Date
Dec. 5, 2024, 2:07 p.m.
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 238.026749] WARNING: CPU: 0 PID: 2256 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 238.028440] Modules linked in: [ 238.028902] CPU: 0 UID: 0 PID: 2256 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241205 #1 [ 238.029776] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 238.031149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 238.032427] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 238.033226] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 238.034935] RSP: 0000:ffff888107c57ce8 EFLAGS: 00010286 [ 238.035745] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 238.036900] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8dc0ad34 [ 238.038298] RBP: ffff888107c57d10 R08: 0000000000000000 R09: ffffed1020834c00 [ 238.039227] R10: ffff8881041a6007 R11: 0000000000000000 R12: ffffffff8dc0ad20 [ 238.039744] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107c57da8 [ 238.040928] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 238.041973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.042704] CR2: ffffffffffffffff CR3: 000000004a8b8000 CR4: 00000000000006f0 [ 238.043832] DR0: ffffffff8fbed160 DR1: ffffffff8fbed161 DR2: ffffffff8fbed163 [ 238.044494] DR3: ffffffff8fbed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 238.045091] Call Trace: [ 238.045729] <TASK> [ 238.046406] ? show_regs+0x68/0x80 [ 238.046894] ? __warn+0xd5/0x260 [ 238.048207] ? drm_rect_calc_vscale+0x130/0x190 [ 238.048781] ? report_bug+0x278/0x2e0 [ 238.049340] ? handle_bug+0x5c/0xb0 [ 238.049957] ? exc_invalid_op+0x1c/0x50 [ 238.050725] ? asm_exc_invalid_op+0x1f/0x30 [ 238.051424] ? drm_rect_calc_vscale+0x130/0x190 [ 238.052247] drm_test_rect_calc_vscale+0x109/0x270 [ 238.052766] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 238.053537] ? __schedule+0xc70/0x27e0 [ 238.054090] ? __pfx_read_tsc+0x10/0x10 [ 238.055337] ? ktime_get_ts64+0x86/0x230 [ 238.056007] kunit_try_run_case+0x1b3/0x490 [ 238.056449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 238.056931] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 238.057349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 238.058485] ? __kthread_parkme+0x82/0x160 [ 238.059635] ? preempt_count_sub+0x50/0x80 [ 238.060628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 238.061235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 238.061823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 238.062733] kthread+0x257/0x310 [ 238.063134] ? __pfx_kthread+0x10/0x10 [ 238.063631] ret_from_fork+0x41/0x80 [ 238.063969] ? __pfx_kthread+0x10/0x10 [ 238.064634] ret_from_fork_asm+0x1a/0x30 [ 238.065019] </TASK> [ 238.065375] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 237.982621] WARNING: CPU: 1 PID: 2254 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 237.983484] Modules linked in: [ 237.983876] CPU: 1 UID: 0 PID: 2254 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241205 #1 [ 237.985203] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 237.986479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 237.986986] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 237.987825] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 237.989443] RSP: 0000:ffff8881045e7ce8 EFLAGS: 00010286 [ 237.989907] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 237.990676] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8dc0acfc [ 237.991690] RBP: ffff8881045e7d10 R08: 0000000000000000 R09: ffffed10208345e0 [ 237.992507] R10: ffff8881041a2f07 R11: 0000000000000000 R12: ffffffff8dc0ace8 [ 237.993171] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881045e7da8 [ 237.993765] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 237.994758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.995173] CR2: 00007ffff7ffe000 CR3: 000000004a8b8000 CR4: 00000000000006f0 [ 237.996468] DR0: ffffffff8fbed164 DR1: ffffffff8fbed169 DR2: ffffffff8fbed16a [ 237.997854] DR3: ffffffff8fbed16b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 237.998963] Call Trace: [ 237.999736] <TASK> [ 238.000043] ? show_regs+0x68/0x80 [ 238.000675] ? __warn+0xd5/0x260 [ 238.000973] ? drm_rect_calc_vscale+0x130/0x190 [ 238.001967] ? report_bug+0x278/0x2e0 [ 238.002570] ? handle_bug+0x5c/0xb0 [ 238.003211] ? exc_invalid_op+0x1c/0x50 [ 238.003926] ? asm_exc_invalid_op+0x1f/0x30 [ 238.005045] ? drm_rect_calc_vscale+0x130/0x190 [ 238.006435] drm_test_rect_calc_vscale+0x109/0x270 [ 238.006881] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 238.007801] ? __schedule+0xc70/0x27e0 [ 238.008688] ? __pfx_read_tsc+0x10/0x10 [ 238.009204] ? ktime_get_ts64+0x86/0x230 [ 238.010121] kunit_try_run_case+0x1b3/0x490 [ 238.010899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 238.011757] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 238.012464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 238.013671] ? __kthread_parkme+0x82/0x160 [ 238.014723] ? preempt_count_sub+0x50/0x80 [ 238.015061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 238.015453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 238.016199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 238.016661] kthread+0x257/0x310 [ 238.016942] ? __pfx_kthread+0x10/0x10 [ 238.017570] ret_from_fork+0x41/0x80 [ 238.017961] ? __pfx_kthread+0x10/0x10 [ 238.018438] ret_from_fork_asm+0x1a/0x30 [ 238.018796] </TASK> [ 238.019125] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 237.914581] WARNING: CPU: 1 PID: 2244 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 237.916316] Modules linked in: [ 237.917145] CPU: 1 UID: 0 PID: 2244 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241205 #1 [ 237.918089] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 237.919136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 237.920544] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 237.921119] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 237.923400] RSP: 0000:ffff8881045e7ce8 EFLAGS: 00010286 [ 237.923865] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 237.925198] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8dc0ad38 [ 237.926237] RBP: ffff8881045e7d10 R08: 0000000000000000 R09: ffffed10208d4ac0 [ 237.927655] R10: ffff8881046a5607 R11: 0000000000000000 R12: ffffffff8dc0ad20 [ 237.928823] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881045e7da8 [ 237.929521] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 237.930187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.930728] CR2: 00007ffff7ffe000 CR3: 000000004a8b8000 CR4: 00000000000006f0 [ 237.932044] DR0: ffffffff8fbed164 DR1: ffffffff8fbed169 DR2: ffffffff8fbed16a [ 237.932875] DR3: ffffffff8fbed16b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 237.933948] Call Trace: [ 237.934545] <TASK> [ 237.934771] ? show_regs+0x68/0x80 [ 237.935433] ? __warn+0xd5/0x260 [ 237.935879] ? drm_rect_calc_hscale+0x125/0x190 [ 237.937141] ? report_bug+0x278/0x2e0 [ 237.937942] ? handle_bug+0x5c/0xb0 [ 237.938455] ? exc_invalid_op+0x1c/0x50 [ 237.938677] ? asm_exc_invalid_op+0x1f/0x30 [ 237.938893] ? drm_rect_calc_hscale+0x125/0x190 [ 237.939563] drm_test_rect_calc_hscale+0x109/0x270 [ 237.940752] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 237.941585] ? __schedule+0xc70/0x27e0 [ 237.941788] ? __pfx_read_tsc+0x10/0x10 [ 237.941975] ? ktime_get_ts64+0x86/0x230 [ 237.942976] kunit_try_run_case+0x1b3/0x490 [ 237.943496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 237.944483] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 237.944922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 237.945832] ? __kthread_parkme+0x82/0x160 [ 237.946110] ? preempt_count_sub+0x50/0x80 [ 237.946901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 237.947848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 237.948665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 237.949474] kthread+0x257/0x310 [ 237.949851] ? __pfx_kthread+0x10/0x10 [ 237.950402] ret_from_fork+0x41/0x80 [ 237.951137] ? __pfx_kthread+0x10/0x10 [ 237.951989] ret_from_fork_asm+0x1a/0x30 [ 237.952788] </TASK> [ 237.953240] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 237.868047] WARNING: CPU: 0 PID: 2242 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 237.870159] Modules linked in: [ 237.870664] CPU: 0 UID: 0 PID: 2242 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241205 #1 [ 237.871827] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 237.872580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 237.874144] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 237.874663] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 237.876196] RSP: 0000:ffff8881043f7ce8 EFLAGS: 00010286 [ 237.876660] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 237.877798] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8dc0ad00 [ 237.879342] RBP: ffff8881043f7d10 R08: 0000000000000000 R09: ffffed1020834500 [ 237.880118] R10: ffff8881041a2807 R11: 0000000000000000 R12: ffffffff8dc0ace8 [ 237.881029] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881043f7da8 [ 237.881881] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 237.882766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.883674] CR2: ffffffffffffffff CR3: 000000004a8b8000 CR4: 00000000000006f0 [ 237.884677] DR0: ffffffff8fbed160 DR1: ffffffff8fbed161 DR2: ffffffff8fbed163 [ 237.885487] DR3: ffffffff8fbed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 237.886105] Call Trace: [ 237.886743] <TASK> [ 237.887529] ? show_regs+0x68/0x80 [ 237.888653] ? __warn+0xd5/0x260 [ 237.889315] ? drm_rect_calc_hscale+0x125/0x190 [ 237.890015] ? report_bug+0x278/0x2e0 [ 237.890503] ? handle_bug+0x5c/0xb0 [ 237.890953] ? exc_invalid_op+0x1c/0x50 [ 237.891386] ? asm_exc_invalid_op+0x1f/0x30 [ 237.891918] ? drm_rect_calc_hscale+0x125/0x190 [ 237.892601] drm_test_rect_calc_hscale+0x109/0x270 [ 237.893601] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 237.894035] ? __schedule+0xc70/0x27e0 [ 237.894777] ? __pfx_read_tsc+0x10/0x10 [ 237.895123] ? ktime_get_ts64+0x86/0x230 [ 237.896399] kunit_try_run_case+0x1b3/0x490 [ 237.896937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 237.897642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 237.898916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 237.899863] ? __kthread_parkme+0x82/0x160 [ 237.900683] ? preempt_count_sub+0x50/0x80 [ 237.901665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 237.902134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 237.902800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 237.903396] kthread+0x257/0x310 [ 237.903843] ? __pfx_kthread+0x10/0x10 [ 237.904262] ret_from_fork+0x41/0x80 [ 237.905437] ? __pfx_kthread+0x10/0x10 [ 237.906184] ret_from_fork_asm+0x1a/0x30 [ 237.907409] </TASK> [ 237.907798] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 236.338447] WARNING: CPU: 0 PID: 2050 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 236.339546] Modules linked in: [ 236.340075] CPU: 0 UID: 0 PID: 2050 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241205 #1 [ 236.341072] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 236.341690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 236.342955] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 236.343793] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 236.345615] RSP: 0000:ffff888107e9fba0 EFLAGS: 00010246 [ 236.346302] RAX: dffffc0000000000 RBX: ffff888107e9fc98 RCX: 0000000000000000 [ 236.346897] RDX: 1ffff11020fd3f9c RSI: ffff888107e9fc98 RDI: ffff888107e9fce0 [ 236.347717] RBP: ffff888107e9fbe0 R08: ffff888107f4d000 R09: ffffffff8dbb78c0 [ 236.348471] R10: 0000000000000003 R11: 0000000074772780 R12: ffff888107f4d000 [ 236.349104] R13: ffff888100317b20 R14: ffff888107e9fc18 R15: ffff888107e9fe28 [ 236.349973] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 236.350856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.351530] CR2: ffffffffffffffff CR3: 000000004a8b8000 CR4: 00000000000006f0 [ 236.352440] DR0: ffffffff8fbed160 DR1: ffffffff8fbed161 DR2: ffffffff8fbed163 [ 236.353356] DR3: ffffffff8fbed165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 236.354092] Call Trace: [ 236.354774] <TASK> [ 236.355153] ? show_regs+0x68/0x80 [ 236.355808] ? __warn+0xd5/0x260 [ 236.356303] ? drm_framebuffer_init+0x44/0x300 [ 236.356812] ? report_bug+0x278/0x2e0 [ 236.357323] ? handle_bug+0x5c/0xb0 [ 236.357740] ? exc_invalid_op+0x1c/0x50 [ 236.358109] ? asm_exc_invalid_op+0x1f/0x30 [ 236.358903] ? drm_framebuffer_init+0x44/0x300 [ 236.359456] ? add_dr+0xc1/0x1d0 [ 236.359825] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 236.360678] ? add_dr+0x148/0x1d0 [ 236.361123] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 236.361803] ? __drmm_add_action+0x1a4/0x280 [ 236.362331] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 236.362833] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 236.363245] ? __drmm_add_action_or_reset+0x22/0x50 [ 236.363833] ? __schedule+0xc70/0x27e0 [ 236.364205] ? __pfx_read_tsc+0x10/0x10 [ 236.364785] ? ktime_get_ts64+0x86/0x230 [ 236.365428] kunit_try_run_case+0x1b3/0x490 [ 236.365955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 236.366690] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 236.367589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 236.368268] ? __kthread_parkme+0x82/0x160 [ 236.368707] ? preempt_count_sub+0x50/0x80 [ 236.369425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 236.369820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 236.370570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 236.371241] kthread+0x257/0x310 [ 236.371652] ? __pfx_kthread+0x10/0x10 [ 236.372143] ret_from_fork+0x41/0x80 [ 236.372623] ? __pfx_kthread+0x10/0x10 [ 236.373352] ret_from_fork_asm+0x1a/0x30 [ 236.373753] </TASK> [ 236.374738] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 236.265089] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 236.266491] WARNING: CPU: 1 PID: 2046 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 236.269475] Modules linked in: [ 236.269908] CPU: 1 UID: 0 PID: 2046 Comm: kunit_try_catch Tainted: G B D N 6.13.0-rc1-next-20241205 #1 [ 236.271790] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 236.272481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 236.274039] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 236.274818] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 d4 50 80 00 48 c7 c1 c0 28 bb 8d 4c 89 fa 48 c7 c7 20 29 bb 8d 48 89 c6 e8 cb f5 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 236.277310] RSP: 0000:ffff888107b7fbd8 EFLAGS: 00010282 [ 236.277901] RAX: 0000000000000000 RBX: ffff888107b7fcb0 RCX: 1ffffffff1d24254 [ 236.278737] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 236.279956] RBP: ffff888107b7fc00 R08: 0000000000000000 R09: fffffbfff1d24254 [ 236.281278] R10: 0000000000000003 R11: 00000000000250c0 R12: ffff888107b7fc88 [ 236.282469] R13: ffff888103ec2000 R14: ffff888103c93000 R15: ffff888103b5e180 [ 236.283028] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 236.284069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.284592] CR2: 00007ffff7ffe000 CR3: 000000004a8b8000 CR4: 00000000000006f0 [ 236.285213] DR0: ffffffff8fbed164 DR1: ffffffff8fbed169 DR2: ffffffff8fbed16a [ 236.286088] DR3: ffffffff8fbed16b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 236.286696] Call Trace: [ 236.287163] <TASK> [ 236.287509] ? show_regs+0x68/0x80 [ 236.288126] ? __warn+0xd5/0x260 [ 236.288520] ? drm_framebuffer_free+0x136/0x1b0 [ 236.288959] ? report_bug+0x278/0x2e0 [ 236.289620] ? handle_bug+0x5c/0xb0 [ 236.289940] ? exc_invalid_op+0x1c/0x50 [ 236.290564] ? asm_exc_invalid_op+0x1f/0x30 [ 236.290920] ? drm_framebuffer_free+0x136/0x1b0 [ 236.291610] ? drm_framebuffer_free+0x135/0x1b0 [ 236.292323] drm_test_framebuffer_free+0x1ac/0x610 [ 236.293132] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 236.293672] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 236.294524] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 236.295159] ? __drmm_add_action_or_reset+0x22/0x50 [ 236.295664] ? __schedule+0xc70/0x27e0 [ 236.296229] ? __pfx_read_tsc+0x10/0x10 [ 236.296710] ? ktime_get_ts64+0x86/0x230 [ 236.297241] kunit_try_run_case+0x1b3/0x490 [ 236.297786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 236.298432] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 236.298806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 236.299443] ? __kthread_parkme+0x82/0x160 [ 236.299863] ? preempt_count_sub+0x50/0x80 [ 236.300349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 236.300934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 236.301377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 236.301969] kthread+0x257/0x310 [ 236.302386] ? __pfx_kthread+0x10/0x10 [ 236.302733] ret_from_fork+0x41/0x80 [ 236.303234] ? __pfx_kthread+0x10/0x10 [ 236.303866] ret_from_fork_asm+0x1a/0x30 [ 236.304348] </TASK> [ 236.304758] ---[ end trace 0000000000000000 ]---
Failure - kunit - _kasan
_kasan fail
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 36.517430] ================================================================== [ 36.518228] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 36.518228] [ 36.518938] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#104): [ 36.519477] test_out_of_bounds_write+0x10e/0x260 [ 36.520228] kunit_try_run_case+0x1b3/0x490 [ 36.520638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.521286] kthread+0x257/0x310 [ 36.521562] ret_from_fork+0x41/0x80 [ 36.522083] ret_from_fork_asm+0x1a/0x30 [ 36.522576] [ 36.522872] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.522872] [ 36.523574] allocated by task 300 on cpu 1 at 36.517349s (0.006221s ago): [ 36.524138] test_alloc+0x2a7/0x10d0 [ 36.524636] test_out_of_bounds_write+0xd5/0x260 [ 36.525164] kunit_try_run_case+0x1b3/0x490 [ 36.525476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.526060] kthread+0x257/0x310 [ 36.526474] ret_from_fork+0x41/0x80 [ 36.526778] ret_from_fork_asm+0x1a/0x30 [ 36.527237] [ 36.527436] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 36.528441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.528967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.529533] ================================================================== [ 36.101540] ================================================================== [ 36.102163] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 36.102163] [ 36.102847] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#100): [ 36.103660] test_out_of_bounds_write+0x10e/0x260 [ 36.104172] kunit_try_run_case+0x1b3/0x490 [ 36.104564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.105037] kthread+0x257/0x310 [ 36.105442] ret_from_fork+0x41/0x80 [ 36.105821] ret_from_fork_asm+0x1a/0x30 [ 36.106242] [ 36.106413] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 36.106413] [ 36.107342] allocated by task 298 on cpu 0 at 36.101402s (0.005935s ago): [ 36.108123] test_alloc+0x35f/0x10d0 [ 36.108453] test_out_of_bounds_write+0xd5/0x260 [ 36.108798] kunit_try_run_case+0x1b3/0x490 [ 36.109307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.110050] kthread+0x257/0x310 [ 36.110379] ret_from_fork+0x41/0x80 [ 36.110738] ret_from_fork_asm+0x1a/0x30 [ 36.111088] [ 36.111285] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 36.112178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.112918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.113582] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 28.480198] ================================================================== [ 28.480792] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 28.481343] Free of addr ffff8881025ed7c0 by task kunit_try_catch/199 [ 28.483511] [ 28.483725] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.485210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.485510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.486713] Call Trace: [ 28.486944] <TASK> [ 28.487235] dump_stack_lvl+0x73/0xb0 [ 28.487590] print_report+0xd1/0x640 [ 28.488046] ? __virt_addr_valid+0x1db/0x2d0 [ 28.488581] ? kfree_sensitive+0x2e/0x90 [ 28.489187] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.489875] ? kfree_sensitive+0x2e/0x90 [ 28.490258] kasan_report_invalid_free+0xc0/0xf0 [ 28.491721] ? kfree_sensitive+0x2e/0x90 [ 28.492069] ? kfree_sensitive+0x2e/0x90 [ 28.492891] check_slab_allocation+0x101/0x130 [ 28.493600] __kasan_slab_pre_free+0x28/0x40 [ 28.494264] kfree+0xf1/0x3f0 [ 28.494674] ? kfree_sensitive+0x2e/0x90 [ 28.495146] kfree_sensitive+0x2e/0x90 [ 28.496274] kmalloc_double_kzfree+0x19d/0x360 [ 28.497437] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 28.498543] ? __schedule+0xc70/0x27e0 [ 28.499495] ? __pfx_read_tsc+0x10/0x10 [ 28.500036] ? ktime_get_ts64+0x86/0x230 [ 28.500464] kunit_try_run_case+0x1b3/0x490 [ 28.501702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.502273] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.502780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.504068] ? __kthread_parkme+0x82/0x160 [ 28.504738] ? preempt_count_sub+0x50/0x80 [ 28.505479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.506153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.506751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.507962] kthread+0x257/0x310 [ 28.508462] ? __pfx_kthread+0x10/0x10 [ 28.508980] ret_from_fork+0x41/0x80 [ 28.509813] ? __pfx_kthread+0x10/0x10 [ 28.510575] ret_from_fork_asm+0x1a/0x30 [ 28.511025] </TASK> [ 28.511582] [ 28.512033] Allocated by task 199: [ 28.512723] kasan_save_stack+0x3d/0x60 [ 28.513243] kasan_save_track+0x18/0x40 [ 28.514014] kasan_save_alloc_info+0x3b/0x50 [ 28.515070] __kasan_kmalloc+0xb7/0xc0 [ 28.515581] __kmalloc_cache_noprof+0x184/0x410 [ 28.516609] kmalloc_double_kzfree+0xaa/0x360 [ 28.517392] kunit_try_run_case+0x1b3/0x490 [ 28.517955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.518708] kthread+0x257/0x310 [ 28.519196] ret_from_fork+0x41/0x80 [ 28.519642] ret_from_fork_asm+0x1a/0x30 [ 28.520431] [ 28.520907] Freed by task 199: [ 28.521747] kasan_save_stack+0x3d/0x60 [ 28.522130] kasan_save_track+0x18/0x40 [ 28.522615] kasan_save_free_info+0x3f/0x60 [ 28.523505] __kasan_slab_free+0x56/0x70 [ 28.524452] kfree+0x123/0x3f0 [ 28.525230] kfree_sensitive+0x67/0x90 [ 28.525624] kmalloc_double_kzfree+0x12c/0x360 [ 28.526492] kunit_try_run_case+0x1b3/0x490 [ 28.527221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.527720] kthread+0x257/0x310 [ 28.528573] ret_from_fork+0x41/0x80 [ 28.529255] ret_from_fork_asm+0x1a/0x30 [ 28.529833] [ 28.530242] The buggy address belongs to the object at ffff8881025ed7c0 [ 28.530242] which belongs to the cache kmalloc-16 of size 16 [ 28.531892] The buggy address is located 0 bytes inside of [ 28.531892] 16-byte region [ffff8881025ed7c0, ffff8881025ed7d0) [ 28.532555] [ 28.532661] The buggy address belongs to the physical page: [ 28.533303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 28.534371] flags: 0x200000000000000(node=0|zone=2) [ 28.535166] page_type: f5(slab) [ 28.535494] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.536158] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.536855] page dumped because: kasan: bad access detected [ 28.537457] [ 28.537715] Memory state around the buggy address: [ 28.538345] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 28.539165] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.540173] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 28.540955] ^ [ 28.541523] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.542305] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.543130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 28.419492] ================================================================== [ 28.421231] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 28.421959] Read of size 1 at addr ffff8881025ed7c0 by task kunit_try_catch/199 [ 28.422652] [ 28.423425] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.424963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.425747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.426935] Call Trace: [ 28.427151] <TASK> [ 28.428205] dump_stack_lvl+0x73/0xb0 [ 28.428617] print_report+0xd1/0x640 [ 28.429453] ? __virt_addr_valid+0x1db/0x2d0 [ 28.430300] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.431411] kasan_report+0x102/0x140 [ 28.431790] ? kmalloc_double_kzfree+0x19d/0x360 [ 28.432874] ? kmalloc_double_kzfree+0x19d/0x360 [ 28.433406] ? kmalloc_double_kzfree+0x19d/0x360 [ 28.434299] __kasan_check_byte+0x3d/0x50 [ 28.434726] kfree_sensitive+0x22/0x90 [ 28.435449] kmalloc_double_kzfree+0x19d/0x360 [ 28.435861] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 28.436997] ? __schedule+0xc70/0x27e0 [ 28.437466] ? __pfx_read_tsc+0x10/0x10 [ 28.438465] ? ktime_get_ts64+0x86/0x230 [ 28.438875] kunit_try_run_case+0x1b3/0x490 [ 28.439439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.439877] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.440998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.441857] ? __kthread_parkme+0x82/0x160 [ 28.442611] ? preempt_count_sub+0x50/0x80 [ 28.443542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.444516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.445483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.446500] kthread+0x257/0x310 [ 28.447088] ? __pfx_kthread+0x10/0x10 [ 28.447564] ret_from_fork+0x41/0x80 [ 28.447820] ? __pfx_kthread+0x10/0x10 [ 28.448116] ret_from_fork_asm+0x1a/0x30 [ 28.448765] </TASK> [ 28.449187] [ 28.449351] Allocated by task 199: [ 28.449934] kasan_save_stack+0x3d/0x60 [ 28.450649] kasan_save_track+0x18/0x40 [ 28.451368] kasan_save_alloc_info+0x3b/0x50 [ 28.452235] __kasan_kmalloc+0xb7/0xc0 [ 28.452622] __kmalloc_cache_noprof+0x184/0x410 [ 28.453166] kmalloc_double_kzfree+0xaa/0x360 [ 28.453660] kunit_try_run_case+0x1b3/0x490 [ 28.454214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.455115] kthread+0x257/0x310 [ 28.455508] ret_from_fork+0x41/0x80 [ 28.456349] ret_from_fork_asm+0x1a/0x30 [ 28.456748] [ 28.456915] Freed by task 199: [ 28.457370] kasan_save_stack+0x3d/0x60 [ 28.457943] kasan_save_track+0x18/0x40 [ 28.458824] kasan_save_free_info+0x3f/0x60 [ 28.459493] __kasan_slab_free+0x56/0x70 [ 28.459716] kfree+0x123/0x3f0 [ 28.460494] kfree_sensitive+0x67/0x90 [ 28.460947] kmalloc_double_kzfree+0x12c/0x360 [ 28.461734] kunit_try_run_case+0x1b3/0x490 [ 28.462119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.462993] kthread+0x257/0x310 [ 28.463527] ret_from_fork+0x41/0x80 [ 28.464338] ret_from_fork_asm+0x1a/0x30 [ 28.464711] [ 28.465024] The buggy address belongs to the object at ffff8881025ed7c0 [ 28.465024] which belongs to the cache kmalloc-16 of size 16 [ 28.466255] The buggy address is located 0 bytes inside of [ 28.466255] freed 16-byte region [ffff8881025ed7c0, ffff8881025ed7d0) [ 28.468300] [ 28.468488] The buggy address belongs to the physical page: [ 28.469091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 28.469838] flags: 0x200000000000000(node=0|zone=2) [ 28.470466] page_type: f5(slab) [ 28.471423] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.472423] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.473005] page dumped because: kasan: bad access detected [ 28.474123] [ 28.474353] Memory state around the buggy address: [ 28.474891] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 28.475548] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.476190] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 28.477072] ^ [ 28.477537] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.478324] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.479222] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 28.295276] ================================================================== [ 28.296279] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 28.296897] Write of size 33 at addr ffff8881029ff300 by task kunit_try_catch/193 [ 28.297306] [ 28.297503] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.298598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.299300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.300715] Call Trace: [ 28.301143] <TASK> [ 28.301421] dump_stack_lvl+0x73/0xb0 [ 28.302175] print_report+0xd1/0x640 [ 28.302630] ? __virt_addr_valid+0x1db/0x2d0 [ 28.303144] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.304163] kasan_report+0x102/0x140 [ 28.304550] ? kmalloc_uaf_memset+0x1a4/0x360 [ 28.305177] ? kmalloc_uaf_memset+0x1a4/0x360 [ 28.305570] kasan_check_range+0x10c/0x1c0 [ 28.306295] __asan_memset+0x27/0x50 [ 28.306824] kmalloc_uaf_memset+0x1a4/0x360 [ 28.307351] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 28.308059] ? __schedule+0xc70/0x27e0 [ 28.308370] ? __pfx_read_tsc+0x10/0x10 [ 28.309254] ? ktime_get_ts64+0x86/0x230 [ 28.309623] kunit_try_run_case+0x1b3/0x490 [ 28.310357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.310843] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.311496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.312131] ? __kthread_parkme+0x82/0x160 [ 28.312528] ? preempt_count_sub+0x50/0x80 [ 28.313016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.314101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.314637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.315131] kthread+0x257/0x310 [ 28.315458] ? __pfx_kthread+0x10/0x10 [ 28.315900] ret_from_fork+0x41/0x80 [ 28.316468] ? __pfx_kthread+0x10/0x10 [ 28.316960] ret_from_fork_asm+0x1a/0x30 [ 28.317482] </TASK> [ 28.317703] [ 28.318148] Allocated by task 193: [ 28.318437] kasan_save_stack+0x3d/0x60 [ 28.319080] kasan_save_track+0x18/0x40 [ 28.319401] kasan_save_alloc_info+0x3b/0x50 [ 28.319966] __kasan_kmalloc+0xb7/0xc0 [ 28.320372] __kmalloc_cache_noprof+0x184/0x410 [ 28.320886] kmalloc_uaf_memset+0xaa/0x360 [ 28.321497] kunit_try_run_case+0x1b3/0x490 [ 28.322095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.322604] kthread+0x257/0x310 [ 28.323073] ret_from_fork+0x41/0x80 [ 28.323550] ret_from_fork_asm+0x1a/0x30 [ 28.324231] [ 28.324459] Freed by task 193: [ 28.324964] kasan_save_stack+0x3d/0x60 [ 28.326004] kasan_save_track+0x18/0x40 [ 28.326660] kasan_save_free_info+0x3f/0x60 [ 28.327277] __kasan_slab_free+0x56/0x70 [ 28.327790] kfree+0x123/0x3f0 [ 28.328475] kmalloc_uaf_memset+0x12c/0x360 [ 28.329083] kunit_try_run_case+0x1b3/0x490 [ 28.329431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.329938] kthread+0x257/0x310 [ 28.330524] ret_from_fork+0x41/0x80 [ 28.330980] ret_from_fork_asm+0x1a/0x30 [ 28.331592] [ 28.331853] The buggy address belongs to the object at ffff8881029ff300 [ 28.331853] which belongs to the cache kmalloc-64 of size 64 [ 28.333290] The buggy address is located 0 bytes inside of [ 28.333290] freed 64-byte region [ffff8881029ff300, ffff8881029ff340) [ 28.334522] [ 28.334928] The buggy address belongs to the physical page: [ 28.335817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ff [ 28.336676] flags: 0x200000000000000(node=0|zone=2) [ 28.337100] page_type: f5(slab) [ 28.337489] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.338487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.339330] page dumped because: kasan: bad access detected [ 28.339912] [ 28.340207] Memory state around the buggy address: [ 28.340761] ffff8881029ff200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.341503] ffff8881029ff280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.342368] >ffff8881029ff300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.343166] ^ [ 28.343506] ffff8881029ff380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.344358] ffff8881029ff400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.344915] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 28.168822] ================================================================== [ 28.170045] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 28.170993] Read of size 64 at addr ffff888101ab3404 by task kunit_try_catch/189 [ 28.171913] [ 28.172579] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.173926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.174665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.175577] Call Trace: [ 28.176165] <TASK> [ 28.176427] dump_stack_lvl+0x73/0xb0 [ 28.177492] print_report+0xd1/0x640 [ 28.177972] ? __virt_addr_valid+0x1db/0x2d0 [ 28.178552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.179561] kasan_report+0x102/0x140 [ 28.180667] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 28.181587] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 28.182188] kasan_check_range+0x10c/0x1c0 [ 28.182699] __asan_memmove+0x27/0x70 [ 28.183129] kmalloc_memmove_invalid_size+0x170/0x330 [ 28.183747] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 28.184398] ? __schedule+0xc70/0x27e0 [ 28.185037] ? __pfx_read_tsc+0x10/0x10 [ 28.185972] ? ktime_get_ts64+0x86/0x230 [ 28.186912] kunit_try_run_case+0x1b3/0x490 [ 28.187382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.188246] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.188796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.189543] ? __kthread_parkme+0x82/0x160 [ 28.190183] ? preempt_count_sub+0x50/0x80 [ 28.190579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.191356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.191863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.192422] kthread+0x257/0x310 [ 28.192790] ? __pfx_kthread+0x10/0x10 [ 28.193143] ret_from_fork+0x41/0x80 [ 28.193769] ? __pfx_kthread+0x10/0x10 [ 28.194398] ret_from_fork_asm+0x1a/0x30 [ 28.194814] </TASK> [ 28.195118] [ 28.195297] Allocated by task 189: [ 28.195620] kasan_save_stack+0x3d/0x60 [ 28.195940] kasan_save_track+0x18/0x40 [ 28.196491] kasan_save_alloc_info+0x3b/0x50 [ 28.197288] __kasan_kmalloc+0xb7/0xc0 [ 28.197642] __kmalloc_cache_noprof+0x184/0x410 [ 28.198724] kmalloc_memmove_invalid_size+0xad/0x330 [ 28.199885] kunit_try_run_case+0x1b3/0x490 [ 28.200462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.201625] kthread+0x257/0x310 [ 28.202470] ret_from_fork+0x41/0x80 [ 28.203256] ret_from_fork_asm+0x1a/0x30 [ 28.203851] [ 28.204057] The buggy address belongs to the object at ffff888101ab3400 [ 28.204057] which belongs to the cache kmalloc-64 of size 64 [ 28.205153] The buggy address is located 4 bytes inside of [ 28.205153] allocated 64-byte region [ffff888101ab3400, ffff888101ab3440) [ 28.206934] [ 28.207534] The buggy address belongs to the physical page: [ 28.208458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab3 [ 28.209456] flags: 0x200000000000000(node=0|zone=2) [ 28.210495] page_type: f5(slab) [ 28.211435] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.212419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.213279] page dumped because: kasan: bad access detected [ 28.214125] [ 28.214325] Memory state around the buggy address: [ 28.214822] ffff888101ab3300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 28.216092] ffff888101ab3380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.216756] >ffff888101ab3400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 28.217620] ^ [ 28.218798] ffff888101ab3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.220612] ffff888101ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.221601] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 185.797051] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 67.110504] ================================================================== [ 67.111144] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 67.111144] [ 67.112134] Use-after-free read at 0x(____ptrval____) (in kfence-#172): [ 67.112796] test_krealloc+0x6fd/0xbe0 [ 67.113250] kunit_try_run_case+0x1b3/0x490 [ 67.113853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.114333] kthread+0x257/0x310 [ 67.114603] ret_from_fork+0x41/0x80 [ 67.115338] ret_from_fork_asm+0x1a/0x30 [ 67.116190] [ 67.116616] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 67.116616] [ 67.117630] allocated by task 344 on cpu 0 at 67.109516s (0.008110s ago): [ 67.118556] test_alloc+0x35f/0x10d0 [ 67.118964] test_krealloc+0xae/0xbe0 [ 67.119437] kunit_try_run_case+0x1b3/0x490 [ 67.119955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.120822] kthread+0x257/0x310 [ 67.121242] ret_from_fork+0x41/0x80 [ 67.121708] ret_from_fork_asm+0x1a/0x30 [ 67.122165] [ 67.122357] freed by task 344 on cpu 0 at 67.109856s (0.012497s ago): [ 67.123125] krealloc_noprof+0x108/0x340 [ 67.123490] test_krealloc+0x227/0xbe0 [ 67.123923] kunit_try_run_case+0x1b3/0x490 [ 67.124389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.125378] kthread+0x257/0x310 [ 67.125722] ret_from_fork+0x41/0x80 [ 67.126236] ret_from_fork_asm+0x1a/0x30 [ 67.126574] [ 67.126915] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 67.127609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.128174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.128810] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 67.026450] ================================================================== [ 67.027047] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 67.027047] [ 67.028048] Use-after-free read at 0x(____ptrval____) (in kfence-#171): [ 67.028794] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 67.029334] kunit_try_run_case+0x1b3/0x490 [ 67.029868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.030383] kthread+0x257/0x310 [ 67.030714] ret_from_fork+0x41/0x80 [ 67.031210] ret_from_fork_asm+0x1a/0x30 [ 67.031597] [ 67.031867] kfence-#171: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 67.031867] [ 67.032726] allocated by task 342 on cpu 0 at 67.006073s (0.026648s ago): [ 67.033221] test_alloc+0x2a7/0x10d0 [ 67.033705] test_memcache_typesafe_by_rcu+0x170/0x670 [ 67.034306] kunit_try_run_case+0x1b3/0x490 [ 67.034662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.035332] kthread+0x257/0x310 [ 67.035673] ret_from_fork+0x41/0x80 [ 67.036180] ret_from_fork_asm+0x1a/0x30 [ 67.036593] [ 67.036906] freed by task 342 on cpu 0 at 67.006326s (0.030576s ago): [ 67.037527] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 67.038049] kunit_try_run_case+0x1b3/0x490 [ 67.038395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 67.039118] kthread+0x257/0x310 [ 67.039428] ret_from_fork+0x41/0x80 [ 67.039887] ret_from_fork_asm+0x1a/0x30 [ 67.040271] [ 67.040524] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 67.041239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 67.041657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.042517] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 43.293649] ================================================================== [ 43.294464] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 43.294464] [ 43.295215] Invalid read at 0x(____ptrval____): [ 43.296374] test_invalid_access+0xf1/0x210 [ 43.296745] kunit_try_run_case+0x1b3/0x490 [ 43.297488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.298445] kthread+0x257/0x310 [ 43.298981] ret_from_fork+0x41/0x80 [ 43.299621] ret_from_fork_asm+0x1a/0x30 [ 43.300174] [ 43.300539] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 43.301476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 43.301977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 43.303882] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 28.118906] ================================================================== [ 28.119787] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 28.120730] Read of size 18446744073709551614 at addr ffff888101ab3284 by task kunit_try_catch/187 [ 28.122166] [ 28.122520] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.123801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.124385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.125343] Call Trace: [ 28.125599] <TASK> [ 28.126107] dump_stack_lvl+0x73/0xb0 [ 28.126809] print_report+0xd1/0x640 [ 28.127357] ? __virt_addr_valid+0x1db/0x2d0 [ 28.127872] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.128332] kasan_report+0x102/0x140 [ 28.129103] ? kmalloc_memmove_negative_size+0x172/0x330 [ 28.129578] ? kmalloc_memmove_negative_size+0x172/0x330 [ 28.130248] kasan_check_range+0x10c/0x1c0 [ 28.130820] __asan_memmove+0x27/0x70 [ 28.131306] kmalloc_memmove_negative_size+0x172/0x330 [ 28.131862] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 28.132566] ? __schedule+0xc70/0x27e0 [ 28.132952] ? __pfx_read_tsc+0x10/0x10 [ 28.133518] ? ktime_get_ts64+0x86/0x230 [ 28.134128] kunit_try_run_case+0x1b3/0x490 [ 28.134566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.135074] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.135479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.136067] ? __kthread_parkme+0x82/0x160 [ 28.136446] ? preempt_count_sub+0x50/0x80 [ 28.137165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.137664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.138504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.139179] kthread+0x257/0x310 [ 28.139468] ? __pfx_kthread+0x10/0x10 [ 28.140134] ret_from_fork+0x41/0x80 [ 28.140547] ? __pfx_kthread+0x10/0x10 [ 28.141120] ret_from_fork_asm+0x1a/0x30 [ 28.141627] </TASK> [ 28.141922] [ 28.142300] Allocated by task 187: [ 28.142649] kasan_save_stack+0x3d/0x60 [ 28.143331] kasan_save_track+0x18/0x40 [ 28.143714] kasan_save_alloc_info+0x3b/0x50 [ 28.144368] __kasan_kmalloc+0xb7/0xc0 [ 28.144646] __kmalloc_cache_noprof+0x184/0x410 [ 28.145355] kmalloc_memmove_negative_size+0xad/0x330 [ 28.146107] kunit_try_run_case+0x1b3/0x490 [ 28.146432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.147169] kthread+0x257/0x310 [ 28.147593] ret_from_fork+0x41/0x80 [ 28.148265] ret_from_fork_asm+0x1a/0x30 [ 28.148628] [ 28.148852] The buggy address belongs to the object at ffff888101ab3280 [ 28.148852] which belongs to the cache kmalloc-64 of size 64 [ 28.150006] The buggy address is located 4 bytes inside of [ 28.150006] 64-byte region [ffff888101ab3280, ffff888101ab32c0) [ 28.150975] [ 28.151186] The buggy address belongs to the physical page: [ 28.151938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab3 [ 28.152742] flags: 0x200000000000000(node=0|zone=2) [ 28.153372] page_type: f5(slab) [ 28.153930] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.155142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.155798] page dumped because: kasan: bad access detected [ 28.156540] [ 28.156826] Memory state around the buggy address: [ 28.157580] ffff888101ab3180: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 28.158334] ffff888101ab3200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.159247] >ffff888101ab3280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 28.159911] ^ [ 28.160403] ffff888101ab3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.161282] ffff888101ab3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.162115] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 27.894496] ================================================================== [ 27.896254] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 27.897621] Write of size 2 at addr ffff888101aaef77 by task kunit_try_catch/179 [ 27.898425] [ 27.899141] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.900229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.900745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.901574] Call Trace: [ 27.902348] <TASK> [ 27.902751] dump_stack_lvl+0x73/0xb0 [ 27.903241] print_report+0xd1/0x640 [ 27.903707] ? __virt_addr_valid+0x1db/0x2d0 [ 27.904542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.905345] kasan_report+0x102/0x140 [ 27.906132] ? kmalloc_oob_memset_2+0x167/0x330 [ 27.906574] ? kmalloc_oob_memset_2+0x167/0x330 [ 27.907080] kasan_check_range+0x10c/0x1c0 [ 27.907662] __asan_memset+0x27/0x50 [ 27.908388] kmalloc_oob_memset_2+0x167/0x330 [ 27.908793] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 27.909346] ? __schedule+0xc70/0x27e0 [ 27.910134] ? __pfx_read_tsc+0x10/0x10 [ 27.910508] ? ktime_get_ts64+0x86/0x230 [ 27.910888] kunit_try_run_case+0x1b3/0x490 [ 27.911246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.911810] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.912787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.913779] ? __kthread_parkme+0x82/0x160 [ 27.914185] ? preempt_count_sub+0x50/0x80 [ 27.914612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.915529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.915968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.917152] kthread+0x257/0x310 [ 27.917486] ? __pfx_kthread+0x10/0x10 [ 27.918076] ret_from_fork+0x41/0x80 [ 27.918577] ? __pfx_kthread+0x10/0x10 [ 27.919038] ret_from_fork_asm+0x1a/0x30 [ 27.919621] </TASK> [ 27.919916] [ 27.920739] Allocated by task 179: [ 27.921610] kasan_save_stack+0x3d/0x60 [ 27.922166] kasan_save_track+0x18/0x40 [ 27.922826] kasan_save_alloc_info+0x3b/0x50 [ 27.923526] __kasan_kmalloc+0xb7/0xc0 [ 27.924383] __kmalloc_cache_noprof+0x184/0x410 [ 27.925467] kmalloc_oob_memset_2+0xad/0x330 [ 27.925898] kunit_try_run_case+0x1b3/0x490 [ 27.926488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.927497] kthread+0x257/0x310 [ 27.927754] ret_from_fork+0x41/0x80 [ 27.928512] ret_from_fork_asm+0x1a/0x30 [ 27.929450] [ 27.929631] The buggy address belongs to the object at ffff888101aaef00 [ 27.929631] which belongs to the cache kmalloc-128 of size 128 [ 27.931209] The buggy address is located 119 bytes inside of [ 27.931209] allocated 120-byte region [ffff888101aaef00, ffff888101aaef78) [ 27.932818] [ 27.933281] The buggy address belongs to the physical page: [ 27.933775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aae [ 27.935082] flags: 0x200000000000000(node=0|zone=2) [ 27.935786] page_type: f5(slab) [ 27.936456] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.937718] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.938474] page dumped because: kasan: bad access detected [ 27.938917] [ 27.939370] Memory state around the buggy address: [ 27.940388] ffff888101aaee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.941464] ffff888101aaee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.942300] >ffff888101aaef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.942574] ^ [ 27.942956] ffff888101aaef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.943737] ffff888101aaf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.944528] ================================================================== [ 27.950487] ================================================================== [ 27.951578] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 27.952246] Write of size 4 at addr ffff888101ab2175 by task kunit_try_catch/181 [ 27.953215] [ 27.953404] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.956125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.956654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.957618] Call Trace: [ 27.958243] <TASK> [ 27.958468] dump_stack_lvl+0x73/0xb0 [ 27.959279] print_report+0xd1/0x640 [ 27.959963] ? __virt_addr_valid+0x1db/0x2d0 [ 27.960773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.961877] kasan_report+0x102/0x140 [ 27.962476] ? kmalloc_oob_memset_4+0x167/0x330 [ 27.963295] ? kmalloc_oob_memset_4+0x167/0x330 [ 27.963517] kasan_check_range+0x10c/0x1c0 [ 27.963756] __asan_memset+0x27/0x50 [ 27.964734] kmalloc_oob_memset_4+0x167/0x330 [ 27.965536] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 27.966364] ? __schedule+0xc70/0x27e0 [ 27.966899] ? __pfx_read_tsc+0x10/0x10 [ 27.967507] ? ktime_get_ts64+0x86/0x230 [ 27.968096] kunit_try_run_case+0x1b3/0x490 [ 27.968559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.969303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.969701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.970196] ? __kthread_parkme+0x82/0x160 [ 27.970668] ? preempt_count_sub+0x50/0x80 [ 27.971494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.972215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.972914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.973512] kthread+0x257/0x310 [ 27.973889] ? __pfx_kthread+0x10/0x10 [ 27.974606] ret_from_fork+0x41/0x80 [ 27.975233] ? __pfx_kthread+0x10/0x10 [ 27.975733] ret_from_fork_asm+0x1a/0x30 [ 27.976157] </TASK> [ 27.976391] [ 27.976559] Allocated by task 181: [ 27.976940] kasan_save_stack+0x3d/0x60 [ 27.977419] kasan_save_track+0x18/0x40 [ 27.977961] kasan_save_alloc_info+0x3b/0x50 [ 27.978607] __kasan_kmalloc+0xb7/0xc0 [ 27.979150] __kmalloc_cache_noprof+0x184/0x410 [ 27.979724] kmalloc_oob_memset_4+0xad/0x330 [ 27.980357] kunit_try_run_case+0x1b3/0x490 [ 27.980832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.981936] kthread+0x257/0x310 [ 27.982746] ret_from_fork+0x41/0x80 [ 27.983562] ret_from_fork_asm+0x1a/0x30 [ 27.983926] [ 27.984184] The buggy address belongs to the object at ffff888101ab2100 [ 27.984184] which belongs to the cache kmalloc-128 of size 128 [ 27.985127] The buggy address is located 117 bytes inside of [ 27.985127] allocated 120-byte region [ffff888101ab2100, ffff888101ab2178) [ 27.986213] [ 27.986813] The buggy address belongs to the physical page: [ 27.987314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 27.988407] flags: 0x200000000000000(node=0|zone=2) [ 27.988838] page_type: f5(slab) [ 27.989504] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.990622] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.991838] page dumped because: kasan: bad access detected [ 27.992343] [ 27.992731] Memory state around the buggy address: [ 27.993429] ffff888101ab2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 27.994820] ffff888101ab2080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.995791] >ffff888101ab2100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.996713] ^ [ 27.998469] ffff888101ab2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.999985] ffff888101ab2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.001266] ================================================================== [ 28.007640] ================================================================== [ 28.009151] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 28.010399] Write of size 8 at addr ffff8881029fe571 by task kunit_try_catch/183 [ 28.011744] [ 28.012268] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.013912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.014761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.016082] Call Trace: [ 28.016628] <TASK> [ 28.017091] dump_stack_lvl+0x73/0xb0 [ 28.017455] print_report+0xd1/0x640 [ 28.017834] ? __virt_addr_valid+0x1db/0x2d0 [ 28.019014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.019677] kasan_report+0x102/0x140 [ 28.020167] ? kmalloc_oob_memset_8+0x167/0x330 [ 28.020597] ? kmalloc_oob_memset_8+0x167/0x330 [ 28.021258] kasan_check_range+0x10c/0x1c0 [ 28.021601] __asan_memset+0x27/0x50 [ 28.021895] kmalloc_oob_memset_8+0x167/0x330 [ 28.022509] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 28.023264] ? __schedule+0xc70/0x27e0 [ 28.024489] ? __pfx_read_tsc+0x10/0x10 [ 28.025147] ? ktime_get_ts64+0x86/0x230 [ 28.025799] kunit_try_run_case+0x1b3/0x490 [ 28.026626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.027143] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.027755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.028455] ? __kthread_parkme+0x82/0x160 [ 28.028929] ? preempt_count_sub+0x50/0x80 [ 28.029776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.030425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.031301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.032219] kthread+0x257/0x310 [ 28.032533] ? __pfx_kthread+0x10/0x10 [ 28.033184] ret_from_fork+0x41/0x80 [ 28.033883] ? __pfx_kthread+0x10/0x10 [ 28.034405] ret_from_fork_asm+0x1a/0x30 [ 28.035114] </TASK> [ 28.035622] [ 28.035914] Allocated by task 183: [ 28.036507] kasan_save_stack+0x3d/0x60 [ 28.037037] kasan_save_track+0x18/0x40 [ 28.037544] kasan_save_alloc_info+0x3b/0x50 [ 28.038144] __kasan_kmalloc+0xb7/0xc0 [ 28.038560] __kmalloc_cache_noprof+0x184/0x410 [ 28.039409] kmalloc_oob_memset_8+0xad/0x330 [ 28.040388] kunit_try_run_case+0x1b3/0x490 [ 28.041473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.042496] kthread+0x257/0x310 [ 28.043161] ret_from_fork+0x41/0x80 [ 28.043583] ret_from_fork_asm+0x1a/0x30 [ 28.044193] [ 28.044618] The buggy address belongs to the object at ffff8881029fe500 [ 28.044618] which belongs to the cache kmalloc-128 of size 128 [ 28.045797] The buggy address is located 113 bytes inside of [ 28.045797] allocated 120-byte region [ffff8881029fe500, ffff8881029fe578) [ 28.047253] [ 28.047619] The buggy address belongs to the physical page: [ 28.048272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fe [ 28.048988] flags: 0x200000000000000(node=0|zone=2) [ 28.049560] page_type: f5(slab) [ 28.050187] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.050907] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.051646] page dumped because: kasan: bad access detected [ 28.052329] [ 28.052640] Memory state around the buggy address: [ 28.053532] ffff8881029fe400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.054359] ffff8881029fe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.055050] >ffff8881029fe500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.055988] ^ [ 28.056533] ffff8881029fe580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.057276] ffff8881029fe600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.058138] ================================================================== [ 28.064599] ================================================================== [ 28.065979] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 28.066953] Write of size 16 at addr ffff8881029fe769 by task kunit_try_catch/185 [ 28.067759] [ 28.068190] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.068970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.069603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.070561] Call Trace: [ 28.071188] <TASK> [ 28.071886] dump_stack_lvl+0x73/0xb0 [ 28.072518] print_report+0xd1/0x640 [ 28.073101] ? __virt_addr_valid+0x1db/0x2d0 [ 28.073547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.074289] kasan_report+0x102/0x140 [ 28.074648] ? kmalloc_oob_memset_16+0x167/0x330 [ 28.075600] ? kmalloc_oob_memset_16+0x167/0x330 [ 28.076268] kasan_check_range+0x10c/0x1c0 [ 28.076755] __asan_memset+0x27/0x50 [ 28.077377] kmalloc_oob_memset_16+0x167/0x330 [ 28.077961] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 28.078591] ? __schedule+0xc70/0x27e0 [ 28.079236] ? __pfx_read_tsc+0x10/0x10 [ 28.079803] ? ktime_get_ts64+0x86/0x230 [ 28.080274] kunit_try_run_case+0x1b3/0x490 [ 28.080849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.081252] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.082159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.082640] ? __kthread_parkme+0x82/0x160 [ 28.083302] ? preempt_count_sub+0x50/0x80 [ 28.083878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.084543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.085437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.086117] kthread+0x257/0x310 [ 28.086359] ? __pfx_kthread+0x10/0x10 [ 28.087291] ret_from_fork+0x41/0x80 [ 28.087759] ? __pfx_kthread+0x10/0x10 [ 28.088415] ret_from_fork_asm+0x1a/0x30 [ 28.089205] </TASK> [ 28.089396] [ 28.089592] Allocated by task 185: [ 28.090169] kasan_save_stack+0x3d/0x60 [ 28.090606] kasan_save_track+0x18/0x40 [ 28.091379] kasan_save_alloc_info+0x3b/0x50 [ 28.091756] __kasan_kmalloc+0xb7/0xc0 [ 28.092265] __kmalloc_cache_noprof+0x184/0x410 [ 28.093361] kmalloc_oob_memset_16+0xad/0x330 [ 28.093747] kunit_try_run_case+0x1b3/0x490 [ 28.094504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.095312] kthread+0x257/0x310 [ 28.095647] ret_from_fork+0x41/0x80 [ 28.096750] ret_from_fork_asm+0x1a/0x30 [ 28.097096] [ 28.097375] The buggy address belongs to the object at ffff8881029fe700 [ 28.097375] which belongs to the cache kmalloc-128 of size 128 [ 28.099571] The buggy address is located 105 bytes inside of [ 28.099571] allocated 120-byte region [ffff8881029fe700, ffff8881029fe778) [ 28.100487] [ 28.100596] The buggy address belongs to the physical page: [ 28.100941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fe [ 28.102435] flags: 0x200000000000000(node=0|zone=2) [ 28.103526] page_type: f5(slab) [ 28.103925] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.105012] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.105629] page dumped because: kasan: bad access detected [ 28.106516] [ 28.106836] Memory state around the buggy address: [ 28.108198] ffff8881029fe600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.108829] ffff8881029fe680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.109813] >ffff8881029fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.110627] ^ [ 28.111417] ffff8881029fe780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.111736] ffff8881029fe800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.112330] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 27.841594] ================================================================== [ 27.842670] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 27.843328] Write of size 128 at addr ffff888101aaee00 by task kunit_try_catch/177 [ 27.844049] [ 27.845142] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.846121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.846628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.847599] Call Trace: [ 27.847965] <TASK> [ 27.848713] dump_stack_lvl+0x73/0xb0 [ 27.849334] print_report+0xd1/0x640 [ 27.849734] ? __virt_addr_valid+0x1db/0x2d0 [ 27.850673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.852013] kasan_report+0x102/0x140 [ 27.853128] ? kmalloc_oob_in_memset+0x160/0x320 [ 27.853616] ? kmalloc_oob_in_memset+0x160/0x320 [ 27.854674] kasan_check_range+0x10c/0x1c0 [ 27.855383] __asan_memset+0x27/0x50 [ 27.856111] kmalloc_oob_in_memset+0x160/0x320 [ 27.856553] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 27.857405] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 27.858302] kunit_try_run_case+0x1b3/0x490 [ 27.858738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.859461] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.860503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.861495] ? __kthread_parkme+0x82/0x160 [ 27.861909] ? preempt_count_sub+0x50/0x80 [ 27.862643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.863426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.864460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.865325] kthread+0x257/0x310 [ 27.865866] ? __pfx_kthread+0x10/0x10 [ 27.866553] ret_from_fork+0x41/0x80 [ 27.866945] ? __pfx_kthread+0x10/0x10 [ 27.867847] ret_from_fork_asm+0x1a/0x30 [ 27.868302] </TASK> [ 27.869051] [ 27.869486] Allocated by task 177: [ 27.870347] kasan_save_stack+0x3d/0x60 [ 27.870993] kasan_save_track+0x18/0x40 [ 27.871613] kasan_save_alloc_info+0x3b/0x50 [ 27.872042] __kasan_kmalloc+0xb7/0xc0 [ 27.872374] __kmalloc_cache_noprof+0x184/0x410 [ 27.872966] kmalloc_oob_in_memset+0xad/0x320 [ 27.873365] kunit_try_run_case+0x1b3/0x490 [ 27.873918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.874333] kthread+0x257/0x310 [ 27.874770] ret_from_fork+0x41/0x80 [ 27.875253] ret_from_fork_asm+0x1a/0x30 [ 27.875745] [ 27.876081] The buggy address belongs to the object at ffff888101aaee00 [ 27.876081] which belongs to the cache kmalloc-128 of size 128 [ 27.877008] The buggy address is located 0 bytes inside of [ 27.877008] allocated 120-byte region [ffff888101aaee00, ffff888101aaee78) [ 27.878416] [ 27.878646] The buggy address belongs to the physical page: [ 27.879059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aae [ 27.879919] flags: 0x200000000000000(node=0|zone=2) [ 27.880266] page_type: f5(slab) [ 27.880621] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.881626] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.882258] page dumped because: kasan: bad access detected [ 27.882709] [ 27.882935] Memory state around the buggy address: [ 27.883496] ffff888101aaed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 27.884450] ffff888101aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.885185] >ffff888101aaee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.885835] ^ [ 27.886527] ffff888101aaee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.886962] ffff888101aaef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.887579] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 28.227611] ================================================================== [ 28.229276] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 28.230839] Read of size 1 at addr ffff888101a5bc08 by task kunit_try_catch/191 [ 28.231656] [ 28.232531] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.233643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.234447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.235355] Call Trace: [ 28.235622] <TASK> [ 28.235843] dump_stack_lvl+0x73/0xb0 [ 28.236250] print_report+0xd1/0x640 [ 28.237072] ? __virt_addr_valid+0x1db/0x2d0 [ 28.237624] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.238171] kasan_report+0x102/0x140 [ 28.238723] ? kmalloc_uaf+0x322/0x380 [ 28.240243] ? kmalloc_uaf+0x322/0x380 [ 28.240777] __asan_report_load1_noabort+0x18/0x20 [ 28.241391] kmalloc_uaf+0x322/0x380 [ 28.242439] ? __pfx_kmalloc_uaf+0x10/0x10 [ 28.242894] ? __schedule+0xc70/0x27e0 [ 28.243193] ? __pfx_read_tsc+0x10/0x10 [ 28.243654] ? ktime_get_ts64+0x86/0x230 [ 28.244643] kunit_try_run_case+0x1b3/0x490 [ 28.245347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.245780] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.246663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.247395] ? __kthread_parkme+0x82/0x160 [ 28.247808] ? preempt_count_sub+0x50/0x80 [ 28.248632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.249776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.250485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.251125] kthread+0x257/0x310 [ 28.251573] ? __pfx_kthread+0x10/0x10 [ 28.252264] ret_from_fork+0x41/0x80 [ 28.253284] ? __pfx_kthread+0x10/0x10 [ 28.253704] ret_from_fork_asm+0x1a/0x30 [ 28.254345] </TASK> [ 28.254603] [ 28.255653] Allocated by task 191: [ 28.256262] kasan_save_stack+0x3d/0x60 [ 28.256950] kasan_save_track+0x18/0x40 [ 28.257546] kasan_save_alloc_info+0x3b/0x50 [ 28.258660] __kasan_kmalloc+0xb7/0xc0 [ 28.259374] __kmalloc_cache_noprof+0x184/0x410 [ 28.260268] kmalloc_uaf+0xab/0x380 [ 28.260710] kunit_try_run_case+0x1b3/0x490 [ 28.261811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.262370] kthread+0x257/0x310 [ 28.262735] ret_from_fork+0x41/0x80 [ 28.263081] ret_from_fork_asm+0x1a/0x30 [ 28.263518] [ 28.264307] Freed by task 191: [ 28.264553] kasan_save_stack+0x3d/0x60 [ 28.265273] kasan_save_track+0x18/0x40 [ 28.265948] kasan_save_free_info+0x3f/0x60 [ 28.266621] __kasan_slab_free+0x56/0x70 [ 28.267424] kfree+0x123/0x3f0 [ 28.267726] kmalloc_uaf+0x12d/0x380 [ 28.268557] kunit_try_run_case+0x1b3/0x490 [ 28.269518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.270379] kthread+0x257/0x310 [ 28.271106] ret_from_fork+0x41/0x80 [ 28.271660] ret_from_fork_asm+0x1a/0x30 [ 28.272453] [ 28.272920] The buggy address belongs to the object at ffff888101a5bc00 [ 28.272920] which belongs to the cache kmalloc-16 of size 16 [ 28.274776] The buggy address is located 8 bytes inside of [ 28.274776] freed 16-byte region [ffff888101a5bc00, ffff888101a5bc10) [ 28.276847] [ 28.276994] The buggy address belongs to the physical page: [ 28.277836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a5b [ 28.279089] flags: 0x200000000000000(node=0|zone=2) [ 28.279646] page_type: f5(slab) [ 28.280724] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.281641] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.282581] page dumped because: kasan: bad access detected [ 28.283266] [ 28.283439] Memory state around the buggy address: [ 28.283991] ffff888101a5bb00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 28.284649] ffff888101a5bb80: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.285733] >ffff888101a5bc00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.286185] ^ [ 28.286768] ffff888101a5bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.287618] ffff888101a5bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.288643] ================================================================== [ 27.778408] ================================================================== [ 27.779626] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 27.781138] Read of size 16 at addr ffff8881025ed7a0 by task kunit_try_catch/175 [ 27.781765] [ 27.782399] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.783804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.784701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.785458] Call Trace: [ 27.785767] <TASK> [ 27.786037] dump_stack_lvl+0x73/0xb0 [ 27.786451] print_report+0xd1/0x640 [ 27.786762] ? __virt_addr_valid+0x1db/0x2d0 [ 27.787286] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.787958] kasan_report+0x102/0x140 [ 27.789249] ? kmalloc_uaf_16+0x47d/0x4c0 [ 27.789909] ? kmalloc_uaf_16+0x47d/0x4c0 [ 27.790285] __asan_report_load16_noabort+0x18/0x20 [ 27.790732] kmalloc_uaf_16+0x47d/0x4c0 [ 27.791479] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 27.792382] ? __schedule+0xc70/0x27e0 [ 27.792849] ? __pfx_read_tsc+0x10/0x10 [ 27.793707] ? ktime_get_ts64+0x86/0x230 [ 27.794294] kunit_try_run_case+0x1b3/0x490 [ 27.794750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.795222] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.796217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.796658] ? __kthread_parkme+0x82/0x160 [ 27.797264] ? preempt_count_sub+0x50/0x80 [ 27.797975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.798707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.799396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.800499] kthread+0x257/0x310 [ 27.801053] ? __pfx_kthread+0x10/0x10 [ 27.801470] ret_from_fork+0x41/0x80 [ 27.802218] ? __pfx_kthread+0x10/0x10 [ 27.802836] ret_from_fork_asm+0x1a/0x30 [ 27.803517] </TASK> [ 27.803649] [ 27.803816] Allocated by task 175: [ 27.804387] kasan_save_stack+0x3d/0x60 [ 27.805206] kasan_save_track+0x18/0x40 [ 27.806135] kasan_save_alloc_info+0x3b/0x50 [ 27.806853] __kasan_kmalloc+0xb7/0xc0 [ 27.807280] __kmalloc_cache_noprof+0x184/0x410 [ 27.807672] kmalloc_uaf_16+0x15c/0x4c0 [ 27.808404] kunit_try_run_case+0x1b3/0x490 [ 27.808863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.809585] kthread+0x257/0x310 [ 27.810164] ret_from_fork+0x41/0x80 [ 27.810606] ret_from_fork_asm+0x1a/0x30 [ 27.811261] [ 27.811627] Freed by task 175: [ 27.811912] kasan_save_stack+0x3d/0x60 [ 27.812528] kasan_save_track+0x18/0x40 [ 27.812931] kasan_save_free_info+0x3f/0x60 [ 27.813431] __kasan_slab_free+0x56/0x70 [ 27.814040] kfree+0x123/0x3f0 [ 27.814388] kmalloc_uaf_16+0x1d7/0x4c0 [ 27.814760] kunit_try_run_case+0x1b3/0x490 [ 27.815641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.816514] kthread+0x257/0x310 [ 27.817149] ret_from_fork+0x41/0x80 [ 27.817650] ret_from_fork_asm+0x1a/0x30 [ 27.818318] [ 27.818482] The buggy address belongs to the object at ffff8881025ed7a0 [ 27.818482] which belongs to the cache kmalloc-16 of size 16 [ 27.819960] The buggy address is located 0 bytes inside of [ 27.819960] freed 16-byte region [ffff8881025ed7a0, ffff8881025ed7b0) [ 27.820990] [ 27.821386] The buggy address belongs to the physical page: [ 27.822100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 27.822605] flags: 0x200000000000000(node=0|zone=2) [ 27.823332] page_type: f5(slab) [ 27.823732] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.824325] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.826634] page dumped because: kasan: bad access detected [ 27.827095] [ 27.827501] Memory state around the buggy address: [ 27.828791] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 27.829917] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.830829] >ffff8881025ed780: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 27.832098] ^ [ 27.832832] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.833835] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.834893] ================================================================== [ 28.350760] ================================================================== [ 28.351888] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 28.352509] Read of size 1 at addr ffff888101ab36a8 by task kunit_try_catch/195 [ 28.353653] [ 28.353976] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.354985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.355557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.356512] Call Trace: [ 28.356855] <TASK> [ 28.357192] dump_stack_lvl+0x73/0xb0 [ 28.357934] print_report+0xd1/0x640 [ 28.358589] ? __virt_addr_valid+0x1db/0x2d0 [ 28.359333] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.359966] kasan_report+0x102/0x140 [ 28.360472] ? kmalloc_uaf2+0x4aa/0x520 [ 28.360668] ? kmalloc_uaf2+0x4aa/0x520 [ 28.361307] __asan_report_load1_noabort+0x18/0x20 [ 28.361967] kmalloc_uaf2+0x4aa/0x520 [ 28.362420] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 28.362976] ? __pfx_read_tsc+0x10/0x10 [ 28.363543] ? __pfx_read_tsc+0x10/0x10 [ 28.364315] ? __pfx_read_tsc+0x10/0x10 [ 28.364889] ? ktime_get_ts64+0x86/0x230 [ 28.365731] kunit_try_run_case+0x1b3/0x490 [ 28.366525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.366982] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.368052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.368824] ? __kthread_parkme+0x82/0x160 [ 28.369492] ? preempt_count_sub+0x50/0x80 [ 28.370075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.370533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.372389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.372953] kthread+0x257/0x310 [ 28.373468] ? __pfx_kthread+0x10/0x10 [ 28.373873] ret_from_fork+0x41/0x80 [ 28.375200] ? __pfx_kthread+0x10/0x10 [ 28.375634] ret_from_fork_asm+0x1a/0x30 [ 28.376848] </TASK> [ 28.377393] [ 28.378190] Allocated by task 195: [ 28.379205] kasan_save_stack+0x3d/0x60 [ 28.379611] kasan_save_track+0x18/0x40 [ 28.381016] kasan_save_alloc_info+0x3b/0x50 [ 28.381558] __kasan_kmalloc+0xb7/0xc0 [ 28.382601] __kmalloc_cache_noprof+0x184/0x410 [ 28.382994] kmalloc_uaf2+0xc7/0x520 [ 28.383818] kunit_try_run_case+0x1b3/0x490 [ 28.384080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.385494] kthread+0x257/0x310 [ 28.386076] ret_from_fork+0x41/0x80 [ 28.386744] ret_from_fork_asm+0x1a/0x30 [ 28.387637] [ 28.387824] Freed by task 195: [ 28.388676] kasan_save_stack+0x3d/0x60 [ 28.389531] kasan_save_track+0x18/0x40 [ 28.389900] kasan_save_free_info+0x3f/0x60 [ 28.390360] __kasan_slab_free+0x56/0x70 [ 28.391626] kfree+0x123/0x3f0 [ 28.391993] kmalloc_uaf2+0x14d/0x520 [ 28.392643] kunit_try_run_case+0x1b3/0x490 [ 28.393211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.394183] kthread+0x257/0x310 [ 28.394521] ret_from_fork+0x41/0x80 [ 28.395067] ret_from_fork_asm+0x1a/0x30 [ 28.395568] [ 28.395777] The buggy address belongs to the object at ffff888101ab3680 [ 28.395777] which belongs to the cache kmalloc-64 of size 64 [ 28.396948] The buggy address is located 40 bytes inside of [ 28.396948] freed 64-byte region [ffff888101ab3680, ffff888101ab36c0) [ 28.399051] [ 28.399522] The buggy address belongs to the physical page: [ 28.400491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab3 [ 28.401409] flags: 0x200000000000000(node=0|zone=2) [ 28.401953] page_type: f5(slab) [ 28.402432] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.403346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.404287] page dumped because: kasan: bad access detected [ 28.404778] [ 28.405355] Memory state around the buggy address: [ 28.405699] ffff888101ab3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.406528] ffff888101ab3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.407300] >ffff888101ab3680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.408180] ^ [ 28.408673] ffff888101ab3700: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 28.409311] ffff888101ab3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.410320] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 43.069955] ================================================================== [ 43.071022] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 43.071022] [ 43.071501] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#167): [ 43.075409] test_kmalloc_aligned_oob_write+0x251/0x340 [ 43.076377] kunit_try_run_case+0x1b3/0x490 [ 43.077372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.077706] kthread+0x257/0x310 [ 43.078846] ret_from_fork+0x41/0x80 [ 43.079506] ret_from_fork_asm+0x1a/0x30 [ 43.080401] [ 43.080554] kfence-#167: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 43.080554] [ 43.082154] allocated by task 332 on cpu 0 at 43.069561s (0.012589s ago): [ 43.083435] test_alloc+0x35f/0x10d0 [ 43.083918] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 43.084220] kunit_try_run_case+0x1b3/0x490 [ 43.084482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.085732] kthread+0x257/0x310 [ 43.086357] ret_from_fork+0x41/0x80 [ 43.087192] ret_from_fork_asm+0x1a/0x30 [ 43.088188] [ 43.088693] freed by task 332 on cpu 0 at 43.069770s (0.018919s ago): [ 43.089881] test_kmalloc_aligned_oob_write+0x251/0x340 [ 43.090533] kunit_try_run_case+0x1b3/0x490 [ 43.091138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 43.092087] kthread+0x257/0x310 [ 43.093021] ret_from_fork+0x41/0x80 [ 43.093790] ret_from_fork_asm+0x1a/0x30 [ 43.094050] [ 43.094223] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 43.095233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 43.096256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 43.098483] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 42.861639] ================================================================== [ 42.862345] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 42.862345] [ 42.863241] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#165): [ 42.863997] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 42.864450] kunit_try_run_case+0x1b3/0x490 [ 42.864957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 42.865341] kthread+0x257/0x310 [ 42.865668] ret_from_fork+0x41/0x80 [ 42.866174] ret_from_fork_asm+0x1a/0x30 [ 42.866729] [ 42.866942] kfence-#165: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 42.866942] [ 42.867735] allocated by task 330 on cpu 1 at 42.861365s (0.006365s ago): [ 42.868432] test_alloc+0x35f/0x10d0 [ 42.868740] test_kmalloc_aligned_oob_read+0x106/0x570 [ 42.869317] kunit_try_run_case+0x1b3/0x490 [ 42.869716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 42.870169] kthread+0x257/0x310 [ 42.870598] ret_from_fork+0x41/0x80 [ 42.870946] ret_from_fork_asm+0x1a/0x30 [ 42.871396] [ 42.871618] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 42.872570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 42.872876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 42.873740] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 38.493530] ================================================================== [ 38.494428] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 38.494428] [ 38.495104] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#123): [ 38.496517] test_corruption+0x132/0x3e0 [ 38.497033] kunit_try_run_case+0x1b3/0x490 [ 38.497417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.497996] kthread+0x257/0x310 [ 38.498451] ret_from_fork+0x41/0x80 [ 38.498878] ret_from_fork_asm+0x1a/0x30 [ 38.499326] [ 38.499575] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.499575] [ 38.500172] allocated by task 320 on cpu 1 at 38.493375s (0.006793s ago): [ 38.501064] test_alloc+0x2a7/0x10d0 [ 38.501343] test_corruption+0xe7/0x3e0 [ 38.501867] kunit_try_run_case+0x1b3/0x490 [ 38.502393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.503074] kthread+0x257/0x310 [ 38.503338] ret_from_fork+0x41/0x80 [ 38.503818] ret_from_fork_asm+0x1a/0x30 [ 38.504316] [ 38.504544] freed by task 320 on cpu 1 at 38.493432s (0.011107s ago): [ 38.505292] test_corruption+0x132/0x3e0 [ 38.505585] kunit_try_run_case+0x1b3/0x490 [ 38.506257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.506948] kthread+0x257/0x310 [ 38.507360] ret_from_fork+0x41/0x80 [ 38.507648] ret_from_fork_asm+0x1a/0x30 [ 38.508190] [ 38.508633] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 38.509313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.509607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.511021] ================================================================== [ 37.765771] ================================================================== [ 37.766519] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 37.766519] [ 37.767278] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#116): [ 37.768089] test_corruption+0x2e1/0x3e0 [ 37.768414] kunit_try_run_case+0x1b3/0x490 [ 37.768854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.769479] kthread+0x257/0x310 [ 37.769826] ret_from_fork+0x41/0x80 [ 37.770146] ret_from_fork_asm+0x1a/0x30 [ 37.770597] [ 37.770873] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.770873] [ 37.771722] allocated by task 318 on cpu 1 at 37.765436s (0.006280s ago): [ 37.772353] test_alloc+0x35f/0x10d0 [ 37.772856] test_corruption+0x1cc/0x3e0 [ 37.773252] kunit_try_run_case+0x1b3/0x490 [ 37.773816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.774215] kthread+0x257/0x310 [ 37.774718] ret_from_fork+0x41/0x80 [ 37.775226] ret_from_fork_asm+0x1a/0x30 [ 37.775605] [ 37.775880] freed by task 318 on cpu 1 at 37.765554s (0.010322s ago): [ 37.776530] test_corruption+0x2e1/0x3e0 [ 37.776899] kunit_try_run_case+0x1b3/0x490 [ 37.777455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.778071] kthread+0x257/0x310 [ 37.778337] ret_from_fork+0x41/0x80 [ 37.778618] ret_from_fork_asm+0x1a/0x30 [ 37.779296] [ 37.779563] CPU: 1 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 37.780701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.781171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.781845] ================================================================== [ 37.661640] ================================================================== [ 37.662311] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 37.662311] [ 37.662959] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#115): [ 37.664794] test_corruption+0x2d4/0x3e0 [ 37.665183] kunit_try_run_case+0x1b3/0x490 [ 37.665697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.666119] kthread+0x257/0x310 [ 37.666576] ret_from_fork+0x41/0x80 [ 37.667016] ret_from_fork_asm+0x1a/0x30 [ 37.667421] [ 37.667674] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.667674] [ 37.668605] allocated by task 318 on cpu 1 at 37.661338s (0.007263s ago): [ 37.669055] test_alloc+0x35f/0x10d0 [ 37.669525] test_corruption+0xe7/0x3e0 [ 37.670120] kunit_try_run_case+0x1b3/0x490 [ 37.670603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.671147] kthread+0x257/0x310 [ 37.671549] ret_from_fork+0x41/0x80 [ 37.672025] ret_from_fork_asm+0x1a/0x30 [ 37.672503] [ 37.672717] freed by task 318 on cpu 1 at 37.661445s (0.011268s ago): [ 37.673304] test_corruption+0x2d4/0x3e0 [ 37.673796] kunit_try_run_case+0x1b3/0x490 [ 37.674215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.674714] kthread+0x257/0x310 [ 37.675105] ret_from_fork+0x41/0x80 [ 37.675391] ret_from_fork_asm+0x1a/0x30 [ 37.675953] [ 37.676203] CPU: 1 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 37.677077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.677509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.678033] ================================================================== [ 38.805556] ================================================================== [ 38.806293] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 38.806293] [ 38.807017] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#126): [ 38.807643] test_corruption+0x217/0x3e0 [ 38.807990] kunit_try_run_case+0x1b3/0x490 [ 38.808538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.809185] kthread+0x257/0x310 [ 38.809500] ret_from_fork+0x41/0x80 [ 38.809982] ret_from_fork_asm+0x1a/0x30 [ 38.810335] [ 38.810595] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 38.810595] [ 38.811317] allocated by task 320 on cpu 1 at 38.805383s (0.005930s ago): [ 38.812214] test_alloc+0x2a7/0x10d0 [ 38.812532] test_corruption+0x1cc/0x3e0 [ 38.812845] kunit_try_run_case+0x1b3/0x490 [ 38.813426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.814276] kthread+0x257/0x310 [ 38.814609] ret_from_fork+0x41/0x80 [ 38.814920] ret_from_fork_asm+0x1a/0x30 [ 38.815402] [ 38.815650] freed by task 320 on cpu 1 at 38.805458s (0.010187s ago): [ 38.816437] test_corruption+0x217/0x3e0 [ 38.816965] kunit_try_run_case+0x1b3/0x490 [ 38.817366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 38.817794] kthread+0x257/0x310 [ 38.818063] ret_from_fork+0x41/0x80 [ 38.818550] ret_from_fork_asm+0x1a/0x30 [ 38.819119] [ 38.819351] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 38.820305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.820968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 38.821466] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 37.245549] ================================================================== [ 37.246218] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 37.246218] [ 37.246865] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 37.247430] test_invalid_addr_free+0x1e3/0x260 [ 37.248006] kunit_try_run_case+0x1b3/0x490 [ 37.248401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.248950] kthread+0x257/0x310 [ 37.249313] ret_from_fork+0x41/0x80 [ 37.249821] ret_from_fork_asm+0x1a/0x30 [ 37.250249] [ 37.250508] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.250508] [ 37.251376] allocated by task 314 on cpu 1 at 37.245398s (0.005974s ago): [ 37.252045] test_alloc+0x35f/0x10d0 [ 37.252320] test_invalid_addr_free+0xdc/0x260 [ 37.252979] kunit_try_run_case+0x1b3/0x490 [ 37.253468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.254114] kthread+0x257/0x310 [ 37.254381] ret_from_fork+0x41/0x80 [ 37.254854] ret_from_fork_asm+0x1a/0x30 [ 37.255279] [ 