the object at ffff888102992000 [ 23.752179] which belongs to the cache kmalloc-128 of size 128 [ 23.753348] The buggy address is located 0 bytes inside of [ 23.753348] freed 128-byte region [ffff888102992000, ffff888102992080) [ 23.755265] [ 23.755692] The buggy address belongs to the physical page: [ 23.756244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102992 [ 23.758014] flags: 0x200000000000000(node=0|zone=2) [ 23.758525] page_type: f5(slab) [ 23.758836] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.759513] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.760822] page dumped because: kasan: bad access detected [ 23.762061] [ 23.762266] Memory state around the buggy address: [ 23.763053] ffff888102991f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.764221] ffff888102991f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.765144] >ffff888102992000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.766201] ^ [ 23.767136] ffff888102992080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.767915] ffff888102992100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.769244] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 23.549044] ================================================================== [ 23.549579] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 23.550407] Read of size 1 at addr ffff88810298fe78 by task kunit_try_catch/202 [ 23.551381] [ 23.551795] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.553641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.554239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.555565] Call Trace: [ 23.555882] <TASK> [ 23.556306] dump_stack_lvl+0x73/0xb0 [ 23.557365] print_report+0xd1/0x640 [ 23.557764] ? __virt_addr_valid+0x1db/0x2d0 [ 23.558215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.558757] kasan_report+0x102/0x140 [ 23.560501] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 23.560808] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 23.561956] __asan_report_load1_noabort+0x18/0x20 [ 23.563022] ksize_unpoisons_memory+0x7eb/0x9b0 [ 23.563451] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 23.564314] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 23.565074] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 23.566468] kunit_try_run_case+0x1b3/0x490 [ 23.566874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.567402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.567852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.568290] ? __kthread_parkme+0x82/0x160 [ 23.568717] ? preempt_count_sub+0x50/0x80 [ 23.569975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.570870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.572004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.572772] kthread+0x257/0x310 [ 23.573148] ? __pfx_kthread+0x10/0x10 [ 23.574113] ret_from_fork+0x41/0x80 [ 23.574636] ? __pfx_kthread+0x10/0x10 [ 23.575300] ret_from_fork_asm+0x1a/0x30 [ 23.575790] </TASK> [ 23.576116] [ 23.576339] Allocated by task 202: [ 23.576671] kasan_save_stack+0x3d/0x60 [ 23.577097] kasan_save_track+0x18/0x40 [ 23.577438] kasan_save_alloc_info+0x3b/0x50 [ 23.577743] __kasan_kmalloc+0xb7/0xc0 [ 23.578557] __kmalloc_cache_noprof+0x184/0x410 [ 23.579142] ksize_unpoisons_memory+0xc8/0x9b0 [ 23.580155] kunit_try_run_case+0x1b3/0x490 [ 23.580773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.581455] kthread+0x257/0x310 [ 23.581866] ret_from_fork+0x41/0x80 [ 23.582186] ret_from_fork_asm+0x1a/0x30 [ 23.583071] [ 23.583526] The buggy address belongs to the object at ffff88810298fe00 [ 23.583526] which belongs to the cache kmalloc-128 of size 128 [ 23.584651] The buggy address is located 5 bytes to the right of [ 23.584651] allocated 115-byte region [ffff88810298fe00, ffff88810298fe73) [ 23.585970] [ 23.586177] The buggy address belongs to the physical page: [ 23.587133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 23.587888] flags: 0x200000000000000(node=0|zone=2) [ 23.588615] page_type: f5(slab) [ 23.588881] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.589719] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.590768] page dumped because: kasan: bad access detected [ 23.591258] [ 23.591487] Memory state around the buggy address: [ 23.591881] ffff88810298fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.592553] ffff88810298fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.593203] >ffff88810298fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.593971] ^ [ 23.594747] ffff88810298fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.595343] ffff88810298ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.596721] ================================================================== [ 23.597701] ================================================================== [ 23.598136] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 23.598927] Read of size 1 at addr ffff88810298fe7f by task kunit_try_catch/202 [ 23.600351] [ 23.600618] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.601537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.601895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.603540] Call Trace: [ 23.603941] <TASK> [ 23.604496] dump_stack_lvl+0x73/0xb0 [ 23.605191] print_report+0xd1/0x640 [ 23.605541] ? __virt_addr_valid+0x1db/0x2d0 [ 23.606080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.606617] kasan_report+0x102/0x140 [ 23.607749] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 23.608202] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 23.608861] __asan_report_load1_noabort+0x18/0x20 [ 23.609501] ksize_unpoisons_memory+0x7b8/0x9b0 [ 23.609997] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 23.610425] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 23.611209] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 23.611863] kunit_try_run_case+0x1b3/0x490 [ 23.612222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.612876] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.613670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.614706] ? __kthread_parkme+0x82/0x160 [ 23.615199] ? preempt_count_sub+0x50/0x80 [ 23.615594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.615994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.616568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.617441] kthread+0x257/0x310 [ 23.617991] ? __pfx_kthread+0x10/0x10 [ 23.619026] ret_from_fork+0x41/0x80 [ 23.619653] ? __pfx_kthread+0x10/0x10 [ 23.619997] ret_from_fork_asm+0x1a/0x30 [ 23.620754] </TASK> [ 23.621108] [ 23.621266] Allocated by task 202: [ 23.621916] kasan_save_stack+0x3d/0x60 [ 23.622422] kasan_save_track+0x18/0x40 [ 23.623171] kasan_save_alloc_info+0x3b/0x50 [ 23.623781] __kasan_kmalloc+0xb7/0xc0 [ 23.624291] __kmalloc_cache_noprof+0x184/0x410 [ 23.624785] ksize_unpoisons_memory+0xc8/0x9b0 [ 23.625311] kunit_try_run_case+0x1b3/0x490 [ 23.625777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.626448] kthread+0x257/0x310 [ 23.626898] ret_from_fork+0x41/0x80 [ 23.627720] ret_from_fork_asm+0x1a/0x30 [ 23.628044] [ 23.628463] The buggy address belongs to the object at ffff88810298fe00 [ 23.628463] which belongs to the cache kmalloc-128 of size 128 [ 23.629734] The buggy address is located 12 bytes to the right of [ 23.629734] allocated 115-byte region [ffff88810298fe00, ffff88810298fe73) [ 23.630495] [ 23.630739] The buggy address belongs to the physical page: [ 23.631506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 23.632099] flags: 0x200000000000000(node=0|zone=2) [ 23.632420] page_type: f5(slab) [ 23.632832] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.634332] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.634906] page dumped because: kasan: bad access detected [ 23.636163] [ 23.637155] Memory state around the buggy address: [ 23.637597] ffff88810298fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.638868] ffff88810298fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.639767] >ffff88810298fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.640188] ^ [ 23.641204] ffff88810298fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.641938] ffff88810298ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.643108] ================================================================== [ 23.494972] ================================================================== [ 23.496268] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 23.497580] Read of size 1 at addr ffff88810298fe73 by task kunit_try_catch/202 [ 23.497920] [ 23.498134] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.499731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.500205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.501892] Call Trace: [ 23.502445] <TASK> [ 23.503255] dump_stack_lvl+0x73/0xb0 [ 23.504127] print_report+0xd1/0x640 [ 23.505118] ? __virt_addr_valid+0x1db/0x2d0 [ 23.505889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.506786] kasan_report+0x102/0x140 [ 23.507109] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 23.507663] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 23.508432] __asan_report_load1_noabort+0x18/0x20 [ 23.508921] ksize_unpoisons_memory+0x81e/0x9b0 [ 23.509392] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 23.510462] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 23.511055] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 23.511975] kunit_try_run_case+0x1b3/0x490 [ 23.512641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.513211] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.514059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.515002] ? __kthread_parkme+0x82/0x160 [ 23.516002] ? preempt_count_sub+0x50/0x80 [ 23.516550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.517087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.518161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.519309] kthread+0x257/0x310 [ 23.519808] ? __pfx_kthread+0x10/0x10 [ 23.520250] ret_from_fork+0x41/0x80 [ 23.521057] ? __pfx_kthread+0x10/0x10 [ 23.521582] ret_from_fork_asm+0x1a/0x30 [ 23.522283] </TASK> [ 23.522757] [ 23.522972] Allocated by task 202: [ 23.523312] kasan_save_stack+0x3d/0x60 [ 23.524370] kasan_save_track+0x18/0x40 [ 23.524819] kasan_save_alloc_info+0x3b/0x50 [ 23.525236] __kasan_kmalloc+0xb7/0xc0 [ 23.525627] __kmalloc_cache_noprof+0x184/0x410 [ 23.526089] ksize_unpoisons_memory+0xc8/0x9b0 [ 23.527228] kunit_try_run_case+0x1b3/0x490 [ 23.527826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.528632] kthread+0x257/0x310 [ 23.529173] ret_from_fork+0x41/0x80 [ 23.529862] ret_from_fork_asm+0x1a/0x30 [ 23.530211] [ 23.530518] The buggy address belongs to the object at ffff88810298fe00 [ 23.530518] which belongs to the cache kmalloc-128 of size 128 [ 23.532095] The buggy address is located 0 bytes to the right of [ 23.532095] allocated 115-byte region [ffff88810298fe00, ffff88810298fe73) [ 23.533832] [ 23.534098] The buggy address belongs to the physical page: [ 23.535084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 23.536124] flags: 0x200000000000000(node=0|zone=2) [ 23.536888] page_type: f5(slab) [ 23.537168] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.538537] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.539148] page dumped because: kasan: bad access detected [ 23.539740] [ 23.540436] Memory state around the buggy address: [ 23.540820] ffff88810298fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.541564] ffff88810298fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.542787] >ffff88810298fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.543534] ^ [ 23.544387] ffff88810298fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.544993] ffff88810298ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.545584] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 23.431604] ================================================================== [ 23.432108] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 23.433233] Free