37.255549] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 37.256513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.257008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.257510] ================================================================== [ 37.349535] ================================================================== [ 37.350323] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 37.350323] [ 37.351032] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 37.351487] test_invalid_addr_free+0xfc/0x260 [ 37.352110] kunit_try_run_case+0x1b3/0x490 [ 37.352523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.352990] kthread+0x257/0x310 [ 37.353302] ret_from_fork+0x41/0x80 [ 37.353781] ret_from_fork_asm+0x1a/0x30 [ 37.354112] [ 37.354379] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.354379] [ 37.355374] allocated by task 316 on cpu 1 at 37.349384s (0.005984s ago): [ 37.356211] test_alloc+0x2a7/0x10d0 [ 37.356523] test_invalid_addr_free+0xdc/0x260 [ 37.356872] kunit_try_run_case+0x1b3/0x490 [ 37.357441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.357969] kthread+0x257/0x310 [ 37.358370] ret_from_fork+0x41/0x80 [ 37.358718] ret_from_fork_asm+0x1a/0x30 [ 37.359107] [ 37.359310] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 37.360382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.360715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.361539] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 37.141747] ================================================================== [ 37.142524] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 37.142524] [ 37.144207] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 37.145250] test_double_free+0x113/0x260 [ 37.146168] kunit_try_run_case+0x1b3/0x490 [ 37.146653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.147477] kthread+0x257/0x310 [ 37.148106] ret_from_fork+0x41/0x80 [ 37.148674] ret_from_fork_asm+0x1a/0x30 [ 37.149107] [ 37.149369] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 37.149369] [ 37.150009] allocated by task 312 on cpu 0 at 37.141395s (0.008610s ago): [ 37.150787] test_alloc+0x2a7/0x10d0 [ 37.151199] test_double_free+0xdc/0x260 [ 37.151921] kunit_try_run_case+0x1b3/0x490 [ 37.152327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.152894] kthread+0x257/0x310 [ 37.153444] ret_from_fork+0x41/0x80 [ 37.153952] ret_from_fork_asm+0x1a/0x30 [ 37.154359] [ 37.154696] freed by task 312 on cpu 0 at 37.141457s (0.013216s ago): [ 37.155345] test_double_free+0xfb/0x260 [ 37.156090] kunit_try_run_case+0x1b3/0x490 [ 37.156442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.157166] kthread+0x257/0x310 [ 37.157425] ret_from_fork+0x41/0x80 [ 37.157855] ret_from_fork_asm+0x1a/0x30 [ 37.158468] [ 37.158712] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 37.159565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.160362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.161238] ================================================================== [ 37.037706] ================================================================== [ 37.038288] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 37.038288] [ 37.038638] Invalid free of 0x(____ptrval____) (in kfence-#109): [ 37.039044] test_double_free+0x1d5/0x260 [ 37.039604] kunit_try_run_case+0x1b3/0x490 [ 37.039998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.040870] kthread+0x257/0x310 [ 37.041488] ret_from_fork+0x41/0x80 [ 37.041998] ret_from_fork_asm+0x1a/0x30 [ 37.042292] [ 37.042459] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 37.042459] [ 37.043609] allocated by task 310 on cpu 1 at 37.037380s (0.006225s ago): [ 37.044078] test_alloc+0x35f/0x10d0 [ 37.044508] test_double_free+0xdc/0x260 [ 37.045043] kunit_try_run_case+0x1b3/0x490 [ 37.045364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.045930] kthread+0x257/0x310 [ 37.046337] ret_from_fork+0x41/0x80 [ 37.046844] ret_from_fork_asm+0x1a/0x30 [ 37.047286] [ 37.047483] freed by task 310 on cpu 1 at 37.037461s (0.010018s ago): [ 37.048235] test_double_free+0x1e2/0x260 [ 37.048646] kunit_try_run_case+0x1b3/0x490 [ 37.049164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 37.049726] kthread+0x257/0x310 [ 37.050206] ret_from_fork+0x41/0x80 [ 37.050563] ret_from_fork_asm+0x1a/0x30 [ 37.051003] [ 37.051282] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 37.052177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.052549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 37.053383] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 36.725955] ================================================================== [ 36.726640] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 36.726640] [ 36.727455] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 36.728156] test_use_after_free_read+0x12a/0x270 [ 36.728697] kunit_try_run_case+0x1b3/0x490 [ 36.729148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.729651] kthread+0x257/0x310 [ 36.730139] ret_from_fork+0x41/0x80 [ 36.730661] ret_from_fork_asm+0x1a/0x30 [ 36.731210] [ 36.731398] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.731398] [ 36.732350] allocated by task 304 on cpu 0 at 36.725806s (0.006539s ago): [ 36.733098] test_alloc+0x2a7/0x10d0 [ 36.733601] test_use_after_free_read+0xdd/0x270 [ 36.734146] kunit_try_run_case+0x1b3/0x490 [ 36.734468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.735166] kthread+0x257/0x310 [ 36.735472] ret_from_fork+0x41/0x80 [ 36.736141] ret_from_fork_asm+0x1a/0x30 [ 36.736489] [ 36.736846] freed by task 304 on cpu 0 at 36.725867s (0.010974s ago): [ 36.737316] test_use_after_free_read+0xfc/0x270 [ 36.737998] kunit_try_run_case+0x1b3/0x490 [ 36.738529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.739112] kthread+0x257/0x310 [ 36.739481] ret_from_fork+0x41/0x80 [ 36.740067] ret_from_fork_asm+0x1a/0x30 [ 36.740390] [ 36.740699] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 36.741646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.742116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.743082] ================================================================== [ 36.621625] ================================================================== [ 36.622360] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 36.622360] [ 36.623256] Use-after-free read at 0x(____ptrval____) (in kfence-#105): [ 36.623992] test_use_after_free_read+0x12a/0x270 [ 36.624613] kunit_try_run_case+0x1b3/0x490 [ 36.625092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.625970] kthread+0x257/0x310 [ 36.626507] ret_from_fork+0x41/0x80 [ 36.627338] ret_from_fork_asm+0x1a/0x30 [ 36.628004] [ 36.628158] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 36.628158] [ 36.629356] allocated by task 302 on cpu 0 at 36.621352s (0.008000s ago): [ 36.630335] test_alloc+0x35f/0x10d0 [ 36.630901] test_use_after_free_read+0xdd/0x270 [ 36.631477] kunit_try_run_case+0x1b3/0x490 [ 36.631952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.632533] kthread+0x257/0x310 [ 36.633107] ret_from_fork+0x41/0x80 [ 36.633582] ret_from_fork_asm+0x1a/0x30 [ 36.634160] [ 36.634635] freed by task 302 on cpu 0 at 36.621438s (0.012964s ago): [ 36.635381] test_use_after_free_read+0x1e9/0x270 [ 36.635787] kunit_try_run_case+0x1b3/0x490 [ 36.636302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.637187] kthread+0x257/0x310 [ 36.637548] ret_from_fork+0x41/0x80 [ 36.638757] ret_from_fork_asm+0x1a/0x30 [ 36.639276] [ 36.639794] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 36.640855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.641434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.642434] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 35.997524] ================================================================== [ 35.998166] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 35.998166] [ 35.998869] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#99): [ 35.999523] test_out_of_bounds_read+0x217/0x4e0 [ 36.000020] kunit_try_run_case+0x1b3/0x490 [ 36.000464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.001145] kthread+0x257/0x310 [ 36.001414] ret_from_fork+0x41/0x80 [ 36.001755] ret_from_fork_asm+0x1a/0x30 [ 36.002266] [ 36.002545] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 36.002545] [ 36.003296] allocated by task 296 on cpu 1 at 35.997451s (0.005840s ago): [ 36.003891] test_alloc+0x2a7/0x10d0 [ 36.004187] test_out_of_bounds_read+0x1e3/0x4e0 [ 36.004505] kunit_try_run_case+0x1b3/0x490 [ 36.004826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.005434] kthread+0x257/0x310 [ 36.005949] ret_from_fork+0x41/0x80 [ 36.006401] ret_from_fork_asm+0x1a/0x30 [ 36.006937] [ 36.007199] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 36.007901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.008181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.009086] ================================================================== [ 35.583260] ================================================================== [ 35.584008] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 35.584008] [ 35.584856] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#95): [ 35.585930] test_out_of_bounds_read+0x127/0x4e0 [ 35.586383] kunit_try_run_case+0x1b3/0x490 [ 35.586886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.587308] kthread+0x257/0x310 [ 35.587762] ret_from_fork+0x41/0x80 [ 35.588209] ret_from_fork_asm+0x1a/0x30 [ 35.588584] [ 35.589152] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.589152] [ 35.590106] allocated by task 294 on cpu 0 at 35.581458s (0.008526s ago): [ 35.591354] test_alloc+0x35f/0x10d0 [ 35.591735] test_out_of_bounds_read+0xee/0x4e0 [ 35.592282] kunit_try_run_case+0x1b3/0x490 [ 35.592632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.593349] kthread+0x257/0x310 [ 35.593621] ret_from_fork+0x41/0x80 [ 35.594154] ret_from_fork_asm+0x1a/0x30 [ 35.594574] [ 35.594939] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.595975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.596402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.597465] ================================================================== [ 35.893403] ================================================================== [ 35.894162] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 35.894162] [ 35.894866] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#98): [ 35.895453] test_out_of_bounds_read+0x127/0x4e0 [ 35.896057] kunit_try_run_case+0x1b3/0x490 [ 35.896435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.896863] kthread+0x257/0x310 [ 35.897291] ret_from_fork+0x41/0x80 [ 35.897605] ret_from_fork_asm+0x1a/0x30 [ 35.898131] [ 35.898301] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.898301] [ 35.899247] allocated by task 296 on cpu 1 at 35.893339s (0.005904s ago): [ 35.900013] test_alloc+0x2a7/0x10d0 [ 35.900347] test_out_of_bounds_read+0xee/0x4e0 [ 35.900836] kunit_try_run_case+0x1b3/0x490 [ 35.901356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.901889] kthread+0x257/0x310 [ 35.902330] ret_from_fork+0x41/0x80 [ 35.902617] ret_from_fork_asm+0x1a/0x30 [ 35.903172] [ 35.903371] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.904451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.904767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.905629] ================================================================== [ 35.685746] ================================================================== [ 35.686428] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 35.686428] [ 35.687132] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#96): [ 35.687832] test_out_of_bounds_read+0x217/0x4e0 [ 35.688273] kunit_try_run_case+0x1b3/0x490 [ 35.688803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.689374] kthread+0x257/0x310 [ 35.689739] ret_from_fork+0x41/0x80 [ 35.690211] ret_from_fork_asm+0x1a/0x30 [ 35.690546] [ 35.690774] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 35.690774] [ 35.691620] allocated by task 294 on cpu 0 at 35.685469s (0.006147s ago): [ 35.692152] test_alloc+0x35f/0x10d0 [ 35.692750] test_out_of_bounds_read+0x1e3/0x4e0 [ 35.693155] kunit_try_run_case+0x1b3/0x490 [ 35.693727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.694189] kthread+0x257/0x310 [ 35.694532] ret_from_fork+0x41/0x80 [ 35.695017] ret_from_fork_asm+0x1a/0x30 [ 35.695468] [ 35.695666] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.696760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.697288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.697862] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 35.434596] ================================================================== [ 35.435369] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 35.436040] Write of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.436744] [ 35.437065] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.438164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.438638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.439530] Call Trace: [ 35.439844] <TASK> [ 35.440228] dump_stack_lvl+0x73/0xb0 [ 35.440750] print_report+0xd1/0x640 [ 35.441183] ? __virt_addr_valid+0x1db/0x2d0 [ 35.441633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.442239] kasan_report+0x102/0x140 [ 35.442908] ? strncpy_from_user+0x2e/0x1e0 [ 35.443404] ? strncpy_from_user+0x2e/0x1e0 [ 35.443918] kasan_check_range+0x10c/0x1c0 [ 35.444256] __kasan_check_write+0x18/0x20 [ 35.444563] strncpy_from_user+0x2e/0x1e0 [ 35.444938] ? __kasan_check_read+0x15/0x20 [ 35.445510] copy_user_test_oob+0x761/0x10f0 [ 35.446304] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.446983] ? finish_task_switch.isra.0+0x153/0x700 [ 35.447643] ? __switch_to+0x5d9/0xf60 [ 35.448154] ? irqentry_exit+0x2a/0x60 [ 35.448555] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.449121] ? trace_hardirqs_on+0x37/0xe0 [ 35.449428] ? __pfx_read_tsc+0x10/0x10 [ 35.449738] ? ktime_get_ts64+0x86/0x230 [ 35.450399] kunit_try_run_case+0x1b3/0x490 [ 35.451065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.451654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.452374] ? __kthread_parkme+0x82/0x160 [ 35.452934] ? preempt_count_sub+0x50/0x80 [ 35.453346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.453945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.454355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.454748] kthread+0x257/0x310 [ 35.455355] ? __pfx_kthread+0x10/0x10 [ 35.455976] ret_from_fork+0x41/0x80 [ 35.456440] ? __pfx_kthread+0x10/0x10 [ 35.456758] ret_from_fork_asm+0x1a/0x30 [ 35.457420] </TASK> [ 35.457776] [ 35.458044] Allocated by task 292: [ 35.458471] kasan_save_stack+0x3d/0x60 [ 35.458955] kasan_save_track+0x18/0x40 [ 35.459244] kasan_save_alloc_info+0x3b/0x50 [ 35.459879] __kasan_kmalloc+0xb7/0xc0 [ 35.460424] __kmalloc_noprof+0x1c4/0x500 [ 35.461026] kunit_kmalloc_array+0x25/0x60 [ 35.461554] copy_user_test_oob+0xac/0x10f0 [ 35.462054] kunit_try_run_case+0x1b3/0x490 [ 35.462556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.463186] kthread+0x257/0x310 [ 35.463592] ret_from_fork+0x41/0x80 [ 35.464130] ret_from_fork_asm+0x1a/0x30 [ 35.464613] [ 35.464945] The buggy address belongs to the object at ffff888101ac8600 [ 35.464945] which belongs to the cache kmalloc-128 of size 128 [ 35.466184] The buggy address is located 0 bytes inside of [ 35.466184] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.467240] [ 35.467409] The buggy address belongs to the physical page: [ 35.468188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.468990] flags: 0x200000000000000(node=0|zone=2) [ 35.469322] page_type: f5(slab) [ 35.469859] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.470642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.471314] page dumped because: kasan: bad access detected [ 35.471982] [ 35.472148] Memory state around the buggy address: [ 35.472448] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.472834] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.473635] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.474406] ^ [ 35.475065] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.475906] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.476573] ================================================================== [ 35.477879] ================================================================== [ 35.478633] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 35.479315] Write of size 1 at addr ffff888101ac8678 by task kunit_try_catch/292 [ 35.480157] [ 35.480441] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.481469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.482038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.482911] Call Trace: [ 35.483190] <TASK> [ 35.483543] dump_stack_lvl+0x73/0xb0 [ 35.483975] print_report+0xd1/0x640 [ 35.484503] ? __virt_addr_valid+0x1db/0x2d0 [ 35.485047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.485606] kasan_report+0x102/0x140 [ 35.486178] ? strncpy_from_user+0x1a7/0x1e0 [ 35.486591] ? strncpy_from_user+0x1a7/0x1e0 [ 35.487281] __asan_report_store1_noabort+0x1b/0x30 [ 35.487897] strncpy_from_user+0x1a7/0x1e0 [ 35.488501] copy_user_test_oob+0x761/0x10f0 [ 35.489247] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.489912] ? finish_task_switch.isra.0+0x153/0x700 [ 35.490819] ? __switch_to+0x5d9/0xf60 [ 35.491446] ? irqentry_exit+0x2a/0x60 [ 35.491958] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.492409] ? trace_hardirqs_on+0x37/0xe0 [ 35.493034] ? __pfx_read_tsc+0x10/0x10 [ 35.493891] ? ktime_get_ts64+0x86/0x230 [ 35.494427] kunit_try_run_case+0x1b3/0x490 [ 35.495060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.495787] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.496245] ? __kthread_parkme+0x82/0x160 [ 35.497108] ? preempt_count_sub+0x50/0x80 [ 35.497731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.498486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.498783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.499269] kthread+0x257/0x310 [ 35.499668] ? __pfx_kthread+0x10/0x10 [ 35.500423] ret_from_fork+0x41/0x80 [ 35.500970] ? __pfx_kthread+0x10/0x10 [ 35.501307] ret_from_fork_asm+0x1a/0x30 [ 35.501714] </TASK> [ 35.502006] [ 35.502195] Allocated by task 292: [ 35.502594] kasan_save_stack+0x3d/0x60 [ 35.503137] kasan_save_track+0x18/0x40 [ 35.503497] kasan_save_alloc_info+0x3b/0x50 [ 35.504019] __kasan_kmalloc+0xb7/0xc0 [ 35.504484] __kmalloc_noprof+0x1c4/0x500 [ 35.504843] kunit_kmalloc_array+0x25/0x60 [ 35.505426] copy_user_test_oob+0xac/0x10f0 [ 35.506150] kunit_try_run_case+0x1b3/0x490 [ 35.506821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.507248] kthread+0x257/0x310 [ 35.507754] ret_from_fork+0x41/0x80 [ 35.508223] ret_from_fork_asm+0x1a/0x30 [ 35.508863] [ 35.509200] The buggy address belongs to the object at ffff888101ac8600 [ 35.509200] which belongs to the cache kmalloc-128 of size 128 [ 35.510310] The buggy address is located 0 bytes to the right of [ 35.510310] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.511552] [ 35.511935] The buggy address belongs to the physical page: [ 35.512471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.513261] flags: 0x200000000000000(node=0|zone=2) [ 35.513969] page_type: f5(slab) [ 35.514298] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.515213] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.516027] page dumped because: kasan: bad access detected [ 35.516599] [ 35.516948] Memory state around the buggy address: [ 35.517258] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.518066] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.518988] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.519745] ^ [ 35.520495] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.521267] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.521882] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 35.351293] ================================================================== [ 35.351913] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 35.352502] Write of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.353379] [ 35.353643] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.354937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.355742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.356960] Call Trace: [ 35.357384] <TASK> [ 35.357961] dump_stack_lvl+0x73/0xb0 [ 35.358241] print_report+0xd1/0x640 [ 35.359180] ? __virt_addr_valid+0x1db/0x2d0 [ 35.359701] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.360306] kasan_report+0x102/0x140 [ 35.360498] ? copy_user_test_oob+0x558/0x10f0 [ 35.360750] ? copy_user_test_oob+0x558/0x10f0 [ 35.361402] kasan_check_range+0x10c/0x1c0 [ 35.362430] __kasan_check_write+0x18/0x20 [ 35.362749] copy_user_test_oob+0x558/0x10f0 [ 35.363219] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.364047] ? finish_task_switch.isra.0+0x153/0x700 [ 35.364655] ? __switch_to+0x5d9/0xf60 [ 35.365185] ? irqentry_exit+0x2a/0x60 [ 35.365587] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.366134] ? trace_hardirqs_on+0x37/0xe0 [ 35.366574] ? __pfx_read_tsc+0x10/0x10 [ 35.367181] ? ktime_get_ts64+0x86/0x230 [ 35.367758] kunit_try_run_case+0x1b3/0x490 [ 35.368364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.369302] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.369836] ? __kthread_parkme+0x82/0x160 [ 35.370204] ? preempt_count_sub+0x50/0x80 [ 35.370567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.371062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.371512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.372230] kthread+0x257/0x310 [ 35.372547] ? __pfx_kthread+0x10/0x10 [ 35.373092] ret_from_fork+0x41/0x80 [ 35.373429] ? __pfx_kthread+0x10/0x10 [ 35.373801] ret_from_fork_asm+0x1a/0x30 [ 35.374327] </TASK> [ 35.374659] [ 35.374933] Allocated by task 292: [ 35.375262] kasan_save_stack+0x3d/0x60 [ 35.375742] kasan_save_track+0x18/0x40 [ 35.376121] kasan_save_alloc_info+0x3b/0x50 [ 35.376576] __kasan_kmalloc+0xb7/0xc0 [ 35.377094] __kmalloc_noprof+0x1c4/0x500 [ 35.377386] kunit_kmalloc_array+0x25/0x60 [ 35.377946] copy_user_test_oob+0xac/0x10f0 [ 35.378482] kunit_try_run_case+0x1b3/0x490 [ 35.378948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.379407] kthread+0x257/0x310 [ 35.379708] ret_from_fork+0x41/0x80 [ 35.380242] ret_from_fork_asm+0x1a/0x30 [ 35.380727] [ 35.380965] The buggy address belongs to the object at ffff888101ac8600 [ 35.380965] which belongs to the cache kmalloc-128 of size 128 [ 35.382120] The buggy address is located 0 bytes inside of [ 35.382120] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.383033] [ 35.383292] The buggy address belongs to the physical page: [ 35.383872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.384635] flags: 0x200000000000000(node=0|zone=2) [ 35.385161] page_type: f5(slab) [ 35.385486] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.386294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.387078] page dumped because: kasan: bad access detected [ 35.387497] [ 35.387822] Memory state around the buggy address: [ 35.388314] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.388799] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.389550] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.390040] ^ [ 35.390840] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.391447] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.391998] ================================================================== [ 35.297396] ================================================================== [ 35.298757] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 35.299768] Read of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.301430] [ 35.301797] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.303013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.303539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.304498] Call Trace: [ 35.305429] <TASK> [ 35.305671] dump_stack_lvl+0x73/0xb0 [ 35.306436] print_report+0xd1/0x640 [ 35.307016] ? __virt_addr_valid+0x1db/0x2d0 [ 35.307469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.308530] kasan_report+0x102/0x140 [ 35.309239] ? copy_user_test_oob+0x4ab/0x10f0 [ 35.309697] ? copy_user_test_oob+0x4ab/0x10f0 [ 35.310636] kasan_check_range+0x10c/0x1c0 [ 35.311235] __kasan_check_read+0x15/0x20 [ 35.311831] copy_user_test_oob+0x4ab/0x10f0 [ 35.312319] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.312815] ? finish_task_switch.isra.0+0x153/0x700 [ 35.314044] ? __switch_to+0x5d9/0xf60 [ 35.314392] ? irqentry_exit+0x2a/0x60 [ 35.315033] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.315533] ? trace_hardirqs_on+0x37/0xe0 [ 35.316272] ? __pfx_read_tsc+0x10/0x10 [ 35.316966] ? ktime_get_ts64+0x86/0x230 [ 35.317354] kunit_try_run_case+0x1b3/0x490 [ 35.318177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.318643] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.319655] ? __kthread_parkme+0x82/0x160 [ 35.320382] ? preempt_count_sub+0x50/0x80 [ 35.321154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.321609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.322537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.323285] kthread+0x257/0x310 [ 35.323725] ? __pfx_kthread+0x10/0x10 [ 35.324472] ret_from_fork+0x41/0x80 [ 35.325141] ? __pfx_kthread+0x10/0x10 [ 35.325487] ret_from_fork_asm+0x1a/0x30 [ 35.326308] </TASK> [ 35.326534] [ 35.326705] Allocated by task 292: [ 35.327224] kasan_save_stack+0x3d/0x60 [ 35.328113] kasan_save_track+0x18/0x40 [ 35.328469] kasan_save_alloc_info+0x3b/0x50 [ 35.329473] __kasan_kmalloc+0xb7/0xc0 [ 35.329895] __kmalloc_noprof+0x1c4/0x500 [ 35.330361] kunit_kmalloc_array+0x25/0x60 [ 35.331135] copy_user_test_oob+0xac/0x10f0 [ 35.331614] kunit_try_run_case+0x1b3/0x490 [ 35.332514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.333285] kthread+0x257/0x310 [ 35.333560] ret_from_fork+0x41/0x80 [ 35.334374] ret_from_fork_asm+0x1a/0x30 [ 35.334775] [ 35.335109] The buggy address belongs to the object at ffff888101ac8600 [ 35.335109] which belongs to the cache kmalloc-128 of size 128 [ 35.336745] The buggy address is located 0 bytes inside of [ 35.336745] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.338136] [ 35.338631] The buggy address belongs to the physical page: [ 35.339268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.340421] flags: 0x200000000000000(node=0|zone=2) [ 35.341191] page_type: f5(slab) [ 35.341663] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.342737] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.343627] page dumped because: kasan: bad access detected [ 35.344404] [ 35.344989] Memory state around the buggy address: [ 35.345490] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.346381] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.347080] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.347359] ^ [ 35.347633] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.348819] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.349701] ================================================================== [ 35.393235] ================================================================== [ 35.393848] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 35.394592] Read of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.395137] [ 35.395319] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.396327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.396741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.397275] Call Trace: [ 35.397494] <TASK> [ 35.397841] dump_stack_lvl+0x73/0xb0 [ 35.398328] print_report+0xd1/0x640 [ 35.398884] ? __virt_addr_valid+0x1db/0x2d0 [ 35.399442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.400029] kasan_report+0x102/0x140 [ 35.400369] ? copy_user_test_oob+0x605/0x10f0 [ 35.400718] ? copy_user_test_oob+0x605/0x10f0 [ 35.401315] kasan_check_range+0x10c/0x1c0 [ 35.401898] __kasan_check_read+0x15/0x20 [ 35.402345] copy_user_test_oob+0x605/0x10f0 [ 35.402827] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.403218] ? finish_task_switch.isra.0+0x153/0x700 [ 35.403651] ? __switch_to+0x5d9/0xf60 [ 35.404202] ? irqentry_exit+0x2a/0x60 [ 35.404657] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.405205] ? trace_hardirqs_on+0x37/0xe0 [ 35.405613] ? __pfx_read_tsc+0x10/0x10 [ 35.405977] ? ktime_get_ts64+0x86/0x230 [ 35.406282] kunit_try_run_case+0x1b3/0x490 [ 35.406915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.407454] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.407873] ? __kthread_parkme+0x82/0x160 [ 35.408195] ? preempt_count_sub+0x50/0x80 [ 35.408717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.409319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.410198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.410977] kthread+0x257/0x310 [ 35.411268] ? __pfx_kthread+0x10/0x10 [ 35.412225] ret_from_fork+0x41/0x80 [ 35.413122] ? __pfx_kthread+0x10/0x10 [ 35.413637] ret_from_fork_asm+0x1a/0x30 [ 35.414164] </TASK> [ 35.414448] [ 35.414735] Allocated by task 292: [ 35.415118] kasan_save_stack+0x3d/0x60 [ 35.415473] kasan_save_track+0x18/0x40 [ 35.415958] kasan_save_alloc_info+0x3b/0x50 [ 35.416270] __kasan_kmalloc+0xb7/0xc0 [ 35.416552] __kmalloc_noprof+0x1c4/0x500 [ 35.417147] kunit_kmalloc_array+0x25/0x60 [ 35.417716] copy_user_test_oob+0xac/0x10f0 [ 35.418374] kunit_try_run_case+0x1b3/0x490 [ 35.418888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.419287] kthread+0x257/0x310 [ 35.419550] ret_from_fork+0x41/0x80 [ 35.420125] ret_from_fork_asm+0x1a/0x30 [ 35.420725] [ 35.421059] The buggy address belongs to the object at ffff888101ac8600 [ 35.421059] which belongs to the cache kmalloc-128 of size 128 [ 35.422160] The buggy address is located 0 bytes inside of [ 35.422160] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.423614] [ 35.423904] The buggy address belongs to the physical page: [ 35.424248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.425249] flags: 0x200000000000000(node=0|zone=2) [ 35.425845] page_type: f5(slab) [ 35.426259] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.426857] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.427731] page dumped because: kasan: bad access detected [ 35.428165] [ 35.428398] Memory state around the buggy address: [ 35.429049] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.429744] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.430525] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.431207] ^ [ 35.431949] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.432598] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.433367] ================================================================== [ 35.252882] ================================================================== [ 35.253501] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 35.254347] Write of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.255514] [ 35.255875] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.257109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.257656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.258495] Call Trace: [ 35.259191] <TASK> [ 35.259865] dump_stack_lvl+0x73/0xb0 [ 35.260236] print_report+0xd1/0x640 [ 35.260997] ? __virt_addr_valid+0x1db/0x2d0 [ 35.261461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.262594] kasan_report+0x102/0x140 [ 35.263000] ? copy_user_test_oob+0x3fe/0x10f0 [ 35.263577] ? copy_user_test_oob+0x3fe/0x10f0 [ 35.264345] kasan_check_range+0x10c/0x1c0 [ 35.265131] __kasan_check_write+0x18/0x20 [ 35.265555] copy_user_test_oob+0x3fe/0x10f0 [ 35.266234] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.266830] ? finish_task_switch.isra.0+0x153/0x700 [ 35.267612] ? __switch_to+0x5d9/0xf60 [ 35.268212] ? irqentry_exit+0x2a/0x60 [ 35.268597] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.269166] ? trace_hardirqs_on+0x37/0xe0 [ 35.269576] ? __pfx_read_tsc+0x10/0x10 [ 35.270006] ? ktime_get_ts64+0x86/0x230 [ 35.270496] kunit_try_run_case+0x1b3/0x490 [ 35.270858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.271410] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.271992] ? __kthread_parkme+0x82/0x160 [ 35.272298] ? preempt_count_sub+0x50/0x80 [ 35.272891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.273466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.274042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.274567] kthread+0x257/0x310 [ 35.274924] ? __pfx_kthread+0x10/0x10 [ 35.275392] ret_from_fork+0x41/0x80 [ 35.275714] ? __pfx_kthread+0x10/0x10 [ 35.276234] ret_from_fork_asm+0x1a/0x30 [ 35.276808] </TASK> [ 35.277138] [ 35.277329] Allocated by task 292: [ 35.277581] kasan_save_stack+0x3d/0x60 [ 35.278166] kasan_save_track+0x18/0x40 [ 35.278573] kasan_save_alloc_info+0x3b/0x50 [ 35.279170] __kasan_kmalloc+0xb7/0xc0 [ 35.279458] __kmalloc_noprof+0x1c4/0x500 [ 35.280103] kunit_kmalloc_array+0x25/0x60 [ 35.280450] copy_user_test_oob+0xac/0x10f0 [ 35.280818] kunit_try_run_case+0x1b3/0x490 [ 35.281314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.282008] kthread+0x257/0x310 [ 35.282361] ret_from_fork+0x41/0x80 [ 35.282666] ret_from_fork_asm+0x1a/0x30 [ 35.283141] [ 35.283401] The buggy address belongs to the object at ffff888101ac8600 [ 35.283401] which belongs to the cache kmalloc-128 of size 128 [ 35.284477] The buggy address is located 0 bytes inside of [ 35.284477] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.285468] [ 35.285653] The buggy address belongs to the physical page: [ 35.286070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.287028] flags: 0x200000000000000(node=0|zone=2) [ 35.287472] page_type: f5(slab) [ 35.287828] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.288598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.289286] page dumped because: kasan: bad access detected [ 35.289928] [ 35.290181] Memory state around the buggy address: [ 35.290548] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.292155] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.293036] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.293814] ^ [ 35.294493] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.295196] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.295805] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 35.199576] ================================================================== [ 35.200424] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 35.201184] Read of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.203549] [ 35.203939] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.204806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.205144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.206179] Call Trace: [ 35.206596] <TASK> [ 35.206981] dump_stack_lvl+0x73/0xb0 [ 35.207372] print_report+0xd1/0x640 [ 35.207972] ? __virt_addr_valid+0x1db/0x2d0 [ 35.208477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.209116] kasan_report+0x102/0x140 [ 35.209659] ? _copy_to_user+0x4a/0x70 [ 35.210089] ? _copy_to_user+0x4a/0x70 [ 35.210646] kasan_check_range+0x10c/0x1c0 [ 35.211210] __kasan_check_read+0x15/0x20 [ 35.211814] _copy_to_user+0x4a/0x70 [ 35.212171] copy_user_test_oob+0x365/0x10f0 [ 35.212708] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.213257] ? finish_task_switch.isra.0+0x153/0x700 [ 35.213746] ? __switch_to+0x5d9/0xf60 [ 35.214161] ? irqentry_exit+0x2a/0x60 [ 35.214697] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.215276] ? trace_hardirqs_on+0x37/0xe0 [ 35.215661] ? __pfx_read_tsc+0x10/0x10 [ 35.216171] ? ktime_get_ts64+0x86/0x230 [ 35.216692] kunit_try_run_case+0x1b3/0x490 [ 35.217294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.218151] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.218700] ? __kthread_parkme+0x82/0x160 [ 35.219214] ? preempt_count_sub+0x50/0x80 [ 35.219845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.220440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.221128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.221757] kthread+0x257/0x310 [ 35.222263] ? __pfx_kthread+0x10/0x10 [ 35.222599] ret_from_fork+0x41/0x80 [ 35.223181] ? __pfx_kthread+0x10/0x10 [ 35.223668] ret_from_fork_asm+0x1a/0x30 [ 35.224102] </TASK> [ 35.224499] [ 35.224817] Allocated by task 292: [ 35.225228] kasan_save_stack+0x3d/0x60 [ 35.225726] kasan_save_track+0x18/0x40 [ 35.226182] kasan_save_alloc_info+0x3b/0x50 [ 35.226674] __kasan_kmalloc+0xb7/0xc0 [ 35.227141] __kmalloc_noprof+0x1c4/0x500 [ 35.227724] kunit_kmalloc_array+0x25/0x60 [ 35.228638] copy_user_test_oob+0xac/0x10f0 [ 35.229366] kunit_try_run_case+0x1b3/0x490 [ 35.230180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.230608] kthread+0x257/0x310 [ 35.231087] ret_from_fork+0x41/0x80 [ 35.231401] ret_from_fork_asm+0x1a/0x30 [ 35.231948] [ 35.232225] The buggy address belongs to the object at ffff888101ac8600 [ 35.232225] which belongs to the cache kmalloc-128 of size 128 [ 35.233138] The buggy address is located 0 bytes inside of [ 35.233138] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.234739] [ 35.234950] The buggy address belongs to the physical page: [ 35.235951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.237135] flags: 0x200000000000000(node=0|zone=2) [ 35.237860] page_type: f5(slab) [ 35.238291] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.239038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.239614] page dumped because: kasan: bad access detected [ 35.240317] [ 35.240495] Memory state around the buggy address: [ 35.241036] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.241667] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.242387] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.243069] ^ [ 35.243865] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.244574] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.245171] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 35.143660] ================================================================== [ 35.145033] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 35.145758] Write of size 121 at addr ffff888101ac8600 by task kunit_try_catch/292 [ 35.146363] [ 35.146652] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.147474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.148051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.149020] Call Trace: [ 35.149299] <TASK> [ 35.149954] dump_stack_lvl+0x73/0xb0 [ 35.150258] print_report+0xd1/0x640 [ 35.150661] ? __virt_addr_valid+0x1db/0x2d0 [ 35.151281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.152260] kasan_report+0x102/0x140 [ 35.153210] ? _copy_from_user+0x33/0xa0 [ 35.153781] ? _copy_from_user+0x33/0xa0 [ 35.154213] kasan_check_range+0x10c/0x1c0 [ 35.154619] __kasan_check_write+0x18/0x20 [ 35.155822] _copy_from_user+0x33/0xa0 [ 35.156228] copy_user_test_oob+0x2bf/0x10f0 [ 35.156933] ? __pfx_copy_user_test_oob+0x10/0x10 [ 35.157601] ? finish_task_switch.isra.0+0x153/0x700 [ 35.158300] ? __switch_to+0x5d9/0xf60 [ 35.158935] ? irqentry_exit+0x2a/0x60 [ 35.159453] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 35.160476] ? trace_hardirqs_on+0x37/0xe0 [ 35.161096] ? __pfx_read_tsc+0x10/0x10 [ 35.161541] ? ktime_get_ts64+0x86/0x230 [ 35.162787] kunit_try_run_case+0x1b3/0x490 [ 35.163276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.164253] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.164708] ? __kthread_parkme+0x82/0x160 [ 35.165568] ? preempt_count_sub+0x50/0x80 [ 35.166073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.166630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.167438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.168229] kthread+0x257/0x310 [ 35.168492] ? __pfx_kthread+0x10/0x10 [ 35.169046] ret_from_fork+0x41/0x80 [ 35.169363] ? __pfx_kthread+0x10/0x10 [ 35.169875] ret_from_fork_asm+0x1a/0x30 [ 35.170244] </TASK> [ 35.170649] [ 35.171144] Allocated by task 292: [ 35.171413] kasan_save_stack+0x3d/0x60 [ 35.171624] kasan_save_track+0x18/0x40 [ 35.171945] kasan_save_alloc_info+0x3b/0x50 [ 35.172288] __kasan_kmalloc+0xb7/0xc0 [ 35.173369] __kmalloc_noprof+0x1c4/0x500 [ 35.174084] kunit_kmalloc_array+0x25/0x60 [ 35.174461] copy_user_test_oob+0xac/0x10f0 [ 35.174823] kunit_try_run_case+0x1b3/0x490 [ 35.175263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.175830] kthread+0x257/0x310 [ 35.176450] ret_from_fork+0x41/0x80 [ 35.176783] ret_from_fork_asm+0x1a/0x30 [ 35.177328] [ 35.177556] The buggy address belongs to the object at ffff888101ac8600 [ 35.177556] which belongs to the cache kmalloc-128 of size 128 [ 35.179280] The buggy address is located 0 bytes inside of [ 35.179280] allocated 120-byte region [ffff888101ac8600, ffff888101ac8678) [ 35.180450] [ 35.180735] The buggy address belongs to the physical page: [ 35.181474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac8 [ 35.182914] flags: 0x200000000000000(node=0|zone=2) [ 35.183324] page_type: f5(slab) [ 35.183755] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.184445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.185866] page dumped because: kasan: bad access detected [ 35.187073] [ 35.187425] Memory state around the buggy address: [ 35.188184] ffff888101ac8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.189069] ffff888101ac8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.190260] >ffff888101ac8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.191139] ^ [ 35.191772] ffff888101ac8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.192584] ffff888101ac8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.193763] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 35.018733] ================================================================== [ 35.019974] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 35.020670] Read of size 8 at addr ffff888102a17278 by task kunit_try_catch/288 [ 35.022226] [ 35.022454] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.023375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.024127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.024872] Call Trace: [ 35.025288] <TASK> [ 35.025545] dump_stack_lvl+0x73/0xb0 [ 35.026169] print_report+0xd1/0x640 [ 35.026700] ? __virt_addr_valid+0x1db/0x2d0 [ 35.027292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.028088] kasan_report+0x102/0x140 [ 35.028700] ? copy_to_kernel_nofault+0x225/0x260 [ 35.029365] ? copy_to_kernel_nofault+0x225/0x260 [ 35.030059] __asan_report_load8_noabort+0x18/0x20 [ 35.030592] copy_to_kernel_nofault+0x225/0x260 [ 35.031112] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 35.031873] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 35.032578] ? __schedule+0xc70/0x27e0 [ 35.033257] ? finish_task_switch.isra.0+0x153/0x700 [ 35.033825] ? finish_task_switch.isra.0+0x156/0x700 [ 35.034340] ? __pfx_read_tsc+0x10/0x10 [ 35.035237] ? ktime_get_ts64+0x86/0x230 [ 35.035721] kunit_try_run_case+0x1b3/0x490 [ 35.036395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.036940] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.037613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.038186] ? __kthread_parkme+0x82/0x160 [ 35.038618] ? preempt_count_sub+0x50/0x80 [ 35.039290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.039732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.040465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.041131] kthread+0x257/0x310 [ 35.041570] ? __pfx_kthread+0x10/0x10 [ 35.042449] ret_from_fork+0x41/0x80 [ 35.042645] ? __pfx_kthread+0x10/0x10 [ 35.043169] ret_from_fork_asm+0x1a/0x30 [ 35.043960] </TASK> [ 35.044257] [ 35.044474] Allocated by task 288: [ 35.044877] kasan_save_stack+0x3d/0x60 [ 35.045426] kasan_save_track+0x18/0x40 [ 35.046139] kasan_save_alloc_info+0x3b/0x50 [ 35.047126] __kasan_kmalloc+0xb7/0xc0 [ 35.047810] __kmalloc_cache_noprof+0x184/0x410 [ 35.048820] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 35.049402] kunit_try_run_case+0x1b3/0x490 [ 35.050277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.050780] kthread+0x257/0x310 [ 35.051417] ret_from_fork+0x41/0x80 [ 35.051950] ret_from_fork_asm+0x1a/0x30 [ 35.052638] [ 35.052881] The buggy address belongs to the object at ffff888102a17200 [ 35.052881] which belongs to the cache kmalloc-128 of size 128 [ 35.053986] The buggy address is located 0 bytes to the right of [ 35.053986] allocated 120-byte region [ffff888102a17200, ffff888102a17278) [ 35.056512] [ 35.056839] The buggy address belongs to the physical page: [ 35.057624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a17 [ 35.058926] flags: 0x200000000000000(node=0|zone=2) [ 35.059516] page_type: f5(slab) [ 35.059752] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.060751] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.061930] page dumped because: kasan: bad access detected [ 35.062923] [ 35.063063] Memory state around the buggy address: [ 35.064088] ffff888102a17100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.064880] ffff888102a17180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.065390] >ffff888102a17200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.065974] ^ [ 35.066670] ffff888102a17280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.067886] ffff888102a17300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.068594] ================================================================== [ 35.070465] ================================================================== [ 35.072019] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 35.072981] Write of size 8 at addr ffff888102a17278 by task kunit_try_catch/288 [ 35.074711] [ 35.075217] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 35.076311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.076769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.077737] Call Trace: [ 35.078480] <TASK> [ 35.078780] dump_stack_lvl+0x73/0xb0 [ 35.079841] print_report+0xd1/0x640 [ 35.080179] ? __virt_addr_valid+0x1db/0x2d0 [ 35.080752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 35.081376] kasan_report+0x102/0x140 [ 35.081821] ? copy_to_kernel_nofault+0x99/0x260 [ 35.082287] ? copy_to_kernel_nofault+0x99/0x260 [ 35.082803] kasan_check_range+0x10c/0x1c0 [ 35.083971] __kasan_check_write+0x18/0x20 [ 35.084718] copy_to_kernel_nofault+0x99/0x260 [ 35.085557] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 35.086802] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 35.087790] ? __schedule+0xc70/0x27e0 [ 35.088448] ? finish_task_switch.isra.0+0x153/0x700 [ 35.089277] ? finish_task_switch.isra.0+0x156/0x700 [ 35.089774] ? __pfx_read_tsc+0x10/0x10 [ 35.090099] ? ktime_get_ts64+0x86/0x230 [ 35.090567] kunit_try_run_case+0x1b3/0x490 [ 35.091325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.091865] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 35.092863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 35.093328] ? __kthread_parkme+0x82/0x160 [ 35.094123] ? preempt_count_sub+0x50/0x80 [ 35.094635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 35.095056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 35.096071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.097119] kthread+0x257/0x310 [ 35.097490] ? __pfx_kthread+0x10/0x10 [ 35.098140] ret_from_fork+0x41/0x80 [ 35.098529] ? __pfx_kthread+0x10/0x10 [ 35.099034] ret_from_fork_asm+0x1a/0x30 [ 35.099623] </TASK> [ 35.100252] [ 35.100831] Allocated by task 288: [ 35.101354] kasan_save_stack+0x3d/0x60 [ 35.101885] kasan_save_track+0x18/0x40 [ 35.102395] kasan_save_alloc_info+0x3b/0x50 [ 35.103001] __kasan_kmalloc+0xb7/0xc0 [ 35.103395] __kmalloc_cache_noprof+0x184/0x410 [ 35.104453] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 35.104986] kunit_try_run_case+0x1b3/0x490 [ 35.105310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.106025] kthread+0x257/0x310 [ 35.106441] ret_from_fork+0x41/0x80 [ 35.106835] ret_from_fork_asm+0x1a/0x30 [ 35.107508] [ 35.107742] The buggy address belongs to the object at ffff888102a17200 [ 35.107742] which belongs to the cache kmalloc-128 of size 128 [ 35.109079] The buggy address is located 0 bytes to the right of [ 35.109079] allocated 120-byte region [ffff888102a17200, ffff888102a17278) [ 35.110580] [ 35.110938] The buggy address belongs to the physical page: [ 35.111589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a17 [ 35.112444] flags: 0x200000000000000(node=0|zone=2) [ 35.112883] page_type: f5(slab) [ 35.113416] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 35.114655] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 35.115527] page dumped because: kasan: bad access detected [ 35.116052] [ 35.116405] Memory state around the buggy address: [ 35.117258] ffff888102a17100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.118011] ffff888102a17180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.118297] >ffff888102a17200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 35.118573] ^ [ 35.118877] ffff888102a17280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.119155] ffff888102a17300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.119425] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 32.206918] ================================================================== [ 32.207537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 32.209014] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.210125] [ 32.210341] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.211226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.211530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.212278] Call Trace: [ 32.212673] <TASK> [ 32.213036] dump_stack_lvl+0x73/0xb0 [ 32.213364] print_report+0xd1/0x640 [ 32.213879] ? __virt_addr_valid+0x1db/0x2d0 [ 32.214395] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.214921] kasan_report+0x102/0x140 [ 32.215315] ? kasan_atomics_helper+0x3e0/0x5450 [ 32.215825] ? kasan_atomics_helper+0x3e0/0x5450 [ 32.216310] kasan_check_range+0x10c/0x1c0 [ 32.216841] __kasan_check_read+0x15/0x20 [ 32.217219] kasan_atomics_helper+0x3e0/0x5450 [ 32.217676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.218105] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.218656] ? kasan_atomics+0x153/0x310 [ 32.219168] kasan_atomics+0x1dd/0x310 [ 32.219733] ? __pfx_kasan_atomics+0x10/0x10 [ 32.220141] ? __pfx_read_tsc+0x10/0x10 [ 32.220534] ? ktime_get_ts64+0x86/0x230 [ 32.221284] kunit_try_run_case+0x1b3/0x490 [ 32.221638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.222228] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.222742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.223293] ? __kthread_parkme+0x82/0x160 [ 32.223736] ? preempt_count_sub+0x50/0x80 [ 32.224193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.224629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.225399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.226020] kthread+0x257/0x310 [ 32.226370] ? __pfx_kthread+0x10/0x10 [ 32.226776] ret_from_fork+0x41/0x80 [ 32.227330] ? __pfx_kthread+0x10/0x10 [ 32.227673] ret_from_fork_asm+0x1a/0x30 [ 32.228181] </TASK> [ 32.228488] [ 32.228651] Allocated by task 272: [ 32.228925] kasan_save_stack+0x3d/0x60 [ 32.229445] kasan_save_track+0x18/0x40 [ 32.229979] kasan_save_alloc_info+0x3b/0x50 [ 32.230518] __kasan_kmalloc+0xb7/0xc0 [ 32.230863] __kmalloc_cache_noprof+0x184/0x410 [ 32.231335] kasan_atomics+0x96/0x310 [ 32.231915] kunit_try_run_case+0x1b3/0x490 [ 32.232226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.232962] kthread+0x257/0x310 [ 32.233419] ret_from_fork+0x41/0x80 [ 32.234383] ret_from_fork_asm+0x1a/0x30 [ 32.234752] [ 32.235047] The buggy address belongs to the object at ffff888102a0ec00 [ 32.235047] which belongs to the cache kmalloc-64 of size 64 [ 32.237306] The buggy address is located 0 bytes to the right of [ 32.237306] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.238975] [ 32.239197] The buggy address belongs to the physical page: [ 32.239755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.240486] flags: 0x200000000000000(node=0|zone=2) [ 32.241890] page_type: f5(slab) [ 32.242635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.243422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.243960] page dumped because: kasan: bad access detected [ 32.244535] [ 32.244735] Memory state around the buggy address: [ 32.245230] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.245811] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.246474] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.246942] ^ [ 32.247506] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.248221] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.248809] ================================================================== [ 32.726850] ================================================================== [ 32.727729] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 32.728448] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.729127] [ 32.729317] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.730096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.730649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.731612] Call Trace: [ 32.731963] <TASK> [ 32.732336] dump_stack_lvl+0x73/0xb0 [ 32.732856] print_report+0xd1/0x640 [ 32.733312] ? __virt_addr_valid+0x1db/0x2d0 [ 32.733775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.734452] kasan_report+0x102/0x140 [ 32.735119] ? kasan_atomics_helper+0xa2c/0x5450 [ 32.735604] ? kasan_atomics_helper+0xa2c/0x5450 [ 32.736547] kasan_check_range+0x10c/0x1c0 [ 32.737209] __kasan_check_write+0x18/0x20 [ 32.738041] kasan_atomics_helper+0xa2c/0x5450 [ 32.738559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.739270] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.739664] ? kasan_atomics+0x153/0x310 [ 32.740292] kasan_atomics+0x1dd/0x310 [ 32.740762] ? __pfx_kasan_atomics+0x10/0x10 [ 32.741248] ? __pfx_read_tsc+0x10/0x10 [ 32.741786] ? ktime_get_ts64+0x86/0x230 [ 32.742250] kunit_try_run_case+0x1b3/0x490 [ 32.742919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.743525] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.744052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.744622] ? __kthread_parkme+0x82/0x160 [ 32.745151] ? preempt_count_sub+0x50/0x80 [ 32.745696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.746335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.746773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.747496] kthread+0x257/0x310 [ 32.748091] ? __pfx_kthread+0x10/0x10 [ 32.748539] ret_from_fork+0x41/0x80 [ 32.748869] ? __pfx_kthread+0x10/0x10 [ 32.749427] ret_from_fork_asm+0x1a/0x30 [ 32.750098] </TASK> [ 32.750351] [ 32.750555] Allocated by task 272: [ 32.751218] kasan_save_stack+0x3d/0x60 [ 32.751560] kasan_save_track+0x18/0x40 [ 32.752248] kasan_save_alloc_info+0x3b/0x50 [ 32.752801] __kasan_kmalloc+0xb7/0xc0 [ 32.753196] __kmalloc_cache_noprof+0x184/0x410 [ 32.753674] kasan_atomics+0x96/0x310 [ 32.754225] kunit_try_run_case+0x1b3/0x490 [ 32.754650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.755481] kthread+0x257/0x310 [ 32.756295] ret_from_fork+0x41/0x80 [ 32.756975] ret_from_fork_asm+0x1a/0x30 [ 32.757607] [ 32.757773] The buggy address belongs to the object at ffff888102a0ec00 [ 32.757773] which belongs to the cache kmalloc-64 of size 64 [ 32.759815] The buggy address is located 0 bytes to the right of [ 32.759815] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.760725] [ 32.761359] The buggy address belongs to the physical page: [ 32.762177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.762835] flags: 0x200000000000000(node=0|zone=2) [ 32.763594] page_type: f5(slab) [ 32.764231] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.765399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.766565] page dumped because: kasan: bad access detected [ 32.767078] [ 32.767286] Memory state around the buggy address: [ 32.768145] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.769357] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.770353] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.771319] ^ [ 32.771829] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.772434] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.773402] ================================================================== [ 33.894220] ================================================================== [ 33.894958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 33.895556] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.896261] [ 33.896496] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.897427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.897791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.898597] Call Trace: [ 33.899000] <TASK> [ 33.899296] dump_stack_lvl+0x73/0xb0 [ 33.899740] print_report+0xd1/0x640 [ 33.900119] ? __virt_addr_valid+0x1db/0x2d0 [ 33.900592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.901189] kasan_report+0x102/0x140 [ 33.901668] ? kasan_atomics_helper+0x16e8/0x5450 [ 33.902229] ? kasan_atomics_helper+0x16e8/0x5450 [ 33.902697] kasan_check_range+0x10c/0x1c0 [ 33.903195] __kasan_check_write+0x18/0x20 [ 33.903724] kasan_atomics_helper+0x16e8/0x5450 [ 33.904155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.904752] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.905223] ? kasan_atomics+0x153/0x310 [ 33.905675] kasan_atomics+0x1dd/0x310 [ 33.906085] ? __pfx_kasan_atomics+0x10/0x10 [ 33.906603] ? __pfx_read_tsc+0x10/0x10 [ 33.907052] ? ktime_get_ts64+0x86/0x230 [ 33.907550] kunit_try_run_case+0x1b3/0x490 [ 33.908096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.908483] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.909032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.909700] ? __kthread_parkme+0x82/0x160 [ 33.910149] ? preempt_count_sub+0x50/0x80 [ 33.910514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.911089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.911500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.912148] kthread+0x257/0x310 [ 33.912595] ? __pfx_kthread+0x10/0x10 [ 33.912977] ret_from_fork+0x41/0x80 [ 33.913483] ? __pfx_kthread+0x10/0x10 [ 33.914188] ret_from_fork_asm+0x1a/0x30 [ 33.914815] </TASK> [ 33.915179] [ 33.915372] Allocated by task 272: [ 33.915861] kasan_save_stack+0x3d/0x60 [ 33.916168] kasan_save_track+0x18/0x40 [ 33.916802] kasan_save_alloc_info+0x3b/0x50 [ 33.917314] __kasan_kmalloc+0xb7/0xc0 [ 33.917696] __kmalloc_cache_noprof+0x184/0x410 [ 33.918357] kasan_atomics+0x96/0x310 [ 33.918884] kunit_try_run_case+0x1b3/0x490 [ 33.919333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.919846] kthread+0x257/0x310 [ 33.920285] ret_from_fork+0x41/0x80 [ 33.920819] ret_from_fork_asm+0x1a/0x30 [ 33.921135] [ 33.921305] The buggy address belongs to the object at ffff888102a0ec00 [ 33.921305] which belongs to the cache kmalloc-64 of size 64 [ 33.922318] The buggy address is located 0 bytes to the right of [ 33.922318] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.923536] [ 33.923862] The buggy address belongs to the physical page: [ 33.924352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.924970] flags: 0x200000000000000(node=0|zone=2) [ 33.925573] page_type: f5(slab) [ 33.926111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.926671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.927186] page dumped because: kasan: bad access detected [ 33.927898] [ 33.928165] Memory state around the buggy address: [ 33.928757] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.929545] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.930188] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.930801] ^ [ 33.931118] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.932006] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.932655] ================================================================== [ 34.759613] ================================================================== [ 34.760285] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 34.761745] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.762581] [ 34.763134] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.764113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.764521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.765448] Call Trace: [ 34.765744] <TASK> [ 34.766239] dump_stack_lvl+0x73/0xb0 [ 34.766867] print_report+0xd1/0x640 [ 34.767520] ? __virt_addr_valid+0x1db/0x2d0 [ 34.768060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.769113] kasan_report+0x102/0x140 [ 34.769565] ? kasan_atomics_helper+0x4fb4/0x5450 [ 34.770553] ? kasan_atomics_helper+0x4fb4/0x5450 [ 34.771197] __asan_report_load8_noabort+0x18/0x20 [ 34.771438] kasan_atomics_helper+0x4fb4/0x5450 [ 34.771662] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.772048] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.773202] ? kasan_atomics+0x153/0x310 [ 34.773636] kasan_atomics+0x1dd/0x310 [ 34.774278] ? __pfx_kasan_atomics+0x10/0x10 [ 34.774843] ? __pfx_read_tsc+0x10/0x10 [ 34.775319] ? ktime_get_ts64+0x86/0x230 [ 34.775887] kunit_try_run_case+0x1b3/0x490 [ 34.776272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.776877] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.777257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.778047] ? __kthread_parkme+0x82/0x160 [ 34.778532] ? preempt_count_sub+0x50/0x80 [ 34.779183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.779796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.780402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.781329] kthread+0x257/0x310 [ 34.781829] ? __pfx_kthread+0x10/0x10 [ 34.782540] ret_from_fork+0x41/0x80 [ 34.783150] ? __pfx_kthread+0x10/0x10 [ 34.783733] ret_from_fork_asm+0x1a/0x30 [ 34.784237] </TASK> [ 34.784704] [ 34.785032] Allocated by task 272: [ 34.785419] kasan_save_stack+0x3d/0x60 [ 34.786187] kasan_save_track+0x18/0x40 [ 34.786748] kasan_save_alloc_info+0x3b/0x50 [ 34.787210] __kasan_kmalloc+0xb7/0xc0 [ 34.787960] __kmalloc_cache_noprof+0x184/0x410 [ 34.788324] kasan_atomics+0x96/0x310 [ 34.789338] kunit_try_run_case+0x1b3/0x490 [ 34.790371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.791202] kthread+0x257/0x310 [ 34.791477] ret_from_fork+0x41/0x80 [ 34.792060] ret_from_fork_asm+0x1a/0x30 [ 34.792485] [ 34.792733] The buggy address belongs to the object at ffff888102a0ec00 [ 34.792733] which belongs to the cache kmalloc-64 of size 64 [ 34.793647] The buggy address is located 0 bytes to the right of [ 34.793647] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.794551] [ 34.794921] The buggy address belongs to the physical page: [ 34.795567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.796461] flags: 0x200000000000000(node=0|zone=2) [ 34.796857] page_type: f5(slab) [ 34.797567] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.798653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.799414] page dumped because: kasan: bad access detected [ 34.799956] [ 34.800210] Memory state around the buggy address: [ 34.800708] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.801466] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.802187] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.802969] ^ [ 34.803377] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.804171] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.804934] ================================================================== [ 31.998490] ================================================================== [ 32.000767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 32.001501] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.003108] [ 32.003333] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.004757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.005709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.006662] Call Trace: [ 32.007027] <TASK> [ 32.007726] dump_stack_lvl+0x73/0xb0 [ 32.008279] print_report+0xd1/0x640 [ 32.009117] ? __virt_addr_valid+0x1db/0x2d0 [ 32.009811] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.010666] kasan_report+0x102/0x140 [ 32.011384] ? kasan_atomics_helper+0x4bbe/0x5450 [ 32.012428] ? kasan_atomics_helper+0x4bbe/0x5450 [ 32.013112] __asan_report_load4_noabort+0x18/0x20 [ 32.013779] kasan_atomics_helper+0x4bbe/0x5450 [ 32.014389] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.015202] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.015966] ? kasan_atomics+0x153/0x310 [ 32.016453] kasan_atomics+0x1dd/0x310 [ 32.016910] ? __pfx_kasan_atomics+0x10/0x10 [ 32.018378] ? __pfx_read_tsc+0x10/0x10 [ 32.018910] ? ktime_get_ts64+0x86/0x230 [ 32.019607] kunit_try_run_case+0x1b3/0x490 [ 32.020248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.020911] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.022095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.022561] ? __kthread_parkme+0x82/0x160 [ 32.023543] ? preempt_count_sub+0x50/0x80 [ 32.024170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.024872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.025457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.025909] kthread+0x257/0x310 [ 32.026335] ? __pfx_kthread+0x10/0x10 [ 32.027092] ret_from_fork+0x41/0x80 [ 32.027881] ? __pfx_kthread+0x10/0x10 [ 32.028817] ret_from_fork_asm+0x1a/0x30 [ 32.029241] </TASK> [ 32.029868] [ 32.030027] Allocated by task 272: [ 32.031162] kasan_save_stack+0x3d/0x60 [ 32.031861] kasan_save_track+0x18/0x40 [ 32.032321] kasan_save_alloc_info+0x3b/0x50 [ 32.033380] __kasan_kmalloc+0xb7/0xc0 [ 32.034024] __kmalloc_cache_noprof+0x184/0x410 [ 32.034722] kasan_atomics+0x96/0x310 [ 32.035493] kunit_try_run_case+0x1b3/0x490 [ 32.036355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.037198] kthread+0x257/0x310 [ 32.037642] ret_from_fork+0x41/0x80 [ 32.038443] ret_from_fork_asm+0x1a/0x30 [ 32.039358] [ 32.039526] The buggy address belongs to the object at ffff888102a0ec00 [ 32.039526] which belongs to the cache kmalloc-64 of size 64 [ 32.041516] The buggy address is located 0 bytes to the right of [ 32.041516] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.043204] [ 32.043384] The buggy address belongs to the physical page: [ 32.044041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.045108] flags: 0x200000000000000(node=0|zone=2) [ 32.046231] page_type: f5(slab) [ 32.046596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.047248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.049174] page dumped because: kasan: bad access detected [ 32.050413] [ 32.050626] Memory state around the buggy address: [ 32.051395] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.052281] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.053035] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.053787] ^ [ 32.054668] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.055564] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.056607] ================================================================== [ 33.627907] ================================================================== [ 33.628501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 33.629230] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.629879] [ 33.630158] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.631130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.631889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.632708] Call Trace: [ 33.633197] <TASK> [ 33.633473] dump_stack_lvl+0x73/0xb0 [ 33.634058] print_report+0xd1/0x640 [ 33.634506] ? __virt_addr_valid+0x1db/0x2d0 [ 33.635156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.635912] kasan_report+0x102/0x140 [ 33.636299] ? kasan_atomics_helper+0x4eb0/0x5450 [ 33.636942] ? kasan_atomics_helper+0x4eb0/0x5450 [ 33.637420] __asan_report_load8_noabort+0x18/0x20 [ 33.638088] kasan_atomics_helper+0x4eb0/0x5450 [ 33.638463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.639211] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.639735] ? kasan_atomics+0x153/0x310 [ 33.640427] kasan_atomics+0x1dd/0x310 [ 33.640838] ? __pfx_kasan_atomics+0x10/0x10 [ 33.641177] ? __pfx_read_tsc+0x10/0x10 [ 33.641995] ? ktime_get_ts64+0x86/0x230 [ 33.642653] kunit_try_run_case+0x1b3/0x490 [ 33.643120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.643542] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.644402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.645750] ? __kthread_parkme+0x82/0x160 [ 33.646149] ? preempt_count_sub+0x50/0x80 [ 33.646607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.647337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.648211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.649329] kthread+0x257/0x310 [ 33.649693] ? __pfx_kthread+0x10/0x10 [ 33.650424] ret_from_fork+0x41/0x80 [ 33.651153] ? __pfx_kthread+0x10/0x10 [ 33.651540] ret_from_fork_asm+0x1a/0x30 [ 33.652328] </TASK> [ 33.652542] [ 33.652818] Allocated by task 272: [ 33.653636] kasan_save_stack+0x3d/0x60 [ 33.654424] kasan_save_track+0x18/0x40 [ 33.655135] kasan_save_alloc_info+0x3b/0x50 [ 33.656133] __kasan_kmalloc+0xb7/0xc0 [ 33.656490] __kmalloc_cache_noprof+0x184/0x410 [ 33.657283] kasan_atomics+0x96/0x310 [ 33.657998] kunit_try_run_case+0x1b3/0x490 [ 33.658508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.659312] kthread+0x257/0x310 [ 33.659654] ret_from_fork+0x41/0x80 [ 33.660019] ret_from_fork_asm+0x1a/0x30 [ 33.660459] [ 33.660697] The buggy address belongs to the object at ffff888102a0ec00 [ 33.660697] which belongs to the cache kmalloc-64 of size 64 [ 33.661463] The buggy address is located 0 bytes to the right of [ 33.661463] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.662819] [ 33.662996] The buggy address belongs to the physical page: [ 33.663728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.664393] flags: 0x200000000000000(node=0|zone=2) [ 33.665098] page_type: f5(slab) [ 33.665549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.666362] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.667201] page dumped because: kasan: bad access detected [ 33.667924] [ 33.668069] Memory state around the buggy address: [ 33.668628] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.669382] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.670182] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.670742] ^ [ 33.671380] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.672080] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.672824] ================================================================== [ 34.256773] ================================================================== [ 34.257384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 34.259011] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.259874] [ 34.260338] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.261311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.261856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.262894] Call Trace: [ 34.263358] <TASK> [ 34.263638] dump_stack_lvl+0x73/0xb0 [ 34.264547] print_report+0xd1/0x640 [ 34.265235] ? __virt_addr_valid+0x1db/0x2d0 [ 34.265710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.266566] kasan_report+0x102/0x140 [ 34.267194] ? kasan_atomics_helper+0x1c19/0x5450 [ 34.268040] ? kasan_atomics_helper+0x1c19/0x5450 [ 34.268552] kasan_check_range+0x10c/0x1c0 [ 34.269446] __kasan_check_write+0x18/0x20 [ 34.269770] kasan_atomics_helper+0x1c19/0x5450 [ 34.270560] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.271374] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.272186] ? kasan_atomics+0x153/0x310 [ 34.272619] kasan_atomics+0x1dd/0x310 [ 34.273359] ? __pfx_kasan_atomics+0x10/0x10 [ 34.274355] ? __pfx_read_tsc+0x10/0x10 [ 34.274761] ? ktime_get_ts64+0x86/0x230 [ 34.275290] kunit_try_run_case+0x1b3/0x490 [ 34.275790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.276283] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.277581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.277959] ? __kthread_parkme+0x82/0x160 [ 34.278863] ? preempt_count_sub+0x50/0x80 [ 34.279259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.279671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.280341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.281023] kthread+0x257/0x310 [ 34.281594] ? __pfx_kthread+0x10/0x10 [ 34.282231] ret_from_fork+0x41/0x80 [ 34.282642] ? __pfx_kthread+0x10/0x10 [ 34.283378] ret_from_fork_asm+0x1a/0x30 [ 34.284502] </TASK> [ 34.284768] [ 34.285220] Allocated by task 272: [ 34.285585] kasan_save_stack+0x3d/0x60 [ 34.286619] kasan_save_track+0x18/0x40 [ 34.287130] kasan_save_alloc_info+0x3b/0x50 [ 34.287714] __kasan_kmalloc+0xb7/0xc0 [ 34.288464] __kmalloc_cache_noprof+0x184/0x410 [ 34.289223] kasan_atomics+0x96/0x310 [ 34.290281] kunit_try_run_case+0x1b3/0x490 [ 34.290666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.291536] kthread+0x257/0x310 [ 34.292160] ret_from_fork+0x41/0x80 [ 34.293144] ret_from_fork_asm+0x1a/0x30 [ 34.293438] [ 34.293598] The buggy address belongs to the object at ffff888102a0ec00 [ 34.293598] which belongs to the cache kmalloc-64 of size 64 [ 34.294246] The buggy address is located 0 bytes to the right of [ 34.294246] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.295539] [ 34.296061] The buggy address belongs to the physical page: [ 34.296673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.298018] flags: 0x200000000000000(node=0|zone=2) [ 34.298633] page_type: f5(slab) [ 34.299042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.300099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.300809] page dumped because: kasan: bad access detected [ 34.301318] [ 34.301635] Memory state around the buggy address: [ 34.302100] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.302855] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.303482] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.304244] ^ [ 34.304752] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.305426] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.306235] ================================================================== [ 32.595803] ================================================================== [ 32.596578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 32.597382] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.598307] [ 32.598580] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.600589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.601262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.602212] Call Trace: [ 32.602507] <TASK> [ 32.602772] dump_stack_lvl+0x73/0xb0 [ 32.603198] print_report+0xd1/0x640 [ 32.603604] ? __virt_addr_valid+0x1db/0x2d0 [ 32.603985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.604977] kasan_report+0x102/0x140 [ 32.605804] ? kasan_atomics_helper+0x861/0x5450 [ 32.606294] ? kasan_atomics_helper+0x861/0x5450 [ 32.606884] kasan_check_range+0x10c/0x1c0 [ 32.607281] __kasan_check_write+0x18/0x20 [ 32.607902] kasan_atomics_helper+0x861/0x5450 [ 32.608411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.608987] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.609610] ? kasan_atomics+0x153/0x310 [ 32.610281] kasan_atomics+0x1dd/0x310 [ 32.610649] ? __pfx_kasan_atomics+0x10/0x10 [ 32.611235] ? __pfx_read_tsc+0x10/0x10 [ 32.611812] ? ktime_get_ts64+0x86/0x230 [ 32.612228] kunit_try_run_case+0x1b3/0x490 [ 32.612859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.613260] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.613959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.614415] ? __kthread_parkme+0x82/0x160 [ 32.615068] ? preempt_count_sub+0x50/0x80 [ 32.615652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.616222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.616828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.617275] kthread+0x257/0x310 [ 32.617845] ? __pfx_kthread+0x10/0x10 [ 32.618190] ret_from_fork+0x41/0x80 [ 32.618726] ? __pfx_kthread+0x10/0x10 [ 32.619253] ret_from_fork_asm+0x1a/0x30 [ 32.619840] </TASK> [ 32.620225] [ 32.620414] Allocated by task 272: [ 32.620866] kasan_save_stack+0x3d/0x60 [ 32.621308] kasan_save_track+0x18/0x40 [ 32.621930] kasan_save_alloc_info+0x3b/0x50 [ 32.622397] __kasan_kmalloc+0xb7/0xc0 [ 32.622840] __kmalloc_cache_noprof+0x184/0x410 [ 32.623231] kasan_atomics+0x96/0x310 [ 32.623852] kunit_try_run_case+0x1b3/0x490 [ 32.624432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.624897] kthread+0x257/0x310 [ 32.625398] ret_from_fork+0x41/0x80 [ 32.625847] ret_from_fork_asm+0x1a/0x30 [ 32.626395] [ 32.626643] The buggy address belongs to the object at ffff888102a0ec00 [ 32.626643] which belongs to the cache kmalloc-64 of size 64 [ 32.627806] The buggy address is located 0 bytes to the right of [ 32.627806] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.629426] [ 32.630309] The buggy address belongs to the physical page: [ 32.630873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.632555] flags: 0x200000000000000(node=0|zone=2) [ 32.633342] page_type: f5(slab) [ 32.633821] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.634495] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.635053] page dumped because: kasan: bad access detected [ 32.635641] [ 32.635912] Memory state around the buggy address: [ 32.636257] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.637088] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.637648] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.638292] ^ [ 32.638651] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.639415] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.640020] ================================================================== [ 33.933653] ================================================================== [ 33.934251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 33.935197] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.936173] [ 33.936364] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.937568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.938180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.939100] Call Trace: [ 33.939592] <TASK> [ 33.940134] dump_stack_lvl+0x73/0xb0 [ 33.940769] print_report+0xd1/0x640 [ 33.941308] ? __virt_addr_valid+0x1db/0x2d0 [ 33.941718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.942280] kasan_report+0x102/0x140 [ 33.942838] ? kasan_atomics_helper+0x1780/0x5450 [ 33.943296] ? kasan_atomics_helper+0x1780/0x5450 [ 33.943733] kasan_check_range+0x10c/0x1c0 [ 33.944325] __kasan_check_write+0x18/0x20 [ 33.944755] kasan_atomics_helper+0x1780/0x5450 [ 33.945348] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.945913] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.946359] ? kasan_atomics+0x153/0x310 [ 33.946715] kasan_atomics+0x1dd/0x310 [ 33.947266] ? __pfx_kasan_atomics+0x10/0x10 [ 33.947745] ? __pfx_read_tsc+0x10/0x10 [ 33.948115] ? ktime_get_ts64+0x86/0x230 [ 33.948610] kunit_try_run_case+0x1b3/0x490 [ 33.949081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.949516] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.950070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.950647] ? __kthread_parkme+0x82/0x160 [ 33.951096] ? preempt_count_sub+0x50/0x80 [ 33.951478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.952023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.952669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.953224] kthread+0x257/0x310 [ 33.953541] ? __pfx_kthread+0x10/0x10 [ 33.954026] ret_from_fork+0x41/0x80 [ 33.954510] ? __pfx_kthread+0x10/0x10 [ 33.954924] ret_from_fork_asm+0x1a/0x30 [ 33.955421] </TASK> [ 33.955815] [ 33.956036] Allocated by task 272: [ 33.956313] kasan_save_stack+0x3d/0x60 [ 33.956870] kasan_save_track+0x18/0x40 [ 33.957330] kasan_save_alloc_info+0x3b/0x50 [ 33.957821] __kasan_kmalloc+0xb7/0xc0 [ 33.958196] __kmalloc_cache_noprof+0x184/0x410 [ 33.958726] kasan_atomics+0x96/0x310 [ 33.959252] kunit_try_run_case+0x1b3/0x490 [ 33.959630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.960178] kthread+0x257/0x310 [ 33.960578] ret_from_fork+0x41/0x80 [ 33.961077] ret_from_fork_asm+0x1a/0x30 [ 33.961577] [ 33.961816] The buggy address belongs to the object at ffff888102a0ec00 [ 33.961816] which belongs to the cache kmalloc-64 of size 64 [ 33.962706] The buggy address is located 0 bytes to the right of [ 33.962706] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.963620] [ 33.963922] The buggy address belongs to the physical page: [ 33.964483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.965212] flags: 0x200000000000000(node=0|zone=2) [ 33.965740] page_type: f5(slab) [ 33.966095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.966803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.967386] page dumped because: kasan: bad access detected [ 33.967974] [ 33.968227] Memory state around the buggy address: [ 33.968849] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.969422] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.970560] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.971201] ^ [ 33.971627] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.972421] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.972975] ================================================================== [ 34.670860] ================================================================== [ 34.671780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 34.672947] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.673833] [ 34.674047] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.674899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.675459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.676522] Call Trace: [ 34.676903] <TASK> [ 34.677245] dump_stack_lvl+0x73/0xb0 [ 34.677748] print_report+0xd1/0x640 [ 34.678333] ? __virt_addr_valid+0x1db/0x2d0 [ 34.678924] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.679469] kasan_report+0x102/0x140 [ 34.680037] ? kasan_atomics_helper+0x4f9a/0x5450 [ 34.680587] ? kasan_atomics_helper+0x4f9a/0x5450 [ 34.681215] __asan_report_load8_noabort+0x18/0x20 [ 34.681842] kasan_atomics_helper+0x4f9a/0x5450 [ 34.682446] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.683008] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.683504] ? kasan_atomics+0x153/0x310 [ 34.684073] kasan_atomics+0x1dd/0x310 [ 34.684592] ? __pfx_kasan_atomics+0x10/0x10 [ 34.685087] ? __pfx_read_tsc+0x10/0x10 [ 34.685409] ? ktime_get_ts64+0x86/0x230 [ 34.686020] kunit_try_run_case+0x1b3/0x490 [ 34.686552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.687229] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.687853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.688419] ? __kthread_parkme+0x82/0x160 [ 34.688872] ? preempt_count_sub+0x50/0x80 [ 34.689444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.690142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.690834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.691376] kthread+0x257/0x310 [ 34.691844] ? __pfx_kthread+0x10/0x10 [ 34.692305] ret_from_fork+0x41/0x80 [ 34.692901] ? __pfx_kthread+0x10/0x10 [ 34.693220] ret_from_fork_asm+0x1a/0x30 [ 34.693858] </TASK> [ 34.694146] [ 34.694431] Allocated by task 272: [ 34.694905] kasan_save_stack+0x3d/0x60 [ 34.695467] kasan_save_track+0x18/0x40 [ 34.696032] kasan_save_alloc_info+0x3b/0x50 [ 34.696616] __kasan_kmalloc+0xb7/0xc0 [ 34.697155] __kmalloc_cache_noprof+0x184/0x410 [ 34.697587] kasan_atomics+0x96/0x310 [ 34.698381] kunit_try_run_case+0x1b3/0x490 [ 34.698867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.699482] kthread+0x257/0x310 [ 34.699889] ret_from_fork+0x41/0x80 [ 34.700222] ret_from_fork_asm+0x1a/0x30 [ 34.700721] [ 34.700975] The buggy address belongs to the object at ffff888102a0ec00 [ 34.700975] which belongs to the cache kmalloc-64 of size 64 [ 34.701961] The buggy address is located 0 bytes to the right of [ 34.701961] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.702986] [ 34.703200] The buggy address belongs to the physical page: [ 34.703801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.704406] flags: 0x200000000000000(node=0|zone=2) [ 34.704986] page_type: f5(slab) [ 34.705430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.706108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.706701] page dumped because: kasan: bad access detected [ 34.707209] [ 34.707465] Memory state around the buggy address: [ 34.708046] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.708535] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.709202] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.709897] ^ [ 34.710375] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.711007] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.711563] ================================================================== [ 34.890543] ================================================================== [ 34.891421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 34.892081] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.892798] [ 34.893076] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.893899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.894342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.895114] Call Trace: [ 34.895446] <TASK> [ 34.895706] dump_stack_lvl+0x73/0xb0 [ 34.896226] print_report+0xd1/0x640 [ 34.896622] ? __virt_addr_valid+0x1db/0x2d0 [ 34.897041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.897672] kasan_report+0x102/0x140 [ 34.898079] ? kasan_atomics_helper+0x224d/0x5450 [ 34.898580] ? kasan_atomics_helper+0x224d/0x5450 [ 34.899180] kasan_check_range+0x10c/0x1c0 [ 34.899539] __kasan_check_write+0x18/0x20 [ 34.900103] kasan_atomics_helper+0x224d/0x5450 [ 34.900639] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.901180] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.901562] ? kasan_atomics+0x153/0x310 [ 34.902174] kasan_atomics+0x1dd/0x310 [ 34.902560] ? __pfx_kasan_atomics+0x10/0x10 [ 34.903083] ? __pfx_read_tsc+0x10/0x10 [ 34.903598] ? ktime_get_ts64+0x86/0x230 [ 34.904073] kunit_try_run_case+0x1b3/0x490 [ 34.904439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.905049] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.905524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.906186] ? __kthread_parkme+0x82/0x160 [ 34.906618] ? preempt_count_sub+0x50/0x80 [ 34.907018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.907617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.908214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.908823] kthread+0x257/0x310 [ 34.909116] ? __pfx_kthread+0x10/0x10 [ 34.909596] ret_from_fork+0x41/0x80 [ 34.910133] ? __pfx_kthread+0x10/0x10 [ 34.910629] ret_from_fork_asm+0x1a/0x30 [ 34.911089] </TASK> [ 34.911389] [ 34.911645] Allocated by task 272: [ 34.913907] kasan_save_stack+0x3d/0x60 [ 34.914566] kasan_save_track+0x18/0x40 [ 34.915081] kasan_save_alloc_info+0x3b/0x50 [ 34.915524] __kasan_kmalloc+0xb7/0xc0 [ 34.916398] __kmalloc_cache_noprof+0x184/0x410 [ 34.917172] kasan_atomics+0x96/0x310 [ 34.917456] kunit_try_run_case+0x1b3/0x490 [ 34.918191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.918732] kthread+0x257/0x310 [ 34.919464] ret_from_fork+0x41/0x80 [ 34.919665] ret_from_fork_asm+0x1a/0x30 [ 34.920083] [ 34.920350] The buggy address belongs to the object at ffff888102a0ec00 [ 34.920350] which belongs to the cache kmalloc-64 of size 64 [ 34.921111] The buggy address is located 0 bytes to the right of [ 34.921111] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.922469] [ 34.922967] The buggy address belongs to the physical page: [ 34.923357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.924351] flags: 0x200000000000000(node=0|zone=2) [ 34.924869] page_type: f5(slab) [ 34.925408] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.926248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.927198] page dumped because: kasan: bad access detected [ 34.927877] [ 34.928106] Memory state around the buggy address: [ 34.928566] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.929983] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.930858] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.931603] ^ [ 34.932229] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.933124] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.934070] ================================================================== [ 34.712783] ================================================================== [ 34.713228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 34.714193] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.714881] [ 34.715161] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.716043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.716397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.717232] Call Trace: [ 34.717524] <TASK> [ 34.717858] dump_stack_lvl+0x73/0xb0 [ 34.718327] print_report+0xd1/0x640 [ 34.718751] ? __virt_addr_valid+0x1db/0x2d0 [ 34.719184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.719914] kasan_report+0x102/0x140 [ 34.720343] ? kasan_atomics_helper+0x20c9/0x5450 [ 34.720833] ? kasan_atomics_helper+0x20c9/0x5450 [ 34.721400] kasan_check_range+0x10c/0x1c0 [ 34.721923] __kasan_check_write+0x18/0x20 [ 34.722408] kasan_atomics_helper+0x20c9/0x5450 [ 34.723031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.723452] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.723963] ? kasan_atomics+0x153/0x310 [ 34.724482] kasan_atomics+0x1dd/0x310 [ 34.725052] ? __pfx_kasan_atomics+0x10/0x10 [ 34.725482] ? __pfx_read_tsc+0x10/0x10 [ 34.726081] ? ktime_get_ts64+0x86/0x230 [ 34.726481] kunit_try_run_case+0x1b3/0x490 [ 34.726995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.727383] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.728028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.728537] ? __kthread_parkme+0x82/0x160 [ 34.729019] ? preempt_count_sub+0x50/0x80 [ 34.729476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.730084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.730597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.731914] kthread+0x257/0x310 [ 34.732513] ? __pfx_kthread+0x10/0x10 [ 34.733427] ret_from_fork+0x41/0x80 [ 34.734028] ? __pfx_kthread+0x10/0x10 [ 34.734327] ret_from_fork_asm+0x1a/0x30 [ 34.734847] </TASK> [ 34.735131] [ 34.735370] Allocated by task 272: [ 34.736027] kasan_save_stack+0x3d/0x60 [ 34.736435] kasan_save_track+0x18/0x40 [ 34.736829] kasan_save_alloc_info+0x3b/0x50 [ 34.737844] __kasan_kmalloc+0xb7/0xc0 [ 34.738336] __kmalloc_cache_noprof+0x184/0x410 [ 34.738866] kasan_atomics+0x96/0x310 [ 34.739221] kunit_try_run_case+0x1b3/0x490 [ 34.739612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.740265] kthread+0x257/0x310 [ 34.740560] ret_from_fork+0x41/0x80 [ 34.741244] ret_from_fork_asm+0x1a/0x30 [ 34.741863] [ 34.742069] The buggy address belongs to the object at ffff888102a0ec00 [ 34.742069] which belongs to the cache kmalloc-64 of size 64 [ 34.743242] The buggy address is located 0 bytes to the right of [ 34.743242] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.744600] [ 34.744785] The buggy address belongs to the physical page: [ 34.745727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.746341] flags: 0x200000000000000(node=0|zone=2) [ 34.747894] page_type: f5(slab) [ 34.748517] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.749394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.750605] page dumped because: kasan: bad access detected [ 34.750955] [ 34.751121] Memory state around the buggy address: [ 34.751437] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.753003] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.753888] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.754706] ^ [ 34.756001] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.757105] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.758281] ================================================================== [ 34.206898] ================================================================== [ 34.208021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 34.208698] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.210066] [ 34.210485] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.211290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.211763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.212437] Call Trace: [ 34.212778] <TASK> [ 34.213102] dump_stack_lvl+0x73/0xb0 [ 34.213422] print_report+0xd1/0x640 [ 34.213905] ? __virt_addr_valid+0x1db/0x2d0 [ 34.214311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.214825] kasan_report+0x102/0x140 [ 34.215330] ? kasan_atomics_helper+0x1b23/0x5450 [ 34.215857] ? kasan_atomics_helper+0x1b23/0x5450 [ 34.216269] kasan_check_range+0x10c/0x1c0 [ 34.216839] __kasan_check_write+0x18/0x20 [ 34.217278] kasan_atomics_helper+0x1b23/0x5450 [ 34.217801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.218236] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.218847] ? kasan_atomics+0x153/0x310 [ 34.219210] kasan_atomics+0x1dd/0x310 [ 34.219606] ? __pfx_kasan_atomics+0x10/0x10 [ 34.220208] ? __pfx_read_tsc+0x10/0x10 [ 34.221106] ? ktime_get_ts64+0x86/0x230 [ 34.221648] kunit_try_run_case+0x1b3/0x490 [ 34.222182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.222968] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.223207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.223445] ? __kthread_parkme+0x82/0x160 [ 34.223650] ? preempt_count_sub+0x50/0x80 [ 34.224080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.224947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.226300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.227339] kthread+0x257/0x310 [ 34.227819] ? __pfx_kthread+0x10/0x10 [ 34.228510] ret_from_fork+0x41/0x80 [ 34.228830] ? __pfx_kthread+0x10/0x10 [ 34.229622] ret_from_fork_asm+0x1a/0x30 [ 34.230263] </TASK> [ 34.230483] [ 34.230762] Allocated by task 272: [ 34.231216] kasan_save_stack+0x3d/0x60 [ 34.232101] kasan_save_track+0x18/0x40 [ 34.232737] kasan_save_alloc_info+0x3b/0x50 [ 34.233567] __kasan_kmalloc+0xb7/0xc0 [ 34.234234] __kmalloc_cache_noprof+0x184/0x410 [ 34.234729] kasan_atomics+0x96/0x310 [ 34.235553] kunit_try_run_case+0x1b3/0x490 [ 34.236108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.236613] kthread+0x257/0x310 [ 34.237432] ret_from_fork+0x41/0x80 [ 34.237880] ret_from_fork_asm+0x1a/0x30 [ 34.238550] [ 34.238865] The buggy address belongs to the object at ffff888102a0ec00 [ 34.238865] which belongs to the cache kmalloc-64 of size 64 [ 34.240293] The buggy address is located 0 bytes to the right of [ 34.240293] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.242132] [ 34.242509] The buggy address belongs to the physical page: [ 34.243478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.244857] flags: 0x200000000000000(node=0|zone=2) [ 34.245368] page_type: f5(slab) [ 34.245745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.247066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.248370] page dumped because: kasan: bad access detected [ 34.249353] [ 34.249601] Memory state around the buggy address: [ 34.249989] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.250675] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.251837] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.252668] ^ [ 34.253472] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.254324] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.255488] ================================================================== [ 32.289982] ================================================================== [ 32.290444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 32.292500] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.293383] [ 32.293577] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.294759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.295160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.296857] Call Trace: [ 32.297147] <TASK> [ 32.297391] dump_stack_lvl+0x73/0xb0 [ 32.298414] print_report+0xd1/0x640 [ 32.298814] ? __virt_addr_valid+0x1db/0x2d0 [ 32.299430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.300648] kasan_report+0x102/0x140 [ 32.301167] ? kasan_atomics_helper+0x4a1/0x5450 [ 32.301571] ? kasan_atomics_helper+0x4a1/0x5450 [ 32.302174] kasan_check_range+0x10c/0x1c0 [ 32.302578] __kasan_check_write+0x18/0x20 [ 32.302995] kasan_atomics_helper+0x4a1/0x5450 [ 32.303477] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.303935] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.304381] ? kasan_atomics+0x153/0x310 [ 32.304910] kasan_atomics+0x1dd/0x310 [ 32.305305] ? __pfx_kasan_atomics+0x10/0x10 [ 32.305655] ? __pfx_read_tsc+0x10/0x10 [ 32.306480] ? ktime_get_ts64+0x86/0x230 [ 32.306907] kunit_try_run_case+0x1b3/0x490 [ 32.307319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.307812] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.308338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.308726] ? __kthread_parkme+0x82/0x160 [ 32.309269] ? preempt_count_sub+0x50/0x80 [ 32.309925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.310324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.311045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.311449] kthread+0x257/0x310 [ 32.311762] ? __pfx_kthread+0x10/0x10 [ 32.312257] ret_from_fork+0x41/0x80 [ 32.312760] ? __pfx_kthread+0x10/0x10 [ 32.313080] ret_from_fork_asm+0x1a/0x30 [ 32.313419] </TASK> [ 32.313749] [ 32.314014] Allocated by task 272: [ 32.314426] kasan_save_stack+0x3d/0x60 [ 32.315015] kasan_save_track+0x18/0x40 [ 32.315365] kasan_save_alloc_info+0x3b/0x50 [ 32.315799] __kasan_kmalloc+0xb7/0xc0 [ 32.316351] __kmalloc_cache_noprof+0x184/0x410 [ 32.316984] kasan_atomics+0x96/0x310 [ 32.317293] kunit_try_run_case+0x1b3/0x490 [ 32.317827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.318424] kthread+0x257/0x310 [ 32.318716] ret_from_fork+0x41/0x80 [ 32.319200] ret_from_fork_asm+0x1a/0x30 [ 32.319930] [ 32.320190] The buggy address belongs to the object at ffff888102a0ec00 [ 32.320190] which belongs to the cache kmalloc-64 of size 64 [ 32.321405] The buggy address is located 0 bytes to the right of [ 32.321405] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.322162] [ 32.322333] The buggy address belongs to the physical page: [ 32.323069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.323797] flags: 0x200000000000000(node=0|zone=2) [ 32.324133] page_type: f5(slab) [ 32.324405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.325376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.326199] page dumped because: kasan: bad access detected [ 32.326743] [ 32.327013] Memory state around the buggy address: [ 32.327445] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.328841] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.329261] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.329590] ^ [ 32.330416] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.331418] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.332404] ================================================================== [ 32.820642] ================================================================== [ 32.821458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 32.822305] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.822992] [ 32.823286] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.824360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.824913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.825630] Call Trace: [ 32.826042] <TASK> [ 32.826395] dump_stack_lvl+0x73/0xb0 [ 32.826953] print_report+0xd1/0x640 [ 32.827518] ? __virt_addr_valid+0x1db/0x2d0 [ 32.828017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.828724] kasan_report+0x102/0x140 [ 32.829276] ? kasan_atomics_helper+0xb6b/0x5450 [ 32.829915] ? kasan_atomics_helper+0xb6b/0x5450 [ 32.830574] kasan_check_range+0x10c/0x1c0 [ 32.831017] __kasan_check_write+0x18/0x20 [ 32.831561] kasan_atomics_helper+0xb6b/0x5450 [ 32.832069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.832484] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.833119] ? kasan_atomics+0x153/0x310 [ 32.833746] kasan_atomics+0x1dd/0x310 [ 32.834168] ? __pfx_kasan_atomics+0x10/0x10 [ 32.834670] ? __pfx_read_tsc+0x10/0x10 [ 32.835201] ? ktime_get_ts64+0x86/0x230 [ 32.835716] kunit_try_run_case+0x1b3/0x490 [ 32.836199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.836811] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.837474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.838032] ? __kthread_parkme+0x82/0x160 [ 32.838563] ? preempt_count_sub+0x50/0x80 [ 32.839210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.839717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.840396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.841107] kthread+0x257/0x310 [ 32.841578] ? __pfx_kthread+0x10/0x10 [ 32.842032] ret_from_fork+0x41/0x80 [ 32.842586] ? __pfx_kthread+0x10/0x10 [ 32.842976] ret_from_fork_asm+0x1a/0x30 [ 32.843613] </TASK> [ 32.844067] [ 32.844238] Allocated by task 272: [ 32.844720] kasan_save_stack+0x3d/0x60 [ 32.845207] kasan_save_track+0x18/0x40 [ 32.845735] kasan_save_alloc_info+0x3b/0x50 [ 32.846334] __kasan_kmalloc+0xb7/0xc0 [ 32.846890] __kmalloc_cache_noprof+0x184/0x410 [ 32.847458] kasan_atomics+0x96/0x310 [ 32.847997] kunit_try_run_case+0x1b3/0x490 [ 32.848463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.849067] kthread+0x257/0x310 [ 32.849533] ret_from_fork+0x41/0x80 [ 32.850013] ret_from_fork_asm+0x1a/0x30 [ 32.850451] [ 32.850810] The buggy address belongs to the object at ffff888102a0ec00 [ 32.850810] which belongs to the cache kmalloc-64 of size 64 [ 32.851731] The buggy address is located 0 bytes to the right of [ 32.851731] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.852874] [ 32.853195] The buggy address belongs to the physical page: [ 32.853758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.854480] flags: 0x200000000000000(node=0|zone=2) [ 32.855034] page_type: f5(slab) [ 32.855527] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.856281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.857039] page dumped because: kasan: bad access detected [ 32.857634] [ 32.857886] Memory state around the buggy address: [ 32.858433] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.859263] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.860231] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.860965] ^ [ 32.861296] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.861993] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.862589] ================================================================== [ 33.410954] ================================================================== [ 33.411619] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 33.412254] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.412845] [ 33.413118] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.414079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.414525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.415170] Call Trace: [ 33.415458] <TASK> [ 33.415849] dump_stack_lvl+0x73/0xb0 [ 33.416337] print_report+0xd1/0x640 [ 33.416665] ? __virt_addr_valid+0x1db/0x2d0 [ 33.417115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.417839] kasan_report+0x102/0x140 [ 33.418322] ? kasan_atomics_helper+0x1218/0x5450 [ 33.418738] ? kasan_atomics_helper+0x1218/0x5450 [ 33.419368] kasan_check_range+0x10c/0x1c0 [ 33.419842] __kasan_check_write+0x18/0x20 [ 33.420241] kasan_atomics_helper+0x1218/0x5450 [ 33.420617] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.421303] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.421896] ? kasan_atomics+0x153/0x310 [ 33.422356] kasan_atomics+0x1dd/0x310 [ 33.422867] ? __pfx_kasan_atomics+0x10/0x10 [ 33.423340] ? __pfx_read_tsc+0x10/0x10 [ 33.423754] ? ktime_get_ts64+0x86/0x230 [ 33.424207] kunit_try_run_case+0x1b3/0x490 [ 33.424555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.425079] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.425602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.426106] ? __kthread_parkme+0x82/0x160 [ 33.426469] ? preempt_count_sub+0x50/0x80 [ 33.427066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.427615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.428103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.428744] kthread+0x257/0x310 [ 33.429234] ? __pfx_kthread+0x10/0x10 [ 33.429716] ret_from_fork+0x41/0x80 [ 33.430155] ? __pfx_kthread+0x10/0x10 [ 33.430465] ret_from_fork_asm+0x1a/0x30 [ 33.431081] </TASK> [ 33.431398] [ 33.431645] Allocated by task 272: [ 33.432095] kasan_save_stack+0x3d/0x60 [ 33.432401] kasan_save_track+0x18/0x40 [ 33.432838] kasan_save_alloc_info+0x3b/0x50 [ 33.433301] __kasan_kmalloc+0xb7/0xc0 [ 33.433666] __kmalloc_cache_noprof+0x184/0x410 [ 33.434129] kasan_atomics+0x96/0x310 [ 33.434605] kunit_try_run_case+0x1b3/0x490 [ 33.435217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.435655] kthread+0x257/0x310 [ 33.436154] ret_from_fork+0x41/0x80 [ 33.436535] ret_from_fork_asm+0x1a/0x30 [ 33.436982] [ 33.437240] The buggy address belongs to the object at ffff888102a0ec00 [ 33.437240] which belongs to the cache kmalloc-64 of size 64 [ 33.438192] The buggy address is located 0 bytes to the right of [ 33.438192] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.439428] [ 33.439660] The buggy address belongs to the physical page: [ 33.440219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.440697] flags: 0x200000000000000(node=0|zone=2) [ 33.441413] page_type: f5(slab) [ 33.442003] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.442839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.443664] page dumped because: kasan: bad access detected [ 33.444341] [ 33.444974] Memory state around the buggy address: [ 33.445438] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.446075] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.447218] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.447922] ^ [ 33.448751] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.449313] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.450189] ================================================================== [ 33.497494] ================================================================== [ 33.498018] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 33.498648] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.499396] [ 33.499602] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.500492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.500962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.501705] Call Trace: [ 33.502003] <TASK> [ 33.502320] dump_stack_lvl+0x73/0xb0 [ 33.502667] print_report+0xd1/0x640 [ 33.503201] ? __virt_addr_valid+0x1db/0x2d0 [ 33.503616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.504311] kasan_report+0x102/0x140 [ 33.504730] ? kasan_atomics_helper+0x12e7/0x5450 [ 33.505349] ? kasan_atomics_helper+0x12e7/0x5450 [ 33.505755] kasan_check_range+0x10c/0x1c0 [ 33.506334] __kasan_check_write+0x18/0x20 [ 33.506748] kasan_atomics_helper+0x12e7/0x5450 [ 33.507358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.507941] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.508471] ? kasan_atomics+0x153/0x310 [ 33.509066] kasan_atomics+0x1dd/0x310 [ 33.509446] ? __pfx_kasan_atomics+0x10/0x10 [ 33.509976] ? __pfx_read_tsc+0x10/0x10 [ 33.510427] ? ktime_get_ts64+0x86/0x230 [ 33.510979] kunit_try_run_case+0x1b3/0x490 [ 33.511427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.512044] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.512488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.513133] ? __kthread_parkme+0x82/0x160 [ 33.513475] ? preempt_count_sub+0x50/0x80 [ 33.514051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.514574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.515178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.515664] kthread+0x257/0x310 [ 33.516106] ? __pfx_kthread+0x10/0x10 [ 33.516599] ret_from_fork+0x41/0x80 [ 33.516998] ? __pfx_kthread+0x10/0x10 [ 33.517426] ret_from_fork_asm+0x1a/0x30 [ 33.517996] </TASK> [ 33.518323] [ 33.518516] Allocated by task 272: [ 33.519426] kasan_save_stack+0x3d/0x60 [ 33.520293] kasan_save_track+0x18/0x40 [ 33.520655] kasan_save_alloc_info+0x3b/0x50 [ 33.521205] __kasan_kmalloc+0xb7/0xc0 [ 33.521614] __kmalloc_cache_noprof+0x184/0x410 [ 33.522346] kasan_atomics+0x96/0x310 [ 33.522869] kunit_try_run_case+0x1b3/0x490 [ 33.523386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.523874] kthread+0x257/0x310 [ 33.524205] ret_from_fork+0x41/0x80 [ 33.524572] ret_from_fork_asm+0x1a/0x30 [ 33.525578] [ 33.525773] The buggy address belongs to the object at ffff888102a0ec00 [ 33.525773] which belongs to the cache kmalloc-64 of size 64 [ 33.527589] The buggy address is located 0 bytes to the right of [ 33.527589] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.529453] [ 33.529852] The buggy address belongs to the physical page: [ 33.530374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.531091] flags: 0x200000000000000(node=0|zone=2) [ 33.531537] page_type: f5(slab) [ 33.532068] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.532886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.533650] page dumped because: kasan: bad access detected [ 33.534203] [ 33.534468] Memory state around the buggy address: [ 33.535019] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.535670] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.536456] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.537154] ^ [ 33.537745] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.538437] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.539128] ================================================================== [ 34.626381] ================================================================== [ 34.627403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 34.628345] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.629366] [ 34.629700] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.630632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.631116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.632085] Call Trace: [ 34.632453] <TASK> [ 34.632813] dump_stack_lvl+0x73/0xb0 [ 34.633170] print_report+0xd1/0x640 [ 34.633659] ? __virt_addr_valid+0x1db/0x2d0 [ 34.634346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.634914] kasan_report+0x102/0x140 [ 34.635493] ? kasan_atomics_helper+0x2007/0x5450 [ 34.636144] ? kasan_atomics_helper+0x2007/0x5450 [ 34.636861] kasan_check_range+0x10c/0x1c0 [ 34.637301] __kasan_check_write+0x18/0x20 [ 34.637709] kasan_atomics_helper+0x2007/0x5450 [ 34.638228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.638671] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.639325] ? kasan_atomics+0x153/0x310 [ 34.639950] kasan_atomics+0x1dd/0x310 [ 34.640428] ? __pfx_kasan_atomics+0x10/0x10 [ 34.641077] ? __pfx_read_tsc+0x10/0x10 [ 34.641514] ? ktime_get_ts64+0x86/0x230 [ 34.642131] kunit_try_run_case+0x1b3/0x490 [ 34.642558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.643206] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.643841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.644478] ? __kthread_parkme+0x82/0x160 [ 34.645101] ? preempt_count_sub+0x50/0x80 [ 34.645642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.646237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.646880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.647457] kthread+0x257/0x310 [ 34.648011] ? __pfx_kthread+0x10/0x10 [ 34.648502] ret_from_fork+0x41/0x80 [ 34.648988] ? __pfx_kthread+0x10/0x10 [ 34.649308] ret_from_fork_asm+0x1a/0x30 [ 34.649908] </TASK> [ 34.650235] [ 34.650507] Allocated by task 272: [ 34.650985] kasan_save_stack+0x3d/0x60 [ 34.651376] kasan_save_track+0x18/0x40 [ 34.651947] kasan_save_alloc_info+0x3b/0x50 [ 34.652486] __kasan_kmalloc+0xb7/0xc0 [ 34.652951] __kmalloc_cache_noprof+0x184/0x410 [ 34.653390] kasan_atomics+0x96/0x310 [ 34.653963] kunit_try_run_case+0x1b3/0x490 [ 34.654474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.655140] kthread+0x257/0x310 [ 34.655427] ret_from_fork+0x41/0x80 [ 34.656054] ret_from_fork_asm+0x1a/0x30 [ 34.656461] [ 34.656624] The buggy address belongs to the object at ffff888102a0ec00 [ 34.656624] which belongs to the cache kmalloc-64 of size 64 [ 34.657625] The buggy address is located 0 bytes to the right of [ 34.657625] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.658826] [ 34.659064] The buggy address belongs to the physical page: [ 34.659651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.660359] flags: 0x200000000000000(node=0|zone=2) [ 34.661085] page_type: f5(slab) [ 34.661392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.662199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.663041] page dumped because: kasan: bad access detected [ 34.663522] [ 34.663847] Memory state around the buggy address: [ 34.664304] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.665200] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.665900] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.666541] ^ [ 34.667136] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.667879] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.668559] ================================================================== [ 34.492269] ================================================================== [ 34.493180] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 34.494054] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.494736] [ 34.495078] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.496136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.496611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.497627] Call Trace: [ 34.497980] <TASK> [ 34.498309] dump_stack_lvl+0x73/0xb0 [ 34.498800] print_report+0xd1/0x640 [ 34.499369] ? __virt_addr_valid+0x1db/0x2d0 [ 34.499902] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.500502] kasan_report+0x102/0x140 [ 34.501147] ? kasan_atomics_helper+0x1eab/0x5450 [ 34.501539] ? kasan_atomics_helper+0x1eab/0x5450 [ 34.502279] kasan_check_range+0x10c/0x1c0 [ 34.502659] __kasan_check_write+0x18/0x20 [ 34.503212] kasan_atomics_helper+0x1eab/0x5450 [ 34.503734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.504332] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.504744] ? kasan_atomics+0x153/0x310 [ 34.505290] kasan_atomics+0x1dd/0x310 [ 34.505816] ? __pfx_kasan_atomics+0x10/0x10 [ 34.506410] ? __pfx_read_tsc+0x10/0x10 [ 34.507091] ? ktime_get_ts64+0x86/0x230 [ 34.507560] kunit_try_run_case+0x1b3/0x490 [ 34.508230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.508810] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.509322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.509931] ? __kthread_parkme+0x82/0x160 [ 34.510458] ? preempt_count_sub+0x50/0x80 [ 34.511023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.511530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.512174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.512962] kthread+0x257/0x310 [ 34.513526] ? __pfx_kthread+0x10/0x10 [ 34.514169] ret_from_fork+0x41/0x80 [ 34.514571] ? __pfx_kthread+0x10/0x10 [ 34.514994] ret_from_fork_asm+0x1a/0x30 [ 34.515363] </TASK> [ 34.515644] [ 34.515924] Allocated by task 272: [ 34.516312] kasan_save_stack+0x3d/0x60 [ 34.516730] kasan_save_track+0x18/0x40 [ 34.517153] kasan_save_alloc_info+0x3b/0x50 [ 34.517621] __kasan_kmalloc+0xb7/0xc0 [ 34.518182] __kmalloc_cache_noprof+0x184/0x410 [ 34.518748] kasan_atomics+0x96/0x310 [ 34.519247] kunit_try_run_case+0x1b3/0x490 [ 34.519582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.520303] kthread+0x257/0x310 [ 34.520740] ret_from_fork+0x41/0x80 [ 34.521184] ret_from_fork_asm+0x1a/0x30 [ 34.521490] [ 34.521808] The buggy address belongs to the object at ffff888102a0ec00 [ 34.521808] which belongs to the cache kmalloc-64 of size 64 [ 34.522919] The buggy address is located 0 bytes to the right of [ 34.522919] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.523936] [ 34.524110] The buggy address belongs to the physical page: [ 34.524746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.525337] flags: 0x200000000000000(node=0|zone=2) [ 34.525965] page_type: f5(slab) [ 34.526376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.527101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.527714] page dumped because: kasan: bad access detected [ 34.528238] [ 34.528488] Memory state around the buggy address: [ 34.528962] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.529576] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.530227] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.530832] ^ [ 34.531156] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.531956] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.532601] ================================================================== [ 33.586522] ================================================================== [ 33.587329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 33.588059] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.588619] [ 33.589016] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.589954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.590510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.591385] Call Trace: [ 33.591769] <TASK> [ 33.592122] dump_stack_lvl+0x73/0xb0 [ 33.592516] print_report+0xd1/0x640 [ 33.593181] ? __virt_addr_valid+0x1db/0x2d0 [ 33.593627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.594387] kasan_report+0x102/0x140 [ 33.594855] ? kasan_atomics_helper+0x13b6/0x5450 [ 33.595451] ? kasan_atomics_helper+0x13b6/0x5450 [ 33.596036] kasan_check_range+0x10c/0x1c0 [ 33.596620] __kasan_check_read+0x15/0x20 [ 33.597187] kasan_atomics_helper+0x13b6/0x5450 [ 33.597851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.598340] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.598845] ? kasan_atomics+0x153/0x310 [ 33.599435] kasan_atomics+0x1dd/0x310 [ 33.600033] ? __pfx_kasan_atomics+0x10/0x10 [ 33.600518] ? __pfx_read_tsc+0x10/0x10 [ 33.600971] ? ktime_get_ts64+0x86/0x230 [ 33.601347] kunit_try_run_case+0x1b3/0x490 [ 33.602080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.602741] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.603299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.603707] ? __kthread_parkme+0x82/0x160 [ 33.604316] ? preempt_count_sub+0x50/0x80 [ 33.604858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.605321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.605962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.606585] kthread+0x257/0x310 [ 33.606968] ? __pfx_kthread+0x10/0x10 [ 33.607306] ret_from_fork+0x41/0x80 [ 33.607880] ? __pfx_kthread+0x10/0x10 [ 33.608229] ret_from_fork_asm+0x1a/0x30 [ 33.608669] </TASK> [ 33.609037] [ 33.609298] Allocated by task 272: [ 33.609607] kasan_save_stack+0x3d/0x60 [ 33.610037] kasan_save_track+0x18/0x40 [ 33.610529] kasan_save_alloc_info+0x3b/0x50 [ 33.611042] __kasan_kmalloc+0xb7/0xc0 [ 33.611427] __kmalloc_cache_noprof+0x184/0x410 [ 33.611896] kasan_atomics+0x96/0x310 [ 33.612498] kunit_try_run_case+0x1b3/0x490 [ 33.613001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.613503] kthread+0x257/0x310 [ 33.613872] ret_from_fork+0x41/0x80 [ 33.614421] ret_from_fork_asm+0x1a/0x30 [ 33.615035] [ 33.615299] The buggy address belongs to the object at ffff888102a0ec00 [ 33.615299] which belongs to the cache kmalloc-64 of size 64 [ 33.616269] The buggy address is located 0 bytes to the right of [ 33.616269] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.617358] [ 33.617626] The buggy address belongs to the physical page: [ 33.618210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.619100] flags: 0x200000000000000(node=0|zone=2) [ 33.619497] page_type: f5(slab) [ 33.620092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.620923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.621508] page dumped because: kasan: bad access detected [ 33.622117] [ 33.622347] Memory state around the buggy address: [ 33.622900] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.623450] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.624217] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.625025] ^ [ 33.625503] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.626235] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.626992] ================================================================== [ 33.059297] ================================================================== [ 33.059905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 33.061784] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.062297] [ 33.062765] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.064364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.064806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.065743] Call Trace: [ 33.066234] <TASK> [ 33.066455] dump_stack_lvl+0x73/0xb0 [ 33.066983] print_report+0xd1/0x640 [ 33.067419] ? __virt_addr_valid+0x1db/0x2d0 [ 33.068035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.068662] kasan_report+0x102/0x140 [ 33.069190] ? kasan_atomics_helper+0xe79/0x5450 [ 33.069984] ? kasan_atomics_helper+0xe79/0x5450 [ 33.070490] kasan_check_range+0x10c/0x1c0 [ 33.071067] __kasan_check_write+0x18/0x20 [ 33.071579] kasan_atomics_helper+0xe79/0x5450 [ 33.072051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.072477] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.072921] ? kasan_atomics+0x153/0x310 [ 33.073448] kasan_atomics+0x1dd/0x310 [ 33.073923] ? __pfx_kasan_atomics+0x10/0x10 [ 33.074341] ? __pfx_read_tsc+0x10/0x10 [ 33.074927] ? ktime_get_ts64+0x86/0x230 [ 33.075435] kunit_try_run_case+0x1b3/0x490 [ 33.076004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.076457] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.077050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.077526] ? __kthread_parkme+0x82/0x160 [ 33.078025] ? preempt_count_sub+0x50/0x80 [ 33.078373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.079026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.079583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.080087] kthread+0x257/0x310 [ 33.080538] ? __pfx_kthread+0x10/0x10 [ 33.081012] ret_from_fork+0x41/0x80 [ 33.081503] ? __pfx_kthread+0x10/0x10 [ 33.081892] ret_from_fork_asm+0x1a/0x30 [ 33.082441] </TASK> [ 33.082726] [ 33.083009] Allocated by task 272: [ 33.083402] kasan_save_stack+0x3d/0x60 [ 33.083952] kasan_save_track+0x18/0x40 [ 33.084343] kasan_save_alloc_info+0x3b/0x50 [ 33.084945] __kasan_kmalloc+0xb7/0xc0 [ 33.085350] __kmalloc_cache_noprof+0x184/0x410 [ 33.085860] kasan_atomics+0x96/0x310 [ 33.086306] kunit_try_run_case+0x1b3/0x490 [ 33.086712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.087268] kthread+0x257/0x310 [ 33.087639] ret_from_fork+0x41/0x80 [ 33.088076] ret_from_fork_asm+0x1a/0x30 [ 33.088611] [ 33.088964] The buggy address belongs to the object at ffff888102a0ec00 [ 33.088964] which belongs to the cache kmalloc-64 of size 64 [ 33.089842] The buggy address is located 0 bytes to the right of [ 33.089842] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.090990] [ 33.091251] The buggy address belongs to the physical page: [ 33.091671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.092471] flags: 0x200000000000000(node=0|zone=2) [ 33.092926] page_type: f5(slab) [ 33.093339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.094083] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.094710] page dumped because: kasan: bad access detected [ 33.095359] [ 33.095619] Memory state around the buggy address: [ 33.096167] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.096673] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.097406] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.098168] ^ [ 33.098492] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.099281] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.100076] ================================================================== [ 32.551393] ================================================================== [ 32.551956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 32.553019] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.553754] [ 32.553989] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.555228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.555576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.556436] Call Trace: [ 32.556846] <TASK> [ 32.557223] dump_stack_lvl+0x73/0xb0 [ 32.557643] print_report+0xd1/0x640 [ 32.558270] ? __virt_addr_valid+0x1db/0x2d0 [ 32.558613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.559393] kasan_report+0x102/0x140 [ 32.559759] ? kasan_atomics_helper+0x7c8/0x5450 [ 32.560477] ? kasan_atomics_helper+0x7c8/0x5450 [ 32.561085] kasan_check_range+0x10c/0x1c0 [ 32.561576] __kasan_check_write+0x18/0x20 [ 32.562186] kasan_atomics_helper+0x7c8/0x5450 [ 32.562625] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.563362] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.563946] ? kasan_atomics+0x153/0x310 [ 32.564452] kasan_atomics+0x1dd/0x310 [ 32.564903] ? __pfx_kasan_atomics+0x10/0x10 [ 32.565469] ? __pfx_read_tsc+0x10/0x10 [ 32.566052] ? ktime_get_ts64+0x86/0x230 [ 32.566433] kunit_try_run_case+0x1b3/0x490 [ 32.567116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.567611] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.568323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.568745] ? __kthread_parkme+0x82/0x160 [ 32.569482] ? preempt_count_sub+0x50/0x80 [ 32.570336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.570809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.571296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.572094] kthread+0x257/0x310 [ 32.572472] ? __pfx_kthread+0x10/0x10 [ 32.573048] ret_from_fork+0x41/0x80 [ 32.573482] ? __pfx_kthread+0x10/0x10 [ 32.573913] ret_from_fork_asm+0x1a/0x30 [ 32.574484] </TASK> [ 32.574889] [ 32.575096] Allocated by task 272: [ 32.575523] kasan_save_stack+0x3d/0x60 [ 32.576176] kasan_save_track+0x18/0x40 [ 32.576773] kasan_save_alloc_info+0x3b/0x50 [ 32.577205] __kasan_kmalloc+0xb7/0xc0 [ 32.577751] __kmalloc_cache_noprof+0x184/0x410 [ 32.578219] kasan_atomics+0x96/0x310 [ 32.578745] kunit_try_run_case+0x1b3/0x490 [ 32.579206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.579878] kthread+0x257/0x310 [ 32.580365] ret_from_fork+0x41/0x80 [ 32.580912] ret_from_fork_asm+0x1a/0x30 [ 32.581426] [ 32.581762] The buggy address belongs to the object at ffff888102a0ec00 [ 32.581762] which belongs to the cache kmalloc-64 of size 64 [ 32.582947] The buggy address is located 0 bytes to the right of [ 32.582947] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.584117] [ 32.584545] The buggy address belongs to the physical page: [ 32.584966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.586015] flags: 0x200000000000000(node=0|zone=2) [ 32.586477] page_type: f5(slab) [ 32.586945] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.587724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.588540] page dumped because: kasan: bad access detected [ 32.589094] [ 32.589458] Memory state around the buggy address: [ 32.589925] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.590555] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.591499] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.592144] ^ [ 32.592769] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.593569] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.594394] ================================================================== [ 34.447259] ================================================================== [ 34.447999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 34.448724] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.449290] [ 34.449599] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.450850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.451140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.452312] Call Trace: [ 34.452755] <TASK> [ 34.452970] dump_stack_lvl+0x73/0xb0 [ 34.453834] print_report+0xd1/0x640 [ 34.454146] ? __virt_addr_valid+0x1db/0x2d0 [ 34.454503] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.455467] kasan_report+0x102/0x140 [ 34.456082] ? kasan_atomics_helper+0x1e13/0x5450 [ 34.456628] ? kasan_atomics_helper+0x1e13/0x5450 [ 34.457293] kasan_check_range+0x10c/0x1c0 [ 34.457882] __kasan_check_write+0x18/0x20 [ 34.458348] kasan_atomics_helper+0x1e13/0x5450 [ 34.459025] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.459522] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.460252] ? kasan_atomics+0x153/0x310 [ 34.460584] kasan_atomics+0x1dd/0x310 [ 34.461228] ? __pfx_kasan_atomics+0x10/0x10 [ 34.461602] ? __pfx_read_tsc+0x10/0x10 [ 34.462193] ? ktime_get_ts64+0x86/0x230 [ 34.462724] kunit_try_run_case+0x1b3/0x490 [ 34.463291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.464001] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.464666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.465194] ? __kthread_parkme+0x82/0x160 [ 34.465606] ? preempt_count_sub+0x50/0x80 [ 34.466328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.466888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.467577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.468335] kthread+0x257/0x310 [ 34.468828] ? __pfx_kthread+0x10/0x10 [ 34.469264] ret_from_fork+0x41/0x80 [ 34.469667] ? __pfx_kthread+0x10/0x10 [ 34.470213] ret_from_fork_asm+0x1a/0x30 [ 34.470541] </TASK> [ 34.470890] [ 34.471224] Allocated by task 272: [ 34.471792] kasan_save_stack+0x3d/0x60 [ 34.472397] kasan_save_track+0x18/0x40 [ 34.472876] kasan_save_alloc_info+0x3b/0x50 [ 34.473356] __kasan_kmalloc+0xb7/0xc0 [ 34.473652] __kmalloc_cache_noprof+0x184/0x410 [ 34.474313] kasan_atomics+0x96/0x310 [ 34.474940] kunit_try_run_case+0x1b3/0x490 [ 34.475287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.476044] kthread+0x257/0x310 [ 34.476449] ret_from_fork+0x41/0x80 [ 34.477013] ret_from_fork_asm+0x1a/0x30 [ 34.477432] [ 34.477604] The buggy address belongs to the object at ffff888102a0ec00 [ 34.477604] which belongs to the cache kmalloc-64 of size 64 [ 34.479249] The buggy address is located 0 bytes to the right of [ 34.479249] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.481020] [ 34.481542] The buggy address belongs to the physical page: [ 34.482216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.482530] flags: 0x200000000000000(node=0|zone=2) [ 34.482775] page_type: f5(slab) [ 34.483291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.484539] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.485169] page dumped because: kasan: bad access detected [ 34.485936] [ 34.486231] Memory state around the buggy address: [ 34.486806] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.487475] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.488373] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.489269] ^ [ 34.489914] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.490459] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.491263] ================================================================== [ 32.507616] ================================================================== [ 32.508313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 32.509139] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.510187] [ 32.510465] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.511481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.512106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.513070] Call Trace: [ 32.513424] <TASK> [ 32.513746] dump_stack_lvl+0x73/0xb0 [ 32.514381] print_report+0xd1/0x640 [ 32.514862] ? __virt_addr_valid+0x1db/0x2d0 [ 32.515484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.516149] kasan_report+0x102/0x140 [ 32.516561] ? kasan_atomics_helper+0x730/0x5450 [ 32.517209] ? kasan_atomics_helper+0x730/0x5450 [ 32.517702] kasan_check_range+0x10c/0x1c0 [ 32.518252] __kasan_check_write+0x18/0x20 [ 32.518889] kasan_atomics_helper+0x730/0x5450 [ 32.519411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.520146] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.520551] ? kasan_atomics+0x153/0x310 [ 32.521170] kasan_atomics+0x1dd/0x310 [ 32.521736] ? __pfx_kasan_atomics+0x10/0x10 [ 32.522310] ? __pfx_read_tsc+0x10/0x10 [ 32.522718] ? ktime_get_ts64+0x86/0x230 [ 32.523388] kunit_try_run_case+0x1b3/0x490 [ 32.523965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.524610] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.525268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.525902] ? __kthread_parkme+0x82/0x160 [ 32.526455] ? preempt_count_sub+0x50/0x80 [ 32.526933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.527554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.528193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.528800] kthread+0x257/0x310 [ 32.529254] ? __pfx_kthread+0x10/0x10 [ 32.529617] ret_from_fork+0x41/0x80 [ 32.530147] ? __pfx_kthread+0x10/0x10 [ 32.530513] ret_from_fork_asm+0x1a/0x30 [ 32.531127] </TASK> [ 32.531515] [ 32.531844] Allocated by task 272: [ 32.532267] kasan_save_stack+0x3d/0x60 [ 32.532676] kasan_save_track+0x18/0x40 [ 32.533246] kasan_save_alloc_info+0x3b/0x50 [ 32.533593] __kasan_kmalloc+0xb7/0xc0 [ 32.534218] __kmalloc_cache_noprof+0x184/0x410 [ 32.534620] kasan_atomics+0x96/0x310 [ 32.535141] kunit_try_run_case+0x1b3/0x490 [ 32.535583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.536340] kthread+0x257/0x310 [ 32.536727] ret_from_fork+0x41/0x80 [ 32.537216] ret_from_fork_asm+0x1a/0x30 [ 32.537904] [ 32.538105] The buggy address belongs to the object at ffff888102a0ec00 [ 32.538105] which belongs to the cache kmalloc-64 of size 64 [ 32.539265] The buggy address is located 0 bytes to the right of [ 32.539265] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.540432] [ 32.540815] The buggy address belongs to the physical page: [ 32.541375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.542186] flags: 0x200000000000000(node=0|zone=2) [ 32.542718] page_type: f5(slab) [ 32.543160] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.543974] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.544654] page dumped because: kasan: bad access detected [ 32.545299] [ 32.545600] Memory state around the buggy address: [ 32.546273] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.547071] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.547748] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.548429] ^ [ 32.548974] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.549623] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.550284] ================================================================== [ 32.160322] ================================================================== [ 32.161930] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 32.162798] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.163841] [ 32.164108] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.165212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.166271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.167233] Call Trace: [ 32.167504] <TASK> [ 32.167833] dump_stack_lvl+0x73/0xb0 [ 32.168381] print_report+0xd1/0x640 [ 32.168947] ? __virt_addr_valid+0x1db/0x2d0 [ 32.169366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.170122] kasan_report+0x102/0x140 [ 32.170507] ? kasan_atomics_helper+0x4b70/0x5450 [ 32.171163] ? kasan_atomics_helper+0x4b70/0x5450 [ 32.171575] __asan_report_store4_noabort+0x1b/0x30 [ 32.172052] kasan_atomics_helper+0x4b70/0x5450 [ 32.172608] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.173232] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.173968] ? kasan_atomics+0x153/0x310 [ 32.174340] kasan_atomics+0x1dd/0x310 [ 32.174884] ? __pfx_kasan_atomics+0x10/0x10 [ 32.175301] ? __pfx_read_tsc+0x10/0x10 [ 32.175872] ? ktime_get_ts64+0x86/0x230 [ 32.176298] kunit_try_run_case+0x1b3/0x490 [ 32.176743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.177573] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.178257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.178744] ? __kthread_parkme+0x82/0x160 [ 32.179220] ? preempt_count_sub+0x50/0x80 [ 32.179628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.180371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.181153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.181604] kthread+0x257/0x310 [ 32.182207] ? __pfx_kthread+0x10/0x10 [ 32.182558] ret_from_fork+0x41/0x80 [ 32.183134] ? __pfx_kthread+0x10/0x10 [ 32.183814] ret_from_fork_asm+0x1a/0x30 [ 32.184210] </TASK> [ 32.184522] [ 32.184842] Allocated by task 272: [ 32.185124] kasan_save_stack+0x3d/0x60 [ 32.185650] kasan_save_track+0x18/0x40 [ 32.186124] kasan_save_alloc_info+0x3b/0x50 [ 32.186464] __kasan_kmalloc+0xb7/0xc0 [ 32.186861] __kmalloc_cache_noprof+0x184/0x410 [ 32.187714] kasan_atomics+0x96/0x310 [ 32.188175] kunit_try_run_case+0x1b3/0x490 [ 32.188652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.189424] kthread+0x257/0x310 [ 32.189841] ret_from_fork+0x41/0x80 [ 32.190441] ret_from_fork_asm+0x1a/0x30 [ 32.190853] [ 32.191019] The buggy address belongs to the object at ffff888102a0ec00 [ 32.191019] which belongs to the cache kmalloc-64 of size 64 [ 32.192493] The buggy address is located 0 bytes to the right of [ 32.192493] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.193631] [ 32.194056] The buggy address belongs to the physical page: [ 32.194832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.195468] flags: 0x200000000000000(node=0|zone=2) [ 32.195976] page_type: f5(slab) [ 32.196593] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.197304] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.198171] page dumped because: kasan: bad access detected [ 32.198896] [ 32.199206] Memory state around the buggy address: [ 32.199666] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.200563] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.201267] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.202107] ^ [ 32.202502] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.204099] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.204770] ================================================================== [ 33.716649] ================================================================== [ 33.717454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 33.718018] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.718740] [ 33.718954] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.720126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.720587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.722235] Call Trace: [ 33.722569] <TASK> [ 33.722974] dump_stack_lvl+0x73/0xb0 [ 33.723490] print_report+0xd1/0x640 [ 33.724107] ? __virt_addr_valid+0x1db/0x2d0 [ 33.724575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.725223] kasan_report+0x102/0x140 [ 33.725893] ? kasan_atomics_helper+0x50d6/0x5450 [ 33.726295] ? kasan_atomics_helper+0x50d6/0x5450 [ 33.726945] __asan_report_store8_noabort+0x1b/0x30 [ 33.727571] kasan_atomics_helper+0x50d6/0x5450 [ 33.728046] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.728723] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.729309] ? kasan_atomics+0x153/0x310 [ 33.729895] kasan_atomics+0x1dd/0x310 [ 33.730423] ? __pfx_kasan_atomics+0x10/0x10 [ 33.730977] ? __pfx_read_tsc+0x10/0x10 [ 33.731462] ? ktime_get_ts64+0x86/0x230 [ 33.731939] kunit_try_run_case+0x1b3/0x490 [ 33.732393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.733066] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.733487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.734195] ? __kthread_parkme+0x82/0x160 [ 33.734594] ? preempt_count_sub+0x50/0x80 [ 33.735270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.735835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.736539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.737088] kthread+0x257/0x310 [ 33.737602] ? __pfx_kthread+0x10/0x10 [ 33.738075] ret_from_fork+0x41/0x80 [ 33.738600] ? __pfx_kthread+0x10/0x10 [ 33.739142] ret_from_fork_asm+0x1a/0x30 [ 33.739583] </TASK> [ 33.740076] [ 33.740277] Allocated by task 272: [ 33.740821] kasan_save_stack+0x3d/0x60 [ 33.741254] kasan_save_track+0x18/0x40 [ 33.741713] kasan_save_alloc_info+0x3b/0x50 [ 33.742221] __kasan_kmalloc+0xb7/0xc0 [ 33.742795] __kmalloc_cache_noprof+0x184/0x410 [ 33.743268] kasan_atomics+0x96/0x310 [ 33.743802] kunit_try_run_case+0x1b3/0x490 [ 33.744318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.744824] kthread+0x257/0x310 [ 33.745279] ret_from_fork+0x41/0x80 [ 33.745983] ret_from_fork_asm+0x1a/0x30 [ 33.746391] [ 33.746562] The buggy address belongs to the object at ffff888102a0ec00 [ 33.746562] which belongs to the cache kmalloc-64 of size 64 [ 33.747989] The buggy address is located 0 bytes to the right of [ 33.747989] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.749158] [ 33.749406] The buggy address belongs to the physical page: [ 33.750033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.750852] flags: 0x200000000000000(node=0|zone=2) [ 33.751329] page_type: f5(slab) [ 33.751830] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.752608] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.753390] page dumped because: kasan: bad access detected [ 33.753995] [ 33.754170] Memory state around the buggy address: [ 33.754734] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.755479] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.756112] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.756845] ^ [ 33.757405] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.758190] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.758940] ================================================================== [ 33.673913] ================================================================== [ 33.674470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 33.675376] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.676133] [ 33.676428] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.677387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.678006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.678945] Call Trace: [ 33.679192] <TASK> [ 33.679582] dump_stack_lvl+0x73/0xb0 [ 33.680048] print_report+0xd1/0x640 [ 33.680478] ? __virt_addr_valid+0x1db/0x2d0 [ 33.681092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.681715] kasan_report+0x102/0x140 [ 33.682137] ? kasan_atomics_helper+0x1468/0x5450 [ 33.682639] ? kasan_atomics_helper+0x1468/0x5450 [ 33.683227] kasan_check_range+0x10c/0x1c0 [ 33.683894] __kasan_check_write+0x18/0x20 [ 33.684413] kasan_atomics_helper+0x1468/0x5450 [ 33.685115] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.685573] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.686223] ? kasan_atomics+0x153/0x310 [ 33.686668] kasan_atomics+0x1dd/0x310 [ 33.687290] ? __pfx_kasan_atomics+0x10/0x10 [ 33.687718] ? __pfx_read_tsc+0x10/0x10 [ 33.688227] ? ktime_get_ts64+0x86/0x230 [ 33.688719] kunit_try_run_case+0x1b3/0x490 [ 33.689239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.690010] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.690553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.691084] ? __kthread_parkme+0x82/0x160 [ 33.691674] ? preempt_count_sub+0x50/0x80 [ 33.692246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.692658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.693435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.693914] kthread+0x257/0x310 [ 33.694422] ? __pfx_kthread+0x10/0x10 [ 33.694987] ret_from_fork+0x41/0x80 [ 33.695345] ? __pfx_kthread+0x10/0x10 [ 33.695949] ret_from_fork_asm+0x1a/0x30 [ 33.696330] </TASK> [ 33.696741] [ 33.697056] Allocated by task 272: [ 33.697361] kasan_save_stack+0x3d/0x60 [ 33.697986] kasan_save_track+0x18/0x40 [ 33.698356] kasan_save_alloc_info+0x3b/0x50 [ 33.698999] __kasan_kmalloc+0xb7/0xc0 [ 33.699475] __kmalloc_cache_noprof+0x184/0x410 [ 33.699956] kasan_atomics+0x96/0x310 [ 33.700436] kunit_try_run_case+0x1b3/0x490 [ 33.701071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.701708] kthread+0x257/0x310 [ 33.702100] ret_from_fork+0x41/0x80 [ 33.702636] ret_from_fork_asm+0x1a/0x30 [ 33.703058] [ 33.703383] The buggy address belongs to the object at ffff888102a0ec00 [ 33.703383] which belongs to the cache kmalloc-64 of size 64 [ 33.704483] The buggy address is located 0 bytes to the right of [ 33.704483] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.705594] [ 33.706001] The buggy address belongs to the physical page: [ 33.706407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.707224] flags: 0x200000000000000(node=0|zone=2) [ 33.707930] page_type: f5(slab) [ 33.708284] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.709116] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.709909] page dumped because: kasan: bad access detected [ 33.710434] [ 33.710718] Memory state around the buggy address: [ 33.711240] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.712054] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.712936] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.713595] ^ [ 33.714077] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.714816] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.715446] ================================================================== [ 33.327330] ================================================================== [ 33.329039] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 33.330569] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.331917] [ 33.332202] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.333281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.333747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.334583] Call Trace: [ 33.334926] <TASK> [ 33.335217] dump_stack_lvl+0x73/0xb0 [ 33.335644] print_report+0xd1/0x640 [ 33.336366] ? __virt_addr_valid+0x1db/0x2d0 [ 33.337134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.337668] kasan_report+0x102/0x140 [ 33.338289] ? kasan_atomics_helper+0x1149/0x5450 [ 33.338826] ? kasan_atomics_helper+0x1149/0x5450 [ 33.339433] kasan_check_range+0x10c/0x1c0 [ 33.340087] __kasan_check_write+0x18/0x20 [ 33.340517] kasan_atomics_helper+0x1149/0x5450 [ 33.341359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.342195] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.342694] ? kasan_atomics+0x153/0x310 [ 33.343154] kasan_atomics+0x1dd/0x310 [ 33.343562] ? __pfx_kasan_atomics+0x10/0x10 [ 33.344121] ? __pfx_read_tsc+0x10/0x10 [ 33.344608] ? ktime_get_ts64+0x86/0x230 [ 33.345075] kunit_try_run_case+0x1b3/0x490 [ 33.345602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.346099] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.346595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.347144] ? __kthread_parkme+0x82/0x160 [ 33.347607] ? preempt_count_sub+0x50/0x80 [ 33.348046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.348537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.349080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.349741] kthread+0x257/0x310 [ 33.350235] ? __pfx_kthread+0x10/0x10 [ 33.350659] ret_from_fork+0x41/0x80 [ 33.351112] ? __pfx_kthread+0x10/0x10 [ 33.351497] ret_from_fork_asm+0x1a/0x30 [ 33.351936] </TASK> [ 33.352248] [ 33.352508] Allocated by task 272: [ 33.352915] kasan_save_stack+0x3d/0x60 [ 33.353282] kasan_save_track+0x18/0x40 [ 33.353653] kasan_save_alloc_info+0x3b/0x50 [ 33.354265] __kasan_kmalloc+0xb7/0xc0 [ 33.354654] __kmalloc_cache_noprof+0x184/0x410 [ 33.355135] kasan_atomics+0x96/0x310 [ 33.355535] kunit_try_run_case+0x1b3/0x490 [ 33.356026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.356642] kthread+0x257/0x310 [ 33.357044] ret_from_fork+0x41/0x80 [ 33.357395] ret_from_fork_asm+0x1a/0x30 [ 33.357847] [ 33.358106] The buggy address belongs to the object at ffff888102a0ec00 [ 33.358106] which belongs to the cache kmalloc-64 of size 64 [ 33.359095] The buggy address is located 0 bytes to the right of [ 33.359095] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.360354] [ 33.360635] The buggy address belongs to the physical page: [ 33.361190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.361663] flags: 0x200000000000000(node=0|zone=2) [ 33.362280] page_type: f5(slab) [ 33.362649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.363478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.364236] page dumped because: kasan: bad access detected [ 33.364859] [ 33.365057] Memory state around the buggy address: [ 33.365375] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.366079] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.366573] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.367284] ^ [ 33.367807] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.368335] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.368907] ================================================================== [ 32.109660] ================================================================== [ 32.110370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 32.111311] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.112093] [ 32.112346] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.113519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.114148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.115508] Call Trace: [ 32.115843] <TASK> [ 32.116266] dump_stack_lvl+0x73/0xb0 [ 32.116578] print_report+0xd1/0x640 [ 32.117479] ? __virt_addr_valid+0x1db/0x2d0 [ 32.118328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.118774] kasan_report+0x102/0x140 [ 32.119585] ? kasan_atomics_helper+0x4b8a/0x5450 [ 32.120057] ? kasan_atomics_helper+0x4b8a/0x5450 [ 32.120938] __asan_report_load4_noabort+0x18/0x20 [ 32.121612] kasan_atomics_helper+0x4b8a/0x5450 [ 32.122468] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.123189] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.123995] ? kasan_atomics+0x153/0x310 [ 32.124817] kasan_atomics+0x1dd/0x310 [ 32.125140] ? __pfx_kasan_atomics+0x10/0x10 [ 32.125849] ? __pfx_read_tsc+0x10/0x10 [ 32.126670] ? ktime_get_ts64+0x86/0x230 [ 32.127038] kunit_try_run_case+0x1b3/0x490 [ 32.127535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.128539] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.128914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.129871] ? __kthread_parkme+0x82/0x160 [ 32.130583] ? preempt_count_sub+0x50/0x80 [ 32.131187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.131719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.132487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.133081] kthread+0x257/0x310 [ 32.133803] ? __pfx_kthread+0x10/0x10 [ 32.134349] ret_from_fork+0x41/0x80 [ 32.134847] ? __pfx_kthread+0x10/0x10 [ 32.135332] ret_from_fork_asm+0x1a/0x30 [ 32.135806] </TASK> [ 32.136175] [ 32.136475] Allocated by task 272: [ 32.137276] kasan_save_stack+0x3d/0x60 [ 32.137577] kasan_save_track+0x18/0x40 [ 32.138467] kasan_save_alloc_info+0x3b/0x50 [ 32.139059] __kasan_kmalloc+0xb7/0xc0 [ 32.139430] __kmalloc_cache_noprof+0x184/0x410 [ 32.140309] kasan_atomics+0x96/0x310 [ 32.140744] kunit_try_run_case+0x1b3/0x490 [ 32.141502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.142193] kthread+0x257/0x310 [ 32.142639] ret_from_fork+0x41/0x80 [ 32.143114] ret_from_fork_asm+0x1a/0x30 [ 32.143950] [ 32.144196] The buggy address belongs to the object at ffff888102a0ec00 [ 32.144196] which belongs to the cache kmalloc-64 of size 64 [ 32.145604] The buggy address is located 0 bytes to the right of [ 32.145604] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.146843] [ 32.147012] The buggy address belongs to the physical page: [ 32.148035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.149202] flags: 0x200000000000000(node=0|zone=2) [ 32.149665] page_type: f5(slab) [ 32.150641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.151535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.152839] page dumped because: kasan: bad access detected [ 32.153344] [ 32.153729] Memory state around the buggy address: [ 32.154272] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.155468] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.156315] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.156971] ^ [ 32.157593] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.158281] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.158971] ================================================================== [ 34.935304] ================================================================== [ 34.935807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 34.938415] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.939290] [ 34.939489] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.940671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.941305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.942026] Call Trace: [ 34.942341] <TASK> [ 34.942629] dump_stack_lvl+0x73/0xb0 [ 34.943186] print_report+0xd1/0x640 [ 34.943723] ? __virt_addr_valid+0x1db/0x2d0 [ 34.944207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.944910] kasan_report+0x102/0x140 [ 34.945322] ? kasan_atomics_helper+0x5117/0x5450 [ 34.945965] ? kasan_atomics_helper+0x5117/0x5450 [ 34.946440] __asan_report_load8_noabort+0x18/0x20 [ 34.946989] kasan_atomics_helper+0x5117/0x5450 [ 34.947421] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.947847] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.948503] ? kasan_atomics+0x153/0x310 [ 34.949124] kasan_atomics+0x1dd/0x310 [ 34.949590] ? __pfx_kasan_atomics+0x10/0x10 [ 34.950020] ? __pfx_read_tsc+0x10/0x10 [ 34.950591] ? ktime_get_ts64+0x86/0x230 [ 34.951197] kunit_try_run_case+0x1b3/0x490 [ 34.951869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.952410] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.952929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.953527] ? __kthread_parkme+0x82/0x160 [ 34.954052] ? preempt_count_sub+0x50/0x80 [ 34.954385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.955121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.955965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.956511] kthread+0x257/0x310 [ 34.957098] ? __pfx_kthread+0x10/0x10 [ 34.957473] ret_from_fork+0x41/0x80 [ 34.958026] ? __pfx_kthread+0x10/0x10 [ 34.958431] ret_from_fork_asm+0x1a/0x30 [ 34.958998] </TASK> [ 34.959308] [ 34.959477] Allocated by task 272: [ 34.960050] kasan_save_stack+0x3d/0x60 [ 34.960507] kasan_save_track+0x18/0x40 [ 34.961386] kasan_save_alloc_info+0x3b/0x50 [ 34.962289] __kasan_kmalloc+0xb7/0xc0 [ 34.962725] __kmalloc_cache_noprof+0x184/0x410 [ 34.963109] kasan_atomics+0x96/0x310 [ 34.963607] kunit_try_run_case+0x1b3/0x490 [ 34.964267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.965205] kthread+0x257/0x310 [ 34.965809] ret_from_fork+0x41/0x80 [ 34.966232] ret_from_fork_asm+0x1a/0x30 [ 34.966610] [ 34.966888] The buggy address belongs to the object at ffff888102a0ec00 [ 34.966888] which belongs to the cache kmalloc-64 of size 64 [ 34.968207] The buggy address is located 0 bytes to the right of [ 34.968207] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.968664] [ 34.968840] The buggy address belongs to the physical page: [ 34.969070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.969374] flags: 0x200000000000000(node=0|zone=2) [ 34.969591] page_type: f5(slab) [ 34.970088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.971452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.972808] page dumped because: kasan: bad access detected [ 34.973565] [ 34.974038] Memory state around the buggy address: [ 34.974365] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.975408] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.976419] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.977037] ^ [ 34.977696] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.978838] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.979408] ================================================================== [ 32.863944] ================================================================== [ 32.864650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 32.865319] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.866385] [ 32.867061] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.867972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.868375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.868909] Call Trace: [ 32.869279] <TASK> [ 32.869767] dump_stack_lvl+0x73/0xb0 [ 32.870501] print_report+0xd1/0x640 [ 32.870911] ? __virt_addr_valid+0x1db/0x2d0 [ 32.871565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.872033] kasan_report+0x102/0x140 [ 32.872618] ? kasan_atomics_helper+0xc71/0x5450 [ 32.873167] ? kasan_atomics_helper+0xc71/0x5450 [ 32.873858] kasan_check_range+0x10c/0x1c0 [ 32.874428] __kasan_check_write+0x18/0x20 [ 32.875155] kasan_atomics_helper+0xc71/0x5450 [ 32.875760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.876271] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.877220] ? kasan_atomics+0x153/0x310 [ 32.877644] kasan_atomics+0x1dd/0x310 [ 32.878255] ? __pfx_kasan_atomics+0x10/0x10 [ 32.879069] ? __pfx_read_tsc+0x10/0x10 [ 32.879750] ? ktime_get_ts64+0x86/0x230 [ 32.880189] kunit_try_run_case+0x1b3/0x490 [ 32.880631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.881225] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.882055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.882780] ? __kthread_parkme+0x82/0x160 [ 32.883476] ? preempt_count_sub+0x50/0x80 [ 32.884267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.885341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.886239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.886735] kthread+0x257/0x310 [ 32.887372] ? __pfx_kthread+0x10/0x10 [ 32.888068] ret_from_fork+0x41/0x80 [ 32.888358] ? __pfx_kthread+0x10/0x10 [ 32.888901] ret_from_fork_asm+0x1a/0x30 [ 32.889763] </TASK> [ 32.890222] [ 32.890468] Allocated by task 272: [ 32.891469] kasan_save_stack+0x3d/0x60 [ 32.891851] kasan_save_track+0x18/0x40 [ 32.892337] kasan_save_alloc_info+0x3b/0x50 [ 32.893210] __kasan_kmalloc+0xb7/0xc0 [ 32.893617] __kmalloc_cache_noprof+0x184/0x410 [ 32.894306] kasan_atomics+0x96/0x310 [ 32.894903] kunit_try_run_case+0x1b3/0x490 [ 32.895119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.895354] kthread+0x257/0x310 [ 32.895526] ret_from_fork+0x41/0x80 [ 32.895812] ret_from_fork_asm+0x1a/0x30 [ 32.896523] [ 32.897116] The buggy address belongs to the object at ffff888102a0ec00 [ 32.897116] which belongs to the cache kmalloc-64 of size 64 [ 32.899140] The buggy address is located 0 bytes to the right of [ 32.899140] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.901072] [ 32.901224] The buggy address belongs to the physical page: [ 32.902244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.903130] flags: 0x200000000000000(node=0|zone=2) [ 32.904278] page_type: f5(slab) [ 32.904639] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.905986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.906769] page dumped because: kasan: bad access detected [ 32.907162] [ 32.907410] Memory state around the buggy address: [ 32.908419] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.908975] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.910321] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.911259] ^ [ 32.911646] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.912627] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.914220] ================================================================== [ 33.370131] ================================================================== [ 33.370568] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 33.372755] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.373395] [ 33.373588] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.374399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.374876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.375616] Call Trace: [ 33.376050] <TASK> [ 33.376323] dump_stack_lvl+0x73/0xb0 [ 33.376877] print_report+0xd1/0x640 [ 33.377227] ? __virt_addr_valid+0x1db/0x2d0 [ 33.377669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.378387] kasan_report+0x102/0x140 [ 33.378836] ? kasan_atomics_helper+0x4a04/0x5450 [ 33.379262] ? kasan_atomics_helper+0x4a04/0x5450 [ 33.379901] __asan_report_load4_noabort+0x18/0x20 [ 33.380410] kasan_atomics_helper+0x4a04/0x5450 [ 33.381040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.381519] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.382083] ? kasan_atomics+0x153/0x310 [ 33.382446] kasan_atomics+0x1dd/0x310 [ 33.383012] ? __pfx_kasan_atomics+0x10/0x10 [ 33.383461] ? __pfx_read_tsc+0x10/0x10 [ 33.383892] ? ktime_get_ts64+0x86/0x230 [ 33.384410] kunit_try_run_case+0x1b3/0x490 [ 33.384874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.385382] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.386032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.386487] ? __kthread_parkme+0x82/0x160 [ 33.387032] ? preempt_count_sub+0x50/0x80 [ 33.387454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.388032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.388595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.389165] kthread+0x257/0x310 [ 33.389476] ? __pfx_kthread+0x10/0x10 [ 33.390027] ret_from_fork+0x41/0x80 [ 33.390386] ? __pfx_kthread+0x10/0x10 [ 33.390909] ret_from_fork_asm+0x1a/0x30 [ 33.391275] </TASK> [ 33.391576] [ 33.391841] Allocated by task 272: [ 33.392265] kasan_save_stack+0x3d/0x60 [ 33.392584] kasan_save_track+0x18/0x40 [ 33.393114] kasan_save_alloc_info+0x3b/0x50 [ 33.393530] __kasan_kmalloc+0xb7/0xc0 [ 33.393957] __kmalloc_cache_noprof+0x184/0x410 [ 33.394521] kasan_atomics+0x96/0x310 [ 33.394940] kunit_try_run_case+0x1b3/0x490 [ 33.395411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.396035] kthread+0x257/0x310 [ 33.396369] ret_from_fork+0x41/0x80 [ 33.396929] ret_from_fork_asm+0x1a/0x30 [ 33.397356] [ 33.397592] The buggy address belongs to the object at ffff888102a0ec00 [ 33.397592] which belongs to the cache kmalloc-64 of size 64 [ 33.398497] The buggy address is located 0 bytes to the right of [ 33.398497] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.399555] [ 33.399886] The buggy address belongs to the physical page: [ 33.400458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.401126] flags: 0x200000000000000(node=0|zone=2) [ 33.401623] page_type: f5(slab) [ 33.402121] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.403384] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.404012] page dumped because: kasan: bad access detected [ 33.404723] [ 33.405027] Memory state around the buggy address: [ 33.405541] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.406282] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.407019] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.407739] ^ [ 33.408207] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.408899] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.409538] ================================================================== [ 34.107491] ================================================================== [ 34.108162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 34.108890] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.109940] [ 34.110131] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.111631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.112346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.113482] Call Trace: [ 34.114137] <TASK> [ 34.114475] dump_stack_lvl+0x73/0xb0 [ 34.114802] print_report+0xd1/0x640 [ 34.115565] ? __virt_addr_valid+0x1db/0x2d0 [ 34.116763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.117322] kasan_report+0x102/0x140 [ 34.117718] ? kasan_atomics_helper+0x19e4/0x5450 [ 34.118191] ? kasan_atomics_helper+0x19e4/0x5450 [ 34.118821] kasan_check_range+0x10c/0x1c0 [ 34.119301] __kasan_check_write+0x18/0x20 [ 34.119867] kasan_atomics_helper+0x19e4/0x5450 [ 34.120839] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.121308] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.121876] ? kasan_atomics+0x153/0x310 [ 34.122489] kasan_atomics+0x1dd/0x310 [ 34.122964] ? __pfx_kasan_atomics+0x10/0x10 [ 34.123566] ? __pfx_read_tsc+0x10/0x10 [ 34.124012] ? ktime_get_ts64+0x86/0x230 [ 34.124603] kunit_try_run_case+0x1b3/0x490 [ 34.125018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.125607] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.126171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.126705] ? __kthread_parkme+0x82/0x160 [ 34.127294] ? preempt_count_sub+0x50/0x80 [ 34.127798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.128324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.129008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.129605] kthread+0x257/0x310 [ 34.130056] ? __pfx_kthread+0x10/0x10 [ 34.130538] ret_from_fork+0x41/0x80 [ 34.131060] ? __pfx_kthread+0x10/0x10 [ 34.131538] ret_from_fork_asm+0x1a/0x30 [ 34.132111] </TASK> [ 34.132404] [ 34.132672] Allocated by task 272: [ 34.133001] kasan_save_stack+0x3d/0x60 [ 34.133486] kasan_save_track+0x18/0x40 [ 34.134090] kasan_save_alloc_info+0x3b/0x50 [ 34.134445] __kasan_kmalloc+0xb7/0xc0 [ 34.134929] __kmalloc_cache_noprof+0x184/0x410 [ 34.135851] kasan_atomics+0x96/0x310 [ 34.136224] kunit_try_run_case+0x1b3/0x490 [ 34.136704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.137323] kthread+0x257/0x310 [ 34.137933] ret_from_fork+0x41/0x80 [ 34.138245] ret_from_fork_asm+0x1a/0x30 [ 34.138550] [ 34.138840] The buggy address belongs to the object at ffff888102a0ec00 [ 34.138840] which belongs to the cache kmalloc-64 of size 64 [ 34.139956] The buggy address is located 0 bytes to the right of [ 34.139956] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.141414] [ 34.141705] The buggy address belongs to the physical page: [ 34.142052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.143147] flags: 0x200000000000000(node=0|zone=2) [ 34.143831] page_type: f5(slab) [ 34.144102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.145064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.145775] page dumped because: kasan: bad access detected [ 34.146527] [ 34.146763] Memory state around the buggy address: [ 34.147328] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.149035] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.149572] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.150380] ^ [ 34.150980] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.151560] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.152563] ================================================================== [ 32.249954] ================================================================== [ 32.251145] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 32.251651] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.252381] [ 32.252657] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.253534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.254211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.254942] Call Trace: [ 32.255250] <TASK> [ 32.255470] dump_stack_lvl+0x73/0xb0 [ 32.256056] print_report+0xd1/0x640 [ 32.256363] ? __virt_addr_valid+0x1db/0x2d0 [ 32.256751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.257439] kasan_report+0x102/0x140 [ 32.257863] ? kasan_atomics_helper+0x4b56/0x5450 [ 32.258294] ? kasan_atomics_helper+0x4b56/0x5450 [ 32.258839] __asan_report_load4_noabort+0x18/0x20 [ 32.259316] kasan_atomics_helper+0x4b56/0x5450 [ 32.259840] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.260329] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.260837] ? kasan_atomics+0x153/0x310 [ 32.261183] kasan_atomics+0x1dd/0x310 [ 32.261494] ? __pfx_kasan_atomics+0x10/0x10 [ 32.262067] ? __pfx_read_tsc+0x10/0x10 [ 32.262707] ? ktime_get_ts64+0x86/0x230 [ 32.263031] kunit_try_run_case+0x1b3/0x490 [ 32.263859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.264283] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.264856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.265368] ? __kthread_parkme+0x82/0x160 [ 32.265696] ? preempt_count_sub+0x50/0x80 [ 32.266347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.267188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.268406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.269429] kthread+0x257/0x310 [ 32.269722] ? __pfx_kthread+0x10/0x10 [ 32.270237] ret_from_fork+0x41/0x80 [ 32.270526] ? __pfx_kthread+0x10/0x10 [ 32.271001] ret_from_fork_asm+0x1a/0x30 [ 32.271608] </TASK> [ 32.271891] [ 32.272136] Allocated by task 272: [ 32.272412] kasan_save_stack+0x3d/0x60 [ 32.272878] kasan_save_track+0x18/0x40 [ 32.273274] kasan_save_alloc_info+0x3b/0x50 [ 32.273865] __kasan_kmalloc+0xb7/0xc0 [ 32.274264] __kmalloc_cache_noprof+0x184/0x410 [ 32.274597] kasan_atomics+0x96/0x310 [ 32.275101] kunit_try_run_case+0x1b3/0x490 [ 32.275761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.276121] kthread+0x257/0x310 [ 32.276600] ret_from_fork+0x41/0x80 [ 32.277129] ret_from_fork_asm+0x1a/0x30 [ 32.277647] [ 32.277895] The buggy address belongs to the object at ffff888102a0ec00 [ 32.277895] which belongs to the cache kmalloc-64 of size 64 [ 32.278565] The buggy address is located 0 bytes to the right of [ 32.278565] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.279918] [ 32.280177] The buggy address belongs to the physical page: [ 32.280643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.281130] flags: 0x200000000000000(node=0|zone=2) [ 32.281721] page_type: f5(slab) [ 32.282269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.282758] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.283539] page dumped because: kasan: bad access detected [ 32.283919] [ 32.284083] Memory state around the buggy address: [ 32.285009] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.285781] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.286384] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.286950] ^ [ 32.287467] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.288096] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.288836] ================================================================== [ 33.101298] ================================================================== [ 33.101839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 33.102495] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.103304] [ 33.103568] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.104449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.104918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.105652] Call Trace: [ 33.106043] <TASK> [ 33.106328] dump_stack_lvl+0x73/0xb0 [ 33.106834] print_report+0xd1/0x640 [ 33.107285] ? __virt_addr_valid+0x1db/0x2d0 [ 33.108321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.108766] kasan_report+0x102/0x140 [ 33.109956] ? kasan_atomics_helper+0xf11/0x5450 [ 33.111010] ? kasan_atomics_helper+0xf11/0x5450 [ 33.111555] kasan_check_range+0x10c/0x1c0 [ 33.112458] __kasan_check_write+0x18/0x20 [ 33.113473] kasan_atomics_helper+0xf11/0x5450 [ 33.114093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.114562] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.115159] ? kasan_atomics+0x153/0x310 [ 33.115740] kasan_atomics+0x1dd/0x310 [ 33.116298] ? __pfx_kasan_atomics+0x10/0x10 [ 33.116782] ? __pfx_read_tsc+0x10/0x10 [ 33.117565] ? ktime_get_ts64+0x86/0x230 [ 33.117942] kunit_try_run_case+0x1b3/0x490 [ 33.118498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.118971] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.119420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.120219] ? __kthread_parkme+0x82/0x160 [ 33.120972] ? preempt_count_sub+0x50/0x80 [ 33.121538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.122176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.122858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.123526] kthread+0x257/0x310 [ 33.124055] ? __pfx_kthread+0x10/0x10 [ 33.124409] ret_from_fork+0x41/0x80 [ 33.125198] ? __pfx_kthread+0x10/0x10 [ 33.125588] ret_from_fork_asm+0x1a/0x30 [ 33.126553] </TASK> [ 33.127015] [ 33.127223] Allocated by task 272: [ 33.127566] kasan_save_stack+0x3d/0x60 [ 33.128662] kasan_save_track+0x18/0x40 [ 33.128981] kasan_save_alloc_info+0x3b/0x50 [ 33.129900] __kasan_kmalloc+0xb7/0xc0 [ 33.130281] __kmalloc_cache_noprof+0x184/0x410 [ 33.130744] kasan_atomics+0x96/0x310 [ 33.131115] kunit_try_run_case+0x1b3/0x490 [ 33.131516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.132133] kthread+0x257/0x310 [ 33.132415] ret_from_fork+0x41/0x80 [ 33.132931] ret_from_fork_asm+0x1a/0x30 [ 33.133454] [ 33.133752] The buggy address belongs to the object at ffff888102a0ec00 [ 33.133752] which belongs to the cache kmalloc-64 of size 64 [ 33.134956] The buggy address is located 0 bytes to the right of [ 33.134956] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.135755] [ 33.136165] The buggy address belongs to the physical page: [ 33.137061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.138295] flags: 0x200000000000000(node=0|zone=2) [ 33.138989] page_type: f5(slab) [ 33.139457] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.140046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.140893] page dumped because: kasan: bad access detected [ 33.141471] [ 33.141780] Memory state around the buggy address: [ 33.142304] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.142896] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.144136] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.144788] ^ [ 33.145543] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.146195] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.146867] ================================================================== [ 33.760132] ================================================================== [ 33.760599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 33.761551] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.762258] [ 33.762549] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.763519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.764011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.764927] Call Trace: [ 33.765198] <TASK> [ 33.765581] dump_stack_lvl+0x73/0xb0 [ 33.766059] print_report+0xd1/0x640 [ 33.766538] ? __virt_addr_valid+0x1db/0x2d0 [ 33.767160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.767566] kasan_report+0x102/0x140 [ 33.768091] ? kasan_atomics_helper+0x151e/0x5450 [ 33.768613] ? kasan_atomics_helper+0x151e/0x5450 [ 33.769313] kasan_check_range+0x10c/0x1c0 [ 33.769856] __kasan_check_write+0x18/0x20 [ 33.770421] kasan_atomics_helper+0x151e/0x5450 [ 33.771100] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.771589] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.772219] ? kasan_atomics+0x153/0x310 [ 33.772813] kasan_atomics+0x1dd/0x310 [ 33.773317] ? __pfx_kasan_atomics+0x10/0x10 [ 33.773860] ? __pfx_read_tsc+0x10/0x10 [ 33.774363] ? ktime_get_ts64+0x86/0x230 [ 33.774942] kunit_try_run_case+0x1b3/0x490 [ 33.775419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.776125] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.776653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.777252] ? __kthread_parkme+0x82/0x160 [ 33.777708] ? preempt_count_sub+0x50/0x80 [ 33.778292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.778879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.779581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.780306] kthread+0x257/0x310 [ 33.780629] ? __pfx_kthread+0x10/0x10 [ 33.781167] ret_from_fork+0x41/0x80 [ 33.781708] ? __pfx_kthread+0x10/0x10 [ 33.782105] ret_from_fork_asm+0x1a/0x30 [ 33.782751] </TASK> [ 33.783394] [ 33.783564] Allocated by task 272: [ 33.784309] kasan_save_stack+0x3d/0x60 [ 33.785117] kasan_save_track+0x18/0x40 [ 33.785796] kasan_save_alloc_info+0x3b/0x50 [ 33.786232] __kasan_kmalloc+0xb7/0xc0 [ 33.786652] __kmalloc_cache_noprof+0x184/0x410 [ 33.787818] kasan_atomics+0x96/0x310 [ 33.788189] kunit_try_run_case+0x1b3/0x490 [ 33.788696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.789712] kthread+0x257/0x310 [ 33.790469] ret_from_fork+0x41/0x80 [ 33.790915] ret_from_fork_asm+0x1a/0x30 [ 33.791594] [ 33.791946] The buggy address belongs to the object at ffff888102a0ec00 [ 33.791946] which belongs to the cache kmalloc-64 of size 64 [ 33.793399] The buggy address is located 0 bytes to the right of [ 33.793399] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.794824] [ 33.795439] The buggy address belongs to the physical page: [ 33.795949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.796589] flags: 0x200000000000000(node=0|zone=2) [ 33.797306] page_type: f5(slab) [ 33.797630] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.798572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.799361] page dumped because: kasan: bad access detected [ 33.799830] [ 33.800202] Memory state around the buggy address: [ 33.800667] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.801165] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.802060] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.802559] ^ [ 33.803479] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.804725] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.805798] ================================================================== [ 33.851481] ================================================================== [ 33.852442] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 33.853274] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.854341] [ 33.854562] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.856099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.856371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.857194] Call Trace: [ 33.857710] <TASK> [ 33.858077] dump_stack_lvl+0x73/0xb0 [ 33.858471] print_report+0xd1/0x640 [ 33.858812] ? __virt_addr_valid+0x1db/0x2d0 [ 33.859597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.860190] kasan_report+0x102/0x140 [ 33.860592] ? kasan_atomics_helper+0x1650/0x5450 [ 33.861504] ? kasan_atomics_helper+0x1650/0x5450 [ 33.862173] kasan_check_range+0x10c/0x1c0 [ 33.862710] __kasan_check_write+0x18/0x20 [ 33.863137] kasan_atomics_helper+0x1650/0x5450 [ 33.863824] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.864411] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.865160] ? kasan_atomics+0x153/0x310 [ 33.865797] kasan_atomics+0x1dd/0x310 [ 33.866520] ? __pfx_kasan_atomics+0x10/0x10 [ 33.867357] ? __pfx_read_tsc+0x10/0x10 [ 33.868152] ? ktime_get_ts64+0x86/0x230 [ 33.868531] kunit_try_run_case+0x1b3/0x490 [ 33.869000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.869414] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.870004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.870538] ? __kthread_parkme+0x82/0x160 [ 33.870945] ? preempt_count_sub+0x50/0x80 [ 33.871467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.871986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.872612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.873281] kthread+0x257/0x310 [ 33.873659] ? __pfx_kthread+0x10/0x10 [ 33.874161] ret_from_fork+0x41/0x80 [ 33.874523] ? __pfx_kthread+0x10/0x10 [ 33.875002] ret_from_fork_asm+0x1a/0x30 [ 33.875502] </TASK> [ 33.875840] [ 33.876098] Allocated by task 272: [ 33.876521] kasan_save_stack+0x3d/0x60 [ 33.876990] kasan_save_track+0x18/0x40 [ 33.877399] kasan_save_alloc_info+0x3b/0x50 [ 33.877920] __kasan_kmalloc+0xb7/0xc0 [ 33.878409] __kmalloc_cache_noprof+0x184/0x410 [ 33.878877] kasan_atomics+0x96/0x310 [ 33.879350] kunit_try_run_case+0x1b3/0x490 [ 33.879727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.880297] kthread+0x257/0x310 [ 33.880733] ret_from_fork+0x41/0x80 [ 33.881120] ret_from_fork_asm+0x1a/0x30 [ 33.881569] [ 33.881882] The buggy address belongs to the object at ffff888102a0ec00 [ 33.881882] which belongs to the cache kmalloc-64 of size 64 [ 33.882640] The buggy address is located 0 bytes to the right of [ 33.882640] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.884037] [ 33.884239] The buggy address belongs to the physical page: [ 33.884656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.885417] flags: 0x200000000000000(node=0|zone=2) [ 33.885905] page_type: f5(slab) [ 33.886337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.887188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.888009] page dumped because: kasan: bad access detected [ 33.888478] [ 33.888674] Memory state around the buggy address: [ 33.889173] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.889880] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.890484] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.891226] ^ [ 33.891605] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.892430] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.893008] ================================================================== [ 34.851609] ================================================================== [ 34.852314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 34.852839] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.854080] [ 34.854427] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.855293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.855660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.856416] Call Trace: [ 34.856819] <TASK> [ 34.857132] dump_stack_lvl+0x73/0xb0 [ 34.857593] print_report+0xd1/0x640 [ 34.858147] ? __virt_addr_valid+0x1db/0x2d0 [ 34.858522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.859190] kasan_report+0x102/0x140 [ 34.859552] ? kasan_atomics_helper+0x4fa7/0x5450 [ 34.860101] ? kasan_atomics_helper+0x4fa7/0x5450 [ 34.860731] __asan_report_load8_noabort+0x18/0x20 [ 34.861204] kasan_atomics_helper+0x4fa7/0x5450 [ 34.861717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.862264] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.862744] ? kasan_atomics+0x153/0x310 [ 34.863310] kasan_atomics+0x1dd/0x310 [ 34.863654] ? __pfx_kasan_atomics+0x10/0x10 [ 34.864255] ? __pfx_read_tsc+0x10/0x10 [ 34.864671] ? ktime_get_ts64+0x86/0x230 [ 34.865216] kunit_try_run_case+0x1b3/0x490 [ 34.865635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.866153] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.866734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.867267] ? __kthread_parkme+0x82/0x160 [ 34.867751] ? preempt_count_sub+0x50/0x80 [ 34.868148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.868594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.869354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.869924] kthread+0x257/0x310 [ 34.870213] ? __pfx_kthread+0x10/0x10 [ 34.870724] ret_from_fork+0x41/0x80 [ 34.871247] ? __pfx_kthread+0x10/0x10 [ 34.871745] ret_from_fork_asm+0x1a/0x30 [ 34.872197] </TASK> [ 34.872452] [ 34.872625] Allocated by task 272: [ 34.873122] kasan_save_stack+0x3d/0x60 [ 34.873591] kasan_save_track+0x18/0x40 [ 34.873980] kasan_save_alloc_info+0x3b/0x50 [ 34.874534] __kasan_kmalloc+0xb7/0xc0 [ 34.874947] __kmalloc_cache_noprof+0x184/0x410 [ 34.875489] kasan_atomics+0x96/0x310 [ 34.876019] kunit_try_run_case+0x1b3/0x490 [ 34.876417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.877090] kthread+0x257/0x310 [ 34.877470] ret_from_fork+0x41/0x80 [ 34.877854] ret_from_fork_asm+0x1a/0x30 [ 34.878395] [ 34.878645] The buggy address belongs to the object at ffff888102a0ec00 [ 34.878645] which belongs to the cache kmalloc-64 of size 64 [ 34.879533] The buggy address is located 0 bytes to the right of [ 34.879533] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.880711] [ 34.881024] The buggy address belongs to the physical page: [ 34.881513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.882263] flags: 0x200000000000000(node=0|zone=2) [ 34.882626] page_type: f5(slab) [ 34.883037] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.883868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.884627] page dumped because: kasan: bad access detected [ 34.885196] [ 34.885382] Memory state around the buggy address: [ 34.886029] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.886554] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.887263] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.887872] ^ [ 34.888366] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.888939] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.889640] ================================================================== [ 32.775367] ================================================================== [ 32.776093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 32.777195] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.778317] [ 32.778503] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.779471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.780077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.780956] Call Trace: [ 32.781351] <TASK> [ 32.781640] dump_stack_lvl+0x73/0xb0 [ 32.782403] print_report+0xd1/0x640 [ 32.782611] ? __virt_addr_valid+0x1db/0x2d0 [ 32.782985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.783754] kasan_report+0x102/0x140 [ 32.784247] ? kasan_atomics_helper+0xac8/0x5450 [ 32.784651] ? kasan_atomics_helper+0xac8/0x5450 [ 32.785485] kasan_check_range+0x10c/0x1c0 [ 32.786014] __kasan_check_write+0x18/0x20 [ 32.786653] kasan_atomics_helper+0xac8/0x5450 [ 32.787281] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.787990] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.788496] ? kasan_atomics+0x153/0x310 [ 32.789494] kasan_atomics+0x1dd/0x310 [ 32.790003] ? __pfx_kasan_atomics+0x10/0x10 [ 32.790469] ? __pfx_read_tsc+0x10/0x10 [ 32.791259] ? ktime_get_ts64+0x86/0x230 [ 32.791723] kunit_try_run_case+0x1b3/0x490 [ 32.792636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.793519] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.794352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.795082] ? __kthread_parkme+0x82/0x160 [ 32.795517] ? preempt_count_sub+0x50/0x80 [ 32.796223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.796460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.796785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.797450] kthread+0x257/0x310 [ 32.798283] ? __pfx_kthread+0x10/0x10 [ 32.798851] ret_from_fork+0x41/0x80 [ 32.799229] ? __pfx_kthread+0x10/0x10 [ 32.799739] ret_from_fork_asm+0x1a/0x30 [ 32.800283] </TASK> [ 32.800629] [ 32.800992] Allocated by task 272: [ 32.801301] kasan_save_stack+0x3d/0x60 [ 32.801635] kasan_save_track+0x18/0x40 [ 32.802160] kasan_save_alloc_info+0x3b/0x50 [ 32.802617] __kasan_kmalloc+0xb7/0xc0 [ 32.803143] __kmalloc_cache_noprof+0x184/0x410 [ 32.803885] kasan_atomics+0x96/0x310 [ 32.804319] kunit_try_run_case+0x1b3/0x490 [ 32.804886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.805479] kthread+0x257/0x310 [ 32.805971] ret_from_fork+0x41/0x80 [ 32.806469] ret_from_fork_asm+0x1a/0x30 [ 32.807046] [ 32.807315] The buggy address belongs to the object at ffff888102a0ec00 [ 32.807315] which belongs to the cache kmalloc-64 of size 64 [ 32.808497] The buggy address is located 0 bytes to the right of [ 32.808497] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.809754] [ 32.810043] The buggy address belongs to the physical page: [ 32.810609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.811452] flags: 0x200000000000000(node=0|zone=2) [ 32.812146] page_type: f5(slab) [ 32.812441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.813291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.814099] page dumped because: kasan: bad access detected [ 32.814635] [ 32.814949] Memory state around the buggy address: [ 32.815434] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.816251] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.816947] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.817706] ^ [ 32.818266] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.818999] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.819641] ================================================================== [ 32.966480] ================================================================== [ 32.967394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 32.968301] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.968945] [ 32.969135] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.970481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.970982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.972755] Call Trace: [ 32.973100] <TASK> [ 32.973392] dump_stack_lvl+0x73/0xb0 [ 32.973741] print_report+0xd1/0x640 [ 32.974587] ? __virt_addr_valid+0x1db/0x2d0 [ 32.975294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.976060] kasan_report+0x102/0x140 [ 32.976659] ? kasan_atomics_helper+0xd48/0x5450 [ 32.977360] ? kasan_atomics_helper+0xd48/0x5450 [ 32.978125] kasan_check_range+0x10c/0x1c0 [ 32.978614] __kasan_check_write+0x18/0x20 [ 32.979386] kasan_atomics_helper+0xd48/0x5450 [ 32.980220] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.981312] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.981729] ? kasan_atomics+0x153/0x310 [ 32.982383] kasan_atomics+0x1dd/0x310 [ 32.983371] ? __pfx_kasan_atomics+0x10/0x10 [ 32.984189] ? __pfx_read_tsc+0x10/0x10 [ 32.984590] ? ktime_get_ts64+0x86/0x230 [ 32.985545] kunit_try_run_case+0x1b3/0x490 [ 32.986175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.986700] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.987846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.988331] ? __kthread_parkme+0x82/0x160 [ 32.989008] ? preempt_count_sub+0x50/0x80 [ 32.989704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.990209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.991024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.991517] kthread+0x257/0x310 [ 32.992071] ? __pfx_kthread+0x10/0x10 [ 32.992514] ret_from_fork+0x41/0x80 [ 32.992960] ? __pfx_kthread+0x10/0x10 [ 32.993494] ret_from_fork_asm+0x1a/0x30 [ 32.994121] </TASK> [ 32.994612] [ 32.994995] Allocated by task 272: [ 32.995400] kasan_save_stack+0x3d/0x60 [ 32.996610] kasan_save_track+0x18/0x40 [ 32.997147] kasan_save_alloc_info+0x3b/0x50 [ 32.997764] __kasan_kmalloc+0xb7/0xc0 [ 32.998435] __kmalloc_cache_noprof+0x184/0x410 [ 32.999200] kasan_atomics+0x96/0x310 [ 32.999562] kunit_try_run_case+0x1b3/0x490 [ 33.000102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.000615] kthread+0x257/0x310 [ 33.001161] ret_from_fork+0x41/0x80 [ 33.001540] ret_from_fork_asm+0x1a/0x30 [ 33.002132] [ 33.002389] The buggy address belongs to the object at ffff888102a0ec00 [ 33.002389] which belongs to the cache kmalloc-64 of size 64 [ 33.003483] The buggy address is located 0 bytes to the right of [ 33.003483] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.004706] [ 33.005046] The buggy address belongs to the physical page: [ 33.005574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.006403] flags: 0x200000000000000(node=0|zone=2) [ 33.006957] page_type: f5(slab) [ 33.007369] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.008179] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.008885] page dumped because: kasan: bad access detected [ 33.009415] [ 33.009663] Memory state around the buggy address: [ 33.010383] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.011184] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.011859] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.012485] ^ [ 33.012999] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.013756] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.014393] ================================================================== [ 33.015403] ================================================================== [ 33.016165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 33.017101] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.017704] [ 33.017971] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.019326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.019843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.020730] Call Trace: [ 33.021037] <TASK> [ 33.021407] dump_stack_lvl+0x73/0xb0 [ 33.022021] print_report+0xd1/0x640 [ 33.022404] ? __virt_addr_valid+0x1db/0x2d0 [ 33.022987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.023603] kasan_report+0x102/0x140 [ 33.024232] ? kasan_atomics_helper+0xde1/0x5450 [ 33.024950] ? kasan_atomics_helper+0xde1/0x5450 [ 33.025391] kasan_check_range+0x10c/0x1c0 [ 33.025999] __kasan_check_write+0x18/0x20 [ 33.026421] kasan_atomics_helper+0xde1/0x5450 [ 33.026999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.027545] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.028131] ? kasan_atomics+0x153/0x310 [ 33.028707] kasan_atomics+0x1dd/0x310 [ 33.029296] ? __pfx_kasan_atomics+0x10/0x10 [ 33.029716] ? __pfx_read_tsc+0x10/0x10 [ 33.030207] ? ktime_get_ts64+0x86/0x230 [ 33.030833] kunit_try_run_case+0x1b3/0x490 [ 33.031332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.031811] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.032430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.033043] ? __kthread_parkme+0x82/0x160 [ 33.033531] ? preempt_count_sub+0x50/0x80 [ 33.034179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.034843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.035414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.036057] kthread+0x257/0x310 [ 33.036511] ? __pfx_kthread+0x10/0x10 [ 33.037128] ret_from_fork+0x41/0x80 [ 33.037628] ? __pfx_kthread+0x10/0x10 [ 33.038071] ret_from_fork_asm+0x1a/0x30 [ 33.038666] </TASK> [ 33.039064] [ 33.039380] Allocated by task 272: [ 33.039891] kasan_save_stack+0x3d/0x60 [ 33.040341] kasan_save_track+0x18/0x40 [ 33.040869] kasan_save_alloc_info+0x3b/0x50 [ 33.041401] __kasan_kmalloc+0xb7/0xc0 [ 33.041852] __kmalloc_cache_noprof+0x184/0x410 [ 33.042413] kasan_atomics+0x96/0x310 [ 33.042837] kunit_try_run_case+0x1b3/0x490 [ 33.043400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.044033] kthread+0x257/0x310 [ 33.044467] ret_from_fork+0x41/0x80 [ 33.044884] ret_from_fork_asm+0x1a/0x30 [ 33.045317] [ 33.045564] The buggy address belongs to the object at ffff888102a0ec00 [ 33.045564] which belongs to the cache kmalloc-64 of size 64 [ 33.046744] The buggy address is located 0 bytes to the right of [ 33.046744] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.047856] [ 33.048029] The buggy address belongs to the physical page: [ 33.048585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.049423] flags: 0x200000000000000(node=0|zone=2) [ 33.049991] page_type: f5(slab) [ 33.050297] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.051179] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.051991] page dumped because: kasan: bad access detected [ 33.052498] [ 33.052753] Memory state around the buggy address: [ 33.053253] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.054030] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.054886] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.055463] ^ [ 33.056145] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.057324] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.058021] ================================================================== [ 34.399418] ================================================================== [ 34.399899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 34.400383] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.401355] [ 34.401549] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.402132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.402967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.404203] Call Trace: [ 34.404429] <TASK> [ 34.404638] dump_stack_lvl+0x73/0xb0 [ 34.404976] print_report+0xd1/0x640 [ 34.405632] ? __virt_addr_valid+0x1db/0x2d0 [ 34.406184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.406950] kasan_report+0x102/0x140 [ 34.407418] ? kasan_atomics_helper+0x1d7b/0x5450 [ 34.407805] ? kasan_atomics_helper+0x1d7b/0x5450 [ 34.408654] kasan_check_range+0x10c/0x1c0 [ 34.409044] __kasan_check_write+0x18/0x20 [ 34.409366] kasan_atomics_helper+0x1d7b/0x5450 [ 34.409736] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.410353] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.411111] ? kasan_atomics+0x153/0x310 [ 34.411632] kasan_atomics+0x1dd/0x310 [ 34.412509] ? __pfx_kasan_atomics+0x10/0x10 [ 34.413016] ? __pfx_read_tsc+0x10/0x10 [ 34.413325] ? ktime_get_ts64+0x86/0x230 [ 34.413646] kunit_try_run_case+0x1b3/0x490 [ 34.414241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.414838] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.415384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.415957] ? __kthread_parkme+0x82/0x160 [ 34.416335] ? preempt_count_sub+0x50/0x80 [ 34.417156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.417574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.418565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.421098] kthread+0x257/0x310 [ 34.421648] ? __pfx_kthread+0x10/0x10 [ 34.422182] ret_from_fork+0x41/0x80 [ 34.422639] ? __pfx_kthread+0x10/0x10 [ 34.423188] ret_from_fork_asm+0x1a/0x30 [ 34.423763] </TASK> [ 34.424240] [ 34.424568] Allocated by task 272: [ 34.424945] kasan_save_stack+0x3d/0x60 [ 34.425588] kasan_save_track+0x18/0x40 [ 34.426302] kasan_save_alloc_info+0x3b/0x50 [ 34.426815] __kasan_kmalloc+0xb7/0xc0 [ 34.427318] __kmalloc_cache_noprof+0x184/0x410 [ 34.428111] kasan_atomics+0x96/0x310 [ 34.428522] kunit_try_run_case+0x1b3/0x490 [ 34.429155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.429761] kthread+0x257/0x310 [ 34.430405] ret_from_fork+0x41/0x80 [ 34.430741] ret_from_fork_asm+0x1a/0x30 [ 34.431394] [ 34.431730] The buggy address belongs to the object at ffff888102a0ec00 [ 34.431730] which belongs to the cache kmalloc-64 of size 64 [ 34.433081] The buggy address is located 0 bytes to the right of [ 34.433081] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.434835] [ 34.435046] The buggy address belongs to the physical page: [ 34.435571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.436334] flags: 0x200000000000000(node=0|zone=2) [ 34.437758] page_type: f5(slab) [ 34.438061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.438697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.439214] page dumped because: kasan: bad access detected [ 34.440236] [ 34.440648] Memory state around the buggy address: [ 34.441173] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.442469] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.443268] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.443723] ^ [ 34.444596] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.445574] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.446261] ================================================================== [ 32.640863] ================================================================== [ 32.641586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 32.642109] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.642947] [ 32.643239] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.644162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.644618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.645354] Call Trace: [ 32.645596] <TASK> [ 32.645888] dump_stack_lvl+0x73/0xb0 [ 32.646359] print_report+0xd1/0x640 [ 32.646882] ? __virt_addr_valid+0x1db/0x2d0 [ 32.647287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.647845] kasan_report+0x102/0x140 [ 32.648322] ? kasan_atomics_helper+0x8fa/0x5450 [ 32.648918] ? kasan_atomics_helper+0x8fa/0x5450 [ 32.649429] kasan_check_range+0x10c/0x1c0 [ 32.649835] __kasan_check_write+0x18/0x20 [ 32.650295] kasan_atomics_helper+0x8fa/0x5450 [ 32.650821] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.651410] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.651855] ? kasan_atomics+0x153/0x310 [ 32.652363] kasan_atomics+0x1dd/0x310 [ 32.652840] ? __pfx_kasan_atomics+0x10/0x10 [ 32.653301] ? __pfx_read_tsc+0x10/0x10 [ 32.653656] ? ktime_get_ts64+0x86/0x230 [ 32.654205] kunit_try_run_case+0x1b3/0x490 [ 32.654554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.655129] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.655735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.656217] ? __kthread_parkme+0x82/0x160 [ 32.656733] ? preempt_count_sub+0x50/0x80 [ 32.657314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.657927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.658525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.659127] kthread+0x257/0x310 [ 32.659477] ? __pfx_kthread+0x10/0x10 [ 32.659916] ret_from_fork+0x41/0x80 [ 32.660537] ? __pfx_kthread+0x10/0x10 [ 32.661802] ret_from_fork_asm+0x1a/0x30 [ 32.662165] </TASK> [ 32.662611] [ 32.663033] Allocated by task 272: [ 32.663466] kasan_save_stack+0x3d/0x60 [ 32.663670] kasan_save_track+0x18/0x40 [ 32.664217] kasan_save_alloc_info+0x3b/0x50 [ 32.664721] __kasan_kmalloc+0xb7/0xc0 [ 32.665168] __kmalloc_cache_noprof+0x184/0x410 [ 32.665742] kasan_atomics+0x96/0x310 [ 32.666293] kunit_try_run_case+0x1b3/0x490 [ 32.666739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.667415] kthread+0x257/0x310 [ 32.667787] ret_from_fork+0x41/0x80 [ 32.668269] ret_from_fork_asm+0x1a/0x30 [ 32.668768] [ 32.669051] The buggy address belongs to the object at ffff888102a0ec00 [ 32.669051] which belongs to the cache kmalloc-64 of size 64 [ 32.670035] The buggy address is located 0 bytes to the right of [ 32.670035] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.671351] [ 32.671599] The buggy address belongs to the physical page: [ 32.672123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.672963] flags: 0x200000000000000(node=0|zone=2) [ 32.673532] page_type: f5(slab) [ 32.673852] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.674659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.675350] page dumped because: kasan: bad access detected [ 32.676133] [ 32.676395] Memory state around the buggy address: [ 32.676808] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.677771] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.678337] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.679017] ^ [ 32.679481] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.680195] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.680854] ================================================================== [ 32.421632] ================================================================== [ 32.422523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 32.423094] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.424094] [ 32.424350] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.425234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.425717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.426406] Call Trace: [ 32.426731] <TASK> [ 32.427090] dump_stack_lvl+0x73/0xb0 [ 32.427472] print_report+0xd1/0x640 [ 32.428045] ? __virt_addr_valid+0x1db/0x2d0 [ 32.428482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.429160] kasan_report+0x102/0x140 [ 32.429468] ? kasan_atomics_helper+0x5ff/0x5450 [ 32.430064] ? kasan_atomics_helper+0x5ff/0x5450 [ 32.430521] kasan_check_range+0x10c/0x1c0 [ 32.430939] __kasan_check_write+0x18/0x20 [ 32.431466] kasan_atomics_helper+0x5ff/0x5450 [ 32.431928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.432413] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.432979] ? kasan_atomics+0x153/0x310 [ 32.433473] kasan_atomics+0x1dd/0x310 [ 32.433850] ? __pfx_kasan_atomics+0x10/0x10 [ 32.434381] ? __pfx_read_tsc+0x10/0x10 [ 32.434942] ? ktime_get_ts64+0x86/0x230 [ 32.435460] kunit_try_run_case+0x1b3/0x490 [ 32.435996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.436359] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.437018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.437482] ? __kthread_parkme+0x82/0x160 [ 32.437978] ? preempt_count_sub+0x50/0x80 [ 32.438515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.438998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.439484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.440193] kthread+0x257/0x310 [ 32.440562] ? __pfx_kthread+0x10/0x10 [ 32.440930] ret_from_fork+0x41/0x80 [ 32.441320] ? __pfx_kthread+0x10/0x10 [ 32.441885] ret_from_fork_asm+0x1a/0x30 [ 32.442379] </TASK> [ 32.442728] [ 32.443257] Allocated by task 272: [ 32.443728] kasan_save_stack+0x3d/0x60 [ 32.444262] kasan_save_track+0x18/0x40 [ 32.444567] kasan_save_alloc_info+0x3b/0x50 [ 32.445013] __kasan_kmalloc+0xb7/0xc0 [ 32.445495] __kmalloc_cache_noprof+0x184/0x410 [ 32.446129] kasan_atomics+0x96/0x310 [ 32.446508] kunit_try_run_case+0x1b3/0x490 [ 32.446982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.447448] kthread+0x257/0x310 [ 32.447846] ret_from_fork+0x41/0x80 [ 32.448284] ret_from_fork_asm+0x1a/0x30 [ 32.448803] [ 32.448980] The buggy address belongs to the object at ffff888102a0ec00 [ 32.448980] which belongs to the cache kmalloc-64 of size 64 [ 32.450025] The buggy address is located 0 bytes to the right of [ 32.450025] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.451148] [ 32.451416] The buggy address belongs to the physical page: [ 32.451878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.452539] flags: 0x200000000000000(node=0|zone=2) [ 32.452949] page_type: f5(slab) [ 32.453254] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.454200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.455079] page dumped because: kasan: bad access detected [ 32.455618] [ 32.456059] Memory state around the buggy address: [ 32.456485] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.456981] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.457993] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.458922] ^ [ 32.459538] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.460365] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.461187] ================================================================== [ 34.534121] ================================================================== [ 34.535466] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 34.536636] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.537602] [ 34.538057] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.538922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.539245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.540126] Call Trace: [ 34.540485] <TASK> [ 34.540745] dump_stack_lvl+0x73/0xb0 [ 34.541272] print_report+0xd1/0x640 [ 34.541631] ? __virt_addr_valid+0x1db/0x2d0 [ 34.542137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.542583] kasan_report+0x102/0x140 [ 34.543141] ? kasan_atomics_helper+0x1f44/0x5450 [ 34.543653] ? kasan_atomics_helper+0x1f44/0x5450 [ 34.544660] kasan_check_range+0x10c/0x1c0 [ 34.545135] __kasan_check_write+0x18/0x20 [ 34.545727] kasan_atomics_helper+0x1f44/0x5450 [ 34.546412] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.546923] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.547410] ? kasan_atomics+0x153/0x310 [ 34.547929] kasan_atomics+0x1dd/0x310 [ 34.548533] ? __pfx_kasan_atomics+0x10/0x10 [ 34.549602] ? __pfx_read_tsc+0x10/0x10 [ 34.550300] ? ktime_get_ts64+0x86/0x230 [ 34.550758] kunit_try_run_case+0x1b3/0x490 [ 34.551230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.552538] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.553244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.553861] ? __kthread_parkme+0x82/0x160 [ 34.554277] ? preempt_count_sub+0x50/0x80 [ 34.554705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.555190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.556086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.556737] kthread+0x257/0x310 [ 34.557174] ? __pfx_kthread+0x10/0x10 [ 34.557743] ret_from_fork+0x41/0x80 [ 34.558169] ? __pfx_kthread+0x10/0x10 [ 34.558775] ret_from_fork_asm+0x1a/0x30 [ 34.559352] </TASK> [ 34.559783] [ 34.560095] Allocated by task 272: [ 34.560557] kasan_save_stack+0x3d/0x60 [ 34.561108] kasan_save_track+0x18/0x40 [ 34.561743] kasan_save_alloc_info+0x3b/0x50 [ 34.562334] __kasan_kmalloc+0xb7/0xc0 [ 34.562851] __kmalloc_cache_noprof+0x184/0x410 [ 34.563573] kasan_atomics+0x96/0x310 [ 34.564332] kunit_try_run_case+0x1b3/0x490 [ 34.564950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.565549] kthread+0x257/0x310 [ 34.565969] ret_from_fork+0x41/0x80 [ 34.566490] ret_from_fork_asm+0x1a/0x30 [ 34.567141] [ 34.567333] The buggy address belongs to the object at ffff888102a0ec00 [ 34.567333] which belongs to the cache kmalloc-64 of size 64 [ 34.568652] The buggy address is located 0 bytes to the right of [ 34.568652] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.569705] [ 34.570068] The buggy address belongs to the physical page: [ 34.570973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.571808] flags: 0x200000000000000(node=0|zone=2) [ 34.572222] page_type: f5(slab) [ 34.572843] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.573434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.574464] page dumped because: kasan: bad access detected [ 34.574951] [ 34.575327] Memory state around the buggy address: [ 34.576009] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.576564] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.577589] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.578428] ^ [ 34.579086] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.579763] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.580533] ================================================================== [ 32.915401] ================================================================== [ 32.916779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 32.917953] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.918654] [ 32.919204] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.919935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.920127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.920462] Call Trace: [ 32.920600] <TASK> [ 32.921108] dump_stack_lvl+0x73/0xb0 [ 32.921817] print_report+0xd1/0x640 [ 32.922513] ? __virt_addr_valid+0x1db/0x2d0 [ 32.923458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.924487] kasan_report+0x102/0x140 [ 32.925157] ? kasan_atomics_helper+0x4a86/0x5450 [ 32.926308] ? kasan_atomics_helper+0x4a86/0x5450 [ 32.927146] __asan_report_load4_noabort+0x18/0x20 [ 32.927617] kasan_atomics_helper+0x4a86/0x5450 [ 32.928105] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.928618] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.929277] ? kasan_atomics+0x153/0x310 [ 32.929716] kasan_atomics+0x1dd/0x310 [ 32.930221] ? __pfx_kasan_atomics+0x10/0x10 [ 32.931033] ? __pfx_read_tsc+0x10/0x10 [ 32.931635] ? ktime_get_ts64+0x86/0x230 [ 32.932306] kunit_try_run_case+0x1b3/0x490 [ 32.933355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.933856] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.934558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.935154] ? __kthread_parkme+0x82/0x160 [ 32.936034] ? preempt_count_sub+0x50/0x80 [ 32.936485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.937421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.938400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.939253] kthread+0x257/0x310 [ 32.939674] ? __pfx_kthread+0x10/0x10 [ 32.940328] ret_from_fork+0x41/0x80 [ 32.940725] ? __pfx_kthread+0x10/0x10 [ 32.941145] ret_from_fork_asm+0x1a/0x30 [ 32.941621] </TASK> [ 32.941949] [ 32.942137] Allocated by task 272: [ 32.942642] kasan_save_stack+0x3d/0x60 [ 32.943038] kasan_save_track+0x18/0x40 [ 32.944209] kasan_save_alloc_info+0x3b/0x50 [ 32.944739] __kasan_kmalloc+0xb7/0xc0 [ 32.945121] __kmalloc_cache_noprof+0x184/0x410 [ 32.945581] kasan_atomics+0x96/0x310 [ 32.946404] kunit_try_run_case+0x1b3/0x490 [ 32.947247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.947753] kthread+0x257/0x310 [ 32.948415] ret_from_fork+0x41/0x80 [ 32.948755] ret_from_fork_asm+0x1a/0x30 [ 32.949497] [ 32.949723] The buggy address belongs to the object at ffff888102a0ec00 [ 32.949723] which belongs to the cache kmalloc-64 of size 64 [ 32.951230] The buggy address is located 0 bytes to the right of [ 32.951230] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.952667] [ 32.952943] The buggy address belongs to the physical page: [ 32.953833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.955113] flags: 0x200000000000000(node=0|zone=2) [ 32.955600] page_type: f5(slab) [ 32.956355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.957375] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.958365] page dumped because: kasan: bad access detected [ 32.958999] [ 32.959226] Memory state around the buggy address: [ 32.959732] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.961061] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.962231] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.962822] ^ [ 32.963441] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.964406] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.965079] ================================================================== [ 32.682011] ================================================================== [ 32.682653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 32.684005] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.684887] [ 32.685205] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.686328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.686718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.687567] Call Trace: [ 32.688076] <TASK> [ 32.688384] dump_stack_lvl+0x73/0xb0 [ 32.688950] print_report+0xd1/0x640 [ 32.689304] ? __virt_addr_valid+0x1db/0x2d0 [ 32.689885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.690374] kasan_report+0x102/0x140 [ 32.690859] ? kasan_atomics_helper+0x993/0x5450 [ 32.691387] ? kasan_atomics_helper+0x993/0x5450 [ 32.691924] kasan_check_range+0x10c/0x1c0 [ 32.692472] __kasan_check_write+0x18/0x20 [ 32.693186] kasan_atomics_helper+0x993/0x5450 [ 32.693623] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.694209] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.694653] ? kasan_atomics+0x153/0x310 [ 32.695361] kasan_atomics+0x1dd/0x310 [ 32.695961] ? __pfx_kasan_atomics+0x10/0x10 [ 32.696514] ? __pfx_read_tsc+0x10/0x10 [ 32.697154] ? ktime_get_ts64+0x86/0x230 [ 32.697568] kunit_try_run_case+0x1b3/0x490 [ 32.698230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.698766] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.699447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.700013] ? __kthread_parkme+0x82/0x160 [ 32.700506] ? preempt_count_sub+0x50/0x80 [ 32.701119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.701615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.702207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.702984] kthread+0x257/0x310 [ 32.703360] ? __pfx_kthread+0x10/0x10 [ 32.703802] ret_from_fork+0x41/0x80 [ 32.704331] ? __pfx_kthread+0x10/0x10 [ 32.704912] ret_from_fork_asm+0x1a/0x30 [ 32.705456] </TASK> [ 32.705919] [ 32.706098] Allocated by task 272: [ 32.706566] kasan_save_stack+0x3d/0x60 [ 32.706985] kasan_save_track+0x18/0x40 [ 32.707428] kasan_save_alloc_info+0x3b/0x50 [ 32.708175] __kasan_kmalloc+0xb7/0xc0 [ 32.708632] __kmalloc_cache_noprof+0x184/0x410 [ 32.709283] kasan_atomics+0x96/0x310 [ 32.709846] kunit_try_run_case+0x1b3/0x490 [ 32.710172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.710820] kthread+0x257/0x310 [ 32.711257] ret_from_fork+0x41/0x80 [ 32.711620] ret_from_fork_asm+0x1a/0x30 [ 32.712215] [ 32.712500] The buggy address belongs to the object at ffff888102a0ec00 [ 32.712500] which belongs to the cache kmalloc-64 of size 64 [ 32.713554] The buggy address is located 0 bytes to the right of [ 32.713554] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.715054] [ 32.715324] The buggy address belongs to the physical page: [ 32.715785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.716555] flags: 0x200000000000000(node=0|zone=2) [ 32.717208] page_type: f5(slab) [ 32.717554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.718420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.719553] page dumped because: kasan: bad access detected [ 32.720338] [ 32.720560] Memory state around the buggy address: [ 32.721209] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.721882] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.722733] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.723480] ^ [ 32.723965] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.724835] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.725574] ================================================================== [ 33.451385] ================================================================== [ 33.453026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 33.454181] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.456102] [ 33.456306] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.457227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.457418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.457814] Call Trace: [ 33.458532] <TASK> [ 33.459011] dump_stack_lvl+0x73/0xb0 [ 33.459712] print_report+0xd1/0x640 [ 33.460086] ? __virt_addr_valid+0x1db/0x2d0 [ 33.460604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.461120] kasan_report+0x102/0x140 [ 33.461577] ? kasan_atomics_helper+0x49ea/0x5450 [ 33.462116] ? kasan_atomics_helper+0x49ea/0x5450 [ 33.462748] __asan_report_load4_noabort+0x18/0x20 [ 33.463190] kasan_atomics_helper+0x49ea/0x5450 [ 33.463850] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.464302] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.465041] ? kasan_atomics+0x153/0x310 [ 33.465439] kasan_atomics+0x1dd/0x310 [ 33.466013] ? __pfx_kasan_atomics+0x10/0x10 [ 33.466546] ? __pfx_read_tsc+0x10/0x10 [ 33.466924] ? ktime_get_ts64+0x86/0x230 [ 33.467490] kunit_try_run_case+0x1b3/0x490 [ 33.468117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.468695] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.469252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.469870] ? __kthread_parkme+0x82/0x160 [ 33.470319] ? preempt_count_sub+0x50/0x80 [ 33.470803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.471395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.472161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.472722] kthread+0x257/0x310 [ 33.473250] ? __pfx_kthread+0x10/0x10 [ 33.473742] ret_from_fork+0x41/0x80 [ 33.474193] ? __pfx_kthread+0x10/0x10 [ 33.474619] ret_from_fork_asm+0x1a/0x30 [ 33.475280] </TASK> [ 33.475670] [ 33.475984] Allocated by task 272: [ 33.476392] kasan_save_stack+0x3d/0x60 [ 33.476727] kasan_save_track+0x18/0x40 [ 33.477220] kasan_save_alloc_info+0x3b/0x50 [ 33.477762] __kasan_kmalloc+0xb7/0xc0 [ 33.478239] __kmalloc_cache_noprof+0x184/0x410 [ 33.478756] kasan_atomics+0x96/0x310 [ 33.479317] kunit_try_run_case+0x1b3/0x490 [ 33.479804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.480489] kthread+0x257/0x310 [ 33.480916] ret_from_fork+0x41/0x80 [ 33.481353] ret_from_fork_asm+0x1a/0x30 [ 33.481909] [ 33.482233] The buggy address belongs to the object at ffff888102a0ec00 [ 33.482233] which belongs to the cache kmalloc-64 of size 64 [ 33.483212] The buggy address is located 0 bytes to the right of [ 33.483212] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.485626] [ 33.485987] The buggy address belongs to the physical page: [ 33.486497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.487816] flags: 0x200000000000000(node=0|zone=2) [ 33.488587] page_type: f5(slab) [ 33.489075] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.490399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.491358] page dumped because: kasan: bad access detected [ 33.492013] [ 33.492123] Memory state around the buggy address: [ 33.492328] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.492607] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.493472] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.494073] ^ [ 33.494625] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.495290] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.496491] ================================================================== [ 34.154259] ================================================================== [ 34.155455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 34.156699] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.157636] [ 34.158177] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.159474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.159933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.160995] Call Trace: [ 34.161222] <TASK> [ 34.161543] dump_stack_lvl+0x73/0xb0 [ 34.162396] print_report+0xd1/0x640 [ 34.163048] ? __virt_addr_valid+0x1db/0x2d0 [ 34.163494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.164419] kasan_report+0x102/0x140 [ 34.164937] ? kasan_atomics_helper+0x1a80/0x5450 [ 34.165573] ? kasan_atomics_helper+0x1a80/0x5450 [ 34.166443] kasan_check_range+0x10c/0x1c0 [ 34.166919] __kasan_check_write+0x18/0x20 [ 34.167378] kasan_atomics_helper+0x1a80/0x5450 [ 34.168194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.168797] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.169497] ? kasan_atomics+0x153/0x310 [ 34.170226] kasan_atomics+0x1dd/0x310 [ 34.170629] ? __pfx_kasan_atomics+0x10/0x10 [ 34.171451] ? __pfx_read_tsc+0x10/0x10 [ 34.172543] ? ktime_get_ts64+0x86/0x230 [ 34.173193] kunit_try_run_case+0x1b3/0x490 [ 34.173646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.174377] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.175196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.176151] ? __kthread_parkme+0x82/0x160 [ 34.176570] ? preempt_count_sub+0x50/0x80 [ 34.177215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.177672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.178588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.179430] kthread+0x257/0x310 [ 34.180394] ? __pfx_kthread+0x10/0x10 [ 34.180801] ret_from_fork+0x41/0x80 [ 34.181817] ? __pfx_kthread+0x10/0x10 [ 34.182234] ret_from_fork_asm+0x1a/0x30 [ 34.182699] </TASK> [ 34.182907] [ 34.183222] Allocated by task 272: [ 34.184239] kasan_save_stack+0x3d/0x60 [ 34.184659] kasan_save_track+0x18/0x40 [ 34.185373] kasan_save_alloc_info+0x3b/0x50 [ 34.185832] __kasan_kmalloc+0xb7/0xc0 [ 34.186654] __kmalloc_cache_noprof+0x184/0x410 [ 34.187275] kasan_atomics+0x96/0x310 [ 34.187772] kunit_try_run_case+0x1b3/0x490 [ 34.188453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.189179] kthread+0x257/0x310 [ 34.189594] ret_from_fork+0x41/0x80 [ 34.190280] ret_from_fork_asm+0x1a/0x30 [ 34.190751] [ 34.191044] The buggy address belongs to the object at ffff888102a0ec00 [ 34.191044] which belongs to the cache kmalloc-64 of size 64 [ 34.192622] The buggy address is located 0 bytes to the right of [ 34.192622] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.194071] [ 34.194304] The buggy address belongs to the physical page: [ 34.195213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.195845] flags: 0x200000000000000(node=0|zone=2) [ 34.196325] page_type: f5(slab) [ 34.196729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.197830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.198650] page dumped because: kasan: bad access detected [ 34.199469] [ 34.199709] Memory state around the buggy address: [ 34.200661] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.201701] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.202446] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.203300] ^ [ 34.203825] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.204416] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.205460] ================================================================== [ 33.148648] ================================================================== [ 33.149483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 33.150106] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.150980] [ 33.151178] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.152583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.153329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.154228] Call Trace: [ 33.154564] <TASK> [ 33.154897] dump_stack_lvl+0x73/0xb0 [ 33.155655] print_report+0xd1/0x640 [ 33.156292] ? __virt_addr_valid+0x1db/0x2d0 [ 33.156890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.157535] kasan_report+0x102/0x140 [ 33.158222] ? kasan_atomics_helper+0xfaa/0x5450 [ 33.158872] ? kasan_atomics_helper+0xfaa/0x5450 [ 33.159403] kasan_check_range+0x10c/0x1c0 [ 33.160144] __kasan_check_write+0x18/0x20 [ 33.160932] kasan_atomics_helper+0xfaa/0x5450 [ 33.161428] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.161903] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.162843] ? kasan_atomics+0x153/0x310 [ 33.163482] kasan_atomics+0x1dd/0x310 [ 33.164191] ? __pfx_kasan_atomics+0x10/0x10 [ 33.164841] ? __pfx_read_tsc+0x10/0x10 [ 33.165264] ? ktime_get_ts64+0x86/0x230 [ 33.166026] kunit_try_run_case+0x1b3/0x490 [ 33.166712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.167239] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.168000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.168750] ? __kthread_parkme+0x82/0x160 [ 33.169410] ? preempt_count_sub+0x50/0x80 [ 33.169890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.170618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.171664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.172246] kthread+0x257/0x310 [ 33.172622] ? __pfx_kthread+0x10/0x10 [ 33.173501] ret_from_fork+0x41/0x80 [ 33.174237] ? __pfx_kthread+0x10/0x10 [ 33.174945] ret_from_fork_asm+0x1a/0x30 [ 33.175450] </TASK> [ 33.176102] [ 33.176258] Allocated by task 272: [ 33.176740] kasan_save_stack+0x3d/0x60 [ 33.177296] kasan_save_track+0x18/0x40 [ 33.178186] kasan_save_alloc_info+0x3b/0x50 [ 33.178408] __kasan_kmalloc+0xb7/0xc0 [ 33.178595] __kmalloc_cache_noprof+0x184/0x410 [ 33.179106] kasan_atomics+0x96/0x310 [ 33.179395] kunit_try_run_case+0x1b3/0x490 [ 33.179899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.180408] kthread+0x257/0x310 [ 33.180728] ret_from_fork+0x41/0x80 [ 33.181450] ret_from_fork_asm+0x1a/0x30 [ 33.181967] [ 33.182201] The buggy address belongs to the object at ffff888102a0ec00 [ 33.182201] which belongs to the cache kmalloc-64 of size 64 [ 33.183180] The buggy address is located 0 bytes to the right of [ 33.183180] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.184461] [ 33.184775] The buggy address belongs to the physical page: [ 33.185318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.186099] flags: 0x200000000000000(node=0|zone=2) [ 33.186468] page_type: f5(slab) [ 33.187031] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.187829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.188515] page dumped because: kasan: bad access detected [ 33.188970] [ 33.189245] Memory state around the buggy address: [ 33.189813] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.190389] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.191073] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.191901] ^ [ 33.192309] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.193123] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.193720] ================================================================== [ 34.016218] ================================================================== [ 34.016908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 34.017531] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.018371] [ 34.018561] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.019752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.020284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.021106] Call Trace: [ 34.021367] <TASK> [ 34.021567] dump_stack_lvl+0x73/0xb0 [ 34.021998] print_report+0xd1/0x640 [ 34.022529] ? __virt_addr_valid+0x1db/0x2d0 [ 34.023146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.023729] kasan_report+0x102/0x140 [ 34.024229] ? kasan_atomics_helper+0x18b2/0x5450 [ 34.024837] ? kasan_atomics_helper+0x18b2/0x5450 [ 34.025203] kasan_check_range+0x10c/0x1c0 [ 34.025873] __kasan_check_write+0x18/0x20 [ 34.026454] kasan_atomics_helper+0x18b2/0x5450 [ 34.027146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.027719] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.028334] ? kasan_atomics+0x153/0x310 [ 34.028961] kasan_atomics+0x1dd/0x310 [ 34.029410] ? __pfx_kasan_atomics+0x10/0x10 [ 34.029989] ? __pfx_read_tsc+0x10/0x10 [ 34.030362] ? ktime_get_ts64+0x86/0x230 [ 34.030887] kunit_try_run_case+0x1b3/0x490 [ 34.031398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.031987] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.032387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.033118] ? __kthread_parkme+0x82/0x160 [ 34.033586] ? preempt_count_sub+0x50/0x80 [ 34.034002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.034613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.035389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.036045] kthread+0x257/0x310 [ 34.036442] ? __pfx_kthread+0x10/0x10 [ 34.036996] ret_from_fork+0x41/0x80 [ 34.037418] ? __pfx_kthread+0x10/0x10 [ 34.038021] ret_from_fork_asm+0x1a/0x30 [ 34.038572] </TASK> [ 34.038986] [ 34.039184] Allocated by task 272: [ 34.039624] kasan_save_stack+0x3d/0x60 [ 34.040023] kasan_save_track+0x18/0x40 [ 34.040538] kasan_save_alloc_info+0x3b/0x50 [ 34.041024] __kasan_kmalloc+0xb7/0xc0 [ 34.041549] __kmalloc_cache_noprof+0x184/0x410 [ 34.042061] kasan_atomics+0x96/0x310 [ 34.042602] kunit_try_run_case+0x1b3/0x490 [ 34.043194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.043839] kthread+0x257/0x310 [ 34.044246] ret_from_fork+0x41/0x80 [ 34.044752] ret_from_fork_asm+0x1a/0x30 [ 34.045158] [ 34.045463] The buggy address belongs to the object at ffff888102a0ec00 [ 34.045463] which belongs to the cache kmalloc-64 of size 64 [ 34.046393] The buggy address is located 0 bytes to the right of [ 34.046393] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.047727] [ 34.047975] The buggy address belongs to the physical page: [ 34.048614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.049368] flags: 0x200000000000000(node=0|zone=2) [ 34.049821] page_type: f5(slab) [ 34.050227] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.051001] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.051666] page dumped because: kasan: bad access detected [ 34.052297] [ 34.052555] Memory state around the buggy address: [ 34.053121] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.053757] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.054276] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.055019] ^ [ 34.055480] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.056287] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.056990] ================================================================== [ 33.194571] ================================================================== [ 33.195515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 33.196473] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.196977] [ 33.197311] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.198303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.198921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.199644] Call Trace: [ 33.200108] <TASK> [ 33.200318] dump_stack_lvl+0x73/0xb0 [ 33.200646] print_report+0xd1/0x640 [ 33.201318] ? __virt_addr_valid+0x1db/0x2d0 [ 33.201862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.202582] kasan_report+0x102/0x140 [ 33.203011] ? kasan_atomics_helper+0x4a38/0x5450 [ 33.203628] ? kasan_atomics_helper+0x4a38/0x5450 [ 33.204062] __asan_report_load4_noabort+0x18/0x20 [ 33.204768] kasan_atomics_helper+0x4a38/0x5450 [ 33.205192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.205555] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.206501] ? kasan_atomics+0x153/0x310 [ 33.207202] kasan_atomics+0x1dd/0x310 [ 33.207615] ? __pfx_kasan_atomics+0x10/0x10 [ 33.208315] ? __pfx_read_tsc+0x10/0x10 [ 33.208947] ? ktime_get_ts64+0x86/0x230 [ 33.209275] kunit_try_run_case+0x1b3/0x490 [ 33.210711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.211415] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.211706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.212534] ? __kthread_parkme+0x82/0x160 [ 33.213353] ? preempt_count_sub+0x50/0x80 [ 33.214077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.214577] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.215096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.215719] kthread+0x257/0x310 [ 33.216149] ? __pfx_kthread+0x10/0x10 [ 33.216525] ret_from_fork+0x41/0x80 [ 33.217040] ? __pfx_kthread+0x10/0x10 [ 33.217491] ret_from_fork_asm+0x1a/0x30 [ 33.217967] </TASK> [ 33.218597] [ 33.219108] Allocated by task 272: [ 33.219354] kasan_save_stack+0x3d/0x60 [ 33.220112] kasan_save_track+0x18/0x40 [ 33.220541] kasan_save_alloc_info+0x3b/0x50 [ 33.221155] __kasan_kmalloc+0xb7/0xc0 [ 33.221511] __kmalloc_cache_noprof+0x184/0x410 [ 33.222094] kasan_atomics+0x96/0x310 [ 33.222432] kunit_try_run_case+0x1b3/0x490 [ 33.223105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.223725] kthread+0x257/0x310 [ 33.224165] ret_from_fork+0x41/0x80 [ 33.224589] ret_from_fork_asm+0x1a/0x30 [ 33.225193] [ 33.225554] The buggy address belongs to the object at ffff888102a0ec00 [ 33.225554] which belongs to the cache kmalloc-64 of size 64 [ 33.226727] The buggy address is located 0 bytes to the right of [ 33.226727] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.227873] [ 33.228138] The buggy address belongs to the physical page: [ 33.228611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.229446] flags: 0x200000000000000(node=0|zone=2) [ 33.230105] page_type: f5(slab) [ 33.230433] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.231312] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.232001] page dumped because: kasan: bad access detected [ 33.232546] [ 33.232814] Memory state around the buggy address: [ 33.233317] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.234117] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.234750] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.235447] ^ [ 33.236016] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.236800] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.237506] ================================================================== [ 33.974266] ================================================================== [ 33.974743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 33.975592] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.976110] [ 33.976300] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.977904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.978361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.979194] Call Trace: [ 33.979469] <TASK> [ 33.979706] dump_stack_lvl+0x73/0xb0 [ 33.980287] print_report+0xd1/0x640 [ 33.980891] ? __virt_addr_valid+0x1db/0x2d0 [ 33.981370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.982110] kasan_report+0x102/0x140 [ 33.982562] ? kasan_atomics_helper+0x1819/0x5450 [ 33.983114] ? kasan_atomics_helper+0x1819/0x5450 [ 33.983730] kasan_check_range+0x10c/0x1c0 [ 33.984189] __kasan_check_write+0x18/0x20 [ 33.984655] kasan_atomics_helper+0x1819/0x5450 [ 33.985296] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.985875] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.986522] ? kasan_atomics+0x153/0x310 [ 33.987156] kasan_atomics+0x1dd/0x310 [ 33.987717] ? __pfx_kasan_atomics+0x10/0x10 [ 33.988200] ? __pfx_read_tsc+0x10/0x10 [ 33.988592] ? ktime_get_ts64+0x86/0x230 [ 33.989105] kunit_try_run_case+0x1b3/0x490 [ 33.989568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.990216] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.990822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.991469] ? __kthread_parkme+0x82/0x160 [ 33.992118] ? preempt_count_sub+0x50/0x80 [ 33.992565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.993150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.993660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.994396] kthread+0x257/0x310 [ 33.994844] ? __pfx_kthread+0x10/0x10 [ 33.995171] ret_from_fork+0x41/0x80 [ 33.995714] ? __pfx_kthread+0x10/0x10 [ 33.996140] ret_from_fork_asm+0x1a/0x30 [ 33.996657] </TASK> [ 33.997093] [ 33.997274] Allocated by task 272: [ 33.997636] kasan_save_stack+0x3d/0x60 [ 33.998236] kasan_save_track+0x18/0x40 [ 33.998563] kasan_save_alloc_info+0x3b/0x50 [ 33.999170] __kasan_kmalloc+0xb7/0xc0 [ 33.999672] __kmalloc_cache_noprof+0x184/0x410 [ 34.000172] kasan_atomics+0x96/0x310 [ 34.000576] kunit_try_run_case+0x1b3/0x490 [ 34.001101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.001608] kthread+0x257/0x310 [ 34.001979] ret_from_fork+0x41/0x80 [ 34.002345] ret_from_fork_asm+0x1a/0x30 [ 34.002851] [ 34.003021] The buggy address belongs to the object at ffff888102a0ec00 [ 34.003021] which belongs to the cache kmalloc-64 of size 64 [ 34.003887] The buggy address is located 0 bytes to the right of [ 34.003887] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.005340] [ 34.005597] The buggy address belongs to the physical page: [ 34.006068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.006600] flags: 0x200000000000000(node=0|zone=2) [ 34.007345] page_type: f5(slab) [ 34.007866] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.008825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.009341] page dumped because: kasan: bad access detected [ 34.010083] [ 34.010298] Memory state around the buggy address: [ 34.010751] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.011515] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.012298] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.013028] ^ [ 34.013554] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.014270] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.015010] ================================================================== [ 34.356353] ================================================================== [ 34.357022] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 34.357949] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.358733] [ 34.359161] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.360317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.360845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.362012] Call Trace: [ 34.362249] <TASK> [ 34.362579] dump_stack_lvl+0x73/0xb0 [ 34.363064] print_report+0xd1/0x640 [ 34.363454] ? __virt_addr_valid+0x1db/0x2d0 [ 34.364091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.364564] kasan_report+0x102/0x140 [ 34.364997] ? kasan_atomics_helper+0x1ce2/0x5450 [ 34.365543] ? kasan_atomics_helper+0x1ce2/0x5450 [ 34.366148] kasan_check_range+0x10c/0x1c0 [ 34.366727] __kasan_check_write+0x18/0x20 [ 34.367334] kasan_atomics_helper+0x1ce2/0x5450 [ 34.367836] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.368427] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.369093] ? kasan_atomics+0x153/0x310 [ 34.369612] kasan_atomics+0x1dd/0x310 [ 34.370365] ? __pfx_kasan_atomics+0x10/0x10 [ 34.370856] ? __pfx_read_tsc+0x10/0x10 [ 34.371269] ? ktime_get_ts64+0x86/0x230 [ 34.371915] kunit_try_run_case+0x1b3/0x490 [ 34.372369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.373041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.373631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.374218] ? __kthread_parkme+0x82/0x160 [ 34.374807] ? preempt_count_sub+0x50/0x80 [ 34.375256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.375953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.376635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.377252] kthread+0x257/0x310 [ 34.377821] ? __pfx_kthread+0x10/0x10 [ 34.378279] ret_from_fork+0x41/0x80 [ 34.378849] ? __pfx_kthread+0x10/0x10 [ 34.379216] ret_from_fork_asm+0x1a/0x30 [ 34.379883] </TASK> [ 34.380180] [ 34.380469] Allocated by task 272: [ 34.380957] kasan_save_stack+0x3d/0x60 [ 34.381269] kasan_save_track+0x18/0x40 [ 34.381754] kasan_save_alloc_info+0x3b/0x50 [ 34.382242] __kasan_kmalloc+0xb7/0xc0 [ 34.382824] __kmalloc_cache_noprof+0x184/0x410 [ 34.383418] kasan_atomics+0x96/0x310 [ 34.383980] kunit_try_run_case+0x1b3/0x490 [ 34.384355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.385124] kthread+0x257/0x310 [ 34.385616] ret_from_fork+0x41/0x80 [ 34.386411] ret_from_fork_asm+0x1a/0x30 [ 34.386738] [ 34.386993] The buggy address belongs to the object at ffff888102a0ec00 [ 34.386993] which belongs to the cache kmalloc-64 of size 64 [ 34.387929] The buggy address is located 0 bytes to the right of [ 34.387929] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.389012] [ 34.389266] The buggy address belongs to the physical page: [ 34.389763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.390470] flags: 0x200000000000000(node=0|zone=2) [ 34.391070] page_type: f5(slab) [ 34.391478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.392345] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.392954] page dumped because: kasan: bad access detected [ 34.393461] [ 34.393648] Memory state around the buggy address: [ 34.394122] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.394808] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.395243] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.396131] ^ [ 34.396454] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.397641] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.398155] ================================================================== [ 34.807165] ================================================================== [ 34.808219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 34.809090] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.810471] [ 34.810719] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.812043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.812606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.813508] Call Trace: [ 34.813768] <TASK> [ 34.814420] dump_stack_lvl+0x73/0xb0 [ 34.815361] print_report+0xd1/0x640 [ 34.815752] ? __virt_addr_valid+0x1db/0x2d0 [ 34.816509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.817096] kasan_report+0x102/0x140 [ 34.817303] ? kasan_atomics_helper+0x218b/0x5450 [ 34.817529] ? kasan_atomics_helper+0x218b/0x5450 [ 34.817880] kasan_check_range+0x10c/0x1c0 [ 34.818528] __kasan_check_write+0x18/0x20 [ 34.819287] kasan_atomics_helper+0x218b/0x5450 [ 34.819860] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.820546] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.821250] ? kasan_atomics+0x153/0x310 [ 34.821646] kasan_atomics+0x1dd/0x310 [ 34.822275] ? __pfx_kasan_atomics+0x10/0x10 [ 34.822809] ? __pfx_read_tsc+0x10/0x10 [ 34.823204] ? ktime_get_ts64+0x86/0x230 [ 34.823841] kunit_try_run_case+0x1b3/0x490 [ 34.824265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.824951] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.825524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.826160] ? __kthread_parkme+0x82/0x160 [ 34.826566] ? preempt_count_sub+0x50/0x80 [ 34.827231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.827843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.828338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.829037] kthread+0x257/0x310 [ 34.829438] ? __pfx_kthread+0x10/0x10 [ 34.829948] ret_from_fork+0x41/0x80 [ 34.830438] ? __pfx_kthread+0x10/0x10 [ 34.830978] ret_from_fork_asm+0x1a/0x30 [ 34.831361] </TASK> [ 34.831813] [ 34.832108] Allocated by task 272: [ 34.832522] kasan_save_stack+0x3d/0x60 [ 34.833062] kasan_save_track+0x18/0x40 [ 34.833497] kasan_save_alloc_info+0x3b/0x50 [ 34.834085] __kasan_kmalloc+0xb7/0xc0 [ 34.834450] __kmalloc_cache_noprof+0x184/0x410 [ 34.835166] kasan_atomics+0x96/0x310 [ 34.835506] kunit_try_run_case+0x1b3/0x490 [ 34.836072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.836742] kthread+0x257/0x310 [ 34.837092] ret_from_fork+0x41/0x80 [ 34.837630] ret_from_fork_asm+0x1a/0x30 [ 34.838067] [ 34.838376] The buggy address belongs to the object at ffff888102a0ec00 [ 34.838376] which belongs to the cache kmalloc-64 of size 64 [ 34.839497] The buggy address is located 0 bytes to the right of [ 34.839497] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.840486] [ 34.840846] The buggy address belongs to the physical page: [ 34.841411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.842289] flags: 0x200000000000000(node=0|zone=2) [ 34.842889] page_type: f5(slab) [ 34.843275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.844149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.844966] page dumped because: kasan: bad access detected [ 34.845477] [ 34.845828] Memory state around the buggy address: [ 34.846319] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.846994] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.847672] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.848328] ^ [ 34.849016] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.849827] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.850568] ================================================================== [ 33.238632] ================================================================== [ 33.239377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 33.239954] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.240834] [ 33.241122] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.242075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.242659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.244047] Call Trace: [ 33.244357] <TASK> [ 33.244713] dump_stack_lvl+0x73/0xb0 [ 33.245104] print_report+0xd1/0x640 [ 33.245613] ? __virt_addr_valid+0x1db/0x2d0 [ 33.246137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.246632] kasan_report+0x102/0x140 [ 33.247323] ? kasan_atomics_helper+0x107a/0x5450 [ 33.248000] ? kasan_atomics_helper+0x107a/0x5450 [ 33.248828] kasan_check_range+0x10c/0x1c0 [ 33.249194] __kasan_check_write+0x18/0x20 [ 33.249708] kasan_atomics_helper+0x107a/0x5450 [ 33.250217] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.250839] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.251242] ? kasan_atomics+0x153/0x310 [ 33.251779] kasan_atomics+0x1dd/0x310 [ 33.252186] ? __pfx_kasan_atomics+0x10/0x10 [ 33.252660] ? __pfx_read_tsc+0x10/0x10 [ 33.253140] ? ktime_get_ts64+0x86/0x230 [ 33.253656] kunit_try_run_case+0x1b3/0x490 [ 33.254259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.254713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.255322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.255861] ? __kthread_parkme+0x82/0x160 [ 33.256337] ? preempt_count_sub+0x50/0x80 [ 33.256773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.257151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.257742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.258473] kthread+0x257/0x310 [ 33.258831] ? __pfx_kthread+0x10/0x10 [ 33.259294] ret_from_fork+0x41/0x80 [ 33.259942] ? __pfx_kthread+0x10/0x10 [ 33.260267] ret_from_fork_asm+0x1a/0x30 [ 33.260823] </TASK> [ 33.261160] [ 33.261400] Allocated by task 272: [ 33.261746] kasan_save_stack+0x3d/0x60 [ 33.262236] kasan_save_track+0x18/0x40 [ 33.262587] kasan_save_alloc_info+0x3b/0x50 [ 33.262937] __kasan_kmalloc+0xb7/0xc0 [ 33.263560] __kmalloc_cache_noprof+0x184/0x410 [ 33.264158] kasan_atomics+0x96/0x310 [ 33.264455] kunit_try_run_case+0x1b3/0x490 [ 33.265233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.265864] kthread+0x257/0x310 [ 33.266278] ret_from_fork+0x41/0x80 [ 33.266569] ret_from_fork_asm+0x1a/0x30 [ 33.267296] [ 33.267555] The buggy address belongs to the object at ffff888102a0ec00 [ 33.267555] which belongs to the cache kmalloc-64 of size 64 [ 33.268377] The buggy address is located 0 bytes to the right of [ 33.268377] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.269769] [ 