of addr ffff888101adf0e0 by task kunit_try_catch/200 [ 23.435518] [ 23.435795] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.436754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.437164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.438222] Call Trace: [ 23.438823] <TASK> [ 23.439052] dump_stack_lvl+0x73/0xb0 [ 23.439615] print_report+0xd1/0x640 [ 23.440031] ? __virt_addr_valid+0x1db/0x2d0 [ 23.440540] ? kfree_sensitive+0x2e/0x90 [ 23.441057] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.441734] ? kfree_sensitive+0x2e/0x90 [ 23.442146] kasan_report_invalid_free+0xc0/0xf0 [ 23.442999] ? kfree_sensitive+0x2e/0x90 [ 23.443626] ? kfree_sensitive+0x2e/0x90 [ 23.443991] check_slab_allocation+0x101/0x130 [ 23.444557] __kasan_slab_pre_free+0x28/0x40 [ 23.445081] kfree+0xf1/0x3f0 [ 23.445635] ? kfree_sensitive+0x2e/0x90 [ 23.446108] kfree_sensitive+0x2e/0x90 [ 23.446869] kmalloc_double_kzfree+0x19d/0x360 [ 23.447330] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 23.447729] ? __schedule+0xc3e/0x2790 [ 23.448190] ? __pfx_read_tsc+0x10/0x10 [ 23.448582] ? ktime_get_ts64+0x86/0x230 [ 23.448912] kunit_try_run_case+0x1b3/0x490 [ 23.449818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.450654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.451011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.451740] ? __kthread_parkme+0x82/0x160 [ 23.452230] ? preempt_count_sub+0x50/0x80 [ 23.452787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.453493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.454095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.454978] kthread+0x257/0x310 [ 23.455399] ? __pfx_kthread+0x10/0x10 [ 23.455840] ret_from_fork+0x41/0x80 [ 23.456220] ? __pfx_kthread+0x10/0x10 [ 23.456802] ret_from_fork_asm+0x1a/0x30 [ 23.457216] </TASK> [ 23.457639] [ 23.457876] Allocated by task 200: [ 23.458202] kasan_save_stack+0x3d/0x60 [ 23.459013] kasan_save_track+0x18/0x40 [ 23.459579] kasan_save_alloc_info+0x3b/0x50 [ 23.459963] __kasan_kmalloc+0xb7/0xc0 [ 23.460419] __kmalloc_cache_noprof+0x184/0x410 [ 23.461082] kmalloc_double_kzfree+0xaa/0x360 [ 23.461700] kunit_try_run_case+0x1b3/0x490 [ 23.462115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.462991] kthread+0x257/0x310 [ 23.463460] ret_from_fork+0x41/0x80 [ 23.463760] ret_from_fork_asm+0x1a/0x30 [ 23.464208] [ 23.464607] Freed by task 200: [ 23.465001] kasan_save_stack+0x3d/0x60 [ 23.466292] kasan_save_track+0x18/0x40 [ 23.467009] kasan_save_free_info+0x3f/0x60 [ 23.467668] __kasan_slab_free+0x56/0x70 [ 23.468148] kfree+0x123/0x3f0 [ 23.468392] kfree_sensitive+0x67/0x90 [ 23.469167] kmalloc_double_kzfree+0x12c/0x360 [ 23.470035] kunit_try_run_case+0x1b3/0x490 [ 23.470647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.471474] kthread+0x257/0x310 [ 23.471893] ret_from_fork+0x41/0x80 [ 23.472460] ret_from_fork_asm+0x1a/0x30 [ 23.472872] [ 23.473142] The buggy address belongs to the object at ffff888101adf0e0 [ 23.473142] which belongs to the cache kmalloc-16 of size 16 [ 23.474297] The buggy address is located 0 bytes inside of [ 23.474297] 16-byte region [ffff888101adf0e0, ffff888101adf0f0) [ 23.475990] [ 23.476208] The buggy address belongs to the physical page: [ 23.476724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 23.478143] flags: 0x200000000000000(node=0|zone=2) [ 23.478871] page_type: f5(slab) [ 23.479204] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.480367] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.481423] page dumped because: kasan: bad access detected [ 23.482322] [ 23.482507] Memory state around the buggy address: [ 23.482979] ffff888101adef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.484059] ffff888101adf000: fa fb fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 23.484771] >ffff888101adf080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.485383] ^ [ 23.485916] ffff888101adf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.486877] ffff888101adf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.487598] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 23.377089] ================================================================== [ 23.378600] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 23.380216] Read of size 1 at addr ffff888101adf0e0 by task kunit_try_catch/200 [ 23.380996] [ 23.381287] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.382574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.383000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.384856] Call Trace: [ 23.385259] <TASK> [ 23.385555] dump_stack_lvl+0x73/0xb0 [ 23.386544] print_report+0xd1/0x640 [ 23.386845] ? __virt_addr_valid+0x1db/0x2d0 [ 23.387979] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.388958] kasan_report+0x102/0x140 [ 23.389400] ? kmalloc_double_kzfree+0x19d/0x360 [ 23.389942] ? kmalloc_double_kzfree+0x19d/0x360 [ 23.391152] ? kmalloc_double_kzfree+0x19d/0x360 [ 23.391967] __kasan_check_byte+0x3d/0x50 [ 23.392605] kfree_sensitive+0x22/0x90 [ 23.393001] kmalloc_double_kzfree+0x19d/0x360 [ 23.393400] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 23.393841] ? __schedule+0xc3e/0x2790 [ 23.394829] ? __pfx_read_tsc+0x10/0x10 [ 23.395287] ? ktime_get_ts64+0x86/0x230 [ 23.396254] kunit_try_run_case+0x1b3/0x490 [ 23.397026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.397874] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.398477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.399272] ? __kthread_parkme+0x82/0x160 [ 23.399993] ? preempt_count_sub+0x50/0x80 [ 23.401021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.401446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.402085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.403219] kthread+0x257/0x310 [ 23.403756] ? __pfx_kthread+0x10/0x10 [ 23.404031] ret_from_fork+0x41/0x80 [ 23.404348] ? __pfx_kthread+0x10/0x10 [ 23.404751] ret_from_fork_asm+0x1a/0x30 [ 23.405255] </TASK> [ 23.405467] [ 23.405622] Allocated by task 200: [ 23.406074] kasan_save_stack+0x3d/0x60 [ 23.406566] kasan_save_track+0x18/0x40 [ 23.407020] kasan_save_alloc_info+0x3b/0x50 [ 23.407593] __kasan_kmalloc+0xb7/0xc0 [ 23.408019] __kmalloc_cache_noprof+0x184/0x410 [ 23.408546] kmalloc_double_kzfree+0xaa/0x360 [ 23.408843] kunit_try_run_case+0x1b3/0x490 [ 23.409378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.410065] kthread+0x257/0x310 [ 23.410567] ret_from_fork+0x41/0x80 [ 23.410885] ret_from_fork_asm+0x1a/0x30 [ 23.411576] [ 23.411724] Freed by task 200: [ 23.412116] kasan_save_stack+0x3d/0x60 [ 23.412486] kasan_save_track+0x18/0x40 [ 23.412843] kasan_save_free_info+0x3f/0x60 [ 23.413174] __kasan_slab_free+0x56/0x70 [ 23.413645] kfree+0x123/0x3f0 [ 23.414111] kfree_sensitive+0x67/0x90 [ 23.414598] kmalloc_double_kzfree+0x12c/0x360 [ 23.415036] kunit_try_run_case+0x1b3/0x490 [ 23.415410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.416332] kthread+0x257/0x310 [ 23.416713] ret_from_fork+0x41/0x80 [ 23.417306] ret_from_fork_asm+0x1a/0x30 [ 23.417588] [ 23.417743] The buggy address belongs to the object at ffff888101adf0e0 [ 23.417743] which belongs to the cache kmalloc-16 of size 16 [ 23.418780] The buggy address is located 0 bytes inside of [ 23.418780] freed 16-byte region [ffff888101adf0e0, ffff888101adf0f0) [ 23.419966] [ 23.420128] The buggy address belongs to the physical page: [ 23.420753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 23.421702] flags: 0x200000000000000(node=0|zone=2) [ 23.422228] page_type: f5(slab) [ 23.422620] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.423319] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.423854] page dumped because: kasan: bad access detected [ 23.424191] [ 23.424437] Memory state around the buggy address: [ 23.425063] ffff888101adef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.425758] ffff888101adf000: fa fb fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 23.426393] >ffff888101adf080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.427148] ^ [ 23.427574] ffff888101adf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.428420] ffff888101adf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.429218] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 23.258142] ================================================================== [ 23.259474] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 23.260481] Write of size 33 at addr ffff88810298a800 by task kunit_try_catch/194 [ 23.261041] [ 23.261322] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.262160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.262762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.263901] Call Trace: [ 23.264414] <TASK> [ 23.264725] dump_stack_lvl+0x73/0xb0 [ 23.265166] print_report+0xd1/0x640 [ 23.265731] ? __virt_addr_valid+0x1db/0x2d0 [ 23.266110] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.267109] kasan_report+0x102/0x140 [ 23.267664] ? kmalloc_uaf_memset+0x1a4/0x360 [ 23.268070] ? kmalloc_uaf_memset+0x1a4/0x360 [ 23.268747] kasan_check_range+0x10c/0x1c0 [ 23.269195] __asan_memset+0x27/0x50 [ 23.269701] kmalloc_uaf_memset+0x1a4/0x360 [ 23.270163] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 23.271037] ? __schedule+0xc3e/0x2790 [ 23.271627] ? __pfx_read_tsc+0x10/0x10 [ 23.272145] ? ktime_get_ts64+0x86/0x230 [ 23.272689] kunit_try_run_case+0x1b3/0x490 [ 23.273095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.273790] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.274190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.275210] ? __kthread_parkme+0x82/0x160 [ 23.275830] ? preempt_count_sub+0x50/0x80 [ 23.276307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.276813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.277574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.278065] kthread+0x257/0x310 [ 23.278978] ? __pfx_kthread+0x10/0x10 [ 23.279599] ret_from_fork+0x41/0x80 [ 23.280070] ? __pfx_kthread+0x10/0x10 [ 23.280648] ret_from_fork_asm+0x1a/0x30 [ 23.281086] </TASK> [ 23.281597] [ 23.281824] Allocated by task 194: [ 23.282136] kasan_save_stack+0x3d/0x60 [ 23.283488] kasan_save_track+0x18/0x40 [ 23.283866] kasan_save_alloc_info+0x3b/0x50 [ 23.284329] __kasan_kmalloc+0xb7/0xc0 [ 23.284851] __kmalloc_cache_noprof+0x184/0x410 [ 23.285456] kmalloc_uaf_memset+0xaa/0x360 [ 23.285802] kunit_try_run_case+0x1b3/0x490 [ 23.286242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.286765] kthread+0x257/0x310 [ 23.287879] ret_from_fork+0x41/0x80 [ 23.288591] ret_from_fork_asm+0x1a/0x30 [ 23.289009] [ 23.289211] Freed by task 194: [ 23.289477] kasan_save_stack+0x3d/0x60 [ 23.289894] kasan_save_track+0x18/0x40 [ 23.291197] kasan_save_free_info+0x3f/0x60 [ 23.291796] __kasan_slab_free+0x56/0x70 [ 23.292111] kfree+0x123/0x3f0 [ 23.292730] kmalloc_uaf_memset+0x12c/0x360 [ 23.293122] kunit_try_run_case+0x1b3/0x490 [ 23.293766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.294950] kthread+0x257/0x310 [ 23.295466] ret_from_fork+0x41/0x80 [ 23.295855] ret_from_fork_asm+0x1a/0x30 [ 23.297179] [ 23.297690] The buggy address belongs to the object at ffff88810298a800 [ 23.297690] which belongs to the cache kmalloc-64 of size 64 [ 23.299168] The buggy address is located 0 bytes inside of [ 23.299168] freed 64-byte region [ffff88810298a800, ffff88810298a840) [ 23.300180] [ 23.300392] The buggy address belongs to the physical page: [ 23.300996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 23.302975] flags: 0x200000000000000(node=0|zone=2) [ 23.303561] page_type: f5(slab) [ 23.303816] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.304550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.305079] page dumped because: kasan: bad access detected [ 23.305736] [ 23.306272] Memory state around the buggy address: [ 23.307136] ffff88810298a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.307570] ffff88810298a780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.308776] >ffff88810298a800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.309642] ^ [ 23.310003] ffff88810298a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.311254] ffff88810298a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.312315] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 23.135739] ================================================================== [ 23.137318] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 23.138573] Read of size 64 at addr ffff888101aec004 by task kunit_try_catch/190 [ 23.139918] [ 23.140448] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.141246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.142090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.142943] Call Trace: [ 23.143526] <TASK> [ 23.143978] dump_stack_lvl+0x73/0xb0 [ 23.144651] print_report+0xd1/0x640 [ 23.145242] ? __virt_addr_valid+0x1db/0x2d0 [ 23.146105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.146941] kasan_report+0x102/0x140 [ 23.147265] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 23.148229] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 23.148862] kasan_check_range+0x10c/0x1c0 [ 23.149321] __asan_memmove+0x27/0x70 [ 23.149941] kmalloc_memmove_invalid_size+0x170/0x330 [ 23.150835] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 23.151354] ? __schedule+0xc3e/0x2790 [ 23.152074] ? __pfx_read_tsc+0x10/0x10 [ 23.152477] ? ktime_get_ts64+0x86/0x230 [ 23.152866] kunit_try_run_case+0x1b3/0x490 [ 23.153311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.154236] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.154663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.155845] ? __kthread_parkme+0x82/0x160 [ 23.156260] ? preempt_count_sub+0x50/0x80 [ 23.156960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.158022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.158761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.159213] kthread+0x257/0x310 [ 23.159592] ? __pfx_kthread+0x10/0x10 [ 23.160542] ret_from_fork+0x41/0x80 [ 23.161113] ? __pfx_kthread+0x10/0x10 [ 23.161700] ret_from_fork_asm+0x1a/0x30 [ 23.162086] </TASK> [ 23.162313] [ 23.162965] Allocated by task 190: [ 23.163250] kasan_save_stack+0x3d/0x60 [ 23.164068] kasan_save_track+0x18/0x40 [ 23.164353] kasan_save_alloc_info+0x3b/0x50 [ 23.165318] __kasan_kmalloc+0xb7/0xc0 [ 23.166092] __kmalloc_cache_noprof+0x184/0x410 [ 23.166776] kmalloc_memmove_invalid_size+0xad/0x330 [ 23.167087] kunit_try_run_case+0x1b3/0x490 [ 23.167988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.168798] kthread+0x257/0x310 [ 23.169168] ret_from_fork+0x41/0x80 [ 23.169719] ret_from_fork_asm+0x1a/0x30 [ 23.170329] [ 23.170877] The buggy address belongs to the object at ffff888101aec000 [ 23.170877] which belongs to the cache kmalloc-64 of size 64 [ 23.172140] The buggy address is located 4 bytes inside of [ 23.172140] allocated 64-byte region [ffff888101aec000, ffff888101aec040) [ 23.173681] [ 23.174223] The buggy address belongs to the physical page: [ 23.175792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aec [ 23.176441] flags: 0x200000000000000(node=0|zone=2) [ 23.177014] page_type: f5(slab) [ 23.177957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.178585] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.179320] page dumped because: kasan: bad access detected [ 23.180041] [ 23.180140] Memory state around the buggy address: [ 23.180362] ffff888101aebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.181638] ffff888101aebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.182408] >ffff888101aec000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 23.183076] ^ [ 23.183585] ffff888101aec080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.184896] ffff888101aec100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.185571] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 23.079135] ================================================================== [ 23.080282] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 23.081984] Read of size 18446744073709551614 at addr ffff888101ae6e84 by task kunit_try_catch/188 [ 23.083313] [ 23.084267] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.085655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.086065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.086801] Call Trace: [ 23.087102] <TASK> [ 23.087348] dump_stack_lvl+0x73/0xb0 [ 23.088013] print_report+0xd1/0x640 [ 23.088516] ? __virt_addr_valid+0x1db/0x2d0 [ 23.089312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.090481] kasan_report+0x102/0x140 [ 23.091103] ? kmalloc_memmove_negative_size+0x172/0x330 [ 23.092130] ? kmalloc_memmove_negative_size+0x172/0x330 [ 23.093254] kasan_check_range+0x10c/0x1c0 [ 23.094090] __asan_memmove+0x27/0x70 [ 23.094679] kmalloc_memmove_negative_size+0x172/0x330 [ 23.095493] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 23.096045] ? __schedule+0xc3e/0x2790 [ 23.096671] ? __pfx_read_tsc+0x10/0x10 [ 23.097102] ? ktime_get_ts64+0x86/0x230 [ 23.097773] kunit_try_run_case+0x1b3/0x490 [ 23.098217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.098659] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.099121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.099555] ? __kthread_parkme+0x82/0x160 [ 23.100406] ? preempt_count_sub+0x50/0x80 [ 23.100830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.101617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.102067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.102943] kthread+0x257/0x310 [ 23.103493] ? __pfx_kthread+0x10/0x10 [ 23.103999] ret_from_fork+0x41/0x80 [ 23.104593] ? __pfx_kthread+0x10/0x10 [ 23.105064] ret_from_fork_asm+0x1a/0x30 [ 23.105861] </TASK> [ 23.106227] [ 23.106589] Allocated by task 188: [ 23.106948] kasan_save_stack+0x3d/0x60 [ 23.107694] kasan_save_track+0x18/0x40 [ 23.108622] kasan_save_alloc_info+0x3b/0x50 [ 23.109240] __kasan_kmalloc+0xb7/0xc0 [ 23.109765] __kmalloc_cache_noprof+0x184/0x410 [ 23.110786] kmalloc_memmove_negative_size+0xad/0x330 [ 23.111478] kunit_try_run_case+0x1b3/0x490 [ 23.111989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.112635] kthread+0x257/0x310 [ 23.113179] ret_from_fork+0x41/0x80 [ 23.113932] ret_from_fork_asm+0x1a/0x30 [ 23.114574] [ 23.114891] The buggy address belongs to the object at ffff888101ae6e80 [ 23.114891] which belongs to the cache kmalloc-64 of size 64 [ 23.116456] The buggy address is located 4 bytes inside of [ 23.116456] 64-byte region [ffff888101ae6e80, ffff888101ae6ec0) [ 23.117747] [ 23.117939] The buggy address belongs to the physical page: [ 23.118717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ae6 [ 23.119698] flags: 0x200000000000000(node=0|zone=2) [ 23.120220] page_type: f5(slab) [ 23.120780] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.121736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.122503] page dumped because: kasan: bad access detected [ 23.123026] [ 23.123178] Memory state around the buggy address: [ 23.123823] ffff888101ae6d80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 23.124389] ffff888101ae6e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.125334] >ffff888101ae6e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 23.126095] ^ [ 23.127409] ffff888101ae6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.127918] ffff888101ae6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.129097] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 22.914991] ================================================================== [ 22.915930] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 22.916946] Write of size 4 at addr ffff88810298f075 by task kunit_try_catch/182 [ 22.917685] [ 22.917992] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.918906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.919529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.921457] Call Trace: [ 22.921854] <TASK> [ 22.922159] dump_stack_lvl+0x73/0xb0 [ 22.922793] print_report+0xd1/0x640 [ 22.923524] ? __virt_addr_valid+0x1db/0x2d0 [ 22.923913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.924738] kasan_report+0x102/0x140 [ 22.925206] ? kmalloc_oob_memset_4+0x167/0x330 [ 22.925807] ? kmalloc_oob_memset_4+0x167/0x330 [ 22.926945] kasan_check_range+0x10c/0x1c0 [ 22.927630] __asan_memset+0x27/0x50 [ 22.928558] kmalloc_oob_memset_4+0x167/0x330 [ 22.929072] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 22.929616] ? irqentry_exit+0x2a/0x60 [ 22.930014] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 22.930620] ? __pfx_read_tsc+0x10/0x10 [ 22.930944] ? ktime_get_ts64+0x86/0x230 [ 22.931706] kunit_try_run_case+0x1b3/0x490 [ 22.932969] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.933372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.934635] ? __kthread_parkme+0x82/0x160 [ 22.935185] ? preempt_count_sub+0x50/0x80 [ 22.936097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.936978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.937687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.939508] kthread+0x257/0x310 [ 22.939855] ? __pfx_kthread+0x10/0x10 [ 22.940325] ret_from_fork+0x41/0x80 [ 22.941066] ? __pfx_kthread+0x10/0x10 [ 22.941863] ret_from_fork_asm+0x1a/0x30 [ 22.942555] </TASK> [ 22.942976] [ 22.943113] Allocated by task 182: [ 22.943827] kasan_save_stack+0x3d/0x60 [ 22.944940] kasan_save_track+0x18/0x40 [ 22.945991] kasan_save_alloc_info+0x3b/0x50 [ 22.946297] __kasan_kmalloc+0xb7/0xc0 [ 22.946954] __kmalloc_cache_noprof+0x184/0x410 [ 22.948155] kmalloc_oob_memset_4+0xad/0x330 [ 22.949132] kunit_try_run_case+0x1b3/0x490 [ 22.950257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.951257] kthread+0x257/0x310 [ 22.951917] ret_from_fork+0x41/0x80 [ 22.952711] ret_from_fork_asm+0x1a/0x30 [ 22.953940] [ 22.954239] The buggy address belongs to the object at ffff88810298f000 [ 22.954239] which belongs to the cache kmalloc-128 of size 128 [ 22.955429] The buggy address is located 117 bytes inside of [ 22.955429] allocated 120-byte region [ffff88810298f000, ffff88810298f078) [ 22.956255] [ 22.956511] The buggy address belongs to the physical page: [ 22.957103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 22.957941] flags: 0x200000000000000(node=0|zone=2) [ 22.958454] page_type: f5(slab) [ 22.959056] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.959459] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.960434] page dumped because: kasan: bad access detected [ 22.960843] [ 22.961190] Memory state around the buggy address: [ 22.961671] ffff88810298ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.962409] ffff88810298ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.963295] >ffff88810298f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.964230] ^ [ 22.965061] ffff88810298f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965902] ffff88810298f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.966615] ================================================================== [ 22.973544] ================================================================== [ 22.974364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 22.975287] Write of size 8 at addr ffff88810298f271 by task kunit_try_catch/184 [ 22.976380] [ 22.976909] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.979067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.979840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.980958] Call Trace: [ 22.981696] <TASK> [ 22.982077] dump_stack_lvl+0x73/0xb0 [ 22.982656] print_report+0xd1/0x640 [ 22.983294] ? __virt_addr_valid+0x1db/0x2d0 [ 22.983750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.984657] kasan_report+0x102/0x140 [ 22.985156] ? kmalloc_oob_memset_8+0x167/0x330 [ 22.985570] ? kmalloc_oob_memset_8+0x167/0x330 [ 22.986019] kasan_check_range+0x10c/0x1c0 [ 22.986413] __asan_memset+0x27/0x50 [ 22.986842] kmalloc_oob_memset_8+0x167/0x330 [ 22.987574] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 22.987923] ? __schedule+0xc3e/0x2790 [ 22.988338] ? __pfx_read_tsc+0x10/0x10 [ 22.988944] ? ktime_get_ts64+0x86/0x230 [ 22.989767] kunit_try_run_case+0x1b3/0x490 [ 22.990317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.990794] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.991469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.992850] ? __kthread_parkme+0x82/0x160 [ 22.993532] ? preempt_count_sub+0x50/0x80 [ 22.993942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.994590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.995170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.995950] kthread+0x257/0x310 [ 22.996234] ? __pfx_kthread+0x10/0x10 [ 22.996920] ret_from_fork+0x41/0x80 [ 22.997616] ? __pfx_kthread+0x10/0x10 [ 22.998004] ret_from_fork_asm+0x1a/0x30 [ 22.998689] </TASK> [ 22.998979] [ 22.999477] Allocated by task 184: [ 23.000368] kasan_save_stack+0x3d/0x60 [ 23.000978] kasan_save_track+0x18/0x40 [ 23.001491] kasan_save_alloc_info+0x3b/0x50 [ 23.001968] __kasan_kmalloc+0xb7/0xc0 [ 23.002470] __kmalloc_cache_noprof+0x184/0x410 [ 23.003018] kmalloc_oob_memset_8+0xad/0x330 [ 23.003829] kunit_try_run_case+0x1b3/0x490 [ 23.004176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.005041] kthread+0x257/0x310 [ 23.005794] ret_from_fork+0x41/0x80 [ 23.006483] ret_from_fork_asm+0x1a/0x30 [ 23.006817] [ 23.007124] The buggy address belongs to the object at ffff88810298f200 [ 23.007124] which belongs to the cache kmalloc-128 of size 128 [ 23.008291] The buggy address is located 113 bytes inside of [ 23.008291] allocated 120-byte region [ffff88810298f200, ffff88810298f278) [ 23.009529] [ 23.010502] The buggy address belongs to the physical page: [ 23.011434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 23.012187] flags: 0x200000000000000(node=0|zone=2) [ 23.013125] page_type: f5(slab) [ 23.013746] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.014650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.015072] page dumped because: kasan: bad access detected [ 23.015475] [ 23.015842] Memory state around the buggy address: [ 23.016203] ffff88810298f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.017146] ffff88810298f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.018560] >ffff88810298f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.019208] ^ [ 23.020158] ffff88810298f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.021155] ffff88810298f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.022806] ================================================================== [ 22.863269] ================================================================== [ 22.864939] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 22.865540] Write of size 2 at addr ffff88810298be77 by task kunit_try_catch/180 [ 22.866180] [ 22.866437] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.867523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.868018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.869604] Call Trace: [ 22.869968] <TASK> [ 22.870199] dump_stack_lvl+0x73/0xb0 [ 22.870791] print_report+0xd1/0x640 [ 22.871404] ? __virt_addr_valid+0x1db/0x2d0 [ 22.871857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.872495] kasan_report+0x102/0x140 [ 22.872978] ? kmalloc_oob_memset_2+0x167/0x330 [ 22.874009] ? kmalloc_oob_memset_2+0x167/0x330 [ 22.874422] kasan_check_range+0x10c/0x1c0 [ 22.874810] __asan_memset+0x27/0x50 [ 22.875224] kmalloc_oob_memset_2+0x167/0x330 [ 22.875602] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 22.876639] ? __schedule+0xc3e/0x2790 [ 22.877455] ? __pfx_read_tsc+0x10/0x10 [ 22.878047] ? ktime_get_ts64+0x86/0x230 [ 22.878556] kunit_try_run_case+0x1b3/0x490 [ 22.879015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.880067] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.880661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.881198] ? __kthread_parkme+0x82/0x160 [ 22.881758] ? preempt_count_sub+0x50/0x80 [ 22.882127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.882724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.883211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.883967] kthread+0x257/0x310 [ 22.884812] ? __pfx_kthread+0x10/0x10 [ 22.885519] ret_from_fork+0x41/0x80 [ 22.885900] ? __pfx_kthread+0x10/0x10 [ 22.886283] ret_from_fork_asm+0x1a/0x30 [ 22.886794] </TASK> [ 22.887390] [ 22.887573] Allocated by task 180: [ 22.887912] kasan_save_stack+0x3d/0x60 [ 22.888386] kasan_save_track+0x18/0x40 [ 22.888706] kasan_save_alloc_info+0x3b/0x50 [ 22.889230] __kasan_kmalloc+0xb7/0xc0 [ 22.889759] __kmalloc_cache_noprof+0x184/0x410 [ 22.890141] kmalloc_oob_memset_2+0xad/0x330 [ 22.890605] kunit_try_run_case+0x1b3/0x490 [ 22.892403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.892790] kthread+0x257/0x310 [ 22.893422] ret_from_fork+0x41/0x80 [ 22.893818] ret_from_fork_asm+0x1a/0x30 [ 22.894148] [ 22.894393] The buggy address belongs to the object at ffff88810298be00 [ 22.894393] which belongs to the cache kmalloc-128 of size 128 [ 22.895532] The buggy address is located 119 bytes inside of [ 22.895532] allocated 120-byte region [ffff88810298be00, ffff88810298be78) [ 22.897027] [ 22.897674] The buggy address belongs to the physical page: [ 22.898240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298b [ 22.899693] flags: 0x200000000000000(node=0|zone=2) [ 22.900113] page_type: f5(slab) [ 22.900547] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.901750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.902459] page dumped because: kasan: bad access detected [ 22.902994] [ 22.903183] Memory state around the buggy address: [ 22.903655] ffff88810298bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.905187] ffff88810298bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.905684] >ffff88810298be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.905985] ^ [ 22.906281] ffff88810298be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.907406] ffff88810298bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.908785] ================================================================== [ 23.028845] ================================================================== [ 23.029807] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 23.030579] Write of size 16 at addr ffff88810298f469 by task kunit_try_catch/186 [ 23.031432] [ 23.031637] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.033293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.034026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.035322] Call Trace: [ 23.036002] <TASK> [ 23.036514] dump_stack_lvl+0x73/0xb0 [ 23.036961] print_report+0xd1/0x640 [ 23.037382] ? __virt_addr_valid+0x1db/0x2d0 [ 23.038012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.038551] kasan_report+0x102/0x140 [ 23.038988] ? kmalloc_oob_memset_16+0x167/0x330 [ 23.039533] ? kmalloc_oob_memset_16+0x167/0x330 [ 23.040080] kasan_check_range+0x10c/0x1c0 [ 23.040503] __asan_memset+0x27/0x50 [ 23.040987] kmalloc_oob_memset_16+0x167/0x330 [ 23.041362] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 23.042122] ? __schedule+0xc3e/0x2790 [ 23.042720] ? __pfx_read_tsc+0x10/0x10 [ 23.043106] ? ktime_get_ts64+0x86/0x230 [ 23.043620] kunit_try_run_case+0x1b3/0x490 [ 23.044171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.044701] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.045230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.045947] ? __kthread_parkme+0x82/0x160 [ 23.046255] ? preempt_count_sub+0x50/0x80 [ 23.046851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.047624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.048261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.048948] kthread+0x257/0x310 [ 23.049284] ? __pfx_kthread+0x10/0x10 [ 23.049781] ret_from_fork+0x41/0x80 [ 23.050388] ? __pfx_kthread+0x10/0x10 [ 23.050733] ret_from_fork_asm+0x1a/0x30 [ 23.051298] </TASK> [ 23.051497] [ 23.051802] Allocated by task 186: [ 23.052305] kasan_save_stack+0x3d/0x60 [ 23.052685] kasan_save_track+0x18/0x40 [ 23.053166] kasan_save_alloc_info+0x3b/0x50 [ 23.053921] __kasan_kmalloc+0xb7/0xc0 [ 23.054197] __kmalloc_cache_noprof+0x184/0x410 [ 23.054790] kmalloc_oob_memset_16+0xad/0x330 [ 23.055261] kunit_try_run_case+0x1b3/0x490 [ 23.055862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.056405] kthread+0x257/0x310 [ 23.056805] ret_from_fork+0x41/0x80 [ 23.057185] ret_from_fork_asm+0x1a/0x30 [ 23.057671] [ 23.057839] The buggy address belongs to the object at ffff88810298f400 [ 23.057839] which belongs to the cache kmalloc-128 of size 128 [ 23.058930] The buggy address is located 105 bytes inside of [ 23.058930] allocated 120-byte region [ffff88810298f400, ffff88810298f478) [ 23.060211] [ 23.060472] The buggy address belongs to the physical page: [ 23.061581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298f [ 23.062880] flags: 0x200000000000000(node=0|zone=2) [ 23.063762] page_type: f5(slab) [ 23.064158] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.065151] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.066080] page dumped because: kasan: bad access detected [ 23.066855] [ 23.067146] Memory state around the buggy address: [ 23.068113] ffff88810298f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.068727] ffff88810298f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.069526] >ffff88810298f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.070233] ^ [ 23.071039] ffff88810298f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.072324] ffff88810298f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.072931] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 22.802831] ================================================================== [ 22.804089] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 22.805165] Write of size 128 at addr ffff88810298bc00 by task kunit_try_catch/178 [ 22.806833] [ 22.807083] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.808948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.809940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.810733] Call Trace: [ 22.811783] <TASK> [ 22.812009] dump_stack_lvl+0x73/0xb0 [ 22.812221] print_report+0xd1/0x640 [ 22.812943] ? __virt_addr_valid+0x1db/0x2d0 [ 22.814015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.814848] kasan_report+0x102/0x140 [ 22.815528] ? kmalloc_oob_in_memset+0x160/0x320 [ 22.816661] ? kmalloc_oob_in_memset+0x160/0x320 [ 22.817156] kasan_check_range+0x10c/0x1c0 [ 22.818147] __asan_memset+0x27/0x50 [ 22.818703] kmalloc_oob_in_memset+0x160/0x320 [ 22.819229] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 22.820228] ? __schedule+0xc3e/0x2790 [ 22.820698] ? __pfx_read_tsc+0x10/0x10 [ 22.821368] ? ktime_get_ts64+0x86/0x230 [ 22.822657] kunit_try_run_case+0x1b3/0x490 [ 22.823010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.823800] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.824728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.825099] ? __kthread_parkme+0x82/0x160 [ 22.826067] ? preempt_count_sub+0x50/0x80 [ 22.826661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.827501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.828135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.829139] kthread+0x257/0x310 [ 22.829696] ? __pfx_kthread+0x10/0x10 [ 22.830308] ret_from_fork+0x41/0x80 [ 22.831057] ? __pfx_kthread+0x10/0x10 [ 22.831829] ret_from_fork_asm+0x1a/0x30 [ 22.832652] </TASK> [ 22.833170] [ 22.833448] Allocated by task 178: [ 22.834368] kasan_save_stack+0x3d/0x60 [ 22.834992] kasan_save_track+0x18/0x40 [ 22.835662] kasan_save_alloc_info+0x3b/0x50 [ 22.836117] __kasan_kmalloc+0xb7/0xc0 [ 22.836673] __kmalloc_cache_noprof+0x184/0x410 [ 22.837627] kmalloc_oob_in_memset+0xad/0x320 [ 22.838234] kunit_try_run_case+0x1b3/0x490 [ 22.838854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.839799] kthread+0x257/0x310 [ 22.840136] ret_from_fork+0x41/0x80 [ 22.840785] ret_from_fork_asm+0x1a/0x30 [ 22.841113] [ 22.841351] The buggy address belongs to the object at ffff88810298bc00 [ 22.841351] which belongs to the cache kmalloc-128 of size 128 [ 22.843467] The buggy address is located 0 bytes inside of [ 22.843467] allocated 120-byte region [ffff88810298bc00, ffff88810298bc78) [ 22.844438] [ 22.844644] The buggy address belongs to the physical page: [ 22.845353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298b [ 22.845927] flags: 0x200000000000000(node=0|zone=2) [ 22.846768] page_type: f5(slab) [ 22.847114] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.848014] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.848825] page dumped because: kasan: bad access detected [ 22.849631] [ 22.849893] Memory state around the buggy address: [ 22.850486] ffff88810298bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.851459] ffff88810298bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.851998] >ffff88810298bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.852979] ^ [ 22.853714] ffff88810298bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.854744] ffff88810298bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.855555] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 23.320155] ================================================================== [ 23.321800] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 23.322973] Read of size 1 at addr ffff88810298a8a8 by task kunit_try_catch/196 [ 23.324278] [ 23.324525] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.325718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.326084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.326854] Call Trace: [ 23.327092] <TASK> [ 23.327410] dump_stack_lvl+0x73/0xb0 [ 23.327802] print_report+0xd1/0x640 [ 23.328308] ? __virt_addr_valid+0x1db/0x2d0 [ 23.328732] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.329336] kasan_report+0x102/0x140 [ 23.329700] ? kmalloc_uaf2+0x4aa/0x520 [ 23.330173] ? kmalloc_uaf2+0x4aa/0x520 [ 23.330590] __asan_report_load1_noabort+0x18/0x20 [ 23.331134] kmalloc_uaf2+0x4aa/0x520 [ 23.331643] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 23.332049] ? finish_task_switch.isra.0+0x153/0x700 [ 23.332591] ? __switch_to+0x5d9/0xf60 [ 23.332938] ? __schedule+0xc3e/0x2790 [ 23.333494] ? __pfx_read_tsc+0x10/0x10 [ 23.333909] ? ktime_get_ts64+0x86/0x230 [ 23.334306] kunit_try_run_case+0x1b3/0x490 [ 23.334663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.335235] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.335863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.336469] ? __kthread_parkme+0x82/0x160 [ 23.336906] ? preempt_count_sub+0x50/0x80 [ 23.337227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.337680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.338497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.339122] kthread+0x257/0x310 [ 23.339499] ? __pfx_kthread+0x10/0x10 [ 23.339780] ret_from_fork+0x41/0x80 [ 23.340227] ? __pfx_kthread+0x10/0x10 [ 23.340755] ret_from_fork_asm+0x1a/0x30 [ 23.341269] </TASK> [ 23.341586] [ 23.341741] Allocated by task 196: [ 23.342092] kasan_save_stack+0x3d/0x60 [ 23.342561] kasan_save_track+0x18/0x40 [ 23.343083] kasan_save_alloc_info+0x3b/0x50 [ 23.343488] __kasan_kmalloc+0xb7/0xc0 [ 23.343961] __kmalloc_cache_noprof+0x184/0x410 [ 23.344427] kmalloc_uaf2+0xc7/0x520 [ 23.344802] kunit_try_run_case+0x1b3/0x490 [ 23.345142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.345775] kthread+0x257/0x310 [ 23.346144] ret_from_fork+0x41/0x80 [ 23.346484] ret_from_fork_asm+0x1a/0x30 [ 23.346937] [ 23.347173] Freed by task 196: [ 23.347628] kasan_save_stack+0x3d/0x60 [ 23.347916] kasan_save_track+0x18/0x40 [ 23.348211] kasan_save_free_info+0x3f/0x60 [ 23.348652] __kasan_slab_free+0x56/0x70 [ 23.349161] kfree+0x123/0x3f0 [ 23.349646] kmalloc_uaf2+0x14d/0x520 [ 23.350032] kunit_try_run_case+0x1b3/0x490 [ 23.350324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.351960] kthread+0x257/0x310 [ 23.352578] ret_from_fork+0x41/0x80 [ 23.353237] ret_from_fork_asm+0x1a/0x30 [ 23.353617] [ 23.354036] The buggy address belongs to the object at ffff88810298a880 [ 23.354036] which belongs to the cache kmalloc-64 of size 64 [ 23.355645] The buggy address is located 40 bytes inside of [ 23.355645] freed 64-byte region [ffff88810298a880, ffff88810298a8c0) [ 23.357007] [ 23.357184] The buggy address belongs to the physical page: [ 23.358092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 23.358764] flags: 0x200000000000000(node=0|zone=2) [ 23.359235] page_type: f5(slab) [ 23.359573] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.360623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.361336] page dumped because: kasan: bad access detected [ 23.361974] [ 23.362200] Memory state around the buggy address: [ 23.362716] ffff88810298a780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.363162] ffff88810298a800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.363852] >ffff88810298a880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.364559] ^ [ 23.364959] ffff88810298a900: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 23.365634] ffff88810298a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.366222] ================================================================== [ 22.734441] ================================================================== [ 22.735705] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 22.737128] Read of size 16 at addr ffff888101adf0c0 by task kunit_try_catch/176 [ 22.738271] [ 22.739078] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.740263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.740804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.742118] Call Trace: [ 22.742375] <TASK> [ 22.742686] dump_stack_lvl+0x73/0xb0 [ 22.743604] print_report+0xd1/0x640 [ 22.744495] ? __virt_addr_valid+0x1db/0x2d0 [ 22.744962] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.745987] kasan_report+0x102/0x140 [ 22.746343] ? kmalloc_uaf_16+0x47d/0x4c0 [ 22.747169] ? kmalloc_uaf_16+0x47d/0x4c0 [ 22.748123] __asan_report_load16_noabort+0x18/0x20 [ 22.748703] kmalloc_uaf_16+0x47d/0x4c0 [ 22.749117] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 22.749942] ? __schedule+0xc3e/0x2790 [ 22.751086] ? __pfx_read_tsc+0x10/0x10 [ 22.751628] ? ktime_get_ts64+0x86/0x230 [ 22.752055] kunit_try_run_case+0x1b3/0x490 [ 22.752848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.753687] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.754161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.755427] ? __kthread_parkme+0x82/0x160 [ 22.755804] ? preempt_count_sub+0x50/0x80 [ 22.756242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.757371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.757911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.758752] kthread+0x257/0x310 [ 22.759118] ? __pfx_kthread+0x10/0x10 [ 22.760175] ret_from_fork+0x41/0x80 [ 22.760843] ? __pfx_kthread+0x10/0x10 [ 22.761169] ret_from_fork_asm+0x1a/0x30 [ 22.761703] </TASK> [ 22.761977] [ 22.762182] Allocated by task 176: [ 22.762979] kasan_save_stack+0x3d/0x60 [ 22.763281] kasan_save_track+0x18/0x40 [ 22.763957] kasan_save_alloc_info+0x3b/0x50 [ 22.764951] __kasan_kmalloc+0xb7/0xc0 [ 22.765359] __kmalloc_cache_noprof+0x184/0x410 [ 22.765981] kmalloc_uaf_16+0x15c/0x4c0 [ 22.766490] kunit_try_run_case+0x1b3/0x490 [ 22.766939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.768298] kthread+0x257/0x310 [ 22.768898] ret_from_fork+0x41/0x80 [ 22.769679] ret_from_fork_asm+0x1a/0x30 [ 22.770226] [ 22.770943] Freed by task 176: [ 22.771578] kasan_save_stack+0x3d/0x60 [ 22.771985] kasan_save_track+0x18/0x40 [ 22.772522] kasan_save_free_info+0x3f/0x60 [ 22.772977] __kasan_slab_free+0x56/0x70 [ 22.773973] kfree+0x123/0x3f0 [ 22.774279] kmalloc_uaf_16+0x1d7/0x4c0 [ 22.774969] kunit_try_run_case+0x1b3/0x490 [ 22.776188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.777040] kthread+0x257/0x310 [ 22.777992] ret_from_fork+0x41/0x80 [ 22.778628] ret_from_fork_asm+0x1a/0x30 [ 22.778848] [ 22.779172] The buggy address belongs to the object at ffff888101adf0c0 [ 22.779172] which belongs to the cache kmalloc-16 of size 16 [ 22.781331] The buggy address is located 0 bytes inside of [ 22.781331] freed 16-byte region [ffff888101adf0c0, ffff888101adf0d0) [ 22.782667] [ 22.782949] The buggy address belongs to the physical page: [ 22.783847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 22.784866] flags: 0x200000000000000(node=0|zone=2) [ 22.785728] page_type: f5(slab) [ 22.785975] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.787479] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.788214] page dumped because: kasan: bad access detected [ 22.788802] [ 22.789435] Memory state around the buggy address: [ 22.790279] ffff888101adef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.791152] ffff888101adf000: fa fb fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 22.792110] >ffff888101adf080: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 22.793256] ^ [ 22.794217] ffff888101adf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.795786] ffff888101adf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.796539] ================================================================== [ 23.192972] ================================================================== [ 23.194781] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 23.195657] Read of size 1 at addr ffff888102795328 by task kunit_try_catch/192 [ 23.197011] [ 23.197290] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 23.198953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.199697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.200352] Call Trace: [ 23.200719] <TASK> [ 23.201089] dump_stack_lvl+0x73/0xb0 [ 23.201475] print_report+0xd1/0x640 [ 23.202503] ? __virt_addr_valid+0x1db/0x2d0 [ 23.203205] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.203859] kasan_report+0x102/0x140 [ 23.204667] ? kmalloc_uaf+0x322/0x380 [ 23.205173] ? kmalloc_uaf+0x322/0x380 [ 23.206003] __asan_report_load1_noabort+0x18/0x20 [ 23.206887] kmalloc_uaf+0x322/0x380 [ 23.207329] ? __pfx_kmalloc_uaf+0x10/0x10 [ 23.207579] ? __schedule+0xc3e/0x2790 [ 23.207773] ? __pfx_read_tsc+0x10/0x10 [ 23.208475] ? ktime_get_ts64+0x86/0x230 [ 23.209372] kunit_try_run_case+0x1b3/0x490 [ 23.210082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.211196] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.212243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.213286] ? __kthread_parkme+0x82/0x160 [ 23.213768] ? preempt_count_sub+0x50/0x80 [ 23.214076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.214694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.216021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.217253] kthread+0x257/0x310 [ 23.217839] ? __pfx_kthread+0x10/0x10 [ 23.218623] ret_from_fork+0x41/0x80 [ 23.219363] ? __pfx_kthread+0x10/0x10 [ 23.220164] ret_from_fork_asm+0x1a/0x30 [ 23.221080] </TASK> [ 23.221588] [ 23.221769] Allocated by task 192: [ 23.222024] kasan_save_stack+0x3d/0x60 [ 23.222501] kasan_save_track+0x18/0x40 [ 23.222749] kasan_save_alloc_info+0x3b/0x50 [ 23.223317] __kasan_kmalloc+0xb7/0xc0 [ 23.224053] __kmalloc_cache_noprof+0x184/0x410 [ 23.225018] kmalloc_uaf+0xab/0x380 [ 23.225843] kunit_try_run_case+0x1b3/0x490 [ 23.226594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.227738] kthread+0x257/0x310 [ 23.228049] ret_from_fork+0x41/0x80 [ 23.228327] ret_from_fork_asm+0x1a/0x30 [ 23.228835] [ 23.229270] Freed by task 192: [ 23.229564] kasan_save_stack+0x3d/0x60 [ 23.230658] kasan_save_track+0x18/0x40 [ 23.231023] kasan_save_free_info+0x3f/0x60 [ 23.231319] __kasan_slab_free+0x56/0x70 [ 23.231840] kfree+0x123/0x3f0 [ 23.232275] kmalloc_uaf+0x12d/0x380 [ 23.232970] kunit_try_run_case+0x1b3/0x490 [ 23.233283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.233627] kthread+0x257/0x310 [ 23.234037] ret_from_fork+0x41/0x80 [ 23.234644] ret_from_fork_asm+0x1a/0x30 [ 23.235055] [ 23.235236] The buggy address belongs to the