33.269997] The buggy address belongs to the physical page: [ 33.270347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.271244] flags: 0x200000000000000(node=0|zone=2) [ 33.271726] page_type: f5(slab) [ 33.272840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.273350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.273938] page dumped because: kasan: bad access detected [ 33.274485] [ 33.274713] Memory state around the buggy address: [ 33.275234] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.276015] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.276561] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.277105] ^ [ 33.277989] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.278486] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.279718] ================================================================== [ 33.540109] ================================================================== [ 33.541671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 33.542670] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.543323] [ 33.543616] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.544591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.544961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.545765] Call Trace: [ 33.546053] <TASK> [ 33.546259] dump_stack_lvl+0x73/0xb0 [ 33.546894] print_report+0xd1/0x640 [ 33.547440] ? __virt_addr_valid+0x1db/0x2d0 [ 33.547976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.548570] kasan_report+0x102/0x140 [ 33.549087] ? kasan_atomics_helper+0x49d0/0x5450 [ 33.550382] ? kasan_atomics_helper+0x49d0/0x5450 [ 33.550864] __asan_report_load4_noabort+0x18/0x20 [ 33.551514] kasan_atomics_helper+0x49d0/0x5450 [ 33.552173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.552615] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.553495] ? kasan_atomics+0x153/0x310 [ 33.554148] kasan_atomics+0x1dd/0x310 [ 33.554634] ? __pfx_kasan_atomics+0x10/0x10 [ 33.555157] ? __pfx_read_tsc+0x10/0x10 [ 33.556060] ? ktime_get_ts64+0x86/0x230 [ 33.556638] kunit_try_run_case+0x1b3/0x490 [ 33.557289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.557749] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.558534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.559325] ? __kthread_parkme+0x82/0x160 [ 33.559773] ? preempt_count_sub+0x50/0x80 [ 33.560633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.560960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.561455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.562268] kthread+0x257/0x310 [ 33.562641] ? __pfx_kthread+0x10/0x10 [ 33.563333] ret_from_fork+0x41/0x80 [ 33.564005] ? __pfx_kthread+0x10/0x10 [ 33.564361] ret_from_fork_asm+0x1a/0x30 [ 33.564845] </TASK> [ 33.565143] [ 33.565367] Allocated by task 272: [ 33.566340] kasan_save_stack+0x3d/0x60 [ 33.566746] kasan_save_track+0x18/0x40 [ 33.567544] kasan_save_alloc_info+0x3b/0x50 [ 33.568311] __kasan_kmalloc+0xb7/0xc0 [ 33.569007] __kmalloc_cache_noprof+0x184/0x410 [ 33.569287] kasan_atomics+0x96/0x310 [ 33.569505] kunit_try_run_case+0x1b3/0x490 [ 33.570024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.570719] kthread+0x257/0x310 [ 33.571125] ret_from_fork+0x41/0x80 [ 33.571565] ret_from_fork_asm+0x1a/0x30 [ 33.572503] [ 33.572935] The buggy address belongs to the object at ffff888102a0ec00 [ 33.572935] which belongs to the cache kmalloc-64 of size 64 [ 33.574252] The buggy address is located 0 bytes to the right of [ 33.574252] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.575403] [ 33.575706] The buggy address belongs to the physical page: [ 33.576199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.577328] flags: 0x200000000000000(node=0|zone=2) [ 33.577702] page_type: f5(slab) [ 33.578202] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.578870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.579653] page dumped because: kasan: bad access detected [ 33.580348] [ 33.580546] Memory state around the buggy address: [ 33.581234] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.581917] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.582667] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.583209] ^ [ 33.583910] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.584493] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.585257] ================================================================== [ 33.807156] ================================================================== [ 33.807572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 33.808377] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.809346] [ 33.809544] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.810570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.811014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.811949] Call Trace: [ 33.812288] <TASK> [ 33.813201] dump_stack_lvl+0x73/0xb0 [ 33.813655] print_report+0xd1/0x640 [ 33.814358] ? __virt_addr_valid+0x1db/0x2d0 [ 33.815050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.815627] kasan_report+0x102/0x140 [ 33.816118] ? kasan_atomics_helper+0x15b7/0x5450 [ 33.816716] ? kasan_atomics_helper+0x15b7/0x5450 [ 33.817406] kasan_check_range+0x10c/0x1c0 [ 33.818056] __kasan_check_write+0x18/0x20 [ 33.818514] kasan_atomics_helper+0x15b7/0x5450 [ 33.818871] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.819454] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.820125] ? kasan_atomics+0x153/0x310 [ 33.820712] kasan_atomics+0x1dd/0x310 [ 33.821148] ? __pfx_kasan_atomics+0x10/0x10 [ 33.821640] ? __pfx_read_tsc+0x10/0x10 [ 33.822132] ? ktime_get_ts64+0x86/0x230 [ 33.822733] kunit_try_run_case+0x1b3/0x490 [ 33.823236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.823917] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.824377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.825061] ? __kthread_parkme+0x82/0x160 [ 33.825599] ? preempt_count_sub+0x50/0x80 [ 33.826096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.826756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.827438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.828108] kthread+0x257/0x310 [ 33.828514] ? __pfx_kthread+0x10/0x10 [ 33.829036] ret_from_fork+0x41/0x80 [ 33.829524] ? __pfx_kthread+0x10/0x10 [ 33.829949] ret_from_fork_asm+0x1a/0x30 [ 33.830556] </TASK> [ 33.831011] [ 33.831175] Allocated by task 272: [ 33.831596] kasan_save_stack+0x3d/0x60 [ 33.831998] kasan_save_track+0x18/0x40 [ 33.832471] kasan_save_alloc_info+0x3b/0x50 [ 33.832992] __kasan_kmalloc+0xb7/0xc0 [ 33.833314] __kmalloc_cache_noprof+0x184/0x410 [ 33.833978] kasan_atomics+0x96/0x310 [ 33.834440] kunit_try_run_case+0x1b3/0x490 [ 33.834992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.835674] kthread+0x257/0x310 [ 33.836112] ret_from_fork+0x41/0x80 [ 33.836563] ret_from_fork_asm+0x1a/0x30 [ 33.837177] [ 33.837396] The buggy address belongs to the object at ffff888102a0ec00 [ 33.837396] which belongs to the cache kmalloc-64 of size 64 [ 33.838526] The buggy address is located 0 bytes to the right of [ 33.838526] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.839911] [ 33.840084] The buggy address belongs to the physical page: [ 33.840657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.841468] flags: 0x200000000000000(node=0|zone=2) [ 33.842082] page_type: f5(slab) [ 33.842543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.843370] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.844217] page dumped because: kasan: bad access detected [ 33.844806] [ 33.845081] Memory state around the buggy address: [ 33.845538] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.846276] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.846971] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.847631] ^ [ 33.848210] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.848987] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.849617] ================================================================== [ 32.378675] ================================================================== [ 32.379240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 32.381129] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.381668] [ 32.381919] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.383787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.384190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.385043] Call Trace: [ 32.385367] <TASK> [ 32.385740] dump_stack_lvl+0x73/0xb0 [ 32.386394] print_report+0xd1/0x640 [ 32.387119] ? __virt_addr_valid+0x1db/0x2d0 [ 32.387637] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.388369] kasan_report+0x102/0x140 [ 32.388729] ? kasan_atomics_helper+0x566/0x5450 [ 32.389288] ? kasan_atomics_helper+0x566/0x5450 [ 32.389977] kasan_check_range+0x10c/0x1c0 [ 32.390383] __kasan_check_write+0x18/0x20 [ 32.390959] kasan_atomics_helper+0x566/0x5450 [ 32.391463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.392177] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.392586] ? kasan_atomics+0x153/0x310 [ 32.393110] kasan_atomics+0x1dd/0x310 [ 32.393499] ? __pfx_kasan_atomics+0x10/0x10 [ 32.393984] ? __pfx_read_tsc+0x10/0x10 [ 32.394396] ? ktime_get_ts64+0x86/0x230 [ 32.394950] kunit_try_run_case+0x1b3/0x490 [ 32.395463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.395963] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.396412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.397534] ? __kthread_parkme+0x82/0x160 [ 32.398301] ? preempt_count_sub+0x50/0x80 [ 32.398836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.399391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.399993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.400512] kthread+0x257/0x310 [ 32.401006] ? __pfx_kthread+0x10/0x10 [ 32.401365] ret_from_fork+0x41/0x80 [ 32.401928] ? __pfx_kthread+0x10/0x10 [ 32.402311] ret_from_fork_asm+0x1a/0x30 [ 32.402753] </TASK> [ 32.403114] [ 32.403339] Allocated by task 272: [ 32.403717] kasan_save_stack+0x3d/0x60 [ 32.404195] kasan_save_track+0x18/0x40 [ 32.404607] kasan_save_alloc_info+0x3b/0x50 [ 32.405130] __kasan_kmalloc+0xb7/0xc0 [ 32.405529] __kmalloc_cache_noprof+0x184/0x410 [ 32.405994] kasan_atomics+0x96/0x310 [ 32.406463] kunit_try_run_case+0x1b3/0x490 [ 32.407022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.407478] kthread+0x257/0x310 [ 32.407864] ret_from_fork+0x41/0x80 [ 32.408319] ret_from_fork_asm+0x1a/0x30 [ 32.408842] [ 32.409110] The buggy address belongs to the object at ffff888102a0ec00 [ 32.409110] which belongs to the cache kmalloc-64 of size 64 [ 32.409989] The buggy address is located 0 bytes to the right of [ 32.409989] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.410900] [ 32.411163] The buggy address belongs to the physical page: [ 32.411815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.412528] flags: 0x200000000000000(node=0|zone=2) [ 32.413054] page_type: f5(slab) [ 32.413483] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.414147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.415015] page dumped because: kasan: bad access detected [ 32.415479] [ 32.415659] Memory state around the buggy address: [ 32.416219] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.416814] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.417569] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.418152] ^ [ 32.418645] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.419095] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.419999] ================================================================== [ 33.280875] ================================================================== [ 33.281533] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 33.282834] Read of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 33.283302] [ 33.283586] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 33.284966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.285339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.285971] Call Trace: [ 33.286377] <TASK> [ 33.286664] dump_stack_lvl+0x73/0xb0 [ 33.287168] print_report+0xd1/0x640 [ 33.287817] ? __virt_addr_valid+0x1db/0x2d0 [ 33.288241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 33.289002] kasan_report+0x102/0x140 [ 33.289493] ? kasan_atomics_helper+0x4a1e/0x5450 [ 33.289875] ? kasan_atomics_helper+0x4a1e/0x5450 [ 33.290843] __asan_report_load4_noabort+0x18/0x20 [ 33.291492] kasan_atomics_helper+0x4a1e/0x5450 [ 33.292043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 33.292445] ? __kmalloc_cache_noprof+0x184/0x410 [ 33.293091] ? kasan_atomics+0x153/0x310 [ 33.293621] kasan_atomics+0x1dd/0x310 [ 33.294213] ? __pfx_kasan_atomics+0x10/0x10 [ 33.294618] ? __pfx_read_tsc+0x10/0x10 [ 33.295443] ? ktime_get_ts64+0x86/0x230 [ 33.295833] kunit_try_run_case+0x1b3/0x490 [ 33.296388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.297155] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 33.297605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 33.298588] ? __kthread_parkme+0x82/0x160 [ 33.298991] ? preempt_count_sub+0x50/0x80 [ 33.299621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 33.300078] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 33.300854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.301460] kthread+0x257/0x310 [ 33.302096] ? __pfx_kthread+0x10/0x10 [ 33.302422] ret_from_fork+0x41/0x80 [ 33.303106] ? __pfx_kthread+0x10/0x10 [ 33.303519] ret_from_fork_asm+0x1a/0x30 [ 33.304076] </TASK> [ 33.304428] [ 33.304729] Allocated by task 272: [ 33.305013] kasan_save_stack+0x3d/0x60 [ 33.305524] kasan_save_track+0x18/0x40 [ 33.305952] kasan_save_alloc_info+0x3b/0x50 [ 33.306532] __kasan_kmalloc+0xb7/0xc0 [ 33.307116] __kmalloc_cache_noprof+0x184/0x410 [ 33.307608] kasan_atomics+0x96/0x310 [ 33.308338] kunit_try_run_case+0x1b3/0x490 [ 33.309206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.309712] kthread+0x257/0x310 [ 33.310769] ret_from_fork+0x41/0x80 [ 33.311371] ret_from_fork_asm+0x1a/0x30 [ 33.312132] [ 33.312325] The buggy address belongs to the object at ffff888102a0ec00 [ 33.312325] which belongs to the cache kmalloc-64 of size 64 [ 33.313875] The buggy address is located 0 bytes to the right of [ 33.313875] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 33.315425] [ 33.315666] The buggy address belongs to the physical page: [ 33.316715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 33.317402] flags: 0x200000000000000(node=0|zone=2) [ 33.318064] page_type: f5(slab) [ 33.318325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 33.319478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 33.320156] page dumped because: kasan: bad access detected [ 33.320938] [ 33.321419] Memory state around the buggy address: [ 33.321637] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.322812] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.323461] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 33.324271] ^ [ 33.324747] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.325354] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.325946] ================================================================== [ 32.058845] ================================================================== [ 32.059904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 32.060759] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.061611] [ 32.062010] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.063611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.064287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.065228] Call Trace: [ 32.065864] <TASK> [ 32.066395] dump_stack_lvl+0x73/0xb0 [ 32.067039] print_report+0xd1/0x640 [ 32.067661] ? __virt_addr_valid+0x1db/0x2d0 [ 32.068282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.069191] kasan_report+0x102/0x140 [ 32.069728] ? kasan_atomics_helper+0x4ba4/0x5450 [ 32.070517] ? kasan_atomics_helper+0x4ba4/0x5450 [ 32.071127] __asan_report_store4_noabort+0x1b/0x30 [ 32.072009] kasan_atomics_helper+0x4ba4/0x5450 [ 32.072718] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.073381] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.074021] ? kasan_atomics+0x153/0x310 [ 32.074749] kasan_atomics+0x1dd/0x310 [ 32.075298] ? __pfx_kasan_atomics+0x10/0x10 [ 32.076094] ? __pfx_read_tsc+0x10/0x10 [ 32.076673] ? ktime_get_ts64+0x86/0x230 [ 32.077219] kunit_try_run_case+0x1b3/0x490 [ 32.078224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.078735] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.079598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.080316] ? __kthread_parkme+0x82/0x160 [ 32.080852] ? preempt_count_sub+0x50/0x80 [ 32.081303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.081933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.082770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.083418] kthread+0x257/0x310 [ 32.084028] ? __pfx_kthread+0x10/0x10 [ 32.084752] ret_from_fork+0x41/0x80 [ 32.085175] ? __pfx_kthread+0x10/0x10 [ 32.085788] ret_from_fork_asm+0x1a/0x30 [ 32.086325] </TASK> [ 32.086703] [ 32.086942] Allocated by task 272: [ 32.087293] kasan_save_stack+0x3d/0x60 [ 32.088060] kasan_save_track+0x18/0x40 [ 32.088616] kasan_save_alloc_info+0x3b/0x50 [ 32.089387] __kasan_kmalloc+0xb7/0xc0 [ 32.090020] __kmalloc_cache_noprof+0x184/0x410 [ 32.090601] kasan_atomics+0x96/0x310 [ 32.091117] kunit_try_run_case+0x1b3/0x490 [ 32.091729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.092315] kthread+0x257/0x310 [ 32.092901] ret_from_fork+0x41/0x80 [ 32.093533] ret_from_fork_asm+0x1a/0x30 [ 32.094335] [ 32.094590] The buggy address belongs to the object at ffff888102a0ec00 [ 32.094590] which belongs to the cache kmalloc-64 of size 64 [ 32.095984] The buggy address is located 0 bytes to the right of [ 32.095984] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.097211] [ 32.097383] The buggy address belongs to the physical page: [ 32.098467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.099257] flags: 0x200000000000000(node=0|zone=2) [ 32.099993] page_type: f5(slab) [ 32.100459] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.101482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.102316] page dumped because: kasan: bad access detected [ 32.102978] [ 32.103234] Memory state around the buggy address: [ 32.103880] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.104594] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.105660] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.106513] ^ [ 32.106831] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.107545] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.108563] ================================================================== [ 32.333481] ================================================================== [ 32.334185] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 32.335257] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.336099] [ 32.336398] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.337358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.337745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.338675] Call Trace: [ 32.338983] <TASK> [ 32.339361] dump_stack_lvl+0x73/0xb0 [ 32.339945] print_report+0xd1/0x640 [ 32.340487] ? __virt_addr_valid+0x1db/0x2d0 [ 32.340985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.341616] kasan_report+0x102/0x140 [ 32.341988] ? kasan_atomics_helper+0x4b3c/0x5450 [ 32.342436] ? kasan_atomics_helper+0x4b3c/0x5450 [ 32.343127] __asan_report_store4_noabort+0x1b/0x30 [ 32.343581] kasan_atomics_helper+0x4b3c/0x5450 [ 32.344309] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.344746] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.345460] ? kasan_atomics+0x153/0x310 [ 32.346104] kasan_atomics+0x1dd/0x310 [ 32.346574] ? __pfx_kasan_atomics+0x10/0x10 [ 32.347216] ? __pfx_read_tsc+0x10/0x10 [ 32.347845] ? ktime_get_ts64+0x86/0x230 [ 32.348220] kunit_try_run_case+0x1b3/0x490 [ 32.348820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.349403] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.349906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.350570] ? __kthread_parkme+0x82/0x160 [ 32.351067] ? preempt_count_sub+0x50/0x80 [ 32.351557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.352227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.352919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.353589] kthread+0x257/0x310 [ 32.354014] ? __pfx_kthread+0x10/0x10 [ 32.354482] ret_from_fork+0x41/0x80 [ 32.354999] ? __pfx_kthread+0x10/0x10 [ 32.355514] ret_from_fork_asm+0x1a/0x30 [ 32.356083] </TASK> [ 32.356377] [ 32.356708] Allocated by task 272: [ 32.357083] kasan_save_stack+0x3d/0x60 [ 32.357509] kasan_save_track+0x18/0x40 [ 32.358122] kasan_save_alloc_info+0x3b/0x50 [ 32.358513] __kasan_kmalloc+0xb7/0xc0 [ 32.359152] __kmalloc_cache_noprof+0x184/0x410 [ 32.359636] kasan_atomics+0x96/0x310 [ 32.360128] kunit_try_run_case+0x1b3/0x490 [ 32.360641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.361220] kthread+0x257/0x310 [ 32.361700] ret_from_fork+0x41/0x80 [ 32.362225] ret_from_fork_asm+0x1a/0x30 [ 32.362577] [ 32.363315] The buggy address belongs to the object at ffff888102a0ec00 [ 32.363315] which belongs to the cache kmalloc-64 of size 64 [ 32.364508] The buggy address is located 0 bytes to the right of [ 32.364508] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.365749] [ 32.366216] The buggy address belongs to the physical page: [ 32.366851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.367569] flags: 0x200000000000000(node=0|zone=2) [ 32.368098] page_type: f5(slab) [ 32.368395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.369636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.370872] page dumped because: kasan: bad access detected [ 32.371331] [ 32.371816] Memory state around the buggy address: [ 32.372475] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.373251] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.374108] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.375108] ^ [ 32.375608] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.376489] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.377580] ================================================================== [ 34.058127] ================================================================== [ 34.059017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 34.059880] Write of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.060745] [ 34.061188] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.062050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.062595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.063470] Call Trace: [ 34.064001] <TASK> [ 34.064267] dump_stack_lvl+0x73/0xb0 [ 34.064677] print_report+0xd1/0x640 [ 34.065055] ? __virt_addr_valid+0x1db/0x2d0 [ 34.065323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.065576] kasan_report+0x102/0x140 [ 34.066001] ? kasan_atomics_helper+0x194b/0x5450 [ 34.067652] ? kasan_atomics_helper+0x194b/0x5450 [ 34.068338] kasan_check_range+0x10c/0x1c0 [ 34.068997] __kasan_check_write+0x18/0x20 [ 34.069488] kasan_atomics_helper+0x194b/0x5450 [ 34.070122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.070782] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.071441] ? kasan_atomics+0x153/0x310 [ 34.071906] kasan_atomics+0x1dd/0x310 [ 34.072724] ? __pfx_kasan_atomics+0x10/0x10 [ 34.073375] ? __pfx_read_tsc+0x10/0x10 [ 34.074062] ? ktime_get_ts64+0x86/0x230 [ 34.074531] kunit_try_run_case+0x1b3/0x490 [ 34.075900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.076316] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.077063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.077694] ? __kthread_parkme+0x82/0x160 [ 34.078550] ? preempt_count_sub+0x50/0x80 [ 34.079225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.079741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.080832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.081560] kthread+0x257/0x310 [ 34.082577] ? __pfx_kthread+0x10/0x10 [ 34.082999] ret_from_fork+0x41/0x80 [ 34.083638] ? __pfx_kthread+0x10/0x10 [ 34.084365] ret_from_fork_asm+0x1a/0x30 [ 34.085309] </TASK> [ 34.085617] [ 34.085819] Allocated by task 272: [ 34.086410] kasan_save_stack+0x3d/0x60 [ 34.087064] kasan_save_track+0x18/0x40 [ 34.087562] kasan_save_alloc_info+0x3b/0x50 [ 34.088181] __kasan_kmalloc+0xb7/0xc0 [ 34.088662] __kmalloc_cache_noprof+0x184/0x410 [ 34.089323] kasan_atomics+0x96/0x310 [ 34.089829] kunit_try_run_case+0x1b3/0x490 [ 34.090212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.090722] kthread+0x257/0x310 [ 34.091072] ret_from_fork+0x41/0x80 [ 34.091516] ret_from_fork_asm+0x1a/0x30 [ 34.092027] [ 34.092199] The buggy address belongs to the object at ffff888102a0ec00 [ 34.092199] which belongs to the cache kmalloc-64 of size 64 [ 34.093534] The buggy address is located 0 bytes to the right of [ 34.093534] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.094854] [ 34.095147] The buggy address belongs to the physical page: [ 34.095805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.096707] flags: 0x200000000000000(node=0|zone=2) [ 34.097324] page_type: f5(slab) [ 34.097840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.098666] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.099479] page dumped because: kasan: bad access detected [ 34.100125] [ 34.100437] Memory state around the buggy address: [ 34.101107] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.101847] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.102537] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.103325] ^ [ 34.103854] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.104629] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.105410] ================================================================== [ 34.307893] ================================================================== [ 34.308620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 34.309273] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.309774] [ 34.310254] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.312480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.313560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.315092] Call Trace: [ 34.315403] <TASK> [ 34.315752] dump_stack_lvl+0x73/0xb0 [ 34.316187] print_report+0xd1/0x640 [ 34.316736] ? __virt_addr_valid+0x1db/0x2d0 [ 34.317437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.318066] kasan_report+0x102/0x140 [ 34.318636] ? kasan_atomics_helper+0x4f32/0x5450 [ 34.319225] ? kasan_atomics_helper+0x4f32/0x5450 [ 34.319840] __asan_report_load8_noabort+0x18/0x20 [ 34.320739] kasan_atomics_helper+0x4f32/0x5450 [ 34.321357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.322000] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.322611] ? kasan_atomics+0x153/0x310 [ 34.323367] kasan_atomics+0x1dd/0x310 [ 34.323938] ? __pfx_kasan_atomics+0x10/0x10 [ 34.324534] ? __pfx_read_tsc+0x10/0x10 [ 34.325155] ? ktime_get_ts64+0x86/0x230 [ 34.325699] kunit_try_run_case+0x1b3/0x490 [ 34.326146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.326856] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.327377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.328106] ? __kthread_parkme+0x82/0x160 [ 34.328727] ? preempt_count_sub+0x50/0x80 [ 34.329236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.329937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.330592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.331437] kthread+0x257/0x310 [ 34.332011] ? __pfx_kthread+0x10/0x10 [ 34.332523] ret_from_fork+0x41/0x80 [ 34.333086] ? __pfx_kthread+0x10/0x10 [ 34.333624] ret_from_fork_asm+0x1a/0x30 [ 34.334367] </TASK> [ 34.334843] [ 34.335051] Allocated by task 272: [ 34.335508] kasan_save_stack+0x3d/0x60 [ 34.336030] kasan_save_track+0x18/0x40 [ 34.336665] kasan_save_alloc_info+0x3b/0x50 [ 34.337254] __kasan_kmalloc+0xb7/0xc0 [ 34.337670] __kmalloc_cache_noprof+0x184/0x410 [ 34.338244] kasan_atomics+0x96/0x310 [ 34.338954] kunit_try_run_case+0x1b3/0x490 [ 34.339287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.340255] kthread+0x257/0x310 [ 34.340829] ret_from_fork+0x41/0x80 [ 34.341251] ret_from_fork_asm+0x1a/0x30 [ 34.341896] [ 34.342162] The buggy address belongs to the object at ffff888102a0ec00 [ 34.342162] which belongs to the cache kmalloc-64 of size 64 [ 34.343405] The buggy address is located 0 bytes to the right of [ 34.343405] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.344590] [ 34.345031] The buggy address belongs to the physical page: [ 34.345501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.346322] flags: 0x200000000000000(node=0|zone=2) [ 34.346951] page_type: f5(slab) [ 34.347346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.348298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.349089] page dumped because: kasan: bad access detected [ 34.349623] [ 34.349953] Memory state around the buggy address: [ 34.350571] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.351386] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.352046] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.352895] ^ [ 34.353371] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.354312] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.355287] ================================================================== [ 32.462526] ================================================================== [ 32.463425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 32.464436] Write of size 4 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 32.465316] [ 32.465606] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 32.466594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.467226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.468180] Call Trace: [ 32.468557] <TASK> [ 32.469050] dump_stack_lvl+0x73/0xb0 [ 32.469531] print_report+0xd1/0x640 [ 32.470110] ? __virt_addr_valid+0x1db/0x2d0 [ 32.470642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.471488] kasan_report+0x102/0x140 [ 32.472054] ? kasan_atomics_helper+0x698/0x5450 [ 32.472577] ? kasan_atomics_helper+0x698/0x5450 [ 32.473225] kasan_check_range+0x10c/0x1c0 [ 32.473711] __kasan_check_write+0x18/0x20 [ 32.474414] kasan_atomics_helper+0x698/0x5450 [ 32.475095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 32.476143] ? __kmalloc_cache_noprof+0x184/0x410 [ 32.476487] ? kasan_atomics+0x153/0x310 [ 32.477086] kasan_atomics+0x1dd/0x310 [ 32.477496] ? __pfx_kasan_atomics+0x10/0x10 [ 32.477830] ? __pfx_read_tsc+0x10/0x10 [ 32.478326] ? ktime_get_ts64+0x86/0x230 [ 32.478676] kunit_try_run_case+0x1b3/0x490 [ 32.479024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.479976] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.480397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.480954] ? __kthread_parkme+0x82/0x160 [ 32.481546] ? preempt_count_sub+0x50/0x80 [ 32.482191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.482822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.483504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.484142] kthread+0x257/0x310 [ 32.484746] ? __pfx_kthread+0x10/0x10 [ 32.485288] ret_from_fork+0x41/0x80 [ 32.485629] ? __pfx_kthread+0x10/0x10 [ 32.486075] ret_from_fork_asm+0x1a/0x30 [ 32.486486] </TASK> [ 32.486886] [ 32.487160] Allocated by task 272: [ 32.488016] kasan_save_stack+0x3d/0x60 [ 32.488477] kasan_save_track+0x18/0x40 [ 32.488953] kasan_save_alloc_info+0x3b/0x50 [ 32.489663] __kasan_kmalloc+0xb7/0xc0 [ 32.490406] __kmalloc_cache_noprof+0x184/0x410 [ 32.491047] kasan_atomics+0x96/0x310 [ 32.491524] kunit_try_run_case+0x1b3/0x490 [ 32.491944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.492487] kthread+0x257/0x310 [ 32.492805] ret_from_fork+0x41/0x80 [ 32.493297] ret_from_fork_asm+0x1a/0x30 [ 32.493650] [ 32.494059] The buggy address belongs to the object at ffff888102a0ec00 [ 32.494059] which belongs to the cache kmalloc-64 of size 64 [ 32.495182] The buggy address is located 0 bytes to the right of [ 32.495182] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 32.496330] [ 32.496506] The buggy address belongs to the physical page: [ 32.497247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 32.497971] flags: 0x200000000000000(node=0|zone=2) [ 32.498557] page_type: f5(slab) [ 32.499093] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 32.499966] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.500712] page dumped because: kasan: bad access detected [ 32.501351] [ 32.501610] Memory state around the buggy address: [ 32.502172] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.502923] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.503623] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.504352] ^ [ 32.504947] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.505671] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.506403] ================================================================== [ 34.581619] ================================================================== [ 34.582210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 34.583116] Read of size 8 at addr ffff888102a0ec30 by task kunit_try_catch/272 [ 34.583778] [ 34.584072] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 34.585425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.586023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.586998] Call Trace: [ 34.587384] <TASK> [ 34.587945] dump_stack_lvl+0x73/0xb0 [ 34.588325] print_report+0xd1/0x640 [ 34.589019] ? __virt_addr_valid+0x1db/0x2d0 [ 34.589632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 34.590441] kasan_report+0x102/0x140 [ 34.591007] ? kasan_atomics_helper+0x4f73/0x5450 [ 34.591742] ? kasan_atomics_helper+0x4f73/0x5450 [ 34.592501] __asan_report_load8_noabort+0x18/0x20 [ 34.593208] kasan_atomics_helper+0x4f73/0x5450 [ 34.593877] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 34.594357] ? __kmalloc_cache_noprof+0x184/0x410 [ 34.595091] ? kasan_atomics+0x153/0x310 [ 34.595821] kasan_atomics+0x1dd/0x310 [ 34.596496] ? __pfx_kasan_atomics+0x10/0x10 [ 34.597047] ? __pfx_read_tsc+0x10/0x10 [ 34.597584] ? ktime_get_ts64+0x86/0x230 [ 34.598224] kunit_try_run_case+0x1b3/0x490 [ 34.598817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.599399] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 34.600042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 34.600717] ? __kthread_parkme+0x82/0x160 [ 34.601243] ? preempt_count_sub+0x50/0x80 [ 34.601765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 34.602461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 34.603330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.604094] kthread+0x257/0x310 [ 34.604533] ? __pfx_kthread+0x10/0x10 [ 34.604964] ret_from_fork+0x41/0x80 [ 34.605521] ? __pfx_kthread+0x10/0x10 [ 34.605992] ret_from_fork_asm+0x1a/0x30 [ 34.606407] </TASK> [ 34.606648] [ 34.607019] Allocated by task 272: [ 34.607549] kasan_save_stack+0x3d/0x60 [ 34.607930] kasan_save_track+0x18/0x40 [ 34.608449] kasan_save_alloc_info+0x3b/0x50 [ 34.609016] __kasan_kmalloc+0xb7/0xc0 [ 34.609476] __kmalloc_cache_noprof+0x184/0x410 [ 34.609854] kasan_atomics+0x96/0x310 [ 34.610519] kunit_try_run_case+0x1b3/0x490 [ 34.610875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.611510] kthread+0x257/0x310 [ 34.612070] ret_from_fork+0x41/0x80 [ 34.612470] ret_from_fork_asm+0x1a/0x30 [ 34.613419] [ 34.613600] The buggy address belongs to the object at ffff888102a0ec00 [ 34.613600] which belongs to the cache kmalloc-64 of size 64 [ 34.614262] The buggy address is located 0 bytes to the right of [ 34.614262] allocated 48-byte region [ffff888102a0ec00, ffff888102a0ec30) [ 34.615080] [ 34.615504] The buggy address belongs to the physical page: [ 34.616395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0e [ 34.617231] flags: 0x200000000000000(node=0|zone=2) [ 34.617828] page_type: f5(slab) [ 34.618235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 34.618985] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 34.619729] page dumped because: kasan: bad access detected [ 34.620358] [ 34.620589] Memory state around the buggy address: [ 34.621160] ffff888102a0eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.621897] ffff888102a0eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.622475] >ffff888102a0ec00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.623261] ^ [ 34.623806] ffff888102a0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.624559] ffff888102a0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.625360] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 31.593236] ================================================================== [ 31.595120] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 31.597813] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.598671] [ 31.598989] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.600357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.600744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.601647] Call Trace: [ 31.602173] <TASK> [ 31.602516] dump_stack_lvl+0x73/0xb0 [ 31.603165] print_report+0xd1/0x640 [ 31.603633] ? __virt_addr_valid+0x1db/0x2d0 [ 31.604246] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.604973] kasan_report+0x102/0x140 [ 31.605445] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 31.606521] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 31.607295] kasan_check_range+0x10c/0x1c0 [ 31.608228] __kasan_check_write+0x18/0x20 [ 31.608639] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 31.609593] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.610330] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.611378] ? trace_hardirqs_on+0x37/0xe0 [ 31.611782] ? kasan_bitops_generic+0x93/0x1c0 [ 31.612767] kasan_bitops_generic+0x122/0x1c0 [ 31.613295] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.613806] ? __pfx_read_tsc+0x10/0x10 [ 31.614219] ? ktime_get_ts64+0x86/0x230 [ 31.614659] kunit_try_run_case+0x1b3/0x490 [ 31.615027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.615543] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.615993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.616456] ? __kthread_parkme+0x82/0x160 [ 31.617086] ? preempt_count_sub+0x50/0x80 [ 31.617502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.618083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.618634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.619378] kthread+0x257/0x310 [ 31.619927] ? __pfx_kthread+0x10/0x10 [ 31.620228] ret_from_fork+0x41/0x80 [ 31.620816] ? __pfx_kthread+0x10/0x10 [ 31.621228] ret_from_fork_asm+0x1a/0x30 [ 31.621646] </TASK> [ 31.622061] [ 31.622271] Allocated by task 268: [ 31.622705] kasan_save_stack+0x3d/0x60 [ 31.623221] kasan_save_track+0x18/0x40 [ 31.623657] kasan_save_alloc_info+0x3b/0x50 [ 31.624322] __kasan_kmalloc+0xb7/0xc0 [ 31.624744] __kmalloc_cache_noprof+0x184/0x410 [ 31.625388] kasan_bitops_generic+0x93/0x1c0 [ 31.625899] kunit_try_run_case+0x1b3/0x490 [ 31.626486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.626936] kthread+0x257/0x310 [ 31.627429] ret_from_fork+0x41/0x80 [ 31.627860] ret_from_fork_asm+0x1a/0x30 [ 31.628393] [ 31.628600] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.628600] which belongs to the cache kmalloc-16 of size 16 [ 31.630651] The buggy address is located 8 bytes inside of [ 31.630651] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.632459] [ 31.632768] The buggy address belongs to the physical page: [ 31.633369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.634059] flags: 0x200000000000000(node=0|zone=2) [ 31.635340] page_type: f5(slab) [ 31.635975] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.636988] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.638225] page dumped because: kasan: bad access detected [ 31.638696] [ 31.638971] Memory state around the buggy address: [ 31.639521] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.640791] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.642221] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.642788] ^ [ 31.643501] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.644639] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.645839] ================================================================== [ 31.815268] ================================================================== [ 31.815927] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 31.816968] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.817636] [ 31.818098] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.819142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.819847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.820593] Call Trace: [ 31.820926] <TASK> [ 31.821233] dump_stack_lvl+0x73/0xb0 [ 31.821842] print_report+0xd1/0x640 [ 31.822456] ? __virt_addr_valid+0x1db/0x2d0 [ 31.823061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.823432] kasan_report+0x102/0x140 [ 31.824179] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 31.824971] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 31.825819] kasan_check_range+0x10c/0x1c0 [ 31.826340] __kasan_check_write+0x18/0x20 [ 31.826978] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 31.827645] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.829621] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.831228] ? trace_hardirqs_on+0x37/0xe0 [ 31.832536] ? kasan_bitops_generic+0x93/0x1c0 [ 31.833491] kasan_bitops_generic+0x122/0x1c0 [ 31.834413] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.835676] ? __pfx_read_tsc+0x10/0x10 [ 31.836905] ? ktime_get_ts64+0x86/0x230 [ 31.837196] kunit_try_run_case+0x1b3/0x490 [ 31.837509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.838952] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.840561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.842206] ? __kthread_parkme+0x82/0x160 [ 31.843533] ? preempt_count_sub+0x50/0x80 [ 31.845290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.845622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.846024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.846376] kthread+0x257/0x310 [ 31.846643] ? __pfx_kthread+0x10/0x10 [ 31.849003] ret_from_fork+0x41/0x80 [ 31.850153] ? __pfx_kthread+0x10/0x10 [ 31.851152] ret_from_fork_asm+0x1a/0x30 [ 31.852617] </TASK> [ 31.853601] [ 31.854408] Allocated by task 268: [ 31.855152] kasan_save_stack+0x3d/0x60 [ 31.856865] kasan_save_track+0x18/0x40 [ 31.857706] kasan_save_alloc_info+0x3b/0x50 [ 31.859122] __kasan_kmalloc+0xb7/0xc0 [ 31.860176] __kmalloc_cache_noprof+0x184/0x410 [ 31.861505] kasan_bitops_generic+0x93/0x1c0 [ 31.862228] kunit_try_run_case+0x1b3/0x490 [ 31.862771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.863221] kthread+0x257/0x310 [ 31.863653] ret_from_fork+0x41/0x80 [ 31.864404] ret_from_fork_asm+0x1a/0x30 [ 31.865856] [ 31.866102] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.866102] which belongs to the cache kmalloc-16 of size 16 [ 31.866660] The buggy address is located 8 bytes inside of [ 31.866660] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.869971] [ 31.870423] The buggy address belongs to the physical page: [ 31.871657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.873337] flags: 0x200000000000000(node=0|zone=2) [ 31.874754] page_type: f5(slab) [ 31.875054] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.875490] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.877233] page dumped because: kasan: bad access detected [ 31.878858] [ 31.880107] Memory state around the buggy address: [ 31.881363] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.882641] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.884116] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.885016] ^ [ 31.885893] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.886326] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.887015] ================================================================== [ 31.944218] ================================================================== [ 31.945314] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 31.946113] Read of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.946979] [ 31.947266] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.948862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.949495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.950329] Call Trace: [ 31.950628] <TASK> [ 31.951170] dump_stack_lvl+0x73/0xb0 [ 31.952075] print_report+0xd1/0x640 [ 31.952576] ? __virt_addr_valid+0x1db/0x2d0 [ 31.953108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.953661] kasan_report+0x102/0x140 [ 31.954073] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 31.954637] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 31.955626] __asan_report_load8_noabort+0x18/0x20 [ 31.956162] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 31.956868] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.957514] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.958245] ? trace_hardirqs_on+0x37/0xe0 [ 31.958659] ? kasan_bitops_generic+0x93/0x1c0 [ 31.959373] kasan_bitops_generic+0x122/0x1c0 [ 31.959595] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.960251] ? __pfx_read_tsc+0x10/0x10 [ 31.960552] ? ktime_get_ts64+0x86/0x230 [ 31.961051] kunit_try_run_case+0x1b3/0x490 [ 31.961537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.962113] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.962640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.963257] ? __kthread_parkme+0x82/0x160 [ 31.963718] ? preempt_count_sub+0x50/0x80 [ 31.964219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.964670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.965450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.966040] kthread+0x257/0x310 [ 31.966482] ? __pfx_kthread+0x10/0x10 [ 31.966933] ret_from_fork+0x41/0x80 [ 31.967444] ? __pfx_kthread+0x10/0x10 [ 31.967924] ret_from_fork_asm+0x1a/0x30 [ 31.968506] </TASK> [ 31.968929] [ 31.969092] Allocated by task 268: [ 31.969535] kasan_save_stack+0x3d/0x60 [ 31.970063] kasan_save_track+0x18/0x40 [ 31.970616] kasan_save_alloc_info+0x3b/0x50 [ 31.971135] __kasan_kmalloc+0xb7/0xc0 [ 31.971660] __kmalloc_cache_noprof+0x184/0x410 [ 31.972190] kasan_bitops_generic+0x93/0x1c0 [ 31.972814] kunit_try_run_case+0x1b3/0x490 [ 31.973359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.973960] kthread+0x257/0x310 [ 31.974445] ret_from_fork+0x41/0x80 [ 31.974941] ret_from_fork_asm+0x1a/0x30 [ 31.975385] [ 31.975720] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.975720] which belongs to the cache kmalloc-16 of size 16 [ 31.976656] The buggy address is located 8 bytes inside of [ 31.976656] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.977893] [ 31.978199] The buggy address belongs to the physical page: [ 31.978886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.979705] flags: 0x200000000000000(node=0|zone=2) [ 31.980244] page_type: f5(slab) [ 31.980607] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.981372] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.982182] page dumped because: kasan: bad access detected [ 31.982609] [ 31.982961] Memory state around the buggy address: [ 31.983415] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.984233] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.984985] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.985611] ^ [ 31.986260] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.986935] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.987639] ================================================================== [ 31.889080] ================================================================== [ 31.889948] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 31.891043] Read of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.892209] [ 31.892497] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.893615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.894230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.895169] Call Trace: [ 31.895813] <TASK> [ 31.896245] dump_stack_lvl+0x73/0xb0 [ 31.896537] print_report+0xd1/0x640 [ 31.896882] ? __virt_addr_valid+0x1db/0x2d0 [ 31.897457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.897888] kasan_report+0x102/0x140 [ 31.898415] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 31.899301] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 31.899794] kasan_check_range+0x10c/0x1c0 [ 31.900417] __kasan_check_read+0x15/0x20 [ 31.901049] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 31.901857] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.902479] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.903401] ? trace_hardirqs_on+0x37/0xe0 [ 31.903813] ? kasan_bitops_generic+0x93/0x1c0 [ 31.904402] kasan_bitops_generic+0x122/0x1c0 [ 31.905298] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.905653] ? __pfx_read_tsc+0x10/0x10 [ 31.906087] ? ktime_get_ts64+0x86/0x230 [ 31.906558] kunit_try_run_case+0x1b3/0x490 [ 31.906906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.907494] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.908142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.908660] ? __kthread_parkme+0x82/0x160 [ 31.908970] ? preempt_count_sub+0x50/0x80 [ 31.909575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.910399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.911034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.911661] kthread+0x257/0x310 [ 31.912194] ? __pfx_kthread+0x10/0x10 [ 31.912609] ret_from_fork+0x41/0x80 [ 31.913403] ? __pfx_kthread+0x10/0x10 [ 31.913934] ret_from_fork_asm+0x1a/0x30 [ 31.914655] </TASK> [ 31.915991] [ 31.916148] Allocated by task 268: [ 31.916365] kasan_save_stack+0x3d/0x60 [ 31.916627] kasan_save_track+0x18/0x40 [ 31.916909] kasan_save_alloc_info+0x3b/0x50 [ 31.917185] __kasan_kmalloc+0xb7/0xc0 [ 31.917424] __kmalloc_cache_noprof+0x184/0x410 [ 31.919934] kasan_bitops_generic+0x93/0x1c0 [ 31.920922] kunit_try_run_case+0x1b3/0x490 [ 31.922500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.924051] kthread+0x257/0x310 [ 31.924927] ret_from_fork+0x41/0x80 [ 31.925116] ret_from_fork_asm+0x1a/0x30 [ 31.925302] [ 31.925405] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.925405] which belongs to the cache kmalloc-16 of size 16 [ 31.927558] The buggy address is located 8 bytes inside of [ 31.927558] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.929221] [ 31.929825] The buggy address belongs to the physical page: [ 31.930662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.931419] flags: 0x200000000000000(node=0|zone=2) [ 31.932101] page_type: f5(slab) [ 31.932629] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.933647] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.934590] page dumped because: kasan: bad access detected [ 31.935739] [ 31.936142] Memory state around the buggy address: [ 31.936824] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.937766] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.938722] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.939677] ^ [ 31.940362] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.941392] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.942290] ================================================================== [ 31.699203] ================================================================== [ 31.699929] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 31.701165] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.702290] [ 31.702500] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.703915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.704540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.705641] Call Trace: [ 31.705933] <TASK> [ 31.706531] dump_stack_lvl+0x73/0xb0 [ 31.707396] print_report+0xd1/0x640 [ 31.707832] ? __virt_addr_valid+0x1db/0x2d0 [ 31.708817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.709395] kasan_report+0x102/0x140 [ 31.709987] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 31.710585] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 31.711228] kasan_check_range+0x10c/0x1c0 [ 31.711437] __kasan_check_write+0x18/0x20 [ 31.711628] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 31.712417] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.713175] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.713665] ? trace_hardirqs_on+0x37/0xe0 [ 31.714148] ? kasan_bitops_generic+0x93/0x1c0 [ 31.714564] kasan_bitops_generic+0x122/0x1c0 [ 31.715078] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.715818] ? __pfx_read_tsc+0x10/0x10 [ 31.716293] ? ktime_get_ts64+0x86/0x230 [ 31.716703] kunit_try_run_case+0x1b3/0x490 [ 31.717257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.717747] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.718310] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.718941] ? __kthread_parkme+0x82/0x160 [ 31.719341] ? preempt_count_sub+0x50/0x80 [ 31.719918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.720453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.721096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.721655] kthread+0x257/0x310 [ 31.722152] ? __pfx_kthread+0x10/0x10 [ 31.722655] ret_from_fork+0x41/0x80 [ 31.723072] ? __pfx_kthread+0x10/0x10 [ 31.723566] ret_from_fork_asm+0x1a/0x30 [ 31.724112] </TASK> [ 31.724434] [ 31.724713] Allocated by task 268: [ 31.725224] kasan_save_stack+0x3d/0x60 [ 31.725752] kasan_save_track+0x18/0x40 [ 31.726326] kasan_save_alloc_info+0x3b/0x50 [ 31.726907] __kasan_kmalloc+0xb7/0xc0 [ 31.727326] __kmalloc_cache_noprof+0x184/0x410 [ 31.727731] kasan_bitops_generic+0x93/0x1c0 [ 31.728358] kunit_try_run_case+0x1b3/0x490 [ 31.728849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.729448] kthread+0x257/0x310 [ 31.730016] ret_from_fork+0x41/0x80 [ 31.730460] ret_from_fork_asm+0x1a/0x30 [ 31.730916] [ 31.731183] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.731183] which belongs to the cache kmalloc-16 of size 16 [ 31.732255] The buggy address is located 8 bytes inside of [ 31.732255] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.733485] [ 31.733759] The buggy address belongs to the physical page: [ 31.734385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.735099] flags: 0x200000000000000(node=0|zone=2) [ 31.736378] page_type: f5(slab) [ 31.736778] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.737853] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.738939] page dumped because: kasan: bad access detected [ 31.739440] [ 31.739659] Memory state around the buggy address: [ 31.740507] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.741194] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.741835] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.742423] ^ [ 31.743139] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.744627] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.745017] ================================================================== [ 31.506043] ================================================================== [ 31.506749] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 31.507788] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.508456] [ 31.508761] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.509597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.510219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.511043] Call Trace: [ 31.511286] <TASK> [ 31.511662] dump_stack_lvl+0x73/0xb0 [ 31.512079] print_report+0xd1/0x640 [ 31.512532] ? __virt_addr_valid+0x1db/0x2d0 [ 31.513075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.513773] kasan_report+0x102/0x140 [ 31.514259] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 31.514983] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 31.515534] kasan_check_range+0x10c/0x1c0 [ 31.516091] __kasan_check_write+0x18/0x20 [ 31.516494] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 31.517102] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.517873] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.518301] ? trace_hardirqs_on+0x37/0xe0 [ 31.518828] ? kasan_bitops_generic+0x93/0x1c0 [ 31.519440] kasan_bitops_generic+0x122/0x1c0 [ 31.520171] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.520581] ? __pfx_read_tsc+0x10/0x10 [ 31.521177] ? ktime_get_ts64+0x86/0x230 [ 31.521590] kunit_try_run_case+0x1b3/0x490 [ 31.522029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.522870] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.523958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.524455] ? __kthread_parkme+0x82/0x160 [ 31.525226] ? preempt_count_sub+0x50/0x80 [ 31.525627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.526162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.526666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.527525] kthread+0x257/0x310 [ 31.528119] ? __pfx_kthread+0x10/0x10 [ 31.528657] ret_from_fork+0x41/0x80 [ 31.529094] ? __pfx_kthread+0x10/0x10 [ 31.529466] ret_from_fork_asm+0x1a/0x30 [ 31.529893] </TASK> [ 31.530609] [ 31.530776] Allocated by task 268: [ 31.531156] kasan_save_stack+0x3d/0x60 [ 31.532021] kasan_save_track+0x18/0x40 [ 31.532426] kasan_save_alloc_info+0x3b/0x50 [ 31.532896] __kasan_kmalloc+0xb7/0xc0 [ 31.533281] __kmalloc_cache_noprof+0x184/0x410 [ 31.534385] kasan_bitops_generic+0x93/0x1c0 [ 31.535097] kunit_try_run_case+0x1b3/0x490 [ 31.535817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.536584] kthread+0x257/0x310 [ 31.537326] ret_from_fork+0x41/0x80 [ 31.538086] ret_from_fork_asm+0x1a/0x30 [ 31.538290] [ 31.538390] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.538390] which belongs to the cache kmalloc-16 of size 16 [ 31.538919] The buggy address is located 8 bytes inside of [ 31.538919] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.540505] [ 31.540676] The buggy address belongs to the physical page: [ 31.541357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.542653] flags: 0x200000000000000(node=0|zone=2) [ 31.543203] page_type: f5(slab) [ 31.543657] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.544372] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.545046] page dumped because: kasan: bad access detected [ 31.545603] [ 31.545922] Memory state around the buggy address: [ 31.546408] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.547127] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.547949] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.548556] ^ [ 31.549240] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.549973] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.550663] ================================================================== [ 31.748034] ================================================================== [ 31.751127] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 31.752150] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.752547] [ 31.752742] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.756578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.758171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.760521] Call Trace: [ 31.761578] <TASK> [ 31.761801] dump_stack_lvl+0x73/0xb0 [ 31.762090] print_report+0xd1/0x640 [ 31.762370] ? __virt_addr_valid+0x1db/0x2d0 [ 31.762708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.765263] kasan_report+0x102/0x140 [ 31.766494] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 31.768429] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 31.770084] kasan_check_range+0x10c/0x1c0 [ 31.771562] __kasan_check_write+0x18/0x20 [ 31.772181] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 31.772676] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.773295] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.774126] ? trace_hardirqs_on+0x37/0xe0 [ 31.774414] ? kasan_bitops_generic+0x93/0x1c0 [ 31.774745] kasan_bitops_generic+0x122/0x1c0 [ 31.777261] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.779069] ? __pfx_read_tsc+0x10/0x10 [ 31.780534] ? ktime_get_ts64+0x86/0x230 [ 31.782050] kunit_try_run_case+0x1b3/0x490 [ 31.782757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.784285] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.784838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.785285] ? __kthread_parkme+0x82/0x160 [ 31.785699] ? preempt_count_sub+0x50/0x80 [ 31.786099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.786550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.788261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.789381] kthread+0x257/0x310 [ 31.790011] ? __pfx_kthread+0x10/0x10 [ 31.790449] ret_from_fork+0x41/0x80 [ 31.791036] ? __pfx_kthread+0x10/0x10 [ 31.791580] ret_from_fork_asm+0x1a/0x30 [ 31.792304] </TASK> [ 31.792723] [ 31.793074] Allocated by task 268: [ 31.793559] kasan_save_stack+0x3d/0x60 [ 31.794249] kasan_save_track+0x18/0x40 [ 31.794605] kasan_save_alloc_info+0x3b/0x50 [ 31.795213] __kasan_kmalloc+0xb7/0xc0 [ 31.795827] __kmalloc_cache_noprof+0x184/0x410 [ 31.796377] kasan_bitops_generic+0x93/0x1c0 [ 31.797028] kunit_try_run_case+0x1b3/0x490 [ 31.797482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.798152] kthread+0x257/0x310 [ 31.798706] ret_from_fork+0x41/0x80 [ 31.799308] ret_from_fork_asm+0x1a/0x30 [ 31.799751] [ 31.800213] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.800213] which belongs to the cache kmalloc-16 of size 16 [ 31.801522] The buggy address is located 8 bytes inside of [ 31.801522] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.802745] [ 31.803038] The buggy address belongs to the physical page: [ 31.803627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.804497] flags: 0x200000000000000(node=0|zone=2) [ 31.805149] page_type: f5(slab) [ 31.805654] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.806452] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.807301] page dumped because: kasan: bad access detected [ 31.807912] [ 31.808111] Memory state around the buggy address: [ 31.808912] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.809500] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.810321] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.811122] ^ [ 31.811915] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.812650] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.813390] ================================================================== [ 31.552485] ================================================================== [ 31.553196] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 31.553999] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.554285] [ 31.554400] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.554962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.555761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.557505] Call Trace: [ 31.557992] <TASK> [ 31.558286] dump_stack_lvl+0x73/0xb0 [ 31.559109] print_report+0xd1/0x640 [ 31.559566] ? __virt_addr_valid+0x1db/0x2d0 [ 31.560069] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.560604] kasan_report+0x102/0x140 [ 31.561059] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 31.561742] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 31.562387] kasan_check_range+0x10c/0x1c0 [ 31.562851] __kasan_check_write+0x18/0x20 [ 31.563158] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 31.563931] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.564612] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.565093] ? trace_hardirqs_on+0x37/0xe0 [ 31.565395] ? kasan_bitops_generic+0x93/0x1c0 [ 31.566015] kasan_bitops_generic+0x122/0x1c0 [ 31.566542] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.567068] ? __pfx_read_tsc+0x10/0x10 [ 31.567451] ? ktime_get_ts64+0x86/0x230 [ 31.567966] kunit_try_run_case+0x1b3/0x490 [ 31.568467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.568937] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.569441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.570061] ? __kthread_parkme+0x82/0x160 [ 31.570474] ? preempt_count_sub+0x50/0x80 [ 31.570959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.571306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.572070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.572604] kthread+0x257/0x310 [ 31.572994] ? __pfx_kthread+0x10/0x10 [ 31.573469] ret_from_fork+0x41/0x80 [ 31.573956] ? __pfx_kthread+0x10/0x10 [ 31.574251] ret_from_fork_asm+0x1a/0x30 [ 31.574813] </TASK> [ 31.575063] [ 31.575260] Allocated by task 268: [ 31.575540] kasan_save_stack+0x3d/0x60 [ 31.575956] kasan_save_track+0x18/0x40 [ 31.576445] kasan_save_alloc_info+0x3b/0x50 [ 31.577032] __kasan_kmalloc+0xb7/0xc0 [ 31.577312] __kmalloc_cache_noprof+0x184/0x410 [ 31.577952] kasan_bitops_generic+0x93/0x1c0 [ 31.578305] kunit_try_run_case+0x1b3/0x490 [ 31.578614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.579291] kthread+0x257/0x310 [ 31.579729] ret_from_fork+0x41/0x80 [ 31.580241] ret_from_fork_asm+0x1a/0x30 [ 31.580609] [ 31.580862] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.580862] which belongs to the cache kmalloc-16 of size 16 [ 31.581734] The buggy address is located 8 bytes inside of [ 31.581734] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.582799] [ 31.583071] The buggy address belongs to the physical page: [ 31.583561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.584253] flags: 0x200000000000000(node=0|zone=2) [ 31.584578] page_type: f5(slab) [ 31.584957] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.585855] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.586398] page dumped because: kasan: bad access detected [ 31.586759] [ 31.586969] Memory state around the buggy address: [ 31.587323] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.588128] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.588946] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.590004] ^ [ 31.590571] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.591191] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.591940] ================================================================== [ 31.648571] ================================================================== [ 31.649628] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 31.650513] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.651360] [ 31.651546] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.653310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.653697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.655111] Call Trace: [ 31.655386] <TASK> [ 31.655604] dump_stack_lvl+0x73/0xb0 [ 31.656465] print_report+0xd1/0x640 [ 31.657156] ? __virt_addr_valid+0x1db/0x2d0 [ 31.657556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.658248] kasan_report+0x102/0x140 [ 31.658625] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 31.659746] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 31.660297] kasan_check_range+0x10c/0x1c0 [ 31.661205] __kasan_check_write+0x18/0x20 [ 31.661600] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 31.662706] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 31.663283] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.663916] ? trace_hardirqs_on+0x37/0xe0 [ 31.664358] ? kasan_bitops_generic+0x93/0x1c0 [ 31.665189] kasan_bitops_generic+0x122/0x1c0 [ 31.665584] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.666304] ? __pfx_read_tsc+0x10/0x10 [ 31.666704] ? ktime_get_ts64+0x86/0x230 [ 31.667363] kunit_try_run_case+0x1b3/0x490 [ 31.668064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.668505] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.669094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.669675] ? __kthread_parkme+0x82/0x160 [ 31.670225] ? preempt_count_sub+0x50/0x80 [ 31.670629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.671103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.671635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.672644] kthread+0x257/0x310 [ 31.673002] ? __pfx_kthread+0x10/0x10 [ 31.673766] ret_from_fork+0x41/0x80 [ 31.674415] ? __pfx_kthread+0x10/0x10 [ 31.675265] ret_from_fork_asm+0x1a/0x30 [ 31.675629] </TASK> [ 31.676588] [ 31.676820] Allocated by task 268: [ 31.677056] kasan_save_stack+0x3d/0x60 [ 31.677786] kasan_save_track+0x18/0x40 [ 31.678251] kasan_save_alloc_info+0x3b/0x50 [ 31.678654] __kasan_kmalloc+0xb7/0xc0 [ 31.679643] __kmalloc_cache_noprof+0x184/0x410 [ 31.680192] kasan_bitops_generic+0x93/0x1c0 [ 31.680822] kunit_try_run_case+0x1b3/0x490 [ 31.681434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.682145] kthread+0x257/0x310 [ 31.682422] ret_from_fork+0x41/0x80 [ 31.682864] ret_from_fork_asm+0x1a/0x30 [ 31.683635] [ 31.683920] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.683920] which belongs to the cache kmalloc-16 of size 16 [ 31.685327] The buggy address is located 8 bytes inside of [ 31.685327] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.686476] [ 31.686714] The buggy address belongs to the physical page: [ 31.687651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.688459] flags: 0x200000000000000(node=0|zone=2) [ 31.688925] page_type: f5(slab) [ 31.689466] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.690249] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.690842] page dumped because: kasan: bad access detected [ 31.691350] [ 31.691590] Memory state around the buggy address: [ 31.691998] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.692491] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.693333] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.694065] ^ [ 31.694733] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.695513] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.695967] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 31.287018] ================================================================== [ 31.288450] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.289052] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.289481] [ 31.289725] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.290435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.290833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.291347] Call Trace: [ 31.291722] <TASK> [ 31.292197] dump_stack_lvl+0x73/0xb0 [ 31.292585] print_report+0xd1/0x640 [ 31.292902] ? __virt_addr_valid+0x1db/0x2d0 [ 31.293599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.293983] kasan_report+0x102/0x140 [ 31.294268] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.294833] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.295490] kasan_check_range+0x10c/0x1c0 [ 31.296093] __kasan_check_write+0x18/0x20 [ 31.296577] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 31.297141] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.297528] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.297884] ? trace_hardirqs_on+0x37/0xe0 [ 31.298392] ? kasan_bitops_generic+0x93/0x1c0 [ 31.298993] kasan_bitops_generic+0x117/0x1c0 [ 31.299540] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.300352] ? __pfx_read_tsc+0x10/0x10 [ 31.300738] ? ktime_get_ts64+0x86/0x230 [ 31.301169] kunit_try_run_case+0x1b3/0x490 [ 31.301563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.302051] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.302386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.302749] ? __kthread_parkme+0x82/0x160 [ 31.303079] ? preempt_count_sub+0x50/0x80 [ 31.303757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.304348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.304926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.305438] kthread+0x257/0x310 [ 31.305782] ? __pfx_kthread+0x10/0x10 [ 31.306228] ret_from_fork+0x41/0x80 [ 31.306552] ? __pfx_kthread+0x10/0x10 [ 31.306942] ret_from_fork_asm+0x1a/0x30 [ 31.307411] </TASK> [ 31.307638] [ 31.307873] Allocated by task 268: [ 31.308274] kasan_save_stack+0x3d/0x60 [ 31.308770] kasan_save_track+0x18/0x40 [ 31.309145] kasan_save_alloc_info+0x3b/0x50 [ 31.309545] __kasan_kmalloc+0xb7/0xc0 [ 31.310023] __kmalloc_cache_noprof+0x184/0x410 [ 31.310381] kasan_bitops_generic+0x93/0x1c0 [ 31.310709] kunit_try_run_case+0x1b3/0x490 [ 31.311241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.311914] kthread+0x257/0x310 [ 31.312298] ret_from_fork+0x41/0x80 [ 31.312798] ret_from_fork_asm+0x1a/0x30 [ 31.313119] [ 31.313284] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.313284] which belongs to the cache kmalloc-16 of size 16 [ 31.314190] The buggy address is located 8 bytes inside of [ 31.314190] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.315195] [ 31.315439] The buggy address belongs to the physical page: [ 31.316100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.316556] flags: 0x200000000000000(node=0|zone=2) [ 31.317096] page_type: f5(slab) [ 31.317507] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.318661] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.319408] page dumped because: kasan: bad access detected [ 31.320037] [ 31.320197] Memory state around the buggy address: [ 31.320508] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.322034] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.322879] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.323369] ^ [ 31.323865] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.324713] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.325405] ================================================================== [ 31.327083] ================================================================== [ 31.328524] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.329442] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.330072] [ 31.330301] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.331302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.331578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.332580] Call Trace: [ 31.333440] <TASK> [ 31.333633] dump_stack_lvl+0x73/0xb0 [ 31.334268] print_report+0xd1/0x640 [ 31.334715] ? __virt_addr_valid+0x1db/0x2d0 [ 31.335438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.336008] kasan_report+0x102/0x140 [ 31.336555] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.337309] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.337905] kasan_check_range+0x10c/0x1c0 [ 31.338517] __kasan_check_write+0x18/0x20 [ 31.339072] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 31.339753] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.340504] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.341066] ? trace_hardirqs_on+0x37/0xe0 [ 31.341549] ? kasan_bitops_generic+0x93/0x1c0 [ 31.342106] kasan_bitops_generic+0x117/0x1c0 [ 31.342696] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.343248] ? __pfx_read_tsc+0x10/0x10 [ 31.343813] ? ktime_get_ts64+0x86/0x230 [ 31.344258] kunit_try_run_case+0x1b3/0x490 [ 31.344659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.345240] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.345727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.346282] ? __kthread_parkme+0x82/0x160 [ 31.346667] ? preempt_count_sub+0x50/0x80 [ 31.347220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.347598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.348406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.348959] kthread+0x257/0x310 [ 31.349285] ? __pfx_kthread+0x10/0x10 [ 31.349865] ret_from_fork+0x41/0x80 [ 31.350182] ? __pfx_kthread+0x10/0x10 [ 31.350715] ret_from_fork_asm+0x1a/0x30 [ 31.351136] </TASK> [ 31.351488] [ 31.351847] Allocated by task 268: [ 31.352173] kasan_save_stack+0x3d/0x60 [ 31.352714] kasan_save_track+0x18/0x40 [ 31.353153] kasan_save_alloc_info+0x3b/0x50 [ 31.353673] __kasan_kmalloc+0xb7/0xc0 [ 31.354048] __kmalloc_cache_noprof+0x184/0x410 [ 31.354597] kasan_bitops_generic+0x93/0x1c0 [ 31.355210] kunit_try_run_case+0x1b3/0x490 [ 31.355580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.356330] kthread+0x257/0x310 [ 31.356621] ret_from_fork+0x41/0x80 [ 31.357188] ret_from_fork_asm+0x1a/0x30 [ 31.357573] [ 31.357897] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.357897] which belongs to the cache kmalloc-16 of size 16 [ 31.358908] The buggy address is located 8 bytes inside of [ 31.358908] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.360011] [ 31.360221] The buggy address belongs to the physical page: [ 31.361719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.362825] flags: 0x200000000000000(node=0|zone=2) [ 31.363317] page_type: f5(slab) [ 31.363658] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.364464] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.365896] page dumped because: kasan: bad access detected [ 31.366423] [ 31.366809] Memory state around the buggy address: [ 31.367265] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.367970] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.368640] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.369343] ^ [ 31.370030] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.370577] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.371367] ================================================================== [ 31.415874] ================================================================== [ 31.416895] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.417501] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.418359] [ 31.418610] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.419647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.420087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.420836] Call Trace: [ 31.421270] <TASK> [ 31.421589] dump_stack_lvl+0x73/0xb0 [ 31.422062] print_report+0xd1/0x640 [ 31.422553] ? __virt_addr_valid+0x1db/0x2d0 [ 31.423031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.423721] kasan_report+0x102/0x140 [ 31.424100] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.424746] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.425448] kasan_check_range+0x10c/0x1c0 [ 31.425907] __kasan_check_write+0x18/0x20 [ 31.426209] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 31.426744] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.427379] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.427953] ? trace_hardirqs_on+0x37/0xe0 [ 31.428858] ? kasan_bitops_generic+0x93/0x1c0 [ 31.429408] kasan_bitops_generic+0x117/0x1c0 [ 31.430070] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.430761] ? __pfx_read_tsc+0x10/0x10 [ 31.431247] ? ktime_get_ts64+0x86/0x230 [ 31.432097] kunit_try_run_case+0x1b3/0x490 [ 31.432458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.432875] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.433314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.433853] ? __kthread_parkme+0x82/0x160 [ 31.434302] ? preempt_count_sub+0x50/0x80 [ 31.434726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.435232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.436000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.436477] kthread+0x257/0x310 [ 31.437024] ? __pfx_kthread+0x10/0x10 [ 31.437403] ret_from_fork+0x41/0x80 [ 31.437941] ? __pfx_kthread+0x10/0x10 [ 31.438388] ret_from_fork_asm+0x1a/0x30 [ 31.438922] </TASK> [ 31.439304] [ 31.439498] Allocated by task 268: [ 31.439961] kasan_save_stack+0x3d/0x60 [ 31.440479] kasan_save_track+0x18/0x40 [ 31.440889] kasan_save_alloc_info+0x3b/0x50 [ 31.441430] __kasan_kmalloc+0xb7/0xc0 [ 31.441915] __kmalloc_cache_noprof+0x184/0x410 [ 31.442525] kasan_bitops_generic+0x93/0x1c0 [ 31.443121] kunit_try_run_case+0x1b3/0x490 [ 31.443668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.444321] kthread+0x257/0x310 [ 31.444807] ret_from_fork+0x41/0x80 [ 31.445242] ret_from_fork_asm+0x1a/0x30 [ 31.445834] [ 31.446146] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.446146] which belongs to the cache kmalloc-16 of size 16 [ 31.447193] The buggy address is located 8 bytes inside of [ 31.447193] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.448315] [ 31.448481] The buggy address belongs to the physical page: [ 31.449193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.449848] flags: 0x200000000000000(node=0|zone=2) [ 31.450422] page_type: f5(slab) [ 31.450735] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.451524] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.452231] page dumped because: kasan: bad access detected [ 31.452756] [ 31.453059] Memory state around the buggy address: [ 31.453515] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.454226] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.454977] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.455629] ^ [ 31.456453] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.457773] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.458589] ================================================================== [ 31.244502] ================================================================== [ 31.245505] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.246628] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.247442] [ 31.247732] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.248710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.249105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.249972] Call Trace: [ 31.250292] <TASK> [ 31.250662] dump_stack_lvl+0x73/0xb0 [ 31.251396] print_report+0xd1/0x640 [ 31.251775] ? __virt_addr_valid+0x1db/0x2d0 [ 31.252492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.253099] kasan_report+0x102/0x140 [ 31.253423] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.254186] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.254608] kasan_check_range+0x10c/0x1c0 [ 31.255244] __kasan_check_write+0x18/0x20 [ 31.255652] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 31.256291] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.257078] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.257701] ? trace_hardirqs_on+0x37/0xe0 [ 31.258250] ? kasan_bitops_generic+0x93/0x1c0 [ 31.259735] kasan_bitops_generic+0x117/0x1c0 [ 31.260080] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.260458] ? __pfx_read_tsc+0x10/0x10 [ 31.261008] ? ktime_get_ts64+0x86/0x230 [ 31.261320] kunit_try_run_case+0x1b3/0x490 [ 31.261913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.262252] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.262836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.263278] ? __kthread_parkme+0x82/0x160 [ 31.263643] ? preempt_count_sub+0x50/0x80 [ 31.264136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.264616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.265340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.265960] kthread+0x257/0x310 [ 31.266294] ? __pfx_kthread+0x10/0x10 [ 31.266707] ret_from_fork+0x41/0x80 [ 31.267033] ? __pfx_kthread+0x10/0x10 [ 31.267404] ret_from_fork_asm+0x1a/0x30 [ 31.268046] </TASK> [ 31.268338] [ 31.268504] Allocated by task 268: [ 31.268854] kasan_save_stack+0x3d/0x60 [ 31.269324] kasan_save_track+0x18/0x40 [ 31.269863] kasan_save_alloc_info+0x3b/0x50 [ 31.270254] __kasan_kmalloc+0xb7/0xc0 [ 31.270667] __kmalloc_cache_noprof+0x184/0x410 [ 31.271077] kasan_bitops_generic+0x93/0x1c0 [ 31.271386] kunit_try_run_case+0x1b3/0x490 [ 31.271970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.272611] kthread+0x257/0x310 [ 31.272887] ret_from_fork+0x41/0x80 [ 31.273374] ret_from_fork_asm+0x1a/0x30 [ 31.273892] [ 31.274156] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.274156] which belongs to the cache kmalloc-16 of size 16 [ 31.275190] The buggy address is located 8 bytes inside of [ 31.275190] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.276212] [ 31.276384] The buggy address belongs to the physical page: [ 31.276867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.277771] flags: 0x200000000000000(node=0|zone=2) [ 31.278109] page_type: f5(slab) [ 31.278398] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.279488] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.280282] page dumped because: kasan: bad access detected [ 31.280655] [ 31.280842] Memory state around the buggy address: [ 31.281154] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.282256] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.282674] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.283653] ^ [ 31.284454] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.285381] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.286029] ================================================================== [ 31.372722] ================================================================== [ 31.373541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.374458] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.375306] [ 31.375631] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.376664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.377042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.377779] Call Trace: [ 31.378132] <TASK> [ 31.378403] dump_stack_lvl+0x73/0xb0 [ 31.378939] print_report+0xd1/0x640 [ 31.379410] ? __virt_addr_valid+0x1db/0x2d0 [ 31.379939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.380494] kasan_report+0x102/0x140 [ 31.381042] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.381560] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.382292] kasan_check_range+0x10c/0x1c0 [ 31.382651] __kasan_check_write+0x18/0x20 [ 31.383245] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 31.383993] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.384556] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.385110] ? trace_hardirqs_on+0x37/0xe0 [ 31.385698] ? kasan_bitops_generic+0x93/0x1c0 [ 31.386299] kasan_bitops_generic+0x117/0x1c0 [ 31.386837] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.387498] ? __pfx_read_tsc+0x10/0x10 [ 31.387958] ? ktime_get_ts64+0x86/0x230 [ 31.388435] kunit_try_run_case+0x1b3/0x490 [ 31.389023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.389507] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.390114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.390561] ? __kthread_parkme+0x82/0x160 [ 31.391053] ? preempt_count_sub+0x50/0x80 [ 31.391513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.392201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.393016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.393590] kthread+0x257/0x310 [ 31.393995] ? __pfx_kthread+0x10/0x10 [ 31.394387] ret_from_fork+0x41/0x80 [ 31.394950] ? __pfx_kthread+0x10/0x10 [ 31.395392] ret_from_fork_asm+0x1a/0x30 [ 31.395941] </TASK> [ 31.396290] [ 31.396552] Allocated by task 268: [ 31.397099] kasan_save_stack+0x3d/0x60 [ 31.397450] kasan_save_track+0x18/0x40 [ 31.398024] kasan_save_alloc_info+0x3b/0x50 [ 31.398498] __kasan_kmalloc+0xb7/0xc0 [ 31.398924] __kmalloc_cache_noprof+0x184/0x410 [ 31.399502] kasan_bitops_generic+0x93/0x1c0 [ 31.400028] kunit_try_run_case+0x1b3/0x490 [ 31.400484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.401244] kthread+0x257/0x310 [ 31.401575] ret_from_fork+0x41/0x80 [ 31.402072] ret_from_fork_asm+0x1a/0x30 [ 31.402501] [ 31.402840] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.402840] which belongs to the cache kmalloc-16 of size 16 [ 31.403905] The buggy address is located 8 bytes inside of [ 31.403905] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.405096] [ 31.405387] The buggy address belongs to the physical page: [ 31.405985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.406634] flags: 0x200000000000000(node=0|zone=2) [ 31.407225] page_type: f5(slab) [ 31.407546] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.408419] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.409227] page dumped because: kasan: bad access detected [ 31.409706] [ 31.409917] Memory state around the buggy address: [ 31.410317] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.411013] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.411631] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.412437] ^ [ 31.413004] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.413924] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.414556] ================================================================== [ 31.149674] ================================================================== [ 31.150412] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.150806] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.151718] [ 31.151957] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.153156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.154397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.155352] Call Trace: [ 31.155670] <TASK> [ 31.156007] dump_stack_lvl+0x73/0xb0 [ 31.156317] print_report+0xd1/0x640 [ 31.156744] ? __virt_addr_valid+0x1db/0x2d0 [ 31.157260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.157814] kasan_report+0x102/0x140 [ 31.158136] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.158720] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.159404] kasan_check_range+0x10c/0x1c0 [ 31.159866] __kasan_check_write+0x18/0x20 [ 31.160322] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 31.160831] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.161455] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.161998] ? trace_hardirqs_on+0x37/0xe0 [ 31.162361] ? kasan_bitops_generic+0x93/0x1c0 [ 31.162907] kasan_bitops_generic+0x117/0x1c0 [ 31.163255] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.163866] ? __pfx_read_tsc+0x10/0x10 [ 31.164330] ? ktime_get_ts64+0x86/0x230 [ 31.164722] kunit_try_run_case+0x1b3/0x490 [ 31.165130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.165701] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.166299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.166759] ? __kthread_parkme+0x82/0x160 [ 31.167271] ? preempt_count_sub+0x50/0x80 [ 31.167710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.168149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.168834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.169375] kthread+0x257/0x310 [ 31.169801] ? __pfx_kthread+0x10/0x10 [ 31.170145] ret_from_fork+0x41/0x80 [ 31.170586] ? __pfx_kthread+0x10/0x10 [ 31.171121] ret_from_fork_asm+0x1a/0x30 [ 31.171514] </TASK> [ 31.171938] [ 31.172183] Allocated by task 268: [ 31.172534] kasan_save_stack+0x3d/0x60 [ 31.172910] kasan_save_track+0x18/0x40 [ 31.173385] kasan_save_alloc_info+0x3b/0x50 [ 31.173818] __kasan_kmalloc+0xb7/0xc0 [ 31.174229] __kmalloc_cache_noprof+0x184/0x410 [ 31.174831] kasan_bitops_generic+0x93/0x1c0 [ 31.175292] kunit_try_run_case+0x1b3/0x490 [ 31.175627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.176319] kthread+0x257/0x310 [ 31.176661] ret_from_fork+0x41/0x80 [ 31.177164] ret_from_fork_asm+0x1a/0x30 [ 31.177476] [ 31.177726] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.177726] which belongs to the cache kmalloc-16 of size 16 [ 31.178758] The buggy address is located 8 bytes inside of [ 31.178758] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.179839] [ 31.180011] The buggy address belongs to the physical page: [ 31.180351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.181264] flags: 0x200000000000000(node=0|zone=2) [ 31.181896] page_type: f5(slab) [ 31.182305] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.183070] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.183964] page dumped because: kasan: bad access detected [ 31.184502] [ 31.184664] Memory state around the buggy address: [ 31.185095] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.185832] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.186473] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.187382] ^ [ 31.188015] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.188756] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.189446] ================================================================== [ 31.191951] ================================================================== [ 31.192695] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.194479] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.196286] [ 31.196554] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.197262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.197449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.198010] Call Trace: [ 31.198459] <TASK> [ 31.198830] dump_stack_lvl+0x73/0xb0 [ 31.199452] print_report+0xd1/0x640 [ 31.200179] ? __virt_addr_valid+0x1db/0x2d0 [ 31.200926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.201641] kasan_report+0x102/0x140 [ 31.202358] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.202937] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.204053] kasan_check_range+0x10c/0x1c0 [ 31.204649] __kasan_check_write+0x18/0x20 [ 31.205018] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 31.205950] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.206477] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.207043] ? trace_hardirqs_on+0x37/0xe0 [ 31.208000] ? kasan_bitops_generic+0x93/0x1c0 [ 31.208625] kasan_bitops_generic+0x117/0x1c0 [ 31.209246] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.209715] ? __pfx_read_tsc+0x10/0x10 [ 31.210456] ? ktime_get_ts64+0x86/0x230 [ 31.211138] kunit_try_run_case+0x1b3/0x490 [ 31.211538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.212474] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.213236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.213721] ? __kthread_parkme+0x82/0x160 [ 31.214397] ? preempt_count_sub+0x50/0x80 [ 31.215040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.215625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.216543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.217147] kthread+0x257/0x310 [ 31.217759] ? __pfx_kthread+0x10/0x10 [ 31.218375] ret_from_fork+0x41/0x80 [ 31.218810] ? __pfx_kthread+0x10/0x10 [ 31.219206] ret_from_fork_asm+0x1a/0x30 [ 31.219635] </TASK> [ 31.220456] [ 31.220629] Allocated by task 268: [ 31.221635] kasan_save_stack+0x3d/0x60 [ 31.222446] kasan_save_track+0x18/0x40 [ 31.223154] kasan_save_alloc_info+0x3b/0x50 [ 31.223742] __kasan_kmalloc+0xb7/0xc0 [ 31.224392] __kmalloc_cache_noprof+0x184/0x410 [ 31.225063] kasan_bitops_generic+0x93/0x1c0 [ 31.225671] kunit_try_run_case+0x1b3/0x490 [ 31.226485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.227627] kthread+0x257/0x310 [ 31.227993] ret_from_fork+0x41/0x80 [ 31.228609] ret_from_fork_asm+0x1a/0x30 [ 31.229287] [ 31.230107] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.230107] which belongs to the cache kmalloc-16 of size 16 [ 31.231476] The buggy address is located 8 bytes inside of [ 31.231476] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.233278] [ 31.233775] The buggy address belongs to the physical page: [ 31.234202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.235088] flags: 0x200000000000000(node=0|zone=2) [ 31.235482] page_type: f5(slab) [ 31.235854] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.236490] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.237219] page dumped because: kasan: bad access detected [ 31.237784] [ 31.238149] Memory state around the buggy address: [ 31.238626] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.239250] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.239954] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.240655] ^ [ 31.241274] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.241972] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.242724] ================================================================== [ 31.459795] ================================================================== [ 31.461579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 31.463023] Write of size 8 at addr ffff8881025ed7e8 by task kunit_try_catch/268 [ 31.464622] [ 31.464961] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.466009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.466415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.467552] Call Trace: [ 31.468470] <TASK> [ 31.468980] dump_stack_lvl+0x73/0xb0 [ 31.469391] print_report+0xd1/0x640 [ 31.469802] ? __virt_addr_valid+0x1db/0x2d0 [ 31.470338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.470713] kasan_report+0x102/0x140 [ 31.471105] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 31.471514] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 31.472153] kasan_check_range+0x10c/0x1c0 [ 31.472542] __kasan_check_write+0x18/0x20 [ 31.472961] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 31.473601] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 31.474026] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.474584] ? trace_hardirqs_on+0x37/0xe0 [ 31.474903] ? kasan_bitops_generic+0x93/0x1c0 [ 31.475449] kasan_bitops_generic+0x117/0x1c0 [ 31.476029] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 31.476423] ? __pfx_read_tsc+0x10/0x10 [ 31.476911] ? ktime_get_ts64+0x86/0x230 [ 31.477236] kunit_try_run_case+0x1b3/0x490 [ 31.477699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.478067] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.478624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.479187] ? __kthread_parkme+0x82/0x160 [ 31.479500] ? preempt_count_sub+0x50/0x80 [ 31.480151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.480618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.481029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.481817] kthread+0x257/0x310 [ 31.482270] ? __pfx_kthread+0x10/0x10 [ 31.482656] ret_from_fork+0x41/0x80 [ 31.483176] ? __pfx_kthread+0x10/0x10 [ 31.483539] ret_from_fork_asm+0x1a/0x30 [ 31.484181] </TASK> [ 31.484398] [ 31.484559] Allocated by task 268: [ 31.484831] kasan_save_stack+0x3d/0x60 [ 31.485117] kasan_save_track+0x18/0x40 [ 31.485572] kasan_save_alloc_info+0x3b/0x50 [ 31.486124] __kasan_kmalloc+0xb7/0xc0 [ 31.486953] __kmalloc_cache_noprof+0x184/0x410 [ 31.487665] kasan_bitops_generic+0x93/0x1c0 [ 31.488925] kunit_try_run_case+0x1b3/0x490 [ 31.489217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.489470] kthread+0x257/0x310 [ 31.489634] ret_from_fork+0x41/0x80 [ 31.490313] ret_from_fork_asm+0x1a/0x30 [ 31.491051] [ 31.491417] The buggy address belongs to the object at ffff8881025ed7e0 [ 31.491417] which belongs to the cache kmalloc-16 of size 16 [ 31.492739] The buggy address is located 8 bytes inside of [ 31.492739] allocated 9-byte region [ffff8881025ed7e0, ffff8881025ed7e9) [ 31.493932] [ 31.494257] The buggy address belongs to the physical page: [ 31.494823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ed [ 31.495751] flags: 0x200000000000000(node=0|zone=2) [ 31.496294] page_type: f5(slab) [ 31.496741] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 31.497491] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.498354] page dumped because: kasan: bad access detected [ 31.498789] [ 31.499181] Memory state around the buggy address: [ 31.499721] ffff8881025ed680: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 31.500472] ffff8881025ed700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.501303] >ffff8881025ed780: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 31.502083] ^ [ 31.502579] ffff8881025ed800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.503451] ffff8881025ed880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.504266] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 31.083991] ================================================================== [ 31.084744] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 31.086551] Read of size 1 at addr ffff888102a07ed0 by task kunit_try_catch/266 [ 31.088144] [ 31.088334] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.089984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.090587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.092315] Call Trace: [ 31.092592] <TASK> [ 31.093027] dump_stack_lvl+0x73/0xb0 [ 31.093648] print_report+0xd1/0x640 [ 31.094356] ? __virt_addr_valid+0x1db/0x2d0 [ 31.095401] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.095979] kasan_report+0x102/0x140 [ 31.096458] ? strnlen+0x73/0x80 [ 31.097474] ? strnlen+0x73/0x80 [ 31.098252] __asan_report_load1_noabort+0x18/0x20 [ 31.099063] strnlen+0x73/0x80 [ 31.099436] kasan_strings+0x4c3/0xb60 [ 31.100598] ? __pfx_kasan_strings+0x10/0x10 [ 31.101164] ? __schedule+0xc70/0x27e0 [ 31.101660] ? __pfx_read_tsc+0x10/0x10 [ 31.102471] ? ktime_get_ts64+0x86/0x230 [ 31.103182] kunit_try_run_case+0x1b3/0x490 [ 31.103590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.104324] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.105170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.105665] ? __kthread_parkme+0x82/0x160 [ 31.106872] ? preempt_count_sub+0x50/0x80 [ 31.107734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.108153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.109195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.110147] kthread+0x257/0x310 [ 31.110881] ? __pfx_kthread+0x10/0x10 [ 31.111454] ret_from_fork+0x41/0x80 [ 31.112381] ? __pfx_kthread+0x10/0x10 [ 31.112774] ret_from_fork_asm+0x1a/0x30 [ 31.113410] </TASK> [ 31.114393] [ 31.114578] Allocated by task 266: [ 31.114866] kasan_save_stack+0x3d/0x60 [ 31.115907] kasan_save_track+0x18/0x40 [ 31.116632] kasan_save_alloc_info+0x3b/0x50 [ 31.117590] __kasan_kmalloc+0xb7/0xc0 [ 31.118013] __kmalloc_cache_noprof+0x184/0x410 [ 31.118639] kasan_strings+0xb9/0xb60 [ 31.119724] kunit_try_run_case+0x1b3/0x490 [ 31.120303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.121035] kthread+0x257/0x310 [ 31.121486] ret_from_fork+0x41/0x80 [ 31.121806] ret_from_fork_asm+0x1a/0x30 [ 31.122389] [ 31.122612] Freed by task 266: [ 31.123124] kasan_save_stack+0x3d/0x60 [ 31.123878] kasan_save_track+0x18/0x40 [ 31.124296] kasan_save_free_info+0x3f/0x60 [ 31.124895] __kasan_slab_free+0x56/0x70 [ 31.125659] kfree+0x123/0x3f0 [ 31.126182] kasan_strings+0x13c/0xb60 [ 31.126860] kunit_try_run_case+0x1b3/0x490 [ 31.127518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.128210] kthread+0x257/0x310 [ 31.128510] ret_from_fork+0x41/0x80 [ 31.128932] ret_from_fork_asm+0x1a/0x30 [ 31.129722] [ 31.130110] The buggy address belongs to the object at ffff888102a07ec0 [ 31.130110] which belongs to the cache kmalloc-32 of size 32 [ 31.131225] The buggy address is located 16 bytes inside of [ 31.131225] freed 32-byte region [ffff888102a07ec0, ffff888102a07ee0) [ 31.132467] [ 31.132635] The buggy address belongs to the physical page: [ 31.133394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 31.134374] flags: 0x200000000000000(node=0|zone=2) [ 31.135045] page_type: f5(slab) [ 31.135350] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.135950] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.136996] page dumped because: kasan: bad access detected [ 31.137390] [ 31.137548] Memory state around the buggy address: [ 31.138398] ffff888102a07d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.139606] ffff888102a07e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.140198] >ffff888102a07e80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.141054] ^ [ 31.141706] ffff888102a07f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.142762] ffff888102a07f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.143553] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 31.030634] ================================================================== [ 31.031501] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 31.032324] Read of size 1 at addr ffff888102a07ed0 by task kunit_try_catch/266 [ 31.033542] [ 31.033890] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 31.035195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.035612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.036572] Call Trace: [ 31.037082] <TASK> [ 31.037810] dump_stack_lvl+0x73/0xb0 [ 31.038327] print_report+0xd1/0x640 [ 31.038834] ? __virt_addr_valid+0x1db/0x2d0 [ 31.039495] ? kasan_complete_mode_report_info+0x64/0x200 [ 31.040259] kasan_report+0x102/0x140 [ 31.040733] ? strlen+0x8f/0xb0 [ 31.041435] ? strlen+0x8f/0xb0 [ 31.041844] __asan_report_load1_noabort+0x18/0x20 [ 31.042425] strlen+0x8f/0xb0 [ 31.043265] kasan_strings+0x425/0xb60 [ 31.043833] ? __pfx_kasan_strings+0x10/0x10 [ 31.044242] ? __schedule+0xc70/0x27e0 [ 31.044657] ? __pfx_read_tsc+0x10/0x10 [ 31.045488] ? ktime_get_ts64+0x86/0x230 [ 31.046139] kunit_try_run_case+0x1b3/0x490 [ 31.046536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.047284] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.047867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.048488] ? __kthread_parkme+0x82/0x160 [ 31.049291] ? preempt_count_sub+0x50/0x80 [ 31.049674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.050248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.050821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.051315] kthread+0x257/0x310 [ 31.051747] ? __pfx_kthread+0x10/0x10 [ 31.052085] ret_from_fork+0x41/0x80 [ 31.052536] ? __pfx_kthread+0x10/0x10 [ 31.053418] ret_from_fork_asm+0x1a/0x30 [ 31.053917] </TASK> [ 31.054391] [ 31.054610] Allocated by task 266: [ 31.055151] kasan_save_stack+0x3d/0x60 [ 31.055477] kasan_save_track+0x18/0x40 [ 31.056115] kasan_save_alloc_info+0x3b/0x50 [ 31.056493] __kasan_kmalloc+0xb7/0xc0 [ 31.057290] __kmalloc_cache_noprof+0x184/0x410 [ 31.057742] kasan_strings+0xb9/0xb60 [ 31.058349] kunit_try_run_case+0x1b3/0x490 [ 31.058733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.059329] kthread+0x257/0x310 [ 31.059624] ret_from_fork+0x41/0x80 [ 31.060132] ret_from_fork_asm+0x1a/0x30 [ 31.060654] [ 31.060927] Freed by task 266: [ 31.061518] kasan_save_stack+0x3d/0x60 [ 31.061909] kasan_save_track+0x18/0x40 [ 31.062510] kasan_save_free_info+0x3f/0x60 [ 31.063179] __kasan_slab_free+0x56/0x70 [ 31.063601] kfree+0x123/0x3f0 [ 31.064043] kasan_strings+0x13c/0xb60 [ 31.064531] kunit_try_run_case+0x1b3/0x490 [ 31.064905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.065502] kthread+0x257/0x310 [ 31.066233] ret_from_fork+0x41/0x80 [ 31.066705] ret_from_fork_asm+0x1a/0x30 [ 31.067193] [ 31.067447] The buggy address belongs to the object at ffff888102a07ec0 [ 31.067447] which belongs to the cache kmalloc-32 of size 32 [ 31.068671] The buggy address is located 16 bytes inside of [ 31.068671] freed 32-byte region [ffff888102a07ec0, ffff888102a07ee0) [ 31.070191] [ 31.070432] The buggy address belongs to the physical page: [ 31.071034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 31.071552] flags: 0x200000000000000(node=0|zone=2) [ 31.072363] page_type: f5(slab) [ 31.072940] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.074137] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.074902] page dumped because: kasan: bad access detected [ 31.075548] [ 31.075811] Memory state around the buggy address: [ 31.076512] ffff888102a07d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.077592] ffff888102a07e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.078456] >ffff888102a07e80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.079462] ^ [ 31.080058] ffff888102a07f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.081288] ffff888102a07f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.082555] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 30.978077] ================================================================== [ 30.978710] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 30.979579] Read of size 1 at addr ffff888102a07ed0 by task kunit_try_catch/266 [ 30.980505] [ 30.980858] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.982219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.982657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.983759] Call Trace: [ 30.984420] <TASK> [ 30.984718] dump_stack_lvl+0x73/0xb0 [ 30.985250] print_report+0xd1/0x640 [ 30.985825] ? __virt_addr_valid+0x1db/0x2d0 [ 30.986444] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.987160] kasan_report+0x102/0x140 [ 30.987488] ? kasan_strings+0xa0c/0xb60 [ 30.988389] ? kasan_strings+0xa0c/0xb60 [ 30.988865] __asan_report_load1_noabort+0x18/0x20 [ 30.989361] kasan_strings+0xa0c/0xb60 [ 30.989912] ? __pfx_kasan_strings+0x10/0x10 [ 30.990669] ? __schedule+0xc70/0x27e0 [ 30.991199] ? __pfx_read_tsc+0x10/0x10 [ 30.991787] ? ktime_get_ts64+0x86/0x230 [ 30.992373] kunit_try_run_case+0x1b3/0x490 [ 30.992897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.993869] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.994576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.995088] ? __kthread_parkme+0x82/0x160 [ 30.995544] ? preempt_count_sub+0x50/0x80 [ 30.996005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.996750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.997497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.998013] kthread+0x257/0x310 [ 30.998442] ? __pfx_kthread+0x10/0x10 [ 30.999295] ret_from_fork+0x41/0x80 [ 30.999653] ? __pfx_kthread+0x10/0x10 [ 31.000058] ret_from_fork_asm+0x1a/0x30 [ 31.000448] </TASK> [ 31.001126] [ 31.001365] Allocated by task 266: [ 31.001608] kasan_save_stack+0x3d/0x60 [ 31.002325] kasan_save_track+0x18/0x40 [ 31.002909] kasan_save_alloc_info+0x3b/0x50 [ 31.003627] __kasan_kmalloc+0xb7/0xc0 [ 31.004455] __kmalloc_cache_noprof+0x184/0x410 [ 31.005165] kasan_strings+0xb9/0xb60 [ 31.005541] kunit_try_run_case+0x1b3/0x490 [ 31.006145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.006645] kthread+0x257/0x310 [ 31.007232] ret_from_fork+0x41/0x80 [ 31.007674] ret_from_fork_asm+0x1a/0x30 [ 31.008415] [ 31.008695] Freed by task 266: [ 31.009129] kasan_save_stack+0x3d/0x60 [ 31.009432] kasan_save_track+0x18/0x40 [ 31.010184] kasan_save_free_info+0x3f/0x60 [ 31.010821] __kasan_slab_free+0x56/0x70 [ 31.011393] kfree+0x123/0x3f0 [ 31.011843] kasan_strings+0x13c/0xb60 [ 31.012209] kunit_try_run_case+0x1b3/0x490 [ 31.013247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.013750] kthread+0x257/0x310 [ 31.014385] ret_from_fork+0x41/0x80 [ 31.014650] ret_from_fork_asm+0x1a/0x30 [ 31.015399] [ 31.015642] The buggy address belongs to the object at ffff888102a07ec0 [ 31.015642] which belongs to the cache kmalloc-32 of size 32 [ 31.017434] The buggy address is located 16 bytes inside of [ 31.017434] freed 32-byte region [ffff888102a07ec0, ffff888102a07ee0) [ 31.018544] [ 31.018898] The buggy address belongs to the physical page: [ 31.019639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 31.020629] flags: 0x200000000000000(node=0|zone=2) [ 31.021297] page_type: f5(slab) [ 31.021660] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 31.022519] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.023482] page dumped because: kasan: bad access detected [ 31.023936] [ 31.024200] Memory state around the buggy address: [ 31.024643] ffff888102a07d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.025247] ffff888102a07e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.026310] >ffff888102a07e80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.027218] ^ [ 31.027816] ffff888102a07f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.028643] ffff888102a07f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.029368] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 30.919259] ================================================================== [ 30.921350] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 30.921957] Read of size 1 at addr ffff888102a07ed0 by task kunit_try_catch/266 [ 30.922673] [ 30.923037] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.924877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.925381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.926465] Call Trace: [ 30.926939] <TASK> [ 30.927287] dump_stack_lvl+0x73/0xb0 [ 30.927744] print_report+0xd1/0x640 [ 30.928520] ? __virt_addr_valid+0x1db/0x2d0 [ 30.928922] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.929893] kasan_report+0x102/0x140 [ 30.930172] ? strcmp+0xb0/0xc0 [ 30.930776] ? strcmp+0xb0/0xc0 [ 30.931474] __asan_report_load1_noabort+0x18/0x20 [ 30.932428] strcmp+0xb0/0xc0 [ 30.933100] kasan_strings+0x2d3/0xb60 [ 30.933573] ? __pfx_kasan_strings+0x10/0x10 [ 30.934653] ? __schedule+0xc70/0x27e0 [ 30.935300] ? __pfx_read_tsc+0x10/0x10 [ 30.935673] ? ktime_get_ts64+0x86/0x230 [ 30.935979] kunit_try_run_case+0x1b3/0x490 [ 30.936978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.937750] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.938603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.939289] ? __kthread_parkme+0x82/0x160 [ 30.939767] ? preempt_count_sub+0x50/0x80 [ 30.940187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.940664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.941309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.942433] kthread+0x257/0x310 [ 30.943339] ? __pfx_kthread+0x10/0x10 [ 30.943966] ret_from_fork+0x41/0x80 [ 30.944757] ? __pfx_kthread+0x10/0x10 [ 30.945515] ret_from_fork_asm+0x1a/0x30 [ 30.946430] </TASK> [ 30.946633] [ 30.947092] Allocated by task 266: [ 30.947518] kasan_save_stack+0x3d/0x60 [ 30.948083] kasan_save_track+0x18/0x40 [ 30.948644] kasan_save_alloc_info+0x3b/0x50 [ 30.949744] __kasan_kmalloc+0xb7/0xc0 [ 30.950392] __kmalloc_cache_noprof+0x184/0x410 [ 30.950621] kasan_strings+0xb9/0xb60 [ 30.950898] kunit_try_run_case+0x1b3/0x490 [ 30.951601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.952225] kthread+0x257/0x310 [ 30.952907] ret_from_fork+0x41/0x80 [ 30.953659] ret_from_fork_asm+0x1a/0x30 [ 30.954076] [ 30.954315] Freed by task 266: [ 30.954959] kasan_save_stack+0x3d/0x60 [ 30.955549] kasan_save_track+0x18/0x40 [ 30.955886] kasan_save_free_info+0x3f/0x60 [ 30.956714] __kasan_slab_free+0x56/0x70 [ 30.957435] kfree+0x123/0x3f0 [ 30.957921] kasan_strings+0x13c/0xb60 [ 30.958560] kunit_try_run_case+0x1b3/0x490 [ 30.959215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.959702] kthread+0x257/0x310 [ 30.960483] ret_from_fork+0x41/0x80 [ 30.961152] ret_from_fork_asm+0x1a/0x30 [ 30.961638] [ 30.961881] The buggy address belongs to the object at ffff888102a07ec0 [ 30.961881] which belongs to the cache kmalloc-32 of size 32 [ 30.962906] The buggy address is located 16 bytes inside of [ 30.962906] freed 32-byte region [ffff888102a07ec0, ffff888102a07ee0) [ 30.964259] [ 30.964577] The buggy address belongs to the physical page: [ 30.965301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a07 [ 30.966176] flags: 0x200000000000000(node=0|zone=2) [ 30.966610] page_type: f5(slab) [ 30.967286] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 30.968278] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 30.969189] page dumped because: kasan: bad access detected [ 30.969799] [ 30.970109] Memory state around the buggy address: [ 30.970672] ffff888102a07d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 30.971484] ffff888102a07e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 30.972507] >ffff888102a07e80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 30.973523] ^ [ 30.974316] ffff888102a07f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 30.975144] ffff888102a07f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 30.975944] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 30.856471] ================================================================== [ 30.857870] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 30.858725] Read of size 1 at addr ffff888101ac6158 by task kunit_try_catch/264 [ 30.859965] [ 30.860470] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.861421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.861970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.863342] Call Trace: [ 30.863586] <TASK> [ 30.863980] dump_stack_lvl+0x73/0xb0 [ 30.865188] print_report+0xd1/0x640 [ 30.865543] ? __virt_addr_valid+0x1db/0x2d0 [ 30.866348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.867491] kasan_report+0x102/0x140 [ 30.868202] ? memcmp+0x1b4/0x1d0 [ 30.868555] ? memcmp+0x1b4/0x1d0 [ 30.869478] __asan_report_load1_noabort+0x18/0x20 [ 30.870290] memcmp+0x1b4/0x1d0 [ 30.870614] kasan_memcmp+0x190/0x390 [ 30.871105] ? trace_hardirqs_on+0x37/0xe0 [ 30.871872] ? __pfx_kasan_memcmp+0x10/0x10 [ 30.872646] ? finish_task_switch.isra.0+0x153/0x700 [ 30.873662] ? __switch_to+0x5d9/0xf60 [ 30.874221] ? __pfx_read_tsc+0x10/0x10 [ 30.874629] ? ktime_get_ts64+0x86/0x230 [ 30.876087] kunit_try_run_case+0x1b3/0x490 [ 30.876448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.876866] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.877355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.878037] ? __kthread_parkme+0x82/0x160 [ 30.878713] ? preempt_count_sub+0x50/0x80 [ 30.879409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.879757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.880618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.881780] kthread+0x257/0x310 [ 30.882630] ? __pfx_kthread+0x10/0x10 [ 30.882906] ret_from_fork+0x41/0x80 [ 30.883727] ? __pfx_kthread+0x10/0x10 [ 30.884499] ret_from_fork_asm+0x1a/0x30 [ 30.885370] </TASK> [ 30.885881] [ 30.886040] Allocated by task 264: [ 30.886543] kasan_save_stack+0x3d/0x60 [ 30.887503] kasan_save_track+0x18/0x40 [ 30.887835] kasan_save_alloc_info+0x3b/0x50 [ 30.888609] __kasan_kmalloc+0xb7/0xc0 [ 30.889258] __kmalloc_cache_noprof+0x184/0x410 [ 30.889791] kasan_memcmp+0xb8/0x390 [ 30.890545] kunit_try_run_case+0x1b3/0x490 [ 30.891282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.892097] kthread+0x257/0x310 [ 30.892461] ret_from_fork+0x41/0x80 [ 30.893461] ret_from_fork_asm+0x1a/0x30 [ 30.894270] [ 30.894442] The buggy address belongs to the object at ffff888101ac6140 [ 30.894442] which belongs to the cache kmalloc-32 of size 32 [ 30.895549] The buggy address is located 0 bytes to the right of [ 30.895549] allocated 24-byte region [ffff888101ac6140, ffff888101ac6158) [ 30.897219] [ 30.897455] The buggy address belongs to the physical page: [ 30.898314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac6 [ 30.899295] flags: 0x200000000000000(node=0|zone=2) [ 30.899753] page_type: f5(slab) [ 30.900205] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 30.900858] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 30.901902] page dumped because: kasan: bad access detected [ 30.902505] [ 30.902913] Memory state around the buggy address: [ 30.903485] ffff888101ac6000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 30.904580] ffff888101ac6080: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 30.905134] >ffff888101ac6100: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 30.905926] ^ [ 30.906732] ffff888101ac6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.907717] ffff888101ac6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.908724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 30.796249] ================================================================== [ 30.797324] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 30.798747] Read of size 1 at addr ffff888102da7caa by task kunit_try_catch/260 [ 30.800474] [ 30.800702] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.802838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.803429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.804640] Call Trace: [ 30.805174] <TASK> [ 30.805699] dump_stack_lvl+0x73/0xb0 [ 30.806118] print_report+0xd1/0x640 [ 30.807009] ? __virt_addr_valid+0x1db/0x2d0 [ 30.807778] ? kasan_addr_to_slab+0x11/0xa0 [ 30.808480] kasan_report+0x102/0x140 [ 30.809232] ? kasan_alloca_oob_right+0x328/0x390 [ 30.809727] ? kasan_alloca_oob_right+0x328/0x390 [ 30.810269] __asan_report_load1_noabort+0x18/0x20 [ 30.811301] kasan_alloca_oob_right+0x328/0x390 [ 30.811781] ? uclamp_rq_dec_id+0x3c0/0x460 [ 30.812988] ? __schedule+0xc70/0x27e0 [ 30.813499] ? trace_hardirqs_on+0x37/0xe0 [ 30.813943] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 30.815397] ? __schedule+0xc70/0x27e0 [ 30.815792] ? __pfx_read_tsc+0x10/0x10 [ 30.816825] ? ktime_get_ts64+0x86/0x230 [ 30.817243] kunit_try_run_case+0x1b3/0x490 [ 30.817703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.818881] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.819340] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.819795] ? __kthread_parkme+0x82/0x160 [ 30.820210] ? preempt_count_sub+0x50/0x80 [ 30.820585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.821644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.822409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.823408] kthread+0x257/0x310 [ 30.824501] ? __pfx_kthread+0x10/0x10 [ 30.825169] ret_from_fork+0x41/0x80 [ 30.826068] ? __pfx_kthread+0x10/0x10 [ 30.826581] ret_from_fork_asm+0x1a/0x30 [ 30.827346] </TASK> [ 30.827895] [ 30.828197] The buggy address belongs to stack of task kunit_try_catch/260 [ 30.829277] [ 30.829446] The buggy address belongs to the physical page: [ 30.830519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102da7 [ 30.831365] flags: 0x200000000000000(node=0|zone=2) [ 30.832548] raw: 0200000000000000 ffffea00040b69c8 ffffea00040b69c8 0000000000000000 [ 30.833638] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 30.834527] page dumped because: kasan: bad access detected [ 30.835427] [ 30.835927] Memory state around the buggy address: [ 30.836743] ffff888102da7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.837780] ffff888102da7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.838994] >ffff888102da7c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 30.839504] ^ [ 30.840326] ffff888102da7d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 30.841346] ffff888102da7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 30.842323] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 27.722924] ================================================================== [ 27.723867] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 27.725007] Write of size 16 at addr ffff888101a5bbc0 by task kunit_try_catch/173 [ 27.725438] [ 27.726030] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.727872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.728617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.729704] Call Trace: [ 27.730057] <TASK> [ 27.730323] dump_stack_lvl+0x73/0xb0 [ 27.730734] print_report+0xd1/0x640 [ 27.731124] ? __virt_addr_valid+0x1db/0x2d0 [ 27.731555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.732586] kasan_report+0x102/0x140 [ 27.733195] ? kmalloc_oob_16+0x454/0x4a0 [ 27.733506] ? kmalloc_oob_16+0x454/0x4a0 [ 27.734328] __asan_report_store16_noabort+0x1b/0x30 [ 27.735239] kmalloc_oob_16+0x454/0x4a0 [ 27.735910] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 27.736886] ? __schedule+0xc70/0x27e0 [ 27.737564] ? __pfx_read_tsc+0x10/0x10 [ 27.738118] ? ktime_get_ts64+0x86/0x230 [ 27.739042] kunit_try_run_case+0x1b3/0x490 [ 27.739614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.740285] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.740544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.740870] ? __kthread_parkme+0x82/0x160 [ 27.741885] ? preempt_count_sub+0x50/0x80 [ 27.742220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.742813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.743570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.744948] kthread+0x257/0x310 [ 27.745371] ? __pfx_kthread+0x10/0x10 [ 27.746174] ret_from_fork+0x41/0x80 [ 27.746574] ? __pfx_kthread+0x10/0x10 [ 27.747378] ret_from_fork_asm+0x1a/0x30 [ 27.747711] </TASK> [ 27.748415] [ 27.748619] Allocated by task 173: [ 27.749024] kasan_save_stack+0x3d/0x60 [ 27.749676] kasan_save_track+0x18/0x40 [ 27.750339] kasan_save_alloc_info+0x3b/0x50 [ 27.751033] __kasan_kmalloc+0xb7/0xc0 [ 27.751607] __kmalloc_cache_noprof+0x184/0x410 [ 27.752410] kmalloc_oob_16+0xa9/0x4a0 [ 27.752701] kunit_try_run_case+0x1b3/0x490 [ 27.753547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.754098] kthread+0x257/0x310 [ 27.754453] ret_from_fork+0x41/0x80 [ 27.755491] ret_from_fork_asm+0x1a/0x30 [ 27.756591] [ 27.756789] The buggy address belongs to the object at ffff888101a5bbc0 [ 27.756789] which belongs to the cache kmalloc-16 of size 16 [ 27.758259] The buggy address is located 0 bytes inside of [ 27.758259] allocated 13-byte region [ffff888101a5bbc0, ffff888101a5bbcd) [ 27.760001] [ 27.760382] The buggy address belongs to the physical page: [ 27.760747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a5b [ 27.761907] flags: 0x200000000000000(node=0|zone=2) [ 27.762712] page_type: f5(slab) [ 27.763040] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.763862] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.764673] page dumped because: kasan: bad access detected [ 27.765080] [ 27.765435] Memory state around the buggy address: [ 27.765786] ffff888101a5ba80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.766623] ffff888101a5bb00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 27.767742] >ffff888101a5bb80: 00 05 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 27.768822] ^ [ 27.769420] ffff888101a5bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.770508] ffff888101a5bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.771128] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 27.658312] ================================================================== [ 27.659953] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 27.660668] Read of size 1 at addr ffff8881009ab200 by task kunit_try_catch/171 [ 27.661826] [ 27.662043] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.663458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.664273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.665239] Call Trace: [ 27.665649] <TASK> [ 27.666133] dump_stack_lvl+0x73/0xb0 [ 27.666789] print_report+0xd1/0x640 [ 27.667233] ? __virt_addr_valid+0x1db/0x2d0 [ 27.668026] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.668542] kasan_report+0x102/0x140 [ 27.669196] ? krealloc_uaf+0x53e/0x5e0 [ 27.669622] ? krealloc_uaf+0x53e/0x5e0 [ 27.670315] __asan_report_load1_noabort+0x18/0x20 [ 27.671133] krealloc_uaf+0x53e/0x5e0 [ 27.671500] ? __pfx_krealloc_uaf+0x10/0x10 [ 27.672037] ? finish_task_switch.isra.0+0x153/0x700 [ 27.672869] ? __switch_to+0x5d9/0xf60 [ 27.673462] ? __schedule+0xc70/0x27e0 [ 27.673876] ? __pfx_read_tsc+0x10/0x10 [ 27.674592] ? ktime_get_ts64+0x86/0x230 [ 27.675729] kunit_try_run_case+0x1b3/0x490 [ 27.676330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.676759] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.677557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.678252] ? __kthread_parkme+0x82/0x160 [ 27.678726] ? preempt_count_sub+0x50/0x80 [ 27.679799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.680252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.680869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.681564] kthread+0x257/0x310 [ 27.682018] ? __pfx_kthread+0x10/0x10 [ 27.682583] ret_from_fork+0x41/0x80 [ 27.682938] ? __pfx_kthread+0x10/0x10 [ 27.683482] ret_from_fork_asm+0x1a/0x30 [ 27.684199] </TASK> [ 27.684585] [ 27.684976] Allocated by task 171: [ 27.685329] kasan_save_stack+0x3d/0x60 [ 27.685952] kasan_save_track+0x18/0x40 [ 27.686269] kasan_save_alloc_info+0x3b/0x50 [ 27.686763] __kasan_kmalloc+0xb7/0xc0 [ 27.687254] __kmalloc_cache_noprof+0x184/0x410 [ 27.687670] krealloc_uaf+0xbc/0x5e0 [ 27.688330] kunit_try_run_case+0x1b3/0x490 [ 27.688882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.689565] kthread+0x257/0x310 [ 27.690202] ret_from_fork+0x41/0x80 [ 27.690706] ret_from_fork_asm+0x1a/0x30 [ 27.691248] [ 27.691534] Freed by task 171: [ 27.691981] kasan_save_stack+0x3d/0x60 [ 27.692725] kasan_save_track+0x18/0x40 [ 27.693185] kasan_save_free_info+0x3f/0x60 [ 27.693913] __kasan_slab_free+0x56/0x70 [ 27.694468] kfree+0x123/0x3f0 [ 27.694840] krealloc_uaf+0x13e/0x5e0 [ 27.695311] kunit_try_run_case+0x1b3/0x490 [ 27.695875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.696475] kthread+0x257/0x310 [ 27.696958] ret_from_fork+0x41/0x80 [ 27.697574] ret_from_fork_asm+0x1a/0x30 [ 27.698106] [ 27.698505] The buggy address belongs to the object at ffff8881009ab200 [ 27.698505] which belongs to the cache kmalloc-256 of size 256 [ 27.699643] The buggy address is located 0 bytes inside of [ 27.699643] freed 256-byte region [ffff8881009ab200, ffff8881009ab300) [ 27.701106] [ 27.701278] The buggy address belongs to the physical page: [ 27.702384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 27.703149] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.704111] flags: 0x200000000000040(head|node=0|zone=2) [ 27.704745] page_type: f5(slab) [ 27.705131] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.705979] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.706739] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.707663] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.708475] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 27.709643] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.710469] page dumped because: kasan: bad access detected [ 27.711236] [ 27.711424] Memory state around the buggy address: [ 27.712151] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.712875] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.713510] >ffff8881009ab200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.715174] ^ [ 27.715783] ffff8881009ab280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.716078] ffff8881009ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.716346] ================================================================== [ 27.599361] ================================================================== [ 27.600747] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 27.601915] Read of size 1 at addr ffff8881009ab200 by task kunit_try_catch/171 [ 27.603187] [ 27.603557] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.604245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.604429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.604820] Call Trace: [ 27.605034] <TASK> [ 27.605278] dump_stack_lvl+0x73/0xb0 [ 27.605816] print_report+0xd1/0x640 [ 27.606442] ? __virt_addr_valid+0x1db/0x2d0 [ 27.606982] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.607550] kasan_report+0x102/0x140 [ 27.608225] ? krealloc_uaf+0x1b9/0x5e0 [ 27.608990] ? krealloc_uaf+0x1b9/0x5e0 [ 27.609563] ? krealloc_uaf+0x1b9/0x5e0 [ 27.610284] __kasan_check_byte+0x3d/0x50 [ 27.611198] krealloc_noprof+0x3f/0x340 [ 27.611547] krealloc_uaf+0x1b9/0x5e0 [ 27.612252] ? __pfx_krealloc_uaf+0x10/0x10 [ 27.612593] ? finish_task_switch.isra.0+0x153/0x700 [ 27.613495] ? __switch_to+0x5d9/0xf60 [ 27.614293] ? __schedule+0xc70/0x27e0 [ 27.615122] ? __pfx_read_tsc+0x10/0x10 [ 27.615527] ? ktime_get_ts64+0x86/0x230 [ 27.616278] kunit_try_run_case+0x1b3/0x490 [ 27.616961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.617590] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.618339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.619202] ? __kthread_parkme+0x82/0x160 [ 27.620170] ? preempt_count_sub+0x50/0x80 [ 27.620592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.621303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.622412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.622905] kthread+0x257/0x310 [ 27.623335] ? __pfx_kthread+0x10/0x10 [ 27.623780] ret_from_fork+0x41/0x80 [ 27.624934] ? __pfx_kthread+0x10/0x10 [ 27.625451] ret_from_fork_asm+0x1a/0x30 [ 27.625958] </TASK> [ 27.626631] [ 27.626814] Allocated by task 171: [ 27.627453] kasan_save_stack+0x3d/0x60 [ 27.628466] kasan_save_track+0x18/0x40 [ 27.628881] kasan_save_alloc_info+0x3b/0x50 [ 27.629422] __kasan_kmalloc+0xb7/0xc0 [ 27.630140] __kmalloc_cache_noprof+0x184/0x410 [ 27.630995] krealloc_uaf+0xbc/0x5e0 [ 27.631674] kunit_try_run_case+0x1b3/0x490 [ 27.632303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.633184] kthread+0x257/0x310 [ 27.633676] ret_from_fork+0x41/0x80 [ 27.634274] ret_from_fork_asm+0x1a/0x30 [ 27.635008] [ 27.635144] Freed by task 171: [ 27.635320] kasan_save_stack+0x3d/0x60 [ 27.635504] kasan_save_track+0x18/0x40 [ 27.635715] kasan_save_free_info+0x3f/0x60 [ 27.636013] __kasan_slab_free+0x56/0x70 [ 27.636407] kfree+0x123/0x3f0 [ 27.636949] krealloc_uaf+0x13e/0x5e0 [ 27.637412] kunit_try_run_case+0x1b3/0x490 [ 27.637738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.638580] kthread+0x257/0x310 [ 27.639318] ret_from_fork+0x41/0x80 [ 27.639596] ret_from_fork_asm+0x1a/0x30 [ 27.639940] [ 27.640226] The buggy address belongs to the object at ffff8881009ab200 [ 27.640226] which belongs to the cache kmalloc-256 of size 256 [ 27.642075] The buggy address is located 0 bytes inside of [ 27.642075] freed 256-byte region [ffff8881009ab200, ffff8881009ab300) [ 27.642780] [ 27.642976] The buggy address belongs to the physical page: [ 27.643798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 27.644728] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.645472] flags: 0x200000000000040(head|node=0|zone=2) [ 27.645851] page_type: f5(slab) [ 27.646461] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.647509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.648364] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.649156] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.649968] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 27.650531] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.651108] page dumped because: kasan: bad access detected [ 27.651671] [ 27.652115] Memory state around the buggy address: [ 27.652512] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.653406] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.654190] >ffff8881009ab200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.655070] ^ [ 27.655576] ffff8881009ab280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.656305] ffff8881009ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.657077] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 27.124896] ================================================================== [ 27.126159] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 27.127570] Write of size 1 at addr ffff8881009ab0ea by task kunit_try_catch/165 [ 27.129550] [ 27.130074] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.131413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.132658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.134073] Call Trace: [ 27.134400] <TASK> [ 27.134872] dump_stack_lvl+0x73/0xb0 [ 27.135829] print_report+0xd1/0x640 [ 27.136310] ? __virt_addr_valid+0x1db/0x2d0 [ 27.137349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.137919] kasan_report+0x102/0x140 [ 27.139018] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.139483] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.140781] __asan_report_store1_noabort+0x1b/0x30 [ 27.141405] krealloc_less_oob_helper+0xe92/0x11d0 [ 27.142004] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.142665] ? finish_task_switch.isra.0+0x153/0x700 [ 27.144059] ? __switch_to+0x5d9/0xf60 [ 27.144617] ? __schedule+0xc70/0x27e0 [ 27.145480] ? __pfx_read_tsc+0x10/0x10 [ 27.146497] krealloc_less_oob+0x1c/0x30 [ 27.147879] kunit_try_run_case+0x1b3/0x490 [ 27.148904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.150331] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.151405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.152621] ? __kthread_parkme+0x82/0x160 [ 27.154312] ? preempt_count_sub+0x50/0x80 [ 27.155172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.155724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.157263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.157956] kthread+0x257/0x310 [ 27.158395] ? __pfx_kthread+0x10/0x10 [ 27.159141] ret_from_fork+0x41/0x80 [ 27.159450] ? __pfx_kthread+0x10/0x10 [ 27.160353] ret_from_fork_asm+0x1a/0x30 [ 27.160910] </TASK> [ 27.161355] [ 27.161557] Allocated by task 165: [ 27.162589] kasan_save_stack+0x3d/0x60 [ 27.163343] kasan_save_track+0x18/0x40 [ 27.164362] kasan_save_alloc_info+0x3b/0x50 [ 27.165416] __kasan_krealloc+0x190/0x1f0 [ 27.166481] krealloc_noprof+0xf3/0x340 [ 27.167207] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.167588] krealloc_less_oob+0x1c/0x30 [ 27.167971] kunit_try_run_case+0x1b3/0x490 [ 27.168350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.169031] kthread+0x257/0x310 [ 27.170446] ret_from_fork+0x41/0x80 [ 27.171381] ret_from_fork_asm+0x1a/0x30 [ 27.172395] [ 27.172796] The buggy address belongs to the object at ffff8881009ab000 [ 27.172796] which belongs to the cache kmalloc-256 of size 256 [ 27.174619] The buggy address is located 33 bytes to the right of [ 27.174619] allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9) [ 27.177509] [ 27.177790] The buggy address belongs to the physical page: [ 27.178406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 27.180251] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.181756] flags: 0x200000000000040(head|node=0|zone=2) [ 27.182660] page_type: f5(slab) [ 27.183465] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.184721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.186320] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.188161] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.190045] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 27.191456] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.192584] page dumped because: kasan: bad access detected [ 27.194553] [ 27.195757] Memory state around the buggy address: [ 27.196122] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.197493] ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.198502] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.199119] ^ [ 27.200294] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.202133] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.203342] ================================================================== [ 27.205071] ================================================================== [ 27.205888] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 27.206473] Write of size 1 at addr ffff8881009ab0eb by task kunit_try_catch/165 [ 27.207440] [ 27.207626] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.209413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.209996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.210640] Call Trace: [ 27.211126] <TASK> [ 27.211658] dump_stack_lvl+0x73/0xb0 [ 27.212461] print_report+0xd1/0x640 [ 27.212770] ? __virt_addr_valid+0x1db/0x2d0 [ 27.213830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.214805] kasan_report+0x102/0x140 [ 27.215093] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.215959] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.216651] __asan_report_store1_noabort+0x1b/0x30 [ 27.217722] krealloc_less_oob_helper+0xd49/0x11d0 [ 27.218963] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.219975] ? finish_task_switch.isra.0+0x153/0x700 [ 27.220767] ? __switch_to+0x5d9/0xf60 [ 27.221595] ? __schedule+0xc70/0x27e0 [ 27.222070] ? __pfx_read_tsc+0x10/0x10 [ 27.222499] krealloc_less_oob+0x1c/0x30 [ 27.223379] kunit_try_run_case+0x1b3/0x490 [ 27.223817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.224434] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.225425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.226206] ? __kthread_parkme+0x82/0x160 [ 27.226936] ? preempt_count_sub+0x50/0x80 [ 27.227559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.228603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.229264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.230015] kthread+0x257/0x310 [ 27.230667] ? __pfx_kthread+0x10/0x10 [ 27.231541] ret_from_fork+0x41/0x80 [ 27.232204] ? __pfx_kthread+0x10/0x10 [ 27.232853] ret_from_fork_asm+0x1a/0x30 [ 27.233344] </TASK> [ 27.233584] [ 27.233806] Allocated by task 165: [ 27.234156] kasan_save_stack+0x3d/0x60 [ 27.234540] kasan_save_track+0x18/0x40 [ 27.235583] kasan_save_alloc_info+0x3b/0x50 [ 27.236537] __kasan_krealloc+0x190/0x1f0 [ 27.237638] krealloc_noprof+0xf3/0x340 [ 27.238223] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.238484] krealloc_less_oob+0x1c/0x30 [ 27.238672] kunit_try_run_case+0x1b3/0x490 [ 27.239192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.240220] kthread+0x257/0x310 [ 27.240976] ret_from_fork+0x41/0x80 [ 27.241443] ret_from_fork_asm+0x1a/0x30 [ 27.242162] [ 27.242500] The buggy address belongs to the object at ffff8881009ab000 [ 27.242500] which belongs to the cache kmalloc-256 of size 256 [ 27.244439] The buggy address is located 34 bytes to the right of [ 27.244439] allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9) [ 27.245779] [ 27.246284] The buggy address belongs to the physical page: [ 27.246821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 27.247552] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.248856] flags: 0x200000000000040(head|node=0|zone=2) [ 27.249457] page_type: f5(slab) [ 27.250503] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.251542] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.252319] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.252979] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.253863] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 27.254560] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.255622] page dumped because: kasan: bad access detected [ 27.256397] [ 27.256546] Memory state around the buggy address: [ 27.257081] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.258120] ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.259222] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.260142] ^ [ 27.261416] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.262502] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.263408] ================================================================== [ 27.365533] ================================================================== [ 27.366852] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 27.367562] Write of size 1 at addr ffff8881027aa0c9 by task kunit_try_catch/169 [ 27.368417] [ 27.368866] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.370748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.371573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.372325] Call Trace: [ 27.372628] <TASK> [ 27.373435] dump_stack_lvl+0x73/0xb0 [ 27.373991] print_report+0xd1/0x640 [ 27.374920] ? __virt_addr_valid+0x1db/0x2d0 [ 27.375560] ? kasan_addr_to_slab+0x11/0xa0 [ 27.376607] kasan_report+0x102/0x140 [ 27.377155] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 27.378277] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 27.378721] __asan_report_store1_noabort+0x1b/0x30 [ 27.379549] krealloc_less_oob_helper+0xd72/0x11d0 [ 27.380397] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.380751] ? finish_task_switch.isra.0+0x153/0x700 [ 27.382121] ? __switch_to+0x5d9/0xf60 [ 27.382479] ? __schedule+0xc70/0x27e0 [ 27.382917] ? __pfx_read_tsc+0x10/0x10 [ 27.383846] krealloc_large_less_oob+0x1c/0x30 [ 27.385162] kunit_try_run_case+0x1b3/0x490 [ 27.385620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.386702] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.386983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.388067] ? __kthread_parkme+0x82/0x160 [ 27.388556] ? preempt_count_sub+0x50/0x80 [ 27.389398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.390331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.391132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.392101] kthread+0x257/0x310 [ 27.392992] ? __pfx_kthread+0x10/0x10 [ 27.393412] ret_from_fork+0x41/0x80 [ 27.394053] ? __pfx_kthread+0x10/0x10 [ 27.394598] ret_from_fork_asm+0x1a/0x30 [ 27.395120] </TASK> [ 27.395447] [ 27.395672] The buggy address belongs to the physical page: [ 27.396390] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 27.397729] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.398512] flags: 0x200000000000040(head|node=0|zone=2) [ 27.399738] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.400515] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.401341] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.402610] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.403408] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 27.404541] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.405495] page dumped because: kasan: bad access detected [ 27.406477] [ 27.406937] Memory state around the buggy address: [ 27.407450] ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.408643] ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.409606] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.410454] ^ [ 27.411487] ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.412319] ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.413125] ================================================================== [ 27.461318] ================================================================== [ 27.461930] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 27.463885] Write of size 1 at addr ffff8881027aa0da by task kunit_try_catch/169 [ 27.464611] [ 27.465361] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.467343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.467749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.468641] Call Trace: [ 27.469239] <TASK> [ 27.469545] dump_stack_lvl+0x73/0xb0 [ 27.470195] print_report+0xd1/0x640 [ 27.470567] ? __virt_addr_valid+0x1db/0x2d0 [ 27.471197] ? kasan_addr_to_slab+0x11/0xa0 [ 27.471542] kasan_report+0x102/0x140 [ 27.472322] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.472986] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.473721] __asan_report_store1_noabort+0x1b/0x30 [ 27.474243] krealloc_less_oob_helper+0xec8/0x11d0 [ 27.474748] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.475499] ? finish_task_switch.isra.0+0x153/0x700 [ 27.476174] ? __switch_to+0x5d9/0xf60 [ 27.476772] ? __schedule+0xc70/0x27e0 [ 27.477407] ? __pfx_read_tsc+0x10/0x10 [ 27.478143] krealloc_large_less_oob+0x1c/0x30 [ 27.479300] kunit_try_run_case+0x1b3/0x490 [ 27.479961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.480631] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.481511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.482316] ? __kthread_parkme+0x82/0x160 [ 27.483294] ? preempt_count_sub+0x50/0x80 [ 27.483716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.484440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.485493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.486216] kthread+0x257/0x310 [ 27.486919] ? __pfx_kthread+0x10/0x10 [ 27.487502] ret_from_fork+0x41/0x80 [ 27.487801] ? __pfx_kthread+0x10/0x10 [ 27.488354] ret_from_fork_asm+0x1a/0x30 [ 27.489254] </TASK> [ 27.489627] [ 27.490086] The buggy address belongs to the physical page: [ 27.490601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 27.491400] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.492303] flags: 0x200000000000040(head|node=0|zone=2) [ 27.493025] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.493854] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.494712] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.495645] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.496737] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 27.497740] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.498434] page dumped because: kasan: bad access detected [ 27.499226] [ 27.499468] Memory state around the buggy address: [ 27.500342] ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.501128] ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.502049] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.503264] ^ [ 27.503888] ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.504510] ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.505283] ================================================================== [ 27.006390] ================================================================== [ 27.007645] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 27.008868] Write of size 1 at addr ffff8881009ab0d0 by task kunit_try_catch/165 [ 27.010260] [ 27.010511] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.011944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.012712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.014018] Call Trace: [ 27.014335] <TASK> [ 27.014610] dump_stack_lvl+0x73/0xb0 [ 27.015028] print_report+0xd1/0x640 [ 27.015400] ? __virt_addr_valid+0x1db/0x2d0 [ 27.016439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.017048] kasan_report+0x102/0x140 [ 27.017419] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.017981] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.018540] __asan_report_store1_noabort+0x1b/0x30 [ 27.020198] krealloc_less_oob_helper+0xe25/0x11d0 [ 27.020802] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.021655] ? finish_task_switch.isra.0+0x153/0x700 [ 27.022159] ? __switch_to+0x5d9/0xf60 [ 27.022519] ? __schedule+0xc70/0x27e0 [ 27.022926] ? __pfx_read_tsc+0x10/0x10 [ 27.023302] krealloc_less_oob+0x1c/0x30 [ 27.024645] kunit_try_run_case+0x1b3/0x490 [ 27.025287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.025955] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.026798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.027631] ? __kthread_parkme+0x82/0x160 [ 27.028727] ? preempt_count_sub+0x50/0x80 [ 27.029142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.029543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.030924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.031703] kthread+0x257/0x310 [ 27.032226] ? __pfx_kthread+0x10/0x10 [ 27.032810] ret_from_fork+0x41/0x80 [ 27.033720] ? __pfx_kthread+0x10/0x10 [ 27.034410] ret_from_fork_asm+0x1a/0x30 [ 27.035194] </TASK> [ 27.035779] [ 27.036279] Allocated by task 165: [ 27.036468] kasan_save_stack+0x3d/0x60 [ 27.036656] kasan_save_track+0x18/0x40 [ 27.037300] kasan_save_alloc_info+0x3b/0x50 [ 27.038067] __kasan_krealloc+0x190/0x1f0 [ 27.038843] krealloc_noprof+0xf3/0x340 [ 27.039733] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.040560] krealloc_less_oob+0x1c/0x30 [ 27.041253] kunit_try_run_case+0x1b3/0x490 [ 27.041719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.042261] kthread+0x257/0x310 [ 27.042821] ret_from_fork+0x41/0x80 [ 27.043138] ret_from_fork_asm+0x1a/0x30 [ 27.043821] [ 27.044235] The buggy address belongs to the object at ffff8881009ab000 [ 27.044235] which belongs to the cache kmalloc-256 of size 256 [ 27.045342] The buggy address is located 7 bytes to the right of [ 27.045342] allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9) [ 27.047154] [ 27.047467] The buggy address belongs to the physical page: [ 27.048179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 27.048922] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.049730] flags: 0x200000000000040(head|node=0|zone=2) [ 27.050232] page_type: f5(slab) [ 27.050751] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.051484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.052724] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.053507] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.054561] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 27.055471] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.056230] page dumped because: kasan: bad access detected [ 27.057157] [ 27.057431] Memory state around the buggy address: [ 27.057849] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.058656] ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.059404] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.060485] ^ [ 27.060967] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.062069] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.062702] ================================================================== [ 27.506103] ================================================================== [ 27.507150] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 27.508357] Write of size 1 at addr ffff8881027aa0ea by task kunit_try_catch/169 [ 27.509095] [ 27.509400] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.510329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.510960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.511857] Call Trace: [ 27.512459] <TASK> [ 27.512752] dump_stack_lvl+0x73/0xb0 [ 27.513513] print_report+0xd1/0x640 [ 27.513907] ? __virt_addr_valid+0x1db/0x2d0 [ 27.514626] ? kasan_addr_to_slab+0x11/0xa0 [ 27.514971] kasan_report+0x102/0x140 [ 27.515791] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.516515] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 27.517415] __asan_report_store1_noabort+0x1b/0x30 [ 27.518060] krealloc_less_oob_helper+0xe92/0x11d0 [ 27.518566] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.519667] ? finish_task_switch.isra.0+0x153/0x700 [ 27.520399] ? __switch_to+0x5d9/0xf60 [ 27.520776] ? __schedule+0xc70/0x27e0 [ 27.521298] ? __pfx_read_tsc+0x10/0x10 [ 27.521903] krealloc_large_less_oob+0x1c/0x30 [ 27.522268] kunit_try_run_case+0x1b3/0x490 [ 27.522963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.523811] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.524638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.525021] ? __kthread_parkme+0x82/0x160 [ 27.525545] ? preempt_count_sub+0x50/0x80 [ 27.526085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.526562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.526969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.527674] kthread+0x257/0x310 [ 27.528573] ? __pfx_kthread+0x10/0x10 [ 27.529186] ret_from_fork+0x41/0x80 [ 27.529629] ? __pfx_kthread+0x10/0x10 [ 27.530249] ret_from_fork_asm+0x1a/0x30 [ 27.530667] </TASK> [ 27.531020] [ 27.531353] The buggy address belongs to the physical page: [ 27.531997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 27.532459] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.533710] flags: 0x200000000000040(head|node=0|zone=2) [ 27.534589] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.535482] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.536731] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.537979] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.538841] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 27.539850] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.540868] page dumped because: kasan: bad access detected [ 27.541561] [ 27.541843] Memory state around the buggy address: [ 27.542453] ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.543234] ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.544180] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.545307] ^ [ 27.545988] ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.547019] ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.547858] ================================================================== [ 27.414446] ================================================================== [ 27.414893] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 27.417311] Write of size 1 at addr ffff8881027aa0d0 by task kunit_try_catch/169 [ 27.418258] [ 27.418484] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.419398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.420459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.421338] Call Trace: [ 27.421589] <TASK> [ 27.421799] dump_stack_lvl+0x73/0xb0 [ 27.422150] print_report+0xd1/0x640 [ 27.422855] ? __virt_addr_valid+0x1db/0x2d0 [ 27.423756] ? kasan_addr_to_slab+0x11/0xa0 [ 27.424612] kasan_report+0x102/0x140 [ 27.425427] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.426664] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 27.427926] __asan_report_store1_noabort+0x1b/0x30 [ 27.428573] krealloc_less_oob_helper+0xe25/0x11d0 [ 27.429735] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.430593] ? finish_task_switch.isra.0+0x153/0x700 [ 27.431395] ? __switch_to+0x5d9/0xf60 [ 27.431809] ? __schedule+0xc70/0x27e0 [ 27.432221] ? __pfx_read_tsc+0x10/0x10 [ 27.432739] krealloc_large_less_oob+0x1c/0x30 [ 27.433406] kunit_try_run_case+0x1b3/0x490 [ 27.434029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.434381] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.435019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.435624] ? __kthread_parkme+0x82/0x160 [ 27.436542] ? preempt_count_sub+0x50/0x80 [ 27.437166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.437713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.438504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.439207] kthread+0x257/0x310 [ 27.439641] ? __pfx_kthread+0x10/0x10 [ 27.440304] ret_from_fork+0x41/0x80 [ 27.441099] ? __pfx_kthread+0x10/0x10 [ 27.441462] ret_from_fork_asm+0x1a/0x30 [ 27.442176] </TASK> [ 27.442441] [ 27.442913] The buggy address belongs to the physical page: [ 27.443482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 27.444441] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.445664] flags: 0x200000000000040(head|node=0|zone=2) [ 27.446782] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.448284] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.448584] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.449521] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.450188] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 27.450839] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.451466] page dumped because: kasan: bad access detected [ 27.452542] [ 27.452750] Memory state around the buggy address: [ 27.453934] ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.455103] ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.456425] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.457333] ^ [ 27.458147] ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.458903] ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.459914] ================================================================== [ 26.951801] ================================================================== [ 26.953176] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 26.953968] Write of size 1 at addr ffff8881009ab0c9 by task kunit_try_catch/165 [ 26.954807] [ 26.955100] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.956421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.956958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.957660] Call Trace: [ 26.958299] <TASK> [ 26.958663] dump_stack_lvl+0x73/0xb0 [ 26.959195] print_report+0xd1/0x640 [ 26.959623] ? __virt_addr_valid+0x1db/0x2d0 [ 26.960490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.961391] kasan_report+0x102/0x140 [ 26.962462] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 26.963066] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 26.963587] __asan_report_store1_noabort+0x1b/0x30 [ 26.964110] krealloc_less_oob_helper+0xd72/0x11d0 [ 26.964656] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 26.965692] ? finish_task_switch.isra.0+0x153/0x700 [ 26.966452] ? __switch_to+0x5d9/0xf60 [ 26.966947] ? __schedule+0xc70/0x27e0 [ 26.967636] ? __pfx_read_tsc+0x10/0x10 [ 26.968155] krealloc_less_oob+0x1c/0x30 [ 26.968900] kunit_try_run_case+0x1b3/0x490 [ 26.969626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.970302] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.971141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.971721] ? __kthread_parkme+0x82/0x160 [ 26.972375] ? preempt_count_sub+0x50/0x80 [ 26.972975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.973651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.974555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.975143] kthread+0x257/0x310 [ 26.975737] ? __pfx_kthread+0x10/0x10 [ 26.976386] ret_from_fork+0x41/0x80 [ 26.976821] ? __pfx_kthread+0x10/0x10 [ 26.977510] ret_from_fork_asm+0x1a/0x30 [ 26.978120] </TASK> [ 26.978354] [ 26.978615] Allocated by task 165: [ 26.978999] kasan_save_stack+0x3d/0x60 [ 26.979354] kasan_save_track+0x18/0x40 [ 26.980309] kasan_save_alloc_info+0x3b/0x50 [ 26.981094] __kasan_krealloc+0x190/0x1f0 [ 26.981656] krealloc_noprof+0xf3/0x340 [ 26.982321] krealloc_less_oob_helper+0x1ab/0x11d0 [ 26.983089] krealloc_less_oob+0x1c/0x30 [ 26.983610] kunit_try_run_case+0x1b3/0x490 [ 26.984432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.984859] kthread+0x257/0x310 [ 26.985467] ret_from_fork+0x41/0x80 [ 26.985971] ret_from_fork_asm+0x1a/0x30 [ 26.986475] [ 26.986718] The buggy address belongs to the object at ffff8881009ab000 [ 26.986718] which belongs to the cache kmalloc-256 of size 256 [ 26.988270] The buggy address is located 0 bytes to the right of [ 26.988270] allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9) [ 26.989811] [ 26.990080] The buggy address belongs to the physical page: [ 26.990559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 26.991511] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.992520] flags: 0x200000000000040(head|node=0|zone=2) [ 26.993032] page_type: f5(slab) [ 26.993362] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 26.994098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.994768] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 26.995434] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.996490] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 26.996970] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 26.997877] page dumped because: kasan: bad access detected [ 26.998505] [ 26.999103] Memory state around the buggy address: [ 26.999750] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.000425] ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.001667] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.002302] ^ [ 27.002805] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.003394] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.004651] ================================================================== [ 27.064967] ================================================================== [ 27.065389] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 27.065720] Write of size 1 at addr ffff8881009ab0da by task kunit_try_catch/165 [ 27.066731] [ 27.067129] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.069246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.069656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.070976] Call Trace: [ 27.071379] <TASK> [ 27.071890] dump_stack_lvl+0x73/0xb0 [ 27.072462] print_report+0xd1/0x640 [ 27.073457] ? __virt_addr_valid+0x1db/0x2d0 [ 27.074221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.074909] kasan_report+0x102/0x140 [ 27.075761] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.076539] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 27.077953] __asan_report_store1_noabort+0x1b/0x30 [ 27.078543] krealloc_less_oob_helper+0xec8/0x11d0 [ 27.079333] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.080157] ? finish_task_switch.isra.0+0x153/0x700 [ 27.081424] ? __switch_to+0x5d9/0xf60 [ 27.081796] ? __schedule+0xc70/0x27e0 [ 27.082434] ? __pfx_read_tsc+0x10/0x10 [ 27.083083] krealloc_less_oob+0x1c/0x30 [ 27.083867] kunit_try_run_case+0x1b3/0x490 [ 27.084727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.085533] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.086229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.086981] ? __kthread_parkme+0x82/0x160 [ 27.087445] ? preempt_count_sub+0x50/0x80 [ 27.088505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.089419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.090015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.090765] kthread+0x257/0x310 [ 27.091431] ? __pfx_kthread+0x10/0x10 [ 27.091804] ret_from_fork+0x41/0x80 [ 27.092863] ? __pfx_kthread+0x10/0x10 [ 27.093138] ret_from_fork_asm+0x1a/0x30 [ 27.093693] </TASK> [ 27.094271] [ 27.094631] Allocated by task 165: [ 27.095301] kasan_save_stack+0x3d/0x60 [ 27.096009] kasan_save_track+0x18/0x40 [ 27.096538] kasan_save_alloc_info+0x3b/0x50 [ 27.097130] __kasan_krealloc+0x190/0x1f0 [ 27.097702] krealloc_noprof+0xf3/0x340 [ 27.098829] krealloc_less_oob_helper+0x1ab/0x11d0 [ 27.100015] krealloc_less_oob+0x1c/0x30 [ 27.100404] kunit_try_run_case+0x1b3/0x490 [ 27.100908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.101572] kthread+0x257/0x310 [ 27.101944] ret_from_fork+0x41/0x80 [ 27.102505] ret_from_fork_asm+0x1a/0x30 [ 27.103232] [ 27.103592] The buggy address belongs to the object at ffff8881009ab000 [ 27.103592] which belongs to the cache kmalloc-256 of size 256 [ 27.105040] The buggy address is located 17 bytes to the right of [ 27.105040] allocated 201-byte region [ffff8881009ab000, ffff8881009ab0c9) [ 27.106199] [ 27.106615] The buggy address belongs to the physical page: [ 27.107656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 27.108631] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.109296] flags: 0x200000000000040(head|node=0|zone=2) [ 27.110199] page_type: f5(slab) [ 27.110500] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.111442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.112708] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 27.113366] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.114093] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 27.114985] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 27.116017] page dumped because: kasan: bad access detected [ 27.116400] [ 27.116701] Memory state around the buggy address: [ 27.117714] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.118642] ffff8881009ab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.119210] >ffff8881009ab080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.120562] ^ [ 27.121371] ffff8881009ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.122410] ffff8881009ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.123386] ================================================================== [ 27.548776] ================================================================== [ 27.549620] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 27.550413] Write of size 1 at addr ffff8881027aa0eb by task kunit_try_catch/169 [ 27.551369] [ 27.551786] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.553094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.553695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.555177] Call Trace: [ 27.555414] <TASK> [ 27.555617] dump_stack_lvl+0x73/0xb0 [ 27.556483] print_report+0xd1/0x640 [ 27.556984] ? __virt_addr_valid+0x1db/0x2d0 [ 27.557640] ? kasan_addr_to_slab+0x11/0xa0 [ 27.558732] kasan_report+0x102/0x140 [ 27.559621] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.560662] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 27.561636] __asan_report_store1_noabort+0x1b/0x30 [ 27.562630] krealloc_less_oob_helper+0xd49/0x11d0 [ 27.563472] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 27.564435] ? finish_task_switch.isra.0+0x153/0x700 [ 27.565042] ? __switch_to+0x5d9/0xf60 [ 27.565638] ? __schedule+0xc70/0x27e0 [ 27.566547] ? __pfx_read_tsc+0x10/0x10 [ 27.566955] krealloc_large_less_oob+0x1c/0x30 [ 27.567591] kunit_try_run_case+0x1b3/0x490 [ 27.568446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.569182] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.569655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.570338] ? __kthread_parkme+0x82/0x160 [ 27.570771] ? preempt_count_sub+0x50/0x80 [ 27.571268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.571788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.572505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.573579] kthread+0x257/0x310 [ 27.573910] ? __pfx_kthread+0x10/0x10 [ 27.574542] ret_from_fork+0x41/0x80 [ 27.575198] ? __pfx_kthread+0x10/0x10 [ 27.575574] ret_from_fork_asm+0x1a/0x30 [ 27.576122] </TASK> [ 27.576625] [ 27.576941] The buggy address belongs to the physical page: [ 27.577698] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 27.578643] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.579377] flags: 0x200000000000040(head|node=0|zone=2) [ 27.580212] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.581106] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.582044] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.582776] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.583747] head: 0200000000000002 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 27.584426] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.585668] page dumped because: kasan: bad access detected [ 27.586443] [ 27.586752] Memory state around the buggy address: [ 27.587310] ffff8881027a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.588414] ffff8881027aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.589032] >ffff8881027aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.589813] ^ [ 27.590560] ffff8881027aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.591675] ffff8881027aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.592717] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 27.269954] ================================================================== [ 27.271083] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 27.271816] Write of size 1 at addr ffff88810226e0eb by task kunit_try_catch/167 [ 27.272470] [ 27.272655] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.274124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.274401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.275865] Call Trace: [ 27.276496] <TASK> [ 27.277057] dump_stack_lvl+0x73/0xb0 [ 27.277432] print_report+0xd1/0x640 [ 27.277806] ? __virt_addr_valid+0x1db/0x2d0 [ 27.278327] ? kasan_addr_to_slab+0x11/0xa0 [ 27.278754] kasan_report+0x102/0x140 [ 27.279375] ? krealloc_more_oob_helper+0x823/0x930 [ 27.280750] ? krealloc_more_oob_helper+0x823/0x930 [ 27.281652] __asan_report_store1_noabort+0x1b/0x30 [ 27.282192] krealloc_more_oob_helper+0x823/0x930 [ 27.283061] ? __schedule+0xc70/0x27e0 [ 27.283940] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 27.285269] ? finish_task_switch.isra.0+0x153/0x700 [ 27.286095] ? __switch_to+0x5d9/0xf60 [ 27.286632] ? __schedule+0xc70/0x27e0 [ 27.287056] ? __pfx_read_tsc+0x10/0x10 [ 27.288103] krealloc_large_more_oob+0x1c/0x30 [ 27.288595] kunit_try_run_case+0x1b3/0x490 [ 27.289563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.290326] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.291140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.291633] ? __kthread_parkme+0x82/0x160 [ 27.292540] ? preempt_count_sub+0x50/0x80 [ 27.293345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.293706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.294967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.295623] kthread+0x257/0x310 [ 27.296481] ? __pfx_kthread+0x10/0x10 [ 27.296872] ret_from_fork+0x41/0x80 [ 27.297485] ? __pfx_kthread+0x10/0x10 [ 27.298116] ret_from_fork_asm+0x1a/0x30 [ 27.298579] </TASK> [ 27.298939] [ 27.299340] The buggy address belongs to the physical page: [ 27.300314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 27.301027] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.301972] flags: 0x200000000000040(head|node=0|zone=2) [ 27.302674] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.303524] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.304641] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.305358] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.306044] head: 0200000000000002 ffffea0004089b01 ffffffffffffffff 0000000000000000 [ 27.306928] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.307808] page dumped because: kasan: bad access detected [ 27.308602] [ 27.308926] Memory state around the buggy address: [ 27.309611] ffff88810226df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.310475] ffff88810226e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.311196] >ffff88810226e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 27.312341] ^ [ 27.313150] ffff88810226e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.313909] ffff88810226e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.314636] ================================================================== [ 27.317404] ================================================================== [ 27.318155] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 27.318849] Write of size 1 at addr ffff88810226e0f0 by task kunit_try_catch/167 [ 27.319727] [ 27.320175] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 27.321402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.321895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.322760] Call Trace: [ 27.323785] <TASK> [ 27.324033] dump_stack_lvl+0x73/0xb0 [ 27.324420] print_report+0xd1/0x640 [ 27.324800] ? __virt_addr_valid+0x1db/0x2d0 [ 27.325245] ? kasan_addr_to_slab+0x11/0xa0 [ 27.325715] kasan_report+0x102/0x140 [ 27.326011] ? krealloc_more_oob_helper+0x7ed/0x930 [ 27.326746] ? krealloc_more_oob_helper+0x7ed/0x930 [ 27.327645] __asan_report_store1_noabort+0x1b/0x30 [ 27.329382] krealloc_more_oob_helper+0x7ed/0x930 [ 27.330062] ? __schedule+0xc70/0x27e0 [ 27.330470] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 27.331525] ? finish_task_switch.isra.0+0x153/0x700 [ 27.332557] ? __switch_to+0x5d9/0xf60 [ 27.333043] ? __schedule+0xc70/0x27e0 [ 27.333634] ? __pfx_read_tsc+0x10/0x10 [ 27.334167] krealloc_large_more_oob+0x1c/0x30 [ 27.334776] kunit_try_run_case+0x1b3/0x490 [ 27.335590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.336472] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.337121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.337892] ? __kthread_parkme+0x82/0x160 [ 27.338352] ? preempt_count_sub+0x50/0x80 [ 27.338883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.339747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.340505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.341262] kthread+0x257/0x310 [ 27.341668] ? __pfx_kthread+0x10/0x10 [ 27.342269] ret_from_fork+0x41/0x80 [ 27.342616] ? __pfx_kthread+0x10/0x10 [ 27.343599] ret_from_fork_asm+0x1a/0x30 [ 27.344311] </TASK> [ 27.344636] [ 27.344981] The buggy address belongs to the physical page: [ 27.345651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 27.346782] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.347432] flags: 0x200000000000040(head|node=0|zone=2) [ 27.348117] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.348653] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.349634] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.350558] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.351674] head: 0200000000000002 ffffea0004089b01 ffffffffffffffff 0000000000000000 [ 27.352600] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.353550] page dumped because: kasan: bad access detected [ 27.354016] [ 27.354256] Memory state around the buggy address: [ 27.355061] ffff88810226df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.355716] ffff88810226e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.356582] >ffff88810226e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 27.357535] ^ [ 27.358194] ffff88810226e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.358978] ffff88810226e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.359765] ================================================================== [ 26.837623] ================================================================== [ 26.838770] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 26.839838] Write of size 1 at addr ffff8881009aaeeb by task kunit_try_catch/163 [ 26.841203] [ 26.841549] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.842601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.843097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.844244] Call Trace: [ 26.844815] <TASK> [ 26.845307] dump_stack_lvl+0x73/0xb0 [ 26.845695] print_report+0xd1/0x640 [ 26.846436] ? __virt_addr_valid+0x1db/0x2d0 [ 26.847177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.847465] kasan_report+0x102/0x140 [ 26.847649] ? krealloc_more_oob_helper+0x823/0x930 [ 26.848020] ? krealloc_more_oob_helper+0x823/0x930 [ 26.849332] __asan_report_store1_noabort+0x1b/0x30 [ 26.850059] krealloc_more_oob_helper+0x823/0x930 [ 26.850641] ? trace_hardirqs_on+0x37/0xe0 [ 26.851385] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 26.851940] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.852618] ? __pfx_krealloc_more_oob+0x10/0x10 [ 26.853155] krealloc_more_oob+0x1c/0x30 [ 26.853877] kunit_try_run_case+0x1b3/0x490 [ 26.854719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.855805] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.856506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.857109] ? __kthread_parkme+0x82/0x160 [ 26.858488] ? preempt_count_sub+0x50/0x80 [ 26.859044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.859665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.860882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.861526] kthread+0x257/0x310 [ 26.862110] ? __pfx_kthread+0x10/0x10 [ 26.863025] ret_from_fork+0x41/0x80 [ 26.863574] ? __pfx_kthread+0x10/0x10 [ 26.864260] ret_from_fork_asm+0x1a/0x30 [ 26.864653] </TASK> [ 26.864923] [ 26.865597] Allocated by task 163: [ 26.866314] kasan_save_stack+0x3d/0x60 [ 26.866743] kasan_save_track+0x18/0x40 [ 26.867852] kasan_save_alloc_info+0x3b/0x50 [ 26.868424] __kasan_krealloc+0x190/0x1f0 [ 26.868920] krealloc_noprof+0xf3/0x340 [ 26.869311] krealloc_more_oob_helper+0x1aa/0x930 [ 26.869978] krealloc_more_oob+0x1c/0x30 [ 26.870438] kunit_try_run_case+0x1b3/0x490 [ 26.871344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.872252] kthread+0x257/0x310 [ 26.872476] ret_from_fork+0x41/0x80 [ 26.872656] ret_from_fork_asm+0x1a/0x30 [ 26.873177] [ 26.873573] The buggy address belongs to the object at ffff8881009aae00 [ 26.873573] which belongs to the cache kmalloc-256 of size 256 [ 26.874315] The buggy address is located 0 bytes to the right of [ 26.874315] allocated 235-byte region [ffff8881009aae00, ffff8881009aaeeb) [ 26.876122] [ 26.876610] The buggy address belongs to the physical page: [ 26.877267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 26.878109] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.879370] flags: 0x200000000000040(head|node=0|zone=2) [ 26.879896] page_type: f5(slab) [ 26.880580] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 26.881486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.882512] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 26.883190] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.884283] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 26.885268] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 26.886078] page dumped because: kasan: bad access detected [ 26.886582] [ 26.886943] Memory state around the buggy address: [ 26.887513] ffff8881009aad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.888229] ffff8881009aae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.889207] >ffff8881009aae80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 26.889729] ^ [ 26.890339] ffff8881009aaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.891251] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.892163] ================================================================== [ 26.894393] ================================================================== [ 26.895080] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 26.896493] Write of size 1 at addr ffff8881009aaef0 by task kunit_try_catch/163 [ 26.897229] [ 26.897559] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.898409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.899095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.899880] Call Trace: [ 26.900186] <TASK> [ 26.900601] dump_stack_lvl+0x73/0xb0 [ 26.901195] print_report+0xd1/0x640 [ 26.901527] ? __virt_addr_valid+0x1db/0x2d0 [ 26.902212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.903129] kasan_report+0x102/0x140 [ 26.903632] ? krealloc_more_oob_helper+0x7ed/0x930 [ 26.904289] ? krealloc_more_oob_helper+0x7ed/0x930 [ 26.904783] __asan_report_store1_noabort+0x1b/0x30 [ 26.905445] krealloc_more_oob_helper+0x7ed/0x930 [ 26.905933] ? trace_hardirqs_on+0x37/0xe0 [ 26.906234] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 26.907402] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.907989] ? __pfx_krealloc_more_oob+0x10/0x10 [ 26.908744] krealloc_more_oob+0x1c/0x30 [ 26.909102] kunit_try_run_case+0x1b3/0x490 [ 26.909419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.910024] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.910996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.911419] ? __kthread_parkme+0x82/0x160 [ 26.911862] ? preempt_count_sub+0x50/0x80 [ 26.912488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.913252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.914542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.915280] kthread+0x257/0x310 [ 26.916294] ? __pfx_kthread+0x10/0x10 [ 26.916750] ret_from_fork+0x41/0x80 [ 26.917509] ? __pfx_kthread+0x10/0x10 [ 26.918798] ret_from_fork_asm+0x1a/0x30 [ 26.919275] </TASK> [ 26.919456] [ 26.919717] Allocated by task 163: [ 26.920077] kasan_save_stack+0x3d/0x60 [ 26.920512] kasan_save_track+0x18/0x40 [ 26.921225] kasan_save_alloc_info+0x3b/0x50 [ 26.921614] __kasan_krealloc+0x190/0x1f0 [ 26.922209] krealloc_noprof+0xf3/0x340 [ 26.922747] krealloc_more_oob_helper+0x1aa/0x930 [ 26.923526] krealloc_more_oob+0x1c/0x30 [ 26.924325] kunit_try_run_case+0x1b3/0x490 [ 26.924777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.925351] kthread+0x257/0x310 [ 26.925793] ret_from_fork+0x41/0x80 [ 26.926407] ret_from_fork_asm+0x1a/0x30 [ 26.926813] [ 26.927285] The buggy address belongs to the object at ffff8881009aae00 [ 26.927285] which belongs to the cache kmalloc-256 of size 256 [ 26.928350] The buggy address is located 5 bytes to the right of [ 26.928350] allocated 235-byte region [ffff8881009aae00, ffff8881009aaeeb) [ 26.930429] [ 26.930862] The buggy address belongs to the physical page: [ 26.931577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009aa [ 26.932474] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.933075] flags: 0x200000000000040(head|node=0|zone=2) [ 26.933761] page_type: f5(slab) [ 26.934462] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 26.935135] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.935858] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 26.937123] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.937823] head: 0200000000000001 ffffea0004026a81 ffffffffffffffff 0000000000000000 [ 26.938627] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 26.939563] page dumped because: kasan: bad access detected [ 26.939998] [ 26.940332] Memory state around the buggy address: [ 26.940884] ffff8881009aad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.941696] ffff8881009aae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.942596] >ffff8881009aae80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 26.943300] ^ [ 26.944019] ffff8881009aaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.945052] ffff8881009aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.945849] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 30.750598] ================================================================== [ 30.751813] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 30.752932] Read of size 1 at addr ffff888102c27c9f by task kunit_try_catch/258 [ 30.753629] [ 30.753838] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.754648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.755398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.756667] Call Trace: [ 30.757069] <TASK> [ 30.757289] dump_stack_lvl+0x73/0xb0 [ 30.757988] print_report+0xd1/0x640 [ 30.758611] ? __virt_addr_valid+0x1db/0x2d0 [ 30.759431] ? kasan_addr_to_slab+0x11/0xa0 [ 30.759971] kasan_report+0x102/0x140 [ 30.760486] ? kasan_alloca_oob_left+0x31f/0x380 [ 30.761109] ? kasan_alloca_oob_left+0x31f/0x380 [ 30.762006] __asan_report_load1_noabort+0x18/0x20 [ 30.762509] kasan_alloca_oob_left+0x31f/0x380 [ 30.762911] ? uclamp_rq_dec_id+0x3c0/0x460 [ 30.763330] ? __schedule+0xc70/0x27e0 [ 30.763750] ? trace_hardirqs_on+0x37/0xe0 [ 30.764163] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 30.764634] ? __schedule+0xc70/0x27e0 [ 30.765443] ? __pfx_read_tsc+0x10/0x10 [ 30.766301] ? ktime_get_ts64+0x86/0x230 [ 30.767527] kunit_try_run_case+0x1b3/0x490 [ 30.768626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.769421] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.770673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.771461] ? __kthread_parkme+0x82/0x160 [ 30.772127] ? preempt_count_sub+0x50/0x80 [ 30.772813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.773676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.774824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.775424] kthread+0x257/0x310 [ 30.776122] ? __pfx_kthread+0x10/0x10 [ 30.776722] ret_from_fork+0x41/0x80 [ 30.777193] ? __pfx_kthread+0x10/0x10 [ 30.777503] ret_from_fork_asm+0x1a/0x30 [ 30.777885] </TASK> [ 30.778192] [ 30.778389] The buggy address belongs to stack of task kunit_try_catch/258 [ 30.779170] [ 30.779421] The buggy address belongs to the physical page: [ 30.780080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c27 [ 30.780562] flags: 0x200000000000000(node=0|zone=2) [ 30.782254] raw: 0200000000000000 ffffea00040b09c8 ffffea00040b09c8 0000000000000000 [ 30.783002] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 30.784079] page dumped because: kasan: bad access detected [ 30.784557] [ 30.785305] Memory state around the buggy address: [ 30.785888] ffff888102c27b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.787180] ffff888102c27c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.787790] >ffff888102c27c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 30.788591] ^ [ 30.789025] ffff888102c27d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 30.790014] ffff888102c27d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 30.790756] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 30.707293] ================================================================== [ 30.708476] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 30.709078] Read of size 1 at addr ffff888102d57d72 by task kunit_try_catch/256 [ 30.710454] [ 30.710741] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.712474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.712666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.713349] Call Trace: [ 30.713669] <TASK> [ 30.713889] dump_stack_lvl+0x73/0xb0 [ 30.714349] print_report+0xd1/0x640 [ 30.715284] ? __virt_addr_valid+0x1db/0x2d0 [ 30.715863] ? kasan_addr_to_slab+0x11/0xa0 [ 30.716450] kasan_report+0x102/0x140 [ 30.716938] ? kasan_stack_oob+0x2ae/0x300 [ 30.717559] ? kasan_stack_oob+0x2ae/0x300 [ 30.718123] __asan_report_load1_noabort+0x18/0x20 [ 30.718540] kasan_stack_oob+0x2ae/0x300 [ 30.719390] ? __pfx_kasan_stack_oob+0x10/0x10 [ 30.719838] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 30.720406] ? __pfx_kasan_stack_oob+0x10/0x10 [ 30.721103] kunit_try_run_case+0x1b3/0x490 [ 30.721648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.722407] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.723284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.723716] ? __kthread_parkme+0x82/0x160 [ 30.724349] ? preempt_count_sub+0x50/0x80 [ 30.724725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.725364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.725864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.726345] kthread+0x257/0x310 [ 30.726713] ? __pfx_kthread+0x10/0x10 [ 30.727175] ret_from_fork+0x41/0x80 [ 30.727816] ? __pfx_kthread+0x10/0x10 [ 30.728400] ret_from_fork_asm+0x1a/0x30 [ 30.728949] </TASK> [ 30.729367] [ 30.729656] The buggy address belongs to stack of task kunit_try_catch/256 [ 30.730629] and is located at offset 138 in frame: [ 30.731272] kasan_stack_oob+0x0/0x300 [ 30.731980] [ 30.732234] This frame has 4 objects: [ 30.733061] [48, 49) '__assertion' [ 30.733148] [64, 72) 'array' [ 30.733567] [96, 112) '__assertion' [ 30.734110] [128, 138) 'stack_array' [ 30.734483] [ 30.735271] The buggy address belongs to the physical page: [ 30.735623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d57 [ 30.736720] flags: 0x200000000000000(node=0|zone=2) [ 30.737392] raw: 0200000000000000 ffffea00040b55c8 ffffea00040b55c8 0000000000000000 [ 30.738202] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 30.738784] page dumped because: kasan: bad access detected [ 30.739401] [ 30.739659] Memory state around the buggy address: [ 30.740466] ffff888102d57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.741140] ffff888102d57c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 30.741664] >ffff888102d57d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 30.742422] ^ [ 30.743196] ffff888102d57d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 30.743930] ffff888102d57e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 30.744879] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 30.663630] ================================================================== [ 30.664719] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 30.665521] Read of size 1 at addr ffffffff8fbfebed by task kunit_try_catch/252 [ 30.666134] [ 30.666453] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.667560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.668127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.668784] Call Trace: [ 30.669345] <TASK> [ 30.669590] dump_stack_lvl+0x73/0xb0 [ 30.670136] print_report+0xd1/0x640 [ 30.670613] ? __virt_addr_valid+0x1db/0x2d0 [ 30.671284] ? kasan_addr_to_slab+0x11/0xa0 [ 30.671701] kasan_report+0x102/0x140 [ 30.672064] ? kasan_global_oob_right+0x288/0x2d0 [ 30.672569] ? kasan_global_oob_right+0x288/0x2d0 [ 30.673244] __asan_report_load1_noabort+0x18/0x20 [ 30.673887] kasan_global_oob_right+0x288/0x2d0 [ 30.674467] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 30.675091] ? __schedule+0xc70/0x27e0 [ 30.675560] ? __pfx_read_tsc+0x10/0x10 [ 30.675964] ? ktime_get_ts64+0x86/0x230 [ 30.676583] kunit_try_run_case+0x1b3/0x490 [ 30.677192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.677571] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.678308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.678784] ? __kthread_parkme+0x82/0x160 [ 30.679522] ? preempt_count_sub+0x50/0x80 [ 30.679972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.680394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.680948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.681703] kthread+0x257/0x310 [ 30.682186] ? __pfx_kthread+0x10/0x10 [ 30.682644] ret_from_fork+0x41/0x80 [ 30.683264] ? __pfx_kthread+0x10/0x10 [ 30.683664] ret_from_fork_asm+0x1a/0x30 [ 30.684380] </TASK> [ 30.684618] [ 30.684891] The buggy address belongs to the variable: [ 30.685622] global_array+0xd/0x40 [ 30.686243] [ 30.686496] The buggy address belongs to the physical page: [ 30.687183] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4bbfe [ 30.687916] flags: 0x100000000002000(reserved|node=0|zone=1) [ 30.688443] raw: 0100000000002000 ffffea00012eff88 ffffea00012eff88 0000000000000000 [ 30.689453] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.690140] page dumped because: kasan: bad access detected [ 30.690754] [ 30.691148] Memory state around the buggy address: [ 30.691480] ffffffff8fbfea80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.692433] ffffffff8fbfeb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.693224] >ffffffff8fbfeb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 [ 30.693840] ^ [ 30.694412] ffffffff8fbfec00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 30.694997] ffffffff8fbfec80: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 30.696255] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 30.612869] ================================================================== [ 30.614875] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.616118] Free of addr ffff888102d60001 by task kunit_try_catch/250 [ 30.617158] [ 30.617777] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.618996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.619418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.620254] Call Trace: [ 30.620538] <TASK> [ 30.621739] dump_stack_lvl+0x73/0xb0 [ 30.622332] print_report+0xd1/0x640 [ 30.622744] ? __virt_addr_valid+0x1db/0x2d0 [ 30.623432] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.624394] ? kasan_addr_to_slab+0x11/0xa0 [ 30.624940] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.625617] kasan_report_invalid_free+0xc0/0xf0 [ 30.626410] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.627003] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.627627] __kasan_mempool_poison_object+0x102/0x1d0 [ 30.628321] mempool_free+0x2ec/0x380 [ 30.628939] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.629519] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 30.630386] ? finish_task_switch.isra.0+0x153/0x700 [ 30.630756] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 30.631501] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 30.632196] ? __switch_to+0x5d9/0xf60 [ 30.632632] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.633167] ? __pfx_mempool_kfree+0x10/0x10 [ 30.633589] ? __pfx_read_tsc+0x10/0x10 [ 30.634234] ? ktime_get_ts64+0x86/0x230 [ 30.634572] kunit_try_run_case+0x1b3/0x490 [ 30.635191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.635764] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.636167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.636582] ? __kthread_parkme+0x82/0x160 [ 30.637461] ? preempt_count_sub+0x50/0x80 [ 30.637928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.638371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.639193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.639664] kthread+0x257/0x310 [ 30.640237] ? __pfx_kthread+0x10/0x10 [ 30.640702] ret_from_fork+0x41/0x80 [ 30.641423] ? __pfx_kthread+0x10/0x10 [ 30.641826] ret_from_fork_asm+0x1a/0x30 [ 30.642462] </TASK> [ 30.642773] [ 30.643207] The buggy address belongs to the physical page: [ 30.643645] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d60 [ 30.644548] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.645389] flags: 0x200000000000040(head|node=0|zone=2) [ 30.645894] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.646970] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.647802] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.648488] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.649425] head: 0200000000000002 ffffea00040b5801 ffffffffffffffff 0000000000000000 [ 30.650285] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.650901] page dumped because: kasan: bad access detected [ 30.651903] [ 30.652168] Memory state around the buggy address: [ 30.652629] ffff888102d5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.653501] ffff888102d5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.654053] >ffff888102d60000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.654861] ^ [ 30.655311] ffff888102d60080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.655878] ffff888102d60100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.657008] ================================================================== [ 30.550876] ================================================================== [ 30.552566] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.553545] Free of addr ffff888101ac5201 by task kunit_try_catch/248 [ 30.554142] [ 30.554427] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.555243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.556319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.558150] Call Trace: [ 30.558644] <TASK> [ 30.558877] dump_stack_lvl+0x73/0xb0 [ 30.559410] print_report+0xd1/0x640 [ 30.559807] ? __virt_addr_valid+0x1db/0x2d0 [ 30.560472] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.561108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.562288] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.563142] kasan_report_invalid_free+0xc0/0xf0 [ 30.563932] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.564562] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.565265] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.565867] check_slab_allocation+0x11f/0x130 [ 30.566375] __kasan_mempool_poison_object+0x91/0x1d0 [ 30.566839] mempool_free+0x2ec/0x380 [ 30.567418] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 30.568330] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 30.569239] ? finish_task_switch.isra.0+0x153/0x700 [ 30.569840] mempool_kmalloc_invalid_free+0xb1/0x100 [ 30.570328] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 30.571332] ? __switch_to+0x5d9/0xf60 [ 30.571751] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.572294] ? __pfx_mempool_kfree+0x10/0x10 [ 30.572751] ? __pfx_read_tsc+0x10/0x10 [ 30.573229] ? ktime_get_ts64+0x86/0x230 [ 30.573830] kunit_try_run_case+0x1b3/0x490 [ 30.574246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.575108] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.575568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.576153] ? __kthread_parkme+0x82/0x160 [ 30.576981] ? preempt_count_sub+0x50/0x80 [ 30.577551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.578102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.578753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.579378] kthread+0x257/0x310 [ 30.579904] ? __pfx_kthread+0x10/0x10 [ 30.580263] ret_from_fork+0x41/0x80 [ 30.580944] ? __pfx_kthread+0x10/0x10 [ 30.581260] ret_from_fork_asm+0x1a/0x30 [ 30.581901] </TASK> [ 30.582181] [ 30.582342] Allocated by task 248: [ 30.582892] kasan_save_stack+0x3d/0x60 [ 30.583418] kasan_save_track+0x18/0x40 [ 30.584374] kasan_save_alloc_info+0x3b/0x50 [ 30.584741] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.585336] remove_element+0x11e/0x190 [ 30.586099] mempool_alloc_preallocated+0x4d/0x90 [ 30.586582] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 30.587641] mempool_kmalloc_invalid_free+0xb1/0x100 [ 30.588569] kunit_try_run_case+0x1b3/0x490 [ 30.589070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.590134] kthread+0x257/0x310 [ 30.590532] ret_from_fork+0x41/0x80 [ 30.590748] ret_from_fork_asm+0x1a/0x30 [ 30.591876] [ 30.592122] The buggy address belongs to the object at ffff888101ac5200 [ 30.592122] which belongs to the cache kmalloc-128 of size 128 [ 30.593867] The buggy address is located 1 bytes inside of [ 30.593867] 128-byte region [ffff888101ac5200, ffff888101ac5280) [ 30.595091] [ 30.595398] The buggy address belongs to the physical page: [ 30.595854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac5 [ 30.596848] flags: 0x200000000000000(node=0|zone=2) [ 30.597507] page_type: f5(slab) [ 30.597967] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.598696] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.599387] page dumped because: kasan: bad access detected [ 30.600359] [ 30.600605] Memory state around the buggy address: [ 30.601485] ffff888101ac5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.602165] ffff888101ac5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.603141] >ffff888101ac5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.603825] ^ [ 30.604533] ffff888101ac5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.605769] ffff888101ac5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.606937] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 30.377914] ================================================================== [ 30.378792] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 30.380111] Free of addr ffff888102a0f400 by task kunit_try_catch/242 [ 30.380650] [ 30.380903] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.382908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.383662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.384824] Call Trace: [ 30.385180] <TASK> [ 30.385565] dump_stack_lvl+0x73/0xb0 [ 30.386091] print_report+0xd1/0x640 [ 30.386732] ? __virt_addr_valid+0x1db/0x2d0 [ 30.387492] ? mempool_double_free_helper+0x185/0x370 [ 30.388510] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.389285] ? mempool_double_free_helper+0x185/0x370 [ 30.389921] kasan_report_invalid_free+0xc0/0xf0 [ 30.390622] ? mempool_double_free_helper+0x185/0x370 [ 30.391067] ? mempool_double_free_helper+0x185/0x370 [ 30.391883] ? mempool_double_free_helper+0x185/0x370 [ 30.392719] check_slab_allocation+0x101/0x130 [ 30.393322] __kasan_mempool_poison_object+0x91/0x1d0 [ 30.394145] mempool_free+0x2ec/0x380 [ 30.394506] mempool_double_free_helper+0x185/0x370 [ 30.395058] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 30.395819] ? finish_task_switch.isra.0+0x153/0x700 [ 30.396457] mempool_kmalloc_double_free+0xb1/0x100 [ 30.397014] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 30.397637] ? __switch_to+0x5d9/0xf60 [ 30.398360] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.398766] ? __pfx_mempool_kfree+0x10/0x10 [ 30.399297] ? __pfx_read_tsc+0x10/0x10 [ 30.399932] ? ktime_get_ts64+0x86/0x230 [ 30.400434] kunit_try_run_case+0x1b3/0x490 [ 30.401224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.401623] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.402529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.403142] ? __kthread_parkme+0x82/0x160 [ 30.403633] ? preempt_count_sub+0x50/0x80 [ 30.404297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.404770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.405600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.406251] kthread+0x257/0x310 [ 30.406809] ? __pfx_kthread+0x10/0x10 [ 30.407485] ret_from_fork+0x41/0x80 [ 30.407894] ? __pfx_kthread+0x10/0x10 [ 30.408432] ret_from_fork_asm+0x1a/0x30 [ 30.409087] </TASK> [ 30.409561] [ 30.409805] Allocated by task 242: [ 30.410286] kasan_save_stack+0x3d/0x60 [ 30.410742] kasan_save_track+0x18/0x40 [ 30.411287] kasan_save_alloc_info+0x3b/0x50 [ 30.412047] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.412484] remove_element+0x11e/0x190 [ 30.413270] mempool_alloc_preallocated+0x4d/0x90 [ 30.413803] mempool_double_free_helper+0x8b/0x370 [ 30.414429] mempool_kmalloc_double_free+0xb1/0x100 [ 30.415166] kunit_try_run_case+0x1b3/0x490 [ 30.415572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.416289] kthread+0x257/0x310 [ 30.416768] ret_from_fork+0x41/0x80 [ 30.417329] ret_from_fork_asm+0x1a/0x30 [ 30.417802] [ 30.418201] Freed by task 242: [ 30.418465] kasan_save_stack+0x3d/0x60 [ 30.419015] kasan_save_track+0x18/0x40 [ 30.419531] kasan_save_free_info+0x3f/0x60 [ 30.420848] __kasan_mempool_poison_object+0x131/0x1d0 [ 30.422304] mempool_free+0x2ec/0x380 [ 30.422727] mempool_double_free_helper+0x10a/0x370 [ 30.423476] mempool_kmalloc_double_free+0xb1/0x100 [ 30.424325] kunit_try_run_case+0x1b3/0x490 [ 30.424986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.425697] kthread+0x257/0x310 [ 30.426111] ret_from_fork+0x41/0x80 [ 30.426926] ret_from_fork_asm+0x1a/0x30 [ 30.427448] [ 30.427743] The buggy address belongs to the object at ffff888102a0f400 [ 30.427743] which belongs to the cache kmalloc-128 of size 128 [ 30.429217] The buggy address is located 0 bytes inside of [ 30.429217] 128-byte region [ffff888102a0f400, ffff888102a0f480) [ 30.431229] [ 30.431340] The buggy address belongs to the physical page: [ 30.431563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0f [ 30.432010] flags: 0x200000000000000(node=0|zone=2) [ 30.433560] page_type: f5(slab) [ 30.434002] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.434769] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.435658] page dumped because: kasan: bad access detected [ 30.436274] [ 30.436528] Memory state around the buggy address: [ 30.437235] ffff888102a0f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.438078] ffff888102a0f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.438739] >ffff888102a0f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.439945] ^ [ 30.440180] ffff888102a0f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.441178] ffff888102a0f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.441894] ================================================================== [ 30.450540] ================================================================== [ 30.451739] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 30.452654] Free of addr ffff888102d60000 by task kunit_try_catch/244 [ 30.453262] [ 30.453447] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.455573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.456056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.457245] Call Trace: [ 30.457582] <TASK> [ 30.457818] dump_stack_lvl+0x73/0xb0 [ 30.458485] print_report+0xd1/0x640 [ 30.458829] ? __virt_addr_valid+0x1db/0x2d0 [ 30.459443] ? mempool_double_free_helper+0x185/0x370 [ 30.460120] ? kasan_addr_to_slab+0x11/0xa0 [ 30.460624] ? mempool_double_free_helper+0x185/0x370 [ 30.461276] kasan_report_invalid_free+0xc0/0xf0 [ 30.461708] ? mempool_double_free_helper+0x185/0x370 [ 30.462421] ? mempool_double_free_helper+0x185/0x370 [ 30.462959] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 30.463771] mempool_free+0x2ec/0x380 [ 30.464150] mempool_double_free_helper+0x185/0x370 [ 30.464672] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 30.465216] ? finish_task_switch.isra.0+0x153/0x700 [ 30.465634] mempool_kmalloc_large_double_free+0xb1/0x100 [ 30.466271] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 30.467117] ? __switch_to+0x5d9/0xf60 [ 30.467581] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.468210] ? __pfx_mempool_kfree+0x10/0x10 [ 30.468544] ? __pfx_read_tsc+0x10/0x10 [ 30.469174] ? ktime_get_ts64+0x86/0x230 [ 30.469630] kunit_try_run_case+0x1b3/0x490 [ 30.470500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.470875] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.471548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.472193] ? __kthread_parkme+0x82/0x160 [ 30.472615] ? preempt_count_sub+0x50/0x80 [ 30.473143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.473598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.474275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.474906] kthread+0x257/0x310 [ 30.475550] ? __pfx_kthread+0x10/0x10 [ 30.476225] ret_from_fork+0x41/0x80 [ 30.476565] ? __pfx_kthread+0x10/0x10 [ 30.477316] ret_from_fork_asm+0x1a/0x30 [ 30.477979] </TASK> [ 30.478218] [ 30.478663] The buggy address belongs to the physical page: [ 30.478946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d60 [ 30.480535] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.481417] flags: 0x200000000000040(head|node=0|zone=2) [ 30.481928] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.482631] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.483853] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.484745] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.486483] head: 0200000000000002 ffffea00040b5801 ffffffffffffffff 0000000000000000 [ 30.487416] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.487757] page dumped because: kasan: bad access detected [ 30.488644] [ 30.489219] Memory state around the buggy address: [ 30.489713] ffff888102d5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.490501] ffff888102d5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.491270] >ffff888102d60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.491939] ^ [ 30.492611] ffff888102d60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.493395] ffff888102d60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.494352] ================================================================== [ 30.500317] ================================================================== [ 30.501579] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 30.502627] Free of addr ffff888102d60000 by task kunit_try_catch/246 [ 30.503339] [ 30.503562] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.505472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.506283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.507279] Call Trace: [ 30.507510] <TASK> [ 30.508215] dump_stack_lvl+0x73/0xb0 [ 30.508507] print_report+0xd1/0x640 [ 30.509003] ? __virt_addr_valid+0x1db/0x2d0 [ 30.509803] ? mempool_double_free_helper+0x185/0x370 [ 30.510371] ? kasan_addr_to_slab+0x11/0xa0 [ 30.511379] ? mempool_double_free_helper+0x185/0x370 [ 30.512195] kasan_report_invalid_free+0xc0/0xf0 [ 30.512629] ? mempool_double_free_helper+0x185/0x370 [ 30.513343] ? mempool_double_free_helper+0x185/0x370 [ 30.514355] __kasan_mempool_poison_pages+0x115/0x130 [ 30.514830] mempool_free+0x290/0x380 [ 30.515543] mempool_double_free_helper+0x185/0x370 [ 30.516742] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 30.517296] mempool_page_alloc_double_free+0xac/0x100 [ 30.518006] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 30.518673] ? __switch_to+0x5d9/0xf60 [ 30.519224] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 30.520290] ? __pfx_mempool_free_pages+0x10/0x10 [ 30.520783] ? __pfx_read_tsc+0x10/0x10 [ 30.521451] ? ktime_get_ts64+0x86/0x230 [ 30.522251] kunit_try_run_case+0x1b3/0x490 [ 30.523208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.523715] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.524411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.525411] ? __kthread_parkme+0x82/0x160 [ 30.525925] ? preempt_count_sub+0x50/0x80 [ 30.526306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.526758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.527207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.528280] kthread+0x257/0x310 [ 30.528709] ? __pfx_kthread+0x10/0x10 [ 30.529319] ret_from_fork+0x41/0x80 [ 30.529735] ? __pfx_kthread+0x10/0x10 [ 30.530717] ret_from_fork_asm+0x1a/0x30 [ 30.531210] </TASK> [ 30.531562] [ 30.531813] The buggy address belongs to the physical page: [ 30.532766] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d60 [ 30.533971] flags: 0x200000000000000(node=0|zone=2) [ 30.534496] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.535749] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.536557] page dumped because: kasan: bad access detected [ 30.537429] [ 30.537937] Memory state around the buggy address: [ 30.538398] ffff888102d5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.539542] ffff888102d5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.540807] >ffff888102d60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.541338] ^ [ 30.542197] ffff888102d60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.542774] ffff888102d60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.543475] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 30.332407] ================================================================== [ 30.333352] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.334220] Read of size 1 at addr ffff888102d60000 by task kunit_try_catch/240 [ 30.334750] [ 30.335316] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.336496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.336910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.337648] Call Trace: [ 30.338052] <TASK> [ 30.338365] dump_stack_lvl+0x73/0xb0 [ 30.338822] print_report+0xd1/0x640 [ 30.339443] ? __virt_addr_valid+0x1db/0x2d0 [ 30.339877] ? kasan_addr_to_slab+0x11/0xa0 [ 30.340188] kasan_report+0x102/0x140 [ 30.340950] ? mempool_uaf_helper+0x394/0x400 [ 30.341652] ? mempool_uaf_helper+0x394/0x400 [ 30.342237] __asan_report_load1_noabort+0x18/0x20 [ 30.342607] mempool_uaf_helper+0x394/0x400 [ 30.343495] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.344303] mempool_page_alloc_uaf+0xb1/0x100 [ 30.344836] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 30.345470] ? __switch_to+0x5d9/0xf60 [ 30.346085] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 30.346506] ? __pfx_mempool_free_pages+0x10/0x10 [ 30.346958] ? __pfx_read_tsc+0x10/0x10 [ 30.347341] ? ktime_get_ts64+0x86/0x230 [ 30.347776] kunit_try_run_case+0x1b3/0x490 [ 30.348098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.348901] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.349871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.350741] ? __kthread_parkme+0x82/0x160 [ 30.351529] ? preempt_count_sub+0x50/0x80 [ 30.352605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.353262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.354194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.354920] kthread+0x257/0x310 [ 30.355186] ? __pfx_kthread+0x10/0x10 [ 30.356339] ret_from_fork+0x41/0x80 [ 30.356675] ? __pfx_kthread+0x10/0x10 [ 30.357601] ret_from_fork_asm+0x1a/0x30 [ 30.358556] </TASK> [ 30.359083] [ 30.359369] The buggy address belongs to the physical page: [ 30.360273] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d60 [ 30.361604] flags: 0x200000000000000(node=0|zone=2) [ 30.362702] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.363516] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.364477] page dumped because: kasan: bad access detected [ 30.364833] [ 30.365092] Memory state around the buggy address: [ 30.365842] ffff888102d5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.366668] ffff888102d5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.367654] >ffff888102d60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.368999] ^ [ 30.369645] ffff888102d60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.370812] ffff888102d60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.372146] ================================================================== [ 30.218958] ================================================================== [ 30.219825] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.220530] Read of size 1 at addr ffff888102b5c000 by task kunit_try_catch/236 [ 30.221546] [ 30.221815] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.223172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.223658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.224488] Call Trace: [ 30.224808] <TASK> [ 30.225138] dump_stack_lvl+0x73/0xb0 [ 30.225594] print_report+0xd1/0x640 [ 30.226089] ? __virt_addr_valid+0x1db/0x2d0 [ 30.226510] ? kasan_addr_to_slab+0x11/0xa0 [ 30.227418] kasan_report+0x102/0x140 [ 30.227924] ? mempool_uaf_helper+0x394/0x400 [ 30.228454] ? mempool_uaf_helper+0x394/0x400 [ 30.228975] __asan_report_load1_noabort+0x18/0x20 [ 30.229526] mempool_uaf_helper+0x394/0x400 [ 30.230243] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.230832] ? finish_task_switch.isra.0+0x153/0x700 [ 30.231379] mempool_kmalloc_large_uaf+0xb3/0x100 [ 30.232130] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 30.232765] ? __switch_to+0x5d9/0xf60 [ 30.233377] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.233906] ? __pfx_mempool_kfree+0x10/0x10 [ 30.234660] ? __pfx_read_tsc+0x10/0x10 [ 30.235269] ? ktime_get_ts64+0x86/0x230 [ 30.235778] kunit_try_run_case+0x1b3/0x490 [ 30.236413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.237045] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.237460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.238036] ? __kthread_parkme+0x82/0x160 [ 30.238433] ? preempt_count_sub+0x50/0x80 [ 30.239279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.239840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.240556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.241220] kthread+0x257/0x310 [ 30.241589] ? __pfx_kthread+0x10/0x10 [ 30.242310] ret_from_fork+0x41/0x80 [ 30.242602] ? __pfx_kthread+0x10/0x10 [ 30.243263] ret_from_fork_asm+0x1a/0x30 [ 30.243732] </TASK> [ 30.244231] [ 30.244448] The buggy address belongs to the physical page: [ 30.245101] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b5c [ 30.245672] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.246760] flags: 0x200000000000040(head|node=0|zone=2) [ 30.247480] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.248075] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.248797] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.249327] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.250621] head: 0200000000000002 ffffea00040ad701 ffffffffffffffff 0000000000000000 [ 30.251539] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.252155] page dumped because: kasan: bad access detected [ 30.252827] [ 30.253248] Memory state around the buggy address: [ 30.254210] ffff888102b5bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.254645] ffff888102b5bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.255333] >ffff888102b5c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.255919] ^ [ 30.256403] ffff888102b5c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.257173] ffff888102b5c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.257788] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 30.266943] ================================================================== [ 30.267971] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.268580] Read of size 1 at addr ffff888101ac4240 by task kunit_try_catch/238 [ 30.269350] [ 30.269554] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.270478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.270931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.272123] Call Trace: [ 30.272436] <TASK> [ 30.272704] dump_stack_lvl+0x73/0xb0 [ 30.273586] print_report+0xd1/0x640 [ 30.273984] ? __virt_addr_valid+0x1db/0x2d0 [ 30.274558] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.275084] kasan_report+0x102/0x140 [ 30.275501] ? mempool_uaf_helper+0x394/0x400 [ 30.275886] ? mempool_uaf_helper+0x394/0x400 [ 30.276363] __asan_report_load1_noabort+0x18/0x20 [ 30.277123] mempool_uaf_helper+0x394/0x400 [ 30.277581] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.278166] ? irqentry_exit+0x2a/0x60 [ 30.278643] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 30.279473] mempool_slab_uaf+0xae/0x100 [ 30.280117] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 30.280706] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 30.281509] ? __pfx_mempool_free_slab+0x10/0x10 [ 30.281931] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 30.282622] kunit_try_run_case+0x1b3/0x490 [ 30.283223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.283795] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.284517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.285260] ? __kthread_parkme+0x82/0x160 [ 30.285643] ? preempt_count_sub+0x50/0x80 [ 30.286259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.286748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.287238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.287933] kthread+0x257/0x310 [ 30.288450] ? __pfx_kthread+0x10/0x10 [ 30.288807] ret_from_fork+0x41/0x80 [ 30.289528] ? __pfx_kthread+0x10/0x10 [ 30.289954] ret_from_fork_asm+0x1a/0x30 [ 30.290472] </TASK> [ 30.290720] [ 30.290943] Allocated by task 238: [ 30.291333] kasan_save_stack+0x3d/0x60 [ 30.291915] kasan_save_track+0x18/0x40 [ 30.292321] kasan_save_alloc_info+0x3b/0x50 [ 30.292839] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 30.293587] remove_element+0x11e/0x190 [ 30.294215] mempool_alloc_preallocated+0x4d/0x90 [ 30.294649] mempool_uaf_helper+0x97/0x400 [ 30.295451] mempool_slab_uaf+0xae/0x100 [ 30.295986] kunit_try_run_case+0x1b3/0x490 [ 30.296597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.297223] kthread+0x257/0x310 [ 30.297631] ret_from_fork+0x41/0x80 [ 30.298141] ret_from_fork_asm+0x1a/0x30 [ 30.298477] [ 30.298857] Freed by task 238: [ 30.299239] kasan_save_stack+0x3d/0x60 [ 30.299676] kasan_save_track+0x18/0x40 [ 30.300360] kasan_save_free_info+0x3f/0x60 [ 30.300886] __kasan_mempool_poison_object+0x131/0x1d0 [ 30.301473] mempool_free+0x2ec/0x380 [ 30.301968] mempool_uaf_helper+0x11b/0x400 [ 30.302308] mempool_slab_uaf+0xae/0x100 [ 30.302825] kunit_try_run_case+0x1b3/0x490 [ 30.303331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.303936] kthread+0x257/0x310 [ 30.304367] ret_from_fork+0x41/0x80 [ 30.304648] ret_from_fork_asm+0x1a/0x30 [ 30.305288] [ 30.305551] The buggy address belongs to the object at ffff888101ac4240 [ 30.305551] which belongs to the cache test_cache of size 123 [ 30.306766] The buggy address is located 0 bytes inside of [ 30.306766] freed 123-byte region [ffff888101ac4240, ffff888101ac42bb) [ 30.307741] [ 30.307964] The buggy address belongs to the physical page: [ 30.308663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac4 [ 30.309547] flags: 0x200000000000000(node=0|zone=2) [ 30.310086] page_type: f5(slab) [ 30.310351] raw: 0200000000000000 ffff888101abe280 dead000000000122 0000000000000000 [ 30.311523] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 30.313028] page dumped because: kasan: bad access detected [ 30.313646] [ 30.313785] Memory state around the buggy address: [ 30.314658] ffff888101ac4100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.315978] ffff888101ac4180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.316928] >ffff888101ac4200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 30.318116] ^ [ 30.318521] ffff888101ac4280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.319552] ffff888101ac4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.320755] ================================================================== [ 30.142458] ================================================================== [ 30.144126] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 30.145588] Read of size 1 at addr ffff888102a0ca00 by task kunit_try_catch/234 [ 30.146380] [ 30.146613] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.147639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.148279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.149213] Call Trace: [ 30.149517] <TASK> [ 30.149764] dump_stack_lvl+0x73/0xb0 [ 30.150437] print_report+0xd1/0x640 [ 30.151357] ? __virt_addr_valid+0x1db/0x2d0 [ 30.151722] ? kasan_complete_mode_report_info+0x64/0x200 [ 30.152930] kasan_report+0x102/0x140 [ 30.153443] ? mempool_uaf_helper+0x394/0x400 [ 30.153930] ? mempool_uaf_helper+0x394/0x400 [ 30.154925] __asan_report_load1_noabort+0x18/0x20 [ 30.155606] mempool_uaf_helper+0x394/0x400 [ 30.156277] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 30.156502] ? ret_from_fork+0x41/0x80 [ 30.156722] ? kthread+0x257/0x310 [ 30.157017] ? ret_from_fork_asm+0x1a/0x30 [ 30.158460] ? ret_from_fork_asm+0x1a/0x30 [ 30.159202] mempool_kmalloc_uaf+0xb3/0x100 [ 30.159876] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 30.160612] ? __switch_to+0x5d9/0xf60 [ 30.161366] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.161849] ? __pfx_mempool_kfree+0x10/0x10 [ 30.162694] ? __pfx_read_tsc+0x10/0x10 [ 30.164027] ? ktime_get_ts64+0x86/0x230 [ 30.164493] kunit_try_run_case+0x1b3/0x490 [ 30.165739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.166630] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.167233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.167947] ? __kthread_parkme+0x82/0x160 [ 30.168581] ? preempt_count_sub+0x50/0x80 [ 30.169305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.169529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.170217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.171378] kthread+0x257/0x310 [ 30.171796] ? __pfx_kthread+0x10/0x10 [ 30.172253] ret_from_fork+0x41/0x80 [ 30.172608] ? __pfx_kthread+0x10/0x10 [ 30.173076] ret_from_fork_asm+0x1a/0x30 [ 30.173468] </TASK> [ 30.174415] [ 30.174585] Allocated by task 234: [ 30.174888] kasan_save_stack+0x3d/0x60 [ 30.175934] kasan_save_track+0x18/0x40 [ 30.176763] kasan_save_alloc_info+0x3b/0x50 [ 30.177037] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 30.178165] remove_element+0x11e/0x190 [ 30.179030] mempool_alloc_preallocated+0x4d/0x90 [ 30.180009] mempool_uaf_helper+0x97/0x400 [ 30.180503] mempool_kmalloc_uaf+0xb3/0x100 [ 30.181449] kunit_try_run_case+0x1b3/0x490 [ 30.181851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.182503] kthread+0x257/0x310 [ 30.182816] ret_from_fork+0x41/0x80 [ 30.183283] ret_from_fork_asm+0x1a/0x30 [ 30.183666] [ 30.184867] Freed by task 234: [ 30.185191] kasan_save_stack+0x3d/0x60 [ 30.186167] kasan_save_track+0x18/0x40 [ 30.186814] kasan_save_free_info+0x3f/0x60 [ 30.187743] __kasan_mempool_poison_object+0x131/0x1d0 [ 30.188446] mempool_free+0x2ec/0x380 [ 30.189208] mempool_uaf_helper+0x11b/0x400 [ 30.189947] mempool_kmalloc_uaf+0xb3/0x100 [ 30.190441] kunit_try_run_case+0x1b3/0x490 [ 30.190855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.192300] kthread+0x257/0x310 [ 30.192648] ret_from_fork+0x41/0x80 [ 30.193452] ret_from_fork_asm+0x1a/0x30 [ 30.194433] [ 30.194665] The buggy address belongs to the object at ffff888102a0ca00 [ 30.194665] which belongs to the cache kmalloc-128 of size 128 [ 30.196220] The buggy address is located 0 bytes inside of [ 30.196220] freed 128-byte region [ffff888102a0ca00, ffff888102a0ca80) [ 30.197740] [ 30.197959] The buggy address belongs to the physical page: [ 30.198818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0c [ 30.200140] flags: 0x200000000000000(node=0|zone=2) [ 30.201410] page_type: f5(slab) [ 30.201762] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.202618] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.203763] page dumped because: kasan: bad access detected [ 30.204646] [ 30.204805] Memory state around the buggy address: [ 30.205881] ffff888102a0c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.207092] ffff888102a0c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.207731] >ffff888102a0ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.208859] ^ [ 30.209224] ffff888102a0ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.209836] ffff888102a0cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.211302] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 30.078110] ================================================================== [ 30.079363] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 30.080343] Read of size 1 at addr ffff888101ac22bb by task kunit_try_catch/232 [ 30.081506] [ 30.081807] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.083202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.083629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.084579] Call Trace: [ 30.085041] <TASK> [ 30.085377] dump_stack_lvl+0x73/0xb0 [ 30.085847] print_report+0xd1/0x640 [ 30.086228] ? __virt_addr_valid+0x1db/0x2d0 [ 30.086873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.087531] kasan_report+0x102/0x140 [ 30.087934] ? mempool_oob_right_helper+0x31a/0x380 [ 30.088844] ? mempool_oob_right_helper+0x31a/0x380 [ 30.089513] __asan_report_load1_noabort+0x18/0x20 [ 30.090315] mempool_oob_right_helper+0x31a/0x380 [ 30.091162] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 30.091743] mempool_slab_oob_right+0xb1/0x100 [ 30.092373] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 30.092956] ? __switch_to+0x5d9/0xf60 [ 30.093840] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 30.094473] ? __pfx_mempool_free_slab+0x10/0x10 [ 30.095195] ? __pfx_read_tsc+0x10/0x10 [ 30.095972] ? ktime_get_ts64+0x86/0x230 [ 30.096873] kunit_try_run_case+0x1b3/0x490 [ 30.097283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.097793] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.098320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.099321] ? __kthread_parkme+0x82/0x160 [ 30.099735] ? preempt_count_sub+0x50/0x80 [ 30.100426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.101355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.102002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.102966] kthread+0x257/0x310 [ 30.103500] ? __pfx_kthread+0x10/0x10 [ 30.104097] ret_from_fork+0x41/0x80 [ 30.104601] ? __pfx_kthread+0x10/0x10 [ 30.105091] ret_from_fork_asm+0x1a/0x30 [ 30.105486] </TASK> [ 30.106409] [ 30.106590] Allocated by task 232: [ 30.107275] kasan_save_stack+0x3d/0x60 [ 30.107622] kasan_save_track+0x18/0x40 [ 30.108421] kasan_save_alloc_info+0x3b/0x50 [ 30.108908] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 30.109724] remove_element+0x11e/0x190 [ 30.110291] mempool_alloc_preallocated+0x4d/0x90 [ 30.111206] mempool_oob_right_helper+0x8b/0x380 [ 30.111705] mempool_slab_oob_right+0xb1/0x100 [ 30.112356] kunit_try_run_case+0x1b3/0x490 [ 30.113087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.113708] kthread+0x257/0x310 [ 30.114185] ret_from_fork+0x41/0x80 [ 30.114655] ret_from_fork_asm+0x1a/0x30 [ 30.115574] [ 30.116183] The buggy address belongs to the object at ffff888101ac2240 [ 30.116183] which belongs to the cache test_cache of size 123 [ 30.117494] The buggy address is located 0 bytes to the right of [ 30.117494] allocated 123-byte region [ffff888101ac2240, ffff888101ac22bb) [ 30.119207] [ 30.119382] The buggy address belongs to the physical page: [ 30.120412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ac2 [ 30.121345] flags: 0x200000000000000(node=0|zone=2) [ 30.121910] page_type: f5(slab) [ 30.122663] raw: 0200000000000000 ffff888101abe140 dead000000000122 0000000000000000 [ 30.123420] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 30.124574] page dumped because: kasan: bad access detected [ 30.125334] [ 30.125571] Memory state around the buggy address: [ 30.126596] ffff888101ac2180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.127374] ffff888101ac2200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 30.128261] >ffff888101ac2280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 30.129064] ^ [ 30.129371] ffff888101ac2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.130192] ffff888101ac2380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.131322] ================================================================== [ 30.024166] ================================================================== [ 30.025457] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 30.026496] Read of size 1 at addr ffff8881027be001 by task kunit_try_catch/230 [ 30.027227] [ 30.027554] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 30.028852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.029409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.030918] Call Trace: [ 30.031254] <TASK> [ 30.031627] dump_stack_lvl+0x73/0xb0 [ 30.032120] print_report+0xd1/0x640 [ 30.032612] ? __virt_addr_valid+0x1db/0x2d0 [ 30.033266] ? kasan_addr_to_slab+0x11/0xa0 [ 30.033760] kasan_report+0x102/0x140 [ 30.034371] ? mempool_oob_right_helper+0x31a/0x380 [ 30.035075] ? mempool_oob_right_helper+0x31a/0x380 [ 30.036072] __asan_report_load1_noabort+0x18/0x20 [ 30.036702] mempool_oob_right_helper+0x31a/0x380 [ 30.037283] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 30.037794] ? finish_task_switch.isra.0+0x153/0x700 [ 30.038719] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 30.039313] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 30.040231] ? __switch_to+0x5d9/0xf60 [ 30.040637] ? __pfx_mempool_kmalloc+0x10/0x10 [ 30.041362] ? __pfx_mempool_kfree+0x10/0x10 [ 30.041996] ? __pfx_read_tsc+0x10/0x10 [ 30.042651] ? ktime_get_ts64+0x86/0x230 [ 30.043600] kunit_try_run_case+0x1b3/0x490 [ 30.044310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.044893] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.045563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.046251] ? __kthread_parkme+0x82/0x160 [ 30.046737] ? preempt_count_sub+0x50/0x80 [ 30.047456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.048308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.049050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.049769] kthread+0x257/0x310 [ 30.050379] ? __pfx_kthread+0x10/0x10 [ 30.051112] ret_from_fork+0x41/0x80 [ 30.051525] ? __pfx_kthread+0x10/0x10 [ 30.052070] ret_from_fork_asm+0x1a/0x30 [ 30.052895] </TASK> [ 30.053361] [ 30.053590] The buggy address belongs to the physical page: [ 30.054366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027bc [ 30.055155] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.056219] flags: 0x200000000000040(head|node=0|zone=2) [ 30.057040] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.057887] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.058911] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.059778] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.060709] head: 0200000000000002 ffffea000409ef01 ffffffffffffffff 0000000000000000 [ 30.061667] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 30.062548] page dumped because: kasan: bad access detected [ 30.063107] [ 30.063459] Memory state around the buggy address: [ 30.064281] ffff8881027bdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.065247] ffff8881027bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.065893] >ffff8881027be000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.066973] ^ [ 30.067450] ffff8881027be080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.068557] ffff8881027be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.069321] ================================================================== [ 29.963737] ================================================================== [ 29.965015] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 29.965768] Read of size 1 at addr ffff888102a0c373 by task kunit_try_catch/228 [ 29.966389] [ 29.966713] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 29.967939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.968700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.969902] Call Trace: [ 29.970604] <TASK> [ 29.971285] dump_stack_lvl+0x73/0xb0 [ 29.971852] print_report+0xd1/0x640 [ 29.972286] ? __virt_addr_valid+0x1db/0x2d0 [ 29.973263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.973779] kasan_report+0x102/0x140 [ 29.974484] ? mempool_oob_right_helper+0x31a/0x380 [ 29.975165] ? mempool_oob_right_helper+0x31a/0x380 [ 29.975649] __asan_report_load1_noabort+0x18/0x20 [ 29.976219] mempool_oob_right_helper+0x31a/0x380 [ 29.977235] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 29.977894] ? finish_task_switch.isra.0+0x153/0x700 [ 29.978635] mempool_kmalloc_oob_right+0xb6/0x100 [ 29.979315] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 29.980114] ? __switch_to+0x5d9/0xf60 [ 29.980613] ? __pfx_mempool_kmalloc+0x10/0x10 [ 29.981405] ? __pfx_mempool_kfree+0x10/0x10 [ 29.982113] ? __pfx_read_tsc+0x10/0x10 [ 29.982530] ? ktime_get_ts64+0x86/0x230 [ 29.983175] kunit_try_run_case+0x1b3/0x490 [ 29.983747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.984662] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.985367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.986296] ? __kthread_parkme+0x82/0x160 [ 29.986750] ? preempt_count_sub+0x50/0x80 [ 29.987429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.988129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.988882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.989489] kthread+0x257/0x310 [ 29.990084] ? __pfx_kthread+0x10/0x10 [ 29.990454] ret_from_fork+0x41/0x80 [ 29.990940] ? __pfx_kthread+0x10/0x10 [ 29.991296] ret_from_fork_asm+0x1a/0x30 [ 29.991789] </TASK> [ 29.992071] [ 29.992332] Allocated by task 228: [ 29.992901] kasan_save_stack+0x3d/0x60 [ 29.993465] kasan_save_track+0x18/0x40 [ 29.993998] kasan_save_alloc_info+0x3b/0x50 [ 29.995623] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 29.996217] remove_element+0x11e/0x190 [ 29.996760] mempool_alloc_preallocated+0x4d/0x90 [ 29.997283] mempool_oob_right_helper+0x8b/0x380 [ 29.997977] mempool_kmalloc_oob_right+0xb6/0x100 [ 29.998756] kunit_try_run_case+0x1b3/0x490 [ 29.999639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.000587] kthread+0x257/0x310 [ 30.000930] ret_from_fork+0x41/0x80 [ 30.001377] ret_from_fork_asm+0x1a/0x30 [ 30.001762] [ 30.001964] The buggy address belongs to the object at ffff888102a0c300 [ 30.001964] which belongs to the cache kmalloc-128 of size 128 [ 30.003351] The buggy address is located 0 bytes to the right of [ 30.003351] allocated 115-byte region [ffff888102a0c300, ffff888102a0c373) [ 30.004515] [ 30.004907] The buggy address belongs to the physical page: [ 30.005907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0c [ 30.006720] flags: 0x200000000000000(node=0|zone=2) [ 30.007467] page_type: f5(slab) [ 30.007898] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 30.008730] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.009657] page dumped because: kasan: bad access detected [ 30.010485] [ 30.010774] Memory state around the buggy address: [ 30.011405] ffff888102a0c200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.012172] ffff888102a0c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.013038] >ffff888102a0c300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.013786] ^ [ 30.014571] ffff888102a0c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.015824] ffff888102a0c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.017063] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 29.345937] ================================================================== [ 29.346955] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 29.348357] Read of size 1 at addr ffff888101d408c0 by task kunit_try_catch/222 [ 29.349768] [ 29.350257] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 29.351198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.351781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.352629] Call Trace: [ 29.353309] <TASK> [ 29.353545] dump_stack_lvl+0x73/0xb0 [ 29.354087] print_report+0xd1/0x640 [ 29.354645] ? __virt_addr_valid+0x1db/0x2d0 [ 29.355558] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.356074] kasan_report+0x102/0x140 [ 29.356641] ? kmem_cache_double_destroy+0x1bd/0x380 [ 29.357746] ? kmem_cache_double_destroy+0x1bd/0x380 [ 29.358593] ? kmem_cache_double_destroy+0x1bd/0x380 [ 29.359448] __kasan_check_byte+0x3d/0x50 [ 29.359991] kmem_cache_destroy+0x25/0x1d0 [ 29.360425] kmem_cache_double_destroy+0x1bd/0x380 [ 29.360968] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 29.361711] ? finish_task_switch.isra.0+0x153/0x700 [ 29.362171] ? __switch_to+0x5d9/0xf60 [ 29.363019] ? __pfx_empty_cache_ctor+0x10/0x10 [ 29.363887] ? __pfx_read_tsc+0x10/0x10 [ 29.364459] ? ktime_get_ts64+0x86/0x230 [ 29.365294] kunit_try_run_case+0x1b3/0x490 [ 29.365904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.366475] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.367249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.367837] ? __kthread_parkme+0x82/0x160 [ 29.368660] ? preempt_count_sub+0x50/0x80 [ 29.369250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.369927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.370485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.371090] kthread+0x257/0x310 [ 29.371375] ? __pfx_kthread+0x10/0x10 [ 29.372094] ret_from_fork+0x41/0x80 [ 29.372763] ? __pfx_kthread+0x10/0x10 [ 29.373645] ret_from_fork_asm+0x1a/0x30 [ 29.374373] </TASK> [ 29.374566] [ 29.375315] Allocated by task 222: [ 29.375636] kasan_save_stack+0x3d/0x60 [ 29.376705] kasan_save_track+0x18/0x40 [ 29.377171] kasan_save_alloc_info+0x3b/0x50 [ 29.377977] __kasan_slab_alloc+0x91/0xa0 [ 29.378658] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.379199] __kmem_cache_create_args+0x177/0x250 [ 29.379718] kmem_cache_double_destroy+0xd3/0x380 [ 29.380614] kunit_try_run_case+0x1b3/0x490 [ 29.381230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.381762] kthread+0x257/0x310 [ 29.382288] ret_from_fork+0x41/0x80 [ 29.382724] ret_from_fork_asm+0x1a/0x30 [ 29.383280] [ 29.383538] Freed by task 222: [ 29.383990] kasan_save_stack+0x3d/0x60 [ 29.384317] kasan_save_track+0x18/0x40 [ 29.385471] kasan_save_free_info+0x3f/0x60 [ 29.385847] __kasan_slab_free+0x56/0x70 [ 29.386908] kmem_cache_free+0x120/0x420 [ 29.387916] slab_kmem_cache_release+0x2e/0x40 [ 29.388523] kmem_cache_release+0x16/0x20 [ 29.389354] kobject_put+0x181/0x450 [ 29.390608] sysfs_slab_release+0x16/0x20 [ 29.391538] kmem_cache_destroy+0xf0/0x1d0 [ 29.391829] kmem_cache_double_destroy+0x14c/0x380 [ 29.393338] kunit_try_run_case+0x1b3/0x490 [ 29.394305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.394780] kthread+0x257/0x310 [ 29.395035] ret_from_fork+0x41/0x80 [ 29.395512] ret_from_fork_asm+0x1a/0x30 [ 29.396507] [ 29.396747] The buggy address belongs to the object at ffff888101d408c0 [ 29.396747] which belongs to the cache kmem_cache of size 208 [ 29.398885] The buggy address is located 0 bytes inside of [ 29.398885] freed 208-byte region [ffff888101d408c0, ffff888101d40990) [ 29.399589] [ 29.399745] The buggy address belongs to the physical page: [ 29.400106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d40 [ 29.400811] flags: 0x200000000000000(node=0|zone=2) [ 29.401522] page_type: f5(slab) [ 29.402042] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 29.403337] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 29.404370] page dumped because: kasan: bad access detected [ 29.404913] [ 29.405050] Memory state around the buggy address: [ 29.405646] ffff888101d40780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.407159] ffff888101d40800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 29.407703] >ffff888101d40880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 29.409126] ^ [ 29.409655] ffff888101d40900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.410626] ffff888101d40980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.411792] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 29.268341] ================================================================== [ 29.269400] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.270116] Read of size 1 at addr ffff888101abc000 by task kunit_try_catch/220 [ 29.271075] [ 29.271292] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 29.272530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.272929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.273756] Call Trace: [ 29.274228] <TASK> [ 29.274450] dump_stack_lvl+0x73/0xb0 [ 29.274936] print_report+0xd1/0x640 [ 29.275203] ? __virt_addr_valid+0x1db/0x2d0 [ 29.275501] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.275910] kasan_report+0x102/0x140 [ 29.276183] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.276483] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.276988] __asan_report_load1_noabort+0x18/0x20 [ 29.277395] kmem_cache_rcu_uaf+0x3e5/0x510 [ 29.277854] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 29.278476] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 29.279207] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 29.279840] kunit_try_run_case+0x1b3/0x490 [ 29.280385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.280910] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.281243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.281953] ? __kthread_parkme+0x82/0x160 [ 29.282564] ? preempt_count_sub+0x50/0x80 [ 29.283215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.283994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.284703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.285273] kthread+0x257/0x310 [ 29.285963] ? __pfx_kthread+0x10/0x10 [ 29.286319] ret_from_fork+0x41/0x80 [ 29.286740] ? __pfx_kthread+0x10/0x10 [ 29.287173] ret_from_fork_asm+0x1a/0x30 [ 29.287615] </TASK> [ 29.288084] [ 29.288246] Allocated by task 220: [ 29.288497] kasan_save_stack+0x3d/0x60 [ 29.289028] kasan_save_track+0x18/0x40 [ 29.289405] kasan_save_alloc_info+0x3b/0x50 [ 29.290115] __kasan_slab_alloc+0x91/0xa0 [ 29.290615] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.291317] kmem_cache_rcu_uaf+0x156/0x510 [ 29.291722] kunit_try_run_case+0x1b3/0x490 [ 29.292224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.293002] kthread+0x257/0x310 [ 29.293512] ret_from_fork+0x41/0x80 [ 29.294107] ret_from_fork_asm+0x1a/0x30 [ 29.294393] [ 29.294549] Freed by task 0: [ 29.295102] kasan_save_stack+0x3d/0x60 [ 29.295945] kasan_save_track+0x18/0x40 [ 29.296440] kasan_save_free_info+0x3f/0x60 [ 29.297132] __kasan_slab_free+0x56/0x70 [ 29.297500] slab_free_after_rcu_debug+0xe4/0x310 [ 29.298305] rcu_core+0x680/0x1d70 [ 29.298673] rcu_core_si+0x12/0x20 [ 29.299296] handle_softirqs+0x209/0x720 [ 29.299835] __irq_exit_rcu+0xc9/0x110 [ 29.300244] irq_exit_rcu+0x12/0x20 [ 29.300606] sysvec_apic_timer_interrupt+0x81/0x90 [ 29.301116] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 29.301590] [ 29.301918] Last potentially related work creation: [ 29.302222] kasan_save_stack+0x3d/0x60 [ 29.302499] kasan_record_aux_stack+0xb2/0xc0 [ 29.303196] kmem_cache_free+0x284/0x420 [ 29.303721] kmem_cache_rcu_uaf+0x195/0x510 [ 29.304213] kunit_try_run_case+0x1b3/0x490 [ 29.304517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.305310] kthread+0x257/0x310 [ 29.305881] ret_from_fork+0x41/0x80 [ 29.306283] ret_from_fork_asm+0x1a/0x30 [ 29.306733] [ 29.307256] The buggy address belongs to the object at ffff888101abc000 [ 29.307256] which belongs to the cache test_cache of size 200 [ 29.308217] The buggy address is located 0 bytes inside of [ 29.308217] freed 200-byte region [ffff888101abc000, ffff888101abc0c8) [ 29.309669] [ 29.309994] The buggy address belongs to the physical page: [ 29.310587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abc [ 29.311368] flags: 0x200000000000000(node=0|zone=2) [ 29.312049] page_type: f5(slab) [ 29.312381] raw: 0200000000000000 ffff8881011e5dc0 dead000000000122 0000000000000000 [ 29.313108] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 29.313936] page dumped because: kasan: bad access detected [ 29.314503] [ 29.314799] Memory state around the buggy address: [ 29.315256] ffff888101abbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.315948] ffff888101abbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.316676] >ffff888101abc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.317319] ^ [ 29.317822] ffff888101abc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 29.318656] ffff888101abc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.319385] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 29.173351] ================================================================== [ 29.174915] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 29.175901] Free of addr ffff888102a06001 by task kunit_try_catch/218 [ 29.176476] [ 29.176801] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 29.177613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.177907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.179307] Call Trace: [ 29.179766] <TASK> [ 29.180072] dump_stack_lvl+0x73/0xb0 [ 29.180588] print_report+0xd1/0x640 [ 29.181180] ? __virt_addr_valid+0x1db/0x2d0 [ 29.181864] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.182921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.183881] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.184622] kasan_report_invalid_free+0xc0/0xf0 [ 29.185540] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.186276] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.186656] check_slab_allocation+0x11f/0x130 [ 29.187263] __kasan_slab_pre_free+0x28/0x40 [ 29.187716] kmem_cache_free+0xee/0x420 [ 29.188555] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.189103] ? kmem_cache_invalid_free+0x1d9/0x470 [ 29.189676] kmem_cache_invalid_free+0x1d9/0x470 [ 29.190369] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 29.191126] ? finish_task_switch.isra.0+0x153/0x700 [ 29.191573] ? __switch_to+0x5d9/0xf60 [ 29.192354] ? __pfx_read_tsc+0x10/0x10 [ 29.192770] ? ktime_get_ts64+0x86/0x230 [ 29.193332] kunit_try_run_case+0x1b3/0x490 [ 29.193741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.194349] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.194826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.195310] ? __kthread_parkme+0x82/0x160 [ 29.195758] ? preempt_count_sub+0x50/0x80 [ 29.196336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.197390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.198125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.198677] kthread+0x257/0x310 [ 29.199243] ? __pfx_kthread+0x10/0x10 [ 29.199667] ret_from_fork+0x41/0x80 [ 29.200470] ? __pfx_kthread+0x10/0x10 [ 29.200974] ret_from_fork_asm+0x1a/0x30 [ 29.201585] </TASK> [ 29.202149] [ 29.202455] Allocated by task 218: [ 29.202844] kasan_save_stack+0x3d/0x60 [ 29.203449] kasan_save_track+0x18/0x40 [ 29.203918] kasan_save_alloc_info+0x3b/0x50 [ 29.204798] __kasan_slab_alloc+0x91/0xa0 [ 29.205426] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.205739] kmem_cache_invalid_free+0x158/0x470 [ 29.206438] kunit_try_run_case+0x1b3/0x490 [ 29.207280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.208017] kthread+0x257/0x310 [ 29.208952] ret_from_fork+0x41/0x80 [ 29.209462] ret_from_fork_asm+0x1a/0x30 [ 29.209882] [ 29.210214] The buggy address belongs to the object at ffff888102a06000 [ 29.210214] which belongs to the cache test_cache of size 200 [ 29.212514] The buggy address is located 1 bytes inside of [ 29.212514] 200-byte region [ffff888102a06000, ffff888102a060c8) [ 29.214502] [ 29.214844] The buggy address belongs to the physical page: [ 29.215591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a06 [ 29.216230] flags: 0x200000000000000(node=0|zone=2) [ 29.216636] page_type: f5(slab) [ 29.217365] raw: 0200000000000000 ffff888101d40780 dead000000000122 0000000000000000 [ 29.217666] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 29.218460] page dumped because: kasan: bad access detected [ 29.219265] [ 29.219453] Memory state around the buggy address: [ 29.220071] ffff888102a05f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.221004] ffff888102a05f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.221752] >ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.222367] ^ [ 29.222943] ffff888102a06080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 29.223669] ffff888102a06100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.224402] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 29.111392] ================================================================== [ 29.112184] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 29.113077] Free of addr ffff888101aba000 by task kunit_try_catch/216 [ 29.113593] [ 29.114011] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 29.115225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.115830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.116728] Call Trace: [ 29.117014] <TASK> [ 29.117261] dump_stack_lvl+0x73/0xb0 [ 29.117808] print_report+0xd1/0x640 [ 29.118285] ? __virt_addr_valid+0x1db/0x2d0 [ 29.118871] ? kmem_cache_double_free+0x1e6/0x490 [ 29.119367] ? kasan_complete_mode_report_info+0x64/0x200 [ 29.120154] ? kmem_cache_double_free+0x1e6/0x490 [ 29.120755] kasan_report_invalid_free+0xc0/0xf0 [ 29.121260] ? kmem_cache_double_free+0x1e6/0x490 [ 29.121727] ? kmem_cache_double_free+0x1e6/0x490 [ 29.122302] check_slab_allocation+0x101/0x130 [ 29.122926] __kasan_slab_pre_free+0x28/0x40 [ 29.123484] kmem_cache_free+0xee/0x420 [ 29.124038] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.124532] ? kmem_cache_double_free+0x1e6/0x490 [ 29.125368] kmem_cache_double_free+0x1e6/0x490 [ 29.126175] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 29.126731] ? finish_task_switch.isra.0+0x153/0x700 [ 29.127290] ? __switch_to+0x5d9/0xf60 [ 29.127610] ? __pfx_read_tsc+0x10/0x10 [ 29.128443] ? ktime_get_ts64+0x86/0x230 [ 29.128979] kunit_try_run_case+0x1b3/0x490 [ 29.129548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.130143] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.130743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.131449] ? __kthread_parkme+0x82/0x160 [ 29.131930] ? preempt_count_sub+0x50/0x80 [ 29.132499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.133002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.133757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.134338] kthread+0x257/0x310 [ 29.134904] ? __pfx_kthread+0x10/0x10 [ 29.135266] ret_from_fork+0x41/0x80 [ 29.135706] ? __pfx_kthread+0x10/0x10 [ 29.136230] ret_from_fork_asm+0x1a/0x30 [ 29.136630] </TASK> [ 29.137056] [ 29.137302] Allocated by task 216: [ 29.137897] kasan_save_stack+0x3d/0x60 [ 29.138244] kasan_save_track+0x18/0x40 [ 29.138634] kasan_save_alloc_info+0x3b/0x50 [ 29.139241] __kasan_slab_alloc+0x91/0xa0 [ 29.139744] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.140278] kmem_cache_double_free+0x150/0x490 [ 29.140904] kunit_try_run_case+0x1b3/0x490 [ 29.141351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.142046] kthread+0x257/0x310 [ 29.142436] ret_from_fork+0x41/0x80 [ 29.142971] ret_from_fork_asm+0x1a/0x30 [ 29.143435] [ 29.143721] Freed by task 216: [ 29.144036] kasan_save_stack+0x3d/0x60 [ 29.144612] kasan_save_track+0x18/0x40 [ 29.145092] kasan_save_free_info+0x3f/0x60 [ 29.145546] __kasan_slab_free+0x56/0x70 [ 29.145974] kmem_cache_free+0x120/0x420 [ 29.146423] kmem_cache_double_free+0x16b/0x490 [ 29.147041] kunit_try_run_case+0x1b3/0x490 [ 29.147486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.148124] kthread+0x257/0x310 [ 29.148571] ret_from_fork+0x41/0x80 [ 29.149063] ret_from_fork_asm+0x1a/0x30 [ 29.149512] [ 29.149820] The buggy address belongs to the object at ffff888101aba000 [ 29.149820] which belongs to the cache test_cache of size 200 [ 29.150958] The buggy address is located 0 bytes inside of [ 29.150958] 200-byte region [ffff888101aba000, ffff888101aba0c8) [ 29.152026] [ 29.152256] The buggy address belongs to the physical page: [ 29.152755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aba [ 29.153411] flags: 0x200000000000000(node=0|zone=2) [ 29.154146] page_type: f5(slab) [ 29.154458] raw: 0200000000000000 ffff8881011e5c80 dead000000000122 0000000000000000 [ 29.155222] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 29.156013] page dumped because: kasan: bad access detected [ 29.156654] [ 29.156947] Memory state around the buggy address: [ 29.157482] ffff888101ab9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.158233] ffff888101ab9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.158831] >ffff888101aba000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.159491] ^ [ 29.160043] ffff888101aba080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 29.160727] ffff888101aba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.161426] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 29.039719] ================================================================== [ 29.040741] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 29.041360] Read of size 1 at addr ffff888101ab90c8 by task kunit_try_catch/214 [ 29.042158] [ 29.042706] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 29.043553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.044366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.045092] Call Trace: [ 29.045360] <TASK> [ 29.045621] dump_stack_lvl+0x73/0xb0 [ 29.046110] print_report+0xd1/0x640 [ 29.046495] ? __virt_addr_valid+0x1db/0x2d0 [ 29.047286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.048109] kasan_report+0x102/0x140 [ 29.048446] ? kmem_cache_oob+0x404/0x530 [ 29.048936] ? kmem_cache_oob+0x404/0x530 [ 29.049293] __asan_report_load1_noabort+0x18/0x20 [ 29.050182] kmem_cache_oob+0x404/0x530 [ 29.050521] ? trace_hardirqs_on+0x37/0xe0 [ 29.051032] ? __pfx_kmem_cache_oob+0x10/0x10 [ 29.051729] ? finish_task_switch.isra.0+0x153/0x700 [ 29.052354] ? __switch_to+0x5d9/0xf60 [ 29.052845] ? __pfx_read_tsc+0x10/0x10 [ 29.053313] ? ktime_get_ts64+0x86/0x230 [ 29.053940] kunit_try_run_case+0x1b3/0x490 [ 29.054423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.055112] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.055555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.056056] ? __kthread_parkme+0x82/0x160 [ 29.056458] ? preempt_count_sub+0x50/0x80 [ 29.056927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.057464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.058222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.058872] kthread+0x257/0x310 [ 29.059213] ? __pfx_kthread+0x10/0x10 [ 29.059550] ret_from_fork+0x41/0x80 [ 29.059989] ? __pfx_kthread+0x10/0x10 [ 29.060446] ret_from_fork_asm+0x1a/0x30 [ 29.060978] </TASK> [ 29.061281] [ 29.061458] Allocated by task 214: [ 29.061954] kasan_save_stack+0x3d/0x60 [ 29.062256] kasan_save_track+0x18/0x40 [ 29.062620] kasan_save_alloc_info+0x3b/0x50 [ 29.063205] __kasan_slab_alloc+0x91/0xa0 [ 29.063582] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 29.064115] kmem_cache_oob+0x158/0x530 [ 29.064617] kunit_try_run_case+0x1b3/0x490 [ 29.065195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.065622] kthread+0x257/0x310 [ 29.066077] ret_from_fork+0x41/0x80 [ 29.066540] ret_from_fork_asm+0x1a/0x30 [ 29.067001] [ 29.067187] The buggy address belongs to the object at ffff888101ab9000 [ 29.067187] which belongs to the cache test_cache of size 200 [ 29.068218] The buggy address is located 0 bytes to the right of [ 29.068218] allocated 200-byte region [ffff888101ab9000, ffff888101ab90c8) [ 29.069425] [ 29.069697] The buggy address belongs to the physical page: [ 29.070087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab9 [ 29.071011] flags: 0x200000000000000(node=0|zone=2) [ 29.071488] page_type: f5(slab) [ 29.072508] raw: 0200000000000000 ffff8881011e5b40 dead000000000122 0000000000000000 [ 29.073133] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 29.073749] page dumped because: kasan: bad access detected [ 29.074286] [ 29.074461] Memory state around the buggy address: [ 29.075489] ffff888101ab8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.076136] ffff888101ab9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.076723] >ffff888101ab9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 29.077324] ^ [ 29.077968] ffff888101ab9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.078448] ffff888101ab9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.079085] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 28.967523] ================================================================== [ 28.968374] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 28.968817] Read of size 8 at addr ffff888101ab1b40 by task kunit_try_catch/207 [ 28.970300] [ 28.970582] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.971941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.972369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.973992] Call Trace: [ 28.974389] <TASK> [ 28.975099] dump_stack_lvl+0x73/0xb0 [ 28.975493] print_report+0xd1/0x640 [ 28.975916] ? __virt_addr_valid+0x1db/0x2d0 [ 28.976975] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.977638] kasan_report+0x102/0x140 [ 28.978363] ? workqueue_uaf+0x4d8/0x560 [ 28.978796] ? workqueue_uaf+0x4d8/0x560 [ 28.979449] __asan_report_load8_noabort+0x18/0x20 [ 28.980400] workqueue_uaf+0x4d8/0x560 [ 28.980605] ? __pfx_workqueue_uaf+0x10/0x10 [ 28.981313] ? __schedule+0xc70/0x27e0 [ 28.981862] ? __pfx_read_tsc+0x10/0x10 [ 28.982214] ? ktime_get_ts64+0x86/0x230 [ 28.982561] kunit_try_run_case+0x1b3/0x490 [ 28.983343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.983928] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.984421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.984967] ? __kthread_parkme+0x82/0x160 [ 28.985513] ? preempt_count_sub+0x50/0x80 [ 28.986113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.986595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.987410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.987876] kthread+0x257/0x310 [ 28.988488] ? __pfx_kthread+0x10/0x10 [ 28.989111] ret_from_fork+0x41/0x80 [ 28.989583] ? __pfx_kthread+0x10/0x10 [ 28.990032] ret_from_fork_asm+0x1a/0x30 [ 28.990360] </TASK> [ 28.990666] [ 28.990957] Allocated by task 207: [ 28.991342] kasan_save_stack+0x3d/0x60 [ 28.991964] kasan_save_track+0x18/0x40 [ 28.992471] kasan_save_alloc_info+0x3b/0x50 [ 28.992953] __kasan_kmalloc+0xb7/0xc0 [ 28.993509] __kmalloc_cache_noprof+0x184/0x410 [ 28.994182] workqueue_uaf+0x153/0x560 [ 28.994524] kunit_try_run_case+0x1b3/0x490 [ 28.995105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.995733] kthread+0x257/0x310 [ 28.996180] ret_from_fork+0x41/0x80 [ 28.996625] ret_from_fork_asm+0x1a/0x30 [ 28.997295] [ 28.997469] Freed by task 9: [ 28.997883] kasan_save_stack+0x3d/0x60 [ 28.998370] kasan_save_track+0x18/0x40 [ 28.999255] kasan_save_free_info+0x3f/0x60 [ 28.999749] __kasan_slab_free+0x56/0x70 [ 29.000376] kfree+0x123/0x3f0 [ 29.000764] workqueue_uaf_work+0x12/0x20 [ 29.001379] process_one_work+0x5ee/0xf60 [ 29.001754] worker_thread+0x720/0x1300 [ 29.002491] kthread+0x257/0x310 [ 29.002857] ret_from_fork+0x41/0x80 [ 29.003262] ret_from_fork_asm+0x1a/0x30 [ 29.003787] [ 29.003997] Last potentially related work creation: [ 29.004492] kasan_save_stack+0x3d/0x60 [ 29.005188] kasan_record_aux_stack+0xb2/0xc0 [ 29.005500] __queue_work+0x626/0xe60 [ 29.005927] queue_work_on+0x74/0xa0 [ 29.006513] workqueue_uaf+0x26e/0x560 [ 29.007096] kunit_try_run_case+0x1b3/0x490 [ 29.007512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.007930] kthread+0x257/0x310 [ 29.008387] ret_from_fork+0x41/0x80 [ 29.008896] ret_from_fork_asm+0x1a/0x30 [ 29.009474] [ 29.009755] The buggy address belongs to the object at ffff888101ab1b40 [ 29.009755] which belongs to the cache kmalloc-32 of size 32 [ 29.010953] The buggy address is located 0 bytes inside of [ 29.010953] freed 32-byte region [ffff888101ab1b40, ffff888101ab1b60) [ 29.012457] [ 29.012718] The buggy address belongs to the physical page: [ 29.013276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab1 [ 29.014238] flags: 0x200000000000000(node=0|zone=2) [ 29.014869] page_type: f5(slab) [ 29.015229] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 29.015874] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.016521] page dumped because: kasan: bad access detected [ 29.017315] [ 29.017557] Memory state around the buggy address: [ 29.018233] ffff888101ab1a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.018870] ffff888101ab1a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.019707] >ffff888101ab1b00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 29.020418] ^ [ 29.021591] ffff888101ab1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.022213] ffff888101ab1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.022770] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 28.881177] ================================================================== [ 28.882543] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 28.883441] Read of size 4 at addr ffff888101ab1a80 by task swapper/0/0 [ 28.884479] [ 28.884666] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.885538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.886033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.887123] Call Trace: [ 28.887380] <IRQ> [ 28.887730] dump_stack_lvl+0x73/0xb0 [ 28.888458] print_report+0xd1/0x640 [ 28.888811] ? __virt_addr_valid+0x1db/0x2d0 [ 28.889437] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.890017] kasan_report+0x102/0x140 [ 28.890383] ? rcu_uaf_reclaim+0x50/0x60 [ 28.890964] ? rcu_uaf_reclaim+0x50/0x60 [ 28.891426] __asan_report_load4_noabort+0x18/0x20 [ 28.892087] rcu_uaf_reclaim+0x50/0x60 [ 28.892497] rcu_core+0x680/0x1d70 [ 28.893357] ? __pfx_rcu_core+0x10/0x10 [ 28.893700] rcu_core_si+0x12/0x20 [ 28.894804] handle_softirqs+0x209/0x720 [ 28.895524] ? hrtimer_interrupt+0x2fe/0x780 [ 28.896091] ? __pfx_handle_softirqs+0x10/0x10 [ 28.896449] __irq_exit_rcu+0xc9/0x110 [ 28.897240] irq_exit_rcu+0x12/0x20 [ 28.897843] sysvec_apic_timer_interrupt+0x81/0x90 [ 28.898431] </IRQ> [ 28.898677] <TASK> [ 28.898945] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 28.899925] RIP: 0010:default_idle+0xf/0x20 [ 28.900522] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 59 35 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 28.902480] RSP: 0000:ffffffff8e807df0 EFLAGS: 00010206 [ 28.903630] RAX: ffff88815b000000 RBX: ffffffff8e81a680 RCX: ffffffff8d505165 [ 28.904379] RDX: ffffed102b606b23 RSI: 0000000000000004 RDI: 0000000000072594 [ 28.905558] RBP: ffffffff8e807df8 R08: 0000000000000001 R09: ffffed102b606b22 [ 28.906361] R10: ffff88815b035913 R11: 0000000000000000 R12: 0000000000000000 [ 28.907300] R13: fffffbfff1d034d0 R14: ffffffff8f374a90 R15: 0000000000000000 [ 28.908281] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 28.908730] ? arch_cpu_idle+0xd/0x20 [ 28.909509] default_idle_call+0x48/0x80 [ 28.909976] do_idle+0x310/0x3c0 [ 28.910881] ? __pfx_do_idle+0x10/0x10 [ 28.911666] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.912343] ? trace_preempt_on+0x20/0xc0 [ 28.913090] ? schedule+0x86/0x310 [ 28.913527] ? preempt_count_sub+0x50/0x80 [ 28.913791] cpu_startup_entry+0x5c/0x70 [ 28.914662] rest_init+0x11a/0x140 [ 28.915093] ? acpi_subsystem_init+0x5d/0x150 [ 28.915571] start_kernel+0x320/0x400 [ 28.916458] x86_64_start_reservations+0x1c/0x30 [ 28.916973] x86_64_start_kernel+0xcf/0xe0 [ 28.917852] common_startup_64+0x12c/0x138 [ 28.918539] </TASK> [ 28.918998] [ 28.919190] Allocated by task 205: [ 28.919746] kasan_save_stack+0x3d/0x60 [ 28.920382] kasan_save_track+0x18/0x40 [ 28.920961] kasan_save_alloc_info+0x3b/0x50 [ 28.921419] __kasan_kmalloc+0xb7/0xc0 [ 28.922494] __kmalloc_cache_noprof+0x184/0x410 [ 28.922925] rcu_uaf+0xb1/0x330 [ 28.923229] kunit_try_run_case+0x1b3/0x490 [ 28.923917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.924585] kthread+0x257/0x310 [ 28.925243] ret_from_fork+0x41/0x80 [ 28.925954] ret_from_fork_asm+0x1a/0x30 [ 28.926592] [ 28.927246] Freed by task 0: [ 28.927922] kasan_save_stack+0x3d/0x60 [ 28.928573] kasan_save_track+0x18/0x40 [ 28.929179] kasan_save_free_info+0x3f/0x60 [ 28.929945] __kasan_slab_free+0x56/0x70 [ 28.930828] kfree+0x123/0x3f0 [ 28.931391] rcu_uaf_reclaim+0x1f/0x60 [ 28.932157] rcu_core+0x680/0x1d70 [ 28.932535] rcu_core_si+0x12/0x20 [ 28.933262] handle_softirqs+0x209/0x720 [ 28.933526] __irq_exit_rcu+0xc9/0x110 [ 28.934439] irq_exit_rcu+0x12/0x20 [ 28.934893] sysvec_apic_timer_interrupt+0x81/0x90 [ 28.935317] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 28.936187] [ 28.936472] Last potentially related work creation: [ 28.937045] kasan_save_stack+0x3d/0x60 [ 28.937899] kasan_record_aux_stack+0xb2/0xc0 [ 28.938841] __call_rcu_common.constprop.0+0x72/0xaa0 [ 28.939208] call_rcu+0x12/0x20 [ 28.939912] rcu_uaf+0x169/0x330 [ 28.940759] kunit_try_run_case+0x1b3/0x490 [ 28.941297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.941824] kthread+0x257/0x310 [ 28.942439] ret_from_fork+0x41/0x80 [ 28.942951] ret_from_fork_asm+0x1a/0x30 [ 28.943610] [ 28.944222] The buggy address belongs to the object at ffff888101ab1a80 [ 28.944222] which belongs to the cache kmalloc-32 of size 32 [ 28.945485] The buggy address is located 0 bytes inside of [ 28.945485] freed 32-byte region [ffff888101ab1a80, ffff888101ab1aa0) [ 28.946527] [ 28.947236] The buggy address belongs to the physical page: [ 28.947596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab1 [ 28.948645] flags: 0x200000000000000(node=0|zone=2) [ 28.949353] page_type: f5(slab) [ 28.949652] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 28.950848] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.951672] page dumped because: kasan: bad access detected [ 28.952299] [ 28.952512] Memory state around the buggy address: [ 28.953126] ffff888101ab1980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.953890] ffff888101ab1a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.954866] >ffff888101ab1a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 28.955457] ^ [ 28.955930] ffff888101ab1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.957385] ffff888101ab1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.957993] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 28.705559] ================================================================== [ 28.706948] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 28.707780] Read of size 1 at addr ffff888101ab2c00 by task kunit_try_catch/203 [ 28.709129] [ 28.709780] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.710654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.711412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.712503] Call Trace: [ 28.712646] <TASK> [ 28.713365] dump_stack_lvl+0x73/0xb0 [ 28.713659] print_report+0xd1/0x640 [ 28.714346] ? __virt_addr_valid+0x1db/0x2d0 [ 28.714715] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.715855] kasan_report+0x102/0x140 [ 28.716540] ? ksize_uaf+0x19e/0x6c0 [ 28.717019] ? ksize_uaf+0x19e/0x6c0 [ 28.717517] ? ksize_uaf+0x19e/0x6c0 [ 28.717905] __kasan_check_byte+0x3d/0x50 [ 28.718381] ksize+0x20/0x60 [ 28.718746] ksize_uaf+0x19e/0x6c0 [ 28.719160] ? __pfx_ksize_uaf+0x10/0x10 [ 28.720219] ? __schedule+0xc70/0x27e0 [ 28.720824] ? __pfx_read_tsc+0x10/0x10 [ 28.721362] ? ktime_get_ts64+0x86/0x230 [ 28.721965] kunit_try_run_case+0x1b3/0x490 [ 28.722647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.723523] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.724314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.724880] ? __kthread_parkme+0x82/0x160 [ 28.725570] ? preempt_count_sub+0x50/0x80 [ 28.726018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.726700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.727615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.728591] kthread+0x257/0x310 [ 28.728870] ? __pfx_kthread+0x10/0x10 [ 28.729369] ret_from_fork+0x41/0x80 [ 28.729986] ? __pfx_kthread+0x10/0x10 [ 28.730488] ret_from_fork_asm+0x1a/0x30 [ 28.731301] </TASK> [ 28.731520] [ 28.731824] Allocated by task 203: [ 28.732955] kasan_save_stack+0x3d/0x60 [ 28.733588] kasan_save_track+0x18/0x40 [ 28.734080] kasan_save_alloc_info+0x3b/0x50 [ 28.734711] __kasan_kmalloc+0xb7/0xc0 [ 28.735221] __kmalloc_cache_noprof+0x184/0x410 [ 28.736275] ksize_uaf+0xab/0x6c0 [ 28.736836] kunit_try_run_case+0x1b3/0x490 [ 28.737321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.738243] kthread+0x257/0x310 [ 28.738562] ret_from_fork+0x41/0x80 [ 28.738999] ret_from_fork_asm+0x1a/0x30 [ 28.739790] [ 28.740038] Freed by task 203: [ 28.740536] kasan_save_stack+0x3d/0x60 [ 28.741080] kasan_save_track+0x18/0x40 [ 28.741876] kasan_save_free_info+0x3f/0x60 [ 28.742478] __kasan_slab_free+0x56/0x70 [ 28.742993] kfree+0x123/0x3f0 [ 28.743830] ksize_uaf+0x12d/0x6c0 [ 28.744336] kunit_try_run_case+0x1b3/0x490 [ 28.744811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.745650] kthread+0x257/0x310 [ 28.745955] ret_from_fork+0x41/0x80 [ 28.746600] ret_from_fork_asm+0x1a/0x30 [ 28.747030] [ 28.747765] The buggy address belongs to the object at ffff888101ab2c00 [ 28.747765] which belongs to the cache kmalloc-128 of size 128 [ 28.748857] The buggy address is located 0 bytes inside of [ 28.748857] freed 128-byte region [ffff888101ab2c00, ffff888101ab2c80) [ 28.750291] [ 28.750477] The buggy address belongs to the physical page: [ 28.751477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 28.752397] flags: 0x200000000000000(node=0|zone=2) [ 28.753043] page_type: f5(slab) [ 28.753620] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.754502] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.755564] page dumped because: kasan: bad access detected [ 28.756489] [ 28.756778] Memory state around the buggy address: [ 28.757442] ffff888101ab2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.758368] ffff888101ab2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.759471] >ffff888101ab2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.760436] ^ [ 28.760802] ffff888101ab2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.761817] ffff888101ab2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.762538] ================================================================== [ 28.818458] ================================================================== [ 28.820026] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 28.821424] Read of size 1 at addr ffff888101ab2c78 by task kunit_try_catch/203 [ 28.822526] [ 28.822751] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.824455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.825469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.826926] Call Trace: [ 28.827362] <TASK> [ 28.827496] dump_stack_lvl+0x73/0xb0 [ 28.827711] print_report+0xd1/0x640 [ 28.828182] ? __virt_addr_valid+0x1db/0x2d0 [ 28.828662] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.829131] kasan_report+0x102/0x140 [ 28.829737] ? ksize_uaf+0x5e6/0x6c0 [ 28.830289] ? ksize_uaf+0x5e6/0x6c0 [ 28.830613] __asan_report_load1_noabort+0x18/0x20 [ 28.831248] ksize_uaf+0x5e6/0x6c0 [ 28.831675] ? __pfx_ksize_uaf+0x10/0x10 [ 28.832017] ? __schedule+0xc70/0x27e0 [ 28.832512] ? __pfx_read_tsc+0x10/0x10 [ 28.833095] ? ktime_get_ts64+0x86/0x230 [ 28.833713] kunit_try_run_case+0x1b3/0x490 [ 28.834468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.834973] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.835513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.836017] ? __kthread_parkme+0x82/0x160 [ 28.836463] ? preempt_count_sub+0x50/0x80 [ 28.837121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.837745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.838620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.839268] kthread+0x257/0x310 [ 28.839612] ? __pfx_kthread+0x10/0x10 [ 28.840105] ret_from_fork+0x41/0x80 [ 28.840507] ? __pfx_kthread+0x10/0x10 [ 28.841197] ret_from_fork_asm+0x1a/0x30 [ 28.841544] </TASK> [ 28.841924] [ 28.842487] Allocated by task 203: [ 28.842916] kasan_save_stack+0x3d/0x60 [ 28.843353] kasan_save_track+0x18/0x40 [ 28.843805] kasan_save_alloc_info+0x3b/0x50 [ 28.844307] __kasan_kmalloc+0xb7/0xc0 [ 28.844610] __kmalloc_cache_noprof+0x184/0x410 [ 28.845414] ksize_uaf+0xab/0x6c0 [ 28.845895] kunit_try_run_case+0x1b3/0x490 [ 28.846550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.847278] kthread+0x257/0x310 [ 28.847669] ret_from_fork+0x41/0x80 [ 28.848200] ret_from_fork_asm+0x1a/0x30 [ 28.848557] [ 28.848828] Freed by task 203: [ 28.849365] kasan_save_stack+0x3d/0x60 [ 28.849756] kasan_save_track+0x18/0x40 [ 28.850525] kasan_save_free_info+0x3f/0x60 [ 28.851157] __kasan_slab_free+0x56/0x70 [ 28.851561] kfree+0x123/0x3f0 [ 28.851930] ksize_uaf+0x12d/0x6c0 [ 28.852483] kunit_try_run_case+0x1b3/0x490 [ 28.852938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.853535] kthread+0x257/0x310 [ 28.853971] ret_from_fork+0x41/0x80 [ 28.854333] ret_from_fork_asm+0x1a/0x30 [ 28.855103] [ 28.855286] The buggy address belongs to the object at ffff888101ab2c00 [ 28.855286] which belongs to the cache kmalloc-128 of size 128 [ 28.856586] The buggy address is located 120 bytes inside of [ 28.856586] freed 128-byte region [ffff888101ab2c00, ffff888101ab2c80) [ 28.857962] [ 28.858537] The buggy address belongs to the physical page: [ 28.858954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 28.859915] flags: 0x200000000000000(node=0|zone=2) [ 28.860420] page_type: f5(slab) [ 28.860803] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.861755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.862752] page dumped because: kasan: bad access detected [ 28.863474] [ 28.863653] Memory state around the buggy address: [ 28.864305] ffff888101ab2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.865127] ffff888101ab2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.865758] >ffff888101ab2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.866456] ^ [ 28.867014] ffff888101ab2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.867587] ffff888101ab2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.868586] ================================================================== [ 28.763980] ================================================================== [ 28.764751] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 28.765514] Read of size 1 at addr ffff888101ab2c00 by task kunit_try_catch/203 [ 28.766224] [ 28.766412] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.768169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.769037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.770147] Call Trace: [ 28.770476] <TASK> [ 28.770676] dump_stack_lvl+0x73/0xb0 [ 28.771024] print_report+0xd1/0x640 [ 28.771929] ? __virt_addr_valid+0x1db/0x2d0 [ 28.772937] ? kasan_complete_mode_report_info+0x64/0x200 [ 28.773987] kasan_report+0x102/0x140 [ 28.774511] ? ksize_uaf+0x600/0x6c0 [ 28.775003] ? ksize_uaf+0x600/0x6c0 [ 28.775460] __asan_report_load1_noabort+0x18/0x20 [ 28.776306] ksize_uaf+0x600/0x6c0 [ 28.776593] ? __pfx_ksize_uaf+0x10/0x10 [ 28.777103] ? __schedule+0xc70/0x27e0 [ 28.777956] ? __pfx_read_tsc+0x10/0x10 [ 28.778357] ? ktime_get_ts64+0x86/0x230 [ 28.778964] kunit_try_run_case+0x1b3/0x490 [ 28.779539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.780402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.781260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.781812] ? __kthread_parkme+0x82/0x160 [ 28.782621] ? preempt_count_sub+0x50/0x80 [ 28.783245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.783830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.784445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.785305] kthread+0x257/0x310 [ 28.785750] ? __pfx_kthread+0x10/0x10 [ 28.786273] ret_from_fork+0x41/0x80 [ 28.786768] ? __pfx_kthread+0x10/0x10 [ 28.787250] ret_from_fork_asm+0x1a/0x30 [ 28.787989] </TASK> [ 28.788205] [ 28.788601] Allocated by task 203: [ 28.788882] kasan_save_stack+0x3d/0x60 [ 28.789462] kasan_save_track+0x18/0x40 [ 28.790058] kasan_save_alloc_info+0x3b/0x50 [ 28.790409] __kasan_kmalloc+0xb7/0xc0 [ 28.791148] __kmalloc_cache_noprof+0x184/0x410 [ 28.791725] ksize_uaf+0xab/0x6c0 [ 28.792537] kunit_try_run_case+0x1b3/0x490 [ 28.793028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.793927] kthread+0x257/0x310 [ 28.794454] ret_from_fork+0x41/0x80 [ 28.794893] ret_from_fork_asm+0x1a/0x30 [ 28.795460] [ 28.795622] Freed by task 203: [ 28.795920] kasan_save_stack+0x3d/0x60 [ 28.796408] kasan_save_track+0x18/0x40 [ 28.796822] kasan_save_free_info+0x3f/0x60 [ 28.797616] __kasan_slab_free+0x56/0x70 [ 28.798278] kfree+0x123/0x3f0 [ 28.798539] ksize_uaf+0x12d/0x6c0 [ 28.799003] kunit_try_run_case+0x1b3/0x490 [ 28.799707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.800562] kthread+0x257/0x310 [ 28.800945] ret_from_fork+0x41/0x80 [ 28.801222] ret_from_fork_asm+0x1a/0x30 [ 28.802018] [ 28.802626] The buggy address belongs to the object at ffff888101ab2c00 [ 28.802626] which belongs to the cache kmalloc-128 of size 128 [ 28.803853] The buggy address is located 0 bytes inside of [ 28.803853] freed 128-byte region [ffff888101ab2c00, ffff888101ab2c80) [ 28.804978] [ 28.805418] The buggy address belongs to the physical page: [ 28.805915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 28.806650] flags: 0x200000000000000(node=0|zone=2) [ 28.807575] page_type: f5(slab) [ 28.807993] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.808645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.809529] page dumped because: kasan: bad access detected [ 28.810200] [ 28.810533] Memory state around the buggy address: [ 28.811323] ffff888101ab2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.812357] ffff888101ab2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.812977] >ffff888101ab2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.814076] ^ [ 28.814760] ffff888101ab2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.815838] ffff888101ab2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.816965] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 28.601621] ================================================================== [ 28.603358] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.604725] Read of size 1 at addr ffff888101ab2b78 by task kunit_try_catch/201 [ 28.605448] [ 28.605627] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.606918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.607621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.608879] Call Trace: [ 28.609639] <TASK> [ 28.610235] dump_stack_lvl+0x73/0xb0 [ 28.610663] print_report+0xd1/0x640 [ 28.611081] ? __virt_addr_valid+0x1db/0x2d0 [ 28.611553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.612320] kasan_report+0x102/0x140 [ 28.613184] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.614484] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.615302] __asan_report_load1_noabort+0x18/0x20 [ 28.616283] ksize_unpoisons_memory+0x7eb/0x9b0 [ 28.616775] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.617598] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 28.618521] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.619272] kunit_try_run_case+0x1b3/0x490 [ 28.619730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.620247] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.620821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.621836] ? __kthread_parkme+0x82/0x160 [ 28.622457] ? preempt_count_sub+0x50/0x80 [ 28.622832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.623946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.624710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.625456] kthread+0x257/0x310 [ 28.626243] ? __pfx_kthread+0x10/0x10 [ 28.626882] ret_from_fork+0x41/0x80 [ 28.627950] ? __pfx_kthread+0x10/0x10 [ 28.628396] ret_from_fork_asm+0x1a/0x30 [ 28.628893] </TASK> [ 28.629400] [ 28.629763] Allocated by task 201: [ 28.630652] kasan_save_stack+0x3d/0x60 [ 28.630967] kasan_save_track+0x18/0x40 [ 28.631525] kasan_save_alloc_info+0x3b/0x50 [ 28.632388] __kasan_kmalloc+0xb7/0xc0 [ 28.632658] __kmalloc_cache_noprof+0x184/0x410 [ 28.633549] ksize_unpoisons_memory+0xc8/0x9b0 [ 28.634456] kunit_try_run_case+0x1b3/0x490 [ 28.635229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.636081] kthread+0x257/0x310 [ 28.636876] ret_from_fork+0x41/0x80 [ 28.637120] ret_from_fork_asm+0x1a/0x30 [ 28.637312] [ 28.637411] The buggy address belongs to the object at ffff888101ab2b00 [ 28.637411] which belongs to the cache kmalloc-128 of size 128 [ 28.638143] The buggy address is located 5 bytes to the right of [ 28.638143] allocated 115-byte region [ffff888101ab2b00, ffff888101ab2b73) [ 28.639287] [ 28.639535] The buggy address belongs to the physical page: [ 28.640134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 28.640642] flags: 0x200000000000000(node=0|zone=2) [ 28.641335] page_type: f5(slab) [ 28.641813] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.642455] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.643455] page dumped because: kasan: bad access detected [ 28.644059] [ 28.644322] Memory state around the buggy address: [ 28.644858] ffff888101ab2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.645457] ffff888101ab2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.645938] >ffff888101ab2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.647111] ^ [ 28.647912] ffff888101ab2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.648653] ffff888101ab2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.649451] ================================================================== [ 28.549532] ================================================================== [ 28.550655] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 28.551825] Read of size 1 at addr ffff888101ab2b73 by task kunit_try_catch/201 [ 28.552783] [ 28.553052] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.553640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.554128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.555512] Call Trace: [ 28.556003] <TASK> [ 28.556210] dump_stack_lvl+0x73/0xb0 [ 28.557037] print_report+0xd1/0x640 [ 28.557582] ? __virt_addr_valid+0x1db/0x2d0 [ 28.558477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.559508] kasan_report+0x102/0x140 [ 28.560232] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 28.560917] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 28.561591] __asan_report_load1_noabort+0x18/0x20 [ 28.562929] ksize_unpoisons_memory+0x81e/0x9b0 [ 28.563793] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.564524] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 28.565382] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.566294] kunit_try_run_case+0x1b3/0x490 [ 28.566932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.567594] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.568124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.569286] ? __kthread_parkme+0x82/0x160 [ 28.569651] ? preempt_count_sub+0x50/0x80 [ 28.570675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.571313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.572015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.572523] kthread+0x257/0x310 [ 28.573520] ? __pfx_kthread+0x10/0x10 [ 28.573870] ret_from_fork+0x41/0x80 [ 28.574400] ? __pfx_kthread+0x10/0x10 [ 28.575116] ret_from_fork_asm+0x1a/0x30 [ 28.575512] </TASK> [ 28.576348] [ 28.576525] Allocated by task 201: [ 28.576912] kasan_save_stack+0x3d/0x60 [ 28.577226] kasan_save_track+0x18/0x40 [ 28.577642] kasan_save_alloc_info+0x3b/0x50 [ 28.578736] __kasan_kmalloc+0xb7/0xc0 [ 28.579284] __kmalloc_cache_noprof+0x184/0x410 [ 28.579950] ksize_unpoisons_memory+0xc8/0x9b0 [ 28.580995] kunit_try_run_case+0x1b3/0x490 [ 28.581500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.582269] kthread+0x257/0x310 [ 28.582615] ret_from_fork+0x41/0x80 [ 28.583551] ret_from_fork_asm+0x1a/0x30 [ 28.583936] [ 28.584250] The buggy address belongs to the object at ffff888101ab2b00 [ 28.584250] which belongs to the cache kmalloc-128 of size 128 [ 28.585746] The buggy address is located 0 bytes to the right of [ 28.585746] allocated 115-byte region [ffff888101ab2b00, ffff888101ab2b73) [ 28.587224] [ 28.587636] The buggy address belongs to the physical page: [ 28.588665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 28.589583] flags: 0x200000000000000(node=0|zone=2) [ 28.590286] page_type: f5(slab) [ 28.590793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.591960] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.592578] page dumped because: kasan: bad access detected [ 28.593443] [ 28.593723] Memory state around the buggy address: [ 28.594426] ffff888101ab2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.595585] ffff888101ab2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.596398] >ffff888101ab2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.597671] ^ [ 28.598429] ffff888101ab2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.599455] ffff888101ab2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.600298] ================================================================== [ 28.650518] ================================================================== [ 28.651238] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.651718] Read of size 1 at addr ffff888101ab2b7f by task kunit_try_catch/201 [ 28.652666] [ 28.653014] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 28.654052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.654527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.655138] Call Trace: [ 28.655546] <TASK> [ 28.655944] dump_stack_lvl+0x73/0xb0 [ 28.656401] print_report+0xd1/0x640 [ 28.656700] ? __virt_addr_valid+0x1db/0x2d0 [ 28.657064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.657853] kasan_report+0x102/0x140 [ 28.658634] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.659331] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.659848] __asan_report_load1_noabort+0x18/0x20 [ 28.660187] ksize_unpoisons_memory+0x7b8/0x9b0 [ 28.660670] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.661497] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 28.662984] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 28.663569] kunit_try_run_case+0x1b3/0x490 [ 28.665413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.666248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.666725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.667463] ? __kthread_parkme+0x82/0x160 [ 28.668252] ? preempt_count_sub+0x50/0x80 [ 28.668984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.669571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.670485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.671156] kthread+0x257/0x310 [ 28.672214] ? __pfx_kthread+0x10/0x10 [ 28.672553] ret_from_fork+0x41/0x80 [ 28.673439] ? __pfx_kthread+0x10/0x10 [ 28.673631] ret_from_fork_asm+0x1a/0x30 [ 28.674021] </TASK> [ 28.674490] [ 28.674778] Allocated by task 201: [ 28.675575] kasan_save_stack+0x3d/0x60 [ 28.676514] kasan_save_track+0x18/0x40 [ 28.677159] kasan_save_alloc_info+0x3b/0x50 [ 28.678122] __kasan_kmalloc+0xb7/0xc0 [ 28.678472] __kmalloc_cache_noprof+0x184/0x410 [ 28.679542] ksize_unpoisons_memory+0xc8/0x9b0 [ 28.680010] kunit_try_run_case+0x1b3/0x490 [ 28.680668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.682263] kthread+0x257/0x310 [ 28.682612] ret_from_fork+0x41/0x80 [ 28.683025] ret_from_fork_asm+0x1a/0x30 [ 28.683872] [ 28.684283] The buggy address belongs to the object at ffff888101ab2b00 [ 28.684283] which belongs to the cache kmalloc-128 of size 128 [ 28.685587] The buggy address is located 12 bytes to the right of [ 28.685587] allocated 115-byte region [ffff888101ab2b00, ffff888101ab2b73) [ 28.687561] [ 28.688022] The buggy address belongs to the physical page: [ 28.688701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 28.689933] flags: 0x200000000000000(node=0|zone=2) [ 28.690373] page_type: f5(slab) [ 28.690698] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.691354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.692474] page dumped because: kasan: bad access detected [ 28.693266] [ 28.693524] Memory state around the buggy address: [ 28.694179] ffff888101ab2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 28.694845] ffff888101ab2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.695605] >ffff888101ab2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.696534] ^ [ 28.697278] ffff888101ab2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.697899] ffff888101ab2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.698635] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 26.800834] ================================================================== [ 26.802499] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 26.803215] Read of size 1 at addr ffff888102cb0000 by task kunit_try_catch/161 [ 26.803626] [ 26.803862] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.804635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.805230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.805872] Call Trace: [ 26.806269] <TASK> [ 26.806539] dump_stack_lvl+0x73/0xb0 [ 26.807190] print_report+0xd1/0x640 [ 26.807537] ? __virt_addr_valid+0x1db/0x2d0 [ 26.808054] ? kasan_addr_to_slab+0x11/0xa0 [ 26.808448] kasan_report+0x102/0x140 [ 26.809198] ? page_alloc_uaf+0x358/0x3d0 [ 26.809524] ? page_alloc_uaf+0x358/0x3d0 [ 26.810127] __asan_report_load1_noabort+0x18/0x20 [ 26.810717] page_alloc_uaf+0x358/0x3d0 [ 26.811268] ? __pfx_page_alloc_uaf+0x10/0x10 [ 26.811668] ? __pfx_page_alloc_uaf+0x10/0x10 [ 26.812200] kunit_try_run_case+0x1b3/0x490 [ 26.812619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.813470] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.814207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.814661] ? __kthread_parkme+0x82/0x160 [ 26.815243] ? preempt_count_sub+0x50/0x80 [ 26.815668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.816369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.817086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.817532] kthread+0x257/0x310 [ 26.817941] ? __pfx_kthread+0x10/0x10 [ 26.818415] ret_from_fork+0x41/0x80 [ 26.818946] ? __pfx_kthread+0x10/0x10 [ 26.819353] ret_from_fork_asm+0x1a/0x30 [ 26.819946] </TASK> [ 26.820324] [ 26.820549] The buggy address belongs to the physical page: [ 26.821261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb0 [ 26.822250] flags: 0x200000000000000(node=0|zone=2) [ 26.822806] page_type: f0(buddy) [ 26.823363] raw: 0200000000000000 ffff88817fffb4a0 ffff88817fffb4a0 0000000000000000 [ 26.824222] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 26.825099] page dumped because: kasan: bad access detected [ 26.825509] [ 26.825746] Memory state around the buggy address: [ 26.826307] ffff888102caff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.827224] ffff888102caff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.827807] >ffff888102cb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.828427] ^ [ 26.828758] ffff888102cb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.829265] ffff888102cb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.830333] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 26.741948] ================================================================== [ 26.743896] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 26.744503] Free of addr ffff88810226c001 by task kunit_try_catch/157 [ 26.745561] [ 26.746256] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.747668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.748034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.748757] Call Trace: [ 26.749443] <TASK> [ 26.749747] dump_stack_lvl+0x73/0xb0 [ 26.750184] print_report+0xd1/0x640 [ 26.750671] ? __virt_addr_valid+0x1db/0x2d0 [ 26.751539] ? kfree+0x271/0x3f0 [ 26.752055] ? kasan_addr_to_slab+0x11/0xa0 [ 26.752565] ? kfree+0x271/0x3f0 [ 26.753105] kasan_report_invalid_free+0xc0/0xf0 [ 26.753578] ? kfree+0x271/0x3f0 [ 26.753956] ? kfree+0x271/0x3f0 [ 26.754443] __kasan_kfree_large+0x86/0xd0 [ 26.754987] free_large_kmalloc+0x3b/0xd0 [ 26.755437] kfree+0x271/0x3f0 [ 26.756508] kmalloc_large_invalid_free+0x121/0x2b0 [ 26.756877] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 26.757992] ? __schedule+0xc70/0x27e0 [ 26.758732] ? __pfx_read_tsc+0x10/0x10 [ 26.759597] ? ktime_get_ts64+0x86/0x230 [ 26.760330] kunit_try_run_case+0x1b3/0x490 [ 26.760823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.761983] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.762706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.763390] ? __kthread_parkme+0x82/0x160 [ 26.763802] ? preempt_count_sub+0x50/0x80 [ 26.764583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.765518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.766453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.766868] kthread+0x257/0x310 [ 26.767762] ? __pfx_kthread+0x10/0x10 [ 26.768419] ret_from_fork+0x41/0x80 [ 26.768819] ? __pfx_kthread+0x10/0x10 [ 26.769743] ret_from_fork_asm+0x1a/0x30 [ 26.770352] </TASK> [ 26.770706] [ 26.770953] The buggy address belongs to the physical page: [ 26.771497] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 26.772469] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.773506] flags: 0x200000000000040(head|node=0|zone=2) [ 26.774550] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.775556] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.776542] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.777540] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.779269] head: 0200000000000002 ffffea0004089b01 ffffffffffffffff 0000000000000000 [ 26.780451] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.781242] page dumped because: kasan: bad access detected [ 26.782570] [ 26.782861] Memory state around the buggy address: [ 26.783419] ffff88810226bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.784359] ffff88810226bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.785504] >ffff88810226c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.786623] ^ [ 26.787123] ffff88810226c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.787763] ffff88810226c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.788780] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 26.699850] ================================================================== [ 26.700947] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 26.701594] Read of size 1 at addr ffff8881027a4000 by task kunit_try_catch/155 [ 26.703485] [ 26.703837] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.704744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.705136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.705922] Call Trace: [ 26.706349] <TASK> [ 26.706635] dump_stack_lvl+0x73/0xb0 [ 26.707229] print_report+0xd1/0x640 [ 26.707846] ? __virt_addr_valid+0x1db/0x2d0 [ 26.708493] ? kasan_addr_to_slab+0x11/0xa0 [ 26.709207] kasan_report+0x102/0x140 [ 26.709546] ? kmalloc_large_uaf+0x2f3/0x340 [ 26.709997] ? kmalloc_large_uaf+0x2f3/0x340 [ 26.710395] __asan_report_load1_noabort+0x18/0x20 [ 26.711010] kmalloc_large_uaf+0x2f3/0x340 [ 26.711321] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 26.712153] ? __schedule+0xc70/0x27e0 [ 26.712597] ? __pfx_read_tsc+0x10/0x10 [ 26.713224] ? ktime_get_ts64+0x86/0x230 [ 26.713549] kunit_try_run_case+0x1b3/0x490 [ 26.714119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.714830] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.715431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.716411] ? __kthread_parkme+0x82/0x160 [ 26.716764] ? preempt_count_sub+0x50/0x80 [ 26.717914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.718398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.719268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.720311] kthread+0x257/0x310 [ 26.720694] ? __pfx_kthread+0x10/0x10 [ 26.721622] ret_from_fork+0x41/0x80 [ 26.723189] ? __pfx_kthread+0x10/0x10 [ 26.723541] ret_from_fork_asm+0x1a/0x30 [ 26.724219] </TASK> [ 26.724464] [ 26.724739] The buggy address belongs to the physical page: [ 26.725744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a4 [ 26.726871] flags: 0x200000000000000(node=0|zone=2) [ 26.727422] raw: 0200000000000000 ffffea000409ea08 ffff88815b13f0c0 0000000000000000 [ 26.728121] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.728960] page dumped because: kasan: bad access detected [ 26.730129] [ 26.730449] Memory state around the buggy address: [ 26.731101] ffff8881027a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.731895] ffff8881027a3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.732843] >ffff8881027a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.733652] ^ [ 26.734387] ffff8881027a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.735202] ffff8881027a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.736196] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 26.650102] ================================================================== [ 26.651460] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 26.652708] Write of size 1 at addr ffff8881027a600a by task kunit_try_catch/153 [ 26.653815] [ 26.654427] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.655733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.656911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.658405] Call Trace: [ 26.658653] <TASK> [ 26.659171] dump_stack_lvl+0x73/0xb0 [ 26.659648] print_report+0xd1/0x640 [ 26.660432] ? __virt_addr_valid+0x1db/0x2d0 [ 26.661470] ? kasan_addr_to_slab+0x11/0xa0 [ 26.661908] kasan_report+0x102/0x140 [ 26.662577] ? kmalloc_large_oob_right+0x2eb/0x340 [ 26.663412] ? kmalloc_large_oob_right+0x2eb/0x340 [ 26.664356] __asan_report_store1_noabort+0x1b/0x30 [ 26.665417] kmalloc_large_oob_right+0x2eb/0x340 [ 26.665742] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 26.666215] ? __schedule+0xc70/0x27e0 [ 26.666736] ? __pfx_read_tsc+0x10/0x10 [ 26.667585] ? ktime_get_ts64+0x86/0x230 [ 26.668511] kunit_try_run_case+0x1b3/0x490 [ 26.669604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.670201] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.670914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.671641] ? __kthread_parkme+0x82/0x160 [ 26.672198] ? preempt_count_sub+0x50/0x80 [ 26.673187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.673808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.674722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.675155] kthread+0x257/0x310 [ 26.676129] ? __pfx_kthread+0x10/0x10 [ 26.676552] ret_from_fork+0x41/0x80 [ 26.677737] ? __pfx_kthread+0x10/0x10 [ 26.678232] ret_from_fork_asm+0x1a/0x30 [ 26.678445] </TASK> [ 26.678571] [ 26.678733] The buggy address belongs to the physical page: [ 26.679076] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a4 [ 26.680512] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.681250] flags: 0x200000000000040(head|node=0|zone=2) [ 26.681707] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.682511] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.683591] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.684395] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.685253] head: 0200000000000002 ffffea000409e901 ffffffffffffffff 0000000000000000 [ 26.686189] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.686776] page dumped because: kasan: bad access detected [ 26.687506] [ 26.687724] Memory state around the buggy address: [ 26.688220] ffff8881027a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.689540] ffff8881027a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.690344] >ffff8881027a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.691255] ^ [ 26.691538] ffff8881027a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.692395] ffff8881027a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.693023] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 26.588590] ================================================================== [ 26.589612] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 26.590641] Write of size 1 at addr ffff888102b9df00 by task kunit_try_catch/151 [ 26.592052] [ 26.592469] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.593441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.594005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.595128] Call Trace: [ 26.595421] <TASK> [ 26.595743] dump_stack_lvl+0x73/0xb0 [ 26.596279] print_report+0xd1/0x640 [ 26.596564] ? __virt_addr_valid+0x1db/0x2d0 [ 26.597694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.598419] kasan_report+0x102/0x140 [ 26.599365] ? kmalloc_big_oob_right+0x318/0x370 [ 26.599860] ? kmalloc_big_oob_right+0x318/0x370 [ 26.600850] __asan_report_store1_noabort+0x1b/0x30 [ 26.601618] kmalloc_big_oob_right+0x318/0x370 [ 26.602302] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 26.603306] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 26.604063] kunit_try_run_case+0x1b3/0x490 [ 26.604778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.605482] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.606531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.607041] ? __kthread_parkme+0x82/0x160 [ 26.607620] ? preempt_count_sub+0x50/0x80 [ 26.608517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.609300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.610191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.610855] kthread+0x257/0x310 [ 26.611381] ? __pfx_kthread+0x10/0x10 [ 26.612319] ret_from_fork+0x41/0x80 [ 26.612663] ? __pfx_kthread+0x10/0x10 [ 26.613504] ret_from_fork_asm+0x1a/0x30 [ 26.613949] </TASK> [ 26.614508] [ 26.614752] Allocated by task 151: [ 26.615541] kasan_save_stack+0x3d/0x60 [ 26.616253] kasan_save_track+0x18/0x40 [ 26.616647] kasan_save_alloc_info+0x3b/0x50 [ 26.617470] __kasan_kmalloc+0xb7/0xc0 [ 26.618158] __kmalloc_cache_noprof+0x184/0x410 [ 26.618853] kmalloc_big_oob_right+0xaa/0x370 [ 26.619135] kunit_try_run_case+0x1b3/0x490 [ 26.620367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.620848] kthread+0x257/0x310 [ 26.621292] ret_from_fork+0x41/0x80 [ 26.621655] ret_from_fork_asm+0x1a/0x30 [ 26.622318] [ 26.622484] The buggy address belongs to the object at ffff888102b9c000 [ 26.622484] which belongs to the cache kmalloc-8k of size 8192 [ 26.624040] The buggy address is located 0 bytes to the right of [ 26.624040] allocated 7936-byte region [ffff888102b9c000, ffff888102b9df00) [ 26.626267] [ 26.626729] The buggy address belongs to the physical page: [ 26.627427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b98 [ 26.628941] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.630199] flags: 0x200000000000040(head|node=0|zone=2) [ 26.630870] page_type: f5(slab) [ 26.631269] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 26.632297] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 26.633316] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 26.634232] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 26.635213] head: 0200000000000003 ffffea00040ae601 ffffffffffffffff 0000000000000000 [ 26.636151] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 26.636949] page dumped because: kasan: bad access detected [ 26.637848] [ 26.638350] Memory state around the buggy address: [ 26.638884] ffff888102b9de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.639624] ffff888102b9de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.640519] >ffff888102b9df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.641576] ^ [ 26.641915] ffff888102b9df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.642716] ffff888102b9e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.643535] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 26.499453] ================================================================== [ 26.500572] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.502136] Write of size 1 at addr ffff8881029f9578 by task kunit_try_catch/149 [ 26.503398] [ 26.503640] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.504833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.505019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.505348] Call Trace: [ 26.505480] <TASK> [ 26.505608] dump_stack_lvl+0x73/0xb0 [ 26.506196] print_report+0xd1/0x640 [ 26.506749] ? __virt_addr_valid+0x1db/0x2d0 [ 26.507597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.508307] kasan_report+0x102/0x140 [ 26.508705] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.509500] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.510247] __asan_report_store1_noabort+0x1b/0x30 [ 26.510736] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 26.511325] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 26.511964] ? __schedule+0xc70/0x27e0 [ 26.512496] ? __pfx_read_tsc+0x10/0x10 [ 26.513075] ? ktime_get_ts64+0x86/0x230 [ 26.513496] kunit_try_run_case+0x1b3/0x490 [ 26.514161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.514557] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.515223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.515888] ? __kthread_parkme+0x82/0x160 [ 26.516315] ? preempt_count_sub+0x50/0x80 [ 26.516850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.517393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.517976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.518654] kthread+0x257/0x310 [ 26.519069] ? __pfx_kthread+0x10/0x10 [ 26.519601] ret_from_fork+0x41/0x80 [ 26.520100] ? __pfx_kthread+0x10/0x10 [ 26.520524] ret_from_fork_asm+0x1a/0x30 [ 26.521189] </TASK> [ 26.521641] [ 26.521941] Allocated by task 149: [ 26.522296] kasan_save_stack+0x3d/0x60 [ 26.522799] kasan_save_track+0x18/0x40 [ 26.523237] kasan_save_alloc_info+0x3b/0x50 [ 26.523747] __kasan_kmalloc+0xb7/0xc0 [ 26.524332] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 26.524936] kmalloc_track_caller_oob_right+0x9a/0x530 [ 26.525350] kunit_try_run_case+0x1b3/0x490 [ 26.525942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.526533] kthread+0x257/0x310 [ 26.526980] ret_from_fork+0x41/0x80 [ 26.527277] ret_from_fork_asm+0x1a/0x30 [ 26.527895] [ 26.528152] The buggy address belongs to the object at ffff8881029f9500 [ 26.528152] which belongs to the cache kmalloc-128 of size 128 [ 26.529112] The buggy address is located 0 bytes to the right of [ 26.529112] allocated 120-byte region [ffff8881029f9500, ffff8881029f9578) [ 26.530408] [ 26.530734] The buggy address belongs to the physical page: [ 26.531155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 26.532236] flags: 0x200000000000000(node=0|zone=2) [ 26.532816] page_type: f5(slab) [ 26.533221] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.534064] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.534832] page dumped because: kasan: bad access detected [ 26.535372] [ 26.535614] Memory state around the buggy address: [ 26.536168] ffff8881029f9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 26.536991] ffff8881029f9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.537725] >ffff8881029f9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.538488] ^ [ 26.539237] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.539976] ffff8881029f9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.540855] ================================================================== [ 26.542657] ================================================================== [ 26.543903] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 26.544699] Write of size 1 at addr ffff8881029f9678 by task kunit_try_catch/149 [ 26.545329] [ 26.545554] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.546574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.547062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.547982] Call Trace: [ 26.548290] <TASK> [ 26.548690] dump_stack_lvl+0x73/0xb0 [ 26.549141] print_report+0xd1/0x640 [ 26.549640] ? __virt_addr_valid+0x1db/0x2d0 [ 26.550185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.550804] kasan_report+0x102/0x140 [ 26.551268] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 26.551909] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 26.552385] __asan_report_store1_noabort+0x1b/0x30 [ 26.553100] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 26.553597] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 26.554211] ? __schedule+0xc70/0x27e0 [ 26.554734] ? __pfx_read_tsc+0x10/0x10 [ 26.555179] ? ktime_get_ts64+0x86/0x230 [ 26.555545] kunit_try_run_case+0x1b3/0x490 [ 26.556049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.556605] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.557266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.557824] ? __kthread_parkme+0x82/0x160 [ 26.558351] ? preempt_count_sub+0x50/0x80 [ 26.558729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.559290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.560033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.560641] kthread+0x257/0x310 [ 26.561100] ? __pfx_kthread+0x10/0x10 [ 26.561571] ret_from_fork+0x41/0x80 [ 26.562040] ? __pfx_kthread+0x10/0x10 [ 26.562458] ret_from_fork_asm+0x1a/0x30 [ 26.563049] </TASK> [ 26.563279] [ 26.563534] Allocated by task 149: [ 26.563871] kasan_save_stack+0x3d/0x60 [ 26.564372] kasan_save_track+0x18/0x40 [ 26.564669] kasan_save_alloc_info+0x3b/0x50 [ 26.565383] __kasan_kmalloc+0xb7/0xc0 [ 26.565717] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 26.566352] kmalloc_track_caller_oob_right+0x19b/0x530 [ 26.566969] kunit_try_run_case+0x1b3/0x490 [ 26.567431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.568042] kthread+0x257/0x310 [ 26.568415] ret_from_fork+0x41/0x80 [ 26.569298] ret_from_fork_asm+0x1a/0x30 [ 26.569647] [ 26.569979] The buggy address belongs to the object at ffff8881029f9600 [ 26.569979] which belongs to the cache kmalloc-128 of size 128 [ 26.571071] The buggy address is located 0 bytes to the right of [ 26.571071] allocated 120-byte region [ffff8881029f9600, ffff8881029f9678) [ 26.572192] [ 26.572509] The buggy address belongs to the physical page: [ 26.573167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 26.573905] flags: 0x200000000000000(node=0|zone=2) [ 26.574545] page_type: f5(slab) [ 26.574977] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.575796] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.576509] page dumped because: kasan: bad access detected [ 26.577129] [ 26.577384] Memory state around the buggy address: [ 26.577824] ffff8881029f9500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.578560] ffff8881029f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.579214] >ffff8881029f9600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.579942] ^ [ 26.580559] ffff8881029f9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.581248] ffff8881029f9700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.581976] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 26.438732] ================================================================== [ 26.439945] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 26.440826] Read of size 1 at addr ffff888102867000 by task kunit_try_catch/147 [ 26.442249] [ 26.442469] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.443636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.444500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.445279] Call Trace: [ 26.445655] <TASK> [ 26.445881] dump_stack_lvl+0x73/0xb0 [ 26.446360] print_report+0xd1/0x640 [ 26.446761] ? __virt_addr_valid+0x1db/0x2d0 [ 26.447225] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.448131] kasan_report+0x102/0x140 [ 26.448634] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 26.449565] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 26.450093] __asan_report_load1_noabort+0x18/0x20 [ 26.450532] kmalloc_node_oob_right+0x36b/0x3d0 [ 26.451091] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 26.451612] ? __schedule+0xc70/0x27e0 [ 26.452376] ? __pfx_read_tsc+0x10/0x10 [ 26.452739] ? ktime_get_ts64+0x86/0x230 [ 26.453114] kunit_try_run_case+0x1b3/0x490 [ 26.453812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.454443] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.454960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.455591] ? __kthread_parkme+0x82/0x160 [ 26.456336] ? preempt_count_sub+0x50/0x80 [ 26.456796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.457900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.458696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.459522] kthread+0x257/0x310 [ 26.459976] ? __pfx_kthread+0x10/0x10 [ 26.460558] ret_from_fork+0x41/0x80 [ 26.461370] ? __pfx_kthread+0x10/0x10 [ 26.461867] ret_from_fork_asm+0x1a/0x30 [ 26.462810] </TASK> [ 26.463271] [ 26.463426] Allocated by task 147: [ 26.464518] kasan_save_stack+0x3d/0x60 [ 26.464895] kasan_save_track+0x18/0x40 [ 26.465492] kasan_save_alloc_info+0x3b/0x50 [ 26.466425] __kasan_kmalloc+0xb7/0xc0 [ 26.467163] __kmalloc_cache_node_noprof+0x183/0x410 [ 26.467646] kmalloc_node_oob_right+0xac/0x3d0 [ 26.468670] kunit_try_run_case+0x1b3/0x490 [ 26.469372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.470241] kthread+0x257/0x310 [ 26.470544] ret_from_fork+0x41/0x80 [ 26.471337] ret_from_fork_asm+0x1a/0x30 [ 26.472154] [ 26.472393] The buggy address belongs to the object at ffff888102866000 [ 26.472393] which belongs to the cache kmalloc-4k of size 4096 [ 26.474026] The buggy address is located 0 bytes to the right of [ 26.474026] allocated 4096-byte region [ffff888102866000, ffff888102867000) [ 26.475781] [ 26.476213] The buggy address belongs to the physical page: [ 26.477106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 26.478631] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.479557] flags: 0x200000000000040(head|node=0|zone=2) [ 26.480280] page_type: f5(slab) [ 26.480921] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 26.482396] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 26.483390] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 26.484237] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 26.485031] head: 0200000000000003 ffffea00040a1801 ffffffffffffffff 0000000000000000 [ 26.486189] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 26.486833] page dumped because: kasan: bad access detected [ 26.487401] [ 26.487656] Memory state around the buggy address: [ 26.488175] ffff888102866f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.488792] ffff888102866f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.489623] >ffff888102867000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.490347] ^ [ 26.490817] ffff888102867080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.492018] ffff888102867100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.492689] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 26.385489] ================================================================== [ 26.386523] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 26.387209] Read of size 1 at addr ffff888101a5bb9f by task kunit_try_catch/145 [ 26.387602] [ 26.387928] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.388962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.389490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.390360] Call Trace: [ 26.390844] <TASK> [ 26.391076] dump_stack_lvl+0x73/0xb0 [ 26.391366] print_report+0xd1/0x640 [ 26.392040] ? __virt_addr_valid+0x1db/0x2d0 [ 26.392724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.393360] kasan_report+0x102/0x140 [ 26.393958] ? kmalloc_oob_left+0x363/0x3c0 [ 26.394395] ? kmalloc_oob_left+0x363/0x3c0 [ 26.395005] __asan_report_load1_noabort+0x18/0x20 [ 26.395646] kmalloc_oob_left+0x363/0x3c0 [ 26.396380] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 26.396921] ? __schedule+0xc70/0x27e0 [ 26.397410] ? __pfx_read_tsc+0x10/0x10 [ 26.397972] ? ktime_get_ts64+0x86/0x230 [ 26.398508] kunit_try_run_case+0x1b3/0x490 [ 26.398957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.399598] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.400341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.400873] ? __kthread_parkme+0x82/0x160 [ 26.401551] ? preempt_count_sub+0x50/0x80 [ 26.402111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.402549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.403368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.404124] kthread+0x257/0x310 [ 26.404517] ? __pfx_kthread+0x10/0x10 [ 26.405120] ret_from_fork+0x41/0x80 [ 26.405463] ? __pfx_kthread+0x10/0x10 [ 26.405869] ret_from_fork_asm+0x1a/0x30 [ 26.406593] </TASK> [ 26.406911] [ 26.407238] Allocated by task 1: [ 26.407838] kasan_save_stack+0x3d/0x60 [ 26.408291] kasan_save_track+0x18/0x40 [ 26.408701] kasan_save_alloc_info+0x3b/0x50 [ 26.409338] __kasan_kmalloc+0xb7/0xc0 [ 26.409990] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 26.410389] kvasprintf+0xc6/0x150 [ 26.411019] __kthread_create_on_node+0x18c/0x3a0 [ 26.411364] kthread_create_on_node+0xa8/0xe0 [ 26.411931] create_worker+0x3c8/0x7a0 [ 26.412294] alloc_unbound_pwq+0x8ea/0xdb0 [ 26.413038] apply_wqattrs_prepare+0x332/0xd40 [ 26.413320] apply_workqueue_attrs_locked+0x4d/0xa0 [ 26.413961] alloc_workqueue+0xcc4/0x1ad0 [ 26.414336] latency_fsnotify_init+0x1b/0x50 [ 26.414880] do_one_initcall+0xb5/0x370 [ 26.415268] kernel_init_freeable+0x425/0x6f0 [ 26.415932] kernel_init+0x23/0x1e0 [ 26.416364] ret_from_fork+0x41/0x80 [ 26.417062] ret_from_fork_asm+0x1a/0x30 [ 26.417591] [ 26.417969] The buggy address belongs to the object at ffff888101a5bb80 [ 26.417969] which belongs to the cache kmalloc-16 of size 16 [ 26.419033] The buggy address is located 18 bytes to the right of [ 26.419033] allocated 13-byte region [ffff888101a5bb80, ffff888101a5bb8d) [ 26.420472] [ 26.420637] The buggy address belongs to the physical page: [ 26.421312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a5b [ 26.422275] flags: 0x200000000000000(node=0|zone=2) [ 26.422941] page_type: f5(slab) [ 26.423397] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.424368] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.425353] page dumped because: kasan: bad access detected [ 26.426121] [ 26.426392] Memory state around the buggy address: [ 26.427142] ffff888101a5ba80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 26.427885] ffff888101a5bb00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 26.428567] >ffff888101a5bb80: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 26.429424] ^ [ 26.429891] ffff888101a5bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.430807] ffff888101a5bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.431633] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 26.295904] ================================================================== [ 26.296817] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 26.297409] Write of size 1 at addr ffff8881029f9178 by task kunit_try_catch/143 [ 26.298091] [ 26.298300] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.299113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.299474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.300363] Call Trace: [ 26.300579] <TASK> [ 26.300962] dump_stack_lvl+0x73/0xb0 [ 26.301435] print_report+0xd1/0x640 [ 26.301842] ? __virt_addr_valid+0x1db/0x2d0 [ 26.302393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.302952] kasan_report+0x102/0x140 [ 26.303432] ? kmalloc_oob_right+0x6bf/0x7f0 [ 26.304019] ? kmalloc_oob_right+0x6bf/0x7f0 [ 26.304355] __asan_report_store1_noabort+0x1b/0x30 [ 26.304988] kmalloc_oob_right+0x6bf/0x7f0 [ 26.305375] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.305796] ? __schedule+0xc70/0x27e0 [ 26.306287] ? __pfx_read_tsc+0x10/0x10 [ 26.306610] ? ktime_get_ts64+0x86/0x230 [ 26.307130] kunit_try_run_case+0x1b3/0x490 [ 26.307524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.308181] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.308596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.309081] ? __kthread_parkme+0x82/0x160 [ 26.309526] ? preempt_count_sub+0x50/0x80 [ 26.309971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.310347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.311119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.311644] kthread+0x257/0x310 [ 26.312020] ? __pfx_kthread+0x10/0x10 [ 26.312404] ret_from_fork+0x41/0x80 [ 26.312705] ? __pfx_kthread+0x10/0x10 [ 26.313196] ret_from_fork_asm+0x1a/0x30 [ 26.313750] </TASK> [ 26.314103] [ 26.314334] Allocated by task 143: [ 26.314668] kasan_save_stack+0x3d/0x60 [ 26.315147] kasan_save_track+0x18/0x40 [ 26.315517] kasan_save_alloc_info+0x3b/0x50 [ 26.317014] __kasan_kmalloc+0xb7/0xc0 [ 26.317406] __kmalloc_cache_noprof+0x184/0x410 [ 26.318333] kmalloc_oob_right+0xaa/0x7f0 [ 26.318971] kunit_try_run_case+0x1b3/0x490 [ 26.319560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.320081] kthread+0x257/0x310 [ 26.320488] ret_from_fork+0x41/0x80 [ 26.321113] ret_from_fork_asm+0x1a/0x30 [ 26.321515] [ 26.321707] The buggy address belongs to the object at ffff8881029f9100 [ 26.321707] which belongs to the cache kmalloc-128 of size 128 [ 26.323408] The buggy address is located 5 bytes to the right of [ 26.323408] allocated 115-byte region [ffff8881029f9100, ffff8881029f9173) [ 26.325129] [ 26.325338] The buggy address belongs to the physical page: [ 26.326275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 26.327386] flags: 0x200000000000000(node=0|zone=2) [ 26.327890] page_type: f5(slab) [ 26.328239] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.329344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.330128] page dumped because: kasan: bad access detected [ 26.330352] [ 26.330449] Memory state around the buggy address: [ 26.330648] ffff8881029f9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.331924] ffff8881029f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.332597] >ffff8881029f9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.333226] ^ [ 26.334391] ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.335442] ffff8881029f9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.336290] ================================================================== [ 26.337577] ================================================================== [ 26.338815] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 26.339374] Read of size 1 at addr ffff8881029f9180 by task kunit_try_catch/143 [ 26.339974] [ 26.340269] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241205 #1 [ 26.341237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.341623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.342293] Call Trace: [ 26.342694] <TASK> [ 26.343480] dump_stack_lvl+0x73/0xb0 [ 26.344061] print_report+0xd1/0x640 [ 26.344466] ? __virt_addr_valid+0x1db/0x2d0 [ 26.345217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.345598] kasan_report+0x102/0x140 [ 26.346039] ? kmalloc_oob_right+0x68c/0x7f0 [ 26.346451] ? kmalloc_oob_right+0x68c/0x7f0 [ 26.346955] __asan_report_load1_noabort+0x18/0x20 [ 26.347412] kmalloc_oob_right+0x68c/0x7f0 [ 26.348005] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.348602] ? __schedule+0xc70/0x27e0 [ 26.349143] ? __pfx_read_tsc+0x10/0x10 [ 26.349634] ? ktime_get_ts64+0x86/0x230 [ 26.350147] kunit_try_run_case+0x1b3/0x490 [ 26.350713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.351319] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.351815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.352323] ? __kthread_parkme+0x82/0x160 [ 26.352893] ? preempt_count_sub+0x50/0x80 [ 26.353422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.353898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.354554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.355053] kthread+0x257/0x310 [ 26.355529] ? __pfx_kthread+0x10/0x10 [ 26.355997] ret_from_fork+0x41/0x80 [ 26.356444] ? __pfx_kthread+0x10/0x10 [ 26.356962] ret_from_fork_asm+0x1a/0x30 [ 26.357461] </TASK> [ 26.357866] [ 26.358065] Allocated by task 143: [ 26.358559] kasan_save_stack+0x3d/0x60 [ 26.358978] kasan_save_track+0x18/0x40 [ 26.359374] kasan_save_alloc_info+0x3b/0x50 [ 26.360057] __kasan_kmalloc+0xb7/0xc0 [ 26.360385] __kmalloc_cache_noprof+0x184/0x410 [ 26.360979] kmalloc_oob_right+0xaa/0x7f0 [ 26.361362] kunit_try_run_case+0x1b3/0x490 [ 26.361911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.362447] kthread+0x257/0x310 [ 26.363055] ret_from_fork+0x41/0x80 [ 26.363302] ret_from_fork_asm+0x1a/0x30 [ 26.364390] [ 26.364573] The buggy address belongs to the object at ffff8881029f9100 [ 26.364573] which belongs to the cache kmalloc-128 of size 128 [ 26.365592] The buggy address is located 13 bytes to the right of [ 26.365592] allocated 115-byte region [ffff8881029f9100, ffff8881029f9173) [ 26.367057] [ 26.367247] The buggy address belongs to the physical page: [ 26.368176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 26.369156] flags: 0x200000000000000(node=0|zone=2) [ 26.369650] page_type: f5(slab) [ 26.370182] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.370878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.372106] page dumped because: kasan: bad access detected [ 26.372821] [ 26.373277] Memory state around the buggy address: [ 26.373568] ffff8881029f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.374467] ffff8881029f9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.375848] >ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.376492] ^ [ 26.377166] ffff8881029f9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.378293] ffff8881029f9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.379255] ================================================================== [ 26.242379] ================================================================== [ 26.243631] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 26.244881] Write of size 1 at addr ffff8881029f9173 by task kunit_try_catch/143 [ 26.245621] [ 26.247332] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.13.0-rc1-next-20241205 #1 [ 26.248637] Tainted: [N]=TEST [ 26.249151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.250696] Call Trace: [ 26.251233] <TASK> [ 26.252083] dump_stack_lvl+0x73/0xb0 [ 26.252566] print_report+0xd1/0x640 [ 26.253239] ? __virt_addr_valid+0x1db/0x2d0 [ 26.253712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.254367] kasan_report+0x102/0x140 [ 26.255101] ? kmalloc_oob_right+0x6f2/0x7f0 [ 26.255754] ? kmalloc_oob_right+0x6f2/0x7f0 [ 26.256220] __asan_report_store1_noabort+0x1b/0x30 [ 26.256457] kmalloc_oob_right+0x6f2/0x7f0 [ 26.256652] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 26.257310] ? __schedule+0xc70/0x27e0 [ 26.258119] ? __pfx_read_tsc+0x10/0x10 [ 26.258862] ? ktime_get_ts64+0x86/0x230 [ 26.259503] kunit_try_run_case+0x1b3/0x490 [ 26.259941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.260598] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.261128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.261804] ? __kthread_parkme+0x82/0x160 [ 26.262226] ? preempt_count_sub+0x50/0x80 [ 26.262808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.263187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.264042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.264816] kthread+0x257/0x310 [ 26.265346] ? __pfx_kthread+0x10/0x10 [ 26.265842] ret_from_fork+0x41/0x80 [ 26.266233] ? __pfx_kthread+0x10/0x10 [ 26.266602] ret_from_fork_asm+0x1a/0x30 [ 26.267424] </TASK> [ 26.268138] [ 26.268421] Allocated by task 143: [ 26.269465] kasan_save_stack+0x3d/0x60 [ 26.270106] kasan_save_track+0x18/0x40 [ 26.270497] kasan_save_alloc_info+0x3b/0x50 [ 26.271247] __kasan_kmalloc+0xb7/0xc0 [ 26.271914] __kmalloc_cache_noprof+0x184/0x410 [ 26.272716] kmalloc_oob_right+0xaa/0x7f0 [ 26.273129] kunit_try_run_case+0x1b3/0x490 [ 26.273568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.274384] kthread+0x257/0x310 [ 26.274721] ret_from_fork+0x41/0x80 [ 26.275257] ret_from_fork_asm+0x1a/0x30 [ 26.276043] [ 26.276335] The buggy address belongs to the object at ffff8881029f9100 [ 26.276335] which belongs to the cache kmalloc-128 of size 128 [ 26.278236] The buggy address is located 0 bytes to the right of [ 26.278236] allocated 115-byte region [ffff8881029f9100, ffff8881029f9173) [ 26.280135] [ 26.280466] The buggy address belongs to the physical page: [ 26.281884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f9 [ 26.283157] flags: 0x200000000000000(node=0|zone=2) [ 26.284288] page_type: f5(slab) [ 26.285434] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.286144] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.287039] page dumped because: kasan: bad access detected [ 26.287576] [ 26.287933] Memory state around the buggy address: [ 26.289012] ffff8881029f9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.289722] ffff8881029f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.290380] >ffff8881029f9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.291148] ^ [ 26.291876] ffff8881029f9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.292314] ffff8881029f9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.293120] ==================================================================