object at ffff888102795320 [ 23.235236] which belongs to the cache kmalloc-16 of size 16 [ 23.236119] The buggy address is located 8 bytes inside of [ 23.236119] freed 16-byte region [ffff888102795320, ffff888102795330) [ 23.238794] [ 23.238985] The buggy address belongs to the physical page: [ 23.239505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 23.240926] flags: 0x200000000000000(node=0|zone=2) [ 23.241657] page_type: f5(slab) [ 23.242845] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.243396] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.244403] page dumped because: kasan: bad access detected [ 23.245120] [ 23.245453] Memory state around the buggy address: [ 23.245958] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 23.247419] ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.247960] >ffff888102795300: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 23.248650] ^ [ 23.249117] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.250169] ffff888102795400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.251345] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 22.676019] ================================================================== [ 22.677345] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 22.678909] Write of size 16 at addr ffff888101adf060 by task kunit_try_catch/174 [ 22.679830] [ 22.680186] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 22.682123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.683007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.684157] Call Trace: [ 22.684718] <TASK> [ 22.685087] dump_stack_lvl+0x73/0xb0 [ 22.685501] print_report+0xd1/0x640 [ 22.686159] ? __virt_addr_valid+0x1db/0x2d0 [ 22.686997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.688084] kasan_report+0x102/0x140 [ 22.688506] ? kmalloc_oob_16+0x454/0x4a0 [ 22.688815] ? kmalloc_oob_16+0x454/0x4a0 [ 22.689315] __asan_report_store16_noabort+0x1b/0x30 [ 22.689911] kmalloc_oob_16+0x454/0x4a0 [ 22.690432] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 22.690809] ? __schedule+0xc3e/0x2790 [ 22.691230] ? __pfx_read_tsc+0x10/0x10 [ 22.692136] ? ktime_get_ts64+0x86/0x230 [ 22.692791] kunit_try_run_case+0x1b3/0x490 [ 22.693215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.694223] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.694565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.695248] ? __kthread_parkme+0x82/0x160 [ 22.695920] ? preempt_count_sub+0x50/0x80 [ 22.696603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.696943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.697685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.698226] kthread+0x257/0x310 [ 22.699032] ? __pfx_kthread+0x10/0x10 [ 22.699804] ret_from_fork+0x41/0x80 [ 22.700723] ? __pfx_kthread+0x10/0x10 [ 22.701036] ret_from_fork_asm+0x1a/0x30 [ 22.701899] </TASK> [ 22.702402] [ 22.702810] Allocated by task 174: [ 22.703178] kasan_save_stack+0x3d/0x60 [ 22.704330] kasan_save_track+0x18/0x40 [ 22.704938] kasan_save_alloc_info+0x3b/0x50 [ 22.705910] __kasan_kmalloc+0xb7/0xc0 [ 22.706581] __kmalloc_cache_noprof+0x184/0x410 [ 22.706807] kmalloc_oob_16+0xa9/0x4a0 [ 22.707643] kunit_try_run_case+0x1b3/0x490 [ 22.708608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.709292] kthread+0x257/0x310 [ 22.709703] ret_from_fork+0x41/0x80 [ 22.710276] ret_from_fork_asm+0x1a/0x30 [ 22.710748] [ 22.711428] The buggy address belongs to the object at ffff888101adf060 [ 22.711428] which belongs to the cache kmalloc-16 of size 16 [ 22.712906] The buggy address is located 0 bytes inside of [ 22.712906] allocated 13-byte region [ffff888101adf060, ffff888101adf06d) [ 22.713837] [ 22.714834] The buggy address belongs to the physical page: [ 22.715953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101adf [ 22.717059] flags: 0x200000000000000(node=0|zone=2) [ 22.717641] page_type: f5(slab) [ 22.718238] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.719170] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.720185] page dumped because: kasan: bad access detected [ 22.720934] [ 22.721110] Memory state around the buggy address: [ 22.722218] ffff888101adef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.723312] ffff888101adef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.723957] >ffff888101adf000: fa fb fc fc 00 04 fc fc 00 05 fc fc 00 05 fc fc [ 22.724900] ^ [ 22.725524] ffff888101adf080: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.726272] ffff888101adf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.727116] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 21.740468] ================================================================== [ 21.741821] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 21.743187] Read of size 1 at addr ffff888102cb0000 by task kunit_try_catch/162 [ 21.744465] [ 21.744991] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.746043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.746660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.747724] Call Trace: [ 21.748043] <TASK> [ 21.748892] dump_stack_lvl+0x73/0xb0 [ 21.749691] print_report+0xd1/0x640 [ 21.750098] ? __virt_addr_valid+0x1db/0x2d0 [ 21.751630] ? kasan_addr_to_slab+0x11/0xa0 [ 21.752486] kasan_report+0x102/0x140 [ 21.753123] ? page_alloc_uaf+0x358/0x3d0 [ 21.754003] ? page_alloc_uaf+0x358/0x3d0 [ 21.755161] __asan_report_load1_noabort+0x18/0x20 [ 21.756228] page_alloc_uaf+0x358/0x3d0 [ 21.757048] ? __pfx_page_alloc_uaf+0x10/0x10 [ 21.757736] ? __schedule+0xc3e/0x2790 [ 21.758221] ? __pfx_read_tsc+0x10/0x10 [ 21.759047] ? ktime_get_ts64+0x86/0x230 [ 21.759621] kunit_try_run_case+0x1b3/0x490 [ 21.760406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.760918] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.761247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.761997] ? __kthread_parkme+0x82/0x160 [ 21.762366] ? preempt_count_sub+0x50/0x80 [ 21.763042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.763371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.764085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.764718] kthread+0x257/0x310 [ 21.764973] ? __pfx_kthread+0x10/0x10 [ 21.765656] ret_from_fork+0x41/0x80 [ 21.765944] ? __pfx_kthread+0x10/0x10 [ 21.766213] ret_from_fork_asm+0x1a/0x30 [ 21.767085] </TASK> [ 21.767425] [ 21.767580] The buggy address belongs to the physical page: [ 21.768819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb0 [ 21.769547] flags: 0x200000000000000(node=0|zone=2) [ 21.770891] page_type: f0(buddy) [ 21.771592] raw: 0200000000000000 ffff88817fffd4a0 ffff88817fffd4a0 0000000000000000 [ 21.772321] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 21.773481] page dumped because: kasan: bad access detected [ 21.774136] [ 21.774586] Memory state around the buggy address: [ 21.775008] ffff888102caff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.776115] ffff888102caff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.777768] >ffff888102cb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.779235] ^ [ 21.779727] ffff888102cb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.781440] ffff888102cb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.781728] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 21.673548] ================================================================== [ 21.674848] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 21.675889] Free of addr ffff888102b2c001 by task kunit_try_catch/158 [ 21.676341] [ 21.677189] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.678487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.678724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.680989] Call Trace: [ 21.681838] <TASK> [ 21.682267] dump_stack_lvl+0x73/0xb0 [ 21.683010] print_report+0xd1/0x640 [ 21.683747] ? __virt_addr_valid+0x1db/0x2d0 [ 21.684414] ? kfree+0x271/0x3f0 [ 21.684972] ? kasan_addr_to_slab+0x11/0xa0 [ 21.686069] ? kfree+0x271/0x3f0 [ 21.686349] kasan_report_invalid_free+0xc0/0xf0 [ 21.687200] ? kfree+0x271/0x3f0 [ 21.687654] ? kfree+0x271/0x3f0 [ 21.688045] __kasan_kfree_large+0x86/0xd0 [ 21.689144] free_large_kmalloc+0x3b/0xd0 [ 21.689698] kfree+0x271/0x3f0 [ 21.689983] ? kmalloc_large_invalid_free+0x90/0x2b0 [ 21.691026] kmalloc_large_invalid_free+0x121/0x2b0 [ 21.692014] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 21.692617] ? __schedule+0xc3e/0x2790 [ 21.693073] ? __pfx_read_tsc+0x10/0x10 [ 21.693880] ? ktime_get_ts64+0x86/0x230 [ 21.694811] kunit_try_run_case+0x1b3/0x490 [ 21.695194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.696227] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.696919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.697696] ? __kthread_parkme+0x82/0x160 [ 21.698139] ? preempt_count_sub+0x50/0x80 [ 21.698751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.699185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.700245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.701024] kthread+0x257/0x310 [ 21.702056] ? __pfx_kthread+0x10/0x10 [ 21.702450] ret_from_fork+0x41/0x80 [ 21.703138] ? __pfx_kthread+0x10/0x10 [ 21.704212] ret_from_fork_asm+0x1a/0x30 [ 21.704952] </TASK> [ 21.705207] [ 21.705881] The buggy address belongs to the physical page: [ 21.706267] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 21.707885] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.708870] flags: 0x200000000000040(head|node=0|zone=2) [ 21.710042] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.710811] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.711116] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.712361] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.713607] head: 0200000000000002 ffffea00040acb01 ffffffffffffffff 0000000000000000 [ 21.715193] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.716125] page dumped because: kasan: bad access detected [ 21.717810] [ 21.717985] Memory state around the buggy address: [ 21.718690] ffff888102b2bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.719743] ffff888102b2bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.720380] >ffff888102b2c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.721389] ^ [ 21.722524] ffff888102b2c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.723108] ffff888102b2c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.724626] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 21.634644] ================================================================== [ 21.635911] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 21.637099] Read of size 1 at addr ffff888102b2c000 by task kunit_try_catch/156 [ 21.637934] [ 21.638356] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.639309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.639683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.640540] Call Trace: [ 21.640931] <TASK> [ 21.641442] dump_stack_lvl+0x73/0xb0 [ 21.642023] print_report+0xd1/0x640 [ 21.642563] ? __virt_addr_valid+0x1db/0x2d0 [ 21.643007] ? kasan_addr_to_slab+0x11/0xa0 [ 21.643460] kasan_report+0x102/0x140 [ 21.643945] ? kmalloc_large_uaf+0x2f3/0x340 [ 21.644392] ? kmalloc_large_uaf+0x2f3/0x340 [ 21.644981] __asan_report_load1_noabort+0x18/0x20 [ 21.645675] kmalloc_large_uaf+0x2f3/0x340 [ 21.646081] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 21.646663] ? __schedule+0xc3e/0x2790 [ 21.647051] ? __pfx_read_tsc+0x10/0x10 [ 21.647562] ? ktime_get_ts64+0x86/0x230 [ 21.648185] kunit_try_run_case+0x1b3/0x490 [ 21.648701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.649173] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.649798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.650526] ? __kthread_parkme+0x82/0x160 [ 21.650936] ? preempt_count_sub+0x50/0x80 [ 21.651551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.652127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.652846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.653514] kthread+0x257/0x310 [ 21.654014] ? __pfx_kthread+0x10/0x10 [ 21.654493] ret_from_fork+0x41/0x80 [ 21.655001] ? __pfx_kthread+0x10/0x10 [ 21.655465] ret_from_fork_asm+0x1a/0x30 [ 21.655979] </TASK> [ 21.656380] [ 21.656678] The buggy address belongs to the physical page: [ 21.657296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 21.658103] flags: 0x200000000000000(node=0|zone=2) [ 21.658736] raw: 0200000000000000 ffffea00040acc08 ffff888154b3f040 0000000000000000 [ 21.659599] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.660372] page dumped because: kasan: bad access detected [ 21.661001] [ 21.661177] Memory state around the buggy address: [ 21.661858] ffff888102b2bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.662538] ffff888102b2bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.663351] >ffff888102b2c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.663943] ^ [ 21.664378] ffff888102b2c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.665055] ffff888102b2c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.665703] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 21.576890] ================================================================== [ 21.577858] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 21.579017] Write of size 1 at addr ffff888102b2e00a by task kunit_try_catch/154 [ 21.580311] [ 21.580910] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.582342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.583103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.583727] Call Trace: [ 21.584074] <TASK> [ 21.584380] dump_stack_lvl+0x73/0xb0 [ 21.584736] print_report+0xd1/0x640 [ 21.585542] ? __virt_addr_valid+0x1db/0x2d0 [ 21.586481] ? kasan_addr_to_slab+0x11/0xa0 [ 21.587408] kasan_report+0x102/0x140 [ 21.588419] ? kmalloc_large_oob_right+0x2eb/0x340 [ 21.589498] ? kmalloc_large_oob_right+0x2eb/0x340 [ 21.590809] __asan_report_store1_noabort+0x1b/0x30 [ 21.591598] kmalloc_large_oob_right+0x2eb/0x340 [ 21.592130] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 21.593255] ? __schedule+0xc3e/0x2790 [ 21.594078] ? __pfx_read_tsc+0x10/0x10 [ 21.594980] ? ktime_get_ts64+0x86/0x230 [ 21.596037] kunit_try_run_case+0x1b3/0x490 [ 21.597138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.597910] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.598690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.599809] ? __kthread_parkme+0x82/0x160 [ 21.600227] ? preempt_count_sub+0x50/0x80 [ 21.600831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.602113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.602959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.603895] kthread+0x257/0x310 [ 21.604157] ? __pfx_kthread+0x10/0x10 [ 21.605118] ret_from_fork+0x41/0x80 [ 21.605934] ? __pfx_kthread+0x10/0x10 [ 21.607248] ret_from_fork_asm+0x1a/0x30 [ 21.608045] </TASK> [ 21.608617] [ 21.609064] The buggy address belongs to the physical page: [ 21.609819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 21.610356] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.611226] flags: 0x200000000000040(head|node=0|zone=2) [ 21.611923] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.613061] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.615065] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.615911] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.616626] head: 0200000000000002 ffffea00040acb01 ffffffffffffffff 0000000000000000 [ 21.617328] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.618493] page dumped because: kasan: bad access detected [ 21.618902] [ 21.619961] Memory state around the buggy address: [ 21.620845] ffff888102b2df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.621911] ffff888102b2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.622700] >ffff888102b2e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.623581] ^ [ 21.624377] ffff888102b2e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.625037] ffff888102b2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.627186] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 21.512978] ================================================================== [ 21.514621] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 21.515919] Write of size 1 at addr ffff888102b71f00 by task kunit_try_catch/152 [ 21.517114] [ 21.517331] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.518963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.519671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.520449] Call Trace: [ 21.520848] <TASK> [ 21.521161] dump_stack_lvl+0x73/0xb0 [ 21.521568] print_report+0xd1/0x640 [ 21.522874] ? __virt_addr_valid+0x1db/0x2d0 [ 21.523723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.524509] kasan_report+0x102/0x140 [ 21.524963] ? kmalloc_big_oob_right+0x318/0x370 [ 21.525780] ? kmalloc_big_oob_right+0x318/0x370 [ 21.526954] __asan_report_store1_noabort+0x1b/0x30 [ 21.527419] kmalloc_big_oob_right+0x318/0x370 [ 21.527942] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 21.529010] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 21.529743] kunit_try_run_case+0x1b3/0x490 [ 21.530165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.531503] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.531969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.533377] ? __kthread_parkme+0x82/0x160 [ 21.533619] ? preempt_count_sub+0x50/0x80 [ 21.533906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.534396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.535003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.535464] kthread+0x257/0x310 [ 21.536139] ? __pfx_kthread+0x10/0x10 [ 21.536938] ret_from_fork+0x41/0x80 [ 21.537363] ? __pfx_kthread+0x10/0x10 [ 21.537813] ret_from_fork_asm+0x1a/0x30 [ 21.538236] </TASK> [ 21.538492] [ 21.538695] Allocated by task 152: [ 21.540732] kasan_save_stack+0x3d/0x60 [ 21.541533] kasan_save_track+0x18/0x40 [ 21.542031] kasan_save_alloc_info+0x3b/0x50 [ 21.542540] __kasan_kmalloc+0xb7/0xc0 [ 21.542849] __kmalloc_cache_noprof+0x184/0x410 [ 21.543180] kmalloc_big_oob_right+0xaa/0x370 [ 21.543793] kunit_try_run_case+0x1b3/0x490 [ 21.545243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.545777] kthread+0x257/0x310 [ 21.546056] ret_from_fork+0x41/0x80 [ 21.546489] ret_from_fork_asm+0x1a/0x30 [ 21.546864] [ 21.547015] The buggy address belongs to the object at ffff888102b70000 [ 21.547015] which belongs to the cache kmalloc-8k of size 8192 [ 21.548124] The buggy address is located 0 bytes to the right of [ 21.548124] allocated 7936-byte region [ffff888102b70000, ffff888102b71f00) [ 21.549971] [ 21.550360] The buggy address belongs to the physical page: [ 21.550777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b70 [ 21.551709] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.552649] flags: 0x200000000000040(head|node=0|zone=2) [ 21.553840] page_type: f5(slab) [ 21.554682] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 21.555694] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.556662] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 21.557948] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.559190] head: 0200000000000003 ffffea00040adc01 ffffffffffffffff 0000000000000000 [ 21.560365] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 21.560873] page dumped because: kasan: bad access detected [ 21.562287] [ 21.562519] Memory state around the buggy address: [ 21.563206] ffff888102b71e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.563978] ffff888102b71e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.565103] >ffff888102b71f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.566187] ^ [ 21.566496] ffff888102b71f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.568068] ffff888102b72000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.569125] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 21.399108] ================================================================== [ 21.400071] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 21.401674] Write of size 1 at addr ffff888101ae3878 by task kunit_try_catch/150 [ 21.402426] [ 21.402783] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.404139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.404978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.406242] Call Trace: [ 21.406757] <TASK> [ 21.406968] dump_stack_lvl+0x73/0xb0 [ 21.408051] print_report+0xd1/0x640 [ 21.408540] ? __virt_addr_valid+0x1db/0x2d0 [ 21.409301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.409702] kasan_report+0x102/0x140 [ 21.410491] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 21.411082] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 21.412035] __asan_report_store1_noabort+0x1b/0x30 [ 21.413096] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 21.413784] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 21.414352] ? __schedule+0xc3e/0x2790 [ 21.415037] ? __pfx_read_tsc+0x10/0x10 [ 21.415552] ? ktime_get_ts64+0x86/0x230 [ 21.416354] kunit_try_run_case+0x1b3/0x490 [ 21.417062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.417918] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.418509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.418985] ? __kthread_parkme+0x82/0x160 [ 21.419529] ? preempt_count_sub+0x50/0x80 [ 21.419973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.420478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.421602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.422429] kthread+0x257/0x310 [ 21.422798] ? __pfx_kthread+0x10/0x10 [ 21.423265] ret_from_fork+0x41/0x80 [ 21.423628] ? __pfx_kthread+0x10/0x10 [ 21.424543] ret_from_fork_asm+0x1a/0x30 [ 21.424968] </TASK> [ 21.425497] [ 21.425797] Allocated by task 150: [ 21.426146] kasan_save_stack+0x3d/0x60 [ 21.426438] kasan_save_track+0x18/0x40 [ 21.427305] kasan_save_alloc_info+0x3b/0x50 [ 21.427951] __kasan_kmalloc+0xb7/0xc0 [ 21.428288] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 21.428902] kmalloc_track_caller_oob_right+0x9a/0x530 [ 21.430120] kunit_try_run_case+0x1b3/0x490 [ 21.431046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.431682] kthread+0x257/0x310 [ 21.432992] ret_from_fork+0x41/0x80 [ 21.433461] ret_from_fork_asm+0x1a/0x30 [ 21.433981] [ 21.434186] The buggy address belongs to the object at ffff888101ae3800 [ 21.434186] which belongs to the cache kmalloc-128 of size 128 [ 21.436688] The buggy address is located 0 bytes to the right of [ 21.436688] allocated 120-byte region [ffff888101ae3800, ffff888101ae3878) [ 21.438373] [ 21.438564] The buggy address belongs to the physical page: [ 21.439045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ae3 [ 21.440496] flags: 0x200000000000000(node=0|zone=2) [ 21.441048] page_type: f5(slab) [ 21.441702] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.442933] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.443512] page dumped because: kasan: bad access detected [ 21.444657] [ 21.444956] Memory state around the buggy address: [ 21.445796] ffff888101ae3700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 21.446380] ffff888101ae3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.447461] >ffff888101ae3800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.448592] ^ [ 21.449952] ffff888101ae3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.450680] ffff888101ae3900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.451293] ================================================================== [ 21.453901] ================================================================== [ 21.456002] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 21.457454] Write of size 1 at addr ffff888101ae3978 by task kunit_try_catch/150 [ 21.458392] [ 21.458676] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.459814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.460214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.460878] Call Trace: [ 21.461207] <TASK> [ 21.461507] dump_stack_lvl+0x73/0xb0 [ 21.461914] print_report+0xd1/0x640 [ 21.463003] ? __virt_addr_valid+0x1db/0x2d0 [ 21.463556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.464105] kasan_report+0x102/0x140 [ 21.464598] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 21.465120] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 21.465779] __asan_report_store1_noabort+0x1b/0x30 [ 21.466813] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 21.467337] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 21.467934] ? __schedule+0xc3e/0x2790 [ 21.468345] ? __pfx_read_tsc+0x10/0x10 [ 21.468804] ? ktime_get_ts64+0x86/0x230 [ 21.469102] kunit_try_run_case+0x1b3/0x490 [ 21.470470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.470932] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.472048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.472432] ? __kthread_parkme+0x82/0x160 [ 21.473465] ? preempt_count_sub+0x50/0x80 [ 21.473998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.475101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.476511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.477590] kthread+0x257/0x310 [ 21.477977] ? __pfx_kthread+0x10/0x10 [ 21.478957] ret_from_fork+0x41/0x80 [ 21.479249] ? __pfx_kthread+0x10/0x10 [ 21.480671] ret_from_fork_asm+0x1a/0x30 [ 21.481127] </TASK> [ 21.481624] [ 21.481900] Allocated by task 150: [ 21.482770] kasan_save_stack+0x3d/0x60 [ 21.483133] kasan_save_track+0x18/0x40 [ 21.483647] kasan_save_alloc_info+0x3b/0x50 [ 21.483982] __kasan_kmalloc+0xb7/0xc0 [ 21.484819] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 21.485666] kmalloc_track_caller_oob_right+0x19b/0x530 [ 21.486290] kunit_try_run_case+0x1b3/0x490 [ 21.486864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.487301] kthread+0x257/0x310 [ 21.487817] ret_from_fork+0x41/0x80 [ 21.488995] ret_from_fork_asm+0x1a/0x30 [ 21.489526] [ 21.489717] The buggy address belongs to the object at ffff888101ae3900 [ 21.489717] which belongs to the cache kmalloc-128 of size 128 [ 21.491360] The buggy address is located 0 bytes to the right of [ 21.491360] allocated 120-byte region [ffff888101ae3900, ffff888101ae3978) [ 21.492802] [ 21.493030] The buggy address belongs to the physical page: [ 21.494027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ae3 [ 21.494944] flags: 0x200000000000000(node=0|zone=2) [ 21.496021] page_type: f5(slab) [ 21.496470] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.496932] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.497969] page dumped because: kasan: bad access detected [ 21.498994] [ 21.499584] Memory state around the buggy address: [ 21.499995] ffff888101ae3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.500594] ffff888101ae3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.501642] >ffff888101ae3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.502635] ^ [ 21.503802] ffff888101ae3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.504707] ffff888101ae3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.505063] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 21.334507] ================================================================== [ 21.335438] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 21.336681] Read of size 1 at addr ffff888102b5b000 by task kunit_try_catch/148 [ 21.337771] [ 21.338417] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.339678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.340148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.341336] Call Trace: [ 21.341695] <TASK> [ 21.341913] dump_stack_lvl+0x73/0xb0 [ 21.342123] print_report+0xd1/0x640 [ 21.342810] ? __virt_addr_valid+0x1db/0x2d0 [ 21.343814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.344814] kasan_report+0x102/0x140 [ 21.345786] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 21.346630] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 21.347045] __asan_report_load1_noabort+0x18/0x20 [ 21.347956] kmalloc_node_oob_right+0x36b/0x3d0 [ 21.348632] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 21.349255] ? __schedule+0xc3e/0x2790 [ 21.349656] ? __pfx_read_tsc+0x10/0x10 [ 21.350069] ? ktime_get_ts64+0x86/0x230 [ 21.350485] kunit_try_run_case+0x1b3/0x490 [ 21.351797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.353291] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.354389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.354986] ? __kthread_parkme+0x82/0x160 [ 21.355924] ? preempt_count_sub+0x50/0x80 [ 21.356447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.356666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.357150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.357587] kthread+0x257/0x310 [ 21.358945] ? __pfx_kthread+0x10/0x10 [ 21.359524] ret_from_fork+0x41/0x80 [ 21.359783] ? __pfx_kthread+0x10/0x10 [ 21.360056] ret_from_fork_asm+0x1a/0x30 [ 21.360768] </TASK> [ 21.361049] [ 21.361807] Allocated by task 148: [ 21.362557] kasan_save_stack+0x3d/0x60 [ 21.362952] kasan_save_track+0x18/0x40 [ 21.363842] kasan_save_alloc_info+0x3b/0x50 [ 21.364467] __kasan_kmalloc+0xb7/0xc0 [ 21.365563] __kmalloc_cache_node_noprof+0x183/0x410 [ 21.365965] kmalloc_node_oob_right+0xac/0x3d0 [ 21.366402] kunit_try_run_case+0x1b3/0x490 [ 21.367217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.367948] kthread+0x257/0x310 [ 21.368464] ret_from_fork+0x41/0x80 [ 21.369247] ret_from_fork_asm+0x1a/0x30 [ 21.369996] [ 21.370316] The buggy address belongs to the object at ffff888102b5a000 [ 21.370316] which belongs to the cache kmalloc-4k of size 4096 [ 21.372643] The buggy address is located 0 bytes to the right of [ 21.372643] allocated 4096-byte region [ffff888102b5a000, ffff888102b5b000) [ 21.374809] [ 21.375020] The buggy address belongs to the physical page: [ 21.375885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b58 [ 21.377059] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.378464] flags: 0x200000000000040(head|node=0|zone=2) [ 21.379047] page_type: f5(slab) [ 21.379709] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 21.380666] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 21.381375] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 21.382028] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 21.383188] head: 0200000000000003 ffffea00040ad601 ffffffffffffffff 0000000000000000 [ 21.383940] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 21.385478] page dumped because: kasan: bad access detected [ 21.386060] [ 21.386295] Memory state around the buggy address: [ 21.386983] ffff888102b5af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.387933] ffff888102b5af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.388989] >ffff888102b5b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.389948] ^ [ 21.390760] ffff888102b5b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.391461] ffff888102b5b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.392143] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 21.251853] ================================================================== [ 21.252922] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 21.253885] Read of size 1 at addr ffff8881027952ff by task kunit_try_catch/146 [ 21.254907] [ 21.255084] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241204 #1 [ 21.256918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.257398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.259196] Call Trace: [ 21.260094] <TASK> [ 21.260311] dump_stack_lvl+0x73/0xb0 [ 21.260993] print_report+0xd1/0x640 [ 21.261437] ? __virt_addr_valid+0x1db/0x2d0 [ 21.262243] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.262878] kasan_report+0x102/0x140 [ 21.263871] ? kmalloc_oob_left+0x363/0x3c0 [ 21.264649] ? kmalloc_oob_left+0x363/0x3c0 [ 21.265147] __asan_report_load1_noabort+0x18/0x20 [ 21.265978] kmalloc_oob_left+0x363/0x3c0 [ 21.267149] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 21.267844] ? __schedule+0xc3e/0x2790 [ 21.268218] ? __pfx_read_tsc+0x10/0x10 [ 21.268868] ? ktime_get_ts64+0x86/0x230 [ 21.269196] kunit_try_run_case+0x1b3/0x490 [ 21.269696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.271153] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.272079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.272918] ? __kthread_parkme+0x82/0x160 [ 21.273488] ? preempt_count_sub+0x50/0x80 [ 21.274009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.274907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.275885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.276374] kthread+0x257/0x310 [ 21.276720] ? __pfx_kthread+0x10/0x10 [ 21.277094] ret_from_fork+0x41/0x80 [ 21.277446] ? __pfx_kthread+0x10/0x10 [ 21.278032] ret_from_fork_asm+0x1a/0x30 [ 21.279003] </TASK> [ 21.280073] [ 21.280454] Allocated by task 1: [ 21.280822] kasan_save_stack+0x3d/0x60 [ 21.281897] kasan_save_track+0x18/0x40 [ 21.282303] kasan_save_alloc_info+0x3b/0x50 [ 21.282777] __kasan_kmalloc+0xb7/0xc0 [ 21.283142] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 21.283617] kvasprintf+0xc6/0x150 [ 21.284522] __kthread_create_on_node+0x18c/0x3a0 [ 21.285439] kthread_create_on_node+0xa8/0xe0 [ 21.286080] cryptomgr_notify+0x704/0x9f0 [ 21.286788] notifier_call_chain+0xcb/0x250 [ 21.287205] blocking_notifier_call_chain+0x64/0x90 [ 21.287909] crypto_alg_mod_lookup+0x214/0x420 [ 21.288876] crypto_alloc_tfm_node+0xc5/0x1f0 [ 21.290004] crypto_alloc_sig+0x23/0x30 [ 21.290523] public_key_verify_signature+0x1b1/0x990 [ 21.291258] x509_check_for_self_signed+0x2cb/0x480 [ 21.291938] x509_cert_parse+0x59c/0x830 [ 21.292588] x509_key_preparse+0x68/0x8a0 [ 21.293026] asymmetric_key_preparse+0xb1/0x160 [ 21.293791] __key_create_or_update+0x407/0xc90 [ 21.294291] key_create_or_update+0x17/0x20 [ 21.294801] x509_load_certificate_list+0x174/0x200 [ 21.296228] regulatory_init_db+0xee/0x3a0 [ 21.296793] do_one_initcall+0xb5/0x370 [ 21.297372] kernel_init_freeable+0x425/0x6f0 [ 21.297859] kernel_init+0x23/0x1e0 [ 21.298426] ret_from_fork+0x41/0x80 [ 21.298895] ret_from_fork_asm+0x1a/0x30 [ 21.299209] [ 21.299545] Freed by task 0: [ 21.300076] kasan_save_stack+0x3d/0x60 [ 21.301146] kasan_save_track+0x18/0x40 [ 21.301826] kasan_save_free_info+0x3f/0x60 [ 21.302256] __kasan_slab_free+0x56/0x70 [ 21.302528] kfree+0x123/0x3f0 [ 21.303169] free_kthread_struct+0xeb/0x150 [ 21.303664] free_task+0xf3/0x130 [ 21.304021] __put_task_struct+0x1c8/0x480 [ 21.305703] delayed_put_task_struct+0x10a/0x150 [ 21.306092] rcu_core+0x680/0x1d70 [ 21.306550] rcu_core_si+0x12/0x20 [ 21.307188] handle_softirqs+0x209/0x720 [ 21.307581] __irq_exit_rcu+0xc9/0x110 [ 21.308154] irq_exit_rcu+0x12/0x20 [ 21.308512] sysvec_apic_timer_interrupt+0x81/0x90 [ 21.309688] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 21.310505] [ 21.310846] The buggy address belongs to the object at ffff8881027952e0 [ 21.310846] which belongs to the cache kmalloc-16 of size 16 [ 21.311886] The buggy address is located 15 bytes to the right of [ 21.311886] allocated 16-byte region [ffff8881027952e0, ffff8881027952f0) [ 21.313399] [ 21.313630] The buggy address belongs to the physical page: [ 21.314140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102795 [ 21.315363] flags: 0x200000000000000(node=0|zone=2) [ 21.315910] page_type: f5(slab) [ 21.316663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.317504] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.318508] page dumped because: kasan: bad access detected [ 21.318976] [ 21.319590] Memory state around the buggy address: [ 21.320351] ffff888102795180: 00 02 fc fc 00 03 fc fc fa fb fc fc 00 02 fc fc [ 21.321114] ffff888102795200: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.321956] >ffff888102795280: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.322910] ^ [ 21.323610] ffff888102795300: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.325310] ffff888102795380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.325662] ==================================================================